configure: implemented setting DAuth defaults by parameters

author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2023-12-29 16:54:29 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2023-12-29 16:58:16 +0300
commit: 8d4496944bf0ada2f2fc176e589eb0a921da72d9 (patch)
tree: 88369e4b024eedec5fc2da474b6e09e213ef6385
parent: e0d8708b33bf021d5059ae7d481b5fab55a1661e (diff)
download: libmicrohttpd-8d4496944bf0ada2f2fc176e589eb0a921da72d9.tar.gz
libmicrohttpd-8d4496944bf0ada2f2fc176e589eb0a921da72d9.zip
3 files changed, 108 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index 32f038bc..05591770 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4034,6 +4034,104 @@ AS_IF([[test "x$enable_dauth" != "xno"]],
 AM_CONDITIONAL([ENABLE_DAUTH], [test "x$enable_dauth" != "xno"])
 AC_MSG_RESULT([[$enable_dauth]])
+AS_VAR_IF([enable_dauth], ["yes"],
+  [
+    AC_MSG_CHECKING([[for Digest Authentication default nonce timeout value]])
+    AC_ARG_ENABLE([dauth-def-timeout],
+      [AS_HELP_STRING([--enable-dauth-def-timeout=NNN],
+                      [set default Digest Auth nonce validity time to NNN seconds])],
+      [enable_dauth_def_timeout="${enableval}"],
+      [enable_dauth_def_timeout=""]
+    )
+    AS_VAR_IF([enable_dauth_def_timeout], ["no"],
+      [
+        AC_MSG_WARN([Default Diget Auth nonce validity time cannot be disabled, --disable-dauth-def-timeout parameter is ignored])
+        enable_dauth_def_timeout=""
+      ]
+    )
+    AS_IF([test -z "${enable_dauth_def_timeout}"],
+      [
+        enable_dauth_def_timeout="90"
+        enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds (default)"
+      ],
+      [
+        AS_IF([[test "x${enable_dauth_def_timeout}" = "x`echo ${enable_dauth_def_timeout}|${SED-sed} 's/[^0-9]//g'`" && \
+                test "${enable_dauth_def_timeout}" -ge "0" 2>/dev/null ]],[:],
+          [AC_MSG_ERROR([Invalid parameter --enable-dauth-def-timeout=${enable_dauth_def_timeout}. Timeout value must be a positive integer.])
+          ]
+        )
+        AC_COMPILE_IFELSE(
+          [
+            AC_LANG_PROGRAM([],
+              [[
+  static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_timeout} != ((unsigned int)${enable_dauth_def_timeout}))];
+  (void) arr;
+              ]]
+            )
+          ],
+          [],
+          [AC_MSG_ERROR([The value specified by --enable-dauth-def-timeout=${enable_dauth_def_timeout} is too large.])]
+        )
+        enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds (set by parameter)"
+      ]
+    )
+    AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_TIMEOUT_],[${enable_dauth_def_timeout}],
+        [The default HTTP Digest Auth default nonce timeout value (in seconds)])
+    AC_MSG_RESULT([[${enable_dauth_def_timeout_MSG}]])
+    AC_MSG_CHECKING([[for Digest Authentication default maximum nc value]])
+    AC_ARG_ENABLE([dauth-def-max-nc],
+      [AS_HELP_STRING([--enable-dauth-def-max-nc=NNN],
+                      [set default Digest Auth maximum nc (nonce count) value to NNN])],
+      [enable_dauth_def_max_nc="${enableval}"],
+      [enable_dauth_def_max_nc=""]
+    )
+    AS_VAR_IF([enable_dauth_def_max_nc], ["no"],
+      [
+        AC_MSG_WARN([Default Diget Auth maximum nc cannot be disabled, --disable-dauth-def-max-nc parameter is ignored])
+        enable_dauth_def_max_nc=""
+      ]
+    )
+    AS_IF([test -z "${enable_dauth_def_max_nc}"],
+      [
+        enable_dauth_def_max_nc="1000"
+        enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (default)"
+      ],
+      [
+        AS_IF([[test "x${enable_dauth_def_max_nc}" = "x`echo ${enable_dauth_def_max_nc}|${SED-sed} 's/[^0-9]//g'`" && \
+                test "${enable_dauth_def_max_nc}" -ge "0" 2>/dev/null ]],[:],
+          [AC_MSG_ERROR([Invalid parameter --enable-dauth-def-max-nc=${enable_dauth_def_max_nc}. The value must be a positive integer.])
+          ]
+        )
+        AC_COMPILE_IFELSE(
+          [
+            AC_LANG_PROGRAM(
+              [[
+#include <stdint.h>
+              ]],
+              [[
+  static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_max_nc} != ((uint32_t)${enable_dauth_def_max_nc}))];
+  (void) arr;
+              ]]
+            )
+          ],
+          [],
+          [AC_MSG_ERROR([The value specified by --enable-dauth-def-max-nc=${enable_dauth_def_max_nc} is too large.])]
+        )
+        enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (set by parameter)"
+      ]
+    )
+    AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_MAX_NC_],[${enable_dauth_def_max_nc}],
+        [The default HTTP Digest Auth default maximum nc (nonce count) value])
+    AC_MSG_RESULT([[${enable_dauth_def_max_nc_MSG}]])
+    dauth_defs_MSG="timeout: ${enable_dauth_def_timeout_MSG}, max nc: ${enable_dauth_def_max_nc_MSG}"
+  ],
+  [
+    dauth_defs_MSG="N/A"
+  ]
+)
 AM_CONDITIONAL([HAVE_ANYAUTH],[test "x$enable_bauth" != "xno" || test "x$enable_dauth" != "xno"])
 # optional: HTTP "Upgrade" support. Enabled by default
@@ -5964,6 +6062,7 @@ AC_MSG_NOTICE([GNU libmicrohttpd ${PACKAGE_VERSION} Configuration Summary:
  HTTP "Upgrade":    ${enable_httpupgrade}
  Basic auth.:       ${enable_bauth}
  Digest auth.:      ${enable_dauth}
+  Digest auth. defaults: ${dauth_defs_MSG}
  MD5:               ${enable_md5_MSG}
  SHA-256:           ${enable_sha256_MSG}
  SHA-512/256:       ${enable_sha512_256_MSG}
diff --git a/src/include/mhd_options.h b/src/include/mhd_options.h
index f5334e1d..39316a28 100644
--- a/src/include/mhd_options.h
+++ b/src/include/mhd_options.h
@@ -278,4 +278,11 @@
 #  endif /* 0 != HAVE_DECL_CPU_SETSIZE */
 #endif /* HAVE_DECL_CPU_SETSIZE */
+#ifndef MHD_DAUTH_DEF_TIMEOUT_
+#  define MHD_DAUTH_DEF_TIMEOUT_ 90
+#endif /* ! MHD_DAUTH_DEF_TIMEOUT_ */
+#ifndef MHD_DAUTH_DEF_MAX_NC_
+#  define MHD_DAUTH_DEF_MAX_NC_ 1000
+#endif /* ! MHD_DAUTH_DEF_MAX_NC_ */
 #endif /* MHD_OPTIONS_H */
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index f4fd8166..8345c793 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -7808,8 +7808,8 @@ MHD_start_daemon_va (unsigned int flags,
  daemon->digest_auth_rand_size = 0;
  daemon->digest_auth_random = NULL;
  daemon->nonce_nc_size = 4; /* tiny */
-  daemon->dauth_def_nonce_timeout = 90;
+  daemon->dauth_def_nonce_timeout = MHD_DAUTH_DEF_TIMEOUT_;
-  daemon->dauth_def_max_nc = 1000;
+  daemon->dauth_def_max_nc = MHD_DAUTH_DEF_MAX_NC_;
 #endif
 #ifdef HTTPS_SUPPORT
  if (0 != (*pflags & MHD_USE_TLS))
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2023-12-29 16:54:29 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2023-12-29 16:58:16 +0300
commit	8d4496944bf0ada2f2fc176e589eb0a921da72d9 (patch)
tree	88369e4b024eedec5fc2da474b6e09e213ef6385
parent	e0d8708b33bf021d5059ae7d481b5fab55a1661e (diff)
download	libmicrohttpd-8d4496944bf0ada2f2fc176e589eb0a921da72d9.tar.gz libmicrohttpd-8d4496944bf0ada2f2fc176e589eb0a921da72d9.zip

diff --git a/configure.ac b/configure.ac index 32f038bc..05591770 100644 --- a/configure.ac +++ b/configure.ac
@@ -4034,6 +4034,104 @@ AS_IF([[test "x$enable_dauth" != "xno"]],
4034	AM_CONDITIONAL([ENABLE_DAUTH], [test "x$enable_dauth" != "xno"])	4034	AM_CONDITIONAL([ENABLE_DAUTH], [test "x$enable_dauth" != "xno"])
4035	AC_MSG_RESULT([[$enable_dauth]])	4035	AC_MSG_RESULT([[$enable_dauth]])
4036		4036
