[GNUnet-SVN] r12715 - in libmicrohttpd/src: daemon include

gnunet-svn
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r12715 - in libmicrohttpd/src: daemon include

From:	gnunet
Subject:	[GNUnet-SVN] r12715 - in libmicrohttpd/src: daemon include
Date:	Sun, 22 Aug 2010 21:24:12 +0200
Author: grothoff
Date: 2010-08-22 21:24:12 +0200 (Sun, 22 Aug 2010)
New Revision: 12715

Modified:
   libmicrohttpd/src/daemon/digestauth.c
   libmicrohttpd/src/include/microhttpd.h
Log:
code cleanup, finding issues

Modified: libmicrohttpd/src/daemon/digestauth.c
===================================================================
--- libmicrohttpd/src/daemon/digestauth.c       2010-08-22 19:11:29 UTC (rev 
12714)
+++ libmicrohttpd/src/daemon/digestauth.c       2010-08-22 19:24:12 UTC (rev 
12715)
@@ -266,7 +266,45 @@
   return NULL;
 }
 
+
 /**
+ * FIXME: password should probably not be here!
+ */
+static void
+calculate_nonce (uint32_t nonce_time,
+                const char *method,
+                const char *password,
+                const char *uri,
+                const char *realm,
+                char *nonce)
+{
+  struct SHA1Context sha1;
+  unsigned char timestamp[4];
+  unsigned char tmpnonce[SHA1_DIGEST_SIZE];
+  char timestamphex[sizeof(timestamp)*2+1];
+
+  SHA1Init (&sha1);
+  timestamp[0] = (nonce_time & 0xff000000) >> 0x18;
+  timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10;
+  timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08;
+  timestamp[3] = (nonce_time & 0x000000ff);    
+  SHA1Update(&sha1, timestamp, 4);
+  SHA1Update(&sha1, ":", 1);
+  SHA1Update(&sha1, method, strlen(method));
+  SHA1Update(&sha1, ":", 1);
+  SHA1Update(&sha1, password, strlen(password));
+  SHA1Update(&sha1, ":", 1);
+  SHA1Update(&sha1, uri, strlen(uri));
+  SHA1Update(&sha1, ":", 1);
+  SHA1Update(&sha1, realm, strlen(realm));
+  SHA1Final (tmpnonce, &sha1);  
+  cvthex(tmpnonce, sizeof (tmpnonce), nonce);  
+  cvthex(timestamp, 4, timestamphex);
+  strncat(nonce, timestamphex, 8);
+}
+
+
+/**
  * Authenticates the authorization header sent by the client
  *
  * @param connection The MHD connection structure
@@ -295,15 +333,13 @@
   const char *qop;
   const char *nc;
   const char *response;
-  unsigned char tmpnonce[SHA1_DIGEST_SIZE];
   char *hentity = NULL; /* "auth-int" is not supported */
-  char timestamp[4];
   char ha1[HASH_MD5_HEX_LEN + 1];
   char respexp[HASH_MD5_HEX_LEN + 1];
   char noncehashexp[HASH_SHA1_HEX_LEN + 9];
-  unsigned int nonce_time;
+  uint32_t nonce_time;
   uint32_t t;
-  struct SHA1Context sha1;
+
   
   header = MHD_lookup_connection_value(connection,
                                       MHD_HEADER_KIND,
@@ -342,28 +378,12 @@
      */
     if (t > nonce_time + nonce_timeout) 
       return MHD_INVALID_NONCE;    
-    SHA1Init (&sha1);
-    snprintf (timestamp,
-             sizeof (timestamp),
-             "%X",
-             (unsigned int) nonce_time);
-    timestamp[0] = (nonce_time & 0xff000000) >> 0x18;
-    timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10;
-    timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08;
-    timestamp[3] = (nonce_time & 0x000000ff);    
-    SHA1Update(&sha1, timestamp, 4);
-    SHA1Update(&sha1, ":", 1);
-    SHA1Update(&sha1, connection->method, strlen(connection->method));
-    SHA1Update(&sha1, ":", 1);
-    SHA1Update(&sha1, password, strlen(password));
-    SHA1Update(&sha1, ":", 1);
-    SHA1Update(&sha1, uri, strlen(uri));
-    SHA1Update(&sha1, ":", 1);
-    SHA1Update(&sha1, realm, strlen(realm));
-    SHA1Final (tmpnonce, &sha1);  
-    cvthex(tmpnonce, sizeof (tmpnonce), noncehashexp);  
-    strncat(noncehashexp, nonce + strlen(nonce) - 8, 8);
-  
+    calculate_nonce (nonce_time,
+                    connection->method,
+                    password,
+                    uri,
+                    realm,
+                    noncehashexp);
     /*
      * Second level vetting for the nonce validity
      * if the timestamp attached to the nonce is valid
@@ -374,7 +394,7 @@
      * very hard to achieve.
      */
     
