diff options
| author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2015-09-06 16:01:58 +0000 |
|---|---|---|
| committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2015-09-06 16:01:58 +0000 |
| commit | e0f613dca8e26f90334eef43dec1628c5642300e (patch) | |
| tree | 9f43e69a5aebd04b7bd84780460435e8d6b8e14e /src/microhttpd/digestauth.c | |
| parent | 8731a130e0eee35b2fb4e7db3c4f9c328ca1712c (diff) | |
| download | libmicrohttpd-e0f613dca8e26f90334eef43dec1628c5642300e.tar.gz libmicrohttpd-e0f613dca8e26f90334eef43dec1628c5642300e.zip | |
digestauth.c: fix compiler warnings, clarifications
Diffstat (limited to 'src/microhttpd/digestauth.c')
| -rw-r--r-- | src/microhttpd/digestauth.c | 107 |
1 files changed, 56 insertions, 51 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 32ef79ef..7689d2dd 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
| @@ -36,6 +36,12 @@ | |||
| 36 | #endif /* _WIN32 && MHD_W32_MUTEX_ */ | 36 | #endif /* _WIN32 && MHD_W32_MUTEX_ */ |
| 37 | 37 | ||
| 38 | #define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE) | 38 | #define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE) |
| 39 | /* 32 bit value is 4 bytes */ | ||
| 40 | #define TIMESTAMP_BIN_SIZE 4 | ||
| 41 | #define TIMESTAMP_HEX_LEN (2 * TIMESTAMP_BIN_SIZE) | ||
| 42 | |||
| 43 | /* Standard server nonce length, not including terminating null */ | ||
| 44 | #define NONCE_STD_LEN (HASH_MD5_HEX_LEN + TIMESTAMP_HEX_LEN) | ||
| 39 | 45 | ||
| 40 | /** | 46 | /** |
| 41 | * Beginning string for any valid Digest authentication header. | 47 | * Beginning string for any valid Digest authentication header. |
| @@ -76,9 +82,9 @@ cvthex (const unsigned char *bin, | |||
| 76 | for (i = 0; i < len; ++i) | 82 | for (i = 0; i < len; ++i) |
| 77 | { | 83 | { |
| 78 | j = (bin[i] >> 4) & 0x0f; | 84 | j = (bin[i] >> 4) & 0x0f; |
| 79 | hex[i * 2] = j <= 9 ? (j + '0') : (j + 'a' - 10); | 85 | hex[i * 2] = (char)((j <= 9) ? (j + '0') : (j - 10 + 'a')); |
| 80 | j = bin[i] & 0x0f; | 86 | j = bin[i] & 0x0f; |
| 81 | hex[i * 2 + 1] = j <= 9 ? (j + '0') : (j + 'a' - 10); | 87 | hex[i * 2 + 1] = (char)((j <= 9) ? (j + '0') : (j - 10 + 'a')); |
| 82 | } | 88 | } |
| 83 | hex[len * 2] = '\0'; | 89 | hex[len * 2] = '\0'; |
| 84 | } | 90 | } |
| @@ -103,26 +109,26 @@ digest_calc_ha1 (const char *alg, | |||
| 103 | const char *password, | 109 | const char *password, |
| 104 | const char *nonce, | 110 | const char *nonce, |
| 105 | const char *cnonce, | 111 | const char *cnonce, |
| 106 | char *sessionkey) | 112 | char sessionkey[HASH_MD5_HEX_LEN + 1]) |
| 107 | { | 113 | { |
| 108 | struct MD5Context md5; | 114 | struct MD5Context md5; |
| 109 | unsigned char ha1[MD5_DIGEST_SIZE]; | 115 | unsigned char ha1[MD5_DIGEST_SIZE]; |
| 110 | 116 | ||
| 111 | MD5Init (&md5); | 117 | MD5Init (&md5); |
| 112 | MD5Update (&md5, username, strlen (username)); | 118 | MD5Update (&md5, (const unsigned char*)username, strlen (username)); |
| 113 | MD5Update (&md5, ":", 1); | 119 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 114 | MD5Update (&md5, realm, strlen (realm)); | 120 | MD5Update (&md5, (const unsigned char*)realm, strlen (realm)); |
