Describe your issue

The .taskrc parser in lib/app/utils/taskserver/parse_taskrc.dart
uses line.split('=') to parse key-value pairs. This causes silent
data truncation for any parameter whose value contains one or more =
characters.

This is a critical bug because base64-encoded certificates and other
taskd parameter values routinely contain = padding characters. When
these values are truncated, authentication silently fails with
absolutely no error shown to the user — making it nearly impossible
to diagnose.

Root Cause:
File: lib/app/utils/taskserver/parse_taskrc.dart
Line: 7-8

The parser does:

.map((line) => line.split('='))

and then blindly extracts pair[0] and pair[1]. When a value contains
= (e.g. base64 padding), split('=') produces 3+ parts — everything
from pair[2] onwards is permanently dropped.

Example:
Input: taskd.certificate=abc123==
split result: ['taskd.certificate', 'abc123', '', '']
Stored: 'abc123' ← trailing == silently lost

Steps to reproduce

1. Create a .taskrc file containing any parameter whose value includes
   one or more '=' characters, for example:

   taskd.certificate=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t==
   

2. Import this .taskrc into the app during TaskServer configuration setup

3. Tap "Taskrc file is verified" to inspect the parsed configuration

4. Observe: everything after the second '=' in the value is silently
   dropped from the stored configuration

What was the expected result?

The parser should split only on the first occurrence of '=' and
preserve the entire remainder of the line as the value.

The correct fix is to replace line.split('=') with a first-occurrence
split:

final index = line.indexOf('=');
if (index == -1) return; // skip malformed lines
final key = line.substring(0, index).trim();
final value = line.substring(index + 1).trim();

This correctly handles all values containing '=' characters including
base64-encoded certificates, credentials, and taskd.trust parameters.

Impact:

• Any user with base64-encoded certificates in their .taskrc is
  silently affected
• Directly contributes to the root cause of issue sync: taskd.trust parameter is ignored #428 (taskd.trust
  being ignored) since cert fields with '=' padding are dropped before
  reaching the SSL handshake
• Authentication silently fails with no error surfaced to the user
• Affects all platforms: Android, Linux, Windows, macOS

Put here any screenshots or videos (optional)

N/A — this is a code-level parser bug reproducible by reading
lib/app/utils/taskserver/parse_taskrc.dart lines 7-8

How can we contact you (optional)

Available on CCExtractor Zulip: Varad Raj Agrawal

Would you like to work on this issue?

Yes

By submitting this issue, I have confirmed that:

• I have starred the repo ⭐ and watched 👀 it on GitHub and followed the contribution guidelines.