Opened 4 years ago

Last modified 2 years ago

#1215 new enhancement

Add support for SHA2 (SHA3?) family for RFC2307 passwords for HTTP Basic authentication

Reported by: Owned by:
Priority: minor Milestone:
Component: nginx-module Version: 1.10.x
Keywords: auth Basic Cc:
uname -a: Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u2 (2017-03-07) x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.10.3
built by gcc 4.9.2 (Debian 4.9.2-10)
built with OpenSSL 1.0.1t 3 May 2016
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/ --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-file-aio --with-threads --with-ipv6 --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_ssl_module --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'


The auth_basic_user_file docs state only PLAIN, SHA & SSHA schemes are supported for RFC 2307-formatted passwords.

As the docs also warn, SHA should be avoided (you could actually issue the same warning for SSHA).

It would be best if this directive was supporting at least the versions of password schemes which are considered safe, rather than merely outdated ones, for example SSHA512.

Change History (2)

comment:1 by zasca@…, 2 years ago

Nginx already supports the SHA-2, but the docs still need updating.

in reply to:  1 comment:2 by Maxim Dounin, 2 years ago

Replying to zasca@…:

Nginx already supports the SHA-2, but the docs still need updating.

Docs clearly say that nginx supports passwords encrypted with the crypt() function. This includes all crypt() schemes as supported by your operating system. Note though that using strong crypt() schemes should be carefully thought, as these are designed for UNIX login verification and may require a lot of CPU, while with HTTP basic authentication password checking happens on each request.

This feature request is, however, about RFC 2307 password schemes, and only supported RFC 2307 schemes are {PLAIN}, {SHA}, and {SSHA}. No other RFC 2307 password schemes are currently supported.

Note well that crypt() SHA2-based schemes, $5$ and $6$, are quite different from {SSHA256} and {SSHA512}, as crypt() schemes imply repeated hasing, much like MD5-based $1$ AKA $apr1$, while RFC 2507 schemes aren't. And in terms of bruteforce resistance even MD5-based $1/$apr1$ is much better than {SSHA}, {SSHA256}, or even {SSHA512}.

Note: See TracTickets for help on using tickets.