Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | digestauth: use pre-calculated URI length to avoid stop at first binary zero | Evgeny Grin (Karlson2k) | 2022-06-23 |
| | |||
* | digestauth: use size_t for counting headers | Evgeny Grin (Karlson2k) | 2022-06-23 |
| | |||
* | digestauth: added check whether arguments specified in the right order | Evgeny Grin (Karlson2k) | 2022-06-23 |
| | |||
* | digestauth: removed now unused do-while scope | Evgeny Grin (Karlson2k) | 2022-06-22 |
| | |||
* | Fixed check for URL match to handle URLs with binary zero | Evgeny Grin (Karlson2k) | 2022-06-22 |
| | |||
* | digest_auth_check_all(): simplified, improved readability | Evgeny Grin (Karlson2k) | 2022-06-22 |
| | | | | | | | | | | | Added check for too long nonce (the size is know in advance, no need to try other check if nonce size is wrong); Used caseless match more 'qop' value (as required by RFC), too long 'qop' values reject early, added special result value for wrong qop; Reject early with too long 'nc' value; Reject early with wrong response size (the size is know in advance, no need to make CPU-intensive hash calculations if size if incorrect); Added special return value is any parameter is too large to be processed | ||
* | MHD_parse_arguments_(): refactored, allow cls for the callback | Evgeny Grin (Karlson2k) | 2022-06-22 |
| | |||
* | Fixed wrong usage of maximum client nonce size as maximum size of server nonce | Evgeny Grin (Karlson2k) | 2022-06-07 |
| | | | | This also saves some RAM for nonce-nc map array | ||
* | digestauth: avoid repetitive calculations of some strings' length | Evgeny Grin (Karlson2k) | 2022-06-06 |
| | |||
* | Simplified Digest Auth code by using the new string processing functions | Evgeny Grin (Karlson2k) | 2022-06-06 |
| | |||
* | Fixed 'int' instead of 'MHD_Result' | Evgeny Grin (Karlson2k) | 2022-05-31 |
| | |||
* | authentication: reworked header parsing | Evgeny Grin (Karlson2k) | 2022-05-31 |
| | | | | | | | | | Added single function to parse all enabled authentication schemes header strings. The parsing result is cached and reused thus avoiding repetitive header parsing. The new function correctly "unquotes" values (backslashes are removed) as required by RFC. | ||
* | digestauth: reworked support for multiple digest algorithms | Evgeny Grin (Karlson2k) | 2022-05-23 |
| | |||
* | Created digestauth.h header | Evgeny Grin (Karlson2k) | 2022-05-20 |
| | |||
* | digestauth: simplified overflow check | Evgeny Grin (Karlson2k) | 2022-05-16 |
| | |||
* | Added two new public functions for digest authentication | Evgeny Grin (Karlson2k) | 2022-05-13 |
| | |||
* | digestauth: added detection for possibly fabricated nonces | Evgeny Grin (Karlson2k) | 2022-05-13 |
| | |||
* | digestauth: cosmetics | Evgeny Grin (Karlson2k) | 2022-05-13 |
| | |||
* | digestauth: fixed wrong results of client data check | Evgeny Grin (Karlson2k) | 2022-05-13 |
| | | | | | | | | Stale 'nonce' from client was reported as either 'INVALID_NONCE' or just as 'MHD_NO'. Now it is always reported as 'INVALID_NONCE". Unfortunately wrong 'nonce' is reported as 'INVALID_NONCE' as well and it cannot be fixed with current API. | ||
* | digestauth: always use master daemon only | Evgeny Grin (Karlson2k) | 2022-05-06 |
| | |||
* | Added one more fallback for unique nonce generation | Evgeny Grin (Karlson2k) | 2022-05-06 |
| | |||
* | digestauth: added check for valid nonce format in the nonce-nc map | Evgeny Grin (Karlson2k) | 2022-05-06 |
| | | | | This is required to prevent strlen() runaway. | ||
* | digestauth: added two more asserts | Evgeny Grin (Karlson2k) | 2022-05-06 |
| | |||
* | digestauth: fixed logic of free nonce-nc slot detection | Evgeny Grin (Karlson2k) | 2022-05-06 |
| | |||
* | Fixed additional wrong (inverted) asserts | Evgeny Grin (Karlson2k) | 2022-05-05 |
| | |||
* | Fixed wrong (inverted) asserts | Evgeny Grin (Karlson2k) | 2022-05-05 |
| | |||
* | digestauth: re-used static function | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: added management of nonce-nc map array slots | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: additional static function for code re-use | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: additional macros for readability | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: use mseconds for timestamp | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | | | | The clash of nonces is lower with higher timestamp resolution | ||
* | digestauth: increased timestamp to 48 bits | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: added run-time checks for algo value | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: additional assert | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: changed type of var | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | |||
* | digestauth: use 7 bit shift for fast "hash" | Evgeny Grin (Karlson2k) | 2022-05-04 |
| | | | | | As only ASCII printable chars are used for "nonce", the highest bit is always zero. | ||
* | check_nonce_nc(): sorted checks according to probability | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | | | | | The code should be more readable and it should give very minor performance improvement. | ||
* | check_nonce_nc(): additionally improved readability, fixed comments | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | |||
* | check_nonce_nc(): fixed missing set of the bit for the old 'nc' value | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | | | | | When 'nc' values are increased sequentially, the bit for the old 'nc' value was not set. | ||
* | check_nonce_nc(): moved 'nc' overflow check out of mutex lock | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | |||
* | check_nonce_nc(): improved readability, fixed comments | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | |||
* | check_nonce_nc(): simplified | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | | | | | If 'nc' is not valid, then 'nonce' is always stale as 'nonce' validity has been checked already. | ||
* | digestauth: when checking 'nc' reuse always check nonce match first | Evgeny Grin (Karlson2k) | 2022-05-01 |
| | | | | | | While the validity of nonce itself was already checked, it could be stale nonce, so let's make sure that re-use of 'nc' is limited to the same nonce only. | ||
* | digestauth: do not add nonce from client, if it was not generated by MHD | Evgeny Grin (Karlson2k) | 2022-04-30 |
| | |||
* | digestauth: added dedicated function for adding the new nonces | Evgeny Grin (Karlson2k) | 2022-04-30 |
| | |||
* | check_nonce_nc(): use already known nonce size, avoid size recalculation | Evgeny Grin (Karlson2k) | 2022-04-30 |
| | |||
* | digestauth: moved "hash" calculation to separate function | Evgeny Grin (Karlson2k) | 2022-04-28 |
| | |||
* | Fixed compiler warnings of implicit casting, which could change the value | Evgeny Grin (Karlson2k) | 2022-04-27 |
| | |||
* | Added _MHD_EXTERN to the all public functions definitions | Evgeny Grin (Karlson2k) | 2022-04-18 |
| | | | | | Previously it was inconsistent, some function definitions used _MHD_EXTERN, while other definitions was used without _MHD_EXTERN. | ||
* | Refactoring: different types for response and request headers | Evgeny Grin (Karlson2k) | 2022-04-17 |
| | | | | | Request headers are always read-only (const char *), while response headers are modifiable. Should help with catching errors in code. |