diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | doc/examples/basicauthentication.c | 11 | ||||
-rw-r--r-- | doc/libmicrohttpd.texi | 10 | ||||
-rw-r--r-- | src/examples/authorization_example.c | 11 | ||||
-rw-r--r-- | src/examples/digest_auth_example.c | 5 | ||||
-rw-r--r-- | src/include/microhttpd.h | 17 |
6 files changed, 42 insertions, 17 deletions
@@ -1,3 +1,8 @@ | |||
1 | Mon Oct 9 22:38:07 CEST 2017 | ||
2 | Add MHD_free() to allow proper free()-ing of username/password | ||
3 | data returned via MHD_digest_auth_get_username() or | ||
4 | MHD_basic_auth_get_username_password() on Windows. -CG | ||
5 | |||
1 | Tue Sep 26 14:00:58 CEST 2017 | 6 | Tue Sep 26 14:00:58 CEST 2017 |
2 | Fixing race involving setting "at_limit" flag. -CG | 7 | Fixing race involving setting "at_limit" flag. -CG |
3 | 8 | ||
diff --git a/doc/examples/basicauthentication.c b/doc/examples/basicauthentication.c index 0e13a2ee..88cb79b7 100644 --- a/doc/examples/basicauthentication.c +++ b/doc/examples/basicauthentication.c | |||
@@ -42,12 +42,13 @@ answer_to_connection (void *cls, struct MHD_Connection *connection, | |||
42 | return MHD_YES; | 42 | return MHD_YES; |
43 | } | 43 | } |
44 | pass = NULL; | 44 | pass = NULL; |
45 | user = MHD_basic_auth_get_username_password (connection, &pass); | 45 | user = MHD_basic_auth_get_username_password (connection, |
46 | fail = ( (user == NULL) || | 46 | &pass); |
47 | fail = ( (NULL == user) || | ||
47 | (0 != strcmp (user, "root")) || | 48 | (0 != strcmp (user, "root")) || |
48 | (0 != strcmp (pass, "pa$$w0rd") ) ); | 49 | (0 != strcmp (pass, "pa$$w0rd") ) ); |
49 | if (user != NULL) free (user); | 50 | if (NULL != user) MHD_free (user); |
50 | if (pass != NULL) free (pass); | 51 | if (NULL != pass) MHD_free (pass); |
51 | if (fail) | 52 | if (fail) |
52 | { | 53 | { |
53 | const char *page = "<html><body>Go away.</body></html>"; | 54 | const char *page = "<html><body>Go away.</body></html>"; |
diff --git a/doc/libmicrohttpd.texi b/doc/libmicrohttpd.texi index 05b1f834..2e0f196f 100644 --- a/doc/libmicrohttpd.texi +++ b/doc/libmicrohttpd.texi | |||
@@ -2342,13 +2342,17 @@ client certificates is presented in the MHD tutorial. | |||
2342 | @node microhttpd-dauth basic | 2342 | @node microhttpd-dauth basic |
2343 | @section Using Basic Authentication | 2343 | @section Using Basic Authentication |
2344 | 2344 | ||
2345 | @deftypefun {void} MHD_free (void *ptr) | ||
2346 | Free the memory given at @code{ptr}. Used to free data structures allocated by MHD. Calls @code{free(ptr)}. | ||
2347 | @end deftypefun | ||
2348 | |||
2345 | @deftypefun {char *} MHD_basic_auth_get_username_password (struct MHD_Connection *connection, char** password) | 2349 | @deftypefun {char *} MHD_basic_auth_get_username_password (struct MHD_Connection *connection, char** password) |
2346 | Get the username and password from the basic authorization header sent by the client. | 2350 | Get the username and password from the basic authorization header sent by the client. |
2347 | Return @code{NULL} if no username could be found, a pointer to the username if found. | 2351 | Return @code{NULL} if no username could be found, a pointer to the username if found. |
2348 | If returned value is not @code{NULL}, the value must be @code{free()}'ed. | 2352 | If returned value is not @code{NULL}, the value must be @code{MHD_free()}'ed. |
2349 | 2353 | ||
2350 | @var{password} reference a buffer to store the password. It can be @code{NULL}. | 2354 | @var{password} reference a buffer to store the password. It can be @code{NULL}. |
2351 | If returned value is not @code{NULL}, the value must be @code{free()}'ed. | 2355 | If returned value is not @code{NULL}, the value must be @code{MHD_free()}'ed. |
2352 | @end deftypefun | 2356 | @end deftypefun |
2353 | 2357 | ||
2354 | @deftypefun {int} MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, const char *realm, struct MHD_Response *response) | 2358 | @deftypefun {int} MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, const char *realm, struct MHD_Response *response) |
@@ -2370,7 +2374,7 @@ client with a 401 HTTP status. | |||
2370 | @deftypefun {char *} MHD_digest_auth_get_username (struct MHD_Connection *connection) | 2374 | @deftypefun {char *} MHD_digest_auth_get_username (struct MHD_Connection *connection) |
2371 | Find and return a pointer to the username value from the request header. | 2375 | Find and return a pointer to the username value from the request header. |
2372 | Return @code{NULL} if the value is not found or header does not exist. | 2376 | Return @code{NULL} if the value is not found or header does not exist. |
2373 | If returned value is not @code{NULL}, the value must be @code{free()}'ed. | 2377 | If returned value is not @code{NULL}, the value must be @code{MHD_free()}'ed. |
2374 | @end deftypefun | 2378 | @end deftypefun |
2375 | 2379 | ||
2376 | @deftypefun int MHD_digest_auth_check (struct MHD_Connection *connection, const char *realm, const char *username, const char *password, unsigned int nonce_timeout) | 2380 | @deftypefun int MHD_digest_auth_check (struct MHD_Connection *connection, const char *realm, const char *username, const char *password, unsigned int nonce_timeout) |
diff --git a/src/examples/authorization_example.c b/src/examples/authorization_example.c index d62973a2..d8a88203 100644 --- a/src/examples/authorization_example.c +++ b/src/examples/authorization_example.c | |||
@@ -70,8 +70,11 @@ ahc_echo (void *cls, | |||
70 | 70 | ||
71 | /* require: "Aladdin" with password "open sesame" */ | 71 | /* require: "Aladdin" with password "open sesame" */ |
72 | pass = NULL; | 72 | pass = NULL; |
73 | user = MHD_basic_auth_get_username_password (connection, &pass); | 73 | user = MHD_basic_auth_get_username_password (connection, |
74 | fail = ( (user == NULL) || (0 != strcmp (user, "Aladdin")) || (0 != strcmp (pass, "open sesame") ) ); | 74 | &pass); |
75 | fail = ( (NULL == user) || | ||
76 | (0 != strcmp (user, "Aladdin")) || | ||
77 | (0 != strcmp (pass, "open sesame") ) ); | ||
75 | if (fail) | 78 | if (fail) |
76 | { | 79 | { |
77 | response = MHD_create_response_from_buffer (strlen (DENIED), | 80 | response = MHD_create_response_from_buffer (strlen (DENIED), |
@@ -87,9 +90,9 @@ ahc_echo (void *cls, | |||
87 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); | 90 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); |
88 | } | 91 | } |
89 | if (NULL != user) | 92 | if (NULL != user) |
90 | free (user); | 93 | MHD_free (user); |
91 | if (NULL != pass) | 94 | if (NULL != pass) |
92 | free (pass); | 95 | MHD_free (pass); |
93 | MHD_destroy_response (response); | 96 | MHD_destroy_response (response); |
94 | return ret; | 97 | return ret; |
95 | } | 98 | } |
diff --git a/src/examples/digest_auth_example.c b/src/examples/digest_auth_example.c index 4b00669f..889967fb 100644 --- a/src/examples/digest_auth_example.c +++ b/src/examples/digest_auth_example.c | |||
@@ -54,7 +54,7 @@ ahc_echo (void *cls, | |||