		4037	AS_VAR_IF([enable_dauth], ["yes"],
		4038	[
		4039	AC_MSG_CHECKING([[for Digest Authentication default nonce timeout value]])
		4040	AC_ARG_ENABLE([dauth-def-timeout],
		4041	[AS_HELP_STRING([--enable-dauth-def-timeout=NNN],
		4042	[set default Digest Auth nonce validity time to NNN seconds])],
		4043	[enable_dauth_def_timeout="${enableval}"],
		4044	[enable_dauth_def_timeout=""]
		4045	)
		4046	AS_VAR_IF([enable_dauth_def_timeout], ["no"],
		4047	[
		4048	AC_MSG_WARN([Default Diget Auth nonce validity time cannot be disabled, --disable-dauth-def-timeout parameter is ignored])
		4049	enable_dauth_def_timeout=""
		4050	]
		4051	)
		4052	AS_IF([test -z "${enable_dauth_def_timeout}"],
		4053	[
		4054	enable_dauth_def_timeout="90"
		4055	enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds (default)"
		4056	],
		4057	[
		4058	AS_IF([[test "x${enable_dauth_def_timeout}" = "x`echo ${enable_dauth_def_timeout}\|${SED-sed} 's/[^0-9]//g'`" && \
		4059	test "${enable_dauth_def_timeout}" -ge "0" 2>/dev/null ]],[:],
		4060	[AC_MSG_ERROR([Invalid parameter --enable-dauth-def-timeout=${enable_dauth_def_timeout}. Timeout value must be a positive integer.])
		4061	]
		4062	)
		4063	AC_COMPILE_IFELSE(
		4064	[
		4065	AC_LANG_PROGRAM([],
		4066	[[
		4067	static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_timeout} != ((unsigned int)${enable_dauth_def_timeout}))];
		4068	(void) arr;
		4069	]]
		4070	)
		4071	],
		4072	[],
		4073	[AC_MSG_ERROR([The value specified by --enable-dauth-def-timeout=${enable_dauth_def_timeout} is too large.])]
		4074	)
		4075	enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds (set by parameter)"
		4076	]
		4077	)
		4078	AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_TIMEOUT_],[${enable_dauth_def_timeout}],
		4079	[The default HTTP Digest Auth default nonce timeout value (in seconds)])
		4080	AC_MSG_RESULT([[${enable_dauth_def_timeout_MSG}]])
		4081
		4082	AC_MSG_CHECKING([[for Digest Authentication default maximum nc value]])
		4083	AC_ARG_ENABLE([dauth-def-max-nc],
		4084	[AS_HELP_STRING([--enable-dauth-def-max-nc=NNN],
		4085	[set default Digest Auth maximum nc (nonce count) value to NNN])],
		4086	[enable_dauth_def_max_nc="${enableval}"],
		4087	[enable_dauth_def_max_nc=""]
		4088	)
		4089	AS_VAR_IF([enable_dauth_def_max_nc], ["no"],
		4090	[
		4091	AC_MSG_WARN([Default Diget Auth maximum nc cannot be disabled, --disable-dauth-def-max-nc parameter is ignored])
		4092	enable_dauth_def_max_nc=""
		4093	]
		4094	)
		4095	AS_IF([test -z "${enable_dauth_def_max_nc}"],
		4096	[
		4097	enable_dauth_def_max_nc="1000"
		4098	enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (default)"
		4099	],
		4100	[
		4101	AS_IF([[test "x${enable_dauth_def_max_nc}" = "x`echo ${enable_dauth_def_max_nc}\|${SED-sed} 's/[^0-9]//g'`" && \
		4102	test "${enable_dauth_def_max_nc}" -ge "0" 2>/dev/null ]],[:],
		4103	[AC_MSG_ERROR([Invalid parameter --enable-dauth-def-max-nc=${enable_dauth_def_max_nc}. The value must be a positive integer.])
		4104	]
		4105	)
		4106	AC_COMPILE_IFELSE(
		4107	[
		4108	AC_LANG_PROGRAM(
		4109	[[
		4110	#include <stdint.h>
		4111	]],
		4112	[[
		4113	static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_max_nc} != ((uint32_t)${enable_dauth_def_max_nc}))];
		4114	(void) arr;
		4115	]]
		4116	)
		4117	],
		4118	[],
		4119	[AC_MSG_ERROR([The value specified by --enable-dauth-def-max-nc=${enable_dauth_def_max_nc} is too large.])]
