Skip to content

fail SCRAM exchange on invalid ServerSignature#2235

Merged
hyperxpro merged 1 commit into
AsyncHttpClient:mainfrom
madib06ops:scram-verify-server-signature
Jul 16, 2026
Merged

fail SCRAM exchange on invalid ServerSignature#2235
hyperxpro merged 1 commit into
AsyncHttpClient:mainfrom
madib06ops:scram-verify-server-signature

Conversation

@madib06ops

Copy link
Copy Markdown
Contributor
  1. processScramAuthenticationInfo checks the SCRAM ServerSignature from Authentication-Info (and Proxy-Authentication-Info) but on a mismatch only logged a warning, so a response from a peer that never proved knowledge of the shared secret was still delivered as a success, voiding the mutual-authentication guarantee.
  2. RFC 7804 section 5 requires the client to treat that as an unsuccessful exchange.

Abort the request when the ServerSignature is present but invalid or unparseable, for both the origin and proxy SCRAM paths. A missing header stays warn-only, since it may legitimately arrive in chunked trailers that AHC does not read. Added a regression test that drives a full handshake and returns a corrupted ServerSignature.

@hyperxpro
hyperxpro merged commit 685173a into AsyncHttpClient:main Jul 16, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants