Feature #4362: HTTP BasicAuth Support - Suricata-Update - Open Information Security Foundation

Actions

Copy link

Feature #4362

closed

HTTP BasicAuth Support

Added by Andreas Dolp over 3 years ago. Updated over 3 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Andreas Dolp

Target version:

1.3.0

Effort:

low

Difficulty:

low

Label:

Beginner, Python

Description

Current suricata-update does not allow HTTP Basic Authentication, nevertheless syntax is correct:

add-source --http-header "Authorization: Basic dXNlcjE6cGFzc3dvcmQx" 
...
<Error> -- Header not set as it does not meet the criteria

This is since is_header_clean(header) does not allow any whitespaces in header values, but we have one between `Basic` and `dXNlcjE6cGFzc3dvcmQx`.

def is_header_clean(header):
...
    name, val = header[0].strip(), header[1].strip()
    if re.match( r"^[\w-]+$", name) and re.match(r"^[\w-]+$", val):
        return True
    return False

Fix this by allowing whitespaces in the entire HTTP header (v1) or just allow whitespace between `Basic` and `dXNlcjE6cGFzc3dvcmQx` (v2).

See:
- HTTP BasicAuth Support v1: https://github.com/OISF/suricata-update/pull/272
- HTTP BasicAuth Support v2: https://github.com/OISF/suricata-update/pull/273

Actions

Copy link

Updated by Andreas Dolp over 3 years ago

Squashed all changes in "HTTP BasicAuth Support final": https://github.com/OISF/suricata-update/pull/274

Actions

Copy link

Updated by Jason Ish over 3 years ago

Status changed from New to Closed
Target version set to 1.3.0

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata » Suricata-Update

Feature #4362

HTTP BasicAuth Support

Updated by Andreas Dolp over 3 years ago

Updated by Jason Ish over 3 years ago