Fixed wrong usage of maximum client nonce size as maximum size of server nonce

This also saves some RAM for nonce-nc map array
author: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-06-07 20:23:18 +0300
committer: Evgeny Grin (Karlson2k) <k2k@narod.ru> 2022-06-07 20:23:18 +0300
commit: abe138ee3aaadea496fbdddd23d79fbe40113171 (patch)
tree: a9a416f24726560435e4f66fc0caa44222e02d7a /src/microhttpd/digestauth.c
parent: 2d551c422da896190f2278eff11955dfb439f658 (diff)
download: libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.tar.gz
libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index c3717d47..890fc129 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -751,7 +751,7 @@ check_nonce_nc (struct MHD_Connection *connection,
  mhd_assert (0 != noncelen);
  mhd_assert (strlen (nonce) == noncelen);
  mhd_assert (0 != nc);
-  if (MAX_NONCE_LENGTH < noncelen)
+  if (MAX_DIGEST_NONCE_LENGTH < noncelen)
    return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis
                      tools have a hard time with it *and* this also
                      protects against unsafe modifications that may
@@ -1010,7 +1010,7 @@ is_slot_available (const struct MHD_NonceNc *const nn,
  uint64_t timestamp;
  bool timestamp_valid;
  mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST));
-  mhd_assert (NONCE_STD_LEN (MAX_DIGEST) < MAX_NONCE_LENGTH);
+  mhd_assert (NONCE_STD_LEN (MAX_DIGEST) <= MAX_DIGEST_NONCE_LENGTH);
  if (0 == nn->nonce[0])
    return true; /* The slot is empty */
@@ -1071,7 +1071,7 @@ calculate_add_nonce (struct MHD_Connection *const connection,
  const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da));
  bool ret;
-  mhd_assert (MAX_NONCE_LENGTH >= nonce_size);
+  mhd_assert (MAX_DIGEST_NONCE_LENGTH >= nonce_size);
  mhd_assert (0 != nonce_size);
  calculate_nonce (timestamp,
@@ -1427,7 +1427,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
                       unsigned int nonce_timeout)
 {
  struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);
-  char cnonce[MAX_NONCE_LENGTH];
+  char cnonce[MAX_CLIENT_NONCE_LENGTH];
  const unsigned int digest_size = digest_get_size (da);
  char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1];
  char qop[15]; /* auth,auth-int */
author	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-06-07 20:23:18 +0300
committer	Evgeny Grin (Karlson2k) <k2k@narod.ru>	2022-06-07 20:23:18 +0300
commit	abe138ee3aaadea496fbdddd23d79fbe40113171 (patch)
tree	a9a416f24726560435e4f66fc0caa44222e02d7a /src/microhttpd/digestauth.c
parent	2d551c422da896190f2278eff11955dfb439f658 (diff)
download	libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.tar.gz libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.zip

diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index c3717d47..890fc129 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c
@@ -751,7 +751,7 @@ check_nonce_nc (struct MHD_Connection *connection,
751	mhd_assert (0 != noncelen);	751	mhd_assert (0 != noncelen);
752	mhd_assert (strlen (nonce) == noncelen);	752	mhd_assert (strlen (nonce) == noncelen);
753	mhd_assert (0 != nc);	753	mhd_assert (0 != nc);
754	if (MAX_NONCE_LENGTH < noncelen)	754	if (MAX_DIGEST_NONCE_LENGTH < noncelen)
755	return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis	755	return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis
756	tools have a hard time with it and this also	756	tools have a hard time with it and this also
757	protects against unsafe modifications that may	757	protects against unsafe modifications that may
@@ -1010,7 +1010,7 @@ is_slot_available (const struct MHD_NonceNc *const nn,
1010	uint64_t timestamp;	1010	uint64_t timestamp;
1011	bool timestamp_valid;	1011	bool timestamp_valid;
1012	mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST));	1012	mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST));
1013	mhd_assert (NONCE_STD_LEN (MAX_DIGEST) < MAX_NONCE_LENGTH);	1013	mhd_assert (NONCE_STD_LEN (MAX_DIGEST) <= MAX_DIGEST_NONCE_LENGTH);
1014	if (0 == nn->nonce[0])	1014	if (0 == nn->nonce[0])
1015	return true; /* The slot is empty */	1015	return true; /* The slot is empty */
1016		1016
@@ -1071,7 +1071,7 @@ calculate_add_nonce (struct MHD_Connection *const connection,
1071	const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da));	1071	const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da));
1072	bool ret;	1072	bool ret;
1073		1073
1074	mhd_assert (MAX_NONCE_LENGTH >= nonce_size);	1074	mhd_assert (MAX_DIGEST_NONCE_LENGTH >= nonce_size);
1075	mhd_assert (0 != nonce_size);	1075	mhd_assert (0 != nonce_size);
1076		1076
1077	calculate_nonce (timestamp,	1077	calculate_nonce (timestamp,
@@ -1427,7 +1427,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
1427	unsigned int nonce_timeout)	1427	unsigned int nonce_timeout)
1428	{	1428	{
1429	struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);	1429	struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);
1430	char cnonce[MAX_NONCE_LENGTH];	1430	char cnonce[MAX_CLIENT_NONCE_LENGTH];
1431	const unsigned int digest_size = digest_get_size (da);	1431	const unsigned int digest_size = digest_get_size (da);
1432	char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1];	1432	char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1];
1433	char qop[15]; /* auth,auth-int */	1433	char qop[15]; /* auth,auth-int */