Project

General

Profile

Actions

Bug #1553

closed

Dynamic DNS does not allow @ in the password

Added by Aaron Lusk over 13 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Low
Category:
Dynamic DNS
Target version:
-
Start date:
05/24/2011
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
All

Description

Dynamic DNS updater does not allow for @ symbol in the password for the update service.

Run into this problem when using a generated password for my DNS-O-Matic account. Changing the password to one generated without symbols fixed the problem.

Actions #1

Updated by Jim Pingle over 13 years ago

  • Category set to Dynamic DNS
  • Target version set to Future
  • Affected Version set to 2.0
  • Affected Architecture All added
  • Affected Architecture deleted ()

Do you mean that DNS-O-Matic rejects such a password?
I don't see that we are currently doing any kind of input validation on that password field which would reject an @, and I can save an entry with one.

If DNS-O-Matic can't take an @, that means eventually we'll probably need to have some kind of per-service input validation for the password.

Actions #2

Updated by Aaron Lusk over 13 years ago

DNS-O-Matic accepts the passwords with an @ symbol on their website but when you use that password on the Dynamic DNS updater this message shows up in the log:

php: /services_dyndns_edit.php: Request completed. DNS-O-Matic reported: Couldn't resolve host ''

It looks like the is breaking the string being sent to DNS-0-Matic's server as "ksdfg" is part of the password I just used to test this. Seems like the best thing to do is to just not allow to be used.

Actions #3

Updated by Aaron Lusk over 13 years ago

It looks like the (AT) is breaking the string being sent to DNS-0-Matic's server as "ksdfg" is part of the password I just used to test this. Seems like the best thing to do is to just not allow (AT) to be used.**

(Looks like redmine does not like the (AT) symbol either)

Actions #4

Updated by Chris Buechler almost 13 years ago

  • Affected Version deleted (2.0)

adding comment from #2079 duplicate


Dynamic DNS updater does not allow for @ symbol in the password for the update service.

Run into this problem when using a generated password for my DNS-O-Matic account. Changing the password to one generated without symbols fixed the problem.


"/etc/inc/dyndns.class" should be fixed to allow for all characters in the username and password field for all Dynamic DNS cases.

Here is a fix to allow the (at) symbol in the password and username field for dnsomatic:

[2.0.1-RELEASE][admin@pfSense]/root(13): diff -u /etc/inc/dyndns.class.bak /etc/inc/dyndns.class
--- /etc/inc/dyndns.class.bak    2012-01-10 01:26:05.000000000 -0800
+++ /etc/inc/dyndns.class    2012-01-10 01:30:35.000000000 -0800
@@ -368,7 +368,7 @@
                     if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
                     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
                     curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
-                    $server = "https://" . $this->_dnsUser . ":" . $this->_dnsPass . "@updates.dnsomatic.com/nic/update?hostname=";
+                    $server = "https://" . '$this->_dnsUser' . ":" . '$this->_dnsPass' . "@updates.dnsomatic.com/nic/update?hostname=";
                     if($this->_dnsServer)
                         $server = $this->_dnsServer;
                     if($this->_dnsPort)
Actions #5

Updated by Chris Buechler over 12 years ago

  • Subject changed from Dynamic DNS to Dynamic DNS does not allow @ in the password
  • Priority changed from Normal to Low
Actions #6

Updated by Andrew DeFilippis over 11 years ago

I placed pull request 656 on git to resolve this issue, by using "rawurlencode":

@@ -438,8 +438,16 @@
             log_error("DNS-O-Matic: DNS update() starting.");
           if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
-          curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
-          $server = "https://" . $this->_dnsUser . ":" . $this->_dnsPass . "@updates.dnsomatic.com/nic/update?hostname=";
+          /*
+          Reference: https://www.dnsomatic.com/wiki/api
+            DNS-O-Matic usernames are 3-25 characters.
+            DNS-O-Matic passwords are 6-20 characters.
+            All ASCII letters and numbers accepted.
+            Dots, dashes, and underscores allowed, but not at the beginning or end of the string.
+          Required: "rawurlencode" http://www.php.net/manual/en/function.rawurlencode.php
+            Encodes the given string according to RFC 3986.
+          */
+          $server = "https://" . rawurlencode($this->_dnsUser) . ":" . rawurlencode($this->_dnsPass) . "@updates.dnsomatic.com/nic/update?hostname=";
           if($this->_dnsServer)
             $server = $this->_dnsServer;
           if($this->_dnsPort)
Actions #7

Updated by Jim Thompson over 8 years ago

  • Assignee set to Renato Botelho
Actions #8

Updated by Jim Thompson over 8 years ago

  • Target version changed from Future to 2.3.1
Actions #9

Updated by Chris Buechler over 8 years ago

  • Status changed from New to Resolved
  • Target version deleted (2.3.1)

this was fixed long ago and didn't get marked as such. The PR was merged in May 2013, so fixed in 2.1.0+. Confirmed still working in 2.3.

Actions

Also available in: Atom PDF