diff options
| author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-01-18 20:44:35 +0300 |
|---|---|---|
| committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-01-18 20:44:35 +0300 |
| commit | f8c9870a30cf37be9a362fde5fd85c982ba8b0c8 (patch) | |
| tree | a35fdb15d71c3b640c50a6144eade328992642a4 | |
| parent | caf7bcd334daf24fe366a29e26fc51df3c653da5 (diff) | |
| download | libmicrohttpd-f8c9870a30cf37be9a362fde5fd85c982ba8b0c8.tar.gz libmicrohttpd-f8c9870a30cf37be9a362fde5fd85c982ba8b0c8.zip | |
check_nonce_nc(): reworked mutex handling
| -rw-r--r-- | src/microhttpd/digestauth.c | 66 |
1 files changed, 32 insertions, 34 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 0d7a62e6..59f999f4 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
| @@ -524,7 +524,10 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 524 | uint32_t mod; | 524 | uint32_t mod; |
| 525 | const char *np; | 525 | const char *np; |
| 526 | size_t noncelen; | 526 | size_t noncelen; |
| 527 | enum MHD_Result ret; | ||
| 528 | bool stale; | ||
| 527 | 529 | ||
| 530 | stale = false; | ||
| 528 | noncelen = strlen (nonce) + 1; | 531 | noncelen = strlen (nonce) + 1; |
| 529 | if (MAX_NONCE_LENGTH < noncelen) | 532 | if (MAX_NONCE_LENGTH < noncelen) |
| 530 | return MHD_NO; /* This should be impossible, but static analysis | 533 | return MHD_NO; /* This should be impossible, but static analysis |
| @@ -549,9 +552,8 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 549 | * then only increase the nonce counter by one. | 552 | * then only increase the nonce counter by one. |
| 550 | */ | 553 | */ |
| 551 | nn = &daemon->nnc[off]; | 554 | nn = &daemon->nnc[off]; |
| 552 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 555 | |
| 553 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); | 556 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); |
| 554 | #endif | ||
| 555 | if (0 == nc) | 557 | if (0 == nc) |
| 556 | { | 558 | { |
| 557 | /* Fresh nonce, reinitialize array */ | 559 | /* Fresh nonce, reinitialize array */ |
| @@ -560,51 +562,47 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 560 | noncelen); | 562 | noncelen); |
| 561 | nn->nc = 0; | 563 | nn->nc = 0; |
| 562 | nn->nmask = 0; | 564 | nn->nmask = 0; |
| 563 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 565 | ret = MHD_YES; |
| 564 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | ||
| 565 | #endif | ||
| 566 | return MHD_YES; | ||
| 567 | } | 566 | } |
| 568 | /* Note that we use 64 here, as we do not store the | 567 | /* Note that we use 64 here, as we do not store the |
| 569 | bit for 'nn->nc' itself in 'nn->nmask' */ | 568 | bit for 'nn->nc' itself in 'nn->nmask' */ |
| 570 | if ( (nc < nn->nc) && | 569 | else if ( (nc < nn->nc) && |
| 571 | (nc + 64 > nc /* checking for overflow */) && | 570 | (nc + 64 > nc /* checking for overflow */) && |
| 572 | (nc + 64 >= nn->nc) && | 571 | (nc + 64 >= nn->nc) && |
| 573 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) | 572 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) |
| 574 | { | 573 | { |
| 575 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | 574 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ |
| 576 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); | 575 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); |
| 577 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 576 | ret = MHD_YES; |
| 578 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | ||
| 579 | #endif | ||
| 580 | return MHD_YES; | ||
| 581 | } | 577 | } |
| 582 | 578 | else if ( (nc <= nn->nc) || | |
| 583 | if ( (nc <= nn->nc) || | 579 | (0 != strcmp (nn->nonce, |
| 584 | (0 != strcmp (nn->nonce, | 580 | nonce)) ) |
| 585 | nonce)) ) | ||
| 586 | { | 581 | { |
| 587 | /* Nonce does not match, fail */ | 582 | /* Nonce does not match, fail */ |
| 588 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 583 | stale = true; |
| 589 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 584 | ret = MHD_NO; |
| 590 | #endif | ||
| 591 | #ifdef HAVE_MESSAGES | ||
| 592 | MHD_DLOG (daemon, | ||
| 593 | _ ( | ||
| 594 | "Stale nonce received. If this happens a lot, you should probably increase the size of the nonce array.\n")); | ||
| 595 | #endif | ||
| 596 | return MHD_NO; | ||
| 597 | } | 585 | } |
| 598 | /* Nonce is larger, shift bitmask and bump limit */ | ||
| 599 | if (64 > nc - nn->nc) | ||
| 600 | nn->nmask <<= (nc - nn->nc); /* small jump, less than mask width */ | ||
| 601 | else | 586 | else |
| 602 | nn->nmask = 0; /* big jump, unset all bits in the mask */ | 587 | { |
| 603 | nn->nc = nc; | 588 | /* Nonce is larger, shift bitmask and bump limit */ |
| 604 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 589 | if (64 > nc - nn->nc) |
| 590 | nn->nmask <<= (nc - nn->nc); /* small jump, less than mask width */ | ||
| 591 | else | ||
| 592 | nn->nmask = 0; /* big jump, unset all bits in the mask */ | ||
| 593 | nn->nc = nc; | ||
| 594 | ret = MHD_YES; | ||
| 595 | } | ||
| 605 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 596 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); |
| 597 | #ifdef HAVE_MESSAGES | ||
| 598 | if (stale) | ||
| 599 | MHD_DLOG (daemon, | ||
| 600 | _ ("Stale nonce received. If this happens a lot, you should " | ||
| 601 | "probably increase the size of the nonce array.\n")); | ||
| 602 | #else | ||
| 603 | (void) stale; /* Mute compiler warning */ | ||
| 606 | #endif | 604 | #endif |
| 607 | return MHD_YES; | 605 | return ret; |
| 608 | } | 606 | } |
| 609 | 607 | ||
| 610 | 608 | ||