[libmicrohttpd] [digest-auth]: bug in hash algorithm

From: Andreas Wehrmann <a.wehrmann@centersystems.com> To: libmicrohttpd@gnu.org Date: Today 08:58:43 am Spam Status: Spamassassin 0% probability of being spam. Full report: Probability=No, score=-3.2 required=7.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.5-tuminfo_1 Hello! I wrote a little testpage that I deliver using libmicrohttpd using digest authentication. The testpage consists of four files (framed page + image file). When I initially connected to the webserver via the browser it correctly challenged me for my credentials. However, after entering the username and password the index file got loaded but it happened that the browser then challenged me again for each additional file to be loaded. Since this is very annoying I tried increasing the nonce table size to 3000 (was default) but it was no good. I then dug a little deeper and found out, that the hash algorithm to determine the index for a given nonce always returned zero thus overwriting other nonces. The offending line is at check_nonce_nc() in digestauth.c:313: off = (off << 8) | (*np & (off >> 24)); whereas is should be: off = (off << 8) | (*np ^ (off >> 24)); Since "off" is initialized with zero and an unsigned integer a logical AND returns zero which is not right obviously. After this fix, the server challenged me only once and I got "random" indices. I found the problem in libmicrohttpd 0.9.5. Best regards, Andreas Wehrmann -- Dipl.-Ing. (FH) Andreas Wehrmann Software Development -------------------------------------------------------------- Center Communication Systems GmbH A-1210 Wien, Ignaz-Köck-Straße 19 Sitz in Wien FN 796 88p, Firmenbuchgericht Wien www.centersystems.com Tel.: +43 (0) 190 199 - 3616 Mobile: +43 (0) 664 884 75916 Fax: +43 (0) 190 199 - 2110 E-Mail: a.wehrmann@centersystems.com
author: Christian Grothoff <christian@grothoff.org> 2011-01-18 23:00:02 +0000
committer: Christian Grothoff <christian@grothoff.org> 2011-01-18 23:00:02 +0000
commit: 5a6952fe90fdfbb311d81fb4ac96027bec867d8e (patch)
tree: 3f41cbb70f862cfd205b5958bc4e031706353216 /src
parent: 3d970622b770a16dde6b1e552d51c48ecdb5d7f1 (diff)
download: libmicrohttpd-5a6952fe90fdfbb311d81fb4ac96027bec867d8e.tar.gz
libmicrohttpd-5a6952fe90fdfbb311d81fb4ac96027bec867d8e.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c
index 72bff56f..4415902b 100644
--- a/src/daemon/digestauth.c
+++ b/src/daemon/digestauth.c
@@ -310,7 +310,7 @@ check_nonce_nc (struct MHD_Connection *connection,
  np = nonce;
  while (*np != '\0')
    {
-      off = (off << 8) | (*np & (off >> 24));
+      off = (off << 8) | (*np ^ (off >> 24));
      np++;
    }
  off = off % mod;
author	Christian Grothoff <christian@grothoff.org>	2011-01-18 23:00:02 +0000
committer	Christian Grothoff <christian@grothoff.org>	2011-01-18 23:00:02 +0000
commit	5a6952fe90fdfbb311d81fb4ac96027bec867d8e (patch)
tree	3f41cbb70f862cfd205b5958bc4e031706353216 /src
parent	3d970622b770a16dde6b1e552d51c48ecdb5d7f1 (diff)
download	libmicrohttpd-5a6952fe90fdfbb311d81fb4ac96027bec867d8e.tar.gz libmicrohttpd-5a6952fe90fdfbb311d81fb4ac96027bec867d8e.zip

diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c index 72bff56f..4415902b 100644 --- a/src/daemon/digestauth.c +++ b/src/daemon/digestauth.c
@@ -310,7 +310,7 @@ check_nonce_nc (struct MHD_Connection *connection,
310	np = nonce;	310	np = nonce;
311	while (*np != '\0')	311	while (*np != '\0')
312	{	312	{
313	off = (off << 8) \| (*np & (off >> 24));	313	off = (off << 8) \| (*np ^ (off >> 24));
314	np++;	314	np++;
315	}	315	}
316	off = off % mod;	316	off = off % mod;