Re: [PATCH] JWT payloads break b64dec convertor

On Tue, Apr 13, 2021 at 04:44:38PM +0200, Moemen MHEDHBI wrote: > > But then how about having just *your* functions > > without relying on the other ones ? Now that you've extended the existing > > function, you can declare it yours, remove all the configurable stuff and > > keep the simplified

Re: [PATCH] JWT payloads break b64dec convertor

On 13/04/2021 11:39, Willy Tarreau wrote: >> You can find attached the patches 0001-bis and 0002-bis modifying the >> existing functions (introducing an url flag) to see how it looks like. >> This solution may be cleaner (no chunk allocation and we don't loop >> twice over input string) but has

Re: [PATCH] JWT payloads break b64dec convertor

Hi Jarno, On Tue, Apr 13, 2021 at 06:19:47AM +, Jarno Huuskonen wrote: > Hello, > > On Tue, 2021-04-06 at 01:58 +0200, Moemen MHEDHBI wrote: > > Thanks Willy and Tim for your feedback. > > > > You can find attached the updated patches with fixed coding style (now > > set correctly in my

Re: [PATCH] JWT payloads break b64dec convertor

Hi Moemen, On Tue, Apr 13, 2021 at 12:41:39AM +0200, Moemen MHEDHBI wrote: > >> in such case should we rather use dynamic allocation ? > > > > No, there are two possible approaches. One of them is to use a trash > > buffer using get_trash_chunk(). The trash buffers are "large enough" > > for

Re: [PATCH] JWT payloads break b64dec convertor

Hello, On Tue, 2021-04-06 at 01:58 +0200, Moemen MHEDHBI wrote: > Thanks Willy and Tim for your feedback. > > You can find attached the updated patches with fixed coding style (now > set correctly in my editor), updated commit message, entry doc in sorted > order, size_t instead of int in both

Re: [PATCH] JWT payloads break b64dec convertor

On 12/04/2021 23:13, Aleksandar Lazic wrote: > Hi Moemen, > > any chance to get this feature before 2.4 will be realeased? > > Regards > Aleks > Hi Aleksandar, I have updated the patch (attached) so it gets reviewed and eventually merged. I know this is going to be useful with what you are

Re: [PATCH] JWT payloads break b64dec convertor

Hi Moemen, any chance to get this feature before 2.4 will be realeased? Regards Aleks On 06.04.21 09:13, Willy Tarreau wrote: Hi Moemen, On Tue, Apr 06, 2021 at 01:58:11AM +0200, Moemen MHEDHBI wrote: Only part unclear: On 02/04/2021 15:04, Tim Düsterhus wrote: +int base64urldec(const char

Re: [PATCH] JWT payloads break b64dec convertor

Hi Moemen, On Tue, Apr 06, 2021 at 01:58:11AM +0200, Moemen MHEDHBI wrote: > Only part unclear: > On 02/04/2021 15:04, Tim Düsterhus wrote: > >> +int base64urldec(const char *in, size_t ilen, char *out, size_t olen) { > >> +char conv[ilen+2]; > > > > This looks like a remotely triggerable

Re: [PATCH] JWT payloads break b64dec convertor

Thanks Willy and Tim for your feedback. You can find attached the updated patches with fixed coding style (now set correctly in my editor), updated commit message, entry doc in sorted order, size_t instead of int in both enc/dec and corresponding reg-test. Only part unclear: On 02/04/2021

Re: [PATCH] JWT payloads break b64dec convertor

Moemen, On 4/2/21 1:38 AM, Moemen MHEDHBI wrote: Subject: [PATCH 1/2] MINOR: sample: add ub64dec and ubase64 converters ub64dec and ubase64 are the base64url equivalent of b64dec and base64 converters. base64url encoding is the "URL and Filename Safe Alphabet" variant of base64 encoding. It is

Re: [PATCH] JWT payloads break b64dec convertor

Hi Moemen, On Fri, Apr 02, 2021 at 01:38:59AM +0200, Moemen MHEDHBI wrote: > I have came across the same use-case as Jonathan so I gave it a try and > implemented the converters for base64url variant. > > - Regarding the converters name, I have just prefixed "u" and used > ubase64/ub64dec. Let

