diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/include/microhttpd.h | 13 | ||||
-rw-r--r-- | src/microhttpd/digestauth.c | 13 |
2 files changed, 22 insertions, 4 deletions
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index a0b48506..c942efd4 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -96,7 +96,7 @@ extern "C" | |||
96 | * they are parsed as decimal numbers. | 96 | * they are parsed as decimal numbers. |
97 | * Example: 0x01093001 = 1.9.30-1. | 97 | * Example: 0x01093001 = 1.9.30-1. |
98 | */ | 98 | */ |
99 | #define MHD_VERSION 0x00097520 | 99 | #define MHD_VERSION 0x00097521 |
100 | 100 | ||
101 | /* If generic headers don't work on your platform, include headers | 101 | /* If generic headers don't work on your platform, include headers |
102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', | 102 | which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t', |
@@ -4740,7 +4740,7 @@ enum MHD_DigestAuthAlgorithm | |||
4740 | * | 4740 | * |
4741 | * All error values are zero or negative. | 4741 | * All error values are zero or negative. |
4742 | * | 4742 | * |
4743 | * @note Available since #MHD_VERSION 0x00097518 | 4743 | * @note Available since #MHD_VERSION 0x00097521 |
4744 | */ | 4744 | */ |
4745 | enum MHD_DigestAuthResult | 4745 | enum MHD_DigestAuthResult |
4746 | { | 4746 | { |
@@ -4780,6 +4780,11 @@ enum MHD_DigestAuthResult | |||
4780 | MHD_DAUTH_WRONG_QOP = -5, | 4780 | MHD_DAUTH_WRONG_QOP = -5, |
4781 | 4781 | ||
4782 | /** | 4782 | /** |
4783 | * Wrong 'algorithm'. | ||
4784 | */ | ||
4785 | MHD_DAUTH_WRONG_ALGO = -6, | ||
4786 | |||
4787 | /** | ||
4783 | * Too large (>64 KiB) Authorization parameter value. | 4788 | * Too large (>64 KiB) Authorization parameter value. |
4784 | */ | 4789 | */ |
4785 | MHD_DAUTH_TOO_LARGE = -15, | 4790 | MHD_DAUTH_TOO_LARGE = -15, |
@@ -4817,7 +4822,7 @@ enum MHD_DigestAuthResult | |||
4817 | * @param algo the digest algorithms allowed for verification | 4822 | * @param algo the digest algorithms allowed for verification |
4818 | * @return #MHD_DAUTH_OK if authenticated, | 4823 | * @return #MHD_DAUTH_OK if authenticated, |
4819 | * the error code otherwise | 4824 | * the error code otherwise |
4820 | * @note Available since #MHD_VERSION 0x00097518 | 4825 | * @note Available since #MHD_VERSION 0x00097521 |
4821 | * @ingroup authentication | 4826 | * @ingroup authentication |
4822 | */ | 4827 | */ |
4823 | _MHD_EXTERN enum MHD_DigestAuthResult | 4828 | _MHD_EXTERN enum MHD_DigestAuthResult |
@@ -4843,7 +4848,7 @@ MHD_digest_auth_check3 (struct MHD_Connection *connection, | |||
4843 | * @param algo digest algorithms allowed for verification | 4848 | * @param algo digest algorithms allowed for verification |
4844 | * @return #MHD_DAUTH_OK if authenticated, | 4849 | * @return #MHD_DAUTH_OK if authenticated, |
4845 | * the error code otherwise | 4850 | * the error code otherwise |
4846 | * @note Available since #MHD_VERSION 0x00097513 | 4851 | * @note Available since #MHD_VERSION 0x00097521 |
4847 | * @ingroup authentication | 4852 | * @ingroup authentication |
4848 | */ | 4853 | */ |
4849 | _MHD_EXTERN enum MHD_DigestAuthResult | 4854 | _MHD_EXTERN enum MHD_DigestAuthResult |
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c index 35dd0264..71561332 100644 --- a/src/microhttpd/digestauth.c +++ b/src/microhttpd/digestauth.c | |||
@@ -2034,6 +2034,19 @@ digest_auth_check_all_inner (struct MHD_Connection *connection, | |||
2034 | return MHD_DAUTH_WRONG_QOP; | 2034 | return MHD_DAUTH_WRONG_QOP; |
2035 | /* 'qop' valid */ | 2035 | /* 'qop' valid */ |
2036 | 2036 | ||
2037 | /* Check 'algorithm' */ | ||
2038 | if (1) | ||
2039 | { | ||
2040 | const enum MHD_DigestAuthAlgo3 r_algo = get_rq_algo (params); | ||
2041 | const enum MHD_DigestBaseAlgo p_algo = da->algo; | ||
2042 | if ( (! ((MHD_DIGEST_AUTH_ALGO3_MD5 == r_algo) && | ||
2043 | (MHD_DIGEST_BASE_ALGO_MD5 == p_algo))) && | ||
2044 | (! ((MHD_DIGEST_AUTH_ALGO3_SHA256 == r_algo) && | ||
2045 | (MHD_DIGEST_BASE_ALGO_SHA256 == p_algo))) ) | ||
2046 | return MHD_DAUTH_WRONG_ALGO; | ||
2047 | } | ||
2048 | /* 'algorithm' valid */ | ||
2049 | |||
2037 | /* ** Do basic nonce and nonce-counter checks (size, timestamp) ** */ | 2050 | /* ** Do basic nonce and nonce-counter checks (size, timestamp) ** */ |
2038 | /* Get 'nc' digital value */ | 2051 | /* Get 'nc' digital value */ |
2039 | unq_res = get_unquoted_param (¶ms->nc, tmp1, ptmp2, &tmp2_size, | 2052 | unq_res = get_unquoted_param (¶ms->nc, tmp1, ptmp2, &tmp2_size, |