[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] [digest-auth]: bug in hash algorithm
From: |
Christian Grothoff |
Subject: |
Re: [libmicrohttpd] [digest-auth]: bug in hash algorithm |
Date: |
Wed, 19 Jan 2011 00:00:53 +0100 |
User-agent: |
KMail/1.13.5 (Linux/2.6.35-24-generic; KDE/4.5.1; i686; ; ) |
Hi!
Thank you for the diagnosis and the fix. Committed as SVN 14203.
Happy hacking!
Christian
On Tuesday, January 18, 2011 08:58:43 am Andreas Wehrmann wrote:
> Hello!
>
> I wrote a little testpage that I deliver using libmicrohttpd using
> digest authentication.
> The testpage consists of four files (framed page + image file).
> When I initially connected to the webserver via the browser it correctly
> challenged me
> for my credentials. However, after entering the username and password
> the index file
> got loaded but it happened that the browser then challenged me again for
> each
> additional file to be loaded.
> Since this is very annoying I tried increasing the nonce table size to 3000
> (was default) but it was no good.
> I then dug a little deeper and found out, that the hash algorithm to
> determine the index
> for a given nonce always returned zero thus overwriting other nonces.
> The offending line is at check_nonce_nc() in digestauth.c:313:
>
> off = (off << 8) | (*np & (off >> 24));
>
> whereas is should be:
>
> off = (off << 8) | (*np ^ (off >> 24));
>
> Since "off" is initialized with zero and an unsigned integer
> a logical AND returns zero which is not right obviously.
> After this fix, the server challenged me only once and I got "random"
> indices.
> I found the problem in libmicrohttpd 0.9.5.
>
> Best regards,
> Andreas Wehrmann