commit ff395473a9dc81bdf9fb4988cbbcdb10826c1493
Author: José Miguel Sánchez García <[email protected]>
Date: Fri Oct 30 22:45:34 2020 +0000
[quark][patch][digestauth] add stale nonce handling
diff --git
a/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff
b/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff
index ed3eeeb8..27d82676 100644
---
a/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff
+++
b/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff
@@ -1,4 +1,4 @@
-From b62f5dbb095f337f62ed3379948da4283175d7fb Mon Sep 17 00:00:00 2001
+From e0efcece3647fad31ca2750aaf59dd39dd192496 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Miguel=20S=C3=A1nchez=20Garc=C3=ADa?=
<[email protected]>
Date: Thu, 29 Oct 2020 10:05:27 +0000
@@ -8,14 +8,14 @@ This follows RFC 7616, but only MD5 algorithm and auth qop is
supported.
---
Makefile | 3 +-
config.def.h | 2 +-
- http.c | 289 +++++++++++++++++++++++++++++++++++++++++++++++++--
- http.h | 27 ++++-
+ http.c | 291 +++++++++++++++++++++++++++++++++++++++++++++++++--
+ http.h | 28 ++++-
main.c | 77 ++++++++++++--
md5.c | 148 ++++++++++++++++++++++++++
md5.h | 18 ++++
quark.1 | 26 +++++
util.h | 14 +++
- 9 files changed, 581 insertions(+), 23 deletions(-)
+ 9 files changed, 584 insertions(+), 23 deletions(-)
create mode 100644 md5.c
create mode 100644 md5.h
@@ -53,7 +53,7 @@ index 56f62aa..a322e7a 100644
/* mime-types */
static const struct {
diff --git a/http.c b/http.c
-index f1e15a4..4ceef04 100644
+index f1e15a4..1862dc4 100644
--- a/http.c
+++ b/http.c
@@ -17,13 +17,16 @@
@@ -301,7 +301,7 @@ index f1e15a4..4ceef04 100644
char *p, *mime;
const char *targethost;
-@@ -787,14 +969,62 @@ http_prepare_response(const struct request *req, struct
response *res,
+@@ -787,14 +969,63 @@ http_prepare_response(const struct request *req, struct
response *res,
}
}
@@ -352,8 +352,9 @@ index f1e15a4..4ceef04 100644
+ auth.cnonce, auth.qop))) {
+ goto err;
+ }
-+ printf("client nonce: %s
", auth.nonce);
-+ printf("server nonce: %s
", nonce);
++ if (strcmp(auth.nonce, nonce)) {
++ req->stale = 1;
++ }
+ if (strncmp(response, auth.response, sizeof(response)))
{
+ s = S_UNAUTHORIZED;
+ goto err;
@@ -367,7 +368,7 @@ index f1e15a4..4ceef04 100644
if (esnprintf(res->field[RES_ACCEPT_RANGES],
sizeof(res->field[RES_ACCEPT_RANGES]),
"%s", "bytes")) {
-@@ -832,17 +1062,22 @@ http_prepare_response(const struct request *req, struct
response *res,
+@@ -832,17 +1063,22 @@ http_prepare_response(const struct request *req, struct
response *res,
return;
err:
@@ -393,7 +394,7 @@ index f1e15a4..4ceef04 100644
memset(res, 0, sizeof(*res));
res->type = RESTYPE_ERROR;
-@@ -861,4 +1096,38 @@ http_prepare_error_response(const struct request *req,
+@@ -861,4 +1097,39 @@ http_prepare_error_response(const struct request *req,
res->status = S_INTERNAL_SERVER_ERROR;
}
}
@@ -412,9 +413,10 @@ index f1e15a4..4ceef04 100644
+ "realm=\"%s\", "
+ "qop=\"auth\", "
+ "algorithm=MD5, "
-+ "stale=false, "
++ "stale=%s, "
+ "nonce=\"%s\"",
+ req->realm->name,
++ req->stale ? "true" : "false",
+ nonce)) {
+ res->status = S_INTERNAL_SERVER_ERROR;
+ } else {
@@ -433,7 +435,7 @@ index f1e15a4..4ceef04 100644
+ }
}
diff --git a/http.h b/http.h
-index bfaa807..12de2eb 100644
+index bfaa807..215bb8f 100644
--- a/http.h
+++ b/http.h
@@ -12,6 +12,7 @@ enum req_field {
@@ -444,15 +446,16 @@ index bfaa807..12de2eb 100644
NUM_REQ_FIELDS,
};
-@@ -28,6 +29,7 @@ extern const char *req_method_str[];
+@@ -28,6 +29,8 @@ extern const char *req_method_str[];
struct request {
enum req_method method;
char uri[PATH_MAX];
+ struct realm *realm;
++ int stale;
char field[NUM_REQ_FIELDS][FIELD_MAX];
};
-@@ -37,6 +39,7 @@ enum status {
+@@ -37,6 +40,7 @@ enum status {
S_MOVED_PERMANENTLY = 301,
S_NOT_MODIFIED = 304,
S_BAD_REQUEST = 400,
@@ -460,7 +463,7 @@ index bfaa807..12de2eb 100644
S_FORBIDDEN = 403,
S_NOT_FOUND = 404,
S_METHOD_NOT_ALLOWED = 405,
-@@ -57,6 +60,7 @@ enum res_field {
+@@ -57,6 +61,7 @@ enum res_field {
RES_CONTENT_LENGTH,
RES_CONTENT_RANGE,
RES_CONTENT_TYPE,
@@ -468,7 +471,7 @@ index bfaa807..12de2eb 100644
NUM_RES_FIELDS,
};
-@@ -72,6 +76,7 @@ enum res_type {
+@@ -72,6 +77,7 @@ enum res_type {
struct response {
enum res_type type;
enum status status;
@@ -476,7 +479,7 @@ index bfaa807..12de2eb 100644
char field[NUM_RES_FIELDS][FIELD_MAX];
char uri[PATH_MAX];
char path[PATH_MAX];
-@@ -83,6 +88,7 @@ struct response {
+@@ -83,6 +89,7 @@ struct response {
enum conn_state {
C_VACANT,
@@ -484,7 +487,7 @@ index bfaa807..12de2eb 100644
C_RECV_HEADER,
C_SEND_HEADER,
C_SEND_BODY,
-@@ -91,6 +97,7 @@ enum conn_state {
+@@ -91,6 +98,7 @@ enum conn_state {
struct connection {
enum conn_state state;
@@ -492,7 +495,7 @@ index bfaa807..12de2eb 100644
int fd;
struct sockaddr_storage ia;
struct request req;
-@@ -99,13 +106,25 @@ struct connection {
+@@ -99,13 +107,25 @@ struct connection {
size_t progress;
};
