From 4b1f21111f74439220df956238537ea220f794e6 Mon Sep 17 00:00:00 2001 From: Camillo Toselli Date: Tue, 3 Aug 2021 21:47:34 +0200 Subject: [PATCH] accept empty realm for digest auth (#56369) (#56455) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) Co-authored-by: Luca Bompani (cherry picked from commit b0cea408f21cc813f3ef435029982113b1934d4a) --- .../Net/Http/HttpClientHandlerTest.Authentication.cs | 1 + .../Net/Http/LoopbackServer.AuthenticationHelpers.cs | 2 +- .../SocketsHttpHandler/AuthenticationHelper.Digest.cs | 9 +++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs index f7ccc3127e9ab..41718d37eb869 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs @@ -99,6 +99,7 @@ public static IEnumerable Authentication_SocketsHttpHandler_TestData() { yield return new object[] { "Digest realm=\"testrealm\",nonce=\"6afd170437eb5144258b308f7c491d96\",opaque=\"\",stale=FALSE,algorithm=MD5,qop=\"auth\"", true }; yield return new object[] { "Digest realm=\"testrealm\", domain=\"\", nonce=\"NA42+vpOFQd1GwCyVRZuhhy+jDn4BMRl\", algorithm=MD5, qop=\"auth\", stale=false", true }; + yield return new object[] { "Digest realm=\"\", nonce=\"NA42+vpOFQd1GwCyVRZuhhy+jDn4BMRl\", algorithm=MD5, qop=\"auth\", stale=false", true }; } } diff --git a/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs b/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs index bfb2ccb46be1a..4f322c8cb6a97 100644 --- a/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs +++ b/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs @@ -150,7 +150,7 @@ internal static bool IsDigestAuthTokenValid(string clientResponse, string reques } // Realm is mandatory. - if (string.IsNullOrEmpty(realm)) + if (realm == null) return false; } else if (trimmedValue.StartsWith(nameof(cnonce))) diff --git a/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs index 386ce606093ba..d1803c2d21d76 100644 --- a/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs +++ b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs @@ -104,8 +104,7 @@ internal partial class AuthenticationHelper } // Add realm - if (realm != string.Empty) - sb.AppendKeyValue(Realm, realm); + sb.AppendKeyValue(Realm, realm); // Add nonce sb.AppendKeyValue(Nonce, nonce); @@ -407,9 +406,11 @@ private unsafe void Parse(string challenge) break; // Ensure value is valid. - // Opaque and Domain can have empty string + // Opaque, Domain and Realm can have empty string if (value == string.Empty && - (!key.Equals(Opaque, StringComparison.OrdinalIgnoreCase) && !key.Equals(Domain, StringComparison.OrdinalIgnoreCase))) + !key.Equals(Opaque, StringComparison.OrdinalIgnoreCase) && + !key.Equals(Domain, StringComparison.OrdinalIgnoreCase) && + !key.Equals(Realm, StringComparison.OrdinalIgnoreCase)) break; // Add the key-value pair to Parameters.