diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-07 20:23:18 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-06-07 20:23:18 +0300 |
commit | abe138ee3aaadea496fbdddd23d79fbe40113171 (patch) | |
tree | a9a416f24726560435e4f66fc0caa44222e02d7a /src/microhttpd/digestauth.c | |
parent | 2d551c422da896190f2278eff11955dfb439f658 (diff) | |
download | libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.tar.gz libmicrohttpd-abe138ee3aaadea496fbdddd23d79fbe40113171.zip |
Fixed wrong usage of maximum client nonce size as maximum size of server nonce
This also saves some RAM for nonce-nc map array
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index c3717d47..890fc129 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -751,7 +751,7 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
751 | mhd_assert (0 != noncelen); | 751 | mhd_assert (0 != noncelen); |
752 | mhd_assert (strlen (nonce) == noncelen); | 752 | mhd_assert (strlen (nonce) == noncelen); |
753 | mhd_assert (0 != nc); | 753 | mhd_assert (0 != nc); |
754 | if (MAX_NONCE_LENGTH < noncelen) | 754 | if (MAX_DIGEST_NONCE_LENGTH < noncelen) |
755 | return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis | 755 | return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis |
756 | tools have a hard time with it *and* this also | 756 | tools have a hard time with it *and* this also |
757 | protects against unsafe modifications that may | 757 | protects against unsafe modifications that may |
@@ -1010,7 +1010,7 @@ is_slot_available (const struct MHD_NonceNc *const nn, | |||
1010 | uint64_t timestamp; | 1010 | uint64_t timestamp; |
1011 | bool timestamp_valid; | 1011 | bool timestamp_valid; |
1012 | mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST)); | 1012 | mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST)); |
1013 | mhd_assert (NONCE_STD_LEN (MAX_DIGEST) < MAX_NONCE_LENGTH); | 1013 | mhd_assert (NONCE_STD_LEN (MAX_DIGEST) <= MAX_DIGEST_NONCE_LENGTH); |
1014 | if (0 == nn->nonce[0]) | 1014 | if (0 == nn->nonce[0]) |
1015 | return true; /* The slot is empty */ | 1015 | return true; /* The slot is empty */ |
1016 | 1016 | ||
@@ -1071,7 +1071,7 @@ calculate_add_nonce (struct MHD_Connection *const connection, | |||
1071 | const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da)); | 1071 | const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da)); |
1072 | bool ret; | 1072 | bool ret; |
1073 | 1073 | ||
1074 | mhd_assert (MAX_NONCE_LENGTH >= nonce_size); | 1074 | mhd_assert (MAX_DIGEST_NONCE_LENGTH >= nonce_size); |
1075 | mhd_assert (0 != nonce_size); | 1075 | mhd_assert (0 != nonce_size); |
1076 | 1076 | ||
1077 | calculate_nonce (timestamp, | 1077 | calculate_nonce (timestamp, |
@@ -1427,7 +1427,7 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1427 | unsigned int nonce_timeout) | 1427 | unsigned int nonce_timeout) |
1428 | { | 1428 | { |
1429 | struct MHD_Daemon *daemon = MHD_get_master (connection->daemon); | 1429 | struct MHD_Daemon *daemon = MHD_get_master (connection->daemon); |
1430 | char cnonce[MAX_NONCE_LENGTH]; | 1430 | char cnonce[MAX_CLIENT_NONCE_LENGTH]; |
1431 | const unsigned int digest_size = digest_get_size (da); | 1431 | const unsigned int digest_size = digest_get_size (da); |
1432 | char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1]; | 1432 | char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1]; |
1433 | char qop[15]; /* auth,auth-int */ | 1433 | char qop[15]; /* auth,auth-int */ |