diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-02 12:29:38 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-04 15:47:36 +0300 |
commit | 5658583a8811537a5a42d5c7a93d6b4d9c685327 (patch) | |
tree | 4a1476f6661a2cd4c15af7a970bdf4f2248c5fd9 /src/microhttpd/digestauth.c | |
parent | 6245c9a0a2d5dadbb87474b36f09a07ec0cf6d26 (diff) | |
download | libmicrohttpd-5658583a8811537a5a42d5c7a93d6b4d9c685327.tar.gz libmicrohttpd-5658583a8811537a5a42d5c7a93d6b4d9c685327.zip |
digestauth: increased timestamp to 48 bits
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 45 |
1 files changed, 30 insertions, 15 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index f009a6f2..250276d1 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -42,9 +42,17 @@ | |||
42 | #endif /* MHD_W32_MUTEX_ */ | 42 | #endif /* MHD_W32_MUTEX_ */ |
43 | 43 | ||
44 | /** | 44 | /** |
45 | * 32 bit value is 4 bytes | 45 | * 48 bit value in bytes |
46 | */ | 46 | */ |
47 | #define TIMESTAMP_BIN_SIZE 4 | 47 | #define TIMESTAMP_BIN_SIZE (48 / 8) |
48 | |||
49 | |||
50 | /** | ||
51 | * Trim value to the TIMESTAMP_BIN_SIZE size | ||
52 | */ | ||
53 | #define TRIM_TO_TIMESTAMP(value) \ | ||
54 | ((value) & ((UINT64_C(1) << (TIMESTAMP_BIN_SIZE * 8)) - 1)) | ||
55 | |||
48 | 56 | ||
49 | /** | 57 | /** |
50 | * Standard server nonce length, not including terminating null, | 58 | * Standard server nonce length, not including terminating null, |
@@ -718,7 +726,7 @@ MHD_digest_auth_get_username (struct MHD_Connection *connection) | |||
718 | * must provide NONCE_STD_LEN(da->digest_size)+1 bytes | 726 | * must provide NONCE_STD_LEN(da->digest_size)+1 bytes |
719 | */ | 727 | */ |
720 | static void | 728 | static void |
721 | calculate_nonce (uint32_t nonce_time, | 729 | calculate_nonce (uint64_t nonce_time, |
722 | const char *method, | 730 | const char *method, |
723 | const char *rnd, | 731 | const char *rnd, |
724 | size_t rnd_size, | 732 | size_t rnd_size, |
@@ -727,7 +735,7 @@ calculate_nonce (uint32_t nonce_time, | |||
727 | struct DigestAlgorithm *da, | 735 | struct DigestAlgorithm *da, |
728 | char *nonce) | 736 | char *nonce) |
729 | { | 737 | { |
730 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; | 738 | uint8_t timestamp[TIMESTAMP_BIN_SIZE]; |
731 | const unsigned int digest_size = da->digest_size; | 739 | const unsigned int digest_size = da->digest_size; |
732 | char tmpnonce[VLA_ARRAY_LEN_DIGEST (digest_size)]; | 740 | char tmpnonce[VLA_ARRAY_LEN_DIGEST (digest_size)]; |
733 | 741 | ||
@@ -735,10 +743,17 @@ calculate_nonce (uint32_t nonce_time, | |||
735 | mhd_assert (0 != digest_size); | 743 | mhd_assert (0 != digest_size); |
736 | VLA_CHECK_LEN_DIGEST (digest_size); | 744 | VLA_CHECK_LEN_DIGEST (digest_size); |
737 | da->init (da->ctx); | 745 | da->init (da->ctx); |
738 | timestamp[0] = (unsigned char) ((nonce_time & 0xff000000) >> 0x18); | 746 | /* If the nonce_time is milliseconds, then the same 48 bit value will repeat |
739 | timestamp[1] = (unsigned char) ((nonce_time & 0x00ff0000) >> 0x10); | 747 | * every 8 925 years, which is more than enough to mitigate a replay attack */ |
740 | timestamp[2] = (unsigned char) ((nonce_time & 0x0000ff00) >> 0x08); | 748 | #if TIMESTAMP_BIN_SIZE != 6 |
741 | timestamp[3] = (unsigned char) ((nonce_time & 0x000000ff)); | 749 | #error The code needs to be updated here |
750 | #endif | ||
751 | timestamp[0] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 0))); | ||
752 | timestamp[1] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 1))); | ||
