33 #if defined(_WIN32) && defined(MHD_W32_MUTEX_) 34 #ifndef WIN32_LEAN_AND_MEAN 35 #define WIN32_LEAN_AND_MEAN 1 40 #define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE) 42 #define TIMESTAMP_BIN_SIZE 4 43 #define TIMESTAMP_HEX_LEN (2 * TIMESTAMP_BIN_SIZE) 46 #define NONCE_STD_LEN (HASH_MD5_HEX_LEN + TIMESTAMP_HEX_LEN) 51 #define _BASE "Digest " 56 #define MAX_USERNAME_LENGTH 128 61 #define MAX_REALM_LENGTH 256 66 #define MAX_AUTH_RESPONSE_LENGTH 128 84 for (i = 0; i < len; ++i)
86 j = (bin[i] >> 4) & 0x0f;
87 hex[i * 2] = (char)((j <= 9) ? (j +
'0') : (j - 10 +
'a'));
89 hex[i * 2 + 1] = (char)((j <= 9) ? (j +
'0') : (j - 10 +
'a'));
109 const char *username,
111 const char *password,
121 (
const unsigned char *) username,
124 (
const unsigned char *)
":",
127 (
const unsigned char *) realm,
130 (
const unsigned char *)
":",
133 (
const unsigned char *) password,
142 (
const unsigned char *) ha1,
145 (
const unsigned char *)
":",
148 (
const unsigned char *) nonce,
151 (
const unsigned char *)
":",
154 (
const unsigned char *) cnonce,
181 const char *noncecount,
196 (
const unsigned char *) method,
199 (
const unsigned char *)
":",
202 (
const unsigned char *) uri,
205 if (0 == strcasecmp(qop,
227 (
const unsigned char *) ha1,
230 (
const unsigned char *)
":",
233 (
const unsigned char *) nonce,
236 (
const unsigned char*)
":",
241 (
const unsigned char *) noncecount,
242 strlen (noncecount));
244 (
const unsigned char *)
":",
247 (
const unsigned char *) cnonce,
250 (
const unsigned char *)
":",
253 (
const unsigned char *) qop,
256 (
const unsigned char *)
":",
260 (
const unsigned char *) ha2hex,
300 keylen = strlen (key);
304 if (
NULL == (eq = strchr (ptr,
328 (eq == &ptr[keylen]) )
332 len = strlen (q1) + 1;
344 if (size > (
size_t) ((q2 - q1) + 1))
345 size = (q2 - q1) + 1;
393 mod = daemon->nonce_nc_size;
401 off = (off << 8) | (*np ^ (off >> 24));
410 nn = &daemon->nnc[off];
424 if ( (nc < nn->nc) &&
426 (nc + 64 >= nn->
nc) &&
427 (0 == ((1LLU << (nn->
nc - nc - 1)) & nn->
nmask)) )
430 nn->
nmask |= (1LLU < (nn->
nc - nc - 1));
435 if ( (nc <= nn->nc) ||
436 (0 != strcmp (nn->
nonce,
443 _(
"Stale nonce received. If this happens a lot, you should probably increase the size of the nonce array.\n"));
448 if (64 > nc - nn->
nc)
473 if (
NULL == (header =
478 if (0 != strncmp (header,
488 return strdup (user);
520 timestamp[0] = (
unsigned char)((nonce_time & 0xff000000) >> 0x18);
521 timestamp[1] = (
unsigned char)((nonce_time & 0x00ff0000) >> 0x10);
522 timestamp[2] = (
unsigned char)((nonce_time & 0x0000ff00) >> 0x08);
523 timestamp[3] = (
unsigned char)((nonce_time & 0x000000ff));
528 (
const unsigned char *)
":",
531 (
const unsigned char *) method,
534 (
const unsigned char *)
":",
538 (
const unsigned char *) rnd,
541 (
const unsigned char *)
":",
544 (
const unsigned char *) uri,
547 (
const unsigned char *)
":",
550 (
const unsigned char *) realm,
587 if (kind != pos->
kind)
589 if (0 != strcmp (key,
592 if ( (
NULL == value) &&
595 if ( (
NULL == value) ||
622 unsigned int num_headers;
625 argb = strdup (args);
629 MHD_DLOG (connection->
daemon,
630 _(
"Failed to allocate memory for copy of URI arguments\n"));
649 if (0 != num_headers)
674 const char *username,
675 const char *password,
676 unsigned int nonce_timeout)
686 const char *hentity =
NULL;
700 if (0 != strncmp (header,
705 left = strlen (header);
715 (0 != strcmp (username,
718 left -= strlen (
"username") + len;
732 left -= strlen (
"realm") + len;
740 left -= strlen (
"nonce") + len;
741 if (left > 32 * 1024)
759 _(
"Authentication failed, invalid timestamp format.\n"));
769 if ( (t > nonce_time + nonce_timeout) ||
770 (nonce_time + nonce_timeout < nonce_time) )
778 daemon->digest_auth_random,
779 daemon->digest_auth_rand_size,
793 if (0 != strcmp (nonce, noncehashexp))
820 _(
"Authentication failed, invalid format.\n"));
830 _(
"Authentication failed, invalid nc format.\n"));
851 uri = malloc (left + 1);
856 _(
"Failed to allocate memory for auth header processing\n"));
