[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] libmicrohttpd Digest, Vol 140, Issue 8
|
From: |
Christian Grothoff |
|
Subject: |
Re: [libmicrohttpd] libmicrohttpd Digest, Vol 140, Issue 8 |
|
Date: |
Fri, 11 Dec 2020 00:09:18 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 |
Hi!
You're calling MHD_queue_auth_fail_response2 too late.
MHD already called you once before on the connection, and at that time
you simply returned 'MHD_YES'. So MHD has already told the client to
'100 continue', and is now ready to process the upload -- which means it
is too late to fail on authentication.
You MUST do this the first time MHD calls you on a fresh request.
Happy hacking!
Christian
On 12/10/20 6:59 PM, Dirk Brinkmeier wrote:
> Hi to all.
>
> Thanks for the hint. The result value of the request callback indeed was
> MHD_NO.
>
> In case of digest auth request in the first step the POST request is
> rejected by missing authorization.
> And so MHD_queue_auth_fail_response2 is called and returns MHD_NO. And
> inside of this function MHD_queue_response is called.
> I placed a printf for debugging purposes in MHD_queue_response:
>
> if ( (NULL == connection) ||
> (NULL == response) ||
> (NULL != connection->response) ||
> ( (MHD_CONNECTION_HEADERS_PROCESSED != connection->state) &&
> (MHD_CONNECTION_FOOTERS_RECEIVED != connection->state) ) )
> {
> printf("Prerequsites not fullfilled to queue response, state =
> %d\n", connection->state);
> return MHD_NO;
> }
>
> The connection-> state = 6 --> MHD_CONNECTION_CONTINUE_SENT
> This is causes the request to fail.
>
> Regards,
> Dirk.
>
> Am 10.12.20 um 15:48 schrieb libmicrohttpd-request@gnu.org:
>> Send libmicrohttpd mailing list submissions to
>> libmicrohttpd@gnu.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> https://lists.gnu.org/mailman/listinfo/libmicrohttpd
>> or, via email, send a message with subject or body 'help' to
>> libmicrohttpd-request@gnu.org
>>
>> You can reach the person managing the list at
>> libmicrohttpd-owner@gnu.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of libmicrohttpd digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Digest authentication on POST request causes 'Application
>> reported internal error, closing connection' (Dirk Brinkmeier)
>> 2. Re: Digest authentication on POST request causes 'Application
>> reported internal error, closing connection' (Christian Grothoff)
>> 3. Re: MHD requires GnuTLS and other libraries (DJM-Avalesta)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Thu, 10 Dec 2020 09:37:23 +0100
>> From: Dirk Brinkmeier <microhttpd@dbrinkmeier.de>
>> To: libmicrohttpd@gnu.org
>> Subject: [libmicrohttpd] Digest authentication on POST request causes
>> 'Application reported internal error, closing connection'
>> Message-ID: <98ae89c7-717e-d7da-5166-05ef865ae358@dbrinkmeier.de>
>> Content-Type: text/plain; charset=utf-8; format=flowed
>>
>> Hi to all.
>>
>> I'm trying to POST data to libmicrohttpd with digest authentication
>> enabled.
>> The data looks like this:
>>
>> POST /ajax/response.html HTTP/1.1
>> Accept: */*
>> Accept-Encoding: identity
>> Host: xxxx.ddns.net
>> User-Agent: NB-IoT-Client/1.0.0 (Arduino/MKR-NB-1500)
>> Connection: close
>> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
>> Content-Length: 151
>>
>> OnIoTData=iotdata&prepare=no&title=iotdata&IMEI=352753096142722&Address=10.193.202.150&Timestamp=315964938&Datetime=1980-01-06T00:02:18+00:00&Data=null
>>
>>
>>
>>
>> The data is received via libmicrohttpd and forwarded to my application
>> as long as no authentication is used.
>> When using digest authentication the connection is closed with an
>> internal error callback message 'Application reported internal error,
>> closing connection'.
>>
>> With a GET request everything works fine:
>> The first request is answered with 'Unauthorized' and my client response
>> with the correct digest in the second request and receives a valid
>> response.
>>
>> I'm not quite sure where to look after this issue. Is this an issue in
>> my framework or ist there an issue in libmicrohttpd?
>> Any ideas are appeciated....
>>
>> Thanks in advance,
>> Dirk.
>>
>>
>>
>>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Thu, 10 Dec 2020 10:13:10 +0100
>> From: Christian Grothoff <grothoff@gnunet.org>
>> To: libmicrohttpd@gnu.org
>> Subject: Re: [libmicrohttpd] Digest authentication on POST request
>> causes 'Application reported internal error, closing connection'
>> Message-ID: <b68805dd-4640-8c13-2741-acb3a019a515@gnunet.org>
>> Content-Type: text/plain; charset="utf-8"
>>
>> On 12/10/20 9:37 AM, Dirk Brinkmeier wrote:
>>> Hi to all.
>>>
>>> I'm trying to POST data to libmicrohttpd with digest authentication
>>> enabled.