-    if (0 != strncmp(nonce, noncehashexp, strlen(nonce))) 
+    if (0 != strcmp(nonce, noncehashexp))
       return MHD_INVALID_NONCE;
     if ( (NULL == (cnonce = lookup_sub_value(buffer, len, "cnonce"))) ||
         (NULL == (qop = lookup_sub_value(buffer, len, "qop"))) ||
@@ -409,8 +429,8 @@
  * Queues a response to request authentication from the client
  *
  * @param connection The MHD connection structure
- * @param realm The realm presented to the client
- * @param password The password used in authentication
+ * @param realm the realm presented to the client
+ * @param password the password used in authentication FIXME!
  * @param signal_stale MHD_YES if the nonce is invalid to add
  *                     'stale=true' to the authentication header
  * @return MHD_YES on success, MHD_NO otherwise
@@ -424,38 +444,20 @@
 {
   int ret;
   size_t hlen;
-  unsigned char tmpnonce[SHA1_DIGEST_SIZE];
-  unsigned char timestamp[5];
-  char timestamphex[sizeof(timestamp)*2+1];
-  char nonce[HASH_SHA1_HEX_LEN + sizeof (timestamphex)];
-  uint32_t t;
+  char nonce[HASH_SHA1_HEX_LEN + 9];
   struct MHD_Response *response;
-  struct SHA1Context sha1;
 
   response = MHD_create_response_from_data(0, NULL, MHD_NO, MHD_NO);  
   if (NULL == response) 
     return MHD_NO;
   
   /* Generating the server nonce */  
-  SHA1Init (&sha1);
-  t = (uint32_t) time(NULL);
-  timestamp[0] = (t & 0xff000000) >> 0x18;
-  timestamp[1] = (t & 0x00ff0000) >> 0x10;
-  timestamp[2] = (t & 0x0000ff00) >> 0x08;
-  timestamp[3] = (t & 0x000000ff) >> 0x00;
-  SHA1Update(&sha1, timestamp, sizeof(timestamp));
-  SHA1Update(&sha1, ":", 1);
-  SHA1Update(&sha1, connection->method, strlen(connection->method));
-  SHA1Update(&sha1, ":", 1);
-  SHA1Update(&sha1, password, strlen(password));
-  SHA1Update(&sha1, ":", 1);
-  SHA1Update(&sha1, connection->url, strlen(connection->url));
-  SHA1Update(&sha1, ":", 1);
-  SHA1Update(&sha1, realm, strlen(realm));
-  SHA1Final (tmpnonce, &sha1);  
-  cvthex(timestamp, 4, timestamphex);
-  cvthex(tmpnonce, sizeof (tmpnonce), nonce);
-  strncat(nonce, timestamphex, 8);
+  calculate_nonce ((uint32_t) time(NULL),
+                  connection->method,
+                  password,
+                  connection->url,
+                  realm,
+                  nonce);
   
   /* Building the authentication header */
   hlen = snprintf(NULL,

Modified: libmicrohttpd/src/include/microhttpd.h
===================================================================
--- libmicrohttpd/src/include/microhttpd.h      2010-08-22 19:11:29 UTC (rev 
12714)
+++ libmicrohttpd/src/include/microhttpd.h      2010-08-22 19:24:12 UTC (rev 
12715)
@@ -1266,7 +1266,7 @@
  *
  * @param connection The MHD connection structure
  * @param realm The realm presented to the client
- * @param password The password used in authentication
+ * @param password the password used in authentication FIXME!
  * @param opaque string to user for opaque value
  * @param signal_stale MHD_YES if the nonce is invalid to add
  *                     'stale=true' to the authentication header
[Prev in Thread]
Current Thread
[Next in Thread]
[GNUnet-SVN] r12715 - in libmicrohttpd/src: daemon include, gnunet <=
Prev by Date: [GNUnet-SVN] r12714 - libmicrohttpd/src/daemon
Next by Date: [GNUnet-SVN] r12716 - libmicrohttpd/src/daemon
Previous by thread: [GNUnet-SVN] r12714 - libmicrohttpd/src/daemon
Next by thread: [GNUnet-SVN] r12716 - libmicrohttpd/src/daemon
Index(es):
- Date
- Thread