projects
/
platform
/
upstream
/
curl.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Imported Upstream version 7.53.1
[platform/upstream/curl.git]
/
lib
/
vauth
/
digest.c
diff --git
a/lib/vauth/digest.c
b/lib/vauth/digest.c
index
f489840
..
7d9200a
100644
(file)
--- a/
lib/vauth/digest.c
+++ b/
lib/vauth/digest.c
@@
-37,9
+37,10
@@
#include "vtls/vtls.h"
#include "warnless.h"
#include "strtok.h"
#include "vtls/vtls.h"
#include "warnless.h"
#include "strtok.h"
-#include "
rawstr
.h"
+#include "
strcase
.h"
#include "non-ascii.h" /* included for Curl_convert_... prototypes */
#include "curl_printf.h"
#include "non-ascii.h" /* included for Curl_convert_... prototypes */
#include "curl_printf.h"
+#include "rand.h"
/* The last #include files should be: */
#include "curl_memory.h"
/* The last #include files should be: */
#include "curl_memory.h"
@@
-59,7
+60,7
@@
what ultimately goes over the network.
*/
#define CURL_OUTPUT_DIGEST_CONV(a, b) \
what ultimately goes over the network.
*/
#define CURL_OUTPUT_DIGEST_CONV(a, b) \
- result = Curl_convert_to_network(a, (char *)b, strlen((const char*)b)); \
+ result = Curl_convert_to_network(a, (char *)b, strlen((const char
*)b)); \
if(result) { \
free(b); \
return result; \
if(result) { \
free(b); \
return result; \
@@
-217,11
+218,11
@@
static CURLcode auth_digest_get_qop_values(const char *options, int *value)
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
- if(
Curl_raw_equal
(token, DIGEST_QOP_VALUE_STRING_AUTH))
+ if(
strcasecompare
(token, DIGEST_QOP_VALUE_STRING_AUTH))
*value |= DIGEST_QOP_VALUE_AUTH;
*value |= DIGEST_QOP_VALUE_AUTH;
- else if(
Curl_raw_equal
(token, DIGEST_QOP_VALUE_STRING_AUTH_INT))
+ else if(
strcasecompare
(token, DIGEST_QOP_VALUE_STRING_AUTH_INT))
*value |= DIGEST_QOP_VALUE_AUTH_INT;
*value |= DIGEST_QOP_VALUE_AUTH_INT;
- else if(
Curl_raw_equal
(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF))
+ else if(
strcasecompare
(token, DIGEST_QOP_VALUE_STRING_AUTH_CONF))
*value |= DIGEST_QOP_VALUE_AUTH_CONF;
token = strtok_r(NULL, ",", &tok_buf);
*value |= DIGEST_QOP_VALUE_AUTH_CONF;
token = strtok_r(NULL, ",", &tok_buf);
@@
-387,10
+388,9
@@
CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
return CURLE_BAD_CONTENT_ENCODING;
/* Generate 16 bytes of random data */
return CURLE_BAD_CONTENT_ENCODING;
/* Generate 16 bytes of random data */
- entropy[0] = Curl_rand(data);
- entropy[1] = Curl_rand(data);
- entropy[2] = Curl_rand(data);
- entropy[3] = Curl_rand(data);
+ result = Curl_rand(data, &entropy[0], 4);
+ if(result)
+ return result;
/* Convert the random data into a 32 byte hex string */
snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x",
/* Convert the random data into a 32 byte hex string */
snprintf(cnonce, sizeof(cnonce), "%08x%08x%08x%08x",
@@
-538,31
+538,31
@@
CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
/* Extract a value=content pair */
if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) {
/* Extract a value=content pair */
if(Curl_auth_digest_get_pair(chlg, value, content, &chlg)) {
- if(
Curl_raw_equal
(value, "nonce")) {
+ if(
strcasecompare
(value, "nonce")) {
free(digest->nonce);
digest->nonce = strdup(content);
if(!digest->nonce)
return CURLE_OUT_OF_MEMORY;
}
free(digest->nonce);
digest->nonce = strdup(content);
if(!digest->nonce)
return CURLE_OUT_OF_MEMORY;
}
- else if(
Curl_raw_equal
(value, "stale")) {
- if(
Curl_raw_equal
(content, "true")) {
+ else if(
strcasecompare
(value, "stale")) {
+ if(
strcasecompare
(content, "true")) {
digest->stale = TRUE;
digest->nc = 1; /* we make a new nonce now */
}
}
digest->stale = TRUE;
digest->nc = 1; /* we make a new nonce now */
}
}
- else if(
Curl_raw_equal
(value, "realm")) {
+ else if(
strcasecompare
(value, "realm")) {
free(digest->realm);
digest->realm = strdup(content);
if(!digest->realm)
return CURLE_OUT_OF_MEMORY;
}
free(digest->realm);
digest->realm = strdup(content);
if(!digest->realm)
return CURLE_OUT_OF_MEMORY;
}
