diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2015-09-06 16:01:58 +0000 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2015-09-06 16:01:58 +0000 |
commit | e0f613dca8e26f90334eef43dec1628c5642300e (patch) | |
tree | 9f43e69a5aebd04b7bd84780460435e8d6b8e14e /src/microhttpd/digestauth.c | |
parent | 8731a130e0eee35b2fb4e7db3c4f9c328ca1712c (diff) | |
download | libmicrohttpd-e0f613dca8e26f90334eef43dec1628c5642300e.tar.gz libmicrohttpd-e0f613dca8e26f90334eef43dec1628c5642300e.zip |
digestauth.c: fix compiler warnings, clarifications
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r-- | src/microhttpd/digestauth.c | 107 |
1 files changed, 56 insertions, 51 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 32ef79ef..7689d2dd 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -36,6 +36,12 @@ | |||
36 | #endif /* _WIN32 && MHD_W32_MUTEX_ */ | 36 | #endif /* _WIN32 && MHD_W32_MUTEX_ */ |
37 | 37 | ||
38 | #define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE) | 38 | #define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE) |
39 | /* 32 bit value is 4 bytes */ | ||
40 | #define TIMESTAMP_BIN_SIZE 4 | ||
41 | #define TIMESTAMP_HEX_LEN (2 * TIMESTAMP_BIN_SIZE) | ||
42 | |||
43 | /* Standard server nonce length, not including terminating null */ | ||
44 | #define NONCE_STD_LEN (HASH_MD5_HEX_LEN + TIMESTAMP_HEX_LEN) | ||
39 | 45 | ||
40 | /** | 46 | /** |
41 | * Beginning string for any valid Digest authentication header. | 47 | * Beginning string for any valid Digest authentication header. |
@@ -76,9 +82,9 @@ cvthex (const unsigned char *bin, | |||
76 | for (i = 0; i < len; ++i) | 82 | for (i = 0; i < len; ++i) |
77 | { | 83 | { |
78 | j = (bin[i] >> 4) & 0x0f; | 84 | j = (bin[i] >> 4) & 0x0f; |
79 | hex[i * 2] = j <= 9 ? (j + '0') : (j + 'a' - 10); | 85 | hex[i * 2] = (char)((j <= 9) ? (j + '0') : (j - 10 + 'a')); |
80 | j = bin[i] & 0x0f; | 86 | j = bin[i] & 0x0f; |
81 | hex[i * 2 + 1] = j <= 9 ? (j + '0') : (j + 'a' - 10); | 87 | hex[i * 2 + 1] = (char)((j <= 9) ? (j + '0') : (j - 10 + 'a')); |
82 | } | 88 | } |
83 | hex[len * 2] = '\0'; | 89 | hex[len * 2] = '\0'; |
84 | } | 90 | } |
@@ -103,26 +109,26 @@ digest_calc_ha1 (const char *alg, | |||
103 | const char *password, | 109 | const char *password, |
104 | const char *nonce, | 110 | const char *nonce, |
105 | const char *cnonce, | 111 | const char *cnonce, |
106 | char *sessionkey) | 112 | char sessionkey[HASH_MD5_HEX_LEN + 1]) |
107 | { | 113 | { |
108 | struct MD5Context md5; | 114 | struct MD5Context md5; |
109 | unsigned char ha1[MD5_DIGEST_SIZE]; | 115 | unsigned char ha1[MD5_DIGEST_SIZE]; |
110 | 116 | ||
111 | MD5Init (&md5); | 117 | MD5Init (&md5); |
112 | MD5Update (&md5, username, strlen (username)); | 118 | MD5Update (&md5, (const unsigned char*)username, strlen (username)); |
113 | MD5Update (&md5, ":", 1); | 119 | MD5Update (&md5, (const unsigned char*)":", 1); |
114 | MD5Update (&md5, realm, strlen (realm)); | 120 | MD5Update (&md5, (const unsigned char*)realm, strlen (realm)); |
