[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] branch master updated (a9adbf77 -> 03953a69)
|
From: |
gnunet |
|
Subject: |
[libmicrohttpd] branch master updated (a9adbf77 -> 03953a69) |
|
Date: |
Mon, 31 Jan 2022 13:49:00 +0100 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a change to branch master
in repository libmicrohttpd.
from a9adbf77 Added new test for concurrent digest authorisation
new 8c901963 digestauth: reject invalid 'nc' value
new 1c4e21f0 test_digestauth_concurrent: finish the test even if error is
found
new 0e4fc12c MHD_add_connection(): reject wrong addrlen
new 03953a69 MHD_ip_addr_to_key(): identify type of address by 'sa_family'
instead of size
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/microhttpd/daemon.c | 35 ++++++++-
src/microhttpd/digestauth.c | 8 ++
src/testcurl/test_digestauth_concurrent.c | 119 ++++++++++++++++++++----------
3 files changed, 120 insertions(+), 42 deletions(-)
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index e58a1caa..47fe742d 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -330,9 +330,10 @@ MHD_ip_addr_to_key (const struct sockaddr *addr,
sizeof(*key));
/* IPv4 addresses */
- if (sizeof (struct sockaddr_in) == addrlen)
+ if (AF_INET == addr->sa_family)
{
const struct sockaddr_in *addr4 = (const struct sockaddr_in *) addr;
+ mhd_assert (sizeof (struct sockaddr_in) <= addrlen);
key->family = AF_INET;
memcpy (&key->addr.ipv4,
@@ -343,9 +344,10 @@ MHD_ip_addr_to_key (const struct sockaddr *addr,
#if HAVE_INET6
/* IPv6 addresses */
- if (sizeof (struct sockaddr_in6) == addrlen)
+ if (AF_INET6 == addr->sa_family)
{
const struct sockaddr_in6 *addr6 = (const struct sockaddr_in6 *) addr;
+ mhd_assert (sizeof (struct sockaddr_in6) <= addrlen);
key->family = AF_INET6;
memcpy (&key->addr.ipv6,
@@ -3429,6 +3431,35 @@ MHD_add_connection (struct MHD_Daemon *daemon,
" added sockets.\n"));
}
#endif /* HAVE_MESSAGES */
+ if (0 != addrlen)
+ {
+ if (AF_INET == addr->sa_family)
+ {
+ if (sizeof(struct sockaddr_in) > addrlen)
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("MHD_add_connection() has been called with "
+ "incorrect 'addrlen' value.\n"));
+#endif /* HAVE_MESSAGES */
+ return MHD_NO;
+ }
+ }
+#ifdef HAVE_INET6
+ if (AF_INET6 == addr->sa_family)
+ {
+ if (sizeof(struct sockaddr_in6) > addrlen)
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("MHD_add_connection() has been called with "
+ "incorrect 'addrlen' value.\n"));
+#endif /* HAVE_MESSAGES */
+ return MHD_NO;
+ }
+ }
+#endif /* HAVE_INET6 */
+ }
if (! MHD_socket_nonblocking_ (client_socket))
{
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index e0a26b30..a3244188 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -1010,6 +1010,14 @@ digest_auth_check_all (struct MHD_Connection *connection,
#endif
return MHD_NO; /* invalid nonce format */
}
+ if (0 == nci)
+ {
+#ifdef HAVE_MESSAGES
+ MHD_DLOG (daemon,
+ _ ("Authentication failed, invalid 'nc' value.\n"));
+#endif
+ return MHD_NO; /* invalid nc value */
+ }
/*
* Checking if that combination of nonce and nc is sound
diff --git a/src/testcurl/test_digestauth_concurrent.c
