OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: Feldunost on June 20, 2017, 03:22:06 pm

Title: Upgrade from SSH
Post by: Feldunost on June 20, 2017, 03:22:06 pm
Hello,

I'm managing one OPNsense that is functionnal behind another proxy, modifications are done properly to set :
- a parent proxy in squid.conf
- setenv for parent proxy in pkg.conf.


However when i attempt to upgrade from SSH, it returns me :

Fetching packages-17.1-OpenSSL-amd64.tar: .............................................................opnsense-verify: Unable to open /var/cache/opnsense-update/2640/packages-17.1-OpenSSL-amd64.tar: No such file or directory
 failed


Any pointer to look into this problem ?

Regards.
Title: Re: Upgrade from SSH
Post by: Feldunost on July 04, 2017, 01:33:47 pm
Problem is still up ...
Can't seems to find solution.
Title: Re: Upgrade from SSH
Post by: franco on July 04, 2017, 03:21:03 pm
Fetch is probably not using the proxy...

You can preload everything given the correct environment PROXY vars are set on the command line:

# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete.sig
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz.sig
# opnsense-update -l . -ur 17.1
# /usr/local/etc/rc.reboot

Note that if you are having these issues, you likely didn't receive kernel/base updates in the past.


Cheers,
Franco
Title: Re: Upgrade from SSH
Post by: Feldunost on July 11, 2017, 06:01:24 pm
The problem is indeed about fetch, but i can't seems to find a proper functionnal solution.
It throws me back "Proxy authentication required" even though i specified username and password for the proxy in environment.
Title: Re: Upgrade from SSH
Post by: franco on July 12, 2017, 10:49:41 am
Hmm, fetch supports the following:

Quote
     See fetch(3) for a description of additional environment variables,
     including FETCH_BIND_ADDRESS, FTP_LOGIN, FTP_PASSIVE_MODE, FTP_PASSWORD,
     FTP_PROXY, ftp_proxy, HTTP_ACCEPT, HTTP_AUTH, HTTP_PROXY, http_proxy,
     HTTP_PROXY_AUTH, HTTP_REFERER, HTTP_USER_AGENT, NETRC, NO_PROXY,
     no_proxy, SSL_CA_CERT_FILE, SSL_CA_CERT_PATH, SSL_CLIENT_CERT_FILE,
     SSL_CLIENT_KEY_FILE, SSL_CRL_FILE, SSL_ALLOW_SSL3, SSL_NO_TLS1,
     SSL_NO_TLS1_1, SSL_NO_TLS1_2, SSL_NO_VERIFY_HOSTNAME and
     SSL_NO_VERIFY_PEER.

You can add those vars to /root/.cshrc as follows:

setenv HTTP_PROXY Value

And then just:

source .cshrc

Download will work if proxy is being operated correctly.


Cheers,
Franco