diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/microhttpd/digestauth.c | 8 | ||||
-rw-r--r-- | src/microhttpd/internal.h | 12 |
2 files changed, 14 insertions, 6 deletions
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index c3717d47..890fc129 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -751,7 +751,7 @@ check_nonce_nc (struct MHD_Connection *connection, | |||
751 | mhd_assert (0 != noncelen); | 751 | mhd_assert (0 != noncelen); |
752 | mhd_assert (strlen (nonce) == noncelen); | 752 | mhd_assert (strlen (nonce) == noncelen); |
753 | mhd_assert (0 != nc); | 753 | mhd_assert (0 != nc); |
754 | if (MAX_NONCE_LENGTH < noncelen) | 754 | if (MAX_DIGEST_NONCE_LENGTH < noncelen) |
755 | return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis | 755 | return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static analysis |
756 | tools have a hard time with it *and* this also | 756 | tools have a hard time with it *and* this also |
757 | protects against unsafe modifications that may | 757 | protects against unsafe modifications that may |
@@ -1010,7 +1010,7 @@ is_slot_available (const struct MHD_NonceNc *const nn, | |||
1010 | uint64_t timestamp; | 1010 | uint64_t timestamp; |
1011 | bool timestamp_valid; | 1011 | bool timestamp_valid; |
1012 | mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST)); | 1012 | mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST)); |
1013 | mhd_assert (NONCE_STD_LEN (MAX_DIGEST) < MAX_NONCE_LENGTH); | 1013 | mhd_assert (NONCE_STD_LEN (MAX_DIGEST) <= MAX_DIGEST_NONCE_LENGTH); |
1014 | if (0 == nn->nonce[0]) | 1014 | if (0 == nn->nonce[0]) |
1015 | return true; /* The slot is empty */ | 1015 | return true; /* The slot is empty */ |
1016 | 1016 | ||
@@ -1071,7 +1071,7 @@ calculate_add_nonce (struct MHD_Connection *const connection, | |||
1071 | const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da)); | 1071 | const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da)); |
1072 | bool ret; | 1072 | bool ret; |
1073 | 1073 | ||
1074 | mhd_assert (MAX_NONCE_LENGTH >= nonce_size); | 1074 | mhd_assert (MAX_DIGEST_NONCE_LENGTH >= nonce_size); |
1075 | mhd_assert (0 != nonce_size); | 1075 | mhd_assert (0 != nonce_size); |
1076 | 1076 | ||
1077 | calculate_nonce (timestamp, | 1077 | calculate_nonce (timestamp, |
@@ -1427,7 +1427,7 @@ digest_auth_check_all (struct MHD_Connection *connection, | |||
1427 | unsigned int nonce_timeout) | 1427 | unsigned int nonce_timeout) |
1428 | { | 1428 | { |
1429 | struct MHD_Daemon *daemon = MHD_get_master (connection->daemon); | 1429 | struct MHD_Daemon *daemon = MHD_get_master (connection->daemon); |
1430 | char cnonce[MAX_NONCE_LENGTH]; | 1430 | char cnonce[MAX_CLIENT_NONCE_LENGTH]; |
1431 | const unsigned int digest_size = digest_get_size (da); | 1431 | const unsigned int digest_size = digest_get_size (da); |
1432 | char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1]; | 1432 | char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1]; |
1433 | char qop[15]; /* auth,auth-int */ | 1433 | char qop[15]; /* auth,auth-int */ |
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h index 4f03b8fc..92fa932b 100644 --- a/src/microhttpd/internal.h +++ b/src/microhttpd/internal.h | |||
@@ -240,8 +240,16 @@ enum MHD_ConnectionEventLoopInfo | |||
240 | * (already) takes more (see Mantis #1633), so we've increased the | 240 | * (already) takes more (see Mantis #1633), so we've increased the |
241 | * value to support something longer... | 241 | * value to support something longer... |
242 | */ | 242 | */ |
243 | #define MAX_NONCE_LENGTH 129 | 243 | #define MAX_CLIENT_NONCE_LENGTH 129 |
244 | 244 | ||
245 | /** | ||
246 | * The maximum size of MHD-generated nonce when printed with hexadecimal chars. | ||
247 | * | ||
248 | * This is equal to "(32 bytes for SHA-256 nonce plus 6 bytes for timestamp) | ||
249 | * multiplied by two hex chars per byte". | ||
250 | * Please keep it in sync with digestauth.c | ||
251 | */ | ||
252 | #define MAX_DIGEST_NONCE_LENGTH ((32 + 6) * 2) | ||
245 | 253 | ||
246 | /** | 254 | /** |
247 | * A structure representing the internal holder of the | 255 | * A structure representing the internal holder of the |
@@ -269,7 +277,7 @@ struct MHD_NonceNc | |||
269 | /** | 277 | /** |
270 | * Nonce value: | 278 | * Nonce value: |
271 | */ | 279 | */ |
272 | char nonce[MAX_NONCE_LENGTH + 1]; | 280 | char nonce[MAX_DIGEST_NONCE_LENGTH + 1]; |
273 | 281 | ||
274 | }; | 282 | }; |
275 | 283 | ||