Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-4002

Proxy credentials should be strongly encrypted

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: core
    • Labels:
      None
    • Environment:
      Platform: All, OS: All
    • Similar Issues:

      Description

      Proxy authentication credentials today are weakly encrypted, so anybody can
      reverse engineering to view the proxy's password. This problem appears to user
      as in the issue #4000. So, to avoid such security flaws, it should have an
      option encrypt password with a "Master Password" (like Firefox does).

        Attachments

          Activity

          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          core/src/main/java/hudson/ProxyConfiguration.java
          core/src/main/resources/hudson/PluginManager/advanced.jelly
          http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0
          Log:
          [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password

          Proxy password is encrypted in xml config file, and in the UI

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: core/src/main/java/hudson/ProxyConfiguration.java core/src/main/resources/hudson/PluginManager/advanced.jelly http://jenkins-ci.org/commit/jenkins/c4d9fe8e0707330d1d59d6f30a3a2e32b36a88c0 Log: [FIXED JENKINS-4000] , [FIXED JENKINS-4002] encrypt proxy password Proxy password is encrypted in xml config file, and in the UI
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: bap2000
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9
          Log:
          [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: bap2000 Path: changelog.html http://jenkins-ci.org/commit/jenkins/495779d4ca7d04179d7e34c9624c0387d3d340c9 Log: [FIXED JENKINS-4000] [FIXED JENKINS-4002] Add fix to changelog
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Nicolas De Loof
          Path:
          changelog.html
          http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7
          Log:
          [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Nicolas De Loof Path: changelog.html http://jenkins-ci.org/commit/jenkins/005b75d6383a21bc1fa12a017a299ec179dc50b7 Log: [FIX JENKINS-4002] [FIX JENKINS-4000] encrypr proxy credentials

            People

            Assignee:
            bap bap
            Reporter:
            rcsilva83 rcsilva83
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: