gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] branch master updated (4195c246 -> 56b131d9)


From: gnunet
Subject: [libmicrohttpd] branch master updated (4195c246 -> 56b131d9)
Date: Tue, 07 Jun 2022 18:34:03 +0200

This is an automated email from the git hooks/post-receive script.

karlson2k pushed a change to branch master
in repository libmicrohttpd.

    from 4195c246 -more minor fixes
     new bde583e6 MHD_str_quote(): optimized for typical scenario
     new 02ed59e7 Basic Auth: fixed handling of realms with backslashes or 
double quotes
     new 56b131d9 Added one more test for Basic Auth

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/microhttpd/basicauth.c    | 48 ++++++++++++++++++++++++++-----------------
 src/microhttpd/mhd_str.c      | 42 +++++++++++++++++++++++++++----------
 src/testcurl/.gitignore       |  1 +
 src/testcurl/Makefile.am      |  5 ++++-
 src/testcurl/test_basicauth.c | 22 +++++++++++++++++++-
 5 files changed, 86 insertions(+), 32 deletions(-)

diff --git a/src/microhttpd/basicauth.c b/src/microhttpd/basicauth.c
index 19315d14..5151dc03 100644
--- a/src/microhttpd/basicauth.c
+++ b/src/microhttpd/basicauth.c
@@ -31,6 +31,7 @@
 #include "internal.h"
 #include "base64.h"
 #include "mhd_compat.h"
+#include "mhd_str.h"
 
 
 /**
@@ -151,34 +152,43 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection 
*connection,
                                     struct MHD_Response *response)
 {
   enum MHD_Result ret;
-  int res;
-  size_t hlen = strlen (realm) + MHD_STATICSTR_LEN_ ("Basic realm=\"\"") + 1;
-  char *header;
+  char *h_str;
+  static const char prefix[] = "Basic realm=\"";
+  static const size_t prefix_len = MHD_STATICSTR_LEN_ (prefix);
+  static const size_t suffix_len = MHD_STATICSTR_LEN_ ("\"");
+  size_t h_maxlen;
+  size_t realm_len;
+  size_t realm_quoted_len;
+  size_t pos;
 
   if (NULL == response)
     return MHD_NO;
 
-  header = (char *) malloc (hlen);
-  if (NULL == header)
+  realm_len = strlen (realm);
+  h_maxlen = prefix_len + realm_len * 2 + suffix_len;
+  h_str = (char *) malloc (h_maxlen + 1);
+  if (NULL == h_str)
   {
 #ifdef HAVE_MESSAGES
     MHD_DLOG (connection->daemon,
-              "Failed to allocate memory for auth header.\n");
+              "Failed to allocate memory for Basic Authentication header.\n");
 #endif /* HAVE_MESSAGES */
     return MHD_NO;
   }
-  res = MHD_snprintf_ (header,
-                       hlen,
-                       "Basic realm=\"%s\"",
-                       realm);
-  if ((res > 0) && ((size_t) res < hlen))
-    ret = MHD_add_response_header (response,
-                                   MHD_HTTP_HEADER_WWW_AUTHENTICATE,
-                                   header);
-  else
-    ret = MHD_NO;
-
-  free (header);
+  memcpy (h_str, prefix, prefix_len);
+  pos = prefix_len;
+  realm_quoted_len = MHD_str_quote (realm, realm_len, h_str + pos,
+                                    h_maxlen - prefix_len - suffix_len);
+  pos += realm_quoted_len;
+  mhd_assert (pos + suffix_len <= h_maxlen);
+  h_str[pos++] = '\"';
+  h_str[pos++] = 0; /* Zero terminate the result */
+  mhd_assert (pos <= h_maxlen + 1);
+
+  ret = MHD_add_response_header (response,
+                                 MHD_HTTP_HEADER_WWW_AUTHENTICATE,
+                                 h_str);
+  free (h_str);
   if (MHD_NO != ret)
   {
     ret = MHD_queue_response (connection,
@@ -189,7 +199,7 @@ MHD_queue_basic_auth_fail_response (struct MHD_Connection 
*connection,
   {
 #ifdef HAVE_MESSAGES
     MHD_DLOG (connection->daemon,
-              _ ("Failed to add Basic auth header.\n"));
+              _ ("Failed to add Basic Authentication header.\n"));
 #endif /* HAVE_MESSAGES */
   }
   return ret;
diff --git a/src/microhttpd/mhd_str.c b/src/microhttpd/mhd_str.c
index f8e1965f..d3d8c594 100644
--- a/src/microhttpd/mhd_str.c
+++ b/src/microhttpd/mhd_str.c
@@ -1489,25 +1489,45 @@ MHD_str_quote (const char *unquoted,
   r = 0;
   w = 0;
 
