mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
Fix bug2752 : 48-char HTTPProxyAuthenticator limitation
Bumped the char maximum to 512 for HTTPProxyAuthenticator & HTTPSProxyAuthenticator. Now stripping all '\n' after base64 encoding in alloc_http_authenticator.
This commit is contained in:
parent
e908e3a332
commit
a3707a1052
5
changes/bug2752
Normal file
5
changes/bug2752
Normal file
@ -0,0 +1,5 @@
|
||||
o Minor bugfixes
|
||||
- Tor used to limit HttpProxyAuthenticator values to 48 characters.
|
||||
Changed the limit to 512 characters by removing base64 newlines.
|
||||
Fixes bug 2917.
|
||||
|
@ -3398,8 +3398,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
||||
}
|
||||
|
||||
if (options->HTTPProxyAuthenticator) {
|
||||
if (strlen(options->HTTPProxyAuthenticator) >= 48)
|
||||
REJECT("HTTPProxyAuthenticator is too long (>= 48 chars).");
|
||||
if (strlen(options->HTTPProxyAuthenticator) >= 512)
|
||||
REJECT("HTTPProxyAuthenticator is too long (>= 512 chars).");
|
||||
}
|
||||
|
||||
if (options->HTTPSProxy) { /* parse it now */
|
||||
@ -3412,8 +3412,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
||||
}
|
||||
|
||||
if (options->HTTPSProxyAuthenticator) {
|
||||
if (strlen(options->HTTPSProxyAuthenticator) >= 48)
|
||||
REJECT("HTTPSProxyAuthenticator is too long (>= 48 chars).");
|
||||
if (strlen(options->HTTPSProxyAuthenticator) >= 512)
|
||||
REJECT("HTTPSProxyAuthenticator is too long (>= 512 chars).");
|
||||
}
|
||||
|
||||
if (options->Socks4Proxy) { /* parse it now */
|
||||
|
@ -3232,8 +3232,17 @@ alloc_http_authenticator(const char *authenticator)
|
||||
authenticator, authenticator_length) < 0) {
|
||||
tor_free(base64_authenticator); /* free and set to null */
|
||||
} else {
|
||||
/* remove extra \n at end of encoding */
|
||||
base64_authenticator[strlen(base64_authenticator) - 1] = 0;
|
||||
int i = 0, j = 0;
|
||||
int len = strlen(base64_authenticator);
|
||||
|
||||
/* remove all newline occurrences within the string */
|
||||
for (i=0; i < len; ++i) {
|
||||
if ('\n' != base64_authenticator[i]) {
|
||||
base64_authenticator[j] = base64_authenticator[i];
|
||||
++j;
|
||||
}
|
||||
}
|
||||
base64_authenticator[j]='\0';
|
||||
}
|
||||
return base64_authenticator;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user