gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] 14/15: digest_auth_check(): check and report wrong algor

From: gnunet
Subject: [libmicrohttpd] 14/15: digest_auth_check(): check and report wrong algorithm
Date: Tue, 19 Jul 2022 16:51:22 +0200 
This is an automated email from the git hooks/post-receive script.

karlson2k pushed a commit to branch master
in repository libmicrohttpd.

commit d39ad79ab65647cbee62c6dc7c0971e61b9ff082
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Tue Jul 19 17:48:06 2022 +0300

    digest_auth_check(): check and report wrong algorithm
---
 src/include/microhttpd.h    | 13 +++++++++----
 src/microhttpd/digestauth.c | 13 +++++++++++++
 2 files changed, 22 insertions(+), 4 deletions(-)

diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index a0b48506..c942efd4 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -96,7 +96,7 @@ extern "C"
  * they are parsed as decimal numbers.
  * Example: 0x01093001 = 1.9.30-1.
  */
-#define MHD_VERSION 0x00097520
+#define MHD_VERSION 0x00097521
 
 /* If generic headers don't work on your platform, include headers
    which define 'va_list', 'size_t', 'ssize_t', 'intptr_t', 'off_t',
@@ -4740,7 +4740,7 @@ enum MHD_DigestAuthAlgorithm
  *
  * All error values are zero or negative.
  *
- * @note Available since #MHD_VERSION 0x00097518
+ * @note Available since #MHD_VERSION 0x00097521
  */
 enum MHD_DigestAuthResult
 {
@@ -4779,6 +4779,11 @@ enum MHD_DigestAuthResult
    */
   MHD_DAUTH_WRONG_QOP = -5,
 
+  /**
+   * Wrong 'algorithm'.
+   */
+  MHD_DAUTH_WRONG_ALGO = -6,
+
   /**
    * Too large (>64 KiB) Authorization parameter value.
    */
@@ -4817,7 +4822,7 @@ enum MHD_DigestAuthResult
  * @param algo the digest algorithms allowed for verification
  * @return #MHD_DAUTH_OK if authenticated,
  *         the error code otherwise
- * @note Available since #MHD_VERSION 0x00097518
+ * @note Available since #MHD_VERSION 0x00097521
  * @ingroup authentication
  */
 _MHD_EXTERN enum MHD_DigestAuthResult
@@ -4843,7 +4848,7 @@ MHD_digest_auth_check3 (struct MHD_Connection *connection,
  * @param algo digest algorithms allowed for verification
  * @return #MHD_DAUTH_OK if authenticated,
  *         the error code otherwise
- * @note Available since #MHD_VERSION 0x00097513
+ * @note Available since #MHD_VERSION 0x00097521
  * @ingroup authentication
  */
 _MHD_EXTERN enum MHD_DigestAuthResult
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 35dd0264..71561332 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -2034,6 +2034,19 @@ digest_auth_check_all_inner (struct MHD_Connection 
*connection,
     return MHD_DAUTH_WRONG_QOP;
   /* 'qop' valid */
 
+  /* Check 'algorithm' */
+  if (1)
+  {
+    const enum MHD_DigestAuthAlgo3 r_algo = get_rq_algo (params);
+    const enum MHD_DigestBaseAlgo p_algo = da->algo;
+    if ( (! ((MHD_DIGEST_AUTH_ALGO3_MD5 == r_algo) &&
+             (MHD_DIGEST_BASE_ALGO_MD5 == p_algo))) &&
+         (! ((MHD_DIGEST_AUTH_ALGO3_SHA256 == r_algo) &&
+             (MHD_DIGEST_BASE_ALGO_SHA256 == p_algo))) )
+      return MHD_DAUTH_WRONG_ALGO;
+  }
+  /* 'algorithm' valid */
+
   /* ** Do basic nonce and nonce-counter checks (size, timestamp) ** */
   /* Get 'nc' digital value */
   unq_res = get_unquoted_param (&params->nc, tmp1, ptmp2, &tmp2_size,

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]