Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Contribute to GitLab
Sign in
Toggle navigation
M
mongoose
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
esp
mongoose
Commits
d4b55c4c
Commit
d4b55c4c
authored
Aug 22, 2017
by
Dmitry Frank
Committed by
Cesanta Bot
Aug 22, 2017
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Separate digest auth from HTTP headers parsing
PUBLISHED_FROM=f97569ae2f31ab94ce4875eae4d0a198f719c388
parent
7d547998
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
62 additions
and
15 deletions
+62
-15
intro.md
docs/c-api/http_server.h/intro.md
+1
-0
mg_check_digest_auth.md
docs/c-api/http_server.h/mg_check_digest_auth.md
+17
-0
mongoose.c
mongoose.c
+32
-15
mongoose.h
mongoose.h
+12
-0
No files found.
docs/c-api/http_server.h/intro.md
View file @
d4b55c4c
...
@@ -3,6 +3,7 @@ title: "Server API reference"
...
@@ -3,6 +3,7 @@ title: "Server API reference"
symbol_kind
:
"
intro"
symbol_kind
:
"
intro"
decl_name
:
"
http_server.h"
decl_name
:
"
http_server.h"
items
:
items
:
-
{
name
:
mg_check_digest_auth.md
}
-
{
name
:
mg_file_upload_handler.md
}
-
{
name
:
mg_file_upload_handler.md
}
-
{
name
:
mg_get_http_basic_auth.md
}
-
{
name
:
mg_get_http_basic_auth.md
}
-
{
name
:
mg_get_http_header.md
}
-
{
name
:
mg_get_http_header.md
}
...
...
docs/c-api/http_server.h/mg_check_digest_auth.md
0 → 100644
View file @
d4b55c4c
---
title
:
"
mg_check_digest_auth()"
decl_name
:
"
mg_check_digest_auth"
symbol_kind
:
"
func"
signature
:
|
int mg_check_digest_auth(struct mg_str method, struct mg_str uri,
struct mg_str username, struct mg_str cnonce,
struct mg_str response, struct mg_str qop,
struct mg_str nc, struct mg_str nonce,
struct mg_str auth_domain, FILE *fp);
---
Authenticates given response params against an opened password file.
Returns 1 if authenticated, 0 otherwise.
It's used by mg_http_check_digest_auth().
mongoose.c
View file @
d4b55c4c
...
@@ -6973,14 +6973,13 @@ static int mg_check_nonce(const char *nonce) {
...
@@ -6973,14 +6973,13 @@ static int mg_check_nonce(const char *nonce) {
int
mg_http_check_digest_auth
(
struct
http_message
*
hm
,
const
char
*
auth_domain
,
int
mg_http_check_digest_auth
(
struct
http_message
*
hm
,
const
char
*
auth_domain
,
FILE
*
fp
)
{
FILE
*
fp
)
{
struct
mg_str
*
hdr
;
struct
mg_str
*
hdr
;
char
buf
[
128
],
f_user
[
sizeof
(
buf
)],
f_ha1
[
sizeof
(
buf
)],
f_domain
[
sizeof
(
buf
)];
char
username
[
50
],
cnonce
[
64
],
response
[
40
],
uri
[
200
],
qop
[
20
],
nc
[
20
],
char
user
[
50
],
cnonce
[
64
],
response
[
40
],
uri
[
200
],
qop
[
20
],
nc
[
20
],
nonce
[
30
];
nonce
[
30
];
char
expected_response
[
33
];
/* Parse "Authorization:" header, fail fast on parse error */
/* Parse "Authorization:" header, fail fast on parse error */
if
(
hm
==
NULL
||
fp
==
NULL
||
if
(
hm
==
NULL
||
fp
==
NULL
||
(
hdr
=
mg_get_http_header
(
hm
,
"Authorization"
))
==
NULL
||
(
hdr
=
mg_get_http_header
(
hm
,
"Authorization"
))
==
NULL
||
mg_http_parse_header
(
hdr
,
"username"
,
user
,
sizeof
(
user
))
==
0
||
mg_http_parse_header
(
hdr
,
"username"
,
user
name
,
sizeof
(
username
))
==
0
||
mg_http_parse_header
(
hdr
,
"cnonce"
,
cnonce
,
sizeof
(
cnonce
))
==
0
||
mg_http_parse_header
(
hdr
,
"cnonce"
,
cnonce
,
sizeof
(
cnonce
))
==
0
||
mg_http_parse_header
(
hdr
,
"response"
,
response
,
sizeof
(
response
))
==
0
||
mg_http_parse_header
(
hdr
,
"response"
,
response
,
sizeof
(
response
))
==
0
||
mg_http_parse_header
(
hdr
,
"uri"
,
uri
,
sizeof
(
uri
))
==
0
||
mg_http_parse_header
(
hdr
,
"uri"
,
uri
,
sizeof
(
uri
))
==
0
||
...
@@ -6991,6 +6990,26 @@ int mg_http_check_digest_auth(struct http_message *hm, const char *auth_domain,
...