| 115 | MD5Update (&md5, ":", 1); | 121 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 116 | MD5Update (&md5, password, strlen (password)); | 122 | MD5Update (&md5, (const unsigned char*)password, strlen (password)); |
| 117 | MD5Final (ha1, &md5); | 123 | MD5Final (ha1, &md5); |
| 118 | if (MHD_str_equal_caseless_(alg, "md5-sess")) | 124 | if (MHD_str_equal_caseless_(alg, "md5-sess")) |
| 119 | { | 125 | { |
| 120 | MD5Init (&md5); | 126 | MD5Init (&md5); |
| 121 | MD5Update (&md5, ha1, sizeof (ha1)); | 127 | MD5Update (&md5, (const unsigned char*)ha1, sizeof (ha1)); |
| 122 | MD5Update (&md5, ":", 1); | 128 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 123 | MD5Update (&md5, nonce, strlen (nonce)); | 129 | MD5Update (&md5, (const unsigned char*)nonce, strlen (nonce)); |
| 124 | MD5Update (&md5, ":", 1); | 130 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 125 | MD5Update (&md5, cnonce, strlen (cnonce)); | 131 | MD5Update (&md5, (const unsigned char*)cnonce, strlen (cnonce)); |
| 126 | MD5Final (ha1, &md5); | 132 | MD5Final (ha1, &md5); |
| 127 | } | 133 | } |
| 128 | cvthex (ha1, sizeof (ha1), sessionkey); | 134 | cvthex (ha1, sizeof (ha1), sessionkey); |
| @@ -143,7 +149,7 @@ digest_calc_ha1 (const char *alg, | |||
| 143 | * @param response request-digest or response-digest | 149 | * @param response request-digest or response-digest |
| 144 | */ | 150 | */ |
| 145 | static void | 151 | static void |
| 146 | digest_calc_response (const char *ha1, | 152 | digest_calc_response (const char ha1[HASH_MD5_HEX_LEN + 1], |
| 147 | const char *nonce, | 153 | const char *nonce, |
| 148 | const char *noncecount, | 154 | const char *noncecount, |
| 149 | const char *cnonce, | 155 | const char *cnonce, |
| @@ -151,7 +157,7 @@ digest_calc_response (const char *ha1, | |||
| 151 | const char *method, | 157 | const char *method, |
| 152 | const char *uri, | 158 | const char *uri, |
| 153 | const char *hentity, | 159 | const char *hentity, |
| 154 | char *response) | 160 | char response[HASH_MD5_HEX_LEN + 1]) |
| 155 | { | 161 | { |
| 156 | struct MD5Context md5; | 162 | struct MD5Context md5; |
| 157 | unsigned char ha2[MD5_DIGEST_SIZE]; | 163 | unsigned char ha2[MD5_DIGEST_SIZE]; |
| @@ -159,9 +165,9 @@ digest_calc_response (const char *ha1, | |||
| 159 | char ha2hex[HASH_MD5_HEX_LEN + 1]; | 165 | char ha2hex[HASH_MD5_HEX_LEN + 1]; |
| 160 | 166 | ||
| 161 | MD5Init (&md5); | 167 | MD5Init (&md5); |
| 162 | MD5Update (&md5, method, strlen(method)); | 168 | MD5Update (&md5, (const unsigned char*)method, strlen(method)); |
| 163 | MD5Update (&md5, ":", 1); | 169 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 164 | MD5Update (&md5, uri, strlen(uri)); | 170 | MD5Update (&md5, (const unsigned char*)uri, strlen(uri)); |
| 165 | #if 0 | 171 | #if 0 |
| 166 | if (0 == strcasecmp(qop, "auth-int")) | 172 | if (0 == strcasecmp(qop, "auth-int")) |
| 167 | { | 173 | { |
| @@ -176,22 +182,22 @@ digest_calc_response (const char *ha1, | |||
| 176 | cvthex (ha2, MD5_DIGEST_SIZE, ha2hex); | 182 | cvthex (ha2, MD5_DIGEST_SIZE, ha2hex); |
