[asterisk-bugs] [Asterisk 0018598]: Manager Event Interface w/Digest authentication does not work!

Asterisk Bug Tracker noreply at bugs.digium.com
Wed May 4 21:30:46 CDT 2011


The following issue has been ASSIGNED. 
====================================================================== 
https://issues.asterisk.org/view.php?id=18598 
====================================================================== 
Reported By:                ksn
Assigned To:                seanbright
====================================================================== 
Project:                    Asterisk
Issue ID:                   18598
Category:                   Core/HTTP
Reproducibility:            always
Severity:                   tweak
Priority:                   normal
Status:                     assigned
Asterisk Version:           1.8.1.1 
JIRA:                       SWP-2891 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2011-01-11 13:14 CST
Last Modified:              2011-05-04 21:30 CDT
====================================================================== 
Summary:                    Manager Event Interface w/Digest authentication does
not work!
Description: 
Hello all!

Experience problems when using the interface with Digest authentication:
/amanager => HTML Manager Event Interface w/Digest authentication
/arawman => Raw HTTP Manager Event Interface w/Digest authentication
/amxml => XML Manager Event Interface w/Digest authentication
(http show status)

For example queries on Asterisk:

kremlin:~# curl -u "admin:12345" --digest -v
"http://127.0.0.1:8088/amxml?action=CoreShowChannels" [^]

Get:
* About to connect() to 127.0.0.1 port 8088
(https://issues.asterisk.org/view.php?id=0)
* Trying 127.0.0.1... connected
* Connected to 127.0.0.1 (127.0.0.1) port 8088
(https://issues.asterisk.org/view.php?id=0)
* Server auth using Digest with user 'admin'
> GET /amxml?action=CoreShowChannels HTTP/1.1
> User-Agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2
OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.8 libssh2/0.18
> Host: 127.0.0.1:8088
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Server: Asterisk/1.8.1.1
< Date: Tue, 11 Jan 2011 18:50:21 GMT
< Connection: close
< Cache-Control: no-cache, no-store
< Content-Length: 210
< WWW-authenticate: Digest algorithm=MD5, realm="asterisk",
nonce="38ec76af", qop="auth", opaque="38ec76af"
< Content-type: text/html
<
* Closing connection https://issues.asterisk.org/view.php?id=0
* Issue another request to this URL:
'http://127.0.0.1:8088/amxml?action=CoreShowChannels' [^]
* About to connect() to 127.0.0.1 port 8088
(https://issues.asterisk.org/view.php?id=0)
* Trying 127.0.0.1... connected
* Connected to 127.0.0.1 (127.0.0.1) port 8088
(https://issues.asterisk.org/view.php?id=0)
* Server auth using Digest with user 'admin'
> GET /amxml?action=CoreShowChannels HTTP/1.1
> Authorization: Digest username="admin", realm="asterisk",
nonce="38ec76af", uri="/amxml?action=CoreShowChannels", cnonce="NzM0Nzg2",
nc=00000001, qop="auth", response="517711f9bf37372916d89746943f0030",
opaque="38ec76af", algorithm="MD5"
> User-Agent: curl/7.18.2 (i486-pc-linux-gnu) libcurl/7.18.2
OpenSSL/0.9.8g zlib/1.2.3.3 libidn/1.8 libssh2/0.18
> Host: 127.0.0.1:8088
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Server: Asterisk/1.8.1.1
< Date: Tue, 11 Jan 2011 18:50:21 GMT
< Connection: close
< Cache-Control: no-cache, no-store
< Content-Length: 210
* Authentication problem. Ignoring this.
< WWW-authenticate: Digest algorithm=MD5, realm="asterisk",
nonce="1032537c", qop="auth", opaque="1032537c"
< Content-type: text/html
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>401 Unauthorized</h1>


<hr />
<address>Asterisk Server</address>
</body></html>
* Closing connection https://issues.asterisk.org/view.php?id=0
kremlin:~#

The problem seems to be old. Can anybody explain and help me?
====================================================================== 

---------------------------------------------------------------------- 
 (0134463) svnbot (reporter) - 2011-05-04 21:30
 https://issues.asterisk.org/view.php?id=18598#c134463 
---------------------------------------------------------------------- 
Repository: asterisk
Revision: 316919

U   branches/1.8/main/http.c

------------------------------------------------------------------------
r316919 | seanbright | 2011-05-04 21:30:45 -0500 (Wed, 04 May 2011) | 10
lines

Use the correct HTTP method when generating our digest, otherwise we
always fail.

When calculating the 'A2' portion of our digest for verification, we need
the
HTTP method that is currently in use.  Unfortunately our mapping function
was
incorrect, resulting in invalid hashes being generated and, in turn,
failures
in authentication.

(closes issue https://issues.asterisk.org/view.php?id=18598)
Reported by: ksn

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=316919 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2011-05-04 21:30 svnbot         Note Added: 0134463                          
2011-05-04 21:30 svnbot         Status                   acknowledged =>
assigned
2011-05-04 21:30 svnbot         Assigned To              russell => seanbright
======================================================================




More information about the asterisk-bugs mailing list