b/src/testcurl/test_digestauth_concurrent.c
index f7d533dc..40f292bb 100644
--- a/src/testcurl/test_digestauth_concurrent.c
+++ b/src/testcurl/test_digestauth_concurrent.c
@@ -136,6 +136,7 @@ _externalErrorExit_func (const char *errDesc, const char
*funcName, int lineNum)
}
+/* Not actually used in this test */
static char libcurl_errbuf[CURL_ERROR_SIZE] = "";
_MHD_NORETURN static void
@@ -188,6 +189,8 @@ _mhdErrorExit_func (const char *errDesc, const char
*funcName, int lineNum)
}
+#if 0
+/* Function unused in this test */
static void
_checkCURLE_OK_func (CURLcode code, const char *curlFunc,
const char *funcName, int lineNum)
@@ -217,6 +220,9 @@ _checkCURLE_OK_func (CURLcode code, const char *curlFunc,
}
+#endif
+
+
/* Could be increased to facilitate debugging */
#define TIMEOUTS_VAL 5
@@ -346,7 +352,7 @@ ahc_echo (void *cls,
static CURL *
-setupCURL (void *cbc, int port)
+setupCURL (void *cbc, int port, char *errbuf)
{
CURL *c;
char url[512];
@@ -368,7 +374,7 @@ setupCURL (void *cbc, int port)
if ((CURLE_OK != curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1L)) ||
(CURLE_OK != curl_easy_setopt (c, CURLOPT_ERRORBUFFER,
- libcurl_errbuf)) ||
+ errbuf)) ||
(CURLE_OK != curl_easy_setopt (c, CURLOPT_WRITEFUNCTION,
©Buffer)) ||
(CURLE_OK != curl_easy_setopt (c, CURLOPT_WRITEDATA, cbc)) ||
@@ -445,12 +451,13 @@ struct curlWokerInfo
* The libcurl handle to run in thread
*/
CURL *c;
+ char *libcurl_errbuf;
/**
* Non-zero if worker is finished
*/
volatile int finished;
/**
- * Non-zero if worker result is success
+ * The number of successful worker results
*/
volatile int success;
};
@@ -467,54 +474,81 @@ worker_func (void *param)
req_result = curl_easy_perform (w->c);
if (CURLE_OK != req_result)
{
- fprintf (stderr, "Worker %d: first request failed. ", w->workerNumber);
- checkCURLE_OK (req_result);
- }
- if (w->cbc.pos != strlen (PAGE))
- {
- fprintf (stderr, "Worker %d: Got %u bytes ('%.*s'), expected %u bytes. ",
- w->workerNumber,
- (unsigned) w->cbc.pos, (int) w->cbc.pos, w->cbc.buf,
- (unsigned) strlen (MHD_URI_BASE_PATH));
- mhdErrorExitDesc ("Wrong returned data length");
+ fflush (stdout);
+ if (0 != w->libcurl_errbuf[0])
+ fprintf (stderr, "Worker %d: first request failed. "
+ "libcurl error: '%s'.\n"
+ "libcurl error description: '%s'.\n",
+ w->workerNumber, curl_easy_strerror (req_result),
+ w->libcurl_errbuf);
+ else
+ fprintf (stderr, "Worker %d: first request failed. "
+ "libcurl error: '%s'.\n",
+ w->workerNumber, curl_easy_strerror (req_result));
+ fflush (stderr);
}
- if (0 != strncmp (PAGE, w->cbc.buf, strlen (PAGE)))
+ else
{
- fprintf (stderr, "Worker %d: Got invalid response '%.*s'. ",
- w->workerNumber,
- (int) w->cbc.pos, w->cbc.buf);
- mhdErrorExitDesc ("Wrong returned data");
+ if (w->cbc.pos != strlen (PAGE))
+ {
+ fprintf (stderr, "Worker %d: Got %u bytes ('%.*s'), expected %u bytes. ",
+ w->workerNumber,
+ (unsigned) w->cbc.pos, (int) w->cbc.pos, w->cbc.buf,
+ (unsigned) strlen (MHD_URI_BASE_PATH));
+ mhdErrorExitDesc ("Wrong returned data length");
+ }
+ if (0 != strncmp (PAGE, w->cbc.buf, strlen (PAGE)))
