Hello everyone,
I've implemented a HTTPS webserver on S7G2 using SSP 2.2.0.
Webserver is running fine and answering all requests that I have sent from Google Chrome webbrowser.
Because authentication is required I have also enabled the NX_WEB_HTTP_BASIC_AUTHENTICATE for my webserver.
At first glance authentication seems to work fine:
Entering a wrong name or password lets authentication fail and webserver is requesting a new authentication.
After entering the correct name and password the authentication succeeds and permission to requested resources is granted.
So far so good.
Now I have realized that authentication can be "bypassed" by not entering any password.
After taking a look into the code of NetX function nx_web_http_server_basic_authenticate() it seems the while loop comparing names and passwords is faulty.
It seems the code is only checking if the actually received characters of name and password from client match the set characters of name and password from HTTP authentication callback but not checking if received name and password have different length from configured ones.
Heres a small example. This is my authentication callback:
UINT webserverAuthenticationCallback(NX_WEB_HTTP_SERVER *serverPtr, UINT requestType, CHAR *resourcePtr, CHAR **name, CHAR **password, CHAR **realm){*name= const_cast<char*>("user"); *password= const_cast<char*>("password"); *realm= const_cast<char*>("my realm");
return(NX_WEB_HTTP_BASIC_AUTHENTICATE);}
The following shows the results after trying to login to webserver:
Login with name "user" and password "password" succeeds.
Login with name "user" and password "wrong" fails.
Login with name "user" and password "pass" succeeds.
Login with name "user" and password "" (blank) succeeds too.
Am I missing something here or has anyone made some experiences with that behaviour?
Any help will be gladly appreciated.
Regards,
thors