commit 5bb652c3df7c46bf509321f90048128ae900d381
parent 4f372879cc1273fd87ad346ccc31b7086ac65fcc
Author: Christian Grothoff <christian@grothoff.org>
Date: Sat, 4 Sep 2010 19:55:40 +0000
fix parser issue, allow client to specify access-denied response body
Diffstat:
3 files changed, 34 insertions(+), 15 deletions(-)
diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c
@@ -505,16 +505,13 @@ int
MHD_queue_auth_fail_response(struct MHD_Connection *connection,
const char *realm,
const char *opaque,
+ struct MHD_Response *response,
int signal_stale)
{
int ret;
size_t hlen;
char nonce[HASH_MD5_HEX_LEN + 9];
- struct MHD_Response *response;
- response = MHD_create_response_from_data(0, NULL, MHD_NO, MHD_NO);
- if (NULL == response)
- return MHD_NO;
/* Generating the server nonce */
calculate_nonce ((uint32_t) time(NULL),
@@ -549,7 +546,6 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection,
ret = MHD_queue_response(connection,
MHD_HTTP_UNAUTHORIZED,
response);
- MHD_destroy_response(response);
return ret;
}
diff --git a/src/examples/digest_auth_example.c b/src/examples/digest_auth_example.c
@@ -26,7 +26,9 @@
#include <microhttpd.h>
#include <stdlib.h>
-#define PAGE "<html><head><title>libmicrohttpd demo</title></head><body>libmicrohttpd demo</body></html>"
+#define PAGE "<html><head><title>libmicrohttpd demo</title></head><body>Access granted</body></html>"
+
+#define DENIED "<html><head><title>libmicrohttpd demo</title></head><body>Access denied</body></html>"
#define OPAQUE "11733b200778ce33060f31c9af70a870ba96ddd4"
@@ -46,20 +48,37 @@ ahc_echo (void *cls,
username = MHD_digest_auth_get_username(connection);
if (username == NULL)
- return MHD_queue_auth_fail_response(connection, realm,
- OPAQUE,
- MHD_NO);
+ {
+ response = MHD_create_response_from_data(strlen (DENIED),
+ DENIED,
+ MHD_NO, MHD_NO);
+ ret = MHD_queue_auth_fail_response(connection, realm,
+ OPAQUE,
+ response,
+ MHD_NO);
+ MHD_destroy_response(response);
+ return ret;
+ }
ret = MHD_digest_auth_check(connection, realm,
username,
password,
300);
free(username);
- if (ret == MHD_INVALID_NONCE)
- return MHD_queue_auth_fail_response(connection, realm,
- OPAQUE, MHD_YES);
- if (ret == MHD_NO)
- return MHD_queue_auth_fail_response(connection, realm,
- OPAQUE, MHD_NO);
+ if ( (ret == MHD_INVALID_NONCE) ||
+ (ret == MHD_NO) )
+ {
+ response = MHD_create_response_from_data(strlen (DENIED),
+ DENIED,
+ MHD_NO, MHD_NO);
+ if (NULL == response)
+ return MHD_NO;
+ ret = MHD_queue_auth_fail_response(connection, realm,
+ OPAQUE,
+ response,
+ (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
+ MHD_destroy_response(response);
+ return ret;
+ }
response = MHD_create_response_from_data(strlen(PAGE), PAGE,
MHD_NO, MHD_NO);
ret = MHD_queue_response(connection, MHD_HTTP_OK, response);
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
@@ -1316,6 +1316,9 @@ MHD_digest_auth_check(struct MHD_Connection *connection,
* @param connection The MHD connection structure
* @param realm The realm presented to the client
* @param opaque string to user for opaque value
+ * @param response reply to send; should contain the "access denied"
+ * body; note that this function will set the "WWW Authenticate"
+ * header and that the caller should not do this
* @param signal_stale MHD_YES if the nonce is invalid to add
* 'stale=true' to the authentication header
* @return MHD_YES on success, MHD_NO otherwise
@@ -1324,6 +1327,7 @@ int
MHD_queue_auth_fail_response(struct MHD_Connection *connection,
const char *realm,
const char *opaque,
+ struct MHD_Response *response,
int signal_stale);
