diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-01-18 20:44:35 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-01-18 20:44:35 +0300 |
commit | f8c9870a30cf37be9a362fde5fd85c982ba8b0c8 (patch) | |
tree | a35fdb15d71c3b640c50a6144eade328992642a4 | |
parent | caf7bcd334daf24fe366a29e26fc51df3c653da5 (diff) | |
download | libmicrohttpd-f8c9870a30cf37be9a362fde5fd85c982ba8b0c8.tar.gz libmicrohttpd-f8c9870a30cf37be9a362fde5fd85c982ba8b0c8.zip |
check_nonce_nc(): reworked mutex handling
-rw-r--r-- | src/microhttpd/digestauth.c | 66 |
1 files changed, 32 insertions, 34 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 0d7a62e6..59f999f4 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -524,7 +524,10 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
524 | uint32_t mod; | 524 | uint32_t mod; |
525 | const char *np; | 525 | const char *np; |
526 | size_t noncelen; | 526 | size_t noncelen; |
527 | enum MHD_Result ret; | ||
528 | bool stale; | ||
527 | 529 | ||
530 | stale = false; | ||
528 | noncelen = strlen (nonce) + 1; | 531 | noncelen = strlen (nonce) + 1; |
529 | if (MAX_NONCE_LENGTH < noncelen) | 532 | if (MAX_NONCE_LENGTH < noncelen) |
530 | return MHD_NO; /* This should be impossible, but static analysis | 533 | return MHD_NO; /* This should be impossible, but static analysis |
@@ -549,9 +552,8 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
549 | * then only increase the nonce counter by one. | 552 | * then only increase the nonce counter by one. |
550 | */ | 553 | */ |
551 | nn = &daemon->nnc[off]; | 554 | nn = &daemon->nnc[off]; |
552 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 555 | |
553 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); | 556 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); |
554 | #endif | ||
555 | if (0 == nc) | 557 | if (0 == nc) |
556 | { | 558 | { |
557 | /* Fresh nonce, reinitialize array */ | 559 | /* Fresh nonce, reinitialize array */ |
@@ -560,51 +562,47 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
560 | noncelen); | 562 | noncelen); |
561 | nn->nc = 0; | 563 | nn->nc = 0; |
562 | nn->nmask = 0; | 564 | nn->nmask = 0; |
563 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 565 | ret = MHD_YES; |
564 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | ||
565 | #endif | ||
566 | return MHD_YES; | ||
567 | } | 566 | } |
568 | /* Note that we use 64 here, as we do not store the | 567 | /* Note that we use 64 here, as we do not store the |
569 | bit for 'nn->nc' itself in 'nn->nmask' */ | 568 | bit for 'nn->nc' itself in 'nn->nmask' */ |
570 | if ( (nc < nn->nc) && | 569 | else if ( (nc < nn->nc) && |
571 | (nc + 64 > nc /* checking for overflow */) && | 570 | (nc + 64 > nc /* checking for overflow */) && |
572 | (nc + 64 >= nn->nc) && | 571 | (nc + 64 >= nn->nc) && |
573 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) | 572 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) |
574 | { | 573 | { |
575 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | 574 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ |
576 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); | 575 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); |
577 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 576 | ret = MHD_YES; |
578 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | ||
579 | #endif | ||
580 | return MHD_YES; | ||
581 | } | 577 | } |
582 | 578 | else if ( (nc <= nn->nc) || | |
583 | if ( (nc <= nn->nc) || | 579 | (0 != strcmp (nn->nonce, |
584 | (0 != strcmp (nn->nonce, | 580 | nonce)) ) |
585 | nonce)) ) | ||
586 | { | 581 | { |
587 | /* Nonce does not match, fail */ | 582 | /* Nonce does not match, fail */ |
588 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 583 | stale = true; |
589 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 584 | ret = MHD_NO; |
590 | #endif | ||
591 | #ifdef HAVE_MESSAGES | ||
592 | MHD_DLOG (daemon, | ||
593 | _ ( | ||
594 | "Stale nonce received. If this happens a lot, you should probably increase the size of the nonce array.\n")); | ||
595 | #endif | ||
596 | return MHD_NO; | ||
597 | } | 585 | } |
598 | /* Nonce is larger, shift bitmask and bump limit */ | ||
599 | if (64 > nc - nn->nc) | ||
600 | nn->nmask <<= (nc - nn->nc); /* small jump, less than mask width */ | ||
601 | else | 586 | else |
602 | nn->nmask = 0; /* big jump, unset all bits in the mask */ | 587 | { |
603 | nn->nc = nc; | 588 | /* Nonce is larger, shift bitmask and bump limit */ |
604 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 589 | if (64 > nc - nn->nc) |
590 | nn->nmask <<= (nc - nn->nc); /* small jump, less than mask width */ | ||
591 | else | ||
592 | nn->nmask = 0; /* big jump, unset all bits in the mask */ | ||
593 | nn->nc = nc; | ||
594 | ret = MHD_YES; | ||
595 | } | ||
605 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 596 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); |
597 | #ifdef HAVE_MESSAGES | ||
598 | if (stale) | ||
599 | MHD_DLOG (daemon, | ||
600 | _ ("Stale nonce received. If this happens a lot, you should " | ||
601 | "probably increase the size of the nonce array.\n")); | ||
602 | #else | ||
603 | (void) stale; /* Mute compiler warning */ | ||
606 | #endif | 604 | #endif |
607 | return MHD_YES; | 605 | return ret; |
608 | } | 606 | } |
609 | 607 | ||
610 | 608 | ||