| 177 | MD5Init (&md5); | 183 | MD5Init (&md5); |
| 178 | /* calculate response */ | 184 | /* calculate response */ |
| 179 | MD5Update (&md5, ha1, HASH_MD5_HEX_LEN); | 185 | MD5Update (&md5, (const unsigned char*)ha1, HASH_MD5_HEX_LEN); |
| 180 | MD5Update (&md5, ":", 1); | 186 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 181 | MD5Update (&md5, nonce, strlen(nonce)); | 187 | MD5Update (&md5, (const unsigned char*)nonce, strlen(nonce)); |
| 182 | MD5Update (&md5, ":", 1); | 188 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 183 | if ('\0' != *qop) | 189 | if ('\0' != *qop) |
| 184 | { | 190 | { |
| 185 | MD5Update (&md5, noncecount, strlen(noncecount)); | 191 | MD5Update (&md5, (const unsigned char*)noncecount, strlen(noncecount)); |
| 186 | MD5Update (&md5, ":", 1); | 192 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 187 | MD5Update (&md5, cnonce, strlen(cnonce)); | 193 | MD5Update (&md5, (const unsigned char*)cnonce, strlen(cnonce)); |
| 188 | MD5Update (&md5, ":", 1); | 194 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 189 | MD5Update (&md5, qop, strlen(qop)); | 195 | MD5Update (&md5, (const unsigned char*)qop, strlen(qop)); |
| 190 | MD5Update (&md5, ":", 1); | 196 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 191 | } | 197 | } |
| 192 | MD5Update (&md5, ha2hex, HASH_MD5_HEX_LEN); | 198 | MD5Update (&md5, (const unsigned char*)ha2hex, HASH_MD5_HEX_LEN); |
| 193 | MD5Final (resphash, &md5); | 199 | MD5Final (resphash, &md5); |
| 194 | cvthex (resphash, sizeof (resphash), response); | 200 | cvthex (resphash, sizeof(resphash), response); |
| 195 | } | 201 | } |
| 196 | 202 | ||
| 197 | 203 | ||
| @@ -401,31 +407,31 @@ calculate_nonce (uint32_t nonce_time, | |||
| 401 | size_t rnd_size, | 407 | size_t rnd_size, |
| 402 | const char *uri, | 408 | const char *uri, |
| 403 | const char *realm, | 409 | const char *realm, |
| 404 | char *nonce) | 410 | char nonce[NONCE_STD_LEN + 1]) |
| 405 | { | 411 | { |
| 406 | struct MD5Context md5; | 412 | struct MD5Context md5; |
| 407 | unsigned char timestamp[4]; | 413 | unsigned char timestamp[TIMESTAMP_BIN_SIZE]; |
| 408 | unsigned char tmpnonce[MD5_DIGEST_SIZE]; | 414 | unsigned char tmpnonce[MD5_DIGEST_SIZE]; |
| 409 | char timestamphex[sizeof(timestamp) * 2 + 1]; | 415 | char timestamphex[TIMESTAMP_HEX_LEN + 1]; |
| 410 | 416 | ||
| 411 | MD5Init (&md5); | 417 | MD5Init (&md5); |
| 412 | timestamp[0] = (nonce_time & 0xff000000) >> 0x18; | 418 | timestamp[0] = (unsigned char)((nonce_time & 0xff000000) >> 0x18); |
| 413 | timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10; | 419 | timestamp[1] = (unsigned char)((nonce_time & 0x00ff0000) >> 0x10); |
| 414 | timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08; | 420 | timestamp[2] = (unsigned char)((nonce_time & 0x0000ff00) >> 0x08); |
| 415 | timestamp[3] = (nonce_time & 0x000000ff); | 421 | timestamp[3] = (unsigned char)((nonce_time & 0x000000ff)); |
| 416 | MD5Update (&md5, timestamp, 4); | 422 | MD5Update (&md5, timestamp, sizeof(timestamp)); |
