[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] branch master updated (171e6d05 -> cd5ad7aa)
|
From: |
gnunet |
|
Subject: |
[libmicrohttpd] branch master updated (171e6d05 -> cd5ad7aa) |
|
Date: |
Fri, 06 May 2022 21:22:10 +0200 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a change to branch master
in repository libmicrohttpd.
from 171e6d05 mhd_bithelpers: fixed handling of zero bits rotate
new 4b3895dd digestauth: added check for valid nonce format in the
nonce-nc map
new 82ff096d Added one more fallback for unique nonce generation
new c6580107 MHD_get_master(): moved to the header, simplified
new cd5ad7aa digestauth: always use master daemon only
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/microhttpd/daemon.c | 25 +++++++++----------------
src/microhttpd/digestauth.c | 21 ++++++++++++++-------
src/microhttpd/internal.h | 22 ++++++++++++++++++++++
3 files changed, 45 insertions(+), 23 deletions(-)
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 78a112aa..6b7d8355 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -218,22 +218,6 @@ MHD_free (void *ptr)
}
-/**
- * Trace up to and return master daemon. If the supplied daemon
- * is a master, then return the daemon itself.
- *
- * @param daemon handle to a daemon
- * @return master daemon handle
- */
-static struct MHD_Daemon *
-MHD_get_master (struct MHD_Daemon *daemon)
-{
- while (NULL != daemon->master)
- daemon = daemon->master;
- return daemon;
-}
-
-
/**
* Maintain connection count for single address.
*/
@@ -7497,6 +7481,15 @@ MHD_start_daemon_va (unsigned int flags,
MHD_mutex_destroy_chk_ (&d->new_connections_mutex);
goto thread_failed;
}
+ /* Some members must be used only in master daemon */
+#ifdef DAUTH_SUPPORT
+ d->nnc = NULL;
+ d->nonce_nc_size = 0;
+#if defined(MHD_USE_THREADS)
+ memset (d->nnc_lock, 1, sizeof(daemon->nnc_lock));
+#endif /* MHD_USE_THREADS */
+#endif /* DAUTH_SUPPORT */
+
/* Spawn the worker thread */
if (! MHD_create_named_thread_ (&d->pid,
diff --git a/src/microhttpd/digestauth.c b/src/microhttpd/digestauth.c
index 11512db0..a92d99ed 100644
--- a/src/microhttpd/digestauth.c
+++ b/src/microhttpd/digestauth.c
@@ -590,7 +590,7 @@ check_nonce_nc (struct MHD_Connection *connection,
size_t noncelen,
uint64_t nc)
{
- struct MHD_Daemon *daemon = connection->daemon;
+ struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);
struct MHD_NonceNc *nn;
uint32_t mod;
bool ret;
@@ -859,6 +859,11 @@ is_slot_available (const struct MHD_NonceNc *const nn,
return true; /* Client already used the nonce in this slot at least
one time, re-use the slot */
+ /* The nonce must be zero-terminated */
+ mhd_assert (0 == nn->nonce[sizeof(nn->nonce) - 1]);
+ if (0 != nn->nonce[sizeof(nn->nonce) - 1])
+ return true; /* Wrong nonce format in the slot */
+
timestamp_valid = get_nonce_timestamp (nn->nonce, 0, ×tamp);
mhd_assert (timestamp_valid);
if (! timestamp_valid)
@@ -891,7 +896,7 @@ calculate_add_nonce (struct MHD_Connection *const
connection,
struct DigestAlgorithm *da,
char *nonce)
{
- struct MHD_Daemon *const daemon = connection->daemon;
+ struct MHD_Daemon *const daemon = MHD_get_master (connection->daemon);
struct MHD_NonceNc *nn;
const size_t nonce_size = NONCE_STD_LEN (da->digest_size);
bool ret;
@@ -901,8 +906,8 @@ calculate_add_nonce (struct MHD_Connection *const
connection,
calculate_nonce (timestamp,
connection->method,
- connection->daemon->digest_auth_random,
- connection->daemon->digest_auth_rand_size,
+ daemon->digest_auth_random,
+ daemon->digest_auth_rand_size,
connection->url,
realm,
da,
@@ -964,7 +969,7 @@ calculate_add_nonce_with_retry (struct MHD_Connection
*const connection,
const size_t digest_size = da->digest_size;
char nonce2[NONCE_STD_LEN (VLA_ARRAY_LEN_DIGEST (digest_size)) + 1];
uint64_t timestamp2;
- if (0 == connection->daemon->nonce_nc_size)
+ if (0 == MHD_get_master (connection->daemon)->nonce_nc_size)
return false; /* No need to re-try */
timestamp2 = MHD_monotonic_msec_counter ();
@@ -987,6 +992,8 @@ calculate_add_nonce_with_retry (struct MHD_Connection
*const connection,
base3 = ((uint16_t) (base2 >> 16)) ^ ((uint16_t) base2);
base4 = ((uint8_t) (base3 >> 8)) ^ ((uint8_t) base3);
timestamp2 -= (base4 & 0x7f); /* Use up to 127 ms difference */
+ if (timestamp1 == timestamp2)
+ timestamp2 -= 2;
}
if (! calculate_add_nonce (connection, timestamp2, realm, da, nonce2))
{
@@ -1135,7 +1142,7 @@ digest_auth_check_all (struct MHD_Connection *connection,
const uint8_t *digest,
unsigned int nonce_timeout)
{
- struct MHD_Daemon *daemon = connection->daemon;
+ struct MHD_Daemon *daemon = MHD_get_master (connection->daemon);
size_t len;
const char *header;
char nonce[MAX_NONCE_LENGTH];
@@ -1648,7 +1655,7 @@ MHD_queue_auth_fail_response2 (struct MHD_Connection
*connection,
if (NULL == response)
return MHD_NO;
- if (0 == connection->daemon->nonce_nc_size)
+ if (0 == MHD_get_master (connection->daemon)->nonce_nc_size)
{
#ifdef HAVE_MESSAGES
MHD_DLOG (connection->daemon,
diff --git a/src/microhttpd/internal.h b/src/microhttpd/internal.h
index ce852fd9..829f225d 100644
--- a/src/microhttpd/internal.h
+++ b/src/microhttpd/internal.h
@@ -2441,3 +2441,25 @@ void
internal_suspend_connection_ (struct MHD_Connection *connection);
#endif
+
+
+/**
+ * Trace up to and return master daemon. If the supplied daemon
+ * is a master, then return the daemon itself.
+ *
+ * @param daemon handle to a daemon
+ * @return master daemon handle
+ */
+_MHD_static_inline struct MHD_Daemon *
+MHD_get_master (struct MHD_Daemon *const daemon)
+{
+ struct MHD_Daemon *ret;
+
+ if (NULL != daemon->master)
+ ret = daemon->master;
+ else
+ ret = daemon;
+ mhd_assert (NULL == ret->master);
+
+ return ret;
+}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (171e6d05 -> cd5ad7aa),
gnunet <=