diff options
Diffstat (limited to 'src/daemon/digestauth.c')
| -rw-r--r-- | src/daemon/digestauth.c | 66 |
1 files changed, 24 insertions, 42 deletions
diff --git a/src/daemon/digestauth.c b/src/daemon/digestauth.c index aed1d6c1..93f4c9f2 100644 --- a/src/daemon/digestauth.c +++ b/src/daemon/digestauth.c | |||
| @@ -36,12 +36,7 @@ | |||
| 36 | #define HASH_MD5_HEX_LEN 32 | 36 | #define HASH_MD5_HEX_LEN 32 |
| 37 | #define HASH_SHA1_HEX_LEN 40 | 37 | #define HASH_SHA1_HEX_LEN 40 |
| 38 | 38 | ||
| 39 | #define _OPAQUE "opaque=\"11733b200778ce33060f31c9af70a870ba96ddd4\"" | ||
| 40 | #define _QOP "qop=\"auth\"" | ||
| 41 | #define _STALE "stale=true" | ||
| 42 | #define _BASE "Digest " | 39 | #define _BASE "Digest " |
| 43 | #define _REALM "realm=" | ||
| 44 | #define _NONCE "nonce=" | ||
| 45 | 40 | ||
| 46 | /* convert bin to hex */ | 41 | /* convert bin to hex */ |
| 47 | static void | 42 | static void |
| @@ -552,44 +547,31 @@ MHD_queue_auth_fail_response(struct MHD_Connection *connection, | |||
| 552 | /* | 547 | /* |
| 553 | * Building the authentication header | 548 | * Building the authentication header |
| 554 | */ | 549 | */ |
| 555 | 550 | hlen = snprintf(NULL, | |
| 556 | /* 4(single quotes) + 3(commas) + NULL = 8 */ | 551 | 0, |
| 557 | hlen = strlen(_BASE) + strlen(_REALM) + strlen(realm) + | 552 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", |
| 558 | strlen(_QOP) + strlen(_NONCE) + strlen(nonce) + | 553 | realm, |
| 559 | strlen(_OPAQUE) + 8; | 554 | nonce, |
| 560 | 555 | opaque, | |
| 561 | /* 1(comma for stale=true) */ | 556 | signal_stale ? ",stale=true" : ""); |
| 562 | if (signal_stale) | 557 | { |
| 563 | hlen += strlen(_STALE) + 1; | 558 | char header[hlen + 1]; |
| 564 | 559 | snprintf(header, | |
| 565 | header = malloc(hlen); | 560 | sizeof(header), |
| 566 | 561 | "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s", | |
| 567 | if (header == NULL) return MHD_NO; | 562 | realm, |
| 568 | 563 | nonce, | |
| 569 | snprintf(header, hlen, | 564 | opaque, |
| 570 | "%s%s\"%s\",%s,%s\"%s\",%s", | 565 | signal_stale ? ",stale=true" : ""); |
| 571 | _BASE, _REALM, realm, _QOP, | 566 | ret = MHD_add_response_header(response, |
| 572 | _NONCE, nonce, _OPAQUE); | 567 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
| 573 | 568 | header); | |
| 574 | /* Add "stale=true" to the authentication header if nonce is invalid */ | ||
| 575 | if (signal_stale) { | ||
| 576 | strncat(header, ",", 1); | ||
| 577 | strncat(header, _STALE, strlen(_STALE)); | ||
| 578 | } | ||
| 579 | |||
| 580 | /* | ||
| 581 | * Sending response with authentication header | ||
| 582 | */ | ||
| 583 | |||
| 584 | ret = MHD_add_response_header(response, | ||
| 585 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, header); | ||
| 586 | |||
| 587 | free(header); | ||
| 588 | |||
| 589 | if(!ret) { | ||
| 590 | MHD_destroy_response(response); | ||
| 591 | return MHD_NO; | ||
| 592 | } | 569 | } |
| 570 | if(!ret) | ||
| 571 | { | ||
| 572 | MHD_destroy_response(response); | ||
| 573 | return MHD_NO; | ||
| 574 | } | ||
| 593 | 575 | ||
| 594 | ret = MHD_queue_response(connection, MHD_HTTP_UNAUTHORIZED, response); | 576 | ret = MHD_queue_response(connection, MHD_HTTP_UNAUTHORIZED, response); |
| 595 | 577 | ||