- else if(
Curl_raw_equal
(value, "opaque")) {
+ else if(
strcasecompare
(value, "opaque")) {
free(digest->opaque);
digest->opaque = strdup(content);
if(!digest->opaque)
return CURLE_OUT_OF_MEMORY;
}
free(digest->opaque);
digest->opaque = strdup(content);
if(!digest->opaque)
return CURLE_OUT_OF_MEMORY;
}
- else if(
Curl_raw_equal
(value, "qop")) {
+ else if(
strcasecompare
(value, "qop")) {
char *tok_buf;
/* Tokenize the list and choose auth if possible, use a temporary
clone of the buffer since strtok_r() ruins it */
char *tok_buf;
/* Tokenize the list and choose auth if possible, use a temporary
clone of the buffer since strtok_r() ruins it */
@@
-572,10
+572,10
@@
CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
token = strtok_r(tmp, ",", &tok_buf);
while(token != NULL) {
- if(
Curl_raw_equal
(token, DIGEST_QOP_VALUE_STRING_AUTH)) {
+ if(
strcasecompare
(token, DIGEST_QOP_VALUE_STRING_AUTH)) {
foundAuth = TRUE;
}
foundAuth = TRUE;
}
- else if(
Curl_raw_equal
(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) {
+ else if(
strcasecompare
(token, DIGEST_QOP_VALUE_STRING_AUTH_INT)) {
foundAuthInt = TRUE;
}
token = strtok_r(NULL, ",", &tok_buf);
foundAuthInt = TRUE;
}
token = strtok_r(NULL, ",", &tok_buf);
@@
-597,15
+597,15
@@
CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
return CURLE_OUT_OF_MEMORY;
}
}
return CURLE_OUT_OF_MEMORY;
}
}
- else if(
Curl_raw_equal
(value, "algorithm")) {
+ else if(
strcasecompare
(value, "algorithm")) {
free(digest->algorithm);
digest->algorithm = strdup(content);
if(!digest->algorithm)
return CURLE_OUT_OF_MEMORY;
free(digest->algorithm);
digest->algorithm = strdup(content);
if(!digest->algorithm)
return CURLE_OUT_OF_MEMORY;
- if(
Curl_raw_equal
(content, "MD5-sess"))
+ if(
strcasecompare
(content, "MD5-sess"))
digest->algo = CURLDIGESTALGO_MD5SESS;
digest->algo = CURLDIGESTALGO_MD5SESS;
- else if(
Curl_raw_equal
(content, "MD5"))
+ else if(
strcasecompare
(content, "MD5"))
digest->algo = CURLDIGESTALGO_MD5;
else
return CURLE_BAD_CONTENT_ENCODING;
digest->algo = CURLDIGESTALGO_MD5;
else
return CURLE_BAD_CONTENT_ENCODING;
@@
-684,9
+684,12
@@
CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
digest->nc = 1;
if(!digest->cnonce) {
digest->nc = 1;
if(!digest->cnonce) {
+ unsigned int rnd[4];
+ result = Curl_rand(data, &rnd[0], 4);
+ if(result)
+ return result;
snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x",
snprintf(cnoncebuf, sizeof(cnoncebuf), "%08x%08x%08x%08x",
- Curl_rand(data), Curl_rand(data),
- Curl_rand(data), Curl_rand(data));
+ rnd[0], rnd[1], rnd[2], rnd[3]);
result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf),
&cnonce, &cnonce_sz);
result = Curl_base64_encode(data, cnoncebuf, strlen(cnoncebuf),
&cnonce, &cnonce_sz);
@@
-744,7
+747,7
@@
CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
md5this = (unsigned char *) aprintf("%s:%s", request, uripath);
md5this = (unsigned char *) aprintf("%s:%s", request, uripath);
- if(digest->qop &&
Curl_raw_equal
(digest->qop, "auth-int")) {
+ if(digest->qop &&
strcasecompare
(digest->qop, "auth-int")) {
/* We don't support auth-int for PUT or POST at the moment.
TODO: replace md5 of empty string with entity-body for PUT/POST */
unsigned char *md5this2 = (unsigned char *)
/* We don't support auth-int for PUT or POST at the moment.
TODO: replace md5 of empty string with entity-body for PUT/POST */
unsigned char *md5this2 = (unsigned char *)
@@
-820,7
+823,7
@@
CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
digest->qop,
request_digest);
digest->qop,
request_digest);
- if(
Curl_raw_equal
(digest->qop, "auth"))
+ if(
strcasecompare
(digest->qop, "auth"))
digest->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0
padded which tells to the server how many times you are
using the same nonce in the qop=auth mode */
digest->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0
padded which tells to the server how many times you are
using the same nonce in the qop=auth mode */