Httpauth digest response #944
Conversation
src/httpauth/digest.c
Outdated
| @@ -16,21 +16,37 @@ | |||
| #include <re_httpauth.h> | |||
|
|
|||
|
|
|||
| enum { | |||
| CNONCE_NC_LENGTH = 9, /* 8 characters + '\0' */ | |||
There was a problem hiding this comment.
perhaps SIZE is better ?
if you know the length, why do you need a trailing null terminator ?
There was a problem hiding this comment.
Renaming to CNONCE_NC_SIZE is a good idea.
The enum is meant for the string size when the uint32_t is hex encoded. I added the NULL terminator, so i don't need to add 1 whenever i handle the array/string.
src/httpauth/digest.c
Outdated
| /* HASH A2 */ | ||
| if (str_isset(resp->qop) && str_str(resp->qop, "auth-int")) { | ||
| if (!entitybody || str_casecmp(entitybody, "") == 0) { | ||
| resp->hash_function((uint8_t *)"", str_len(""), hash1); |
There was a problem hiding this comment.
perhaps check if hash_function is set, otherwise it might crash.
perhaps also use the "handler" paradigm with a trailing h.
There was a problem hiding this comment.
i will change to the "handler" paradigm.
The check does not hurt so i will add it. Since digest_response is an static function, it gets called only after an successful set of the hash_function. That is the reason i didn't include the check.
|
|
||
| /* HASH A2 */ | ||
| if (str_isset(resp->qop) && str_str(resp->qop, "auth-int")) { | ||
| if (!entitybody || str_casecmp(entitybody, "") == 0) { |
src/httpauth/digest.c
Outdated
| int httpauth_digest_response_set_cnonce(struct httpauth_digest_enc_resp *resp, | ||
| const struct httpauth_digest_chall *chall, const struct pl *method, | ||
| const char *user, const char *passwd, const char *entitybody, | ||
| const uint32_t cnonce, const uint32_t nc_) |
There was a problem hiding this comment.
remove trailing underscore from "nc_"
const is not needed for params passed by value
There was a problem hiding this comment.
I didn't want to write out the nonce_count and nc is already an static internal variable. Therefore the underscore.
I will write it out and remove the const.
| pl_strstr(&chall->algorithm, "MD5")) { | ||
| resp->hash_function = &md5; | ||
| resp->hash_length = MD5_SIZE; | ||
| err = str_dup(&resp->algorithm, "MD5"); |
There was a problem hiding this comment.
We should consider how to deal with weak crypto such as MD5 or SHA1.
There was a problem hiding this comment.
SHA1 is not in the specification anyway, i can remove it as supported algorithm. MD5 on the other hand is the default fallback if no algorithm is specified. Also the MD5 is needed for backwards compatibility.
In the RFC there are 3 algorithms, MD5, SHA256 and SHA512-256. The SHA512-256 is a special case of SHA512 which is not implemented in re for now. I checked the microsoft and apple documentation and non of these two have an interface for SHA512-256. OpenSSL has the capability to implement it, but it is not a single function call like the others for now.
There was a problem hiding this comment.
for now it should be enough with MD5 and SHA256.
I am wondering if we should add a global macro ENABLE_WEAK_CIPHERS that we can put around
the MD5 and SHA1 code... ?
There was a problem hiding this comment.
Disabling the MD5 via an macro is quite risky. It might break a lot of digest authentication implementations.
For SHA1 on the other hand it would be a good idea since the SHA2 family should be used instead.
I will remove the SHA1 algorithm for now.
src/httpauth/digest.c
Outdated
| goto out; | ||
| } | ||
|
|
||
| n = re_snprintf(resp->nc, CNONCE_NC_SIZE, "%08x", nonce_counter); |
There was a problem hiding this comment.
Can cnonce and nonce_counter be stored as is on the struct ?
And the printing to hex can be done when needed ?
src/httpauth/digest.c
Outdated
|
|
||
| n = re_snprintf(resp->nc, CNONCE_NC_SIZE, "%08x", nonce_counter); | ||
| if (n == -1 || n != CNONCE_NC_SIZE -1) { | ||
| err = ERANGE; |
There was a problem hiding this comment.
this error code can be returned directly
include/re_httpauth.h
Outdated
| char *username_star; | ||
| char *uri; | ||
| char *cnonce; | ||
| char *nc; |
There was a problem hiding this comment.
Unrelated, this can also be fixed size: char nc[8+1]
test/httpauth.c
Outdated
|
|
||
| int err; | ||
|
|
||
| for (unsigned int i = 0; i < RE_ARRAY_SIZE(testv); i++) { |
There was a problem hiding this comment.
better to use size_t for i here ...
|
Could you also please add a link to the relevant RFC ? |
|
These are the two RFCs, the last, this, and the upcoming PRs are based on. |
src/httpauth/digest.c
Outdated
| @@ -16,21 +16,37 @@ | |||
| #include <re_httpauth.h> | |||
|
|
|||
|
|
|||
| enum { | |||
| CNONCE_NC_SIZE = 9, /* 8 characters + '\0' */ | |||
| }; | |||
There was a problem hiding this comment.
you are right, its not used anymore. it was to store the cnonce and nc as strings
it is removed now
could you also add RFC7617 to the README ? I had one more comment, apart from that it looks ready to merge. |
|
The next release (3.6.0) is scheduled for Wed 18. October. |
|
Sry for the late response. I can make the changes only after the 18th. So i would suggest to wait for the release and my last fixes. Then its ready to go for 3.7 |
|
Okay, it is scheduled for after 3.6.0 release If you dont have time to work on fixing review comments, please consider to close the PR |
+ definition of response struct using char* to save the parameters + added decoding for new fields in http digest challenge struct + response calculation supports qop: none, auth, auth-int + supported hash algorithm: MD5, SHA1, SHA265 and -sess variants
cHuberCoffee
force-pushed
the
httpauth_digest_response
branch
from
e6a2361 to
c0bcd40
Compare
|
I'm not sure what happens in the FreeBSD test. But i looks like the test is hanging in an bootloop. I checked it and it gets the same output over and over again. Its running for over 3h right now. There is no other output than the repeating boot messages. |
|
I've just disabled the FreeBSD workflow for now (until its more stable): |
No description provided.