54 | (void)ptr; /* Unused. Silent compiler warning. */ | 54 | (void)ptr; /* Unused. Silent compiler warning. */ |
55 | 55 | ||
56 | username = MHD_digest_auth_get_username(connection); | 56 | username = MHD_digest_auth_get_username(connection); |
57 | if (username == NULL) | 57 | if (NULL == username) |
58 | { | 58 | { |
59 | response = MHD_create_response_from_buffer(strlen (DENIED), | 59 | response = MHD_create_response_from_buffer(strlen (DENIED), |
60 | DENIED, | 60 | DENIED, |
@@ -70,7 +70,7 @@ ahc_echo (void *cls, | |||
70 | username, | 70 | username, |
71 | password, | 71 | password, |
72 | 300); | 72 | 300); |
73 | free(username); | 73 | MHD_free (username); |
74 | if ( (ret == MHD_INVALID_NONCE) || | 74 | if ( (ret == MHD_INVALID_NONCE) || |
75 | (ret == MHD_NO) ) | 75 | (ret == MHD_NO) ) |
76 | { | 76 | { |
@@ -93,6 +93,7 @@ ahc_echo (void *cls, | |||
93 | return ret; | 93 | return ret; |
94 | } | 94 | } |
95 | 95 | ||
96 | |||
96 | int | 97 | int |
97 | main (int argc, char *const *argv) | 98 | main (int argc, char *const *argv) |
98 | { | 99 | { |
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index ac8af8b9..c2a9d32b 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -3106,7 +3106,7 @@ MHD_destroy_post_processor (struct MHD_PostProcessor *pp); | |||
3106 | * | 3106 | * |
3107 | * @param connection The MHD connection structure | 3107 | * @param connection The MHD connection structure |
3108 | * @return NULL if no username could be found, a pointer | 3108 | * @return NULL if no username could be found, a pointer |
3109 | * to the username if found | 3109 | * to the username if found, free using #MHD_free(). |
3110 | * @ingroup authentication | 3110 | * @ingroup authentication |
3111 | */ | 3111 | */ |
3112 | _MHD_EXTERN char * | 3112 | _MHD_EXTERN char * |
@@ -3114,6 +3114,17 @@ MHD_digest_auth_get_username (struct MHD_Connection *connection); | |||
3114 | 3114 | ||
3115 | 3115 | ||
3116 | /** | 3116 | /** |
3117 | * Free the memory given by @a ptr. Calls "free(ptr)". This function | ||
3118 | * should be used to free the username returned by | ||
3119 | * #MHD_digest_auth_get_username(). | ||
3120 | * | ||
3121 | * @param ptr pointer to free. | ||
3122 | */ | ||
3123 | void | ||
3124 | MHD_free (void *ptr); | ||
3125 | |||
3126 | |||
3127 | /** | ||
3117 | * Authenticates the authorization header sent by the client | 3128 | * Authenticates the authorization header sent by the client |
3118 | * | 3129 | * |
3119 | * @param connection The MHD connection structure | 3130 | * @param connection The MHD connection structure |
@@ -3160,9 +3171,9 @@ MHD_queue_auth_fail_response (struct MHD_Connection *connection, | |||
3160 | * Get the username and password from the basic authorization header sent by the client | 3171 | * Get the username and password from the basic authorization header sent by the client |
3161 | * | 3172 | * |
3162 | * @param connection The MHD connection structure | 3173 | * @param connection The MHD connection structure |
3163 | * @param password a pointer for the password | 3174 | * @param[out] password a pointer for the password, free using #MHD_free(). |
3164 | * @return NULL if no username could be found, a pointer | 3175 | * @return NULL if no username could be found, a pointer |
3165 | * to the username if found | 3176 | * to the username if found, free using #MHD_free(). |
3166 | * @ingroup authentication | 3177 | * @ingroup authentication |
3167 | */ | 3178 | */ |
3168 | _MHD_EXTERN char * | 3179 | _MHD_EXTERN char * |