<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/> <title>GNU libmicrohttpd: src/daemon/digestauth.c Source File</title> <link href="../../tabs.css" rel="stylesheet" type="text/css"/> <link href="../../doxygen.css" rel="stylesheet" type="text/css"/> </head> <body> <!-- Generated by Doxygen 1.7.1 --> <div class="navigation" id="top"> <div class="tabs"> <ul class="tablist"> <li><a href="../../main.html"><span>Main Page</span></a></li> <li><a href="../../annotated.html"><span>Data Structures</span></a></li> <li class="current"><a href="../../files.html"><span>Files</span></a></li> <li><a href="../../dirs.html"><span>Directories</span></a></li> </ul> </div> <div class="tabs2"> <ul class="tablist"> <li><a href="../../files.html"><span>File List</span></a></li> <li><a href="../../globals.html"><span>Globals</span></a></li> </ul> </div> <div class="navpath"> <ul> <li><a class="el" href="../../dir_6321990a7c24e6229efad5095602bf4d.html">src</a> </li> <li><a class="el" href="../../dir_db71c89daadcbe4e293122b147fd6eef.html">daemon</a> </li> </ul> </div> </div> <div class="header"> <div class="headertitle"> <h1>digestauth.c</h1> </div> </div> <div class="contents"> <a href="../../d3/d5c/digestauth_8c.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment"><a name="l00001"></a>00001 <span class="comment">/*</span> <a name="l00002"></a>00002 <span class="comment"> This file is part of libmicrohttpd</span> <a name="l00003"></a>00003 <span class="comment"> (C) 2010 Daniel Pittman and Christian Grothoff</span> <a name="l00004"></a>00004 <span class="comment"></span> <a name="l00005"></a>00005 <span class="comment"> This library is free software; you can redistribute it and/or</span> <a name="l00006"></a>00006 <span class="comment"> modify it under the terms of the GNU Lesser General Public</span> <a name="l00007"></a>00007 <span class="comment"> License as published by the Free Software Foundation; either</span> <a name="l00008"></a>00008 <span class="comment"> version 2.1 of the License, or (at your option) any later version.</span> <a name="l00009"></a>00009 <span class="comment"></span> <a name="l00010"></a>00010 <span class="comment"> This library is distributed in the hope that it will be useful,</span> <a name="l00011"></a>00011 <span class="comment"> but WITHOUT ANY WARRANTY; without even the implied warranty of</span> <a name="l00012"></a>00012 <span class="comment"> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU</span> <a name="l00013"></a>00013 <span class="comment"> Lesser General Public License for more details.</span> <a name="l00014"></a>00014 <span class="comment"></span> <a name="l00015"></a>00015 <span class="comment"> You should have received a copy of the GNU Lesser General Public</span> <a name="l00016"></a>00016 <span class="comment"> License along with this library; if not, write to the Free Software</span> <a name="l00017"></a>00017 <span class="comment"> Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA</span> <a name="l00018"></a>00018 <span class="comment">*/</span> <a name="l00019"></a>00019 <a name="l00027"></a>00027 <span class="preprocessor">#include "<a class="code" href="../../de/d03/platform_8h.html" title="platform-specific includes for libmicrohttpd">platform.h</a>"</span> <a name="l00028"></a>00028 <span class="preprocessor">#include "<a class="code" href="../../db/dde/internal_8h.html" title="internal shared structures">internal.h</a>"</span> <a name="l00029"></a>00029 <span class="preprocessor">#include "<a class="code" href="../../da/db0/md5_8h.html">md5.h</a>"</span> <a name="l00030"></a>00030 <span class="preprocessor">#include "<a class="code" href="../../d2/d6f/base64_8h.html">base64.h</a>"</span> <a name="l00031"></a>00031 <a name="l00032"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">00032</a> <span class="preprocessor">#define HASH_MD5_HEX_LEN (2 * MD5_DIGEST_SIZE)</span> <a name="l00033"></a>00033 <span class="preprocessor"></span> <a name="l00037"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">00037</a> <span class="preprocessor">#define _BASE "Digest "</span> <a name="l00038"></a>00038 <span class="preprocessor"></span> <a name="l00042"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#ac9ae7f90d5195e72c134de9d658dcbed">00042</a> <span class="preprocessor">#define _BASIC_BASE "Basic "</span> <a name="l00043"></a>00043 <span class="preprocessor"></span> <a name="l00047"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#ac32ea00c03c9a9afd1ffc9e1627a8506">00047</a> <span class="preprocessor">#define MAX_USERNAME_LENGTH 128</span> <a name="l00048"></a>00048 <span class="preprocessor"></span> <a name="l00052"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a4cd636e6e8acb7f77b7c945a4e2f1b29">00052</a> <span class="preprocessor">#define MAX_REALM_LENGTH 256</span> <a name="l00053"></a>00053 <span class="preprocessor"></span> <a name="l00057"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a54692f11f281f0ba8ce56cd3551cc51e">00057</a> <span class="preprocessor">#define MAX_AUTH_RESPONSE_LENGTH 128</span> <a name="l00058"></a>00058 <span class="preprocessor"></span> <a name="l00066"></a>00066 <span class="keyword">static</span> <span class="keywordtype">void</span> <a name="l00067"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">00067</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(<span class="keyword">const</span> <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> *bin, <a name="l00068"></a>00068 <span class="keywordtype">size_t</span> len, <a name="l00069"></a>00069 <span class="keywordtype">char</span> *hex) <a name="l00070"></a>00070 { <a name="l00071"></a>00071 <span class="keywordtype">size_t</span> i; <a name="l00072"></a>00072 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> j; <a name="l00073"></a>00073 <a name="l00074"></a>00074 <span class="keywordflow">for</span> (i = 0; i < len; ++i) <a name="l00075"></a>00075 { <a name="l00076"></a>00076 j = (bin[i] >> 4) & 0x0f; <a name="l00077"></a>00077 hex[i * 2] = j <= 9 ? (j + <span class="charliteral">'0'</span>) : (j + <span class="charliteral">'a'</span> - 10); <a name="l00078"></a>00078 j = bin[i] & 0x0f; <a name="l00079"></a>00079 hex[i * 2 + 1] = j <= 9 ? (j + <span class="charliteral">'0'</span>) : (j + <span class="charliteral">'a'</span> - 10); <a name="l00080"></a>00080 } <a name="l00081"></a>00081 hex[len * 2] = <span class="charliteral">'\0'</span>; <a name="l00082"></a>00082 } <a name="l00083"></a>00083 <a name="l00096"></a>00096 <span class="keyword">static</span> <span class="keywordtype">void</span> <a name="l00097"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#ab7efffdbf8b2fdcd21e5f5eba36c09b0">00097</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#ab7efffdbf8b2fdcd21e5f5eba36c09b0">digest_calc_ha1</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> *alg, <a name="l00098"></a>00098 <span class="keyword">const</span> <span class="keywordtype">char</span> *username, <a