diff options
Diffstat (limited to 'src/daemon/digestauth.c')
-rw-r--r-- | src/daemon/digestauth.c | 66 |
1 files changed, 24 insertions, 42 deletions
diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c index aed1d6c1..93f4c9f2 100644 --- a/src/daemon/digestauth.c +++ b/src/daemon/digestauth.c | |||
@@ -36,12 +36,7 @@ | |||
36 | #define HASH_MD5_HEX_LEN 32 | 36 | #define HASH_MD5_HEX_LEN 32 |
37 | #define HASH_SHA1_HEX_LEN 40 | 37 | #define HASH_SHA1_HEX_LEN 40 |
38 | 38 | ||
39 | #define _OPAQUE "opaque=\"11733b200778ce33060f31c9af70a870ba96ddd4\"" | ||
40 | #define _QOP "qop=\"auth\"" | ||
41 | #define _STALE "stale=true" | ||
42 | #define _BASE "Digest " | 39 | #define _BASE "Digest " |
43 | #define _REALM "realm=" | ||
44 | #define _NONCE "nonce=" | ||
45 | 40 | ||
46 | /* convert bin to hex */ | 41 | /* convert bin to hex */ |
47 | static void | 42 | static void |
@@ -552,44 +547,31 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection, | |||
552 | /* | 547 | /* |
553 | * Building the authentication header | 548 | * Building the authentication header |
554 | */ | 549 | */ |
555 | 550 | hlen = snprintf(NULL, | |
556 | /* 4(single quotes) + 3(commas) + NULL = 8 */ | 551 | 0, |
557 | hlen = strlen(_BASE) + strlen(_REALM) + strlen(realm) + | 552 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", |
558 | strlen(_QOP) + strlen(_NONCE) + strlen(nonce) + | 553 | realm, |
559 | strlen(_OPAQUE) + 8; | 554 | nonce, |
560 | 555 | opaque, | |
561 | /* 1(comma for stale=true) */ | 556 | signal_stale ? ",stale=true" : ""); |
562 | if (signal_stale) | 557 | { |
563 | hlen += strlen(_STALE) + 1; | 558 | char header[hlen + 1]; |
564 | 559 | snprintf(header, | |
565 | header = malloc(hlen); | 560 | sizeof(header), |
566 | 561 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", | |
567 | if (header == NULL) return MHD_NO; | 562 | realm, |
568 | 563 | nonce, | |
569 | snprintf(header, hlen, | 564 | opaque, |
570 | "%s%s\"%s\",%s,%s\"%s\",%s", | 565 | signal_stale ? ",stale=true" : ""); |
571 | _BASE, _REALM, realm, _QOP, | 566 | ret = MHD_add_response_header(response, |
572 | _NONCE, nonce, _OPAQUE); | 567 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
573 | 568 | header); | |
574 | /* Add "stale=true" to the authentication header if nonce is invalid */ | ||
575 | if (signal_stale) { | ||
576 | strncat(header, ",", 1); | ||
577 | strncat(header, _STALE, strlen(_STALE)); | ||
578 | } | ||
579 | |||
580 | /* | ||
581 | * Sending response with authentication header | ||
582 | */ | ||
583 | |||
584 | ret = MHD_add_response_header(response, | ||
585 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, header); | ||
586 | |||
587 | free(header); | ||
588 | |||
589 | if(!ret) { | ||
590 | MHD_destroy_response(response); | ||
591 | return MHD_NO; | ||
592 | } | 569 | } |
570 | if(!ret) | ||
571 | { | ||
572 | MHD_destroy_response(response); | ||
573 | return MHD_NO; | ||
574 | } | ||
593 | 575 | ||
594 | ret = MHD_queue_response(connection, MHD_HTTP_UNAUTHORIZED, response); | 576 | ret = MHD_queue_response(connection, MHD_HTTP_UNAUTHORIZED, response); |
595 | 577 | ||