115 | MD5Update (&md5, ":", 1); | 121 | MD5Update (&md5, (const unsigned char*)":", 1); |
116 | MD5Update (&md5, password, strlen (password)); | 122 | MD5Update (&md5, (const unsigned char*)password, strlen (password)); |
117 | MD5Final (ha1, &md5); | 123 | MD5Final (ha1, &md5); |
118 | if (MHD_str_equal_caseless_(alg, "md5-sess")) | 124 | if (MHD_str_equal_caseless_(alg, "md5-sess")) |
119 | { | 125 | { |
120 | MD5Init (&md5); | 126 | MD5Init (&md5); |
121 | MD5Update (&md5, ha1, sizeof (ha1)); | 127 | MD5Update (&md5, (const unsigned char*)ha1, sizeof (ha1)); |
122 | MD5Update (&md5, ":", 1); | 128 | MD5Update (&md5, (const unsigned char*)":", 1); |
123 | MD5Update (&md5, nonce, strlen (nonce)); | 129 | MD5Update (&md5, (const unsigned char*)nonce, strlen (nonce)); |
124 | MD5Update (&md5, ":", 1); | 130 | MD5Update (&md5, (const unsigned char*)":", 1); |
125 | MD5Update (&md5, cnonce, strlen (cnonce)); | 131 | MD5Update (&md5, (const unsigned char*)cnonce, strlen (cnonce)); |
126 | MD5Final (ha1, &md5); | 132 | MD5Final (ha1, &md5); |
127 | } | 133 | } |
128 | cvthex (ha1, sizeof (ha1), sessionkey); | 134 | cvthex (ha1, sizeof (ha1), sessionkey); |
@@ -143,7 +149,7 @@ digest_calc_ha1 (const char *alg, | |||
143 | * @param response request-digest or response-digest | 149 | * @param response request-digest or response-digest |
144 | */ | 150 | */ |
145 | static void | 151 | static void |
146 | digest_calc_response (const char *ha1, | 152 | digest_calc_response (const char ha1[HASH_MD5_HEX_LEN + 1], |
147 | const char *nonce, | 153 | const char *nonce, |
148 | const char *noncecount, | 154 | const char *noncecount, |
149 | const char *cnonce, | 155 | const char *cnonce, |
@@ -151,7 +157,7 @@ digest_calc_response (const char *ha1, | |||
151 | const char *method, | 157 | const char *method, |
152 | const char *uri, | 158 | const char *uri, |
153 | const char *hentity, | 159 | const char *hentity, |
154 | char *response) | 160 | char response[HASH_MD5_HEX_LEN + 1]) |
155 | { | 161 | { |
156 | struct MD5Context md5; | 162 | struct MD5Context md5; |
157 | unsigned char ha2[MD5_DIGEST_SIZE]; | 163 | unsigned char ha2[MD5_DIGEST_SIZE]; |
@@ -159,9 +165,9 @@ digest_calc_response (const char *ha1, | |||
159 | char ha2hex[HASH_MD5_HEX_LEN + 1]; | 165 | char ha2hex[HASH_MD5_HEX_LEN + 1]; |
160 | 166 | ||
161 | MD5Init (&md5); | 167 | MD5Init (&md5); |
162 | MD5Update (&md5, method, strlen(method)); | 168 | MD5Update (&md5, (const unsigned char*)method, strlen(method)); |
163 | MD5Update (&md5, ":", 1); | 169 | MD5Update (&md5, (const unsigned char*)":", 1); |
164 | MD5Update (&md5, uri, strlen(uri)); | 170 | MD5Update (&md5, (const unsigned char*)uri, strlen(uri)); |
165 | #if 0 | 171 | #if 0 |
166 | if (0 == strcasecmp(qop, "auth-int")) | 172 | if (0 == strcasecmp(qop, "auth-int")) |
167 | { | 173 | { |
@@ -176,22 +182,22 @@ digest_calc_response (const char *ha1, | |||
176 | cvthex (ha2, MD5_DIGEST_SIZE, ha2hex); | 182 | cvthex (ha2, MD5_DIGEST_SIZE, ha2hex); |
177 | MD5Init (&md5); | 183 | MD5Init (&md5); |
