diff options
| author | Brad King <brad.king@kitware.com> | 2020-03-04 19:34:39 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2020-03-04 19:34:39 (GMT) |
| commit | d61c3bd50520ce0179f52a129d5c660aebad88ba (patch) | |
| tree | 4476c31b8b03de36811d94b5d9282318e84784b2 /Utilities/cmcurl/lib/vauth/digest.c | |
| parent | 84dc14a967b78431c95ed3203e5dd301b6897267 (diff) | |
| parent | 735ea3001ae98636a4cb7caf15a40960c0da39a1 (diff) | |
| download | CMake-d61c3bd50520ce0179f52a129d5c660aebad88ba.zip CMake-d61c3bd50520ce0179f52a129d5c660aebad88ba.tar.gz CMake-d61c3bd50520ce0179f52a129d5c660aebad88ba.tar.bz2 | |
Merge branch 'upstream-curl' into update-curl
* upstream-curl:
curl 2020-03-04 (b8d13668)
Diffstat (limited to 'Utilities/cmcurl/lib/vauth/digest.c')
| -rw-r--r-- | Utilities/cmcurl/lib/vauth/digest.c | 85 |
1 files changed, 39 insertions, 46 deletions
diff --git a/Utilities/cmcurl/lib/vauth/digest.c b/Utilities/cmcurl/lib/vauth/digest.c index f9cdc9d..a883570 100644 --- a/Utilities/cmcurl/lib/vauth/digest.c +++ b/Utilities/cmcurl/lib/vauth/digest.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -62,7 +62,7 @@ what ultimately goes over the network. */ #define CURL_OUTPUT_DIGEST_CONV(a, b) \ - result = Curl_convert_to_network(a, (char *)b, strlen((const char *)b)); \ + result = Curl_convert_to_network(a, b, strlen(b)); \ if(result) { \ free(b); \ return result; \ @@ -357,7 +357,6 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, const char *service, char **outptr, size_t *outlen) { - CURLcode result = CURLE_OK; size_t i; MD5_context *ctxt; char *response = NULL; @@ -377,10 +376,12 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, char *spn = NULL; /* Decode the challenge message */ - result = auth_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), - realm, sizeof(realm), - algorithm, sizeof(algorithm), - qop_options, sizeof(qop_options)); + CURLcode result = auth_decode_digest_md5_message(chlg64, nonce, + sizeof(nonce), realm, + sizeof(realm), algorithm, + sizeof(algorithm), + qop_options, + sizeof(qop_options)); if(result) return result; @@ -659,7 +660,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, } /* - * _Curl_auth_create_digest_http_message() + * auth_create_digest_http_message() * * This is used to generate a HTTP DIGEST response message ready for sending * to the recipient. @@ -678,7 +679,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, * * Returns CURLE_OK on success. */ -static CURLcode _Curl_auth_create_digest_http_message( +static CURLcode auth_create_digest_http_message( struct Curl_easy *data, const char *userp, const char *passwdp, @@ -687,12 +688,12 @@ static CURLcode _Curl_auth_create_digest_http_message( struct digestdata *digest, char **outptr, size_t *outlen, void (*convert_to_ascii)(unsigned char *, unsigned char *), - void (*hash)(unsigned char *, const unsigned char *)) + void (*hash)(unsigned char *, const unsigned char *, + const size_t)) { CURLcode result; unsigned char hashbuf[32]; /* 32 bytes/256 bits */ unsigned char request_digest[65]; - unsigned char *hashthis; unsigned char ha1[65]; /* 64 digits and 1 zero byte */ unsigned char ha2[65]; /* 64 digits and 1 zero byte */ char userh[65]; @@ -700,6 +701,7 @@ static CURLcode _Curl_auth_create_digest_http_message( size_t cnonce_sz = 0; char *userp_quoted; char *response = NULL; + char *hashthis = NULL; char *tmp = NULL; if(!digest->nc) @@ -721,12 +723,12 @@ static CURLcode _Curl_auth_create_digest_http_message( } if(digest->userhash) { - hashthis = (unsigned char *) aprintf("%s:%s", userp, digest->realm); + hashthis = aprintf("%s:%s", userp, digest->realm); if(!hashthis) return CURLE_OUT_OF_MEMORY; CURL_OUTPUT_DIGEST_CONV(data, hashthis); - hash(hashbuf, hashthis); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); convert_to_ascii(hashbuf, (unsigned char *)userh); } @@ -742,14 +744,13 @@ static CURLcode _Curl_auth_create_digest_http_message( unq(nonce-value) ":" unq(cnonce-value) */ - hashthis = (unsigned char *) - aprintf("%s:%s:%s", digest->userhash ? userh : userp, - digest->realm, passwdp); + hashthis = aprintf("%s:%s:%s", digest->userhash ? userh : userp, + digest->realm, passwdp); if(!hashthis) return CURLE_OUT_OF_MEMORY; CURL_OUTPUT_DIGEST_CONV(data, hashthis); /* convert on non-ASCII machines */ - hash(hashbuf, hashthis); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); convert_to_ascii(hashbuf, ha1); @@ -762,7 +763,7 @@ static CURLcode _Curl_auth_create_digest_http_message( return CURLE_OUT_OF_MEMORY; CURL_OUTPUT_DIGEST_CONV(data, tmp); /* Convert on non-ASCII machines */ - hash(hashbuf, (unsigned char *) tmp); + hash(hashbuf, (unsigned char *) tmp, strlen(tmp)); free(tmp); convert_to_ascii(hashbuf, ha1); } @@ -780,19 +781,19 @@ static CURLcode _Curl_auth_create_digest_http_message( 5.1.1 of RFC 2616) */ - hashthis = (unsigned char *) aprintf("%s:%s", request, uripath); + hashthis = aprintf("%s:%s", request, uripath); if(!hashthis) return CURLE_OUT_OF_MEMORY; if(digest->qop && strcasecompare(digest->qop, "auth-int")) { /* We don't support auth-int for PUT or POST */ char hashed[65]; - unsigned char *hashthis2; + char *hashthis2; - hash(hashbuf, (const unsigned char *)""); + hash(hashbuf, (const unsigned char *)"", 0); convert_to_ascii(hashbuf, (unsigned char *)hashed); - hashthis2 = (unsigned char *)aprintf("%s:%s", hashthis, hashed); + hashthis2 = aprintf("%s:%s", hashthis, hashed); free(hashthis); hashthis = hashthis2; } @@ -801,31 +802,23 @@ static CURLcode _Curl_auth_create_digest_http_message( return CURLE_OUT_OF_MEMORY; CURL_OUTPUT_DIGEST_CONV(data, hashthis); /* convert on non-ASCII machines */ - hash(hashbuf, hashthis); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); convert_to_ascii(hashbuf, ha2); if(digest->qop) { - hashthis = (unsigned char *) aprintf("%s:%s:%08x:%s:%s:%s", - ha1, - digest->nonce, - digest->nc, - digest->cnonce, - digest->qop, - ha2); + hashthis = aprintf("%s:%s:%08x:%s:%s:%s", ha1, digest->nonce, digest->nc, + digest->cnonce, digest->qop, ha2); } else { - hashthis = (unsigned char *) aprintf("%s:%s:%s", - ha1, - digest->nonce, - ha2); + hashthis = aprintf("%s:%s:%s", ha1, digest->nonce, ha2); } if(!hashthis) return CURLE_OUT_OF_MEMORY; CURL_OUTPUT_DIGEST_CONV(data, hashthis); /* convert on non-ASCII machines */ - hash(hashbuf, hashthis); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); convert_to_ascii(hashbuf, request_digest); @@ -898,7 +891,7 @@ static CURLcode _Curl_auth_create_digest_http_message( if(digest->algorithm) { /* Append the algorithm */ - tmp = aprintf("%s, algorithm=\"%s\"", response, digest->algorithm); + tmp = aprintf("%s, algorithm=%s", response, digest->algorithm); free(response); if(!tmp) return CURLE_OUT_OF_MEMORY; @@ -954,21 +947,21 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, switch(digest->algo) { case CURLDIGESTALGO_MD5: case CURLDIGESTALGO_MD5SESS: - return _Curl_auth_create_digest_http_message(data, userp, passwdp, - request, uripath, digest, - outptr, outlen, - auth_digest_md5_to_ascii, - Curl_md5it); + return auth_create_digest_http_message(data, userp, passwdp, + request, uripath, digest, + outptr, outlen, + auth_digest_md5_to_ascii, + Curl_md5it); case CURLDIGESTALGO_SHA256: case CURLDIGESTALGO_SHA256SESS: case CURLDIGESTALGO_SHA512_256: case CURLDIGESTALGO_SHA512_256SESS: - return _Curl_auth_create_digest_http_message(data, userp, passwdp, - request, uripath, digest, - outptr, outlen, - auth_digest_sha256_to_ascii, - Curl_sha256it); + return auth_create_digest_http_message(data, userp, passwdp, + request, uripath, digest, + outptr, outlen, + auth_digest_sha256_to_ascii, + Curl_sha256it); default: return CURLE_UNSUPPORTED_PROTOCOL; |