| Issue 66: | INonceStore interface not designed for database backends | |
| 1 person starred this issue and may be notified of changes. | Back to list |
Sign in to add a comment
|
INonceStore assumes that a lock around the calls to ContainsNonce and StoreNonce will protect against nonce name collisions. In a web farm environment this is not the case, and a shared database backend for the nonce table will generate occasional exceptions or even allow replay attacks in certain race condition scenarios. We need to alter the INonceStore methods to include a built-in atomic check-existence-and-add semantic method to replace the Contains and Store individual methods. |
||||||||||||
,
Apr 20, 2008
Fixed in master (v2.1). The StoreNonce and ContainsNonce methods have been combined into a TryStoreNonce method, and comments have been added describing the new method semantic and what precautions implementers should take.
Status: Fixed
|
|||||||||||||
| ► Sign in to add a comment | |||||||||||||
