diff options
author | Christian Grothoff <christian@grothoff.org> | 2018-12-11 10:06:21 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2018-12-11 10:06:42 +0100 |
commit | 273a6df932af73d7c84fef8668a53b2e65311e24 (patch) | |
tree | 4f562f84988aa6bc512a5d88c4bdc79e4c77180c | |
parent | e13c79ee3b5208c8b94538144abe58eab099b3f8 (diff) | |
download | libmicrohttpd-273a6df932af73d7c84fef8668a53b2e65311e24.tar.gz libmicrohttpd-273a6df932af73d7c84fef8668a53b2e65311e24.zip |
remove requirement for VLA in digestauth.c logic
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | src/include/microhttpd.h | 2 | ||||
-rw-r--r-- | src/microhttpd/digestauth.c | 40 | ||||
-rw-r--r-- | w32/common/MHD_config.h | 3 |
5 files changed, 41 insertions, 8 deletions
@@ -1,3 +1,6 @@ | |||
1 | Tue Dec 11 09:58:32 CET 2018 | ||
2 | Add logic to avoid VLA arrays with compilers that do not support them. -CG | ||
3 | |||
1 | Sat Dec 8 23:15:53 CET 2018 | 4 | Sat Dec 8 23:15:53 CET 2018 |
2 | Fixed missing WSA_FLAG_OVERLAPPED which can cause W32 to block on | 5 | Fixed missing WSA_FLAG_OVERLAPPED which can cause W32 to block on |
3 | socket races when using threadpool. (See very detailed description | 6 | socket races when using threadpool. (See very detailed description |
diff --git a/configure.ac b/configure.ac index 9e0b6e12..a03205dc 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -661,6 +661,7 @@ AX_CHECK_LINK_FLAG([-fno-strict-aliasing], | |||
661 | [AX_APPEND_COMPILE_FLAGS([-fno-strict-aliasing])]) | 661 | [AX_APPEND_COMPILE_FLAGS([-fno-strict-aliasing])]) |
662 | 662 | ||
663 | AC_C_BIGENDIAN | 663 | AC_C_BIGENDIAN |
664 | AC_C_VARARRAYS | ||
664 | 665 | ||
665 | AC_CHECK_PROG([HAVE_CURL_BINARY],[curl],[yes],[no]) | 666 | AC_CHECK_PROG([HAVE_CURL_BINARY],[curl],[yes],[no]) |
666 | AM_CONDITIONAL([HAVE_CURL_BINARY],[test "x$HAVE_CURL_BINARY" = "xyes"]) | 667 | AM_CONDITIONAL([HAVE_CURL_BINARY],[test "x$HAVE_CURL_BINARY" = "xyes"]) |
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index 1d966233..dba9a4ca 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -126,7 +126,7 @@ typedef intptr_t ssize_t; | |||
126 | * Current version of the library. | 126 | * Current version of the library. |
127 | * 0x01093001 = 1.9.30-1. | 127 | * 0x01093001 = 1.9.30-1. |
128 | */ | 128 | */ |
129 | #define MHD_VERSION 0x00096201 | 129 | #define MHD_VERSION 0x00096202 |
130 | 130 | ||
131 | /** | 131 | /** |
132 | * MHD-internal return code for "YES". | 132 | * MHD-internal return code for "YES". |
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 424c3761..af146c31 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -52,6 +52,32 @@ | |||
52 | #define NONCE_STD_LEN(digest_size) \ | 52 | #define NONCE_STD_LEN(digest_size) \ |
53 | ((digest_size) * 2 + TIMESTAMP_BIN_SIZE * 2) | 53 | ((digest_size) * 2 + TIMESTAMP_BIN_SIZE * 2) |
54 | 54 | ||
55 | |||
56 | /** | ||
57 | * Maximum size of any digest hash supported by MHD. | ||
58 | * (SHA-256 > MD5). | ||
59 | */ | ||
60 | #define MAX_DIGEST SHA256_DIGEST_SIZE | ||
61 | |||
62 | /** | ||
63 | * Macro to avoid using VLAs if the compiler does not support them. | ||
64 | */ | ||
65 | #if __STDC_NO_VLA__ | ||
66 | /** | ||
67 | * Check that @a n is below #MAX_DIGEST, then return #MAX_DIGEST. | ||
68 | * | ||
69 | * @param n length of the digest to be used for a VLA | ||
70 | */ | ||
71 | #define VLA_ARRAY_LEN_DIGEST(n) (((n) <= MAX_DIGEST?1:(mhd_panic(mhd_panic_cls, __FILE__, __LINE__, "VLA too big"),1)),MAX_DIGEST) | ||
72 | #else | ||
73 | /** | ||
74 | * Check that @a n is below #MAX_DIGEST, then return @a n. | ||
75 | * | ||
76 | * @param n length of the digest to be used for a VLA | ||
77 | */ | ||
78 | #define VLA_ARRAY_LEN_DIGEST(n) (((n) <= MAX_DIGEST?1:(mhd_panic(mhd_panic_cls, __FILE__, __LINE__, "VLA too big"),1)),n) | ||
79 | #endif | ||
80 | |||
55 | /** | 81 | /** |
56 | * Beginning string for any valid Digest authentication header. | 82 | * Beginning string for any valid Digest authentication header. |
