diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-07-28 08:16:13 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-07-30 22:28:45 +0300 |
commit | 34059c30943f89bbab061bd299fbff5784a06b30 (patch) | |
tree | 865e1f8612f73314c297de7c4f7ddaf0adc6aeac /src/microhttpd | |
parent | 51bea81bf7c5da8ceeb8b70252c583671bc7bb87 (diff) | |
download | libmicrohttpd-34059c30943f89bbab061bd299fbff5784a06b30.tar.gz libmicrohttpd-34059c30943f89bbab061bd299fbff5784a06b30.zip |
MHD_digest_auth_check3(): return failed parameter if it is known
Diffstat (limited to 'src/microhttpd')
-rw-r--r-- | src/microhttpd/digestauth.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index d12dda25..3e5468af 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -2101,22 +2101,22 @@ digest_auth_check_all_inner (struct MHD_Connection *connection, | |||
2101 | 2101 | ||
2102 | if ((NULL == params->username.value.str) && | 2102 | if ((NULL == params->username.value.str) && |
2103 | (NULL == params->username_ext.value.str)) | 2103 | (NULL == params->username_ext.value.str)) |
2104 | return MHD_DAUTH_WRONG_HEADER; | 2104 | return MHD_DAUTH_WRONG_USERNAME; |
2105 | else if ((NULL != params->username.value.str) && | 2105 | else if ((NULL != params->username.value.str) && |
2106 | (NULL != params->username_ext.value.str)) | 2106 | (NULL != params->username_ext.value.str)) |
2107 | return MHD_DAUTH_WRONG_HEADER; /* Parameters cannot be used together */ | 2107 | return MHD_DAUTH_WRONG_USERNAME; /* Parameters cannot be used together */ |
2108 | else if ((NULL != params->username_ext.value.str) && | 2108 | else if ((NULL != params->username_ext.value.str) && |
2109 | (MHD_DAUTH_EXT_PARAM_MIN_LEN > params->username_ext.value.len)) | 2109 | (MHD_DAUTH_EXT_PARAM_MIN_LEN > params->username_ext.value.len)) |
2110 | return MHD_DAUTH_WRONG_HEADER; /* Broken extended notation */ | 2110 | return MHD_DAUTH_WRONG_USERNAME; /* Broken extended notation */ |
2111 | else if (params->userhash && (NULL == params->username.value.str)) | 2111 | else if (params->userhash && (NULL == params->username.value.str)) |
2112 | return MHD_DAUTH_WRONG_HEADER; /* Userhash cannot be used with extended notation */ | 2112 | return MHD_DAUTH_WRONG_USERNAME; /* Userhash cannot be used with extended notation */ |
2113 | else if (params->userhash && (digest_size * 2 > params->username.value.len)) | 2113 | else if (params->userhash && (digest_size * 2 > params->username.value.len)) |
2114 | return MHD_DAUTH_WRONG_HEADER; /* Too few chars for correct userhash */ | 2114 | return MHD_DAUTH_WRONG_USERNAME; /* Too few chars for correct userhash */ |
2115 | else if (params->userhash && (digest_size * 4 < params->username.value.len)) | 2115 | else if (params->userhash && (digest_size * 4 < params->username.value.len)) |
2116 | return MHD_DAUTH_WRONG_HEADER; /* Too many chars for correct userhash */ | 2116 | return MHD_DAUTH_WRONG_USERNAME; /* Too many chars for correct userhash */ |
2117 | 2117 | ||
2118 | if (NULL == params->realm.value.str) | 2118 | if (NULL == params->realm.value.str) |
2119 | return MHD_DAUTH_WRONG_HEADER; | 2119 | return MHD_DAUTH_WRONG_REALM; |
2120 | else if (((NULL == userdigest) || params->userhash) && | 2120 | else if (((NULL == userdigest) || params->userhash) && |
2121 | (_MHD_AUTH_DIGEST_MAX_PARAM_SIZE < params->realm.value.len)) | 2121 | (_MHD_AUTH_DIGEST_MAX_PARAM_SIZE < params->realm.value.len)) |
2122 | return MHD_DAUTH_TOO_LARGE; /* Realm is too large and it will be used in hash calculations */ | 2122 | return MHD_DAUTH_TOO_LARGE; /* Realm is too large and it will be used in hash calculations */ |
@@ -2141,21 +2141,21 @@ digest_auth_check_all_inner (struct MHD_Connection *connection, | |||
2141 | /* The QOP parameter was checked already */ | 2141 | /* The QOP parameter was checked already */ |
2142 | 2142 | ||
2143 | if (NULL == params->uri.value.str) | 2143 | if (NULL == params->uri.value.str) |
2144 | return MHD_DAUTH_WRONG_HEADER; | 2144 | return MHD_DAUTH_WRONG_URI; |
2145 | else if (0 == params->uri.value.len) | 2145 | else if (0 == params->uri.value.len) |
2146 | return MHD_DAUTH_WRONG_URI; | 2146 | return MHD_DAUTH_WRONG_URI; |
2147 | else if (_MHD_AUTH_DIGEST_MAX_PARAM_SIZE < params->uri.value.len) | 2147 | else if (_MHD_AUTH_DIGEST_MAX_PARAM_SIZE < params->uri.value.len) |
2148 | return MHD_DAUTH_TOO_LARGE; | 2148 | return MHD_DAUTH_TOO_LARGE; |
2149 | 2149 | ||
2150 | if (NULL == params->nonce.value.str) | 2150 | if (NULL == params->nonce.value.str) |
2151 | return MHD_DAUTH_WRONG_HEADER; | 2151 | return MHD_DAUTH_NONCE_WRONG; |
2152 | else if (0 == params->nonce.value.len) | 2152 | else if (0 == params->nonce.value.len) |
2153 | return MHD_DAUTH_NONCE_WRONG; | 2153 | return MHD_DAUTH_NONCE_WRONG; |
2154 | else if (NONCE_STD_LEN (digest_size) * 2 < params->nonce.value.len) | 2154 | else if (NONCE_STD_LEN (digest_size) * 2 < params->nonce.value.len) |
2155 | return MHD_DAUTH_NONCE_WRONG; | 2155 | return MHD_DAUTH_NONCE_WRONG; |
2156 | 2156 | ||
2157 | if (NULL == params->response.value.str) | 2157 | if (NULL == params->response.value.str) |
2158 | return MHD_DAUTH_WRONG_HEADER; | 2158 | return MHD_DAUTH_RESPONSE_WRONG; |
2159 | else if (0 == params->response.value.len) | 2159 | else if (0 == params->response.value.len) |
2160 | return MHD_DAUTH_RESPONSE_WRONG; | 2160 | return MHD_DAUTH_RESPONSE_WRONG; |
2161 | else if (digest_size * 4 < params->response.value.len) | 2161 | else if (digest_size * 4 < params->response.value.len) |