name="l00099"></a>00099 <span class="keyword">const</span> <span class="keywordtype">char</span> *realm, <a name="l00100"></a>00100 <span class="keyword">const</span> <span class="keywordtype">char</span> *password, <a name="l00101"></a>00101 <span class="keyword">const</span> <span class="keywordtype">char</span> *nonce, <a name="l00102"></a>00102 <span class="keyword">const</span> <span class="keywordtype">char</span> *cnonce, <a name="l00103"></a>00103 <span class="keywordtype">char</span> *sessionkey) <a name="l00104"></a>00104 { <a name="l00105"></a>00105 <span class="keyword">struct </span><a class="code" href="../../d1/d32/structMD5Context.html">MD5Context</a> md5; <a name="l00106"></a>00106 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> ha1[MD5_DIGEST_SIZE]; <a name="l00107"></a>00107 <a name="l00108"></a>00108 <a class="code" href="../../d7/d6c/md5_8c.html#a2bbee602c0d0da64387e4a15bbf536ac">MD5Init</a> (&md5); <a name="l00109"></a>00109 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, username, strlen (username)); <a name="l00110"></a>00110 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00111"></a>00111 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, realm, strlen (realm)); <a name="l00112"></a>00112 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00113"></a>00113 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, password, strlen (password)); <a name="l00114"></a>00114 <a class="code" href="../../d7/d6c/md5_8c.html#a4eeac999f71dc03917b0fab90a4e703a">MD5Final</a> (ha1, &md5); <a name="l00115"></a>00115 <span class="keywordflow">if</span> (0 == strcasecmp(alg, <span class="stringliteral">"md5-sess"</span>)) <a name="l00116"></a>00116 { <a name="l00117"></a>00117 <a class="code" href="../../d7/d6c/md5_8c.html#a2bbee602c0d0da64387e4a15bbf536ac">MD5Init</a> (&md5); <a name="l00118"></a>00118 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, ha1, <span class="keyword">sizeof</span> (ha1)); <a name="l00119"></a>00119 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00120"></a>00120 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, nonce, strlen (nonce)); <a name="l00121"></a>00121 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00122"></a>00122 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, cnonce, strlen (cnonce)); <a name="l00123"></a>00123 <a class="code" href="../../d7/d6c/md5_8c.html#a4eeac999f71dc03917b0fab90a4e703a">MD5Final</a> (ha1, &md5); <a name="l00124"></a>00124 } <a name="l00125"></a>00125 <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(ha1, <span class="keyword">sizeof</span> (ha1), sessionkey); <a name="l00126"></a>00126 } <a name="l00127"></a>00127 <a name="l00128"></a>00128 <a name="l00142"></a>00142 <span class="keyword">static</span> <span class="keywordtype">void</span> <a name="l00143"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#ab4a23d78c819ed80ef24e5d39d9bb31a">00143</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#ab4a23d78c819ed80ef24e5d39d9bb31a">digest_calc_response</a>(<span class="keyword">const</span> <span class="keywordtype">char</span> *ha1, <a name="l00144"></a>00144 <span class="keyword">const</span> <span class="keywordtype">char</span> *nonce, <a name="l00145"></a>00145 <span class="keyword">const</span> <span class="keywordtype">char</span> *noncecount, <a name="l00146"></a>00146 <span class="keyword">const</span> <span class="keywordtype">char</span> *cnonce, <a name="l00147"></a>00147 <span class="keyword">const</span> <span class="keywordtype">char</span> *qop, <a name="l00148"></a>00148 <span class="keyword">const</span> <span class="keywordtype">char</span> *method, <a name="l00149"></a>00149 <span class="keyword">const</span> <span class="keywordtype">char</span> *uri, <a name="l00150"></a>00150 <span class="keyword">const</span> <span class="keywordtype">char</span> *hentity, <a name="l00151"></a>00151 <span class="keywordtype">char</span> *response) <a name="l00152"></a>00152 { <a name="l00153"></a>00153 <span class="keyword">struct </span><a class="code" href="../../d1/d32/structMD5Context.html">MD5Context</a> md5; <a name="l00154"></a>00154 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> ha2[MD5_DIGEST_SIZE]; <a name="l00155"></a>00155 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> resphash[MD5_DIGEST_SIZE]; <a name="l00156"></a>00156 <span class="keywordtype">char</span> ha2hex[<a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a> + 1]; <a name="l00157"></a>00157 <a name="l00158"></a>00158 <a class="code" href="../../d7/d6c/md5_8c.html#a2bbee602c0d0da64387e4a15bbf536ac">MD5Init</a> (&md5); <a name="l00159"></a>00159 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, method, strlen(method)); <a name="l00160"></a>00160 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00161"></a>00161 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, uri, strlen(uri)); <a name="l00162"></a>00162 <span class="preprocessor">#if 0</span> <a name="l00163"></a>00163 <span class="preprocessor"></span> <span class="keywordflow">if</span> (strcasecmp(qop, <span class="stringliteral">"auth-int"</span>) == 0) <a name="l00164"></a>00164 { <a name="l00165"></a>00165 <span class="comment">/* This is dead code since the rest of this module does</span> <a name="l00166"></a>00166 <span class="comment"> not support auth-int. */</span> <a name="l00167"></a>00167 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00168"></a>00168 <span class="keywordflow">if</span> (hentity != <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00169"></a>00169 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, hentity, strlen(hentity)); <a name="l00170"></a>00170 } <a name="l00171"></a>00171 <span class="preprocessor">#endif </span> <a name="l00172"></a>00172 <span class="preprocessor"></span> <a class="code" href="../../d7/d6c/md5_8c.html#a4eeac999f71dc03917b0fab90a4e703a">MD5Final</a> (ha2, &md5); <a name="l00173"></a>00173 <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(ha2, <a class="code" href="../../da/db0/md5_8h.html#ad86b38d6ab14e243543904e30f26bed2">MD5_DIGEST_SIZE</a>, ha2hex); <a name="l00174"></a>00174 <a class="code" href="../../d7/d6c/md5_8c.html#a2bbee602c0d0da64387e4a15bbf536ac">MD5Init</a> (&md5); <a name="l00175"></a>00175 <span class="comment">/* calculate response */</span> <a name="l00176"></a>00176 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, ha1, <a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a>); <a name="l00177"></a>00177 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00178"></a>00178 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, nonce, strlen(nonce)); <a name="l00179"></a>00179 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00180"></a>00180 <span class="keywordflow">if</span> (<span class="charliteral">'\0'</span> != *qop) <a name="l00181"></a>00181 { <a name="l00182"></a>00182 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, noncecount, strlen(noncecount)); <a