diff options
Diffstat (limited to 'src/microhttpd/digestauth.c')
| -rw-r--r-- | src/microhttpd/digestauth.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 3949b268..b2944fad 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
| @@ -555,7 +555,8 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
| 555 | * Look for the nonce, if it does exist and its corresponding | 555 | * Look for the nonce, if it does exist and its corresponding |
| 556 | * nonce counter is less than the current nonce counter by 1, | 556 | * nonce counter is less than the current nonce counter by 1, |
| 557 | * then only increase the nonce counter by one. | 557 | * then only increase the nonce counter by one. |
| 558 | */nn = &daemon->nnc[off]; | 558 | */ |
| 559 | nn = &daemon->nnc[off]; | ||
| 559 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) | 560 | #if defined(MHD_USE_POSIX_THREADS) || defined(MHD_USE_W32_THREADS) |
| 560 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); | 561 | MHD_mutex_lock_chk_ (&daemon->nnc_lock); |
| 561 | #endif | 562 | #endif |
| @@ -955,7 +956,8 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
| 955 | * First level vetting for the nonce validity: if the timestamp | 956 | * First level vetting for the nonce validity: if the timestamp |
| 956 | * attached to the nonce exceeds `nonce_timeout', then the nonce is | 957 | * attached to the nonce exceeds `nonce_timeout', then the nonce is |
| 957 | * invalid. | 958 | * invalid. |
| 958 | */if ( (t > nonce_time + nonce_timeout) || | 959 | */ |
| 960 | if ( (t > nonce_time + nonce_timeout) || | ||
| 959 | (nonce_time + nonce_timeout < nonce_time) ) | 961 | (nonce_time + nonce_timeout < nonce_time) ) |
| 960 | { | 962 | { |
| 961 | /* too old */ | 963 | /* too old */ |
| @@ -978,7 +980,8 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
| 978 | * able to generate a "sane" nonce, which if he does | 980 | * able to generate a "sane" nonce, which if he does |
| 979 | * not, the nonce fabrication process going to be | 981 | * not, the nonce fabrication process going to be |
| 980 | * very hard to achieve. | 982 | * very hard to achieve. |
| 981 | */if (0 != strcmp (nonce, | 983 | */ |
| 984 | if (0 != strcmp (nonce, | ||
| 982 | noncehashexp)) | 985 | noncehashexp)) |
| 983 | { | 986 | { |
| 984 | return MHD_INVALID_NONCE; | 987 | return MHD_INVALID_NONCE; |
| @@ -1025,7 +1028,8 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
| 1025 | * Checking if that combination of nonce and nc is sound | 1028 | * Checking if that combination of nonce and nc is sound |
| 1026 | * and not a replay attack attempt. Also adds the nonce | 1029 | * and not a replay attack attempt. Also adds the nonce |
| 1027 | * to the nonce-nc map if it does not exist there. | 1030 | * to the nonce-nc map if it does not exist there. |
| 1028 | */if (MHD_NO == | 1031 | */ |
| 1032 | if (MHD_NO == | ||
| 1029 | check_nonce_nc (connection, | 1033 | check_nonce_nc (connection, |
| 1030 | nonce, | 1034 | nonce, |
| 1031 | nci)) | 1035 | nci)) |
| @@ -1199,7 +1203,7 @@ MHD_digest_auth_check (struct MHD_Connection *connection, | |||
| 1199 | da.digest = &MHD_MD5Final; \ | 1203 | da.digest = &MHD_MD5Final; \ |
| 1200 | break; \ | 1204 | break; \ |
| 1201 | case MHD_DIGEST_ALG_AUTO: \ | 1205 | case MHD_DIGEST_ALG_AUTO: \ |
| 1202 | /* auto == SHA256, fall-though thus intentional! */ \ | 1206 | /* auto == SHA256, fall-though thus intentional! */ \ |
| 1203 | case MHD_DIGEST_ALG_SHA256: \ | 1207 | case MHD_DIGEST_ALG_SHA256: \ |
| 1204 | da.digest_size = SHA256_DIGEST_SIZE; \ | 1208 | da.digest_size = SHA256_DIGEST_SIZE; \ |
| 1205 | da.ctx = &ctx.sha256; \ | 1209 | da.ctx = &ctx.sha256; \ |