Regression #12021
closed
NoIP.com incorrectly encodes Dynamic DNS update credentials
100%
Description
There is no need to `urlencode` user credentials (CURLOPT_USERPWD already encode them):
curl_setopt($ch, CURLOPT_USERPWD, urlencode($this->_dnsUser) . ':' . $this->_dnsPass);
- with `urlencode` it always returns "badauth":
/services_dyndns_edit.php: Dynamic DNS noip-free (XXXXX.ddns.net): _update() starting. /services_dyndns_edit.php: Response Header: HTTP/2 401 /services_dyndns_edit.php: Response Header: server: nginx /services_dyndns_edit.php: Response Header: content-type: text/plain; charset=UTF-8 /services_dyndns_edit.php: Response Header: cache-control: no-cache /services_dyndns_edit.php: Response Header: www-authenticate: Basic realm="No-IP DNS Update API" /services_dyndns_edit.php: Response Header: date: Thu, 10 Jun 2021 09:49:39 GMT /services_dyndns_edit.php: Response Header: content-length: 9 /services_dyndns_edit.php: Response Header: /services_dyndns_edit.php: Response Header: /services_dyndns_edit.php: Response Data: badauth\x0d
OK, without `urlencode`:
/services_dyndns_edit.php: Response Header: HTTP/2 200 /services_dyndns_edit.php: Response Header: server: nginx /services_dyndns_edit.php: Response Header: content-type: text/plain; charset=UTF-8 /services_dyndns_edit.php: Response Header: cache-control: no-cache /services_dyndns_edit.php: Response Header: date: Thu, 10 Jun 2021 09:45:06 GMT /services_dyndns_edit.php: Response Header: content-length: 18 /services_dyndns_edit.php: Response Header: /services_dyndns_edit.php: Response Header: /services_dyndns_edit.php: Response Data: good X.X.X.X\x0d
Regression of #11815 (pfSense Plus 21.05)
https://forum.netgate.com/topic/164263/any-known-issues-since-update-dyn-dns
Updated by Viktor Gurov over 3 years ago
Updated by Jim Pingle over 3 years ago
- Subject changed from NoIP.com invalid credentials encoding to NoIP.com incorrectly encodes Dynamic DNS update credentials
- Status changed from New to Pull Request Review
- Target version set to 2.6.0
- Plus Target Version set to 21.09
Updated by Renato Botelho over 3 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
Updated by Viktor Gurov over 3 years ago
- % Done changed from 0 to 100
Applied in changeset 4aab19d4ade5d164c22bd63b2833d54bab740d59.
Updated by Marcos M over 3 years ago
Maybe the username:password syntax can be avoided altogether and instead the Authorization header can be used as specified here: https://www.noip.com/integrate/request
Updated by Viktor Gurov over 3 years ago
Marcos Mendoza wrote:
Maybe the username:password syntax can be avoided altogether and instead the
Authorizationheader can be used as specified here: https://www.noip.com/integrate/request
this is the same as using the CURL_USERPWD option, see https://en.wikipedia.org/wiki/Basic_access_authentication
Updated by Jim Pingle over 3 years ago
- Affected Version changed from 2.6.0 to 2.5.2
Updated by Bug Reporter over 3 years ago
Works with simple passwords, still does not work with complex ones.
Getting "Response Data: badauth\x0d ".
Updated by Greg B over 3 years ago
Manually made the change detailed in 4aab19d4ade5d164c22bd63b2833d54bab740d59 and it's working for me now.
Updated by Kris Phillips about 3 years ago
This seems to cause 504 Gateway Timeouts in the webConfigurator, but still works on 21.05.1.
Updated by Jim Pingle about 3 years ago
- Plus Target Version changed from 21.09 to 22.01
Updated by Jim Pingle almost 3 years ago
- Status changed from Feedback to Resolved