You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by rn...@apache.org on 2023/10/05 09:19:17 UTC

[couchdb] branch send-original-cookie-format created (now b3385d268)

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a change to branch send-original-cookie-format
in repository https://gitbox.apache.org/repos/asf/couchdb.git


      at b3385d268 Send compatible AuthSession cookie when possible.

This branch includes the following new commits:

     new b3385d268 Send compatible AuthSession cookie when possible.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[couchdb] 01/01: Send compatible AuthSession cookie when possible.

Posted by rn...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a commit to branch send-original-cookie-format
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit b3385d268c7ab7b91715655897160c587ea7fe8a
Author: Robert Newson <rn...@apache.org>
AuthorDate: Thu Oct 5 10:06:05 2023 +0100

    Send compatible AuthSession cookie when possible.
    
    To smooth cluster upgrades, send the original format of AuthSession cookie if
    MustMatchBasic is false (i.e, when generating a Cookie from a successful
    cookie_auth_handler call).
    
    Prior to this (and after 50c69a0c68), during an upgrade, a cookie issued by
    the basic auth handler from an upgraded node will not be parseable by
    not-upgraded nodes.
    
    With this change a cookie issued by the cookie_auth_handler retains its
    original format. Only cookies issued by the default_auth_handler will
    be the new format.
    
    Relates to https://github.com/apache/couchdb/pull/4702
---
 src/couch/src/couch_httpd_auth.erl | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/couch/src/couch_httpd_auth.erl b/src/couch/src/couch_httpd_auth.erl
index c1e4c8e42..32ab7cd3f 100644
--- a/src/couch/src/couch_httpd_auth.erl
+++ b/src/couch/src/couch_httpd_auth.erl
@@ -460,16 +460,17 @@ cookie_auth_header(
 cookie_auth_header(_Req, _Headers) ->
     [].
 
-cookie_auth_cookie(Req, User, Secret, TimeStamp, MustMatchBasic) ->
-    MustMatchBasicStr =
-        case MustMatchBasic of
-            true -> "1";
-            false -> "0"
-        end,
+cookie_auth_cookie(Req, User, Secret, TimeStamp, true) ->
     SessionData = lists:join(":", [
         User,
-        lists:join(",", [erlang:integer_to_list(TimeStamp, 16), MustMatchBasicStr])
+        lists:join(",", [erlang:integer_to_list(TimeStamp, 16), "1"])
     ]),
+    cookie_auth_cookie(Req, Secret, SessionData);
+cookie_auth_cookie(Req, User, Secret, TimeStamp, false) ->
+    SessionData = User ++ ":" ++ erlang:integer_to_list(TimeStamp, 16),
+    cookie_auth_cookie(Req, Secret, SessionData).
+
+cookie_auth_cookie(Req, Secret, SessionData) ->
     [HashAlgorithm | _] = couch_util:get_config_hash_algorithms(),
     Hash = couch_util:hmac(HashAlgorithm, Secret, SessionData),
     mochiweb_cookies:cookie(