diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2021-04-01 19:57:22 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2021-04-01 21:33:44 +0300 |
commit | a25f48dafcd54d7e901c2e303b62ab618a6708c6 (patch) | |
tree | ba0e210d9f34037e3473e1a50795a298f96bd8cc | |
parent | bf25ee3a3220596b83b6530b06d4106f2f0bfda1 (diff) | |
download | libmicrohttpd-a25f48dafcd54d7e901c2e303b62ab618a6708c6.tar.gz libmicrohttpd-a25f48dafcd54d7e901c2e303b62ab618a6708c6.zip |
digestauth: do not use size of buffer as size of digest
Without variable size arrays, size of the buffer is constant and doesn't
match size of the digest.
This fixes MD5 digest support currently broken on compilers without
variable size array support (Visual C).
-rw-r--r-- | src/microhttpd/digestauth.c | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 5fc9c588..3b6d94f7 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -216,14 +216,15 @@ digest_calc_ha1_from_digest (const char *alg, | |||
216 | const char *nonce, | 216 | const char *nonce, |
217 | const char *cnonce) | 217 | const char *cnonce) |
218 | { | 218 | { |
219 | const unsigned int digest_size = da->digest_size; | ||
219 | if ( (MHD_str_equal_caseless_ (alg, | 220 | if ( (MHD_str_equal_caseless_ (alg, |
220 | "md5-sess")) || | 221 | "md5-sess")) || |
221 | (MHD_str_equal_caseless_ (alg, | 222 | (MHD_str_equal_caseless_ (alg, |
222 | "sha-256-sess")) ) | 223 | "sha-256-sess")) ) |
223 | { | 224 | { |
224 | uint8_t dig[VLA_ARRAY_LEN_DIGEST (da->digest_size)]; | 225 | uint8_t dig[VLA_ARRAY_LEN_DIGEST (digest_size)]; |
225 | 226 | ||
226 | VLA_CHECK_LEN_DIGEST (da->digest_size); | 227 | VLA_CHECK_LEN_DIGEST (digest_size); |
227 | da->init (da->ctx); | 228 | da->init (da->ctx); |
228 | da->update (da->ctx, | 229 | da->update (da->ctx, |
229 | digest, | 230 | digest, |
@@ -243,13 +244,13 @@ digest_calc_ha1_from_digest (const char *alg, | |||
243 | da->digest (da->ctx, | 244 | da->digest (da->ctx, |
244 | dig); | 245 | dig); |
245 | cvthex (dig, | 246 | cvthex (dig, |
246 | sizeof (dig), | 247 | digest_size, |
247 | da->sessionkey); | 248 | da->sessionkey); |
248 | } | 249 | } |
249 | else | 250 | else |
250 | { | 251 | { |
251 | cvthex (digest, | 252 | cvthex (digest, |
252 | da->digest_size, | 253 | digest_size, |
253 | da->sessionkey); | 254 | da->sessionkey); |
254 | } | 255 | } |
255 | } | 256 | } |
@@ -334,11 +335,12 @@ digest_calc_response (const char *ha1, | |||
334 | const char *hentity, | 335 | const char *hentity, |
335 | struct DigestAlgorithm *da) | 336 | struct DigestAlgorithm *da) |
336 | { | 337 | { |
337 | unsigned char ha2[VLA_ARRAY_LEN_DIGEST (da->digest_size)]; | 338 | const unsigned int digest_size = da->digest_size; |
338 | unsigned char resphash[VLA_ARRAY_LEN_DIGEST (da->digest_size)]; | 339 | unsigned char ha2[VLA_ARRAY_LEN_DIGEST (digest_size)]; |
340 | unsigned char resphash[VLA_ARRAY_LEN_DIGEST (digest_size)]; | ||
339 | (void) hentity; /* Unused. Silence compiler warning. */ | 341 | (void) hentity; /* Unused. Silence compiler warning. */ |
340 | 342 | ||
341 | VLA_CHECK_LEN_DIGEST (da->digest_size); | 343 | VLA_CHECK_LEN_DIGEST (digest_size); |
342 | da->init (da->ctx); | 344 | da->init (da->ctx); |
343 | da->update (da->ctx, | 345 | da->update (da->ctx, |
344 | (const unsigned char *) method, | 346 | (const unsigned char *) method, |
@@ -367,13 +369,13 @@ digest_calc_response (const char *ha1, | |||
367 | da->digest (da->ctx, | 369 | da->digest (da->ctx, |
368 | ha2); | 370 | ha2); |
369 | cvthex (ha2, | 371 | cvthex (ha2, |
370 | da->digest_size, | 372 | digest_size, |
371 | da->sessionkey); | 373 | da->sessionkey); |
372 | da->init (da->ctx); | 374 | da->init (da->ctx); |
373 | /* calculate response */ | 375 | /* calculate response */ |
374 | da->update (da->ctx, | 376 | da->update (da->ctx, |
375 | (const unsigned char *) ha1, | 377 | (const unsigned char *) ha1, |
376 | da->digest_size * 2); | 378 | digest_size * 2); |
377 | da->update (da->ctx, | 379 | da->update (da->ctx, |
378 | (const unsigned char *) ":", | 380 | (const unsigned char *) ":", |
379 | 1); | 381 | 1); |
@@ -406,11 +408,11 @@ digest_calc_response (const char *ha1, | |||