890 if (0 != strncmp (uri,
892 strlen (connection->
url)))
896 _(
"Authentication failed, URI does not match.\n"));
903 const char *args = strchr (uri,
916 _(
"Authentication failed, arguments do not match.\n"));
923 return (0 == strcmp(response,
959 connection->
daemon->digest_auth_random,
960 connection->
daemon->digest_auth_rand_size,
970 MHD_DLOG (connection->
daemon,
971 _(
"Could not register nonce (is the nonce array size zero?).\n"));
976 hlen = MHD_snprintf_ (
NULL,
978 "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s",
993 MHD_DLOG(connection->
daemon,
994 _(
"Failed to allocate memory for auth response header\n"));
999 if (MHD_snprintf_ (header,
1001 "Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s",
1026 #ifdef HAVE_MESSAGES 1027 MHD_DLOG (connection->
daemon,
1028 _(
"Failed to add Digest auth header\n"));
void * unescape_callback_cls
#define MAX_AUTH_RESPONSE_LENGTH
static void digest_calc_response(const char ha1[HASH_MD5_HEX_LEN+1], const char *nonce, const char *noncecount, const char *cnonce, const char *qop, const char *method, const char *uri, const char *hentity, char response[HASH_MD5_HEX_LEN+1])
int MHD_add_response_header(struct MHD_Response *response, const char *header, const char *content)
static void cvthex(const unsigned char *bin, size_t len, char *hex)
static size_t lookup_sub_value(char *dest, size_t size, const char *data, const char *key)
#define TIMESTAMP_BIN_SIZE
Header for platform missing functions.
int MHD_digest_auth_check(struct MHD_Connection *connection, const char *realm, const char *username, const char *password, unsigned int nonce_timeout)
int MHD_parse_arguments_(struct MHD_Connection *connection, enum MHD_ValueKind kind, char *args, MHD_ArgumentIterator_ cb, unsigned int *num_headers)
int MHD_str_equal_caseless_n_(const char *const str1, const char *const str2, size_t maxlen)
struct MHD_Daemon * daemon
#define MHD_mutex_unlock_chk_(pmutex)
void MD5Update(struct MD5Context *ctx, const unsigned char *input, size_t len)
#define MHD_STATICSTR_LEN_(macro)
size_t MHD_strx_to_uint32_n_(const char *str, size_t maxlen, uint32_t *out_val)
int MHD_queue_auth_fail_response(struct MHD_Connection *connection, const char *realm, const char *opaque, struct MHD_Response *response, int signal_stale)
static int test_header(struct MHD_Connection *connection, const char *key, const char *value, enum MHD_ValueKind kind)
char nonce[MAX_NONCE_LENGTH]
const char * MHD_lookup_connection_value(struct MHD_Connection *connection, enum MHD_ValueKind kind, const char *key)
static int check_argument_match(struct MHD_Connection *connection, const char *args)
static void digest_calc_ha1(const char *alg, const char *username, const char *realm, const char *password, const char *nonce, const char *cnonce, char sessionkey[HASH_MD5_HEX_LEN+1])
limits values definitions
internal shared structures
void * MHD_calloc_(size_t nelem, size_t elsize)
UnescapeCallback unescape_callback
int MHD_queue_response(struct MHD_Connection *connection, unsigned int status_code, struct MHD_Response *response)
internal monotonic clock functions implementations
#define MHD_HTTP_UNAUTHORIZED
void MD5Final(unsigned char digest[MD5_DIGEST_SIZE], struct MD5Context *ctx)
static void calculate_nonce(uint32_t nonce_time, const char *method, const char *rnd, size_t rnd_size, const char *uri, const char *realm, char nonce[NONCE_STD_LEN+1])
void MD5Init(struct MD5Context *ctx)
#define MHD_INVALID_NONCE
char * MHD_digest_auth_get_username(struct MHD_Connection *connection)
time_t MHD_monotonic_sec_counter(void)
Header for string manipulating helpers.
int MHD_str_equal_caseless_(const char *str1, const char *str2)
static int check_nonce_nc(struct MHD_Connection *connection, const char *nonce, uint64_t nc)
#define MAX_USERNAME_LENGTH
#define TIMESTAMP_HEX_LEN
size_t MHD_strx_to_uint64_n_(const char *str, size_t maxlen, uint64_t *out_val)
struct MHD_HTTP_Header * headers_received
#define MHD_mutex_lock_chk_(pmutex)