Fix http/s proxy authentication with long username/passwords (#16504)
parent
2f1065f81b
commit
95076f77c1
|
@ -0,0 +1 @@
|
||||||
|
Fix a bug introduced in Synapse 1.41 where HTTP(S) forward proxy authorization would fail when using basic HTTP authentication with a long `username:password` string.
|
|
@ -59,7 +59,7 @@ class BasicProxyCredentials(ProxyCredentials):
|
||||||
a Proxy-Authorization header.
|
a Proxy-Authorization header.
|
||||||
"""
|
"""
|
||||||
# Encode as base64 and prepend the authorization type
|
# Encode as base64 and prepend the authorization type
|
||||||
return b"Basic " + base64.encodebytes(self.username_password)
|
return b"Basic " + base64.b64encode(self.username_password)
|
||||||
|
|
||||||
|
|
||||||
@attr.s(auto_attribs=True)
|
@attr.s(auto_attribs=True)
|
||||||
|
|
|
@ -217,6 +217,27 @@ class ProxyParserTests(TestCase):
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class TestBasicProxyCredentials(TestCase):
|
||||||
|
def test_long_user_pass_string_encoded_without_newlines(self) -> None:
|
||||||
|
"""Reproduces https://github.com/matrix-org/synapse/pull/16504."""
|
||||||
|
proxy_connection_string = b"looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooonguser:pass@proxy.local:9988"
|
||||||
|
_, _, _, creds = parse_proxy(proxy_connection_string)
|
||||||
|
assert creds is not None # for mypy's benefit
|
||||||
|
self.assertIsInstance(creds, BasicProxyCredentials)
|
||||||
|
|
||||||
|
auth_value = creds.as_proxy_authorization_value()
|
||||||
|
self.assertNotIn(b"\n", auth_value)
|
||||||
|
self.assertEqual(
|
||||||
|
creds.as_proxy_authorization_value(),
|
||||||
|
b"Basic bG9vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vb29vbmd1c2VyOnBhc3M=",
|
||||||
|
)
|
||||||
|
basic_auth_payload = creds.as_proxy_authorization_value().split(b" ")[1]
|
||||||
|
self.assertEqual(
|
||||||
|
base64.b64decode(basic_auth_payload),
|
||||||
|
b"looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooonguser:pass",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class MatrixFederationAgentTests(TestCase):
|
class MatrixFederationAgentTests(TestCase):
|
||||||
def setUp(self) -> None:
|
def setUp(self) -> None:
|
||||||
self.reactor = ThreadedMemoryReactorClock()
|
self.reactor = ThreadedMemoryReactorClock()
|
||||||
|
|
Loading…
Reference in New Issue