You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2019/01/29 10:15:36 UTC
[Bug 63124] New: race condition in mod_auth_digest
https://bz.apache.org/bugzilla/show_bug.cgi?id=63124
Bug ID: 63124
Summary: race condition in mod_auth_digest
Product: Apache httpd-2
Version: 2.4.37
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: mod_auth_digest
Assignee: bugs@httpd.apache.org
Reporter: simon.kappel@axis.com
Target Milestone: ---
Created attachment 36400
--> https://bz.apache.org/bugzilla/attachment.cgi?id=36400&action=edit
fix race condition in mod_auth_digest
When there are requests made from multiple different users
on the same host to the same protection space, a race condition occurs
so that the realmhash from another user may sometimes
be used for validation when comparing digest with
expected digest.
I can reproduce this by running two testscripts which repeatedly requests a
resource using different users.
script1:
while 1
curl -u test:test --digest "http://<ip>/cgi/mycgi.cgi"
script2:
while 1
curl -u test2:test2 --digest" http://<ip>/cgi/mycgi.cgi"
Sometimes the digest module will claim that there is a password mismatch
APLOGNO(01792).
Debugging this i found that the realmhash (ha1) used to compare digests was
sometimes from the wrong user.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 63124] race condition in mod_auth_digest
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63124
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #3 from Christophe JAILLET <ch...@wanadoo.fr> ---
backported in r1855298.
This is part à 2.4.39
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 63124] race condition in mod_auth_digest
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63124
Simon Kappel <si...@axis.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon.kappel@axis.com
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 63124] race condition in mod_auth_digest
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63124
Christophe JAILLET <ch...@wanadoo.fr> changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |FixedInTrunk,
| |PatchAvailable
--- Comment #2 from Christophe JAILLET <ch...@wanadoo.fr> ---
Hi,
thx for the report, the reproducer and the patch.
I've only slightly changed your patch.
'char **rethash' has been turned into 'const char **rethash' to fix a
compilation warning, at least in maintainer-mode.
This has been fixed in trunk in r1853190 and will be proposed soon for backport
in 2.4.x.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 63124] race condition in mod_auth_digest
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63124
--- Comment #1 from Simon Kappel <si...@axis.com> ---
It is my belief that this patch should be merged to trunk.
Please test and review attached patch.
Thanks
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org