+ {
+ fprintf (stderr, "Worker %d: Got invalid response '%.*s'. ",
+ w->workerNumber,
+ (int) w->cbc.pos, w->cbc.buf);
+ mhdErrorExitDesc ("Wrong returned data");
+ }
+ if (verbose)
+ printf ("Worker %d: first request successful.\n", w->workerNumber);
+ w->success++;
}
- if (verbose)
- printf ("Worker %d: first request successful.\n", w->workerNumber);
/* Second request */
w->cbc.pos = 0;
req_result = curl_easy_perform (w->c);
if (CURLE_OK != req_result)
{
- fprintf (stderr, "Worker %d: second request failed. ", w->workerNumber);
- checkCURLE_OK (req_result);
- }
- if (w->cbc.pos != strlen (PAGE))
- {
- fprintf (stderr, "Worker %d: Got %u bytes ('%.*s'), expected %u bytes. ",
- w->workerNumber,
- (unsigned) w->cbc.pos, (int) w->cbc.pos, w->cbc.buf,
- (unsigned) strlen (MHD_URI_BASE_PATH));
- mhdErrorExitDesc ("Wrong returned data length");
+ fflush (stdout);
+ if (0 != w->libcurl_errbuf[0])
+ fprintf (stderr, "Worker %d: second request failed. "
+ "libcurl error: '%s'.\n"
+ "libcurl error description: '%s'.\n",
+ w->workerNumber, curl_easy_strerror (req_result),
+ w->libcurl_errbuf);
+ else
+ fprintf (stderr, "Worker %d: second request failed. "
+ "libcurl error: '%s'.\n",
+ w->workerNumber, curl_easy_strerror (req_result));
+ fflush (stderr);
}
- if (0 != strncmp (PAGE, w->cbc.buf, strlen (PAGE)))
+ else
{
- fprintf (stderr, "Worker %d: Got invalid response '%.*s'. ",
- w->workerNumber,
- (int) w->cbc.pos, w->cbc.buf);
- mhdErrorExitDesc ("Wrong returned data");
+ if (w->cbc.pos != strlen (PAGE))
+ {
+ fprintf (stderr, "Worker %d: Got %u bytes ('%.*s'), expected %u bytes. ",
+ w->workerNumber,
+ (unsigned) w->cbc.pos, (int) w->cbc.pos, w->cbc.buf,
+ (unsigned) strlen (MHD_URI_BASE_PATH));
+ mhdErrorExitDesc ("Wrong returned data length");
+ }
+ if (0 != strncmp (PAGE, w->cbc.buf, strlen (PAGE)))
+ {
+ fprintf (stderr, "Worker %d: Got invalid response '%.*s'. ",
+ w->workerNumber,
+ (int) w->cbc.pos, w->cbc.buf);
+ mhdErrorExitDesc ("Wrong returned data");
+ }
+ if (verbose)
+ printf ("Worker %d: second request successful.\n", w->workerNumber);
+ w->success++;
}
- if (verbose)
- printf ("Worker %d: second request successful.\n", w->workerNumber);
- w->success = ! 0;
w->finished = ! 0;
return NULL;
}
@@ -573,7 +607,11 @@ testDigestAuth (void)
externalErrorExitDesc ("malloc() failed");
w->cbc.size = CLIENT_BUF_SIZE;
w->cbc.pos = 0;
- w->c = setupCURL (&w->cbc, port);
+ w->libcurl_errbuf = malloc (CURL_ERROR_SIZE);
+ if (NULL == w->libcurl_errbuf)
+ externalErrorExitDesc ("malloc() failed");
+ w->libcurl_errbuf[0] = 0;
+ w->c = setupCURL (&w->cbc, port, w->libcurl_errbuf);
w->finished = 0;
w->success = 0;
}
@@ -594,10 +632,11 @@ testDigestAuth (void)
if (0 != pthread_join (w->pid, NULL))
externalErrorExitDesc ("pthread_join() failed");
curl_easy_cleanup (w->c);
+ free (w->libcurl_errbuf);
free (w->cbc.buf);
if (! w->finished)
externalErrorExitDesc ("The worker thread did't signal 'finished'
state");
- ret += ! w->success;
+ ret += 2 - w->success;
}
MHD_stop_daemon (d);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (a9adbf77 -> 03953a69),
gnunet <=