Fetching behind a proxy, Authentication Error

F

forquare

Afternoon all,

At work I have a VM on my laptop for testing and general respite from Windows, it's running FreeBSD 10.3:
bil@fbsd-bil:guessing_game %>uname -a
FreeBSD fbsd-bil 10.3-RELEASE-p3 FreeBSD 10.3-RELEASE-p3 #0: Tue May 17 08:43:55 UTC 2016 root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64

I've been using it successfully to do various things, and yesterday I decided to use my lunch time to learn some Rust programming. One of the exercises requires a package to be downloaded, but this fails:
bil@fbsd-bil:guessing_game %>cargo build --verbose
Updating registry `https://github.com/rust-lang/crates.io-index`
Unable to update registry https://github.com/rust-lang/crates.io-index

Caused by:
failed to fetch `https://github.com/rust-lang/crates.io-index`

Caused by:
[12/-2] Couldn't connect to server

I decided to to try and fetch(1) the file mentioned in the above output, but that failed:
bil@fbsd-bil:guessing_game %>fetch -v https://github.com/rust-lang/crates.io-index
looking up 12.34.56.78
connecting to 12.34.56.78:80
SSL options: 83004bff
Peer verification enabled
Using CA cert file: /usr/local/etc/ssl/cert.pem
34380987096:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:/usr/src/secure/lib/libssl/../../../crypto/openssl/ssl/s23_clnt.c:782:
fetch: https://github.com/rust-lang/crates.io-index: Authentication error

Ordinarily I can access the internet from this VM, e.g. I upgraded from 10.2 to 10.3, I install packages via pkg(1), and can generally fetch(1) files from the internet.
I am behind a proxy, and have the following set:
bil@fbsd-bil:guessing_game %>env | grep http
https_proxy=http://12.34.56.78/
http_proxy=http://12.34.56.78:80/
(IP addresses changed)

Having searched around for this, I ensured that security/ca_root_nss was installed and up to date:
bil@fbsd-bil:guessing_game %>pkg info ca_root_nss
ca_root_nss-3.22.2
Name : ca_root_nss
Version : 3.22.2
Installed on : Fri Apr 1 11:11:56 2016 BST
Origin : security/ca_root_nss
Architecture : freebsd:10:*
Prefix : /usr/local
Categories : security
Licenses : MPL
Maintainer : ports-secteam@FreeBSD.org
WWW : UNKNOWN
Comment : Root certificate bundle from the Mozilla Project
Options :
ETCSYMLINK : on
Annotations :
Flat size : 896KiB
Description :
Root certificates from certificate authorities included in the Mozilla
NSS library and thus in Firefox and Thunderbird.

This port directly tracks the version of NSS in the security/nss port.

The fetch(1) output mentions /usr/local/etc/ssl/cert.pem, which I've linked to the one provided by security/ca_root_nss:
bil@fbsd-bil:guessing_game %>ls -l /usr/local/etc/ssl/cert.pem /usr/local/share/certs/ca-root-nss.crt
lrwxr-xr-x 1 root wheel 38B May 31 15:06 /usr/local/etc/ssl/cert.pem@ -> /usr/local/share/certs/ca-root-nss.crt
-rw-r--r-- 1 root wheel 880K Mar 19 01:15 /usr/local/share/certs/ca-root-nss.crt

But still no luck :confused:

Oddly, if I try using www/wget I can download the file without issue, but I don't think I can get devel/cargo to use that instead...(I'm presuming it's using libfetch at the moment).

Does anyone have experience of such a problem?
 
I managed to fix my "main" issue, seems that devel/cargo doesn't respect the http_proxy environmentals and requires the proxy settings to be set within its config file.

Still somewhat intrigued why fetch(1) seems to fail...
 
E.g. you can put
Code: 
FETCH_ENV= HTTP_PROXY=http://<user>:<pwd>@proxy.example.com:port
FETCH_ENV= FTP_PROXY=http://<user>:<pwd>@proxy.example.com:port
in your /etc/make.conf
 
getopt said:
https_proxy needs https:// not http://
Click to expand...

Hmmm, doesn't seem to make any difference...

cpm said:
E.g. you can put
Code: 
FETCH_ENV= HTTP_PROXY=http://<user>:<pwd>@proxy.example.com:port
FETCH_ENV= FTP_PROXY=http://<user>:<pwd>@proxy.example.com:port
in your /etc/make.conf
Click to expand...

I don't have a username/password for the proxy, so have just done the following:
Code: 
FETCH_ENV= HTTP_PROXY=http://12.34.56.78:80/

I've rebooted and still doesn't like it.

I'm not too fussed at the moment. I'm not regularly fetching stuff, I thought that the problem was related to devel/cargo, but since it isn't and the cargo problem is fixed, I'm in a working situation :)
 
You must log in or register to reply here.
Back
Top