name="l00183"></a>00183 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00184"></a>00184 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, cnonce, strlen(cnonce)); <a name="l00185"></a>00185 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00186"></a>00186 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, qop, strlen(qop)); <a name="l00187"></a>00187 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, <span class="stringliteral">":"</span>, 1); <a name="l00188"></a>00188 } <a name="l00189"></a>00189 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a> (&md5, ha2hex, <a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a>); <a name="l00190"></a>00190 <a class="code" href="../../d7/d6c/md5_8c.html#a4eeac999f71dc03917b0fab90a4e703a">MD5Final</a> (resphash, &md5); <a name="l00191"></a>00191 <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(resphash, <span class="keyword">sizeof</span> (resphash), response); <a name="l00192"></a>00192 } <a name="l00193"></a>00193 <a name="l00194"></a>00194 <a name="l00209"></a>00209 <span class="keyword">static</span> <span class="keywordtype">int</span> <a name="l00210"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">00210</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(<span class="keywordtype">char</span> *dest, <a name="l00211"></a>00211 <span class="keywordtype">size_t</span> size, <a name="l00212"></a>00212 <span class="keyword">const</span> <span class="keywordtype">char</span> *data, <a name="l00213"></a>00213 <span class="keyword">const</span> <span class="keywordtype">char</span> *key) <a name="l00214"></a>00214 { <a name="l00215"></a>00215 <span class="keywordtype">size_t</span> keylen = strlen(key); <a name="l00216"></a>00216 <span class="keywordtype">size_t</span> len; <a name="l00217"></a>00217 <span class="keyword">const</span> <span class="keywordtype">char</span> *ptr = data; <a name="l00218"></a>00218 <span class="keyword">const</span> <span class="keywordtype">char</span> *eq; <a name="l00219"></a>00219 <span class="keyword">const</span> <span class="keywordtype">char</span> *q1; <a name="l00220"></a>00220 <span class="keyword">const</span> <span class="keywordtype">char</span> *q2; <a name="l00221"></a>00221 <span class="keyword">const</span> <span class="keywordtype">char</span> *qn; <a name="l00222"></a>00222 <a name="l00223"></a>00223 <span class="keywordflow">if</span> (0 == size) <a name="l00224"></a>00224 <span class="keywordflow">return</span> 0; <a name="l00225"></a>00225 <span class="keywordflow">while</span> (<span class="charliteral">'\0'</span> != *ptr) <a name="l00226"></a>00226 { <a name="l00227"></a>00227 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == (eq = strstr (ptr, <span class="stringliteral">"="</span>))) <a name="l00228"></a>00228 <span class="keywordflow">return</span> 0; <a name="l00229"></a>00229 q1 = eq + 1; <a name="l00230"></a>00230 <span class="keywordflow">while</span> (<span class="charliteral">' '</span> == *q1) <a name="l00231"></a>00231 q1++; <a name="l00232"></a>00232 <span class="keywordflow">if</span> (<span class="charliteral">'\"'</span> != *q1) <a name="l00233"></a>00233 { <a name="l00234"></a>00234 q2 = strstr (q1, <span class="stringliteral">","</span>); <a name="l00235"></a>00235 qn = q2; <a name="l00236"></a>00236 } <a name="l00237"></a>00237 <span class="keywordflow">else</span> <a name="l00238"></a>00238 { <a name="l00239"></a>00239 q1++; <a name="l00240"></a>00240 q2 = strstr (q1, <span class="stringliteral">"\""</span>); <a name="l00241"></a>00241 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == q2) <a name="l00242"></a>00242 <span class="keywordflow">return</span> 0; <span class="comment">/* end quote not found */</span> <a name="l00243"></a>00243 qn = q2 + 1; <a name="l00244"></a>00244 } <a name="l00245"></a>00245 <span class="keywordflow">if</span> ( (0 == strncasecmp (ptr, <a name="l00246"></a>00246 key, <a name="l00247"></a>00247 keylen)) && <a name="l00248"></a>00248 (eq == &ptr[keylen]) ) <a name="l00249"></a>00249 { <a name="l00250"></a>00250 <span class="keywordflow">if</span> (q2 == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00251"></a>00251 { <a name="l00252"></a>00252 len = strlen (q1) + 1; <a name="l00253"></a>00253 <span class="keywordflow">if</span> (size > len) <a name="l00254"></a>00254 size = len; <a name="l00255"></a>00255 size--; <a name="l00256"></a>00256 strncpy (dest, <a name="l00257"></a>00257 q1, <a name="l00258"></a>00258 size); <a name="l00259"></a>00259 dest[size] = <span class="charliteral">'\0'</span>; <a name="l00260"></a>00260 <span class="keywordflow">return</span> size; <a name="l00261"></a>00261 } <a name="l00262"></a>00262 <span class="keywordflow">else</span> <a name="l00263"></a>00263 { <a name="l00264"></a>00264 <span class="keywordflow">if</span> (size > (q2 - q1) + 1) <a name="l00265"></a>00265 size = (q2 - q1) + 1; <a name="l00266"></a>00266 size--; <a name="l00267"></a>00267 memcpy (dest, <a name="l00268"></a>00268 q1, <a name="l00269"></a>00269 size); <a name="l00270"></a>00270 dest[size] = <span class="charliteral">'\0'</span>; <a name="l00271"></a>00271 <span class="keywordflow">return</span> size; <a name="l00272"></a>00272 } <a name="l00273"></a>00273 } <a name="l00274"></a>00274 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == qn) <a name="l00275"></a>00275 <span class="keywordflow">return</span> 0; <a name="l00276"></a>00276 ptr = strstr (qn, <span class="stringliteral">","</span>); <a name="l00277"></a>00277 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == ptr) <a name="l00278"></a>00278 <span class="keywordflow">return</span> 0; <a name="l00279"></a>00279 ptr++; <a name="l00280"></a>00280 <span class="keywordflow">while</span> (<span class="charliteral">' '</span> == *ptr) <a name="l00281"></a>00281 ptr++; <a name="l00282"></a>00282 } <a name="l00283"></a>00283 <span class="keywordflow">return</span> 0; <a name="l00284"></a>00284 } <a name="l00285"></a>00285 <a name="l00286"></a>00286 <a name="l00296"></a>00296 <span class="keyword">static</span> <span class="keywordtype">int</span> <a name="l00297"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#abe126b586c2642612cbf0f45361d48e8">00297</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#abe126b586c2642612cbf0f45361d48e8">check_nonce_nc</a> (<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection, <a name="l00298"></a>00298 <span class="keyword">const</span> <span class="keywordtype">char</span> *nonce, <a name="l00299"></a>00299 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> nc) <a name="l00300"></a>00300 { <a name="l00301"></a>00301 uint32_t off; <a name="l00302"></a>00302 uint32_t mod; <a name="l00303"></a>00303 <span class="keyword">const</span> <span class="keywordtype">char</span> *np; <a name="l00304"></a>00304 <a name="l00305"></a>00305 mod = connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nonce_nc_size; <a name="l00306"></a>00306 <span