diff options
Diffstat (limited to 'src/include/microhttpd.h')
-rw-r--r-- | src/include/microhttpd.h | 114 |
1 files changed, 111 insertions, 3 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index b9a9bcf9..7591bdc4 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -3192,7 +3192,30 @@ MHD_free (void *ptr); | |||
3192 | 3192 | ||
3193 | 3193 | ||
3194 | /** | 3194 | /** |
3195 | * Authenticates the authorization header sent by the client | 3195 | * Which digest algorithm should MHD use for HTTP digest authentication? |
3196 | */ | ||
3197 | enum MHD_DigestAuthAlgorithm { | ||
3198 | |||
3199 | /** | ||
3200 | * MHD should pick (currently defaults to SHA-256). | ||
3201 | */ | ||
3202 | MHD_DIGEST_ALG_AUTO = 0, | ||
3203 | |||
3204 | /** | ||
3205 | * Force use of MD5. | ||
3206 | */ | ||
3207 | MHD_DIGEST_ALG_MD5, | ||
3208 | |||
3209 | /** | ||
3210 | * Force use of SHA-256. | ||
3211 | */ | ||
3212 | MHD_DIGEST_ALG_SHA256 | ||
3213 | |||
3214 | }; | ||
3215 | |||
3216 | |||
3217 | /** | ||
3218 | * Authenticates the authorization header sent by the client. | ||
3196 | * | 3219 | * |
3197 | * @param connection The MHD connection structure | 3220 | * @param connection The MHD connection structure |
3198 | * @param realm The realm presented to the client | 3221 | * @param realm The realm presented to the client |
@@ -3200,11 +3223,39 @@ MHD_free (void *ptr); | |||
3200 | * @param password The password used in the authentication | 3223 | * @param password The password used in the authentication |
3201 | * @param nonce_timeout The amount of time for a nonce to be | 3224 | * @param nonce_timeout The amount of time for a nonce to be |
3202 | * invalid in seconds | 3225 | * invalid in seconds |
3226 | * @param algo digest algorithms allowed for verification | ||
3203 | * @return #MHD_YES if authenticated, #MHD_NO if not, | 3227 | * @return #MHD_YES if authenticated, #MHD_NO if not, |
3204 | * #MHD_INVALID_NONCE if nonce is invalid | 3228 | * #MHD_INVALID_NONCE if nonce is invalid |
3205 | * @ingroup authentication | 3229 | * @ingroup authentication |
3206 | */ | 3230 | */ |
3207 | _MHD_EXTERN int | 3231 | _MHD_EXTERN int |
3232 | MHD_digest_auth_check2 (struct MHD_Connection *connection, | ||
3233 | const char *realm, | ||
3234 | const char *username, | ||
3235 | const char *password, | ||
3236 | unsigned int nonce_timeout, | ||
3237 | enum MHD_DigestAuthAlgorithm algo); | ||
3238 | |||
3239 | |||
3240 | /** | ||
3241 | * Authenticates the authorization header sent by the client. | ||
3242 | * Uses #MHD_DIGEST_ALG_MD5 (for now, for backwards-compatibility). | ||
3243 | * Note that this MAY change to #MHD_DIGEST_ALG_AUTO in the future. | ||
3244 | * If you want to be sure you get MD5, use #MHD_digest_auth_check2() | ||
3245 | * and specifiy MD5 explicitly. | ||
3246 | * | ||
3247 | * @param connection The MHD connection structure | ||
3248 | * @param realm The realm presented to the client | ||
3249 | * @param username The username needs to be authenticated | ||
3250 | * @param password The password used in the authentication | ||
3251 | * @param nonce_timeout The amount of time for a nonce to be | ||
3252 | * invalid in seconds | ||
3253 | * @return #MHD_YES if authenticated, #MHD_NO if not, | ||
3254 | * #MHD_INVALID_NONCE if nonce is invalid | ||
3255 | * @ingroup authentication | ||
3256 | * @deprecated use MHD_digest_auth_check2() | ||
3257 | */ | ||
3258 | _MHD_EXTERN int | ||
3208 | MHD_digest_auth_check (struct MHD_Connection *connection, | 3259 | MHD_digest_auth_check (struct MHD_Connection *connection, |
3209 | const char *realm, | 3260 | const char *realm, |
3210 | const char *username, | 3261 | const char *username, |
@@ -3213,21 +3264,51 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
3213 | 3264 | ||
3214 | 3265 | ||
3215 | /** | 3266 | /** |
3216 | * Authenticates the authorization header sent by the client | 3267 | * Authenticates the authorization header sent by the client. |
3217 | * | 3268 | * |
3218 | * @param connection The MHD connection structure | 3269 | * @param connection The MHD connection structure |
3219 | * @param realm The realm presented to the client | 3270 | * @param realm The realm presented to the client |
3220 | * @param username The username needs to be authenticated | 3271 | * @param username The username needs to be authenticated |
3221 | * @param digest An `unsigned char *' pointer to the binary MD5 sum | 3272 | * @param digest An `unsigned char *' pointer to the binary MD5 sum |
3222 | * for the precalculated hash value "username:realm:password" | 3273 | * for the precalculated hash value "username:realm:password" |
3223 | * of #MHD_MD5_DIGEST_SIZE bytes | 3274 | * of @a digest_size bytes |
3275 | * @param digest_size number of bytes in @a digest (size must match @a algo!) | ||