178 | /* calculate response */ | 184 | /* calculate response */ |
179 | MD5Update (&md5, ha1, HASH_MD5_HEX_LEN); | 185 | MD5Update (&md5, (const unsigned char*)ha1, HASH_MD5_HEX_LEN); |
180 | MD5Update (&md5, ":", 1); | 186 | MD5Update (&md5, (const unsigned char*)":", 1); |
181 | MD5Update (&md5, nonce, strlen(nonce)); | 187 | MD5Update (&md5, (const unsigned char*)nonce, strlen(nonce)); |
182 | MD5Update (&md5, ":", 1); | 188 | MD5Update (&md5, (const unsigned char*)":", 1); |
183 | if ('\0' != *qop) | 189 | if ('\0' != *qop) |
184 | { | 190 | { |
185 | MD5Update (&md5, noncecount, strlen(noncecount)); | 191 | MD5Update (&md5, (const unsigned char*)noncecount, strlen(noncecount)); |
186 | MD5Update (&md5, ":", 1); | 192 | MD5Update (&md5, (const unsigned char*)":", 1); |
187 | MD5Update (&md5, cnonce, strlen(cnonce)); | 193 | MD5Update (&md5, (const unsigned char*)cnonce, strlen(cnonce)); |
188 | MD5Update (&md5, ":", 1); | 194 | MD5Update (&md5, (const unsigned char*)":", 1); |
189 | MD5Update (&md5, qop, strlen(qop)); | 195 | MD5Update (&md5, (const unsigned char*)qop, strlen(qop)); |
190 | MD5Update (&md5, ":", 1); | 196 | MD5Update (&md5, (const unsigned char*)":", 1); |
191 | } | 197 | } |
192 | MD5Update (&md5, ha2hex, HASH_MD5_HEX_LEN); | 198 | MD5Update (&md5, (const unsigned char*)ha2hex, HASH_MD5_HEX_LEN); |
193 | MD5Final (resphash, &md5); | 199 | MD5Final (resphash, &md5); |
194 | cvthex (resphash, sizeof (resphash), response); | 200 | cvthex (resphash, sizeof(resphash), response); |
195 | } | 201 | } |
196 | 202 | ||
197 | 203 | ||
@@ -401,31 +407,31 @@ calculate_nonce (uint32_t nonce_time, | |||
401 | size_t rnd_size, | 407 | size_t rnd_size, |
402 | const char *uri, | 408 | const char *uri, |
403 | const char *realm, | 409 | const char *realm, |
404 | char *nonce) | 410 | char nonce[NONCE_STD_LEN + 1]) |
405 | { | 411 | { |
406 | struct MD5Context md5; | 412 | struct MD5Context md5; |
407 | unsigned char timestamp[4]; | 413 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; |
408 | unsigned char tmpnonce[MD5_DIGEST_SIZE]; | 414 | unsigned char tmpnonce[MD5_DIGEST_SIZE]; |
409 | char timestamphex[sizeof(timestamp) * 2 + 1]; | 415 | char timestamphex[TIMESTAMP_HEX_LEN + 1]; |
410 | 416 | ||
411 | MD5Init (&md5); | 417 | MD5Init (&md5); |
412 | timestamp[0] = (nonce_time & 0xff000000) >> 0x18; | 418 | timestamp[0] = (unsigned char)((nonce_time & 0xff000000) >> 0x18); |
413 | timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10; | 419 | timestamp[1] = (unsigned char)((nonce_time & 0x00ff0000) >> 0x10); |
414 | timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08; | 420 | timestamp[2] = (unsigned char)((nonce_time & 0x0000ff00) >> 0x08); |
415 | timestamp[3] = (nonce_time & 0x000000ff); | 421 | timestamp[3] = (unsigned char)((nonce_time & 0x000000ff)); |
416 | MD5Update (&md5, timestamp, 4); | 422 | MD5Update (&md5, timestamp, sizeof(timestamp)); |
417 | MD5Update (&md5, ":", 1); | 423 | MD5Update (&md5, (const unsigned char*)":", 1); |
