diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 15:34:25 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 16:08:17 +0300 |
commit | 628a28d6072acdfccf6237eca6743ac0caf7e921 (patch) | |
tree | 6a2e1fb7bf049f17f0b4e66d2e95a646aaef5b55 /src/microhttpd/digestauth.c | |
parent | 303cc226ec19d26f8fdfe4eb41e75d4a0a4c7131 (diff) | |
download | libmicrohttpd-628a28d6072acdfccf6237eca6743ac0caf7e921.tar.gz libmicrohttpd-628a28d6072acdfccf6237eca6743ac0caf7e921.zip |
check_nonce_nc(): simplified
If 'nc' is not valid, then 'nonce' is always stale as 'nonce' validity
has been checked already.
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 39 |
1 files changed, 13 insertions, 26 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index ff13cf09..81e50785 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -578,7 +578,7 @@ add_nonce (struct MHD_Connection *connection, | |||
578 | * @param nc The nonce counter, zero to add the nonce to the array | 578 | * @param nc The nonce counter, zero to add the nonce to the array |
579 | * @return #MHD_YES if successful, #MHD_NO if invalid (or we have no NC array) | 579 | * @return #MHD_YES if successful, #MHD_NO if invalid (or we have no NC array) |
580 | */ | 580 | */ |
581 | static enum MHD_Result | 581 | static bool |
582 | check_nonce_nc (struct MHD_Connection *connection, | 582 | check_nonce_nc (struct MHD_Connection *connection, |
583 | const char *nonce, | 583 | const char *nonce, |
584 | size_t noncelen, | 584 | size_t noncelen, |
@@ -588,20 +588,18 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
588 | struct MHD_NonceNc *nn; | 588 | struct MHD_NonceNc *nn; |
589 | uint32_t off; | 589 | uint32_t off; |
590 | uint32_t mod; | 590 | uint32_t mod; |
591 | enum MHD_Result ret; | 591 | bool ret; |
592 | bool stale; | ||
593 | 592 | ||
594 | stale = false; | ||
595 | mhd_assert (noncelen != strlen (nonce)); | 593 | mhd_assert (noncelen != strlen (nonce)); |
596 | mhd_assert (0 != nc); | 594 | mhd_assert (0 != nc); |
597 | if (MAX_NONCE_LENGTH < noncelen) | 595 | if (MAX_NONCE_LENGTH < noncelen) |
598 | return MHD_NO; /* This should be impossible, but static analysis | 596 | return false; /* This should be impossible, but static analysis |
599 | tools have a hard time with it *and* this also | 597 | tools have a hard time with it *and* this also |
600 | protects against unsafe modifications that may | 598 | protects against unsafe modifications that may |
601 | happen in the future... */ | 599 | happen in the future... */ |
602 | mod = daemon->nonce_nc_size; | 600 | mod = daemon->nonce_nc_size; |
603 | if (0 == mod) | 601 | if (0 == mod) |
604 | return MHD_NO; /* no array! */ | 602 | return false; /* no array! */ |
605 | /* HT lookup in nonce array */ | 603 | /* HT lookup in nonce array */ |
606 | off = fast_simple_hash ((const uint8_t *) nonce, noncelen) % mod; | 604 | off = fast_simple_hash ((const uint8_t *) nonce, noncelen) % mod; |
607 | /* | 605 | /* |
@@ -615,11 +613,7 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
615 | 613 | ||
616 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || | 614 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || |
617 | (0 != nn->nonce[noncelen]) ) | 615 | (0 != nn->nonce[noncelen]) ) |
618 | { | 616 | ret = false; /* Nonce does not match, fail */ |
619 | /* Nonce does not match, fail */ | ||
620 | stale = true; | ||
621 | ret = MHD_NO; | ||
622 | } | ||
623 | /* Note that we use 64 here, as we do not store the | 617 | /* Note that we use 64 here, as we do not store the |
624 | bit for 'nn->nc' itself in 'nn->nmask' */ | 618 | bit for 'nn->nc' itself in 'nn->nmask' */ |
625 | else if ( (nc < nn->nc) && | 619 | else if ( (nc < nn->nc) && |
@@ -629,14 +623,10 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
629 | { | 623 | { |
630 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | 624 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ |
631 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); | 625 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); |
632 | ret = MHD_YES; | 626 | ret = true; |
633 | } | 627 | } |
634 | else if (nc <= nn->nc) | 628 | else if (nc <= nn->nc) |
635 | { | 629 | ret = false; /* Nonce does not match, fail */ |
636 | /* Nonce does not match, fail */ | ||
637 | stale = true; | ||
638 | ret = MHD_NO; | ||
639 | } | ||
640 | else | 630 | else |
641 | { | 631 | { |
642 | /* Nonce is larger, shift bitmask and bump limit */ | 632 | /* Nonce is larger, shift bitmask and bump limit */ |
@@ -645,16 +635,14 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
645 | else | 635 | else |
646 | nn->nmask = 0; /* big jump, unset all bits in the mask */ | 636 | nn->nmask = 0; /* big jump, unset all bits in the mask */ |
647 | nn->nc = nc; | 637 | nn->nc = nc; |
648 | ret = MHD_YES; | 638 | ret = true; |
649 | } | 639 | } |
650 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 640 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); |
651 | #ifdef HAVE_MESSAGES | 641 | #ifdef HAVE_MESSAGES |
652 | if (stale) | 642 | if (! ret) |
653 | MHD_DLOG (daemon, | 643 | MHD_DLOG (daemon, |
654 | _ ("Stale nonce received. If this happens a lot, you should " | 644 | _ ("Stale nonce received. If this happens a lot, you should " |
655 | "probably increase the size of the nonce array.\n")); | 645 | "probably increase the size of the nonce array.\n")); |
656 | #else | ||
657 | (void) stale; /* Mute compiler warning */ | ||
658 | #endif | 646 | #endif |
659 | return ret; | 647 | return ret; |
660 | } | 648 | } |
@@ -1081,11 +1069,10 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1081 | * and not a replay attack attempt. Refuse if nonce was not | 1069 | * and not a replay attack attempt. Refuse if nonce was not |
1082 | * generated previously. | 1070 | * generated previously. |
1083 | */ | 1071 | */ |
1084 | if (MHD_NO == | 1072 | if (! check_nonce_nc (connection, |
1085 | check_nonce_nc (connection, | 1073 | nonce, |
1086 | nonce, | 1074 | nonce_len, |
1087 | nonce_len, | 1075 | nci)) |
1088 | nci)) | ||
1089 | { | 1076 | { |
1090 | return MHD_NO; | 1077 | return MHD_NO; |
1091 | } | 1078 | } |