class="keywordflow">if</span> (0 == mod) <a name="l00307"></a>00307 <span class="keywordflow">return</span> MHD_NO; <span class="comment">/* no array! */</span> <a name="l00308"></a>00308 <span class="comment">/* super-fast xor-based "hash" function for HT lookup in nonce array */</span> <a name="l00309"></a>00309 off = 0; <a name="l00310"></a>00310 np = nonce; <a name="l00311"></a>00311 <span class="keywordflow">while</span> (*np != <span class="charliteral">'\0'</span>) <a name="l00312"></a>00312 { <a name="l00313"></a>00313 off = (off << 8) | (*np ^ (off >> 24)); <a name="l00314"></a>00314 np++; <a name="l00315"></a>00315 } <a name="l00316"></a>00316 off = off % mod; <a name="l00317"></a>00317 <span class="comment">/*</span> <a name="l00318"></a>00318 <span class="comment"> * Look for the nonce, if it does exist and its corresponding</span> <a name="l00319"></a>00319 <span class="comment"> * nonce counter is less than the current nonce counter by 1,</span> <a name="l00320"></a>00320 <span class="comment"> * then only increase the nonce counter by one.</span> <a name="l00321"></a>00321 <span class="comment"> */</span> <a name="l00322"></a>00322 <a name="l00323"></a>00323 pthread_mutex_lock(&connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc_lock); <a name="l00324"></a>00324 <span class="keywordflow">if</span> (nc == 0) <a name="l00325"></a>00325 { <a name="l00326"></a>00326 strcpy(connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc[off].nonce, <a name="l00327"></a>00327 nonce); <a name="l00328"></a>00328 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc[off].nc = 0; <a name="l00329"></a>00329 pthread_mutex_unlock(&connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc_lock); <a name="l00330"></a>00330 <span class="keywordflow">return</span> MHD_YES; <a name="l00331"></a>00331 } <a name="l00332"></a>00332 <span class="keywordflow">if</span> ( (nc <= connection->daemon->nnc[off].nc) || <a name="l00333"></a>00333 (0 != strcmp(connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc[off].nonce, nonce)) ) <a name="l00334"></a>00334 { <a name="l00335"></a>00335 pthread_mutex_unlock(&connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc_lock); <a name="l00336"></a>00336 <span class="preprocessor">#if HAVE_MESSAGES</span> <a name="l00337"></a>00337 <span class="preprocessor"></span> MHD_DLOG (connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>, <a name="l00338"></a>00338 <span class="stringliteral">"Stale nonce received. If this happens a lot, you should probably increase the size of the nonce array.\n"</span>); <a name="l00339"></a>00339 <span class="preprocessor">#endif</span> <a name="l00340"></a>00340 <span class="preprocessor"></span> <span class="keywordflow">return</span> MHD_NO; <a name="l00341"></a>00341 } <a name="l00342"></a>00342 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc[off].nc = nc; <a name="l00343"></a>00343 pthread_mutex_unlock(&connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->nnc_lock); <a name="l00344"></a>00344 <span class="keywordflow">return</span> MHD_YES; <a name="l00345"></a>00345 } <a name="l00346"></a>00346 <a name="l00347"></a>00347 <a name="l00355"></a>00355 <span class="keywordtype">char</span> * <a name="l00356"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a4fa3834833e37ec4b52e57bb55a00c27">00356</a> <a class="code" href="../../dc/d0c/microhttpd_8h.html#a4fa3834833e37ec4b52e57bb55a00c27">MHD_digest_auth_get_username</a>(<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection) <a name="l00357"></a>00357 { <a name="l00358"></a>00358 <span class="keywordtype">size_t</span> len; <a name="l00359"></a>00359 <span class="keywordtype">char</span> user[MAX_USERNAME_LENGTH]; <a name="l00360"></a>00360 <span class="keyword">const</span> <span class="keywordtype">char</span> *header; <a name="l00361"></a>00361 <a name="l00362"></a>00362 header = <a class="code" href="../../dc/d0c/microhttpd_8h.html#adef6bc2332eccb6d5f1679b11fb69b9c">MHD_lookup_connection_value</a>(connection, <a name="l00363"></a>00363 <a class="code" href="../../dc/d0c/microhttpd_8h.html#ab5475b4e8aa05a99c49b3ac916cf7a3aadcde62bdb2e9eafdd8558e770e8bb904">MHD_HEADER_KIND</a>, <a name="l00364"></a>00364 <a class="code" href="../../dc/d0c/microhttpd_8h.html#a4400070683cba949249129b8ed2f4703">MHD_HTTP_HEADER_AUTHORIZATION</a>); <a name="l00365"></a>00365 <span class="keywordflow">if</span> (header == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00366"></a>00366 <span class="keywordflow">return</span> NULL; <a name="l00367"></a>00367 <span class="keywordflow">if</span> (strncmp(header, <a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>, strlen(<a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>)) != 0) <a name="l00368"></a>00368 <span class="keywordflow">return</span> NULL; <a name="l00369"></a>00369 header += strlen (<a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>); <a name="l00370"></a>00370 len = <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(user, <a name="l00371"></a>00371 <span class="keyword">sizeof</span> (user), <a name="l00372"></a>00372 header, <a name="l00373"></a>00373 <span class="stringliteral">"username"</span>); <a name="l00374"></a>00374 <span class="keywordflow">if</span> (!len) <a name="l00375"></a>00375 <span class="keywordflow">return</span> NULL; <a name="l00376"></a>00376 <span class="keywordflow">return</span> strdup(user); <a name="l00377"></a>00377 } <a name="l00378"></a>00378 <a name="l00379"></a>00379 <a name="l00393"></a>00393 <span class="keyword">static</span> <span class="keywordtype">void</span> <a name="l00394"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#aa5718302295510ef153af2850061e544">00394</a> <a class="code" href="../../d3/d5c/digestauth_8c.html#aa5718302295510ef153af2850061e544">calculate_nonce</a> (uint32_t nonce_time, <a name="l00395"></a>00395 <span class="keyword">const</span> <span class="keywordtype">char</span> *method, <a name="l00396"></a>00396 <span class="keyword">const</span> <span class="keywordtype">char</span> *rnd, <a name="l00397"></a>00397 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> rnd_size, <a name="l00398"></a>00398 <span class="keyword">const</span> <span class="keywordtype">char</span> *uri, <a name="l00399"></a>00399 <span class="keyword">const</span> <span class="keywordtype">char</span> *realm, <a name="l00400"></a>00400 <span class="keywordtype">char</span> *nonce) <a name="l00401"></a>00401 { <a name="l00402"></a>00402 <span class="keyword">struct </span><a class="code" href="../../d1/d32/structMD5Context.html">MD5Context</a> md5; <a name="l00403"></a>00403 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> timestamp[4]; <a name="l00404"></a>00404 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> tmpnonce[MD5_DIGEST_SIZE]; <a name="l00405"></a>00405 <span class="keywordtype">char</span> timestamphex[<span class="keyword">sizeof</span>(timestamp)*2+1]; <a name="l00406"></a>00406 <a