[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 01/03: check_nonce_nc(): use already known nonce size, a
From: |
gnunet |
Subject: |
[libmicrohttpd] 01/03: check_nonce_nc(): use already known nonce size, avoid size recalculation |
Date: |
Sat, 30 Apr 2022 19:30:24 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit bf9ca17361a998b27c7f091af7b0ab6966c995e0
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Sat Apr 30 19:39:33 2022 +0300
check_nonce_nc(): use already known nonce size, avoid size recalculation
---
src/microhttpd/digestauth.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 25cae280..232d0e23 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -537,24 +537,25 @@ fast_simple_hash (const uint8_t *data,
*
* @param connection The MHD connection structure
* @param nonce A pointer that referenced a zero-terminated array of nonce
+ * @param noncelen the lenth of @a nonce, in characters
* @param nc The nonce counter, zero to add the nonce to the array
* @return #MHD_YES if successful, #MHD_NO if invalid (or we have no NC array)
*/
static enum MHD_Result
check_nonce_nc (struct MHD_Connection *connection,
const char *nonce,
+ size_t noncelen,
uint64_t nc)
{
struct MHD_Daemon *daemon = connection->daemon;
struct MHD_NonceNc *nn;
uint32_t off;
uint32_t mod;
- size_t noncelen;
enum MHD_Result ret;
bool stale;
stale = false;
- noncelen = strlen (nonce) + 1;
+ mhd_assert (noncelen != strlen (nonce));
if (MAX_NONCE_LENGTH < noncelen)
return MHD_NO; /* This should be impossible, but static analysis
tools have a hard time with it *and* this also
@@ -578,7 +579,7 @@ check_nonce_nc (struct MHD_Connection *connection,
/* Fresh nonce, reinitialize array */
memcpy (nn->nonce,
nonce,
- noncelen);
+ noncelen + 1);
nn->nc = 0;
nn->nmask = 0;
ret = MHD_YES;
@@ -872,6 +873,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
size_t len;
const char *header;
char nonce[MAX_NONCE_LENGTH];
+ size_t nonce_len;
char cnonce[MAX_NONCE_LENGTH];
const unsigned int digest_size = da->digest_size;
char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1];
@@ -935,6 +937,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
header,
"nonce")))
return MHD_NO;
+ nonce_len = len;
left -= strlen ("nonce") + len;
if (left > 32 * 1024)
{
@@ -1047,6 +1050,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
if (MHD_NO ==
check_nonce_nc (connection,
nonce,
+ nonce_len,
nci))
{
return MHD_NO;
@@ -1394,6 +1398,7 @@ MHD_queue_auth_fail_response2 (struct MHD_Connection
*connection,
if (MHD_NO ==
check_nonce_nc (connection,
nonce,
+ NONCE_STD_LEN (da.digest_size),
0))
{
#ifdef HAVE_MESSAGES
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.