Bug 234962 - Base64 Encoding in phttpget is faulty
Summary: Base64 Encoding in phttpget is faulty
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 12.0-RELEASE
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-01-15 08:53 UTC by tim
Modified: 2019-01-15 08:55 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description tim 2019-01-15 08:53:50 UTC
This issue breaks freebsd-update for proxy users who needs to authenticate with username and password and have username:password combinations which are in not a multiple of 3 in combined length.

Due to an issue with the Base64 Filling which is not applied correctly many username:password combinations provided via the HTTP_PROXY_AUTH Environment Variable are not encoded correctly for the use of the HTTP Proxy-Authentication Header.

Replicability should be 100% and this issue seem to exists since Version 7 already and is really annoying.

I compiled a version of phttpget with an alternate Base64 Encoding Implementation to confirm this issue and got it to work.

Test Scenario:

- Environment: System needs to be behind Proxy Server with Authentication

 - Set HTTP_PROXY_AUTH to "basic:*:Hey:Base64!!" (Username:Password portion is 12 Characters long)
 - run /usr/libexec/phttpget to download any file
 - Download should work since the "Hey:Base64!!" is 12 Chars in total which doesn't require Base64 to fill with "=" chars.
 - Set HTTP_PROXY_AUTH to "basic:*:Hey:Base64" (Username:Password portion is 10 Characters long)
 - Download shouldn't work since the filling is getting applied wrong and results in "SGV5OkJhc2U2NAA=" which is not correct.

Possible related issues:
 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=129431
 - https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=153211