name="l00407"></a>00407 <a class="code" href="../../d7/d6c/md5_8c.html#a2bbee602c0d0da64387e4a15bbf536ac">MD5Init</a> (&md5); <a name="l00408"></a>00408 timestamp[0] = (nonce_time & 0xff000000) >> 0x18; <a name="l00409"></a>00409 timestamp[1] = (nonce_time & 0x00ff0000) >> 0x10; <a name="l00410"></a>00410 timestamp[2] = (nonce_time & 0x0000ff00) >> 0x08; <a name="l00411"></a>00411 timestamp[3] = (nonce_time & 0x000000ff); <a name="l00412"></a>00412 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, timestamp, 4); <a name="l00413"></a>00413 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, <span class="stringliteral">":"</span>, 1); <a name="l00414"></a>00414 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, method, strlen(method)); <a name="l00415"></a>00415 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, <span class="stringliteral">":"</span>, 1); <a name="l00416"></a>00416 <span class="keywordflow">if</span> (rnd_size > 0) <a name="l00417"></a>00417 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, rnd, rnd_size); <a name="l00418"></a>00418 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, <span class="stringliteral">":"</span>, 1); <a name="l00419"></a>00419 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, uri, strlen(uri)); <a name="l00420"></a>00420 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, <span class="stringliteral">":"</span>, 1); <a name="l00421"></a>00421 <a class="code" href="../../d7/d6c/md5_8c.html#adca0f429128f135876a7864813cc2cf6">MD5Update</a>(&md5, realm, strlen(realm)); <a name="l00422"></a>00422 <a class="code" href="../../d7/d6c/md5_8c.html#a4eeac999f71dc03917b0fab90a4e703a">MD5Final</a> (tmpnonce, &md5); <a name="l00423"></a>00423 <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(tmpnonce, <span class="keyword">sizeof</span> (tmpnonce), nonce); <a name="l00424"></a>00424 <a class="code" href="../../d3/d5c/digestauth_8c.html#afbebdc992cfca4247f9d92948c74e18e">cvthex</a>(timestamp, 4, timestamphex); <a name="l00425"></a>00425 strncat(nonce, timestamphex, 8); <a name="l00426"></a>00426 } <a name="l00427"></a>00427 <a name="l00428"></a>00428 <a name="l00441"></a>00441 <span class="keywordtype">int</span> <a name="l00442"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a884dd2ba2e4a82f9b6584e8a8a111046">00442</a> <a class="code" href="../../dc/d0c/microhttpd_8h.html#a884dd2ba2e4a82f9b6584e8a8a111046">MHD_digest_auth_check</a>(<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection, <a name="l00443"></a>00443 <span class="keyword">const</span> <span class="keywordtype">char</span> *realm, <a name="l00444"></a>00444 <span class="keyword">const</span> <span class="keywordtype">char</span> *username, <a name="l00445"></a>00445 <span class="keyword">const</span> <span class="keywordtype">char</span> *password, <a name="l00446"></a>00446 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> nonce_timeout) <a name="l00447"></a>00447 { <a name="l00448"></a>00448 <span class="keywordtype">size_t</span> len; <a name="l00449"></a>00449 <span class="keyword">const</span> <span class="keywordtype">char</span> *header; <a name="l00450"></a>00450 <span class="keywordtype">char</span> nonce[MAX_NONCE_LENGTH]; <a name="l00451"></a>00451 <span class="keywordtype">char</span> cnonce[MAX_NONCE_LENGTH]; <a name="l00452"></a>00452 <span class="keywordtype">char</span> qop[15]; <span class="comment">/* auth,auth-int */</span> <a name="l00453"></a>00453 <span class="keywordtype">char</span> nc[20]; <a name="l00454"></a>00454 <span class="keywordtype">char</span> response[MAX_AUTH_RESPONSE_LENGTH]; <a name="l00455"></a>00455 <span class="keyword">const</span> <span class="keywordtype">char</span> *hentity = NULL; <span class="comment">/* "auth-int" is not supported */</span> <a name="l00456"></a>00456 <span class="keywordtype">char</span> ha1[<a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a> + 1]; <a name="l00457"></a>00457 <span class="keywordtype">char</span> respexp[<a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a> + 1]; <a name="l00458"></a>00458 <span class="keywordtype">char</span> noncehashexp[<a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a> + 9]; <a name="l00459"></a>00459 uint32_t nonce_time; <a name="l00460"></a>00460 uint32_t t; <a name="l00461"></a>00461 <span class="keywordtype">size_t</span> left; <span class="comment">/* number of characters left in 'header' for 'uri' */</span> <a name="l00462"></a>00462 <span class="keywordtype">unsigned</span> <span class="keywordtype">int</span> nci; <a name="l00463"></a>00463 <a name="l00464"></a>00464 header = <a class="code" href="../../dc/d0c/microhttpd_8h.html#adef6bc2332eccb6d5f1679b11fb69b9c">MHD_lookup_connection_value</a>(connection, <a name="l00465"></a>00465 <a class="code" href="../../dc/d0c/microhttpd_8h.html#ab5475b4e8aa05a99c49b3ac916cf7a3aadcde62bdb2e9eafdd8558e770e8bb904">MHD_HEADER_KIND</a>, <a name="l00466"></a>00466 <a class="code" href="../../dc/d0c/microhttpd_8h.html#a4400070683cba949249129b8ed2f4703">MHD_HTTP_HEADER_AUTHORIZATION</a>); <a name="l00467"></a>00467 <span class="keywordflow">if</span> (header == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00468"></a>00468 <span class="keywordflow">return</span> MHD_NO; <a name="l00469"></a>00469 <span class="keywordflow">if</span> (strncmp(header, <a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>, strlen(<a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>)) != 0) <a name="l00470"></a>00470 <span class="keywordflow">return</span> MHD_NO; <a name="l00471"></a>00471 header += strlen (<a class="code" href="../../d3/d5c/digestauth_8c.html#aa16efc9e8c49f37521999e16d47818dc">_BASE</a>); <a name="l00472"></a>00472 left = strlen (header); <a name="l00473"></a>00473 <a name="l00474"></a>00474 { <a name="l00475"></a>00475 <span class="keywordtype">char</span> un[MAX_USERNAME_LENGTH]; <a name="l00476"></a>00476 len = <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(un, <a name="l00477"></a>00477 <span class="keyword">sizeof</span> (un), <a name="l00478"></a>00478 header, <span class="stringliteral">"username"</span>); <a name="l00479"></a>00479 <span class="keywordflow">if</span> ( (!len) || <a name="l00480"></a>00480 (strcmp(username, un) != 0) ) <a name="l00481"></a>00481 <span class="keywordflow">return</span> MHD_NO; <a name="l00482"></a>00482 left -= strlen (<span class="stringliteral">"username"</span>) + len; <a name="l00483"></a>00483 } <a name="l00484"></a>00484 <a name="l00485"></a>00485 { <a name="l00486"></a>00486 <span class="keywordtype">char</span> r[MAX_REALM_LENGTH]; <a name="l00487"></a>00487 len = <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(r, <a name="l00488"></a>00488 <span class="keyword">sizeof</span> (r), <a name="l00489"></a>00489 header, <span class="stringliteral">"realm"</span>); <a name="l00490"></a>00490 <span class="keywordflow">if</span> ( (!len) || <a name="l00491"></a>00491 (strcmp(realm, r) != 0) ) <a