Re: [commons-net] issue: FTP other HTTP with Proxy-Authorization fail
On Tue, 13 Feb 2024 at 00:40, sebb wrote: > > On Mon, 12 Feb 2024 at 16:40, Elliotte Rusty Harold > wrote: > > > > Be careful with this one. I don't have full context, but this looks > > likely to be a real bug on some code paths and perhaps not a bug on > > others. We'll need to make sure that the patch for the broken code > > path doesn't break a currently working path. Specifically I'm worried > > about where \r\n might and might not show up after the if block shown > > here. > > The existing code appears to have the correct number of CRLFs only if > the conditional is true. > > So I think the line > > output.write(CRLF); > > should be moved into the conditional, rather than being added to the > conditional, as that would result in an extra CRLF. > > i.e. > > https://github.com/apache/commons-net/pull/217 > Ignore that; the 'extra' CRLF seems to be the separator for the end of the headers, so the original fix in this thread does look correct. > > On Mon, Feb 12, 2024 at 10:15 AM Емельянов Юрий Владимирович > > wrote: > > > > > > see FTPHTTPClient.tunnelHandshake > > > > > > current code is: > > > > > > if (proxyUsername != null && proxyPassword != null) { > > > final String auth = proxyUsername + ":" + proxyPassword; > > > final String header = "Proxy-Authorization: Basic " + > > > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > > > output.write(header.getBytes(charset)); > > > } > > > correct code is: > > > > > > if (proxyUsername != null && proxyPassword != null) { > > > final String auth = proxyUsername + ":" + proxyPassword; > > > final String header = "Proxy-Authorization: Basic " + > > > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > > > output.write(header.getBytes(charset)); > > > *output.write(CRLF);* > > > } > > > > > > > > > -- > > Elliotte Rusty Harold > > elh...@ibiblio.org > > > > - > > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > > For additional commands, e-mail: dev-h...@commons.apache.org > > - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
Re: [commons-net] issue: FTP other HTTP with Proxy-Authorization fail
On Mon, 12 Feb 2024 at 16:40, Elliotte Rusty Harold wrote: > > Be careful with this one. I don't have full context, but this looks > likely to be a real bug on some code paths and perhaps not a bug on > others. We'll need to make sure that the patch for the broken code > path doesn't break a currently working path. Specifically I'm worried > about where \r\n might and might not show up after the if block shown > here. The existing code appears to have the correct number of CRLFs only if the conditional is true. So I think the line output.write(CRLF); should be moved into the conditional, rather than being added to the conditional, as that would result in an extra CRLF. i.e. https://github.com/apache/commons-net/pull/217 > On Mon, Feb 12, 2024 at 10:15 AM Емельянов Юрий Владимирович > wrote: > > > > see FTPHTTPClient.tunnelHandshake > > > > current code is: > > > > if (proxyUsername != null && proxyPassword != null) { > > final String auth = proxyUsername + ":" + proxyPassword; > > final String header = "Proxy-Authorization: Basic " + > > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > > output.write(header.getBytes(charset)); > > } > > correct code is: > > > > if (proxyUsername != null && proxyPassword != null) { > > final String auth = proxyUsername + ":" + proxyPassword; > > final String header = "Proxy-Authorization: Basic " + > > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > > output.write(header.getBytes(charset)); > > *output.write(CRLF);* > > } > > > > > -- > Elliotte Rusty Harold > elh...@ibiblio.org > > - > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
Re: [commons-net] issue: FTP other HTTP with Proxy-Authorization fail
Be careful with this one. I don't have full context, but this looks likely to be a real bug on some code paths and perhaps not a bug on others. We'll need to make sure that the patch for the broken code path doesn't break a currently working path. Specifically I'm worried about where \r\n might and might not show up after the if block shown here. On Mon, Feb 12, 2024 at 10:15 AM Емельянов Юрий Владимирович wrote: > > see FTPHTTPClient.tunnelHandshake > > current code is: > > if (proxyUsername != null && proxyPassword != null) { > final String auth = proxyUsername + ":" + proxyPassword; > final String header = "Proxy-Authorization: Basic " + > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > output.write(header.getBytes(charset)); > } > correct code is: > > if (proxyUsername != null && proxyPassword != null) { > final String auth = proxyUsername + ":" + proxyPassword; > final String header = "Proxy-Authorization: Basic " + > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > output.write(header.getBytes(charset)); > *output.write(CRLF);* > } > -- Elliotte Rusty Harold elh...@ibiblio.org - To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
Re: [commons-net] issue: FTP other HTTP with Proxy-Authorization fail
Hi, Thank you for your email. I can't validate this without a test. The best path forward is for you to provide a PR in GitHub. TY! Gary On Mon, Feb 12, 2024, 10:15 AM Емельянов Юрий Владимирович wrote: > see FTPHTTPClient.tunnelHandshake > > current code is: > > if (proxyUsername != null && proxyPassword != null) { > final String auth = proxyUsername + ":" + proxyPassword; > final String header = "Proxy-Authorization: Basic " + > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > output.write(header.getBytes(charset)); > } > correct code is: > > if (proxyUsername != null && proxyPassword != null) { > final String auth = proxyUsername + ":" + proxyPassword; > final String header = "Proxy-Authorization: Basic " + > Base64.getEncoder().encodeToString(auth.getBytes(charset)); > output.write(header.getBytes(charset)); > *output.write(CRLF);* > } > >