-
-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SASL' MAX_READ_BYTES is too small #215
Comments
I increased the read size to 1 MByte, this should be enough for everything. |
I believe another issue with cookie here: dbus-java/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java Lines 387 to 390 in 9bc3c2c
Here is challenge string generated, but result of the operation is set to Retrieving cookie from keyring is also buggy: dbus-java/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java Lines 99 to 107 in 9bc3c2c
Both cookie filter clauses (tm.getElapsedSeconds() + MAX_TIME_TRAVEL_SECONDS) < timestamp and tm.getElapsedSeconds() - EXPIRE_KEYS_TIMEOUT_SECONDS > timestamp) contains tm.getElapsedSeconds() , which is seconds since creating of TimeMeasure object, so basically always is 0, and timestamp is seconds since unix epoch, which is always waaaay greater than zero, so comparing then is useless and not correct.
|
This patch seems work for me: cookie auth works perfectly for both client & server: ---
.../org/freedesktop/dbus/connections/SASL.java | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java b/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
index 190cf2c..89d2d1e 100644
--- a/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
+++ b/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
@@ -93,15 +93,23 @@ public class SASL {
}
File f = new File(keyringDir, _context);
+ long currentTime = System.currentTimeMillis() / 1000;
try (BufferedReader r = new BufferedReader(new InputStreamReader(new FileInputStream(f)))) {
String s = null;
String lCookie = null;
- TimeMeasure tm = new TimeMeasure();
while (null != (s = r.readLine())) {
String[] line = s.split(" ");
- long timestamp = Long.parseLong(line[1]);
- if (line[0].equals(_id) && !(timestamp < 0 || (tm.getElapsedSeconds() + MAX_TIME_TRAVEL_SECONDS) < timestamp || tm.getElapsedSeconds() - EXPIRE_KEYS_TIMEOUT_SECONDS > timestamp)) {
+ if (line.length != 3) {
+ continue;
+ }
+ long timestamp;
+ try {
+ timestamp = Long.parseLong(line[1]);
+ } catch (NumberFormatException _ex) {
+ continue;
+ }
+ if (line[0].equals(_id) && timestamp >= 0 && currentTime >= timestamp - EXPIRE_KEYS_TIMEOUT_SECONDS && currentTime < timestamp + MAX_TIME_TRAVEL_SECONDS) {
lCookie = line[2];
break;
}
@@ -388,7 +396,7 @@ public class SASL {
logger.debug("Sending challenge: {} {} {}", context, id, challenge);
_c.setResponse(stupidlyEncode(context + ' ' + id + ' ' + challenge));
- return SaslResult.OK;
+ return SaslResult.CONTINUE;
default:
return SaslResult.ERROR;
}
@@ -555,7 +563,7 @@ public class SASL {
switch (c.getCommand()) {
case OK:
send(_sock, BEGIN);
- state = SaslAuthState.AUTHENTICATED;
+ state = SaslAuthState.FINISHED;
break;
case ERROR:
case DATA:
--
2.41.0 |
btw anonymous auth doesn't work with zbus as it wants reply to that empty DATA packet, this is also a fix for it: diff --git a/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java b/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
index 89d2d1e..166c67f 100644
--- a/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
+++ b/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
@@ -352,6 +352,10 @@ public class SASL {
response = stupidlyEncode(buf);
_c.setResponse(stupidlyEncode(clientchallenge + " " + response));
return SaslResult.OK;
+ case AUTH_ANON:
+ // Pong back DATA if server wants it for anonymous auth
+ _c.setResponse(_c.getData() == null ? "" : _c.getData());
+ return SaslResult.OK;
default:
logger.debug("Not DBUS_COOKIE_SHA1 authtype.");
return SaslResult.ERROR; |
@hypfvieh Should I format these patches as pull request or it's fine for you to apply it manually? |
PRs are always welcome |
It's me from #214 again 🙃
I encountered another issue with cookie auth this time.
Look at this:
dbus-java/dbus-java-core/src/main/java/org/freedesktop/dbus/connections/SASL.java
Line 43 in 9bc3c2c
So dbus-java would read at most 64 bytes for each line at auth stage, but let's do some math for cookie auth:
-5 bytes for
DATA
prefix, leftover is hexencoded, so divide by 2 with rounding down = 29 bytes of actual data at max.Cookie auth data consist of 3 parts: cookie context, cookie id and random part, space delimeted, so -2 bytes = 27.
Default cookie context is
org_freedesktop_java
, which is 20 bytes, leftover is 7 bytes.Default cookie id is milliseconds since unix epoch, which is 12 bytes, leftover is... -5 bytes.
Default random part is 8 bytes long, so -13 bytes.
But that's only true for default settings of dbus-java, other implementation can use even longer parts, but as you can see even with that cookie auth is broken
The text was updated successfully, but these errors were encountered: