diff options
| author | Maxim Yurchuk <maxim-yurchuk@ydb.tech> | 2024-10-18 20:31:38 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-10-18 20:31:38 +0300 |
| commit | 2a74bac2d2d3bccb4e10120f1ead805640ec9dd0 (patch) | |
| tree | 047e4818ced5aaf73f58517629e5260b5291f9f0 /contrib/libs/curl/lib/vauth/digest.c | |
| parent | 2d9656823e9521d8c29ea4c9a1d0eab78391abfc (diff) | |
| parent | 3d834a1923bbf9403cd4a448e7f32b670aa4124f (diff) | |
| download | ydb-2a74bac2d2d3bccb4e10120f1ead805640ec9dd0.tar.gz | |
Merge pull request #10502 from ydb-platform/mergelibs-241016-1210
Library import 241016-1210
Diffstat (limited to 'contrib/libs/curl/lib/vauth/digest.c')
| -rw-r--r-- | contrib/libs/curl/lib/vauth/digest.c | 93 |
1 files changed, 28 insertions, 65 deletions
diff --git a/contrib/libs/curl/lib/vauth/digest.c b/contrib/libs/curl/lib/vauth/digest.c index 4fc5b1c28f..416da0fcc7 100644 --- a/contrib/libs/curl/lib/vauth/digest.c +++ b/contrib/libs/curl/lib/vauth/digest.c @@ -38,7 +38,6 @@ #include "curl_hmac.h" #include "curl_md5.h" #include "curl_sha256.h" -#include "curl_sha512_256.h" #include "vtls/vtls.h" #include "warnless.h" #include "strtok.h" @@ -103,7 +102,7 @@ bool Curl_auth_digest_get_pair(const char *str, char *value, char *content, case ',': if(!starts_with_quote) { - /* This signals the end of the content if we did not get a starting + /* This signals the end of the content if we didn't get a starting quote and then we do "sloppy" parsing */ c = 0; /* the end */ continue; @@ -142,7 +141,7 @@ bool Curl_auth_digest_get_pair(const char *str, char *value, char *content, } #if !defined(USE_WINDOWS_SSPI) -/* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ASCII string */ +/* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ascii string */ static void auth_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ unsigned char *dest) /* 33 bytes */ { @@ -151,7 +150,7 @@ static void auth_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ msnprintf((char *) &dest[i * 2], 3, "%02x", source[i]); } -/* Convert sha256 or SHA-512/256 chunk to RFC7616 -suitable ASCII string */ +/* Convert sha256 chunk to RFC7616 -suitable ascii string */ static void auth_digest_sha256_to_ascii(unsigned char *source, /* 32 bytes */ unsigned char *dest) /* 65 bytes */ { @@ -288,7 +287,7 @@ static CURLcode auth_decode_digest_md5_message(const struct bufref *chlgref, /* Retrieve realm string from the challenge */ if(!auth_digest_get_key_value(chlg, "realm=\"", realm, rlen, '\"')) { /* Challenge does not have a realm, set empty string [RFC2831] page 6 */ - *realm = '\0'; + strcpy(realm, ""); } /* Retrieve algorithm string from the challenge */ @@ -326,7 +325,7 @@ bool Curl_auth_is_digest_supported(void) * * data [in] - The session handle. * chlg [in] - The challenge message. - * userp [in] - The username. + * userp [in] - The user name. * passwdp [in] - The user's password. * service [in] - The service type such as http, smtp, pop or imap. * out [out] - The result storage. @@ -602,20 +601,10 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, digest->algo = ALGO_SHA256; else if(strcasecompare(content, "SHA-256-SESS")) digest->algo = ALGO_SHA256SESS; - else if(strcasecompare(content, "SHA-512-256")) { -#ifdef CURL_HAVE_SHA512_256 + else if(strcasecompare(content, "SHA-512-256")) digest->algo = ALGO_SHA512_256; -#else /* ! CURL_HAVE_SHA512_256 */ - return CURLE_NOT_BUILT_IN; -#endif /* ! CURL_HAVE_SHA512_256 */ - } - else if(strcasecompare(content, "SHA-512-256-SESS")) { -#ifdef CURL_HAVE_SHA512_256 + else if(strcasecompare(content, "SHA-512-256-SESS")) digest->algo = ALGO_SHA512_256SESS; -#else /* ! CURL_HAVE_SHA512_256 */ - return CURLE_NOT_BUILT_IN; -#endif /* ! CURL_HAVE_SHA512_256 */ - } else return CURLE_BAD_CONTENT_ENCODING; } @@ -629,7 +618,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, } } else - break; /* We are done here */ + break; /* We're done here */ /* Pass all additional spaces here */ while(*chlg && ISBLANK(*chlg)) @@ -646,7 +635,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, if(before && !digest->stale) return CURLE_BAD_CONTENT_ENCODING; - /* We got this header without a nonce, that is a bad Digest line! */ + /* We got this header without a nonce, that's a bad Digest line! */ if(!digest->nonce) return CURLE_BAD_CONTENT_ENCODING; @@ -666,7 +655,7 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg, * Parameters: * * data [in] - The session handle. - * userp [in] - The username. + * userp [in] - The user name. * passwdp [in] - The user's password. * request [in] - The HTTP request. * uripath [in] - The path of the HTTP uri. @@ -728,10 +717,8 @@ static CURLcode auth_create_digest_http_message( if(!hashthis) return CURLE_OUT_OF_MEMORY; - result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); - if(result) - return result; convert_to_ascii(hashbuf, (unsigned char *)userh); } @@ -751,10 +738,8 @@ static CURLcode auth_create_digest_http_message( if(!hashthis) return CURLE_OUT_OF_MEMORY; - result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); - if(result) - return result; convert_to_ascii(hashbuf, ha1); if(digest->algo & SESSION_ALGO) { @@ -763,10 +748,8 @@ static CURLcode auth_create_digest_http_message( if(!tmp) return CURLE_OUT_OF_MEMORY; - result = hash(hashbuf, (unsigned char *) tmp, strlen(tmp)); + hash(hashbuf, (unsigned char *) tmp, strlen(tmp)); free(tmp); - if(result) - return result; convert_to_ascii(hashbuf, ha1); } @@ -788,15 +771,11 @@ static CURLcode auth_create_digest_http_message( return CURLE_OUT_OF_MEMORY; if(digest->qop && strcasecompare(digest->qop, "auth-int")) { - /* We do not support auth-int for PUT or POST */ + /* We don't support auth-int for PUT or POST */ char hashed[65]; char *hashthis2; - result = hash(hashbuf, (const unsigned char *)"", 0); - if(result) { - free(hashthis); - return result; - } + hash(hashbuf, (const unsigned char *)"", 0); convert_to_ascii(hashbuf, (unsigned char *)hashed); hashthis2 = aprintf("%s:%s", hashthis, hashed); @@ -807,10 +786,8 @@ static CURLcode auth_create_digest_http_message( if(!hashthis) return CURLE_OUT_OF_MEMORY; - result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); - if(result) - return result; convert_to_ascii(hashbuf, ha2); if(digest->qop) { @@ -824,10 +801,8 @@ static CURLcode auth_create_digest_http_message( if(!hashthis) return CURLE_OUT_OF_MEMORY; - result = hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); + hash(hashbuf, (unsigned char *) hashthis, strlen(hashthis)); free(hashthis); - if(result) - return result; convert_to_ascii(hashbuf, request_digest); /* For test case 64 (snooped from a Mozilla 1.3a request) @@ -835,12 +810,12 @@ static CURLcode auth_create_digest_http_message( Authorization: Digest username="testuser", realm="testrealm", \ nonce="1053604145", uri="/64", response="c55f7f30d83d774a3d2dcacf725abaca" - Digest parameters are all quoted strings. Username which is provided by + Digest parameters are all quoted strings. Username which is provided by the user will need double quotes and backslashes within it escaped. realm, nonce, and opaque will need backslashes as well as they were - de-escaped when copied from request header. cnonce is generated with - web-safe characters. uri is already percent encoded. nc is 8 hex - characters. algorithm and qop with standard values only contain web-safe + de-escaped when copied from request header. cnonce is generated with + web-safe characters. uri is already percent encoded. nc is 8 hex + characters. algorithm and qop with standard values only contain web-safe characters. */ userp_quoted = auth_digest_string_quoted(digest->userhash ? userh : userp); @@ -957,7 +932,7 @@ static CURLcode auth_create_digest_http_message( * Parameters: * * data [in] - The session handle. - * userp [in] - The username. + * userp [in] - The user name. * passwdp [in] - The user's password. * request [in] - The HTTP request. * uripath [in] - The path of the HTTP uri. @@ -982,24 +957,12 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data, outptr, outlen, auth_digest_md5_to_ascii, Curl_md5it); - - if(digest->algo <= ALGO_SHA256SESS) - return auth_create_digest_http_message(data, userp, passwdp, - request, uripath, digest, - outptr, outlen, - auth_digest_sha256_to_ascii, - Curl_sha256it); -#ifdef CURL_HAVE_SHA512_256 - if(digest->algo <= ALGO_SHA512_256SESS) - return auth_create_digest_http_message(data, userp, passwdp, - request, uripath, digest, - outptr, outlen, - auth_digest_sha256_to_ascii, - Curl_sha512_256it); -#endif /* CURL_HAVE_SHA512_256 */ - - /* Should be unreachable */ - return CURLE_BAD_CONTENT_ENCODING; + DEBUGASSERT(digest->algo <= ALGO_SHA512_256SESS); + return auth_create_digest_http_message(data, userp, passwdp, + request, uripath, digest, + outptr, outlen, + auth_digest_sha256_to_ascii, + Curl_sha256it); } /* |