[libmicrohttpd] branch master updated (c375e5aa -> abe138ee)

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libmicrohttpd] branch master updated (c375e5aa -> abe138ee)

From:	gnunet
Subject:	[libmicrohttpd] branch master updated (c375e5aa -> abe138ee)
Date:	Tue, 07 Jun 2022 19:23:29 +0200

This is an automated email from the git hooks/post-receive script.

karlson2k pushed a change to branch master
in repository libmicrohttpd.

    from c375e5aa Partial revert of 82abaee62f000d379646ee412af45a1f8a1ddc87
     new 2d551c42 Added TODO comment
     new abe138ee Fixed wrong usage of maximum client nonce size as maximum 
size of server nonce

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 src/microhttpd/connection.c |  3 ++-
 src/microhttpd/digestauth.c |  8 ++++----
 src/microhttpd/internal.h   | 12 ++++++++++--
 3 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/src/microhttpd/connection.c b/src/microhttpd/connection.c
index 32911327..2d58e35c 100644
--- a/src/microhttpd/connection.c
+++ b/src/microhttpd/connection.c
@@ -3116,7 +3116,8 @@ parse_cookie_header (struct MHD_Connection *connection)
           hdr_len);
   cpy[hdr_len] = '\0';
 
-  strict_parsing = (1 == connection->daemon->strict_for_client);
+  /* TODO: add individual configuration */
+  strict_parsing = (0 < connection->daemon->strict_for_client);
   i = 0;
   /* Skip all initial whitespaces */
   while (i < hdr_len && (' ' == cpy[i] || '\t' == cpy[i]))
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index c3717d47..890fc129 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -751,7 +751,7 @@ check_nonce_nc (struct MHD_Connection *connection,
   mhd_assert (0 != noncelen);
   mhd_assert (strlen (nonce) == noncelen);
   mhd_assert (0 != nc);
-  if (MAX_NONCE_LENGTH < noncelen)
+  if (MAX_DIGEST_NONCE_LENGTH < noncelen)
     return MHD_CHECK_NONCENC_WRONG; /* This should be impossible, but static 
analysis
                       tools have a hard time with it *and* this also
                       protects against unsafe modifications that may
@@ -1010,7 +1010,7 @@ is_slot_available (const struct MHD_NonceNc *const nn,
   uint64_t timestamp;
   bool timestamp_valid;
   mhd_assert (new_nonce_len <= NONCE_STD_LEN (MAX_DIGEST));
-  mhd_assert (NONCE_STD_LEN (MAX_DIGEST) < MAX_NONCE_LENGTH);
+  mhd_assert (NONCE_STD_LEN (MAX_DIGEST) <= MAX_DIGEST_NONCE_LENGTH);
   if (0 == nn->nonce[0])
     return true; /* The slot is empty */
 
@@ -1071,7 +1071,7 @@ calculate_add_nonce (struct MHD_Connection *const 
connection,
   const size_t nonce_size = NONCE_STD_LEN (digest_get_size (da));
   bool ret;
 
-  mhd_assert (MAX_NONCE_LENGTH >= nonce_size);
+  mhd_assert (MAX_DIGEST_NONCE_LENGTH >= nonce_size);
   mhd_assert (0 != nonce_size);
 
   calculate_nonce (timestamp,
@@ -1427,7 +1427,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
                        unsigned int nonce_timeout)
 {
   struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);
-  char cnonce[MAX_NONCE_LENGTH];
+  char cnonce[MAX_CLIENT_NONCE_LENGTH];
   const unsigned int digest_size = digest_get_size (da);
   char ha1[VLA_ARRAY_LEN_DIGEST (digest_size) * 2 + 1];
   char qop[15]; /* auth,auth-int */
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index 4f03b8fc..92fa932b 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -240,8 +240,16 @@ enum MHD_ConnectionEventLoopInfo
  * (already) takes more (see Mantis #1633), so we've increased the
  * value to support something longer...
  */
-#define MAX_NONCE_LENGTH 129
+#define MAX_CLIENT_NONCE_LENGTH 129
 
+/**
+ * The maximum size of MHD-generated nonce when printed with hexadecimal chars.
+ *
+ * This is equal to "(32 bytes for SHA-256 nonce plus 6 bytes for timestamp)
+ * multiplied by two hex chars per byte".
+ * Please keep it in sync with digestauth.c
+ */
+#define MAX_DIGEST_NONCE_LENGTH ((32 + 6) * 2)
 
 /**
  * A structure representing the internal holder of the
@@ -269,7 +277,7 @@ struct MHD_NonceNc
   /**
    * Nonce value:
    */
-  char nonce[MAX_NONCE_LENGTH + 1];
+  char nonce[MAX_DIGEST_NONCE_LENGTH + 1];
 
 };
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libmicrohttpd] branch master updated (c375e5aa -> abe138ee), gnunet <=
- [libmicrohttpd] 01/02: Added TODO comment, gnunet, 2022/06/07
- [libmicrohttpd] 02/02: Fixed wrong usage of maximum client nonce size as maximum size of server nonce, gnunet, 2022/06/07

Prev by Date: [libmicrohttpd] branch master updated: Partial revert of 82abaee62f000d379646ee412af45a1f8a1ddc87
Next by Date: [libmicrohttpd] 01/02: Added TODO comment
Previous by thread: [libmicrohttpd] branch master updated: Partial revert of 82abaee62f000d379646ee412af45a1f8a1ddc87
Next by thread: [libmicrohttpd] 01/02: Added TODO comment
Index(es):
- Date
- Thread