libmicrohttpd

HTTP/1.x server C library (MHD 1.x, stable)
Log | Files | Refs | Submodules | README | LICENSE
commit 76b68f654f0984dfca834a9c8310af13885c6ce8
parent c0bb909f0a54c7cb41e0e9e0fb936ed8fa79fdc5
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
Date:   Sun,  1 May 2022 17:07:43 +0300

check_nonce_nc(): sorted checks according to probability

The code should be more readable and it should give very minor
performance improvement.

Diffstat:

Msrc/microhttpd/digestauth.c | 38++++++++++++++++++++------------------


1 file changed, 20 insertions(+), 18 deletions(-)

diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
@@ -617,24 +617,7 @@ check_nonce_nc (struct MHD_Connection *connection,
   if ( (0 != memcmp (nn->nonce, nonce, noncelen)) ||
        (0 != nn->nonce[noncelen]) )
     ret = false;     /* Nonce does not match, fail */
-  else if (nc == nn->nc)
-    ret = false;     /* 'nc' was already used */
-  else if (nc < nn->nc)
-  {
-    /* Note that we use 64 here, as we do not store the
-       bit for 'nn->nc' itself in 'nn->nmask' */
-    if ( (nc + 64 >= nn->nc) &&
-         (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) )
-    {
-      /* Out-of-order nonce, but within 64-bit bitmask, set bit */
-      nn->nmask |= (1LLU << (nn->nc - nc - 1));
-      ret = true;
-    }
-    else
-      /* 'nc' was already used or too old (more then 64 values ago) */
-      ret = false;
-  }
-  else
+  else if (nc > nn->nc)
   {
     /* 'nc' is larger, shift bitmask and bump limit */
     const uint64_t jump_size = nc - nn->nc;
@@ -652,6 +635,25 @@ check_nonce_nc (struct MHD_Connection *connection,
     nn->nc = nc;
     ret = true;
   }
+  else if (nc < nn->nc)
+  {
+    /* Note that we use 64 here, as we do not store the
+       bit for 'nn->nc' itself in 'nn->nmask' */
+    if ( (nc + 64 >= nn->nc) &&
+         (0 == ((UINT64_C (1) << (nn->nc - nc - 1)) & nn->nmask)) )
+    {
+      /* Out-of-order nonce, but within 64-bit bitmask, set bit */
+      nn->nmask |= (UINT64_C (1) << (nn->nc - nc - 1));
+      ret = true;
+    }
+    else
+      /* 'nc' was already used or too old (more then 64 values ago) */
+      ret = false;
+  }
+  else /* if (nc == nn->nc) */
+    /* 'nc' was already used */
+    ret = false;
+
   MHD_mutex_unlock_chk_ (&daemon->nnc_lock);
 #ifdef HAVE_MESSAGES
   if (! ret)