diff options
| author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 17:07:43 +0300 |
|---|---|---|
| committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 17:07:43 +0300 |
| commit | 76b68f654f0984dfca834a9c8310af13885c6ce8 (patch) | |
| tree | 91fb43e7f0782be40e129da545df5e6649fc9c86 /src/microhttpd/digestauth.c | |
| parent | c0bb909f0a54c7cb41e0e9e0fb936ed8fa79fdc5 (diff) | |
| download | libmicrohttpd-76b68f654f0984dfca834a9c8310af13885c6ce8.tar.gz libmicrohttpd-76b68f654f0984dfca834a9c8310af13885c6ce8.zip | |
check_nonce_nc(): sorted checks according to probability
The code should be more readable and it should give very minor
performance improvement.
Diffstat (limited to 'src/microhttpd/digestauth.c')
| -rw-r--r-- | src/microhttpd/digestauth.c | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 2bfbf95e..78db203e 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
| @@ -617,24 +617,7 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 617 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || | 617 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || |
| 618 | (0 != nn->nonce[noncelen]) ) | 618 | (0 != nn->nonce[noncelen]) ) |
| 619 | ret = false; /* Nonce does not match, fail */ | 619 | ret = false; /* Nonce does not match, fail */ |
| 620 | else if (nc == nn->nc) | 620 | else if (nc > nn->nc) |
| 621 | ret = false; /* 'nc' was already used */ | ||
| 622 | else if (nc < nn->nc) | ||
| 623 | { | ||
| 624 | /* Note that we use 64 here, as we do not store the | ||
| 625 | bit for 'nn->nc' itself in 'nn->nmask' */ | ||
| 626 | if ( (nc + 64 >= nn->nc) && | ||
| 627 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) | ||
| 628 | { | ||
| 629 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | ||
| 630 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); | ||
| 631 | ret = true; | ||
| 632 | } | ||
| 633 | else | ||
| 634 | /* 'nc' was already used or too old (more then 64 values ago) */ | ||
| 635 | ret = false; | ||
| 636 | } | ||
| 637 | else | ||
| 638 | { | 621 | { |
| 639 | /* 'nc' is larger, shift bitmask and bump limit */ | 622 | /* 'nc' is larger, shift bitmask and bump limit */ |
| 640 | const uint64_t jump_size = nc - nn->nc; | 623 | const uint64_t jump_size = nc - nn->nc; |
| @@ -652,6 +635,25 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 652 | nn->nc = nc; | 635 | nn->nc = nc; |
| 653 | ret = true; | 636 | ret = true; |
| 654 | } | 637 | } |
| 638 | else if (nc < nn->nc) | ||
| 639 | { | ||
| 640 | /* Note that we use 64 here, as we do not store the | ||
| 641 | bit for 'nn->nc' itself in 'nn->nmask' */ | ||
| 642 | if ( (nc + 64 >= nn->nc) && | ||
| 643 | (0 == ((UINT64_C (1) << (nn->nc - nc - 1)) & nn->nmask)) ) | ||
| 644 | { | ||
| 645 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | ||
| 646 | nn->nmask |= (UINT64_C (1) << (nn->nc - nc - 1)); | ||
| 647 | ret = true; | ||
| 648 | } | ||
| 649 | else | ||
| 650 | /* 'nc' was already used or too old (more then 64 values ago) */ | ||
| 651 | ret = false; | ||
| 652 | } | ||
| 653 | else /* if (nc == nn->nc) */ | ||
| 654 | /* 'nc' was already used */ | ||
| 655 | ret = false; | ||
| 656 | |||
| 655 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 657 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); |
| 656 | #ifdef HAVE_MESSAGES | 658 | #ifdef HAVE_MESSAGES |
| 657 | if (! ret) | 659 | if (! ret) |