ronald 99/09/19 14:28:37
Modified: src/modules/experimental mod_auth_digest.c
src CHANGES
Log:
- Use unix-io instead of stdio to read /dev/random (fixes problems
on FreeBSD)
- Correctly unescape all parts of the request uri and the uri
attribute of the Authorization header before doing comparison
- Fixes for MD5-sess
- Don't send a domain attribute in Proxy-Authenticate
PR: 4967
Submitted by: Joe Orton <[EMAIL PROTECTED]>, Kano <[EMAIL PROTECTED]>
Revision Changes Path
1.10 +36 -21 apache-1.3/src/modules/experimental/mod_auth_digest.c
Index: mod_auth_digest.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/modules/experimental/mod_auth_digest.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- mod_auth_digest.c 1999/09/13 13:53:54 1.9
+++ mod_auth_digest.c 1999/09/19 21:28:34 1.10
@@ -166,7 +166,7 @@
#define NONCE_TIME_LEN (((sizeof(time_t)+2)/3)*4)
-#define NONCE_HASH_LEN 40
+#define NONCE_HASH_LEN (2*SHA_DIGESTSIZE)
#define NONCE_LEN (NONCE_TIME_LEN + NONCE_HASH_LEN)
#define SECRET_LEN 20
@@ -178,7 +178,7 @@
unsigned long key; /* the key for this entry */
struct hash_entry *next; /* next entry in the bucket */
unsigned long nonce_count; /* for nonce-count checking */
- char ha1[17]; /* for
algorithm=MD5-sess */
+ char ha1[2*MD5_DIGESTSIZE+1]; /* for
algorithm=MD5-sess */
char last_nonce[NONCE_LEN+1]; /* for one-time nonce's
*/
} client_entry;
@@ -222,7 +222,7 @@
typedef union time_union {
time_t time;
- unsigned char arr[sizeof(time_t)+1]; /* leave room for the NULL
terminator */
+ unsigned char arr[sizeof(time_t)];
} time_rec;
@@ -304,7 +304,7 @@
static void initialize_secret(server_rec *s)
{
#ifdef DEV_RANDOM
- FILE *rnd;
+ int rnd;
size_t got, tot;
#else
extern int randbyte(void); /* from the truerand library */
@@ -317,24 +317,19 @@
#ifdef DEV_RANDOM
#define XSTR(x) #x
#define STR(x) XSTR(x)
- if ((rnd = fopen(STR(DEV_RANDOM), "rb")) == NULL) {
+ if ((rnd = open(STR(DEV_RANDOM), O_RDONLY)) == NULL) {
ap_log_error(APLOG_MARK, APLOG_CRIT, s,
"Digest: Couldn't open " STR(DEV_RANDOM));
exit(EXIT_FAILURE);
}
- if (setvbuf(rnd, NULL, _IONBF, 0) != 0) {
- ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_CRIT, s,
- "Digest: Error trying to disable buffering for "
STR(DEV_RANDOM));
- exit(EXIT_FAILURE);
- }
for (tot=0; tot<sizeof(secret); tot += got) {
- if ((got = fread(secret+tot, 1, sizeof(secret)-tot, rnd)) < 1) {
+ if ((got = read(rnd, secret+tot, sizeof(secret)-tot)) < 0) {
ap_log_error(APLOG_MARK, APLOG_CRIT, s,
"Digest: Error reading " STR(DEV_RANDOM));
exit(EXIT_FAILURE);
}
}
- fclose(rnd);
+ close(rnd);
#undef STR
#undef XSTR
#else /* use truerand */
@@ -1106,12 +1101,12 @@
if (ha1 == NULL || ha1[0] == '\0') {
urp = get_userpw_hash(r, resp, conf);
ha1 = ap_md5(r->pool,
- (unsigned char *) ap_pstrcat(r->pool, ha1, ":",
resp->nonce,
+ (unsigned char *) ap_pstrcat(r->pool, urp, ":",
resp->nonce,
":", resp->cnonce, NULL));
if (!resp->client)
resp->client = gen_client(r);
if (resp->client)
- memcpy(resp->client->ha1, ha1, 17);
+ memcpy(resp->client->ha1, ha1, sizeof(resp->client->ha1));
}
return ha1;
@@ -1272,14 +1267,16 @@
* unneccessarily (it's usually > 200 bytes!).
*/
- if (conf->uri_list)
+ if (r->proxyreq)
+ domain = NULL; /* don't send domain for proxy requests */
+ else if (conf->uri_list)
domain = conf->uri_list;
else {
/* They didn't specify any domain, so let's guess at it */
domain = guess_domain(r->pool, resp->request_uri->path, r->filename,
conf->dir_name);
if (domain[0] == '/' && domain[1] == '\0')
- domain = ""; /* "/" is the default, so no need to send it */
+ domain = NULL; /* "/" is the default, so no need to send it */
else
domain = ap_pstrcat(r->pool, ", domain=\"", domain, "\"", NULL);
}
@@ -1539,13 +1536,31 @@
if (strcmp(resp->uri, resp->request_uri->path)) {
uri_components *r_uri = resp->request_uri, d_uri;
- ap_parse_uri_components(r->pool, resp->uri, &d_uri);
+ int port;
+
+ if (ap_parse_uri_components(r->pool, resp->uri, &d_uri) != HTTP_OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "Digest: invalid uri <%s> in Authorization header",
+ resp->uri);
+ return BAD_REQUEST;
+ }
+
+ if (d_uri.hostname)
+ ap_unescape_url(d_uri.hostname);
+ if (d_uri.path)
+ ap_unescape_url(d_uri.path);
+ if (d_uri.query)
+ ap_unescape_url(d_uri.query);
+ if (r_uri->query)
+ ap_unescape_url(r_uri->query);
+ port = ap_get_server_port(r);
if ((d_uri.hostname && d_uri.hostname[0] != '\0'
- && strcasecmp(d_uri.hostname, r->server->server_hostname))
- || (d_uri.port_str && d_uri.port != r->server->port)
- || (!d_uri.port_str && r->server->port != 80)
- || strcmp(d_uri.path, r_uri->path)
+ && strcasecmp(d_uri.hostname, ap_get_server_name(r)))
+ || (d_uri.port_str && d_uri.port != port)
+ || (d_uri.hostname && d_uri.hostname[0] != '\0'
+ && !d_uri.port_str && port != ap_default_port(r))
+ || !d_uri.path || strcmp(d_uri.path, r_uri->path)
|| (d_uri.query != r_uri->query
&& (!d_uri.query || !r_uri->query
|| strcmp(d_uri.query, r_uri->query)))
1.1431 +12 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1430
retrieving revision 1.1431
diff -u -r1.1430 -r1.1431
--- CHANGES 1999/09/11 07:58:27 1.1430
+++ CHANGES 1999/09/19 21:28:35 1.1431
@@ -1,5 +1,17 @@
Changes with Apache 1.3.10
+ *) mod_auth_digest fixes:
+ - Use unix-io instead of stdio to read /dev/random (fixes problems
+ on FreeBSD)
+ [Kano <[EMAIL PROTECTED]>] PR#4967
+ - Correctly unescape all parts of the request uri and the uri
+ attribute of the Authorization header before doing comparison
+ [Joe Orton <[EMAIL PROTECTED]>, Ronald Tschalär]
+ - Fixes for MD5-sess
+ [Joe Orton <[EMAIL PROTECTED]>]
+ - Don't send a domain attribute in Proxy-Authenticate
+ [Ronald Tschalär]
+
*) ap_base64decode_binary does not null-terminate the output anymore
[Bill Stoddard, Ronald Tschalär]