@@ -6991,6 +6990,26 @@ int mg_http_check_digest_auth(struct http_message *hm, const char *auth_domain,
return
0
;
return
0
;
}
}
/* NOTE(lsm): due to a bug in MSIE, we do not compare URIs */
return
mg_check_digest_auth
(
hm
->
method
,
mg_mk_str_n
(
hm
->
uri
.
p
,
hm
->
uri
.
len
+
(
hm
->
query_string
.
len
?
hm
->
query_string
.
len
+
1
:
0
)),
mg_mk_str
(
username
),
mg_mk_str
(
cnonce
),
mg_mk_str
(
response
),
mg_mk_str
(
qop
),
mg_mk_str
(
nc
),
mg_mk_str
(
nonce
),
mg_mk_str
(
auth_domain
),
fp
);
}
int
mg_check_digest_auth
(
struct
mg_str
method
,
struct
mg_str
uri
,
struct
mg_str
username
,
struct
mg_str
cnonce
,
struct
mg_str
response
,
struct
mg_str
qop
,
struct
mg_str
nc
,
struct
mg_str
nonce
,
struct
mg_str
auth_domain
,
FILE
*
fp
)
{
char
buf
[
128
],
f_user
[
sizeof
(
buf
)],
f_ha1
[
sizeof
(
buf
)],
f_domain
[
sizeof
(
buf
)];
char
expected_response
[
33
];
/*
/*
* Read passwords file line by line. If should have htdigest format,
* Read passwords file line by line. If should have htdigest format,
* i.e. each line should be a colon-separated sequence:
* i.e. each line should be a colon-separated sequence:
...
@@ -6998,18 +7017,16 @@ int mg_http_check_digest_auth(struct http_message *hm, const char *auth_domain,
...
@@ -6998,18 +7017,16 @@ int mg_http_check_digest_auth(struct http_message *hm, const char *auth_domain,
*/
*/
while
(
fgets
(
buf
,
sizeof
(
buf
),
fp
)
!=
NULL
)
{
while
(
fgets
(
buf
,
sizeof
(
buf
),
fp
)
!=
NULL
)
{
if
(
sscanf
(
buf
,
"%[^:]:%[^:]:%s"
,
f_user
,
f_domain
,
f_ha1
)
==
3
&&
if
(
sscanf
(
buf
,
"%[^:]:%[^:]:%s"
,
f_user
,
f_domain
,
f_ha1
)
==
3
&&
strcmp
(
user
,
f_user
)
==
0
&&
mg_vcmp
(
&
username
,
f_user
)
==
0
&&
/* NOTE(lsm): due to a bug in MSIE, we do not compare URIs */
mg_vcmp
(
&
auth_domain
,
f_domain
)
==
0
)
{
strcmp
(
auth_domain
,
f_domain
)
==
0
)
{
/* Username and domain matched, check the password */
/* User and domain matched, check the password */
mg_mkmd5resp
(
method
.
p
,
method
.
len
,
uri
.
p
,
uri
.
len
,
f_ha1
,
strlen
(
f_ha1
),
mg_mkmd5resp
(
nonce
.
p
,
nonce
.
len
,
nc
.
p
,
nc
.
len
,
cnonce
.
p
,
cnonce
.
len
,
hm
->
method
.
p
,
hm
->
method
.
len
,
hm
->
uri
.
p
,
qop
.
p
,
qop
.
len
,
expected_response
);
hm
->
uri
.
len
+
(
hm
->
query_string
.
len
?
hm
->
query_string
.
len
+
1
:
0
),
f_ha1
,
strlen
(
f_ha1
),
nonce
,
strlen
(
nonce
),
nc
,
strlen
(
nc
),
cnonce
,
strlen
(
cnonce
),
qop
,
strlen
(
qop
),
expected_response
);
LOG
(
LL_DEBUG
,
LOG
(
LL_DEBUG
,
(
"%s %s %s %s"
,
user
,
f_domain
,
response
,
expected_response
));
(
"%.*s %s %.*s %s"
,
(
int
)
username
.
len
,
username
.
p
,
f_domain
,
return
mg_casecmp
(
response
,
expected_response
)
==
0
;
(
int
)
response
.
len
,
response
.
p
,
expected_response
));
return
mg_ncasecmp
(
response
.
p
,
expected_response
,
response
.
len
)
==
0
;
}
}
}
}
...
...
mongoose.h
View file @
d4b55c4c
...
@@ -4870,6 +4870,18 @@ void mg_register_http_endpoint_opt(struct mg_connection *nc,
...
@@ -4870,6 +4870,18 @@ void mg_register_http_endpoint_opt(struct mg_connection *nc,
int
mg_http_check_digest_auth
(
struct
http_message
*
hm
,
const
char
*
auth_domain
,
int
mg_http_check_digest_auth
(
struct
http_message
*
hm
,
const
char
*
auth_domain
,
FILE
*
fp
);
FILE
*
fp
);
/*
* Authenticates given response params against an opened password file.
* Returns 1 if authenticated, 0 otherwise.
*
* It's used by mg_http_check_digest_auth().
*/
int
mg_check_digest_auth
(
struct
mg_str
method
,
struct
mg_str
uri
,
struct
mg_str
username
,
struct
mg_str
cnonce
,
struct
mg_str
response
,
struct
mg_str
qop
,
struct
mg_str
nc
,
struct
mg_str
nonce
,
struct
mg_str
auth_domain
,
FILE
*
fp
);
/*
/*
* Sends buffer `buf` of size `len` to the client using chunked HTTP encoding.
* Sends buffer `buf` of size `len` to the client using chunked HTTP encoding.
* This function sends the buffer size as hex number + newline first, then
* This function sends the buffer size as hex number + newline first, then
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment