From b0cea408f21cc813f3ef435029982113b1934d4a Mon Sep 17 00:00:00 2001 From: Camillo Toselli Date: Tue, 3 Aug 2021 21:47:34 +0200 Subject: [PATCH] accept empty realm for digest auth (#56369) (#56455) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) * accept empty realm for digest auth (#56369) Co-authored-by: Luca Bompani --- .../System/Net/Http/HttpClientHandlerTest.Authentication.cs | 1 + .../System/Net/Http/LoopbackServer.AuthenticationHelpers.cs | 2 +- .../Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs | 9 +++++---- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs index f7ccc31..41718d3 100644 --- a/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs +++ b/src/libraries/Common/tests/System/Net/Http/HttpClientHandlerTest.Authentication.cs @@ -99,6 +99,7 @@ namespace System.Net.Http.Functional.Tests { yield return new object[] { "Digest realm=\"testrealm\",nonce=\"6afd170437eb5144258b308f7c491d96\",opaque=\"\",stale=FALSE,algorithm=MD5,qop=\"auth\"", true }; yield return new object[] { "Digest realm=\"testrealm\", domain=\"\", nonce=\"NA42+vpOFQd1GwCyVRZuhhy+jDn4BMRl\", algorithm=MD5, qop=\"auth\", stale=false", true }; + yield return new object[] { "Digest realm=\"\", nonce=\"NA42+vpOFQd1GwCyVRZuhhy+jDn4BMRl\", algorithm=MD5, qop=\"auth\", stale=false", true }; } } diff --git a/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs b/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs index bfb2ccb..4f322c8 100644 --- a/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs +++ b/src/libraries/Common/tests/System/Net/Http/LoopbackServer.AuthenticationHelpers.cs @@ -150,7 +150,7 @@ namespace System.Net.Test.Common } // Realm is mandatory. - if (string.IsNullOrEmpty(realm)) + if (realm == null) return false; } else if (trimmedValue.StartsWith(nameof(cnonce))) diff --git a/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs index c44dac7..234ca13 100644 --- a/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs +++ b/src/libraries/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/AuthenticationHelper.Digest.cs @@ -104,8 +104,7 @@ namespace System.Net.Http } // Add realm - if (realm != string.Empty) - sb.AppendKeyValue(Realm, realm); + sb.AppendKeyValue(Realm, realm); // Add nonce sb.AppendKeyValue(Nonce, nonce); @@ -407,9 +406,11 @@ namespace System.Net.Http break; // Ensure value is valid. - // Opaque and Domain can have empty string + // Opaque, Domain and Realm can have empty string if (value == string.Empty && - (!key.Equals(Opaque, StringComparison.OrdinalIgnoreCase) && !key.Equals(Domain, StringComparison.OrdinalIgnoreCase))) + !key.Equals(Opaque, StringComparison.OrdinalIgnoreCase) && + !key.Equals(Domain, StringComparison.OrdinalIgnoreCase) && + !key.Equals(Realm, StringComparison.OrdinalIgnoreCase)) break; // Add the key-value pair to Parameters. -- 2.7.4