From 2c8516737f741f216377c5ea09ee44f1eb172496 Mon Sep 17 00:00:00 2001 From: Christoph Huber Date: Wed, 20 Sep 2023 08:26:00 +0200 Subject: [PATCH] httpauth: save cnonce and nc as uint32_t in struct. --- include/re_httpauth.h | 4 ++-- src/httpauth/digest.c | 52 +++++++++---------------------------------- 2 files changed, 12 insertions(+), 44 deletions(-) diff --git a/include/re_httpauth.h b/include/re_httpauth.h index 83fbebf45..758a90862 100644 --- a/include/re_httpauth.h +++ b/include/re_httpauth.h @@ -47,8 +47,8 @@ struct httpauth_digest_enc_resp { char *username; char *username_star; char *uri; - char *cnonce; - char *nc; + uint32_t cnonce; + uint32_t nc; /* optional */ char *charset; diff --git a/src/httpauth/digest.c b/src/httpauth/digest.c index 73aa9e50a..06e4d90ab 100644 --- a/src/httpauth/digest.c +++ b/src/httpauth/digest.c @@ -628,8 +628,6 @@ static void httpauth_digest_response_destructor(void *arg) mem_deref(resp->username); mem_deref(resp->username_star); mem_deref(resp->uri); - mem_deref(resp->cnonce); - mem_deref(resp->nc); mem_deref(resp->charset); } @@ -724,7 +722,7 @@ static int digest_response(struct httpauth_digest_enc_resp *resp, mbuf_rewind(mb); if (str_str(resp->algorithm, "-sess")) { - err = mbuf_printf(mb, "%w:%s:%s", + err = mbuf_printf(mb, "%w:%s:%08x", hash1, resp->hash_length, resp->nonce, resp->cnonce); if (err) goto out; @@ -735,7 +733,7 @@ static int digest_response(struct httpauth_digest_enc_resp *resp, /* DIGEST */ if (str_isset(resp->qop)) { - err = mbuf_printf(mb, "%w:%s:%s:%s:%s:%w", + err = mbuf_printf(mb, "%w:%s:%08x:%08x:%s:%w", hash1, resp->hash_length, resp->nonce, resp->nc, resp->cnonce, resp->qop, hash2, resp->hash_length); } @@ -794,7 +792,7 @@ int httpauth_digest_response_print(struct re_printf *pf, if (str_isset(resp->algorithm)) err |= re_hprintf(pf, ", algorithm=%s", resp->algorithm); if (str_isset(resp->qop)) - err |= re_hprintf(pf, ", qop=%s, cnonce=\"%s\", nc=\"%s\"", + err |= re_hprintf(pf, ", qop=%s, cnonce=\"%08x\", nc=\"%08x\"", resp->qop, resp->cnonce, resp->nc); if (resp->userhash) @@ -826,28 +824,14 @@ int httpauth_digest_response_set_cnonce(struct httpauth_digest_enc_resp *resp, const char *user, const char *passwd, const char *entitybody, uint32_t cnonce, uint32_t nonce_counter) { - int err = 0, n = 0; - if (!resp || !chall || !method || !passwd) return EINVAL; - n = re_snprintf(resp->cnonce, CNONCE_NC_SIZE, "%08x", cnonce); - if (n == -1 || n != CNONCE_NC_SIZE -1) { - err = ERANGE; - goto out; - } + resp->cnonce = cnonce; + resp->nc = nonce_counter; - n = re_snprintf(resp->nc, CNONCE_NC_SIZE, "%08x", nonce_counter); - if (n == -1 || n != CNONCE_NC_SIZE -1) { - err = ERANGE; - goto out; - } - - err = digest_response(resp, chall, method, + return digest_response(resp, chall, method, user, passwd, entitybody); - -out: - return err; } @@ -897,8 +881,7 @@ int httpauth_digest_response_full(struct httpauth_digest_enc_resp **presp, const char *entitybody, const char *charset, const bool userhash) { struct httpauth_digest_enc_resp *resp = NULL; - uint32_t cnonce = rand_u32(); - int err = 0, n = 0; + int err = 0; if (!presp || !chall || !method || !uri || !user || !passwd) return EINVAL; @@ -908,12 +891,9 @@ int httpauth_digest_response_full(struct httpauth_digest_enc_resp **presp, return ENOMEM; } - resp->cnonce = mem_zalloc(CNONCE_NC_SIZE, NULL); - resp->nc = mem_zalloc(CNONCE_NC_SIZE, NULL); - if (!resp->cnonce || !resp->nc) { - err = ENOMEM; - goto out; - } + /* create cnonce & nonce count */ + resp->cnonce = rand_u32(); + resp->nc = nc++; /* copy fields */ err = pl_strdup(&resp->realm, &chall->realm); @@ -960,18 +940,6 @@ int httpauth_digest_response_full(struct httpauth_digest_enc_resp **presp, if (err) goto out; - n = re_snprintf(resp->cnonce, CNONCE_NC_SIZE, "%08x", cnonce); - if (n == -1 || n != CNONCE_NC_SIZE -1) { - err = ERANGE; - goto out; - } - - n = re_snprintf(resp->nc, CNONCE_NC_SIZE, "%08x", nc++); - if (n == -1 || n != CNONCE_NC_SIZE -1) { - err = ERANGE; - goto out; - } - if (pl_strstr(&chall->algorithm, "SHA-256-sess")) { resp->hashh = &sha256; resp->hash_length = SHA256_DIGEST_LENGTH;