3224 | * @param nonce_timeout The amount of time for a nonce to be | 3276 | * @param nonce_timeout The amount of time for a nonce to be |
3225 | * invalid in seconds | 3277 | * invalid in seconds |
3278 | * @param algo digest algorithms allowed for verification | ||
3226 | * @return #MHD_YES if authenticated, #MHD_NO if not, | 3279 | * @return #MHD_YES if authenticated, #MHD_NO if not, |
3227 | * #MHD_INVALID_NONCE if nonce is invalid | 3280 | * #MHD_INVALID_NONCE if nonce is invalid |
3228 | * @ingroup authentication | 3281 | * @ingroup authentication |
3229 | */ | 3282 | */ |
3230 | _MHD_EXTERN int | 3283 | _MHD_EXTERN int |
3284 | MHD_digest_auth_check_digest2 (struct MHD_Connection *connection, | ||
3285 | const char *realm, | ||
3286 | const char *username, | ||
3287 | const uint8_t *digest, | ||
3288 | size_t digest_size, | ||
3289 | unsigned int nonce_timeout, | ||
3290 | enum MHD_DigestAuthAlgorithm algo); | ||
3291 | |||
3292 | |||
3293 | /** | ||
3294 | * Authenticates the authorization header sent by the client | ||
3295 | * Uses #MHD_DIGEST_ALG_MD5 (required, as @a digest is of fixed | ||
3296 | * size). | ||
3297 | * | ||
3298 | * @param connection The MHD connection structure | ||
3299 | * @param realm The realm presented to the client | ||
3300 | * @param username The username needs to be authenticated | ||
3301 | * @param digest An `unsigned char *' pointer to the binary hash | ||
3302 | * for the precalculated hash value "username:realm:password"; | ||
3303 | * length must be #MHD_MD5_DIGEST_SIZE bytes | ||
3304 | * @param nonce_timeout The amount of time for a nonce to be | ||
3305 | * invalid in seconds | ||
3306 | * @return #MHD_YES if authenticated, #MHD_NO if not, | ||
3307 | * #MHD_INVALID_NONCE if nonce is invalid | ||
3308 | * @ingroup authentication | ||
3309 | * @deprecated use #MHD_digest_auth_check_digest2() | ||
3310 | */ | ||
3311 | _MHD_EXTERN int | ||
3231 | MHD_digest_auth_check_digest (struct MHD_Connection *connection, | 3312 | MHD_digest_auth_check_digest (struct MHD_Connection *connection, |
3232 | const char *realm, | 3313 | const char *realm, |
3233 | const char *username, | 3314 | const char *username, |
@@ -3239,6 +3320,32 @@ MHD_digest_auth_check_digest (struct MHD_Connection *connection, | |||
3239 | * Queues a response to request authentication from the client | 3320 | * Queues a response to request authentication from the client |
3240 | * | 3321 | * |
3241 | * @param connection The MHD connection structure | 3322 | * @param connection The MHD connection structure |
3323 | * @param realm the realm presented to the client | ||
3324 | * @param opaque string to user for opaque value | ||
3325 | * @param response reply to send; should contain the "access denied" | ||
3326 | * body; note that this function will set the "WWW Authenticate" | ||
3327 | * header and that the caller should not do this | ||
3328 | * @param signal_stale #MHD_YES if the nonce is invalid to add | ||
3329 | * 'stale=true' to the authentication header | ||
3330 | * @param algo digest algorithm to use | ||
3331 | * @return #MHD_YES on success, #MHD_NO otherwise | ||
3332 | * @ingroup authentication | ||
3333 | */ | ||
3334 | int | ||
3335 | MHD_queue_auth_fail_response2 (struct MHD_Connection *connection, | ||
3336 | const char *realm, | ||
3337 | const char *opaque, | ||
3338 | struct MHD_Response *response, | ||
3339 | int signal_stale, | ||
3340 | enum MHD_DigestAuthAlgorithm algo); | ||
3341 | |||
3342 | |||
3343 | /** | ||
3344 | * Queues a response to request authentication from the client | ||
3345 | * For now uses MD5 (for backwards-compatibility). Still, if you | ||
3346 | * need to be sure, use #MHD_queue_fail_auth_response2(). | ||
3347 | * | ||
3348 | * @param connection The MHD connection structure | ||
3242 | * @param realm The realm presented to the client | 3349 | * @param realm The realm presented to the client |
3243 | * @param opaque string to user for opaque value | 3350 | * @param opaque string to user for opaque value |
3244 | * @param response reply to send; should contain the "access denied" | 3351 | * @param response reply to send; should contain the "access denied" |
@@ -3248,6 +3355,7 @@ MHD_digest_auth_check_digest (struct MHD_Connection *connection, | |||
3248 | * 'stale=true' to the authentication header | 3355 | * 'stale=true' to the authentication header |
3249 | * @return #MHD_YES on success, #MHD_NO otherwise | 3356 | * @return #MHD_YES on success, #MHD_NO otherwise |
3250 | * @ingroup authentication | 3357 | * @ingroup authentication |
3358 | * @deprecated use MHD_queue_auth_fail_response2() | ||
3251 | */ | 3359 | */ |
3252 | _MHD_EXTERN int | 3360 | _MHD_EXTERN int |
3253 | MHD_queue_auth_fail_response (struct MHD_Connection *connection, | 3361 | MHD_queue_auth_fail_response (struct MHD_Connection *connection, |