digestauth: do not use "algorithm" in response header in RFC2069 mode

author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-08-14 18:11:16 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-08-15 16:21:44 +0300
commit: 477f6149478083cb37bf6a4ce8ac0d14f518b4de (patch)
tree: 1c9bfdda530cde8c9bb3c1fa9e0535ad4dd6be81 /src/microhttpd/digestauth.c
parent: 39b9f6cf6d67667aebb4d113a50796e680e83684 (diff)
download: libmicrohttpd-477f6149478083cb37bf6a4ce8ac0d14f518b4de.tar.gz
libmicrohttpd-477f6149478083cb37bf6a4ce8ac0d14f518b4de.zip
1 files changed, 30 insertions, 22 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 3efc0288..2ff3cd7f 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -2966,13 +2966,17 @@ MHD_queue_auth_required_response3 (struct MHD_Connection *connection,
    buf_size += MHD_STATICSTR_LEN_ (MHD_TOKEN_AUTH_);
  }
  /* 'algorithm="xxxx", ' */
-  buf_size += MHD_STATICSTR_LEN_ (prefix_algo) + 2; /* 2 for ', ' */
+  if (((MHD_DIGEST_AUTH_MULT_QOP_NONE) != mqop) ||
-  if (MHD_DIGEST_AUTH_ALGO3_MD5 == s_algo)
+      (0 == (((unsigned int) s_algo) & MHD_DIGEST_BASE_ALGO_MD5)))
-    buf_size += MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN);
+  {
-  else if (MHD_DIGEST_AUTH_ALGO3_SHA256 == s_algo)
+    buf_size += MHD_STATICSTR_LEN_ (prefix_algo) + 2; /* 2 for ', ' */
-    buf_size += MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN);
+    if (MHD_DIGEST_AUTH_ALGO3_MD5 == s_algo)
-  else
+      buf_size += MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN);
-    mhd_assert (0);
+    else if (MHD_DIGEST_AUTH_ALGO3_SHA256 == s_algo)
+      buf_size += MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN);
+    else
+      mhd_assert (0);
+  }
  /* 'nonce="xxxx", ' */
  buf_size += MHD_STATICSTR_LEN_ (prefix_nonce) + 3; /* 3 for '", ' */
  buf_size += NONCE_STD_LEN (digest_get_size (&da)); /* Escaping not needed */
@@ -3048,23 +3052,27 @@ MHD_queue_auth_required_response3 (struct MHD_Connection *connection,
    buf[p++] = ' ';
  }
  /* 'algorithm="xxxx", ' */
-  memcpy (buf + p, prefix_algo,
+  if (((MHD_DIGEST_AUTH_MULT_QOP_NONE) != mqop) ||
-          MHD_STATICSTR_LEN_ (prefix_algo));
+      (0 == (((unsigned int) s_algo) & MHD_DIGEST_BASE_ALGO_MD5)))
-  p += MHD_STATICSTR_LEN_ (prefix_algo);
-  if (MHD_DIGEST_AUTH_ALGO3_MD5 == s_algo)
  {
-    memcpy (buf + p, _MHD_MD5_TOKEN,
+    memcpy (buf + p, prefix_algo,
-            MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN));
+            MHD_STATICSTR_LEN_ (prefix_algo));
-    p += MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN);
+    p += MHD_STATICSTR_LEN_ (prefix_algo);
-  }
+    if (MHD_DIGEST_AUTH_ALGO3_MD5 == s_algo)
-  else if (MHD_DIGEST_AUTH_ALGO3_SHA256 == s_algo)
+    {
-  {
+      memcpy (buf + p, _MHD_MD5_TOKEN,
-    memcpy (buf + p, _MHD_SHA256_TOKEN,
+              MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN));
-            MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN));
+      p += MHD_STATICSTR_LEN_ (_MHD_MD5_TOKEN);
-    p += MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN);
+    }
+    else if (MHD_DIGEST_AUTH_ALGO3_SHA256 == s_algo)
+    {
+      memcpy (buf + p, _MHD_SHA256_TOKEN,
+              MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN));
+      p += MHD_STATICSTR_LEN_ (_MHD_SHA256_TOKEN);
+    }
+    buf[p++] = ',';
+    buf[p++] = ' ';
  }
-  buf[p++] = ',';
-  buf[p++] = ' ';
  /* 'nonce="xxxx", ' */
  memcpy (buf + p, prefix_nonce,
          MHD_STATICSTR_LEN_ (prefix_nonce));
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-08-14 18:11:16 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-08-15 16:21:44 +0300
commit	477f6149478083cb37bf6a4ce8ac0d14f518b4de (patch)
tree	1c9bfdda530cde8c9bb3c1fa9e0535ad4dd6be81 /src/microhttpd/digestauth.c
parent	39b9f6cf6d67667aebb4d113a50796e680e83684 (diff)
download	libmicrohttpd-477f6149478083cb37bf6a4ce8ac0d14f518b4de.tar.gz libmicrohttpd-477f6149478083cb37bf6a4ce8ac0d14f518b4de.zip