name="l00492"></a>00492 <span class="keywordflow">return</span> MHD_NO; <a name="l00493"></a>00493 left -= strlen (<span class="stringliteral">"realm"</span>) + len; <a name="l00494"></a>00494 } <a name="l00495"></a>00495 <a name="l00496"></a>00496 <span class="keywordflow">if</span> (0 == (len = <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(nonce, <a name="l00497"></a>00497 <span class="keyword">sizeof</span> (nonce), <a name="l00498"></a>00498 header, <span class="stringliteral">"nonce"</span>))) <a name="l00499"></a>00499 <span class="keywordflow">return</span> MHD_NO; <a name="l00500"></a>00500 left -= strlen (<span class="stringliteral">"nonce"</span>) + len; <a name="l00501"></a>00501 <a name="l00502"></a>00502 { <a name="l00503"></a>00503 <span class="keywordtype">char</span> uri[left]; <a name="l00504"></a>00504 <a name="l00505"></a>00505 <span class="keywordflow">if</span> (0 == <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(uri, <a name="l00506"></a>00506 <span class="keyword">sizeof</span> (uri), <a name="l00507"></a>00507 header, <span class="stringliteral">"uri"</span>)) <a name="l00508"></a>00508 <span class="keywordflow">return</span> MHD_NO; <a name="l00509"></a>00509 <a name="l00510"></a>00510 <span class="comment">/* 8 = 4 hexadecimal numbers for the timestamp */</span> <a name="l00511"></a>00511 nonce_time = strtoul(nonce + len - 8, (<span class="keywordtype">char</span> **)<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>, 16); <a name="l00512"></a>00512 t = (uint32_t) time(NULL); <a name="l00513"></a>00513 <span class="comment">/*</span> <a name="l00514"></a>00514 <span class="comment"> * First level vetting for the nonce validity</span> <a name="l00515"></a>00515 <span class="comment"> * if the timestamp attached to the nonce</span> <a name="l00516"></a>00516 <span class="comment"> * exceeds `nonce_timeout' then the nonce is</span> <a name="l00517"></a>00517 <span class="comment"> * invalid.</span> <a name="l00518"></a>00518 <span class="comment"> */</span> <a name="l00519"></a>00519 <span class="keywordflow">if</span> (t > nonce_time + nonce_timeout) <a name="l00520"></a>00520 <span class="keywordflow">return</span> MHD_INVALID_NONCE; <a name="l00521"></a>00521 <a class="code" href="../../d3/d5c/digestauth_8c.html#aa5718302295510ef153af2850061e544">calculate_nonce</a> (nonce_time, <a name="l00522"></a>00522 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#a7872b97b30b552ffa0d27c45b5b3173b">method</a>, <a name="l00523"></a>00523 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->digest_auth_random, <a name="l00524"></a>00524 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->digest_auth_rand_size, <a name="l00525"></a>00525 uri, <a name="l00526"></a>00526 realm, <a name="l00527"></a>00527 noncehashexp); <a name="l00528"></a>00528 <span class="comment">/*</span> <a name="l00529"></a>00529 <span class="comment"> * Second level vetting for the nonce validity</span> <a name="l00530"></a>00530 <span class="comment"> * if the timestamp attached to the nonce is valid</span> <a name="l00531"></a>00531 <span class="comment"> * and possibly fabricated (in case of an attack)</span> <a name="l00532"></a>00532 <span class="comment"> * the attacker must also know the random seed to be</span> <a name="l00533"></a>00533 <span class="comment"> * able to generate a "sane" nonce, which if he does</span> <a name="l00534"></a>00534 <span class="comment"> * not, the nonce fabrication process going to be</span> <a name="l00535"></a>00535 <span class="comment"> * very hard to achieve.</span> <a name="l00536"></a>00536 <span class="comment"> */</span> <a name="l00537"></a>00537 <a name="l00538"></a>00538 <span class="keywordflow">if</span> (0 != strcmp(nonce, noncehashexp)) <a name="l00539"></a>00539 <span class="keywordflow">return</span> MHD_INVALID_NONCE; <a name="l00540"></a>00540 <span class="keywordflow">if</span> ( (0 == <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(cnonce, <a name="l00541"></a>00541 <span class="keyword">sizeof</span> (cnonce), <a name="l00542"></a>00542 header, <span class="stringliteral">"cnonce"</span>)) || <a name="l00543"></a>00543 (0 == <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(qop, <span class="keyword">sizeof</span> (qop), header, <span class="stringliteral">"qop"</span>)) || <a name="l00544"></a>00544 ( (0 != strcmp (qop, <span class="stringliteral">"auth"</span>)) && <a name="l00545"></a>00545 (0 != strcmp (qop, <span class="stringliteral">""</span>)) ) || <a name="l00546"></a>00546 (0 == <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(nc, <span class="keyword">sizeof</span> (nc), header, <span class="stringliteral">"nc"</span>)) || <a name="l00547"></a>00547 (1 != sscanf (nc, <span class="stringliteral">"%u"</span>, &nci)) || <a name="l00548"></a>00548 (0 == <a class="code" href="../../d3/d5c/digestauth_8c.html#acbec76abd5b5f50a68654081bd14c242">lookup_sub_value</a>(response, <span class="keyword">sizeof</span> (response), header, <span class="stringliteral">"response"</span>)) ) <a name="l00549"></a>00549 <span class="keywordflow">return</span> MHD_NO; <a name="l00550"></a>00550 <a name="l00551"></a>00551 <span class="comment">/*</span> <a name="l00552"></a>00552 <span class="comment"> * Checking if that combination of nonce and nc is sound</span> <a name="l00553"></a>00553 <span class="comment"> * and not a replay attack attempt. Also adds the nonce</span> <a name="l00554"></a>00554 <span class="comment"> * to the nonce-nc map if it does not exist there.</span> <a name="l00555"></a>00555 <span class="comment"> */</span> <a name="l00556"></a>00556 <a name="l00557"></a>00557 <span class="keywordflow">if</span> (<a class="code" href="../../dc/d0c/microhttpd_8h.html#a802c6784232db3736734807f2fb54e5c">MHD_YES</a> != <a class="code" href="../../d3/d5c/digestauth_8c.html#abe126b586c2642612cbf0f45361d48e8">check_nonce_nc</a> (connection, nonce, nci)) <a name="l00558"></a>00558 <span class="keywordflow">return</span> MHD_NO; <a name="l00559"></a>00559 <a name="l00560"></a>00560 <a class="code" href="../../d3/d5c/digestauth_8c.html#ab7efffdbf8b2fdcd21e5f5eba36c09b0">digest_calc_ha1</a>(<span class="stringliteral">"md5"</span>, <a name="l00561"></a>00561 username, <a name="l00562"></a>00562 realm, <a name="l00563"></a>00563 password, <a name="l00564"></a>00564 nonce, <a name="l00565"></a>00565 cnonce, <a name="l00566"></a>00566 ha1); <a name="l00567"></a>00567 <a class="code" href="../../d3/d5c/digestauth_8c.html#ab4a23d78c819ed80ef24e5d39d9bb31a">digest_calc_response</a>(ha1, <a name="l00568"></a>00568 nonce, <a name="l00569"></a>00569 nc, <a name="l00570"></a>00570 cnonce, <a name="l00571"></a>00571 qop, <a name="l00572"></a>00572 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#a7872b97b30b552ffa0d27c45b5b3173b">method</a>, <a name="l00573"></a>00573 uri, <a name="l00574"></a>00574 hentity, <a name="l00575"></a>00575 respexp); <a name="l00576"></a>00576 <span