diff options
Diffstat (limited to 'src/microhttpd/basicauth.c')
-rw-r--r-- | src/microhttpd/basicauth.c | 87 |
1 files changed, 45 insertions, 42 deletions
diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c index 1d0c53ad..f1e38af4 100644 --- a/src/microhttpd/basicauth.c +++ b/src/microhttpd/basicauth.c | |||
@@ -31,7 +31,7 @@ | |||
31 | /** | 31 | /** |
32 | * Beginning string for any valid Basic authentication header. | 32 | * Beginning string for any valid Basic authentication header. |
33 | */ | 33 | */ |
34 | #define _BASIC_BASE "Basic " | 34 | #define _BASIC_BASE "Basic " |
35 | 35 | ||
36 | 36 | ||
37 | /** | 37 | /** |
@@ -40,12 +40,12 @@ | |||
40 | * @param connection The MHD connection structure | 40 | * @param connection The MHD connection structure |
41 | * @param password a pointer for the password | 41 | * @param password a pointer for the password |
42 | * @return NULL if no username could be found, a pointer | 42 | * @return NULL if no username could be found, a pointer |
43 | * to the username if found | 43 | * to the username if found |
44 | * @ingroup authentication | 44 | * @ingroup authentication |
45 | */ | 45 | */ |
46 | char * | 46 | char * |
47 | MHD_basic_auth_get_username_password (struct MHD_Connection *connection, | 47 | MHD_basic_auth_get_username_password (struct MHD_Connection *connection, |
48 | char** password) | 48 | char**password) |
49 | { | 49 | { |
50 | const char *header; | 50 | const char *header; |
51 | char *decode; | 51 | char *decode; |
@@ -55,7 +55,8 @@ MHD_basic_auth_get_username_password (struct MHD_Connection *connection, | |||
55 | if ( (MHD_NO == MHD_lookup_connection_value_n (connection, | 55 | if ( (MHD_NO == MHD_lookup_connection_value_n (connection, |
56 | MHD_HEADER_KIND, | 56 | MHD_HEADER_KIND, |
57 | MHD_HTTP_HEADER_AUTHORIZATION, | 57 | MHD_HTTP_HEADER_AUTHORIZATION, |
58 | MHD_STATICSTR_LEN_ (MHD_HTTP_HEADER_AUTHORIZATION), | 58 | MHD_STATICSTR_LEN_ ( |
59 | MHD_HTTP_HEADER_AUTHORIZATION), | ||
59 | &header, | 60 | &header, |
60 | NULL)) || | 61 | NULL)) || |
61 | (0 != strncmp (header, | 62 | (0 != strncmp (header, |
@@ -64,44 +65,44 @@ MHD_basic_auth_get_username_password (struct MHD_Connection *connection, | |||
64 | return NULL; | 65 | return NULL; |
65 | header += MHD_STATICSTR_LEN_ (_BASIC_BASE); | 66 | header += MHD_STATICSTR_LEN_ (_BASIC_BASE); |
66 | if (NULL == (decode = BASE64Decode (header))) | 67 | if (NULL == (decode = BASE64Decode (header))) |
67 | { | 68 | { |
68 | #ifdef HAVE_MESSAGES | 69 | #ifdef HAVE_MESSAGES |
69 | MHD_DLOG (connection->daemon, | 70 | MHD_DLOG (connection->daemon, |
70 | _("Error decoding basic authentication\n")); | 71 | _ ("Error decoding basic authentication\n")); |
71 | #endif | 72 | #endif |
72 | return NULL; | 73 | return NULL; |
73 | } | 74 | } |
74 | /* Find user:password pattern */ | 75 | /* Find user:password pattern */ |
75 | if (NULL == (separator = strchr (decode, | 76 | if (NULL == (separator = strchr (decode, |
76 | ':'))) | 77 | ':'))) |
77 | { | 78 | { |
78 | #ifdef HAVE_MESSAGES | 79 | #ifdef HAVE_MESSAGES |
79 | MHD_DLOG(connection->daemon, | 80 | MHD_DLOG (connection->daemon, |
80 | _("Basic authentication doesn't contain ':' separator\n")); | 81 | _ ("Basic authentication doesn't contain ':' separator\n")); |
81 | #endif | 82 | #endif |
82 | free (decode); | 83 | free (decode); |
83 | return NULL; | 84 | return NULL; |
84 | } | 85 | } |
85 | if (NULL == (user = strdup (decode))) | 86 | if (NULL == (user = strdup (decode))) |
86 | { | 87 | { |
87 | free (decode); | 88 | free (decode); |
88 | return NULL; | 89 | return NULL; |
89 | } | 90 | } |
90 | user[separator - decode] = '\0'; /* cut off at ':' */ | 91 | user[separator - decode] = '\0'; /* cut off at ':' */ |
91 | if (NULL != password) | 92 | if (NULL != password) |
93 | { | ||
94 | *password = strdup (separator + 1); | ||
95 | if (NULL == *password) | ||
92 | { | 96 | { |
93 | *password = strdup (separator + 1); | ||
94 | if (NULL == *password) | ||
95 | { | ||
96 | #ifdef HAVE_MESSAGES | 97 | #ifdef HAVE_MESSAGES |
97 | MHD_DLOG(connection->daemon, | 98 | MHD_DLOG (connection->daemon, |
98 | _("Failed to allocate memory for password\n")); | 99 | _ ("Failed to allocate memory for password\n")); |
99 | #endif | 100 | #endif |
100 | free (decode); | 101 | free (decode); |
101 | free (user); | 102 | free (user); |
102 | return NULL; | 103 | return NULL; |
103 | } | ||
104 | } | 104 | } |
105 | } | ||
105 | free (decode); | 106 | free (decode); |
106 | return user; | 107 | return user; |
107 | } | 108 | } |
@@ -121,20 +122,20 @@ MHD_basic_auth_get_username_password (struct MHD_Connection *connection, | |||
121 | */ | 122 | */ |
122 | int | 123 | int |
123 | MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | 124 | MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, |
124 | const char *realm, | 125 | const char *realm, |
125 | struct MHD_Response *response) | 126 | struct MHD_Response *response) |
126 | { | 127 | { |
127 | int ret; | 128 | int ret; |
128 | int res; | 129 | int res; |
129 | size_t hlen = strlen(realm) + strlen("Basic realm=\"\"") + 1; | 130 | size_t hlen = strlen (realm) + strlen ("Basic realm=\"\"") + 1; |
130 | char *header; | 131 | char *header; |
131 | 132 | ||
132 | header = (char *) malloc(hlen); | 133 | header = (char *) malloc (hlen); |
133 | if (NULL == header) | 134 | if (NULL == header) |
134 | { | 135 | { |
135 | #ifdef HAVE_MESSAGES | 136 | #ifdef HAVE_MESSAGES |
136 | MHD_DLOG(connection->daemon, | 137 | MHD_DLOG (connection->daemon, |
137 | "Failed to allocate memory for auth header\n"); | 138 | "Failed to allocate memory for auth header\n"); |
138 | #endif /* HAVE_MESSAGES */ | 139 | #endif /* HAVE_MESSAGES */ |
139 | return MHD_NO; | 140 | return MHD_NO; |
140 | } | 141 | } |
@@ -142,25 +143,27 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection *connection, | |||
142 | hlen, | 143 | hlen, |
143 | "Basic realm=\"%s\"", | 144 | "Basic realm=\"%s\"", |
144 | realm); | 145 | realm); |
145 | if (res > 0 && (size_t)res < hlen) | 146 | if ((res > 0)&&((size_t) res < hlen)) |
146 | ret = MHD_add_response_header (response, | 147 | ret = MHD_add_response_header (response, |
147 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | 148 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, |
148 | header); | 149 | header); |
149 | else | 150 | else |
150 | ret = MHD_NO; | 151 | ret = MHD_NO; |
151 | 152 | ||
152 | free(header); | 153 | free (header); |
153 | if (MHD_YES == ret) | 154 | if (MHD_YES == ret) |
155 | { | ||
154 | ret = MHD_queue_response (connection, | 156 | ret = MHD_queue_response (connection, |
155 | MHD_HTTP_UNAUTHORIZED, | 157 | MHD_HTTP_UNAUTHORIZED, |
156 | response); | 158 | response); |
159 | } | ||
157 | else | 160 | else |
158 | { | 161 | { |
159 | #ifdef HAVE_MESSAGES | 162 | #ifdef HAVE_MESSAGES |
160 | MHD_DLOG (connection->daemon, | 163 | MHD_DLOG (connection->daemon, |
161 | _("Failed to add Basic auth header\n")); | 164 | _ ("Failed to add Basic auth header\n")); |
162 | #endif /* HAVE_MESSAGES */ | 165 | #endif /* HAVE_MESSAGES */ |
163 | } | 166 | } |
164 | return ret; | 167 | return ret; |
165 | } | 168 | } |
166 | 169 | ||