Re: [PATCH] JWT payloads break b64dec convertor

> On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: >> Improvements and suggestions welcome; flames and horror -> /dev/null ;-) > > Would anyone be interested in adding two new converters for this, > working exactly like base64/b64dec but with the URL-compatible > base64 encoding

Re: JWT payloads break b64dec convertor

Le 28/05/2018 à 10:19, Adis Nezirovic a écrit : > On 05/26/2018 04:27 PM, Jonathan Matthews wrote: >> Hello folks, >> >> The payload (and other parts) of a JSON Web Token (JWT, a popular and >> growing auth standard: https://tools.ietf.org/html/rfc7519) is base64 >> encoded. >> >> Unfortunately,

Re: JWT payloads break b64dec convertor

12:34 PM To: Jonathan Matthews Cc: Willy Tarreau ; haproxy Subject: Re: JWT payloads break b64dec convertor On 28/05/2018 15:10, Jonathan Matthews wrote: On Mon, 28 May 2018 at 14:26, Willy Tarreau wrote: On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: > Improveme

RE: JWT payloads break b64dec convertor

https://en.wikipedia.org/wiki/The_C_Programming_Language -Original Message- From: Aleksandar Lazic Sent: Monday, May 28, 2018 12:34 PM To: Jonathan Matthews Cc: Willy Tarreau ; haproxy Subject: Re: JWT payloads break b64dec convertor On 28/05/2018 15:10, Jonathan Matthews wrote

Re: JWT payloads break b64dec convertor

On 28/05/2018 15:10, Jonathan Matthews wrote: On Mon, 28 May 2018 at 14:26, Willy Tarreau wrote: On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: > Improvements and suggestions welcome; flames and horror -> /dev/null ;-) Would anyone be interested in adding two

Re: JWT payloads break b64dec convertor

On Mon, May 28, 2018 at 03:10:01PM +0100, Jonathan Matthews wrote: > On Mon, 28 May 2018 at 14:26, Willy Tarreau wrote: > > > On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: > > > Improvements and suggestions welcome; flames and horror -> /dev/null ;-) > > > >

Re: JWT payloads break b64dec convertor

On Mon, 28 May 2018 at 14:26, Willy Tarreau wrote: > On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: > > Improvements and suggestions welcome; flames and horror -> /dev/null ;-) > > Would anyone be interested in adding two new converters for this, > working

Re: JWT payloads break b64dec convertor

On Mon, May 28, 2018 at 01:43:41PM +0100, Jonathan Matthews wrote: > Improvements and suggestions welcome; flames and horror -> /dev/null ;-) Would anyone be interested in adding two new converters for this, working exactly like base64/b64dec but with the URL-compatible base64 encoding instead ?

Re: JWT payloads break b64dec convertor

On 28 May 2018 at 12:32, Jonathan Matthews wrote: > I think with your points and ccripy's sneaky (kudos!) padding > insertion, I can do something which suffices for my current audit > needs. For the list, here's my working v1 that I ended up with. I'm sure various things

Re: JWT payloads break b64dec convertor

On 28 May 2018 at 09:19, Adis Nezirovic wrote: > On 05/26/2018 04:27 PM, Jonathan Matthews wrote: >> Hello folks, >> >> The payload (and other parts) of a JSON Web Token (JWT, a popular and >> growing auth standard: https://tools.ietf.org/html/rfc7519) is base64 >>

Re: JWT payloads break b64dec convertor

On 05/26/2018 04:27 PM, Jonathan Matthews wrote: > Hello folks, > > The payload (and other parts) of a JSON Web Token (JWT, a popular and > growing auth standard: https://tools.ietf.org/html/rfc7519) is base64 > encoded. > > Unfortunately, the payload encoding (specified in >

Re: JWT payloads break b64dec convertor

while probably not the most ideal solution... i found a quick method to do this using the builtin converters within the configuration to append the padding where necessary. here is an example: log-format %[var(txn.jwtpayload),b64dec] http-request set-var(txn.jwtpayload) req.hdr('x-jwtpayload')

JWT payloads break b64dec convertor

Hello folks, The payload (and other parts) of a JSON Web Token (JWT, a popular and growing auth standard: https://tools.ietf.org/html/rfc7519) is base64 encoded. Unfortunately, the payload encoding (specified in https://tools.ietf.org/html/rfc7515) is defined as the "URL safe" variant. This