httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ron...@hyperreal.org
Subject cvs commit: apache-1.3/src/modules/experimental mod_auth_digest.c
Date Fri, 13 Aug 1999 07:18:08 GMT
ronald      99/08/13 00:18:08

  Modified:    src/modules/experimental mod_auth_digest.c
  Log:
  - Print out pointer to Rule DEV_RANDOM when truerand lib not found
  - Fix test-compile check to check for randbyte instead of trand32
  - use ap_base64encode_binary/decode instead of our own copy
  - Tweak to make Amaya happier
  
  Revision  Changes    Path
  1.5       +14 -174   apache-1.3/src/modules/experimental/mod_auth_digest.c
  
  Index: mod_auth_digest.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/modules/experimental/mod_auth_digest.c,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- mod_auth_digest.c	1999/08/10 15:47:56	1.4
  +++ mod_auth_digest.c	1999/08/13 07:18:05	1.5
  @@ -95,13 +95,14 @@
   	    RULE_DEV_RANDOM="/dev/urandom"
   	else
   	    RULE_DEV_RANDOM="truerand"
  -	    if helpers/TestCompile func trand32; then
  +	    if helpers/TestCompile func randbyte; then
   		:
  -	    elif helpers/TestCompile lib rand trand32; then
  +	    elif helpers/TestCompile lib rand randbyte; then
   		:
   	    else
   		echo "      (mod_auth_digest) truerand library missing!"
   		echo "** This will most probably defeat successful compilation."
  +		echo "** See Rule DEV_RANDOM in src/Configuration.tmpl for more information."
   	    fi
   	fi
       fi
  @@ -387,7 +388,7 @@
       return;
   
   failed:
  -    if (!client_mm || (client_list &&  client_list->table && !opaque_mm)
  +    if (!client_mm || (client_list && client_list->table && !opaque_mm)
   	|| (opaque_cntr && !otn_count_mm))
   	ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, s,
   		     "Digest: failed to create shared memory segments; reason "
  @@ -605,169 +606,6 @@
   };
   
   
  -/*
  - * base-64 encoding helpers
  - */
  -
  -/* this is copied from util.c, with toascii folded into the table for EBCDIC */
  -static const unsigned char pr2six[256] =
  -{
  -#ifndef CHARSET_EBCDIC
  -    /* ASCII table */
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64, 64, 64, 63,
  -    52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
  -    64,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14,
  -    15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64,
  -    64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
  -    41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64
  -#else /*CHARSET_EBCDIC*/
  -    /* EBCDIC table */
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 62, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 63, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64, 26, 27, 28, 29, 30, 31, 32, 33, 34, 64, 64, 64, 64, 64, 64,
  -    64, 35, 36, 37, 38, 39, 40, 41, 42, 43, 64, 64, 64, 64, 64, 64,
  -    64, 64, 44, 45, 46, 47, 48, 49, 50, 51, 64, 64, 64, 64, 64, 64,
  -    64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64,
  -    64,  0,  1,  2,  3,  4,  5,  6,  7,  8, 64, 64, 64, 64, 64, 64,
  -    64,  9, 10, 11, 12, 13, 14, 15, 16, 17, 64, 64, 64, 64, 64, 64,
  -    64, 64, 18, 19, 20, 21, 22, 23, 24, 25, 64, 64, 64, 64, 64, 64,
  -    52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 64, 64, 64, 64, 64, 64,
  -#endif /*CHARSET_EBCDIC*/
  -};
  -
  -/* this is the same as ap_uudecode in util.c, but returns the length instead
  - * of a pointer to the decoded data and takes a pointer to the decoded buffer
  - * as a third parameter. Also, for EBCDIC machines the toebcdic[] on the ouput
  - * is left out because we want a binary result.
  - */
  -static int base64decode(pool *p, const char *bufcoded, unsigned char **bufplain)
  -{
  -    int nbytesdecoded;
  -    register const unsigned char *bufin;
  -    register unsigned char *bufout;
  -    register int nprbytes;
  -
  -    /* Strip leading whitespace. */
  -
  -    while (*bufcoded == ' ' || *bufcoded == '\t')
  -	bufcoded++;
  -
  -    /* Figure out how many characters are in the input buffer.
  -     * Allocate this many from the per-transaction pool for the result.
  -     */
  -    bufin = (const unsigned char *) bufcoded;
  -    while (pr2six[*(bufin++)] <= 63);
  -    nprbytes = (bufin - (const unsigned char *) bufcoded) - 1;
  -    nbytesdecoded = ((nprbytes + 3) / 4) * 3;
  -
  -    if (*bufplain == NULL)
  -	*bufplain = ap_palloc(p, nbytesdecoded + 1);
  -    bufout = *bufplain;
  -
  -    bufin = (const unsigned char *) bufcoded;
  -
  -    while (nprbytes > 3) {
  -	*(bufout++) =
  -	    (unsigned char) (pr2six[bufin[0]] << 2 | pr2six[bufin[1]] >> 4);
  -	*(bufout++) =
  -	    (unsigned char) (pr2six[bufin[1]] << 4 | pr2six[bufin[2]] >> 2);
  -	*(bufout++) =
  -	    (unsigned char) (pr2six[bufin[2]] << 6 | pr2six[bufin[3]]);
  -	bufin += 4;
  -	nprbytes -= 4;
  -    }
  -
  -    /* Note: (nprbytes == 1) would be an error, so just ingore that case */
  -    if (nprbytes > 1) {
  -	*(bufout++) =
  -	    (unsigned char) (pr2six[*bufin] << 2 | pr2six[bufin[1]] >> 4);
  -    }
  -    if (nprbytes > 2) {
  -	*(bufout++) =
  -	    (unsigned char) (pr2six[bufin[1]] << 4 | pr2six[bufin[2]] >> 2);
  -    }
  -
  -    nbytesdecoded -= (4 - nprbytes) & 3;
  -    (*bufplain)[nbytesdecoded] = '\0';
  -
  -    return nbytesdecoded;
  -}
  -
  -static const char six2pr[64] =
  -"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
  -
  -/* This is similar to ap_uuencode except that it takes a length parameter
  - * (so we can encode binary data) and fixes a bug. Also note that no
  - * toascii[] is done on the input for EBCDIC (six2pr is automatically
  - * right).
  - */
  -static char *base64encode(pool *p, const unsigned char *bufplain, int buflen)
  -{
  -    int nbytescoded;
  -    char *bufcoded;
  -    register const unsigned char *bufin;
  -    register char *bufout;
  -    register int nsixbytes;
  -
  -    /* Figure out how many characters are in the input buffer.
  -     * Allocate this many from the per-transaction pool for the result.
  -     */
  -    nsixbytes = ((buflen + 2) / 3) * 4;
  -
  -    bufcoded = ap_palloc(p, nsixbytes + 1);
  -    bufcoded[nsixbytes] = '\0';
  -
  -    bufin  = bufplain;
  -    bufout = bufcoded;
  -
  -    nbytescoded = 0;
  -
  -    while (nbytescoded < (buflen - 2)) {
  -	*(bufout++) = six2pr[(bufin[0] >> 2) & 0x3F];
  -	*(bufout++) =
  -		six2pr[((bufin[1] >> 4) & 0x0F) | ((bufin[0] << 4) & 0x3F)];
  -	*(bufout++) =
  -		six2pr[((bufin[2] >> 6) & 0x03) | ((bufin[1] << 2) & 0x3F)];
  -	*(bufout++) = six2pr[bufin[2] & 0x3F];
  -	bufin += 3;
  -	nbytescoded += 3;
  -    }
  -
  -    if (nbytescoded < buflen) {
  -	*(bufout++) = six2pr[(bufin[0] >> 2) & 0x3F];
  -	if (nbytescoded < (buflen-1)) {
  -	    *(bufout++) =
  -		    six2pr[((bufin[1] >> 4) & 0x0F) | ((bufin[0] << 4) & 0x3F)];
  -	    *(bufout++) = six2pr[(bufin[1] << 2) & 0x3F];
  -	}
  -	else {
  -	    *(bufout++) = six2pr[(bufin[0] << 4) & 0x3F];
  -	}
  -    }
  -
  -    while (bufout < (bufcoded+nsixbytes))
  -	*(bufout++) = (unsigned char) '=';
  -
  -    return bufcoded;
  -}
  -
  -
   #ifdef HAVE_SHMEM_MM
   /*
    * client list code
  @@ -1086,7 +924,7 @@
   
