https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162016-08-10T07:34:28ZpfSense bugtrackerpfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=285612016-08-10T07:34:28ZJim Pingle
<ul><li><strong>Category</strong> set to <i>Dynamic DNS</i></li><li><strong>Target version</strong> set to <i>2.4.0</i></li><li><strong>Affected Version</strong> set to <i>All</i></li></ul><p>If that example you posted is the one that didn't work, I can see why. Looks like ">" was changed to "&gt;" twice in the same password.</p>
<p>The password field probably needs to be base64 encoded in config.xml so it doesn't fall into traps like that.</p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=287672016-09-02T17:05:44ZJohn Dickinson
<ul></ul><p>Although I don't really know PHP, I can dive into the code and poke around. It looks like it's pretty easy to do base64 encode/decode, and that would fix it for me. However, I'm not really sure how to tackle the migration or testing issue. I can simply decode whatever's there in the field now, because that would break existing users who have set the password, and it doesn't seem very friendly to force users to re-enter their password so it can be encoded. And for testing, I don't really know how that works for PHP.</p>
<p>Any guidance would be appreciated.</p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=287682016-09-02T19:31:01ZPhillip Davisphil@jankaritech.com
<ul></ul><p>Have a look at the end of <a class="external" href="https://github.com/pfsense/pfsense/blob/master/src/etc/inc/upgrade_config.inc">https://github.com/pfsense/pfsense/blob/master/src/etc/inc/upgrade_config.inc</a><br />You can add a new section there that will encode existing passwords.<br />Increment the latest_config number in globals.inc and check <a class="external" href="https://github.com/pfsense/pfsense/blob/master/src/conf.default/config.xml">https://github.com/pfsense/pfsense/blob/master/src/conf.default/config.xml</a> (the default config provided on install and reset to factory defaults)<br />This commit had recent code that upgraded the config, useful as an example:<br /><a class="external" href="https://github.com/pfsense/pfsense/commit/2ce5cd33ef6434d3eb265c59f06e6ffb4930f0d9">https://github.com/pfsense/pfsense/commit/2ce5cd33ef6434d3eb265c59f06e6ffb4930f0d9</a></p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=292912016-11-06T00:42:12ZJim Thompsonjim@netgate.com
<ul><li><strong>Assignee</strong> set to <i>Jim Pingle</i></li></ul><p>Please look at Phil'a patch</p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=293182016-11-07T12:50:55ZJim Pingle
<ul></ul><p>I committed a fix to store the passwords in base64. Worked fine here but could use more testing. 2.4 only for the time being.</p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=293192016-11-07T13:00:06ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Store Dynamic DNS passwords in Base64 to protect special characters. Fixes #6688" href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/86584ded30c27b9ad1b017fb743399dc01180f02">86584ded30c27b9ad1b017fb743399dc01180f02</a>.</p> pfSense - Bug #6688: Special characters in a password cause problemshttps://redmine.pfsense.org/issues/6688?journal_id=294052016-11-11T22:00:37ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul><p>Base64 encoding works fine here.</p>