Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-15961

PKIAuthenticationPlugin.parseCipher is too lenient, causing unnecessary authentication errors

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 9.0, 8.11.2, main (10.0)
    • None
    • None

    Description

      It will accept an input SolrAuth header as valid with an invalid/outdated public key as long as the output of CryptoKeys.decryptRSA ends with a space followed by a number. It will interpret the number as a (very small) timestamp, which will cause the request to fail with 401, instead of re-fetching the public key from the remote host.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            tflobbe Tomas Eduardo Fernandez Lobbe
            tflobbe Tomas Eduardo Fernandez Lobbe
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h
                1h

                Slack

                  Issue deployment