Openwrt-EcoNet/ZyXEL_PMG5617GA
Archived
1
0
Fork 0
Code
This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
ZyXEL_PMG5617GA/package/libs/clinkc/patches/004-ZyXEL_fix_authentication_check.patch
Alex fa80bc5ae9 initial commit
2022-11-27 10:16:14 +00:00

67 lines
2.1 KiB
Diff
Raw Permalink Blame History

--- a/src/cybergarage/http/chttp_authentication.c
+++ b/src/cybergarage/http/chttp_authentication.c
@@ -560,6 +560,7 @@ void cg_http_auth_header_parse(CgHttpPac
void initDigestInfo(CgHttpAuth **digest)
{
*digest = (CgHttpAuth *)malloc(sizeof(CgHttpAuth));
+ memset(*digest, '\0', sizeof(CgHttpAuth));
(*digest)->realm = NULL;
(*digest)->algorithm = NULL;
(*digest)->qop = NULL;
@@ -716,7 +717,7 @@ authRet_t cg_http_request_check_digest_a
tmp = cg_http_request_getqop(httpReq);
if(!tmp){
auth->qop = NULL;
- return HTTP_AUTH_ERROR;
+ /*qop can be unspecified*/
}
else{
auth->qop = tmp;
@@ -729,7 +730,7 @@ authRet_t cg_http_request_check_digest_a
tmp = cg_http_request_getalgorithm(httpReq);
if(!tmp){
auth->algorithm = NULL;
- return HTTP_AUTH_ERROR;
+ /*algorithm can be unspecified*/
}
else{
auth->algorithm = tmp;
@@ -742,6 +743,7 @@ authRet_t cg_http_request_check_digest_a
tmp = cg_http_request_getopaque(httpReq);
if(!tmp){
auth->opaque = NULL;
+ printf("error: can not get opaque");
return HTTP_AUTH_ERROR;
}
else{
@@ -761,7 +763,7 @@ authRet_t cg_http_request_check_digest_a
if(!tmp)
auth->nc = 0;
else
- auth->nc = tmp;
+ sscanf(tmp, "%08x", &auth->nc);
method = cg_http_request_getmethod(httpReq);
uripath = cg_http_request_geturi(httpReq);
@@ -773,8 +775,10 @@ authRet_t cg_http_request_check_digest_a
if the qop is "auth" or unspecified
ha2 = MD5( Method:digest-uri )
*/
+ memset(md5Input, "\0", sizeof(md5Input));
snprintf(md5Input, sizeof(md5Input), "%s:%s:%s", user, auth->realm, passwd);
cg_str2md5(md5Input,ha1);
+ memset(md5Input, "\0", sizeof(md5Input));
snprintf(md5Input, sizeof(md5Input), "%s:%s", method, uripath);
cg_str2md5(md5Input,ha2);
@@ -827,7 +831,8 @@ authRet_t cg_http_request_check_digest_a
cg_str2md5(md5Input, ha1);
}
- snprintf(md5Input, sizeof(md5Input), "%s:%s:%s:%s:%s:%s",
+ memset(md5Input, '\0', sizeof(md5Input));
+ snprintf(md5Input, sizeof(md5Input), "%s:%s:%08x:%s:%s:%s",
ha1,
auth->nonce,
auth->nc,
View Git Blame Copy Permalink