From 0c753627542d287070987934e83a9e0243a364c8 Mon Sep 17 00:00:00 2001 From: Alice Thum Date: Mon, 8 Jun 2020 09:23:41 -0400 Subject: [PATCH 1/5] Use limit for purging --- digest.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/digest.go b/digest.go index d866b6b..3eaaf7a 100644 --- a/digest.go +++ b/digest.go @@ -80,7 +80,13 @@ func (da *DigestAuth) Purge(count int) { } cache := digestCache(entries) sort.Sort(cache) - for _, client := range cache[:count] { + + limit := count + if len(cache) < count { + limit = len(cache) - 1 + } + + for _, client := range cache[:limit] { delete(da.clients, client.nonce) } } From 02750672ced1b0234281a616897443a5dbf8bb14 Mon Sep 17 00:00:00 2001 From: Alice Thum Date: Wed, 29 Jul 2020 16:22:33 -0400 Subject: [PATCH 2/5] update-cache: add cache purge test --- digest.go | 7 +------ digest_test.go | 26 ++++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/digest.go b/digest.go index 3eaaf7a..39090c9 100644 --- a/digest.go +++ b/digest.go @@ -81,12 +81,7 @@ func (da *DigestAuth) Purge(count int) { cache := digestCache(entries) sort.Sort(cache) - limit := count - if len(cache) < count { - limit = len(cache) - 1 - } - - for _, client := range cache[:limit] { + for _, client := range cache { delete(da.clients, client.nonce) } } diff --git a/digest_test.go b/digest_test.go index 0f2e28a..b2b1e5e 100644 --- a/digest_test.go +++ b/digest_test.go @@ -1,6 +1,7 @@ package auth import ( + // "fmt" "net/http" "net/url" "testing" @@ -76,3 +77,28 @@ func TestDigestAuthParams(t *testing.T) { t.Fatalf("failed to parse uri with embedded commas, got %q want %q", params["uri"], want) } } + +// TestDigestPurge tests that when we purge clients from the authenticator we do not purge +// more cache entries than the number of clients we have received. +// This is to avoid regressing and hitting a "slice bounds out of range" panic. +func TestDigestPurge(t *testing.T) { + t.Parallel() + // Creating dummy clients for the digest authenticator. + nClients := 10 + clients := make(map[string]*digestClient, nClients) + for i := 0; i < nClients; i++ { + clients[string(i)] = &digestClient{} + } + + secrets := HtdigestFileProvider("test.htdigest") + da := &DigestAuth{ + Opaque: "U7H+ier3Ae8Skd/g", + Realm: "example.com", + Secrets: secrets, + clients: clients, + } + + // Purging more than the number of clients we have stored in the + // digest authenticator. + da.Purge(nClients * 2) +} From 264b319ac779596fb367a241ad83e2ac0101a641 Mon Sep 17 00:00:00 2001 From: Alice Thum Date: Fri, 28 Aug 2020 15:30:17 -0400 Subject: [PATCH 3/5] update-cache: remove comment --- digest_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/digest_test.go b/digest_test.go index b2b1e5e..52f13aa 100644 --- a/digest_test.go +++ b/digest_test.go @@ -1,7 +1,6 @@ package auth import ( - // "fmt" "net/http" "net/url" "testing" From 2930e4685517c8fbeac373db4fa93cc0fe4a41ea Mon Sep 17 00:00:00 2001 From: Alice Thum Date: Tue, 11 Jul 2023 14:56:17 -0400 Subject: [PATCH 4/5] Purge minimum of len or count entries from cache, modify test --- digest.go | 6 +++++- digest_test.go | 3 ++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/digest.go b/digest.go index 4f6f5aa..08222df 100644 --- a/digest.go +++ b/digest.go @@ -80,7 +80,11 @@ func (da *DigestAuth) Purge(count int) { cache := digestCache(entries) sort.Sort(cache) - for _, client := range cache { + purgeCount := count + if count > len(cache) { + purgeCount = len(cache) + } + for _, client := range cache[:purgeCount] { delete(da.clients, client.nonce) } } diff --git a/digest_test.go b/digest_test.go index 52f13aa..b4b2ad1 100644 --- a/digest_test.go +++ b/digest_test.go @@ -1,6 +1,7 @@ package auth import ( + "fmt" "net/http" "net/url" "testing" @@ -86,7 +87,7 @@ func TestDigestPurge(t *testing.T) { nClients := 10 clients := make(map[string]*digestClient, nClients) for i := 0; i < nClients; i++ { - clients[string(i)] = &digestClient{} + clients[fmt.Sprintf("%d", i)] = &digestClient{} } secrets := HtdigestFileProvider("test.htdigest") From dd5f24d309bf4bf9334e19ed0495d0dfa3fc2841 Mon Sep 17 00:00:00 2001 From: Alice Thum Date: Tue, 11 Jul 2023 15:21:22 -0400 Subject: [PATCH 5/5] Fix merge conflict --- digest_test.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/digest_test.go b/digest_test.go index fb5a44b..2342fe9 100644 --- a/digest_test.go +++ b/digest_test.go @@ -1,11 +1,8 @@ package auth import ( -<<<<<<< HEAD "fmt" -======= "context" ->>>>>>> upstream/master "net/http" "net/url" "sync"