alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

fix(esp_http_client): Fix http digest auth without qop

Browse Source 
Closes https://github.com/espressif/esp-idf/issues/12962
This commit is contained in:
Harshit Malpani 2024-01-15 12:08:04 +05:30
parent 7bb236254e
commit bc901c0a3a
No known key found for this signature in database
GPG Key ID: 441A8ACC7853D493
2 changed files with 21 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
components/esp_http_client/esp_http_client.c
View File

@ -619,7 +619,6 @@ static esp_err_t esp_http_client_prepare(esp_http_client_handle_t client)
}
client->auth_data->cnonce = ((uint64_t)esp_random() << 32) + esp_random();
auth_response = http_auth_digest(client->connection_info.username, client->connection_info.password, client->auth_data);
client->auth_data->nc ++;
#endif
}

23
components/esp_http_client/lib/http_auth.c
View File

@ -172,19 +172,38 @@ char *http_auth_digest(const char *username, const char *password, esp_http_auth
goto _digest_exit;
}
} else {
/* Although as per RFC-2617, "qop" directive is optional in order to maintain backward compatibality, it is recommended
to use it if the server indicated that qop is supported. This enhancement was introduced to protect against attacks
like chosen-plaintext attack. */
ESP_LOGW(TAG, "\"qop\" directive not found. This may lead to attacks like chosen-plaintext attack");
// response=digest_func(HA1:nonce:HA2)
if (digest_func(digest, "%s:%s:%s", ha1, auth_data->nonce, ha2) <= 0) {
goto _digest_exit;
}
}
int rc = asprintf(&auth_str, "Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", algorithm=%s, "
"response=\"%s\", qop=%s, nc=%08x, cnonce=\"%016"PRIx64"\"",
username, auth_data->realm, auth_data->nonce, auth_data->uri, auth_data->algorithm, digest, auth_data->qop, auth_data->nc, auth_data->cnonce);
"response=\"%s\"", username, auth_data->realm, auth_data->nonce, auth_data->uri, auth_data->algorithm, digest);
if (rc < 0) {
ESP_LOGE(TAG, "asprintf() returned: %d", rc);
ret = ESP_FAIL;
goto _digest_exit;
}
if (auth_data->qop) {
rc = asprintf(&temp_auth_str, ", qop=%s, nc=%08x, cnonce=\"%016"PRIx64"\"", auth_data->qop, auth_data->nc, auth_data->cnonce);
if (rc < 0) {
ESP_LOGE(TAG, "asprintf() returned: %d", rc);
ret = ESP_FAIL;
goto _digest_exit;
}
auth_str = http_utils_append_string(&auth_str, temp_auth_str, strlen(temp_auth_str));
if (!auth_str) {
ret = ESP_FAIL;
goto _digest_exit;
}
free(temp_auth_str);
auth_data->nc ++;
}
if (auth_data->opaque) {
rc = asprintf(&temp_auth_str, "%s, opaque=\"%s\"", auth_str, auth_data->opaque);
// Free the previous memory allocated for `auth_str`