Bug 1263338
Summary: | squid with digest auth on big endian systems start looping | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Ondřej Pták <optak> | ||||
Component: | squid | Assignee: | Luboš Uhliarik <luhliari> | ||||
Status: | CLOSED ERRATA | QA Contact: | Ondřej Pták <optak> | ||||
Severity: | unspecified | Docs Contact: | |||||
Priority: | unspecified | ||||||
Version: | 7.2 | CC: | lmiksik, luhliari, psimerda, thozza | ||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | 3.3.8-21 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | |||||||
: | 1315662 (view as bug list) | Environment: | |||||
Last Closed: | 2015-11-19 12:20:42 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1315662 | ||||||
Attachments: |
|
Description
Ondřej Pták
2015-09-15 15:03:13 UTC
Created attachment 1073712 [details]
squid.conf
Note: this is not a regression, it's just 1st time of running the test on rhel-7 at big endian systems. The same problem is in squid-3.3.8-12.el7_0. On RHEL-6 (squid-3.1.23-9.el6) there is no such problem. Thanks Ondřej for helping with the debugging. The infinite loop is located in `auth_digest.cc` function `authenticateDigestNonceNew()`: 186 while ((temp = authenticateDigestNonceFindNonce((char const *) (newnonce->key)))) { 187 /* create a new nonce */ 188 newnonce->noncedata.randomdata = squid_random(); 189 /* Bug 3526 high performance fix: add 1 second to creationtime to avoid duplication */ 190 ++newnonce->noncedata.creationtime; 191 authDigestNonceEncode(newnonce); 192 } So far the most suspicious part is a typecast in `authenticateDigestNonceFindNonce()`: 354 nonce = static_cast < digest_nonce_h * >(hash_lookup(digest_nonce_cache, nonceb64)); As the problem depends on endianess, my first guess is endianess of `struct _digest_nonce_h` members. Got it. The problem is not in the typecasts but rather in the base64 code turning a binary string into a base64 encoded string. The code not only checks the data pointer for being non-NULL but also the first byte for being non-zero and returns an empty string otherwise! base64.c:149 if (!data || !*data || !result || result_size < 1 || data_size < 1) It's binary data. I don't see any reason not to encode binary data starting with a zero byte. The first struct member is a relatively small number and therefore is encoded as a sequence of non-zero and zero bytes in little endian byte order. In big endian it is the other way round, starting with a zero byte. Unless there is another issue, the following patch should fix it. --- ./lib/base64.c.orig 2015-09-17 13:35:07.654617797 +0200 +++ ./lib/base64.c 2015-09-17 13:35:35.734700154 +0200 @@ -146,7 +146,7 @@ int char_count = 0; int out_cnt = 0; - if (!data || !*data || !result || result_size < 1 || data_size < 1) + if (!data || !result || result_size < 1 || data_size < 1) return 0; if (!base64_initialized) Let's see what upstream thinks about the patch. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-2378.html |