-  if (unquoted_len > buf_size)
-    return 0; /* The output buffer is too small */
-
-  while (unquoted_len > r)
+#ifndef MHD_FAVOR_SMALL_CODE
+  if (unquoted_len * 2 <= buf_size)
   {
-    if (buf_size <= w)
-      return 0; /* The output buffer is too small */
-    else
+    /* Fast loop: the output will fit the buffer with any input string content 
*/
+    while (unquoted_len > r)
     {
       const char chr = unquoted[r++];
       if (('\\' == chr) || ('\"' == chr))
-      {
         result[w++] = '\\'; /* Escape current char */
-        if (buf_size <= w)
-          return 0; /* The output buffer is too small */
-      }
       result[w++] = chr;
     }
   }
+  else
+  {
+    if (unquoted_len > buf_size)
+      return 0; /* Quick fail: the output buffer is too small */
+#else  /* MHD_FAVOR_SMALL_CODE */
+  if (1)
+  {
+#endif /* MHD_FAVOR_SMALL_CODE */
+
+    while (unquoted_len > r)
+    {
+      if (buf_size <= w)
+        return 0; /* The output buffer is too small */
+      else
+      {
+        const char chr = unquoted[r++];
+        if (('\\' == chr) || ('\"' == chr))
+        {
+          result[w++] = '\\'; /* Escape current char */
+          if (buf_size <= w)
+            return 0; /* The output buffer is too small */
+        }
+        result[w++] = chr;
+      }
+    }
+  }
+
   mhd_assert (w >= r);
   mhd_assert (w <= r * 2);
   return w;
diff --git a/src/testcurl/.gitignore b/src/testcurl/.gitignore
index d67154d5..cf6a4bc3 100644
--- a/src/testcurl/.gitignore
+++ b/src/testcurl/.gitignore
@@ -152,3 +152,4 @@ core
 /test_digestauth_concurrent
 /test_basicauth
 /test_parse_cookies_invalid
+/test_basicauth_preauth
diff --git a/src/testcurl/Makefile.am b/src/testcurl/Makefile.am
index ed585527..aeeabb6b 100644
--- a/src/testcurl/Makefile.am
+++ b/src/testcurl/Makefile.am
@@ -153,7 +153,7 @@ endif
 
 if ENABLE_BAUTH
 check_PROGRAMS += \
-  test_basicauth
+  test_basicauth test_basicauth_preauth
 endif
 
 if HAVE_POSTPROCESSOR
@@ -236,6 +236,9 @@ perf_get_concurrent11_LDADD = \
 test_basicauth_SOURCES = \
   test_basicauth.c
 
+test_basicauth_preauth_SOURCES = \
+  test_basicauth.c
+
 test_digestauth_SOURCES = \
   test_digestauth.c
 test_digestauth_LDADD = \
diff --git a/src/testcurl/test_basicauth.c b/src/testcurl/test_basicauth.c
index 1b84ac15..c7f1df84 100644
--- a/src/testcurl/test_basicauth.c
+++ b/src/testcurl/test_basicauth.c
@@ -42,6 +42,7 @@
 #endif
 
 #include "mhd_has_param.h"
+#include "mhd_has_in_name.h"
 
 #ifndef MHD_STATICSTR_LEN_
 /**
@@ -249,6 +250,7 @@ struct CBC
 };
 
 static int verbose;
+static int preauth;
 
 static size_t
 copyBuffer (void *ptr,
@@ -384,10 +386,19 @@ setupCURL (void *cbc, int port, char *errbuf)
       (CURLE_OK != curl_easy_setopt (c, CURLOPT_PORT, ((long) port))) ||
       (CURLE_OK != curl_easy_setopt (c, CURLOPT_URL, url)))
     libcurlErrorExitDesc ("curl_easy_setopt() failed");
+#if CURL_AT_LEAST_VERSION(7,21,3)
+  if ((CURLE_OK != curl_easy_setopt (c, CURLOPT_HTTPAUTH,
+                                     CURLAUTH_BASIC |
+                                     (preauth ? 0 : CURLAUTH_ONLY))) ||
+      (CURLE_OK != curl_easy_setopt (c, CURLOPT_USERPWD,
+                                     USERNAME ":" PASSWORD)))
+    libcurlErrorExitDesc ("curl_easy_setopt() authorization options failed");
+#else  /* libcurl version before 7.21.3 */
   if ((CURLE_OK != curl_easy_setopt (c, CURLOPT_HTTPAUTH, CURLAUTH_BASIC)) ||
       (CURLE_OK != curl_easy_setopt (c, CURLOPT_USERPWD,
                                      USERNAME ":" PASSWORD)))
     libcurlErrorExitDesc ("curl_easy_setopt() authorization options failed");
+#endif /* libcurl version before 7.21.3 */
   return c;
 }
 
@@ -617,8 +628,17 @@ main (int argc, char *const *argv)
                has_param (argc, argv, "--quiet") ||
                has_param (argc, argv, "-s") ||
                has_param (argc, argv, "--silent"));
+  preauth = has_in_name (argv[0], "_preauth");
+#if ! CURL_AT_LEAST_VERSION (7,21,3)
+  if (preauth)
+  {
+    fprintf (stderr, "libcurl version 7.21.3 or later is "
+             "required to run this test.\n");
+    return 77;
+  }
+#endif /* libcurl version before 7.21.3 */
 
-  #ifdef MHD_HTTPS_REQUIRE_GRYPT
+#ifdef MHD_HTTPS_REQUIRE_GRYPT
 #ifdef HAVE_GCRYPT_H
   gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0);
 #ifdef GCRYCTL_INITIALIZATION_FINISHED

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]