From: Andreas Dolp <dev@andreas-dolp.de>
Date: Thu, 25 Feb 2021 18:23:09 +0000 (+0100)
Subject: HTTP BasicAuth support.
X-Git-Tag: 1.3.0rc1~60
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7fafdcaf01361534b1c0c725363d35deb013b328;p=thirdparty%2Fsuricata-update.git

HTTP BasicAuth support.

Allow whitespaces in entire HTTP header value.

This enables HTTP Basic Authentication.

Redmine issue:
https://redmine.openinfosecfoundation.org/issues/4362
---

diff --git a/doc/add-source.rst b/doc/add-source.rst
index e5b2a53..17b80e6 100644
--- a/doc/add-source.rst
+++ b/doc/add-source.rst
@@ -25,6 +25,10 @@ Options
 
      add-source --http-header "X-API-Key: 1234"
 
+   HTTP basic authentication can be achieved by setting the HTTP Basic
+   Authentication header with ``base64(user1:password1)``. Example::
+     add-source --http-header "Authorization: Basic dXNlcjE6cGFzc3dvcmQx"
+
 .. option:: --no-checksum
 
    Skips downloading the checksum URL for the rule source.
diff --git a/suricata/update/net.py b/suricata/update/net.py
index 49a58cf..dddb325 100644
--- a/suricata/update/net.py
+++ b/suricata/update/net.py
@@ -91,7 +91,7 @@ def is_header_clean(header):
     if len(header) != 2:
         return False
     name, val = header[0].strip(), header[1].strip()
-    if re.match( r"^[\w-]+$", name) and re.match(r"^[\w-]+$", val):
+    if re.match( r"^[\w-]+$", name) and re.match(r"^[\w\s-]+$", val):
         return True
     return False