>>> The data looks like this:
>>>
>>> POST /ajax/response.html HTTP/1.1
>>> Accept: */*
>>> Accept-Encoding: identity
>>> Host: xxxx.ddns.net
>>> User-Agent: NB-IoT-Client/1.0.0 (Arduino/MKR-NB-1500)
>>> Connection: close
>>> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
>>> Content-Length: 151
>>>
>>> OnIoTData=iotdata&prepare=no&title=iotdata&IMEI=352753096142722&Address=10.193.202.150&Timestamp=315964938&Datetime=1980-01-06T00:02:18+00:00&Data=null
>>>
>>>
>>>
>>>
>>> The data is received via libmicrohttpd and forwarded to my application
>>> as long as no authentication is used.
>>> When using digest authentication the connection is closed with an
>>> internal error callback message 'Application reported internal error,
>>> closing connection'.
>>>
>>> With a GET request everything works fine:
>>> The first request is answered with 'Unauthorized' and my client response
>>> with the correct digest in the second request and receives a valid
>>> response.
>>>
>>> I'm not quite sure where to look after this issue. Is this an issue in
>>> my framework or ist there an issue in libmicrohttpd?
>>> Any ideas are appeciated....
>> It sounds to me like you are returning 'MHD_NO' from your callback
>> instead of MHD_YES. Why I cannot say without seeing your code, but you
>> are most certainly using the API wrong. Did you look at the example in
>> src/examples/digest_auth_example.c?
>>
>> -------------- next part --------------
>> A non-text attachment was scrubbed...
>> Name: signature.asc
>> Type: application/pgp-signature
>> Size: 833 bytes
>> Desc: OpenPGP digital signature
>> URL:
>> <https://lists.gnu.org/archive/html/libmicrohttpd/attachments/20201210/594a872a/attachment.sig>
>>
>>
>> ------------------------------
>>
>> Message: 3
>> Date: Thu, 10 Dec 2020 12:30:33 +0000
>> From: DJM-Avalesta <david.myers@avalesta.com>
>> To: Christian Grothoff <grothoff@gnunet.org>
>> Cc: libmicrohttpd@gnu.org
>> Subject: Re: [libmicrohttpd] MHD requires GnuTLS and other libraries
>> Message-ID: <88efb48074742ec96cec9a6c3fece749@avalesta.com>
>> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>>
>> Hi,
>>
>> I've now cross-comiled GnuTLS and all of it's dependant libraries eg
>> libnettle, libhogweed, libgmp.
>>
>> I now need to build libmicrohttpd and link it to my GnuTLS.
>>
>> I run the following configure command
>>
>> _./configure --host=arm-none-linux-gnueabi --enable-https=yes
>> --with-gnutls=/mnt/hgfs/Projects/GnuTLS/gnutls-3.6.15_
>>
>> but I get the attached config log and this failure message
>>
>> _checking how to find GnuTLS library...
>> -I/mnt/hgfs/Projects/GnuTLS/gnutls-3.6.15/include
>> -L/mnt/hgfs/Projects/GnuTLS/gnutls-3.6.15/lib -lgnutls_
>> _checking for gnutls/gnutls.h... yes_
>> _checking for gnutls_priority_set in -lgnutls... no_
>> _configure: error: can't find usable libgnutls at specified prefix
>> /mnt/hgfs/Projects/GnuTLS/gnutls-3.6.15_
>>
>> Any suggestions at this point would be very helpful.
>>
>> Regards
>>
>> David
>>
>> On 2020-12-05 8:29 pm, Christian Grothoff wrote:
>>
>>> Hi David,
>>>
>>> How to cross-compile GnuTLS is a question better suited for the GnuTLS
>>> mailinglist ;-).
>>>
>>> Good luck!
>>>
>>> Happy hacking!
>>>
>>> Christian
>>>
>>> On 12/5/20 9:24 PM, DJM-Avalesta wrote:
>>>
>>>> Hi,
>>>>
>>>> To get MHD working with HTTPS on my embedded system, I need to link
>>>> libmicrohttpd with GnuTLS, so I need to cross compile GnuTLS.
>>>>
>>>> When I run configure for GnuTLS, I get "libNettle 3.4.1 was not found".
>>>>
>>>> I downloaded the source for libNettle 3.4.1 and built this, but when I
>>>> re-configure GnuTLS with libNettle, I stilll get "libNettle 3.4.1 was
>>>> not found"
>>>>
>>>> Reading up on this it seems I might also need to build libHogweed and
>>>> libGMP libraries.
>>>>
>>>> Has anyone out there cross compiled all of these libraries and can help
>>>> me to get all of these downloads and steps correct, so I can build an
>>>> HTTPS-enabled MHD?
>>>>
>>>> Many thanks
>>>>
>>>> David
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL:
>> <https://lists.gnu.org/archive/html/libmicrohttpd/attachments/20201210/522cda0d/attachment.html>
>>
>> -------------- next part --------------
>> An embedded and charset-unspecified text was scrubbed...
>> Name: config.log
>> URL:
>> <https://lists.gnu.org/archive/html/libmicrohttpd/attachments/20201210/522cda0d/attachment.ksh>
>>
>>
>> ------------------------------
>>
>> Subject: Digest Footer
>>
>> _______________________________________________
>> libmicrohttpd mailing list
>> libmicrohttpd@gnu.org
>> https://lists.gnu.org/mailman/listinfo/libmicrohttpd
>>
>>
>> ------------------------------
>>
>> End of libmicrohttpd Digest, Vol 140, Issue 8
>> *********************************************
>
signature.asc
Description: OpenPGP digital signature