Re: [libmicrohttpd] [digest-auth]: bug in hash algorithm

[Christian Grothoff]

Hi!

Thank you for the diagnosis and the fix.  Committed as SVN 14203.

Happy hacking!

Christian

On Tuesday, January 18, 2011 08:58:43 am Andreas Wehrmann wrote:
> Hello!
> 
> I wrote a little testpage that I deliver using libmicrohttpd using
> digest authentication.
> The testpage consists of four files (framed page + image file).
> When I initially connected to the webserver via the browser it correctly
> challenged me
> for my credentials. However, after entering the username and password
> the index file
> got loaded but it happened that the browser then challenged me again for
> each
> additional file to be loaded.
> Since this is very annoying I tried increasing the nonce table size to 3000
> (was default) but it was no good.
> I then dug a little deeper and found out, that the hash algorithm to
> determine the index
> for a given nonce always returned zero thus overwriting other nonces.
> The offending line is at check_nonce_nc() in digestauth.c:313:
> 
> off = (off << 8) | (*np & (off >> 24));
> 
> whereas is should be:
> 
> off = (off << 8) | (*np ^ (off >> 24));
> 
> Since "off" is initialized with zero and an unsigned integer
> a logical AND returns zero which is not right obviously.
> After this fix, the server challenged me only once and I got "random"
> indices.
> I found the problem in libmicrohttpd 0.9.5.
> 
> Best regards,
> Andreas Wehrmann