class="keywordflow">return</span> strcmp(response, respexp) == 0 ? <a class="code" href="../../dc/d0c/microhttpd_8h.html#a802c6784232db3736734807f2fb54e5c">MHD_YES</a> : MHD_NO; <a name="l00577"></a>00577 } <a name="l00578"></a>00578 } <a name="l00579"></a>00579 <a name="l00580"></a>00580 <a name="l00591"></a>00591 <span class="keywordtype">int</span> <a name="l00592"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#ababd5733dd1c21de5c099ad1d9c3c418">00592</a> <a class="code" href="../../dc/d0c/microhttpd_8h.html#ababd5733dd1c21de5c099ad1d9c3c418">MHD_queue_auth_fail_response</a>(<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection, <a name="l00593"></a>00593 <span class="keyword">const</span> <span class="keywordtype">char</span> *realm, <a name="l00594"></a>00594 <span class="keyword">const</span> <span class="keywordtype">char</span> *opaque, <a name="l00595"></a>00595 <span class="keyword">struct</span> <a class="code" href="../../d5/d10/structMHD__Response.html">MHD_Response</a> *response, <a name="l00596"></a>00596 <span class="keywordtype">int</span> signal_stale) <a name="l00597"></a>00597 { <a name="l00598"></a>00598 <span class="keywordtype">int</span> ret; <a name="l00599"></a>00599 <span class="keywordtype">size_t</span> hlen; <a name="l00600"></a>00600 <span class="keywordtype">char</span> nonce[<a class="code" href="../../d3/d5c/digestauth_8c.html#a2f5d5a398fdba2a14d581ad8e2bdde34">HASH_MD5_HEX_LEN</a> + 9]; <a name="l00601"></a>00601 <a name="l00602"></a>00602 <span class="comment">/* Generating the server nonce */</span> <a name="l00603"></a>00603 <a class="code" href="../../d3/d5c/digestauth_8c.html#aa5718302295510ef153af2850061e544">calculate_nonce</a> ((uint32_t) time(<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>), <a name="l00604"></a>00604 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#a7872b97b30b552ffa0d27c45b5b3173b">method</a>, <a name="l00605"></a>00605 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->digest_auth_random, <a name="l00606"></a>00606 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>->digest_auth_rand_size, <a name="l00607"></a>00607 connection-><a class="code" href="../../df/d50/structMHD__Connection.html#a113d6d7f52f3367616e54febb19609b3">url</a>, <a name="l00608"></a>00608 realm, <a name="l00609"></a>00609 nonce); <a name="l00610"></a>00610 <span class="keywordflow">if</span> (<a class="code" href="../../dc/d0c/microhttpd_8h.html#a802c6784232db3736734807f2fb54e5c">MHD_YES</a> != <a class="code" href="../../d3/d5c/digestauth_8c.html#abe126b586c2642612cbf0f45361d48e8">check_nonce_nc</a> (connection, nonce, 0)) <a name="l00611"></a>00611 { <a name="l00612"></a>00612 <span class="preprocessor">#if HAVE_MESSAGES</span> <a name="l00613"></a>00613 <span class="preprocessor"></span> MHD_DLOG (connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>, <a name="l00614"></a>00614 <span class="stringliteral">"Could not register nonce (is the nonce array size zero?).\n"</span>); <a name="l00615"></a>00615 <span class="preprocessor">#endif</span> <a name="l00616"></a>00616 <span class="preprocessor"></span> <span class="keywordflow">return</span> MHD_NO; <a name="l00617"></a>00617 } <a name="l00618"></a>00618 <span class="comment">/* Building the authentication header */</span> <a name="l00619"></a>00619 hlen = snprintf(<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>, <a name="l00620"></a>00620 0, <a name="l00621"></a>00621 <span class="stringliteral">"Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s"</span>, <a name="l00622"></a>00622 realm, <a name="l00623"></a>00623 nonce, <a name="l00624"></a>00624 opaque, <a name="l00625"></a>00625 signal_stale ? <span class="stringliteral">",stale=\"true\""</span> : <span class="stringliteral">""</span>); <a name="l00626"></a>00626 { <a name="l00627"></a>00627 <span class="keywordtype">char</span> header[hlen + 1]; <a name="l00628"></a>00628 snprintf(header, <a name="l00629"></a>00629 <span class="keyword">sizeof</span>(header), <a name="l00630"></a>00630 <span class="stringliteral">"Digest realm=\"%s\",qop=\"auth\",nonce=\"%s\",opaque=\"%s\"%s"</span>, <a name="l00631"></a>00631 realm, <a name="l00632"></a>00632 nonce, <a name="l00633"></a>00633 opaque, <a name="l00634"></a>00634 signal_stale ? <span class="stringliteral">",stale=\"true\""</span> : <span class="stringliteral">""</span>); <a name="l00635"></a>00635 ret = <a class="code" href="../../dc/d0c/microhttpd_8h.html#a2091d2691bb976dc32606f6a2ead60bb">MHD_add_response_header</a>(response, <a name="l00636"></a>00636 <a class="code" href="../../dc/d0c/microhttpd_8h.html#ad2f35dc8bf2ad4a675c9104e6cd97d55">MHD_HTTP_HEADER_WWW_AUTHENTICATE</a>, <a name="l00637"></a>00637 header); <a name="l00638"></a>00638 } <a name="l00639"></a>00639 <span class="keywordflow">if</span> (<a class="code" href="../../dc/d0c/microhttpd_8h.html#a802c6784232db3736734807f2fb54e5c">MHD_YES</a> == ret) <a name="l00640"></a>00640 ret = <a class="code" href="../../dc/d0c/microhttpd_8h.html#aa0ee587cdd6d860add50dbeb62a81fe1">MHD_queue_response</a>(connection, <a name="l00641"></a>00641 <a class="code" href="../../dc/d0c/microhttpd_8h.html#a8d6ffe91a95aae60f81c49a272b5d4de">MHD_HTTP_UNAUTHORIZED</a>, <a name="l00642"></a>00642 response); <a name="l00643"></a>00643 <span class="keywordflow">return</span> ret; <a name="l00644"></a>00644 } <a name="l00645"></a>00645 <a name="l00646"></a>00646 <a name="l00655"></a>00655 <span class="keywordtype">char</span> * <a name="l00656"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#abd1e3fa0e5a5b54f6127c50a0d509190">00656</a> <a class="code" href="../../dc/d0c/microhttpd_8h.html#abd1e3fa0e5a5b54f6127c50a0d509190">MHD_basic_auth_get_username_password</a>(<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection, <a name="l00657"></a>00657 <span class="keywordtype">char</span>** password) <a name="l00658"></a>00658 { <a name="l00659"></a>00659 <span class="keyword">const</span> <span class="keywordtype">char</span> *header; <a name="l00660"></a>00660 <span class="keywordtype">char</span> *decode; <a name="l00661"></a>00661 <span class="keyword">const</span> <span class="keywordtype">char</span> *separator; <a name="l00662"></a>00662 <span class="keywordtype">char</span> *user; <a name="l00663"></a>00663 <a name="l00664"></a>00664 header = <a class="code" href="../../dc/d0c/microhttpd_8h.html#adef6bc2332eccb6d5f1679b11fb69b9c">MHD_lookup_connection_value</a>(connection, <a name="l00665"></a>00665 <a class="code" href="../../dc/d0c/microhttpd_8h.html#ab5475b4e8aa05a99c49b3ac916cf7a3aadcde62bdb2e9eafdd8558e770e8bb904">MHD_HEADER_KIND</a>, <a name="l00666"></a>00666 <a class="code" href="../../dc/d0c/microhttpd_8h.html#a4400070683cba949249129b8ed2f4703">MHD_HTTP_HEADER_AUTHORIZATION</a>); <a name="l00667"></a>00667 <span class="keywordflow">if</span> (header == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00668"></a>00668 <span class="keywordflow">return</span> NULL; <a