		4120	)
		4121	enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (set by parameter)"
		4122	]
		4123	)
		4124	AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_MAX_NC_],[${enable_dauth_def_max_nc}],
		4125	[The default HTTP Digest Auth default maximum nc (nonce count) value])
		4126	AC_MSG_RESULT([[${enable_dauth_def_max_nc_MSG}]])
		4127
		4128	dauth_defs_MSG="timeout: ${enable_dauth_def_timeout_MSG}, max nc: ${enable_dauth_def_max_nc_MSG}"
		4129	],
		4130	[
		4131	dauth_defs_MSG="N/A"
		4132	]
		4133	)
		4134
4037	AM_CONDITIONAL([HAVE_ANYAUTH],[test "x$enable_bauth" != "xno" \|\| test "x$enable_dauth" != "xno"])	4135	AM_CONDITIONAL([HAVE_ANYAUTH],[test "x$enable_bauth" != "xno" \|\| test "x$enable_dauth" != "xno"])
4038		4136
4039	# optional: HTTP "Upgrade" support. Enabled by default	4137	# optional: HTTP "Upgrade" support. Enabled by default
@@ -5964,6 +6062,7 @@ AC_MSG_NOTICE([GNU libmicrohttpd ${PACKAGE_VERSION} Configuration Summary:
5964	HTTP "Upgrade": ${enable_httpupgrade}	6062	HTTP "Upgrade": ${enable_httpupgrade}
5965	Basic auth.: ${enable_bauth}	6063	Basic auth.: ${enable_bauth}
5966	Digest auth.: ${enable_dauth}	6064	Digest auth.: ${enable_dauth}
		6065	Digest auth. defaults: ${dauth_defs_MSG}
5967	MD5: ${enable_md5_MSG}	6066	MD5: ${enable_md5_MSG}
5968	SHA-256: ${enable_sha256_MSG}	6067	SHA-256: ${enable_sha256_MSG}
5969	SHA-512/256: ${enable_sha512_256_MSG}	6068	SHA-512/256: ${enable_sha512_256_MSG}


diff --git a/src/include/mhd_options.h b/src/include/mhd_options.h index f5334e1d..39316a28 100644 --- a/src/include/mhd_options.h +++ b/src/include/mhd_options.h
@@ -278,4 +278,11 @@
278	# endif /* 0 != HAVE_DECL_CPU_SETSIZE */	278	# endif /* 0 != HAVE_DECL_CPU_SETSIZE */
279	#endif /* HAVE_DECL_CPU_SETSIZE */	279	#endif /* HAVE_DECL_CPU_SETSIZE */
280		280
		281	#ifndef MHD_DAUTH_DEF_TIMEOUT_
		282	# define MHD_DAUTH_DEF_TIMEOUT_ 90
		283	#endif /* ! MHD_DAUTH_DEF_TIMEOUT_ */
		284	#ifndef MHD_DAUTH_DEF_MAX_NC_
		285	# define MHD_DAUTH_DEF_MAX_NC_ 1000
		286	#endif /* ! MHD_DAUTH_DEF_MAX_NC_ */
		287
281	#endif /* MHD_OPTIONS_H */	288	#endif /* MHD_OPTIONS_H */


diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c index f4fd8166..8345c793 100644 --- a/src/microhttpd/daemon.c +++ b/src/microhttpd/daemon.c
@@ -7808,8 +7808,8 @@ MHD_start_daemon_va (unsigned int flags,
7808	daemon->digest_auth_rand_size = 0;	7808	daemon->digest_auth_rand_size = 0;
7809	daemon->digest_auth_random = NULL;	7809	daemon->digest_auth_random = NULL;
7810	daemon->nonce_nc_size = 4; /* tiny */	7810	daemon->nonce_nc_size = 4; /* tiny */
7811	daemon->dauth_def_nonce_timeout = 90;	7811	daemon->dauth_def_nonce_timeout = MHD_DAUTH_DEF_TIMEOUT_;
7812	daemon->dauth_def_max_nc = 1000;	7812	daemon->dauth_def_max_nc = MHD_DAUTH_DEF_MAX_NC_;
7813	#endif	7813	#endif
7814	#ifdef HTTPS_SUPPORT	7814	#ifdef HTTPS_SUPPORT
7815	if (0 != (*pflags & MHD_USE_TLS))	7815	if (0 != (*pflags & MHD_USE_TLS))