Date: Tue, 14 May 2013 17:03:12 +0100 From: Tom Evans <tevans.uk@googlemail.com> To: Lars Engels <lars.engels@0x20.net> Cc: freebsd-stable@freebsd.org, Rainer Duffner <rainer@ultra-secure.de> Subject: Re: How to get pkgng work through a proxy? Message-ID: <CAFHbX1%2BE9Ps05H_pNZ_Uz=FK=uZ7okHjS3BBGyyQGmMLuVqZvQ@mail.gmail.com> In-Reply-To: <20130514145801.GE32935@e-new.0x20.net> References: <20130514123644.4b5a53af@suse3> <20130514145801.GE32935@e-new.0x20.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, May 14, 2013 at 3:58 PM, Lars Engels <lars.engels@0x20.net> wrote: > On Tue, May 14, 2013 at 12:36:44PM +0200, Rainer Duffner wrote: >> Hi, >> >> I have this host (a cloned VM, FreeBSD 9.1 AMD64) behind an Astaro >> Web-Proxy: >> >> >> (blahost </root>) 70 # pkg >> update >> [12:00] Updating repository catalogue >> repo.txz 3% >> 10KB 0.5KB/s 0.0KB/s - stalled -pkg: >> http://pkgng.our.repo/91amd64-91patch/repo.txz: Operation timed out >> >> >> It's a proxy with authentication. >> >> I'm not sure if it's a fetch(3) problem in general. >> Because a single fetch from the same server of a small and large file >> does work, though a bit slow. >> >> pkg is 1.0.2 > > It's working here with these env vars set: > > http_proxy=http://<USER>:<PASSWD>@<SERVER>:8080 > ftp_proxy=http://<USER>:<PASSWD>@<SERVER>:8080 > HTTP_PROXY=http://<USER>:<PASSWD>@<SERVER>:8080 > FTP_PROXY=http://<USER>:<PASSWD>@<SERVER>:8080 > HTTP_PROXY_AUTH=basic:*:<USER>:<PASSWD> > > > But I can't tell which one get's pulled in. My work require proxy authentication also, with the annoying requirement that the username is my email address, which ultimately means that I cannot insert username/pass into http_proxy or variants. libfetch is smart enough to pull these out of HTTP_PROXY_AUTH, but very few other applications are. Eventually, I gave up trying to convince all these disparate applications to discover my proxy auth, and instead I set up a local copy of squid on my laptop, which I point at my upstream proxy and provide with authentication details. I can then use this unauthenticated proxy on localhost to access my corporate proxy fully authenticated. It's a bit of hassle in the short term, but all proxy setup becomes much simpler with it in place. IIRC, the only lines I added to squid.conf's defaults were these: http_port 127.0.0.1:3128 cache_peer <proxy ip> parent 3128 0 proxy-only default login=<my email>:<my pass> Cheers Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFHbX1%2BE9Ps05H_pNZ_Uz=FK=uZ7okHjS3BBGyyQGmMLuVqZvQ>