RE: [PATCH] NTLM: use a fake entropy for debug builds
Date: Wed, 19 Mar 2014 22:13:38 +0000
On Wed, 19 Mar 2014, Daniel Stenberg wrote:
v2 patch attached.
It looks pretty good to me - my only query is regarding the DIGEST-MD5 mod
and my apologies in advance if I have misunderstood this section of code, as
I'm extremely tired at the moment, although I don't think I can use that
excuse for the last two years of working in that area of code ;-)
> > * We should also address curl_sasl.c Line 372 at the same time as that
> > uses 64-bits of static data for debug builds, as well, as cnonce is
> > not changed unless it is a release build
> Hm. The comment and the code didn't match there. It says 64 bits of
> random, but it called Curl_rand() 8 times and uses 4 bits from each call
> and 8 x 4 = 32...
Are you sure about this? Bear in mind that the text isn't a hex
representation of the entropy.
RFC2831 it states that cnonce is:
> A client-specified data string which MUST be different each time a
> digest-response is sent as part of initial authentication. The
> cnonce-value is an opaque quoted string value provided by the
> client and used by both client and server to avoid chosen
> plaintext attacks, and to provide mutual authentication. The
> security of the implementation depends on a good choice. It is
> RECOMMENDED that it contain at least 64 bits of entropy. This
> directive is required and MUST be present exactly once; otherwise,
> authentication fails.
And then goes on to give the following as an example:
which as you can see is 14 characters long and isn't hex encoded.
My understanding of the previous version of code was that it was adding an 8
byte string to the digest so 64-bits of data - however it was using hex only
I don't know if there is any limit on the maximum string to send so I would
be a little nervous of changing it for a 16 character string.
List admin: http://cool.haxx.se/list/listinfo/curl-library
Received on 2014-03-19