Bug #14609
Updated by Jim Pingle over 1 year ago
When checking for updates from **System > Update**, the function call to @update_repos()@ and @pfSense-repoc@ does not honor the configured proxy settings (**System > Advanced**, **Misc** tab). I see the initial request to @ews.netgate.com@ going directly out the WAN and not through the proxy.
When checking from the dashboard or from a shell prompt, all requests go through the proxy.
The following diff makes it work, but is just a proof of concept:
<pre><code class="diff">
diff --git a/src/etc/inc/pkg-utils.inc b/src/etc/inc/pkg-utils.inc
index a31dd38748..8decf26f3c 100644
--- a/src/etc/inc/pkg-utils.inc
+++ b/src/etc/inc/pkg-utils.inc
@@ -1507,7 +1507,23 @@ function update_repos() {
$out = NULL;
$product_name = g_get('product_name');
- $res = exec("/usr/local/sbin/{$product_name}-repoc", $out, $rc);
+ $envstring = "";
+ $http_proxy = config_get_path('system/proxyurl');
+ $http_proxyport = config_get_path('system/proxyport');
+ if (!empty($http_proxy)) {
+ if (!empty($http_proxyport)) {
+ $http_proxy .= ':' . $http_proxyport;
+ }
+ $envstring .= 'HTTP_PROXY=' . escapeshellarg($http_proxy);
+
+ $proxyuser = config_get_path('system/proxyuser');
+ $proxypass = config_get_path('system/proxypass');
+ if (!empty($proxyuser) && !empty($proxypass)) {
+ $envstring .= ' HTTP_PROXY_AUTH=' . escapeshellarg("basic:*:" . $proxyuser . ":" . $proxypass);
+ }
+ }
+
+ $res = exec("{$envstring} /usr/local/sbin/{$product_name}-repoc", $out, $rc);
if ($res === false || $out === NULL) {
return (array( "error" => 1,
"messages" => array("We could not connect to Netgate servers. Please try again later.")));
</code></pre>
Might be best to rewrite that to use @pkg_env()@ and @process_open()@ like we do for @pkg_call()@ and @pkg_exec()@.
Anyone who hits this can work around it by running the update check and the actual update from a real shell prompt (SSH or local console, not the GUI)