diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 17:07:43 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-05-01 17:07:43 +0300 |
commit | 76b68f654f0984dfca834a9c8310af13885c6ce8 (patch) | |
tree | 91fb43e7f0782be40e129da545df5e6649fc9c86 /src/microhttpd/digestauth.c | |
parent | c0bb909f0a54c7cb41e0e9e0fb936ed8fa79fdc5 (diff) | |
download | libmicrohttpd-76b68f654f0984dfca834a9c8310af13885c6ce8.tar.gz libmicrohttpd-76b68f654f0984dfca834a9c8310af13885c6ce8.zip |
check_nonce_nc(): sorted checks according to probability
The code should be more readable and it should give very minor
performance improvement.
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 38 |
1 files changed, 20 insertions, 18 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 2bfbf95e..78db203e 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -617,24 +617,7 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
617 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || | 617 | if ( (0 != memcmp (nn->nonce, nonce, noncelen)) || |
618 | (0 != nn->nonce[noncelen]) ) | 618 | (0 != nn->nonce[noncelen]) ) |
619 | ret = false; /* Nonce does not match, fail */ | 619 | ret = false; /* Nonce does not match, fail */ |
620 | else if (nc == nn->nc) | 620 | else if (nc > nn->nc) |
621 | ret = false; /* 'nc' was already used */ | ||
622 | else if (nc < nn->nc) | ||
623 | { | ||
624 | /* Note that we use 64 here, as we do not store the | ||
625 | bit for 'nn->nc' itself in 'nn->nmask' */ | ||
626 | if ( (nc + 64 >= nn->nc) && | ||
627 | (0 == ((1LLU << (nn->nc - nc - 1)) & nn->nmask)) ) | ||
628 | { | ||
629 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | ||
630 | nn->nmask |= (1LLU << (nn->nc - nc - 1)); | ||
631 | ret = true; | ||
632 | } | ||
633 | else | ||
634 | /* 'nc' was already used or too old (more then 64 values ago) */ | ||
635 | ret = false; | ||
636 | } | ||
637 | else | ||
638 | { | 621 | { |
639 | /* 'nc' is larger, shift bitmask and bump limit */ | 622 | /* 'nc' is larger, shift bitmask and bump limit */ |
640 | const uint64_t jump_size = nc - nn->nc; | 623 | const uint64_t jump_size = nc - nn->nc; |
@@ -652,6 +635,25 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
652 | nn->nc = nc; | 635 | nn->nc = nc; |
653 | ret = true; | 636 | ret = true; |
654 | } | 637 | } |
638 | else if (nc < nn->nc) | ||
639 | { | ||
640 | /* Note that we use 64 here, as we do not store the | ||
641 | bit for 'nn->nc' itself in 'nn->nmask' */ | ||
642 | if ( (nc + 64 >= nn->nc) && | ||
643 | (0 == ((UINT64_C (1) << (nn->nc - nc - 1)) & nn->nmask)) ) | ||
644 | { | ||
645 | /* Out-of-order nonce, but within 64-bit bitmask, set bit */ | ||
646 | nn->nmask |= (UINT64_C (1) << (nn->nc - nc - 1)); | ||
647 | ret = true; | ||
648 | } | ||
649 | else | ||
650 | /* 'nc' was already used or too old (more then 64 values ago) */ | ||
651 | ret = false; | ||
652 | } | ||
653 | else /* if (nc == nn->nc) */ | ||
654 | /* 'nc' was already used */ | ||
655 | ret = false; | ||
656 | |||
655 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); | 657 | MHD_mutex_unlock_chk_ (&daemon->nnc_lock); |
656 | #ifdef HAVE_MESSAGES | 658 | #ifdef HAVE_MESSAGES |
657 | if (! ret) | 659 | if (! ret) |