Changeset 1990
- Timestamp:
- 09/06/2007 09:41:29 PM (12 months ago)
- Location:
- trunk
- Files:
-
- 3 modified
-
NEWS (modified) (1 diff)
-
src/http_auth.c (modified) (3 diffs)
-
tests/mod-auth.t (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/NEWS
r1986 r1990 23 23 * fixed prctl() usage (#1310, #1333) 24 24 * fixed FastCGI header overrun in mod_fastcgi (reported by mattias@secweb.se) 25 * fixed mem-leak in mod_auth (reported by Stefan Esser) 26 * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser) 27 * fixed missing check for base64 encoded string in mod_auth and Basic auth 28 (reported by Stefan Esser) 29 * fixed possible crash in Auth-Digest header parser on trailing WS in 30 mod_auth (reported by Stefan Esser) 25 31 26 32 - 1.4.14 - ??? -
trunk/src/http_auth.c
r1952 r1990 833 833 password = buffer_init(); 834 834 835 base64_decode(username, realm_str); 835 if (!base64_decode(username, realm_str)) { 836 log_error_write(srv, __FILE__, __LINE__, "sb", "decodeing base64-string failed", username); 837 838 buffer_free(username); 839 return 0; 840 } 836 841 837 842 /* r2 == user:password */ 838 843 if (NULL == (pw = strchr(username->ptr, ':'))) { 844 log_error_write(srv, __FILE__, __LINE__, "sb", ": is missing in", username); 845 839 846 buffer_free(username); 840 841 log_error_write(srv, __FILE__, __LINE__, "sb", ": is missing in", username);842 843 847 return 0; 844 848 } … … 969 973 /* skip whitespaces */ 970 974 while (*c == ' ' || *c == '\t') c++; 971 if (! c) break;975 if (!*c) break; 972 976 973 977 for (i = 0; dkv[i].key; i++) { … … 1018 1022 log_error_write(srv, __FILE__, __LINE__, "s", 1019 1023 "digest: missing field"); 1024 1025 buffer_free(b); 1026 return -1; 1027 } 1028 1029 /** 1030 * protect the md5-sess against missing cnonce and nonce 1031 */ 1032 if (algorithm && 1033 0 == strcasecmp(algorithm, "md5-sess") && 1034 (!nonce || !cnonce)) { 1035 log_error_write(srv, __FILE__, __LINE__, "s", 1036 "digest: (md5-sess: missing field"); 1037 1038 buffer_free(b); 1020 1039 return -1; 1021 1040 } -
trunk/tests/mod-auth.t
r1349 r1990 9 9 use strict; 10 10 use IO::Socket; 11 use Test::More tests => 1 0;11 use Test::More tests => 13; 12 12 use LightyTest; 13 13 … … 94 94 ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash'); 95 95 96 $t->{REQUEST} = ( <<EOF 97 GET /server-status HTTP/1.0 98 Authorization: Basic = 99 EOF 100 ); 101 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 102 ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64'); 103 104 105 $t->{REQUEST} = ( <<EOF 106 GET /server-status HTTP/1.0 107 User-Agent: Wget/1.9.1 108 Authorization: Digest username="jan", realm="jan", 109 nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", 110 uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", 111 cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", 112 nc="asd", 113 response="29B32C2953C763C6D033C8A49983B87E" 114 EOF 115 ); 116 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 117 ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce'); 118 119 $t->{REQUEST} = ( <<EOF 120 GET /server-status HTTP/1.0 121 User-Agent: Wget/1.9.1 122 Authorization: Digest username="jan", realm="jan", 123 nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", 124 uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", 125 cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", 126 nc="asd", 127 response="29B32C2953C763C6D033C8A49983B87E" 128 EOF 129 ); 130 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 131 ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS'); 132 96 133 97 134
