subject:"\[jira\] \[Commented\] \(COUCHDB\-1607\) cookie_authentication_handler does not properly handle AuthSession signatures starting with \: character\(s\)"

[jira] [Commented] (COUCHDB-1607) cookie_authentication_handler does not properly handle AuthSession signatures starting with : character(s)

2012-11-18 Thread Robert Newson (JIRA)

[
https://issues.apache.org/jira/browse/COUCHDB-1607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13499782#comment-13499782
]

Robert Newson commented on COUCHDB-1607:

Nathan, nice sleuthing. If the HashPart (aka _C) begins with a : we'll get a
verification failure, the same is true for a HashPart with any two or more
consecutive :'s, for the same reason. All because string:tokens silently
omits empty tokens, rather than leaving a spacer. The re:split/2 method fixes
that neatly.

The list/binary stuff is annoying but not strictly related.

And here's the difference itself;

string:tokens(User:Time:Foo::Bar,:) - [User,Time,Foo,Bar]
re:split(User:Time:Foo::Bar,:) -
[User,Time,Foo,,Bar]

That's a hash part that, by chance, has two adjacent colon characters. Since
it's silently dropped in the first case, a subsequent join with : will not
produce the original string. boom.

cookie_authentication_handler does not properly handle AuthSession signatures
starting with : character(s)

Key: COUCHDB-1607
URL: https://issues.apache.org/jira/browse/COUCHDB-1607
Project: CouchDB
Issue Type: Bug
Affects Versions: 1.2
Reporter: Nathan Vander Wilt
Priority: Critical

AuthSession cookies will intermittently break — a user will have a
perfectly valid session, but suddenly after their cookie gets refreshed they
can randomly get logged out for practical purposes.
The cause is that Erlang's `string:tokens` behaviour does act as this code
expects:
https://github.com/apache/couchdb/blob/7d4181346626c0cdb50b44f7e5e33435a8ccae0f/src/couchdb/couch_httpd_auth.erl#L163
https://github.com/apache/couchdb/blob/7d4181346626c0cdb50b44f7e5e33435a8ccae0f/src/couchdb/couch_httpd_auth.erl#L183
After evaluating `[A,B | C] = string:tokens(a:b::c:d).` the value of C is
not `[,c,d]` but rather `[c,d]`. So when rejoined, the signature
becomes c:d instead of the original :c:d!
It appears that using re.split/2 would avoid this problem, but yields a
list/array result containing instead of types, which string:join
does not like. Should be pretty quick fix though for someone who knows just a
bit more of the Erlang way.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (COUCHDB-1607) cookie_authentication_handler does not properly handle AuthSession signatures starting with : character(s)

2012-11-17 Thread Dale Harvey (JIRA)


[ 
https://issues.apache.org/jira/browse/COUCHDB-1607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13499581#comment-13499581
 ] 

Dale Harvey commented on COUCHDB-1607:
--

Good debugging, you can use  re:split(a:b:c, :, [{return, list}]). although 
I would be worried about 1. why its using lists at all, 2. why is it generating 
an empty value in the first place?

 cookie_authentication_handler does not properly handle AuthSession signatures 
 starting with : character(s)
 

 Key: COUCHDB-1607
 URL: https://issues.apache.org/jira/browse/COUCHDB-1607
 Project: CouchDB
  Issue Type: Bug
Affects Versions: 1.2
Reporter: Nathan Vander Wilt
Priority: Critical

 AuthSession cookies will intermittently break — a user will have a 
 perfectly valid session, but suddenly after their cookie gets refreshed they 
 can randomly get logged out for practical purposes.
 The cause is that Erlang's `string:tokens` behaviour does act as this code 
 expects:
 https://github.com/apache/couchdb/blob/7d4181346626c0cdb50b44f7e5e33435a8ccae0f/src/couchdb/couch_httpd_auth.erl#L163
 https://github.com/apache/couchdb/blob/7d4181346626c0cdb50b44f7e5e33435a8ccae0f/src/couchdb/couch_httpd_auth.erl#L183
 After evaluating `[A,B | C] = string:tokens(a:b::c:d).` the value of C is 
 not `[,c,d]` but rather `[c,d]`. So when rejoined, the signature 
 becomes c:d instead of the original :c:d!
 It appears that using re.split/2 would avoid this problem, but yields a 
 list/array result containing  instead of  types, which string:join 
 does not like. Should be pretty quick fix though for someone who knows just a 
 bit more of the Erlang way.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (COUCHDB-1607) cookie_authentication_handler does not properly handle AuthSession signatures starting with : character(s)

[jira] [Commented] (COUCHDB-1607) cookie_authentication_handler does not properly handle AuthSession signatures starting with : character(s)

2 matches

Site Navigation

Mail list logo

Footer information