aboutsummaryrefslogtreecommitdiff
path: root/src/microhttpd/digestauth.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/microhttpd/digestauth.c')
-rw-r--r--src/microhttpd/digestauth.c23
1 files changed, 14 insertions, 9 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 4bb67f11..e8983d62 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -1933,7 +1933,6 @@ digest_auth_check_all_inner (struct MHD_Connection *connection,
1933 const char *hentity = NULL; /* "auth-int" is not supported */ 1933 const char *hentity = NULL; /* "auth-int" is not supported */
1934#endif 1934#endif
1935 uint64_t nonce_time; 1935 uint64_t nonce_time;
1936 uint64_t t;
1937 uint64_t nci; 1936 uint64_t nci;
1938 const struct MHD_RqDAuth *params; 1937 const struct MHD_RqDAuth *params;
1939 /** 1938 /**
@@ -2112,14 +2111,20 @@ digest_auth_check_all_inner (struct MHD_Connection *connection,
2112#endif 2111#endif
2113 return MHD_DAUTH_NONCE_WRONG; 2112 return MHD_DAUTH_NONCE_WRONG;
2114 } 2113 }
2115 t = MHD_monotonic_msec_counter (); 2114
2116 /* 2115 if (1)
2117 * First level vetting for the nonce validity: if the timestamp 2116 {
2118 * attached to the nonce exceeds `nonce_timeout', then the nonce is 2117 uint64_t t;
2119 * invalid. 2118
2120 */ 2119 t = MHD_monotonic_msec_counter ();
2121 if (TRIM_TO_TIMESTAMP (t - nonce_time) > (nonce_timeout * 1000)) 2120 /*
2122 return MHD_DAUTH_NONCE_STALE; /* too old */ 2121 * First level vetting for the nonce validity: if the timestamp
2122 * attached to the nonce exceeds `nonce_timeout', then the nonce is
2123 * invalid.
2124 */
2125 if (TRIM_TO_TIMESTAMP (t - nonce_time) > (nonce_timeout * 1000))
2126 return MHD_DAUTH_NONCE_STALE; /* too old */
2127 }
2123 if (1) 2128 if (1)
2124 { 2129 {
2125 enum MHD_CheckNonceNC_ nonce_nc_check; 2130 enum MHD_CheckNonceNC_ nonce_nc_check;