akuhtz
commented
2 weeks ago @vsalavatov Can you provide the base64-encoded data that causes the exception?
Closed vsalavatov closed 2 weeks ago
akuhtz
commented
2 weeks ago @vsalavatov Can you provide the base64-encoded data that causes the exception?
vsalavatov
commented
2 weeks ago The issue was reported by a user, and I don't have the data at hand. I'll try to reproduce the issue myself later and post it here. It was some proxy credential stored in <data>, if I'm not mistaken.
vsalavatov
commented
2 weeks ago STR:
/Library/Preferences/SystemConfiguration/preferences.plist, see Details below
I cannot share the whole file, but this is the added entry
<key>733706DB-942B-4451-9F70-65379770E441</key>
<dict>
<key>DNS</key>
<dict>
<key>__INACTIVE__</key>
<true/>
</dict>
<key>IPv4</key>
<dict>
<key>ConfigMethod</key>
<string>VPN</string>
</dict>
<key>IPv6</key>
<dict>
<key>ConfigMethod</key>
<string>Automatic</string>
</dict>
<key>Interface</key>
<dict>
<key>SubType</key>
<string>com.wireguard.macos</string>
<key>Type</key>
<string>VPN</string>
</dict>
<key>Proxies</key>
<dict>
<key>FTPPassive</key>
<integer>1</integer>
<key>__INACTIVE__</key>
<true/>
</dict>
<key>SMB</key>
<dict/>
<key>UserDefinedName</key>
<string>kekos</string>
<key>VPN</key>
<dict>
<key>AuthenticationMethod</key>
<string>Password</string>
<key>DesignatedRequirement</key>
<string>(anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = L82V4Y2P3C) and identifier "com.wireguard.macos.network-extension"</string>
<key>DisconnectOnFastUserSwitch</key>
<integer>0</integer>
<key>DisconnectOnIdle</key>
<integer>0</integer>
<key>DisconnectOnIdleTimer</key>
<integer>0</integer>
<key>DisconnectOnLogout</key>
<integer>0</integer>
<key>DisconnectOnSleep</key>
<integer>0</integer>
<key>DisconnectOnWake</key>
<integer>0</integer>
<key>DisconnectOnWakeTimer</key>
<integer>0</integer>
<key>NEProviderBundleIdentifier</key>
<string>com.wireguard.macos.network-extension</string>
<key>OnDemandEnabled</key>
<false/>
<key>PasswordReference</key>
<data>
c3N1aQAAACCHGRyjD8kR1ISaAAUCtSEiAAAAAAAAAAAA
AAAAAAAABmRibm0AAAAmfi9MaWJyYXJ5L0tleWNoYWlu
cy9sb2dpbi5rZXljaGFpbi1kYgBpdGVtAAAASoAAAAAA
AAAra2Vrb3M6IDhEREVGQTYwLThFRUItNDdGNS1CMjE5
LTg3Njc0MDc2MEE0NgAAABNjb20ud2lyZWd1YXJkLm1h
Y29z
</data>
<key>RemoteAddress</key>
<string>Unspecified</string>
</dict>
<key>com.wireguard.macos</key>
<dict>
<key>UID</key>
<integer>501</integer>
</dict>
</dict>The system default strategy fails to parse the file:
akuhtz
commented
2 weeks ago @vsalavatov Many thanks for the data to reproduce the issue. As I don't have access to a Mac at the moment, could you try with the latest 1.1.5-SNAPSHOT version if the error is fixed? https://oss.sonatype.org/content/repositories/snapshots/org/bidib/com/github/markusbernhardt/proxy-vole/1.1.5-SNAPSHOT/
I will do a release if it works.
vsalavatov
commented
2 weeks ago It works! Thanks for such a fast fix! 🔥
akuhtz
commented
2 weeks ago @vsalavatov Thanks for your support 👍 Release 1.1.5 is published to central maven repo.
The plist file for proxy settings on MacOS may store some fields using multiline base64 encoding (
<data>). For an example of how it may look, please see https://forum.latenightsw.com/t/how-do-i-base64-decode-and-encode-multiple-lines/759 (not a proxy preferences plist file, but it looks the same). The<data>contains the base64-encoded sequence split by newlines and tabulations.It makes the method incorrectly parse the data or throw an exception (
IndexOutOfBoundsException) because the length of the base64 sequence is not divisible by 4 because of the extra characters. It makes theOsxProxySearchStrategystrategy fail with an exception.Probably, to make it more robust, all "space" characters should be filtered out.