753 | timestamp[2] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 2))); | ||
754 | timestamp[3] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 3))); | ||
755 | timestamp[4] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 4))); | ||
756 | timestamp[5] = (uint8_t) (nonce_time >> (8 * (TIMESTAMP_BIN_SIZE - 1 - 5))); | ||
742 | da->update (da->ctx, | 757 | da->update (da->ctx, |
743 | timestamp, | 758 | timestamp, |
744 | sizeof (timestamp)); | 759 | sizeof (timestamp)); |
@@ -923,8 +938,8 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
923 | char response[MAX_AUTH_RESPONSE_LENGTH]; | 938 | char response[MAX_AUTH_RESPONSE_LENGTH]; |
924 | const char *hentity = NULL; /* "auth-int" is not supported */ | 939 | const char *hentity = NULL; /* "auth-int" is not supported */ |
925 | char noncehashexp[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST (digest_size)) + 1]; | 940 | char noncehashexp[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST (digest_size)) + 1]; |
926 | uint32_t nonce_time; | 941 | uint64_t nonce_time; |
927 | uint32_t t; | 942 | uint64_t t; |
928 | size_t left; /* number of characters left in 'header' for 'uri' */ | 943 | size_t left; /* number of characters left in 'header' for 'uri' */ |
929 | uint64_t nci; | 944 | uint64_t nci; |
930 | char *qmark; | 945 | char *qmark; |
@@ -992,7 +1007,7 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
992 | return MHD_NO; | 1007 | return MHD_NO; |
993 | } | 1008 | } |
994 | if (TIMESTAMP_BIN_SIZE * 2 != | 1009 | if (TIMESTAMP_BIN_SIZE * 2 != |
995 | MHD_strx_to_uint32_n_ (nonce + len - TIMESTAMP_BIN_SIZE * 2, | 1010 | MHD_strx_to_uint64_n_ (nonce + len - TIMESTAMP_BIN_SIZE * 2, |
996 | TIMESTAMP_BIN_SIZE * 2, | 1011 | TIMESTAMP_BIN_SIZE * 2, |
997 | &nonce_time)) | 1012 | &nonce_time)) |
998 | { | 1013 | { |
@@ -1002,14 +1017,14 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1002 | #endif | 1017 | #endif |
1003 | return MHD_NO; | 1018 | return MHD_NO; |
1004 | } | 1019 | } |
1005 | t = (uint32_t) MHD_monotonic_sec_counter (); | 1020 | |
1021 | t = (uint64_t) MHD_monotonic_sec_counter (); | ||
1006 | /* | 1022 | /* |
1007 | * First level vetting for the nonce validity: if the timestamp | 1023 | * First level vetting for the nonce validity: if the timestamp |
1008 | * attached to the nonce exceeds `nonce_timeout', then the nonce is | 1024 | * attached to the nonce exceeds `nonce_timeout', then the nonce is |
1009 | * invalid. | 1025 | * invalid. |
1010 | */ | 1026 | */ |
1011 | if ( (t > nonce_time + nonce_timeout) || | 1027 | if (TRIM_TO_TIMESTAMP (t - nonce_time) > nonce_timeout) |
1012 | (nonce_time + nonce_timeout < nonce_time) ) | ||
1013 | { | 1028 | { |
1014 | /* too old */ | 1029 | /* too old */ |
1015 | return MHD_INVALID_NONCE; | 1030 | return MHD_INVALID_NONCE; |
@@ -1432,7 +1447,7 @@ MHD_queue_auth_fail_response2 (struct MHD_Connection *connection, | |||
1432 | 1447 | ||
1433 | VLA_CHECK_LEN_DIGEST (da.digest_size); | 1448 | VLA_CHECK_LEN_DIGEST (da.digest_size); |
1434 | /* Generating the server nonce */ | 1449 | /* Generating the server nonce */ |
1435 | calculate_nonce ((uint32_t) MHD_monotonic_sec_counter (), | 1450 | calculate_nonce ((uint64_t) MHD_monotonic_sec_counter (), |
1436 | connection->method, | 1451 | connection->method, |
1437 | connection->daemon->digest_auth_random, | 1452 | connection->daemon->digest_auth_random, |
1438 | connection->daemon->digest_auth_rand_size, | 1453 | connection->daemon->digest_auth_rand_size, |