418 | MD5Update (&md5, method, strlen (method)); | 424 | MD5Update (&md5, (const unsigned char*)method, strlen (method)); |
419 | MD5Update (&md5, ":", 1); | 425 | MD5Update (&md5, (const unsigned char*)":", 1); |
420 | if (rnd_size > 0) | 426 | if (rnd_size > 0) |
421 | MD5Update (&md5, rnd, rnd_size); | 427 | MD5Update (&md5, (const unsigned char*)rnd, rnd_size); |
422 | MD5Update (&md5, ":", 1); | 428 | MD5Update (&md5, (const unsigned char*)":", 1); |
423 | MD5Update (&md5, uri, strlen (uri)); | 429 | MD5Update (&md5, (const unsigned char*)uri, strlen (uri)); |
424 | MD5Update (&md5, ":", 1); | 430 | MD5Update (&md5, (const unsigned char*)":", 1); |
425 | MD5Update (&md5, realm, strlen (realm)); | 431 | MD5Update (&md5, (const unsigned char*)realm, strlen (realm)); |
426 | MD5Final (tmpnonce, &md5); | 432 | MD5Final (tmpnonce, &md5); |
427 | cvthex (tmpnonce, sizeof (tmpnonce), nonce); | 433 | cvthex (tmpnonce, sizeof (tmpnonce), nonce); |
428 | cvthex (timestamp, 4, timestamphex); | 434 | cvthex (timestamp, sizeof(timestamp), timestamphex); |
429 | strncat (nonce, timestamphex, 8); | 435 | strncat (nonce, timestamphex, 8); |
430 | } | 436 | } |
431 | 437 | ||
@@ -586,7 +592,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
586 | const char *hentity = NULL; /* "auth-int" is not supported */ | 592 | const char *hentity = NULL; /* "auth-int" is not supported */ |
587 | char ha1[HASH_MD5_HEX_LEN + 1]; | 593 | char ha1[HASH_MD5_HEX_LEN + 1]; |
588 | char respexp[HASH_MD5_HEX_LEN + 1]; | 594 | char respexp[HASH_MD5_HEX_LEN + 1]; |
589 | char noncehashexp[HASH_MD5_HEX_LEN + 9]; | 595 | char noncehashexp[NONCE_STD_LEN + 1]; |
590 | uint32_t nonce_time; | 596 | uint32_t nonce_time; |
591 | uint32_t t; | 597 | uint32_t t; |
592 | size_t left; /* number of characters left in 'header' for 'uri' */ | 598 | size_t left; /* number of characters left in 'header' for 'uri' */ |
@@ -642,8 +648,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
642 | header value. */ | 648 | header value. */ |
643 | return MHD_NO; | 649 | return MHD_NO; |
644 | } | 650 | } |
645 | /* 8 = 4 hexadecimal numbers for the timestamp */ | 651 | nonce_time = strtoul (nonce + len - TIMESTAMP_HEX_LEN, (char **)NULL, 16); |
646 | nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16); | ||
647 | t = (uint32_t) MHD_monotonic_sec_counter(); | 652 | t = (uint32_t) MHD_monotonic_sec_counter(); |
648 | /* | 653 | /* |
649 | * First level vetting for the nonce validity: if the timestamp | 654 | * First level vetting for the nonce validity: if the timestamp |
@@ -818,7 +823,7 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
818 | { | 823 | { |
819 | int ret; | 824 | int ret; |
820 | size_t hlen; | 825 | size_t hlen; |
821 | char nonce[HASH_MD5_HEX_LEN + 9]; | 826 | char nonce[NONCE_STD_LEN + 1]; |
822 | 827 | ||
823 | /* Generating the server nonce */ | 828 | /* Generating the server nonce */ |
824 | calculate_nonce ((uint32_t) MHD_monotonic_sec_counter(), | 829 | calculate_nonce ((uint32_t) MHD_monotonic_sec_counter(), |