| 417 | MD5Update (&md5, ":", 1); | 423 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 418 | MD5Update (&md5, method, strlen (method)); | 424 | MD5Update (&md5, (const unsigned char*)method, strlen (method)); |
| 419 | MD5Update (&md5, ":", 1); | 425 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 420 | if (rnd_size > 0) | 426 | if (rnd_size > 0) |
| 421 | MD5Update (&md5, rnd, rnd_size); | 427 | MD5Update (&md5, (const unsigned char*)rnd, rnd_size); |
| 422 | MD5Update (&md5, ":", 1); | 428 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 423 | MD5Update (&md5, uri, strlen (uri)); | 429 | MD5Update (&md5, (const unsigned char*)uri, strlen (uri)); |
| 424 | MD5Update (&md5, ":", 1); | 430 | MD5Update (&md5, (const unsigned char*)":", 1); |
| 425 | MD5Update (&md5, realm, strlen (realm)); | 431 | MD5Update (&md5, (const unsigned char*)realm, strlen (realm)); |
| 426 | MD5Final (tmpnonce, &md5); | 432 | MD5Final (tmpnonce, &md5); |
| 427 | cvthex (tmpnonce, sizeof (tmpnonce), nonce); | 433 | cvthex (tmpnonce, sizeof (tmpnonce), nonce); |
| 428 | cvthex (timestamp, 4, timestamphex); | 434 | cvthex (timestamp, sizeof(timestamp), timestamphex); |
| 429 | strncat (nonce, timestamphex, 8); | 435 | strncat (nonce, timestamphex, 8); |
| 430 | } | 436 | } |
| 431 | 437 | ||
| @@ -586,7 +592,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
| 586 | const char *hentity = NULL; /* "auth-int" is not supported */ | 592 | const char *hentity = NULL; /* "auth-int" is not supported */ |
| 587 | char ha1[HASH_MD5_HEX_LEN + 1]; | 593 | char ha1[HASH_MD5_HEX_LEN + 1]; |
| 588 | char respexp[HASH_MD5_HEX_LEN + 1]; | 594 | char respexp[HASH_MD5_HEX_LEN + 1]; |
| 589 | char noncehashexp[HASH_MD5_HEX_LEN + 9]; | 595 | char noncehashexp[NONCE_STD_LEN + 1]; |
| 590 | uint32_t nonce_time; | 596 | uint32_t nonce_time; |
| 591 | uint32_t t; | 597 | uint32_t t; |
| 592 | size_t left; /* number of characters left in 'header' for 'uri' */ | 598 | size_t left; /* number of characters left in 'header' for 'uri' */ |
| @@ -642,8 +648,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
| 642 | header value. */ | 648 | header value. */ |
| 643 | return MHD_NO; | 649 | return MHD_NO; |
| 644 | } | 650 | } |
| 645 | /* 8 = 4 hexadecimal numbers for the timestamp */ | 651 | nonce_time = strtoul (nonce + len - TIMESTAMP_HEX_LEN, (char **)NULL, 16); |
| 646 | nonce_time = strtoul (nonce + len - 8, (char **)NULL, 16); | ||
| 647 | t = (uint32_t) MHD_monotonic_sec_counter(); | 652 | t = (uint32_t) MHD_monotonic_sec_counter(); |
| 648 | /* | 653 | /* |
| 649 | * First level vetting for the nonce validity: if the timestamp | 654 | * First level vetting for the nonce validity: if the timestamp |
| @@ -818,7 +823,7 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
| 818 | { | 823 | { |
| 819 | int ret; | 824 | int ret; |
| 820 | size_t hlen; | 825 | size_t hlen; |
| 821 | char nonce[HASH_MD5_HEX_LEN + 9]; | 826 | char nonce[NONCE_STD_LEN + 1]; |
| 822 | 827 | ||
| 823 | /* Generating the server nonce */ | 828 | /* Generating the server nonce */ |
| 824 | calculate_nonce ((uint32_t) MHD_monotonic_sec_counter(), | 829 | calculate_nonce ((uint32_t) MHD_monotonic_sec_counter(), |