       res = get_digest_rec(r, resp);
       resp->client = get_client(resp->opaque_num, r);
  -    if (res == OK  &&  resp->client)
  +    if (res == OK && resp->client)
   	resp->client->nonce_count++;
   
       return DECLINED;
  @@ -1149,7 +987,7 @@
   #else	/* HAVE_SHMEM_MM */
   	t.time = 42;
   #endif	/* HAVE_SHMEM_MM */
  -    memcpy(nonce, base64encode(p, t.arr, sizeof(t.arr)), NONCE_TIME_LEN+1);
  +    ap_base64encode_binary(nonce, t.arr, sizeof(t.arr));
       gen_nonce_hash(nonce+NONCE_TIME_LEN, nonce, opaque, server, conf);
   
       return nonce;
  @@ -1284,7 +1122,11 @@
        * space only covers a single uri.
        */
       if (dir[0] != '/')
  +	/* This doesn't work for Amaya (ok, it's of arguable validity in
  +	 * the first place), so just return the file name instead
   	return "http://0.0.0.0/";
  +	 */
  +	return dir;
   
       /* Next we find the largest common common suffix of the request-uri
        * and the final file name, ignoring any extensions; this gives us a
  @@ -1490,21 +1332,19 @@
   {
       double dt;
       time_rec nonce_time;
  -    unsigned char *t;
       char tmp, hash[NONCE_HASH_LEN+1];
   
       if (strlen(resp->nonce) != NONCE_LEN) {
   	ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
   		      "Digest: invalid nonce %s received - length is not %d",
   		      resp->nonce, NONCE_LEN);
  -	note_digest_auth_failure(r, conf, resp, 0);
  +	note_digest_auth_failure(r, conf, resp, 1);
   	return AUTH_REQUIRED;
       }
   
       tmp = resp->nonce[NONCE_TIME_LEN];
       resp->nonce[NONCE_TIME_LEN] = '\0';
  -    t = nonce_time.arr;
  -    base64decode(r->pool, resp->nonce, &t);
  +    ap_base64decode_binary(nonce_time.arr, resp->nonce);
       gen_nonce_hash(hash, resp->nonce, resp->opaque, r->server, conf);
       resp->nonce[NONCE_TIME_LEN] = tmp;
       resp->nonce_time = nonce_time.time;
  @@ -1513,7 +1353,7 @@
   	ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
   		      "Digest: invalid nonce %s received - hash is not %s",
   		      resp->nonce, hash);
  -	note_digest_auth_failure(r, conf, resp, 0);
  +	note_digest_auth_failure(r, conf, resp, 1);
   	return AUTH_REQUIRED;
       }
   
  @@ -1522,7 +1362,7 @@
   	ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
   		      "Digest: invalid nonce %s received - user attempted "
   		      "time travel", resp->nonce);
  -	note_digest_auth_failure(r, conf, resp, 0);
  +	note_digest_auth_failure(r, conf, resp, 1);
   	return AUTH_REQUIRED;
       }
   
  
  
  

Mime
View raw message