406 | } | 408 | } |
407 | da->update (da->ctx, | 409 | da->update (da->ctx, |
408 | (const unsigned char *) da->sessionkey, | 410 | (const unsigned char *) da->sessionkey, |
409 | da->digest_size * 2); | 411 | digest_size * 2); |
410 | da->digest (da->ctx, | 412 | da->digest (da->ctx, |
411 | resphash); | 413 | resphash); |
412 | cvthex (resphash, | 414 | cvthex (resphash, |
413 | sizeof(resphash), | 415 | digest_size, |
414 | da->sessionkey); | 416 | da->sessionkey); |
415 | } | 417 | } |
416 | 418 | ||
@@ -680,10 +682,11 @@ calculate_nonce (uint32_t nonce_time, | |||
680 | char *nonce) | 682 | char *nonce) |
681 | { | 683 | { |
682 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; | 684 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; |
683 | unsigned char tmpnonce[VLA_ARRAY_LEN_DIGEST (da->digest_size)]; | 685 | const unsigned int digest_size = da->digest_size; |
686 | unsigned char tmpnonce[VLA_ARRAY_LEN_DIGEST (digest_size)]; | ||
684 | char timestamphex[TIMESTAMP_BIN_SIZE * 2 + 1]; | 687 | char timestamphex[TIMESTAMP_BIN_SIZE * 2 + 1]; |
685 | 688 | ||
686 | VLA_CHECK_LEN_DIGEST (da->digest_size); | 689 | VLA_CHECK_LEN_DIGEST (digest_size); |
687 | da->init (da->ctx); | 690 | da->init (da->ctx); |
688 | timestamp[0] = (unsigned char) ((nonce_time & 0xff000000) >> 0x18); | 691 | timestamp[0] = (unsigned char) ((nonce_time & 0xff000000) >> 0x18); |
689 | timestamp[1] = (unsigned char) ((nonce_time & 0x00ff0000) >> 0x10); | 692 | timestamp[1] = (unsigned char) ((nonce_time & 0x00ff0000) >> 0x10); |
@@ -720,7 +723,7 @@ calculate_nonce (uint32_t nonce_time, | |||
720 | da->digest (da->ctx, | 723 | da->digest (da->ctx, |
721 | tmpnonce); | 724 | tmpnonce); |
722 | cvthex (tmpnonce, | 725 | cvthex (tmpnonce, |
723 | sizeof (tmpnonce), | 726 | digest_size, |
724 | nonce); | 727 | nonce); |
725 | cvthex (timestamp, | 728 | cvthex (timestamp, |
726 | sizeof (timestamp), | 729 | sizeof (timestamp), |
@@ -868,19 +871,20 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
868 | const char *header; | 871 | const char *header; |
869 | char nonce[MAX_NONCE_LENGTH]; | 872 | char nonce[MAX_NONCE_LENGTH]; |
870 | char cnonce[MAX_NONCE_LENGTH]; | 873 | char cnonce[MAX_NONCE_LENGTH]; |
871 | char ha1[VLA_ARRAY_LEN_DIGEST (da->digest_size) * 2 + 1]; | 874 | const unsigned int digest_size = da->digest_size; |
875 | char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1]; | ||
872 | char qop[15]; /* auth,auth-int */ | 876 | char qop[15]; /* auth,auth-int */ |
873 | char nc[20]; | 877 | char nc[20]; |
874 | char response[MAX_AUTH_RESPONSE_LENGTH]; | 878 | char response[MAX_AUTH_RESPONSE_LENGTH]; |
875 | const char *hentity = NULL; /* "auth-int" is not supported */ | 879 | const char *hentity = NULL; /* "auth-int" is not supported */ |
876 | char noncehashexp[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST (da->digest_size)) + 1]; | 880 | char noncehashexp[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST (digest_size)) + 1]; |
877 | uint32_t nonce_time; | 881 | uint32_t nonce_time; |
878 | uint32_t t; | 882 | uint32_t t; |
879 | size_t left; /* number of characters left in 'header' for 'uri' */ | 883 | size_t left; /* number of characters left in 'header' for 'uri' */ |
880 | uint64_t nci; | 884 | uint64_t nci; |
881 | char *qmark; | 885 | char *qmark; |
882 | 886 | ||
883 | VLA_CHECK_LEN_DIGEST (da->digest_size); | 887 | VLA_CHECK_LEN_DIGEST (digest_size); |
884 | if (MHD_NO == MHD_lookup_connection_value_n (connection, | 888 | if (MHD_NO == MHD_lookup_connection_value_n (connection, |
885 | MHD_HEADER_KIND, | 889 | MHD_HEADER_KIND, |
886 | MHD_HTTP_HEADER_AUTHORIZATION, | 890 | MHD_HTTP_HEADER_AUTHORIZATION, |
@@ -1081,7 +1085,7 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1081 | } | 1085 | } |
1082 | memcpy (ha1, | 1086 | memcpy (ha1, |
1083 | da->sessionkey, | 1087 | da->sessionkey, |
1084 | sizeof (ha1)); | 1088 | digest_size * 2 + 1); |
1085 | /* This will initialize da->sessionkey (respexp) */ | 1089 | /* This will initialize da->sessionkey (respexp) */ |
1086 | digest_calc_response (ha1, | 1090 | digest_calc_response (ha1, |
1087 | nonce, | 1091 | nonce, |