[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] [digest-auth]: bug in hash algorithm

From: Andreas Wehrmann
Subject: [libmicrohttpd] [digest-auth]: bug in hash algorithm
Date: Tue, 18 Jan 2011 08:58:43 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7


I wrote a little testpage that I deliver using libmicrohttpd using digest authentication.
The testpage consists of four files (framed page + image file).
When I initially connected to the webserver via the browser it correctly challenged me for my credentials. However, after entering the username and password the index file got loaded but it happened that the browser then challenged me again for each
additional file to be loaded.
Since this is very annoying I tried increasing the nonce table size to 3000
(was default) but it was no good.
I then dug a little deeper and found out, that the hash algorithm to determine the index
for a given nonce always returned zero thus overwriting other nonces.
The offending line is at check_nonce_nc() in digestauth.c:313:

off = (off << 8) | (*np & (off >> 24));

whereas is should be:

off = (off << 8) | (*np ^ (off >> 24));

Since "off" is initialized with zero and an unsigned integer
a logical AND returns zero which is not right obviously.
After this fix, the server challenged me only once and I got "random" indices.
I found the problem in libmicrohttpd 0.9.5.

Best regards,
Andreas Wehrmann

Dipl.-Ing. (FH) Andreas Wehrmann
Software Development
Center Communication Systems GmbH
A-1210 Wien, Ignaz-Köck-Straße 19
Sitz in Wien
FN 796 88p, Firmenbuchgericht Wien

Tel.: +43 (0) 190 199 - 3616
Mobile: +43 (0) 664 884 75916
Fax: +43 (0) 190 199 - 2110
E-Mail: address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]