Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
to your account
dirbaio@jupiter:~$ cat > .netrc <<EOF
dirbaio@jupiter:~$ curl -n -v https://example.com
> Authorization: Basic dGVzdDowMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU=
If you base64-decode the sent credentials, you get test:012345678(...)012345. The password is (silently!) truncated to 246 characters.
I'm hitting this problem when trying to clone a Git repo from a private system that needs OpenID Connect tokens as passwords, which are ~800 chars.
curl 7.60.0 (x86_64-pc-linux-gnu) libcurl/7.60.0 OpenSSL/1.1.0h zlib/1.2.11 libidn2/2.0.5 libpsl/0.20.2 (+libidn2/2.0.4) nghttp2/1.31.1
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
The text was updated successfully, but these errors were encountered:
Right, the limit seems to be that the current code is only allowing 256 bytes for the whole line:
Lines 118 to 119
A cheap fix would be to instead allow it to use 4096 or something thereabouts: much larger, but not large to cause any problems. What do you think?
Sorry, something went wrong.
That would solve my particular issue, yes. Let's just hope no one needs more than 4096 chars :)
netrc: use a larger buffer
... to work with longer passwords etc.
It's been 256 bytes since 2003 and you're the first to report a problem with it. I presume 4096 should be good for a few years more =)
No branches or pull requests