Project

General

Profile

Actions

Feature #4362

closed

HTTP BasicAuth Support

Added by Andreas Dolp 8 months ago. Updated 6 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Effort:
low
Difficulty:
low
Label:
Beginner, Python

Description

Current suricata-update does not allow HTTP Basic Authentication, nevertheless syntax is correct:

add-source --http-header "Authorization: Basic dXNlcjE6cGFzc3dvcmQx" 
...
<Error> -- Header not set as it does not meet the criteria

This is since is_header_clean(header) does not allow any whitespaces in header values, but we have one between `Basic` and `dXNlcjE6cGFzc3dvcmQx`.

def is_header_clean(header):
...
    name, val = header[0].strip(), header[1].strip()
    if re.match( r"^[\w-]+$", name) and re.match(r"^[\w-]+$", val):
        return True
    return False

Fix this by allowing whitespaces in the entire HTTP header (v1) or just allow whitespace between `Basic` and `dXNlcjE6cGFzc3dvcmQx` (v2).

See:
- HTTP BasicAuth Support v1: https://github.com/OISF/suricata-update/pull/272
- HTTP BasicAuth Support v2: https://github.com/OISF/suricata-update/pull/273

Actions #1

Updated by Andreas Dolp 8 months ago

Squashed all changes in "HTTP BasicAuth Support final": https://github.com/OISF/suricata-update/pull/274

Actions #2

Updated by Jason Ish 6 months ago

  • Status changed from New to Closed
  • Target version set to 1.3.0
Actions

Also available in: Atom PDF