关闭

发现 liboauth 的一个 bug:FUSE 下 oauth_gen_nonce() 结果异常

标签: includenullubuntufunctiontokenlinux
1781人阅读 评论(0) 收藏 举报
分类:

转载时请注明出处和作者联系方式:http://blog.csdn.net/mimepp
作者联系方式:YU TAO <yut616 at sohu dot com>

关键字: linux,fuse, liboauth,oauth_gen_nonce,oauth_sign_hmac_sha1

这里记录一下遇到的一个 liboauth 结果异常的情况。

例子代码:

http://www.kuaipan.com.cn/file/id_12177787062321391.htm

Error log:
=========================
open_src/fuse_oauth$ make
Compiling hello.c
Building  hello
test/fuse_oauth$ mkdir /tmp/aaa
test/fuse_oauth$ ./hello /tmp/aaa/
test/fuse_oauth$ cat /tmp/aaa/hello
5555555555555555555555
test/fuse_oauth$
test/fuse_oauth$ cat /tmp/aaa/hello
5555555555555555555555
test/fuse_oauth$
test/fuse_oauth$
=========================

but if I remark line 138 (hello.c), which is a call in main function, the result will be correct:
    //oauth_nonce = oauth_gen_nonce();
=========================
test/fuse_oauth$ fusermount -u /tmp/aaa
test/fuse_oauth$ ./hello /tmp/aaa/
test/fuse_oauth$ cat /tmp/aaa/hello
e3BJGRSUFWBXeRF
test/fuse_oauth$
test/fuse_oauth$
test/fuse_oauth$
test/fuse_oauth$ cat /tmp/aaa/hello
EFJuwuxEvWNlJvO4f5nxBTg
=========================

PC: ubuntu 11.10
liboauth-0.9.4
liboauth-dev is installed by apt-get.
It will depends on libcurl4-nss-dev.
I do not compile liboauth by myself.

It seems liboauth is using openssl:
src/config.h:
#define HAVE_OPENSSL_HMAC_H 1
and the USE_NSS is not defined.
Then it will enter line 538:
src/oauth.c
=========================
#  include <openssl/rand.h>
#  define MY_RAND RAND_bytes
#  define MY_SRAND ;
=========================

BTW, auth_signature is NULL too.
http://openapi.kuaipan.cn/1/metadata/kuaipan/UML?oauth_consumer_key=xc8D2NfL9c53vkrP&oauth_nonce=aaaaaaaaaaaaaaa&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1332589513&oauth_token=32a7d5efb0d5442e8e32c6d7518e8239&oauth_version=1.0&oauth_signature=%28null%29

It seems nonce and signature are related to openssl.

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:343153次
    • 积分:3635
    • 等级:
    • 排名:第8954名
    • 原创:111篇
    • 转载:0篇
    • 译文:0篇
    • 评论:55条
    最新评论