[Bug 234962] Base64 Encoding in phttpget is faulty
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Jan 15 08:53:52 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234962
Bug ID: 234962
Summary: Base64 Encoding in phttpget is faulty
Product: Base System
Version: 12.0-RELEASE
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: bin
Assignee: bugs at FreeBSD.org
Reporter: kopplow.tim at gmail.com
This issue breaks freebsd-update for proxy users who needs to authenticate with
username and password and have username:password combinations which are in not
a multiple of 3 in combined length.
Due to an issue with the Base64 Filling which is not applied correctly many
username:password combinations provided via the HTTP_PROXY_AUTH Environment
Variable are not encoded correctly for the use of the HTTP Proxy-Authentication
Header.
Replicability should be 100% and this issue seem to exists since Version 7
already and is really annoying.
I compiled a version of phttpget with an alternate Base64 Encoding
Implementation to confirm this issue and got it to work.
Test Scenario:
- Environment: System needs to be behind Proxy Server with Authentication
- Set HTTP_PROXY_AUTH to "basic:*:Hey:Base64!!" (Username:Password portion is
12 Characters long)
- run /usr/libexec/phttpget to download any file
- Download should work since the "Hey:Base64!!" is 12 Chars in total which
doesn't require Base64 to fill with "=" chars.
- Set HTTP_PROXY_AUTH to "basic:*:Hey:Base64" (Username:Password portion is 10
Characters long)
- Download shouldn't work since the filling is getting applied wrong and
results in "SGV5OkJhc2U2NAA=" which is not correct.
Possible related issues:
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=129431
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=153211
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list