57 | */ | 83 | */ |
@@ -185,7 +211,7 @@ digest_calc_ha1_from_digest (const char *alg, | |||
185 | (MHD_str_equal_caseless_(alg, | 211 | (MHD_str_equal_caseless_(alg, |
186 | "sha-256-sess")) ) | 212 | "sha-256-sess")) ) |
187 | { | 213 | { |
188 | uint8_t dig[da->digest_size]; | 214 | uint8_t dig[VLA_ARRAY_LEN_DIGEST(da->digest_size)]; |
189 | 215 | ||
190 | da->init (da->ctx); | 216 | da->init (da->ctx); |
191 | da->update (da->ctx, | 217 | da->update (da->ctx, |
@@ -241,7 +267,7 @@ digest_calc_ha1_from_user (const char *alg, | |||
241 | const char *cnonce, | 267 | const char *cnonce, |
242 | struct DigestAlgorithm *da) | 268 | struct DigestAlgorithm *da) |
243 | { | 269 | { |
244 | unsigned char ha1[da->digest_size]; | 270 | unsigned char ha1[VLA_ARRAY_LEN_DIGEST(da->digest_size)]; |
245 | 271 | ||
246 | da->init (da->ctx); | 272 | da->init (da->ctx); |
247 | da->update (da->ctx, | 273 | da->update (da->ctx, |
@@ -296,8 +322,8 @@ digest_calc_response (const char *ha1, | |||
296 | const char *hentity, | 322 | const char *hentity, |
297 | struct DigestAlgorithm *da) | 323 | struct DigestAlgorithm *da) |
298 | { | 324 | { |
299 | unsigned char ha2[da->digest_size]; | 325 | unsigned char ha2[VLA_ARRAY_LEN_DIGEST(da->digest_size)]; |
300 | unsigned char resphash[da->digest_size]; | 326 | unsigned char resphash[VLA_ARRAY_LEN_DIGEST(da->digest_size)]; |
301 | (void)hentity; /* Unused. Silence compiler warning. */ | 327 | (void)hentity; /* Unused. Silence compiler warning. */ |
302 | 328 | ||
303 | da->init (da->ctx); | 329 | da->init (da->ctx); |
@@ -638,7 +664,7 @@ calculate_nonce (uint32_t nonce_time, | |||
638 | char *nonce) | 664 | char *nonce) |
639 | { | 665 | { |
640 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; | 666 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; |
641 | unsigned char tmpnonce[da->digest_size]; | 667 | unsigned char tmpnonce[VLA_ARRAY_LEN_DIGEST(da->digest_size)]; |
642 | char timestamphex[TIMESTAMP_BIN_SIZE * 2 + 1]; | 668 | char timestamphex[TIMESTAMP_BIN_SIZE * 2 + 1]; |
643 | 669 | ||
644 | da->init (da->ctx); | 670 | da->init (da->ctx); |
@@ -815,12 +841,12 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
815 | const char *header; | 841 | const char *header; |
816 | char nonce[MAX_NONCE_LENGTH]; | 842 | char nonce[MAX_NONCE_LENGTH]; |
817 | char cnonce[MAX_NONCE_LENGTH]; | 843 | char cnonce[MAX_NONCE_LENGTH]; |
818 | char ha1[da->digest_size * 2 + 1]; | 844 | char ha1[VLA_ARRAY_LEN_DIGEST(da->digest_size) * 2 + 1]; |
819 | char qop[15]; /* auth,auth-int */ | 845 | char qop[15]; /* auth,auth-int */ |
820 | char nc[20]; | 846 | char nc[20]; |
821 | char response[MAX_AUTH_RESPONSE_LENGTH]; | 847 | char response[MAX_AUTH_RESPONSE_LENGTH]; |
822 | const char *hentity = NULL; /* "auth-int" is not supported */ | 848 | const char *hentity = NULL; /* "auth-int" is not supported */ |
823 | char noncehashexp[NONCE_STD_LEN(da->digest_size) + 1]; | 849 | char noncehashexp[NONCE_STD_LEN(VLA_ARRAY_LEN_DIGEST(da->digest_size)) + 1]; |
824 | uint32_t nonce_time; | 850 | uint32_t nonce_time; |
825 | uint32_t t; | 851 | uint32_t t; |
826 | size_t left; /* number of characters left in 'header' for 'uri' */ | 852 | size_t left; /* number of characters left in 'header' for 'uri' */ |
diff --git a/w32/common/MHD_config.h b/w32/common/MHD_config.h index 21db7eae..964df10d 100644 --- a/w32/common/MHD_config.h +++ b/w32/common/MHD_config.h | |||
@@ -9,6 +9,9 @@ | |||
9 | /* Define if MS VC compiler is used */ | 9 | /* Define if MS VC compiler is used */ |
10 | #define MSVC 1 | 10 | #define MSVC 1 |
11 | 11 | ||
12 | /* Define that MS VC does not support VLAs */ | ||
13 | #define __STDC_NO_VLA__ 1 | ||
14 | |||
12 | /* Define to 1 if your C compiler supports inline functions. */ | 15 | /* Define to 1 if your C compiler supports inline functions. */ |
13 | #define INLINE_FUNC 1 | 16 | #define INLINE_FUNC 1 |
14 | 17 | ||