name="l00669"></a>00669 <span class="keywordflow">if</span> (strncmp(header, <a class="code" href="../../d3/d5c/digestauth_8c.html#ac9ae7f90d5195e72c134de9d658dcbed">_BASIC_BASE</a>, strlen(<a class="code" href="../../d3/d5c/digestauth_8c.html#ac9ae7f90d5195e72c134de9d658dcbed">_BASIC_BASE</a>)) != 0) <a name="l00670"></a>00670 <span class="keywordflow">return</span> NULL; <a name="l00671"></a>00671 header += strlen(<a class="code" href="../../d3/d5c/digestauth_8c.html#ac9ae7f90d5195e72c134de9d658dcbed">_BASIC_BASE</a>); <a name="l00672"></a>00672 decode = <a class="code" href="../../db/d36/base64_8c.html#ae7d31ad81d9ec3bb6dd8402256b0f6a4">BASE64Decode</a>(header); <a name="l00673"></a>00673 <span class="keywordflow">if</span> (decode == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00674"></a>00674 { <a name="l00675"></a>00675 <span class="preprocessor">#if HAVE_MESSAGES</span> <a name="l00676"></a>00676 <span class="preprocessor"></span> MHD_DLOG(connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>, <a name="l00677"></a>00677 <span class="stringliteral">"Error decoding basic authentication\n"</span>); <a name="l00678"></a>00678 <span class="preprocessor">#endif</span> <a name="l00679"></a>00679 <span class="preprocessor"></span> <span class="keywordflow">return</span> NULL; <a name="l00680"></a>00680 } <a name="l00681"></a>00681 <span class="comment">/* Find user:password pattern */</span> <a name="l00682"></a>00682 separator = strstr(decode, <span class="stringliteral">":"</span>); <a name="l00683"></a>00683 <span class="keywordflow">if</span> (separator == <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00684"></a>00684 { <a name="l00685"></a>00685 <span class="preprocessor">#if HAVE_MESSAGES</span> <a name="l00686"></a>00686 <span class="preprocessor"></span> MHD_DLOG(connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>, <a name="l00687"></a>00687 <span class="stringliteral">"Basic authentication doesn't contain ':' separator\n"</span>); <a name="l00688"></a>00688 <span class="preprocessor">#endif</span> <a name="l00689"></a>00689 <span class="preprocessor"></span> free(decode); <a name="l00690"></a>00690 <span class="keywordflow">return</span> NULL; <a name="l00691"></a>00691 } <a name="l00692"></a>00692 user = strdup(decode); <a name="l00693"></a>00693 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == user) <a name="l00694"></a>00694 { <a name="l00695"></a>00695 free (decode); <a name="l00696"></a>00696 <span class="keywordflow">return</span> NULL; <a name="l00697"></a>00697 } <a name="l00698"></a>00698 user[separator - decode] = <span class="charliteral">'\0'</span>; <span class="comment">/* cut off at ':' */</span> <a name="l00699"></a>00699 <span class="keywordflow">if</span> (password != <a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a>) <a name="l00700"></a>00700 { <a name="l00701"></a>00701 *password = strdup(separator + 1); <a name="l00702"></a>00702 <span class="keywordflow">if</span> (<a class="code" href="../../dc/df0/reason__phrase_8c.html#a070d2ce7b6bb7e5c05602aa8c308d0c4">NULL</a> == *password) <a name="l00703"></a>00703 { <a name="l00704"></a>00704 <span class="preprocessor">#if HAVE_MESSAGES</span> <a name="l00705"></a>00705 <span class="preprocessor"></span> MHD_DLOG(connection-><a class="code" href="../../df/d50/structMHD__Connection.html#ad2a51c2f1ec5088469856c785ad2c04d">daemon</a>, <a name="l00706"></a>00706 <span class="stringliteral">"Failed to allocate memory for password\n"</span>); <a name="l00707"></a>00707 <span class="preprocessor">#endif</span> <a name="l00708"></a>00708 <span class="preprocessor"></span> free (decode); <a name="l00709"></a>00709 free (user); <a name="l00710"></a>00710 <span class="keywordflow">return</span> NULL; <a name="l00711"></a>00711 } <a name="l00712"></a>00712 } <a name="l00713"></a>00713 free(decode); <a name="l00714"></a>00714 <span class="keywordflow">return</span> user; <a name="l00715"></a>00715 } <a name="l00716"></a>00716 <a name="l00717"></a>00717 <a name="l00725"></a>00725 <span class="keywordtype">int</span> <a name="l00726"></a><a class="code" href="../../d3/d5c/digestauth_8c.html#a3deb764f416186b9b5868d5bce13305c">00726</a> <a class="code" href="../../dc/d0c/microhttpd_8h.html#a3deb764f416186b9b5868d5bce13305c">MHD_queue_basic_auth_fail_response</a>(<span class="keyword">struct</span> <a class="code" href="../../df/d50/structMHD__Connection.html">MHD_Connection</a> *connection, <a name="l00727"></a>00727 <span class="keyword">const</span> <span class="keywordtype">char</span> *realm, <a name="l00728"></a>00728 <span class="keyword">struct</span> <a class="code" href="../../d5/d10/structMHD__Response.html">MHD_Response</a> *response) <a name="l00729"></a>00729 { <a name="l00730"></a>00730 <span class="keywordtype">int</span> ret; <a name="l00731"></a>00731 <span class="keywordtype">size_t</span> hlen = strlen(realm) + strlen(<span class="stringliteral">"Basic realm=\"\""</span>); <a name="l00732"></a>00732 <span class="keywordtype">char</span> header[hlen + 1]; <a name="l00733"></a>00733 <a name="l00734"></a>00734 <span class="keywordflow">if</span> (hlen != <a name="l00735"></a>00735 snprintf(header, <a name="l00736"></a>00736 hlen + 1, <a name="l00737"></a>00737 <span class="stringliteral">"Basic realm=\"%s\""</span>, <a name="l00738"></a>00738 realm)) <a name="l00739"></a>00739 { <a name="l00740"></a>00740 <a class="code" href="../../db/dde/internal_8h.html#afade656687a6411b222b89fd59ddbafb">EXTRA_CHECK</a> (0); <a name="l00741"></a>00741 <span class="keywordflow">return</span> MHD_NO; <a name="l00742"></a>00742 } <a name="l00743"></a>00743 ret = <a class="code" href="../../dc/d0c/microhttpd_8h.html#a2091d2691bb976dc32606f6a2ead60bb">MHD_add_response_header</a>(response, <a name="l00744"></a>00744 <a class="code" href="../../dc/d0c/microhttpd_8h.html#ad2f35dc8bf2ad4a675c9104e6cd97d55">MHD_HTTP_HEADER_WWW_AUTHENTICATE</a>, <a name="l00745"></a>00745 header); <a name="l00746"></a>00746 <span class="keywordflow">if</span> (<a class="code" href="../../dc/d0c/microhttpd_8h.html#a802c6784232db3736734807f2fb54e5c">MHD_YES</a> == ret) <a name="l00747"></a>00747 ret = <a class="code" href="../../dc/d0c/microhttpd_8h.html#aa0ee587cdd6d860add50dbeb62a81fe1">MHD_queue_response</a>(connection, <a name="l00748"></a>00748 <a class="code" href="../../dc/d0c/microhttpd_8h.html#a8d6ffe91a95aae60f81c49a272b5d4de">MHD_HTTP_UNAUTHORIZED</a>, <a name="l00749"></a>00749 response); <a name="l00750"></a>00750 <span class="keywordflow">return</span> ret; <a name="l00751"></a>00751 } <a name="l00752"></a>00752 <a name="l00753"></a>00753 <span class="comment">/* end of digestauth.c */</span> </pre></div></div> </div> <hr class="footer"/><address class="footer"><small>Generated on Wed Jan 26 2011 for GNU libmicrohttpd by <a href="http://www.doxygen.org/index.html"> <img class="footer" src="../../doxygen.png" alt="doxygen"/></a> 1.7.1 </small></address> </body> </html>