From 3d601510285e2d10e6a277e89cd28bc11dc5c8a1 Mon Sep 17 00:00:00 2001
From: manuel <manuel@crashtest-security.com>
Date: Wed, 18 Mar 2020 14:08:50 +0100
Subject: [PATCH] backport patch for the http basic auth bug from PR 1538

---
 testssl.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testssl.sh b/testssl.sh
index 9eaa053..22cdea4 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -18481,7 +18481,7 @@ determine_service() {
                ua="$UA_SNEAKY" || \
                ua="$UA_STD"
           if [[ -n "$BASICAUTH" ]]; then
-               basicauth_header="Authorization: Basic $($OPENSSL base64 <<< "$BASICAUTH" 2>/dev/null)\r\n"
+               basicauth_header="Authorization: Basic $(safe_echo "$BASICAUTH" | $OPENSSL base64 2>/dev/null)\r\n"
           fi
           GET_REQ11="GET $URL_PATH HTTP/1.1\r\nHost: $NODE\r\nUser-Agent: $ua\r\n${basicauth_header}Accept-Encoding: identity\r\nAccept: text/*\r\nConnection: Close\r\n\r\n"
           # returns always 0: