Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-4002

Proxy credentials should be strongly encrypted

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Major Major
    • core
    • None
    • Platform: All, OS: All

      Proxy authentication credentials today are weakly encrypted, so anybody can
      reverse engineering to view the proxy's password. This problem appears to user
      as in the issue #4000. So, to avoid such security flaws, it should have an
      option encrypt password with a "Master Password" (like Firefox does).

          [JENKINS-4002] Proxy credentials should be strongly encrypted

          dogfood added a comment -

          dogfood added a comment - Integrated in jenkins_main_trunk #838

          Chad Wilson added a comment - - edited

          Ignore please, erronious suggestion

          Chad Wilson added a comment - - edited Ignore please, erronious suggestion

          bap added a comment -

          fixed in 1.415

          bap added a comment - fixed in 1.415

          Code changed in jenkins
          User: bap2000
          Path:
          core/src/main/java/hudson/ProxyConfiguration.java
          core/src/main/resources/hudson/PluginManager/advanced.jelly
          http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0
          Log:
          [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password

          Proxy password is encrypted in xml config file, and in the UI

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: core/src/main/java/hudson/ProxyConfiguration.java core/src/main/resources/hudson/PluginManager/advanced.jelly http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0 Log: [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password Proxy password is encrypted in xml config file, and in the UI

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          Code changed in jenkins
          User: bap2000
          Path:
          core/src/main/java/hudson/ProxyConfiguration.java
          core/src/main/resources/hudson/PluginManager/advanced.jelly
          http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0
          Log:
          [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password

          Proxy password is encrypted in xml config file, and in the UI

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: core/src/main/java/hudson/ProxyConfiguration.java core/src/main/resources/hudson/PluginManager/advanced.jelly http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0 Log: [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password Proxy password is encrypted in xml config file, and in the UI

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

            bap bap
            rcsilva83 rcsilva83
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: