From 54772c93b534979ab28f88a42eca429edf15d483 Mon Sep 17 00:00:00 2001 From: "Steinar H. Gunderson" Date: Tue, 30 Jun 2009 13:34:44 +0200 Subject: [PATCH] Implement support for HTTP digest authentication (RFC2617). --- doc/modules.txt | 1 + perl/Sesse/pr0n/Common.pm | 171 ++++++++++++++++++++++++++++++++++---- sql/pr0n.sql | 3 +- sql/upgrade-v2.71.sql | 1 + 4 files changed, 157 insertions(+), 19 deletions(-) diff --git a/doc/modules.txt b/doc/modules.txt index aebdf80..919e388 100644 --- a/doc/modules.txt +++ b/doc/modules.txt @@ -8,6 +8,7 @@ MIME::Types libmime-types-perl Sending the right MIME ty DBD::Pg libdbd-pg-perl PostgreSQL connection Image::ExifTool libimage-exiftool-perl Parsing EXIF data Digest::SHA1 libdigest-sha1-perl Verifying passwords +Digest::HMAC_SHA1 libdigest-hmac-perl Verifying digest passwords HTML::TagCloud libhtml-tagcloud-perl Tag cloud on /+tags/ jpegtran libjpeg-progs Lossless JPEG rotation dcraw dcraw NEF support diff --git a/perl/Sesse/pr0n/Common.pm b/perl/Sesse/pr0n/Common.pm index 14ae88b..4a552c4 100644 --- a/perl/Sesse/pr0n/Common.pm +++ b/perl/Sesse/pr0n/Common.pm @@ -18,7 +18,9 @@ use DBI; use DBD::Pg; use Image::Magick; use POSIX; +use Digest::MD5; use Digest::SHA1; +use Digest::HMAC_SHA1; use MIME::Base64; use MIME::Types; use LWP::Simple; @@ -317,41 +319,56 @@ sub check_access { my $auth = $r->headers_in->{'authorization'}; if (!defined($auth)) { - output_401($r); + output_401($r, 0); return undef; - } + } + $r->log->warn("Auth: $auth"); if ($auth =~ /^Basic ([a-zA-Z0-9+\/]+=*)$/) { return check_basic_auth($r, $1); + } + if ($auth =~ /^Digest (.*)$/) { + return check_digest_auth($r, $1); } - output_401($r); + output_401($r, 0); return undef; } sub output_401 { - my $r = shift; + my ($r, %options) = @_; $r->content_type('text/plain; charset=utf-8'); $r->status(401); $r->headers_out->{'www-authenticate'} = 'Basic realm="pr0n.sesse.net"'; + + if ($options{'DigestAuth'} // 1) { + # We make our nonce similar to the scheme of RFC2069 section 2.1.1, + # with some changes: We don't care about client IP (these have a nasty + # tendency to change from request to request when load-balancing + # proxies etc. are being used), and we use HMAC instead of simple + # hashing simply because that's a better signing method. + # + # NOTE: For some weird reason, Digest::HMAC_SHA1 doesn't like taking + # the output from time directly (it gives a different response), so we + # forcefully stringify the argument. + my $ts = time; + my $nonce = Digest::HMAC_SHA1->hmac_sha1_hex($ts . "", $Sesse::pr0n::Config::db_password); + my $stale_nonce_text = ""; + $stale_nonce_text = ", stale=\"true\"" if ($options{'StaleNonce'} // 0); + + $r->headers_out->{'www-authenticate'} = + "Digest realm=\"pr0n.sesse.net\", " . + "nonce=\"$nonce\", " . + "opaque=\"$ts\", " . + "qop=\"auth\"" . $stale_nonce_text; # FIXME: support auth-int + } + $r->print("Need authorization\n"); } sub check_basic_auth { my ($r, $auth) = @_; - my ($user, $pass) = split /:/, MIME::Base64::decode_base64($auth); - - # WinXP is stupid :-) - if ($user =~ /^.*\\(.*)$/) { - $user = $1; - } - - my $takenby; - if ($user =~ /^([a-zA-Z0-9^_-]+)\@([a-zA-Z0-9^_-]+)$/) { - $user = $1; - $takenby = $2; - } else { - ($takenby = $user) =~ s/^([a-zA-Z])/uc($1)/e; - } + my ($raw_user, $pass) = split /:/, MIME::Base64::decode_base64($auth); + my ($user, $takenby) = extract_takenby($raw_user); my $oldpass = $pass; $pass = Digest::SHA1::sha1_base64($pass); @@ -368,6 +385,124 @@ sub check_basic_auth { return ($user, $takenby); } + +sub check_digest_auth { + my ($r, $auth) = @_; + + # We're a bit more liberal than RFC2069 in the parsing here, allowing + # quoted strings everywhere. + my %auth = (); + while ($auth =~ s/^ ([a-zA-Z]+) # key + = + ( + [^",]* # either something that doesn't contain comma or quotes + | + " ( [^"\\] | \\ . ) * " # or a full quoted string + ) + (?: (?: , \s* ) + | $ ) # delimiter(s), or end of string + //x) { + my ($key, $value) = ($1, $2); + if ($value =~ /^"(.*)"$/) { + $value = $1; + $value =~ s/\\(.)/$1/g; + } + $auth{$key} = $value; + } + unless (exists($auth{'username'}) && + exists($auth{'uri'}) && + exists($auth{'nonce'}) && + exists($auth{'opaque'}) && + exists($auth{'response'})) { + output_401($r); + return undef; + } + if ($r->uri ne $auth{'uri'}) { + output_401($r); + return undef; + } + + # Verify that the opaque data does indeed look like a timestamp, and that the nonce + # is indeed a signed version of it. + if ($auth{'opaque'} !~ /^\d+$/) { + output_401($r); + return undef; + } + my $compare_nonce = Digest::HMAC_SHA1->hmac_sha1_hex($auth{'opaque'}, $Sesse::pr0n::Config::db_password); + if ($auth{'nonce'} ne $compare_nonce) { + output_401($r); + return undef; + } + + # Now look up the user's HA1 from the database, and calculate HA2. + my ($user, $takenby) = extract_takenby($auth{'username'}); + my $ref = $dbh->selectrow_hashref('SELECT digest_ha1_hex FROM users WHERE username=? AND vhost=?', + undef, $user, $r->get_server_name); + if (!defined($ref)) { + output_401($r); + return undef; + } + if (!defined($ref->{'digest_ha1_hex'}) || $ref->{'digest_ha1_hex'} !~ /^[0-9a-f]{32}$/) { + # A user that exists but has empty HA1 is a user that's not + # ready for digest auth, so we hack it and resend 401, + # only this time without digest auth. + output_401($r, DigestAuth => 0); + return undef; + } + my $ha1 = $ref->{'digest_ha1_hex'}; + my $ha2 = Digest::MD5::md5_hex($r->method . ':' . $auth{'uri'}); + my $response; + if (exists($auth{'qop'}) && $auth{'qop'} eq 'auth') { + unless (exists($auth{'nc'}) && exists($auth{'cnonce'})) { + output_401($r); + return undef; + } + + $response = $ha1; + $response .= ':' . $auth{'nonce'}; + $response .= ':' . $auth{'nc'}; + $response .= ':' . $auth{'cnonce'}; + $response .= ':' . $auth{'qop'}; + $response .= ':' . $ha2; + } else { + $response = $ha1; + $response .= ':' . $auth{'nonce'}; + $response .= ':' . $ha2; + } + if ($auth{'response'} ne Digest::MD5::md5_hex($response)) { + output_401($r); + return undef; + } + + # OK, everything is good, and there's only one thing we need to check: That the nonce + # isn't too old. If it is, but everything else is ok, we tell the browser that and it + # will re-encrypt with the new nonce. + my $timediff = time - $auth{'opaque'}; + if ($timediff < 0 || $timediff > 300) { + output_401($r, StaleNonce => 1); + return undef; + } + + return ($user, $takenby); +} + +sub extract_takenby { + my ($user) = shift; + + # WinXP is stupid :-) + if ($user =~ /^.*\\(.*)$/) { + $user = $1; + } + + my $takenby; + if ($user =~ /^([a-zA-Z0-9^_-]+)\@([a-zA-Z0-9^_-]+)$/) { + $user = $1; + $takenby = $2; + } else { + ($takenby = $user) =~ s/^([a-zA-Z])/uc($1)/e; + } + + return ($user, $takenby); +} sub stat_image { my ($r, $event, $filename) = (@_); diff --git a/sql/pr0n.sql b/sql/pr0n.sql index 5f89f6c..c8901e2 100644 --- a/sql/pr0n.sql +++ b/sql/pr0n.sql @@ -72,7 +72,8 @@ CREATE TABLE shadow_files ( CREATE TABLE users ( username character varying NOT NULL, sha1password character(28) NOT NULL, - vhost character varying NOT NULL + vhost character varying NOT NULL, + digest_ha1_hex character(32) ); -- Mainly used for manual queries -- usually too slow to be very useful diff --git a/sql/upgrade-v2.71.sql b/sql/upgrade-v2.71.sql index 70b9108..8fce91d 100644 --- a/sql/upgrade-v2.71.sql +++ b/sql/upgrade-v2.71.sql @@ -3,4 +3,5 @@ -- ALTER TABLE last_picture_cache ADD COLUMN last_update TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(); ALTER TABLE events DROP COLUMN last_update; +ALTER TABLE users ADD COLUMN digest_ha1_hex character(32); -- 2.39.2