Bug #1553
closed
Dynamic DNS does not allow @ in the password
Added by Aaron Lusk almost 13 years ago. Updated about 8 years ago.
0%
Description
Dynamic DNS updater does not allow for @ symbol in the password for the update service.
Run into this problem when using a generated password for my DNS-O-Matic account. Changing the password to one generated without symbols fixed the problem.
Updated by Jim Pingle almost 13 years ago
- Category set to Dynamic DNS
- Target version set to Future
- Affected Version set to 2.0
- Affected Architecture All added
- Affected Architecture deleted (
)
Do you mean that DNS-O-Matic rejects such a password?
I don't see that we are currently doing any kind of input validation on that password field which would reject an @, and I can save an entry with one.
If DNS-O-Matic can't take an @, that means eventually we'll probably need to have some kind of per-service input validation for the password.
Updated by Aaron Lusk almost 13 years ago
DNS-O-Matic accepts the passwords with an @ symbol on their website but when you use that password on the Dynamic DNS updater this message shows up in the log:
php: /services_dyndns_edit.php: Request completed. DNS-O-Matic reported: Couldn't resolve host 'ksdfg@updates.dnsomatic.com'
It looks like the is breaking the string being sent to DNS-0-Matic's server as "ksdfg" is part of the password I just used to test this. Seems like the best thing to do is to just not allow to be used.
Updated by Aaron Lusk almost 13 years ago
It looks like the (AT) is breaking the string being sent to DNS-0-Matic's server as "ksdfg" is part of the password I just used to test this. Seems like the best thing to do is to just not allow (AT) to be used.**
(Looks like redmine does not like the (AT) symbol either)
Updated by Chris Buechler over 12 years ago
- Affected Version deleted (
2.0)
adding comment from #2079 duplicate
Dynamic DNS updater does not allow for @ symbol in the password for the update service.
Run into this problem when using a generated password for my DNS-O-Matic account. Changing the password to one generated without symbols fixed the problem.
"/etc/inc/dyndns.class" should be fixed to allow for all characters in the username and password field for all Dynamic DNS cases.
Here is a fix to allow the (at) symbol in the password and username field for dnsomatic:
[2.0.1-RELEASE][admin@pfSense]/root(13): diff -u /etc/inc/dyndns.class.bak /etc/inc/dyndns.class
--- /etc/inc/dyndns.class.bak 2012-01-10 01:26:05.000000000 -0800
+++ /etc/inc/dyndns.class 2012-01-10 01:30:35.000000000 -0800
@@ -368,7 +368,7 @@
if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
- $server = "https://" . $this->_dnsUser . ":" . $this->_dnsPass . "@updates.dnsomatic.com/nic/update?hostname=";
+ $server = "https://" . '$this->_dnsUser' . ":" . '$this->_dnsPass' . "@updates.dnsomatic.com/nic/update?hostname=";
if($this->_dnsServer)
$server = $this->_dnsServer;
if($this->_dnsPort)
Updated by Chris Buechler about 12 years ago
- Subject changed from Dynamic DNS to Dynamic DNS does not allow @ in the password
- Priority changed from Normal to Low
Updated by Andrew DeFilippis almost 11 years ago
I placed pull request 656 on git to resolve this issue, by using "rawurlencode":
@@ -438,8 +438,16 @@
log_error("DNS-O-Matic: DNS update() starting.");
if (isset($this->_dnsWildcard) && $this->_dnsWildcard != "OFF") $this->_dnsWildcard = "ON";
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
- curl_setopt($ch, CURLOPT_USERPWD, $this->_dnsUser.':'.$this->_dnsPass);
- $server = "https://" . $this->_dnsUser . ":" . $this->_dnsPass . "@updates.dnsomatic.com/nic/update?hostname=";
+ /*
+ Reference: https://www.dnsomatic.com/wiki/api
+ DNS-O-Matic usernames are 3-25 characters.
+ DNS-O-Matic passwords are 6-20 characters.
+ All ASCII letters and numbers accepted.
+ Dots, dashes, and underscores allowed, but not at the beginning or end of the string.
+ Required: "rawurlencode" http://www.php.net/manual/en/function.rawurlencode.php
+ Encodes the given string according to RFC 3986.
+ */
+ $server = "https://" . rawurlencode($this->_dnsUser) . ":" . rawurlencode($this->_dnsPass) . "@updates.dnsomatic.com/nic/update?hostname=";
if($this->_dnsServer)
$server = $this->_dnsServer;
if($this->_dnsPort)
Updated by Jim Thompson about 8 years ago
- Target version changed from Future to 2.3.1
Updated by Chris Buechler about 8 years ago
- Status changed from New to Resolved
- Target version deleted (
2.3.1)
this was fixed long ago and didn't get marked as such. The PR was merged in May 2013, so fixed in 2.1.0+. Confirmed still working in 2.3.