| 501 | } |
| 502 | |
| 503 | int verifyAuthHeader(const char *user, const char *password, const char *method, const char *auth, const char *msgbody) |
| 504 | { |
| 505 | char algo[MAX_HEADER_LEN]; |
| 506 | char realm[MAX_HEADER_LEN]; |
| 507 | char nonce[MAX_HEADER_LEN]; |
| 508 | char cnonce[MAX_HEADER_LEN]; |
| 509 | char authtype[MAX_HEADER_LEN]; |
| 510 | char nc[MAX_HEADER_LEN]; |
| 511 | char uri[MAX_HEADER_LEN]; |
| 512 | char *start; |
| 513 | |
| 514 | if ((start = stristr(auth, "Digest")) == nullptr) { |
| 515 | WARNING("verifyAuthHeader: authentication must be digest is %s", auth); |
| 516 | return 0; |
| 517 | } |
| 518 | |
| 519 | getAuthParameter("algorithm", auth, algo, sizeof(algo)); |
| 520 | if (algo[0] == '\0') { |
| 521 | strcpy(algo, "MD5"); |
| 522 | } |
| 523 | if (strncasecmp(algo, "MD5", 3)==0) { |
| 524 | unsigned char result[HASH_HEX_SIZE + 1]; |
| 525 | char response[HASH_HEX_SIZE + 1]; |
| 526 | getAuthParameter("realm", auth, realm, sizeof(realm)); |
| 527 | getAuthParameter("uri", auth, uri, sizeof(uri)); |
| 528 | getAuthParameter("nonce", auth, nonce, sizeof(nonce)); |
| 529 | getAuthParameter("cnonce", auth, cnonce, sizeof(cnonce)); |
| 530 | getAuthParameter("nc", auth, nc, sizeof(nc)); |
| 531 | getAuthParameter("qop", auth, authtype, sizeof(authtype)); |
| 532 | createAuthResponseMD5( |
| 533 | user, password, strlen(password), method, uri, authtype, |
| 534 | msgbody, realm, nonce, cnonce, nc, result); |
| 535 | getAuthParameter("response", auth, response, sizeof(response)); |
| 536 | TRACE_CALLDEBUG("Processing verifyauth command - user %s, password %s, method %s, uri %s, realm %s, nonce %s, result expected %s, response from user %s\n", |
| 537 | user, |
| 538 | password, |
| 539 | method, |
| 540 | uri, |
| 541 | realm, |
| 542 | nonce, |
| 543 | (char*)result, |
| 544 | response); |
| 545 | return !strcmp((char *)result, response); |
| 546 | #ifdef USE_SHA256 |
| 547 | } else if (strncasecmp(algo, "SHA-256", 7)==0) { |
| 548 | unsigned char result[SHA256_HASH_HEX_SIZE + 1]; |
| 549 | char response[SHA256_HASH_HEX_SIZE + 1]; |
| 550 | getAuthParameter("realm", auth, realm, sizeof(realm)); |
| 551 | getAuthParameter("uri", auth, uri, sizeof(uri)); |
| 552 | getAuthParameter("nonce", auth, nonce, sizeof(nonce)); |
| 553 | getAuthParameter("cnonce", auth, cnonce, sizeof(cnonce)); |
| 554 | getAuthParameter("nc", auth, nc, sizeof(nc)); |
| 555 | getAuthParameter("qop", auth, authtype, sizeof(authtype)); |
| 556 | createAuthResponseSHA256( |
| 557 | user, password, strlen(password), method, uri, authtype, |
| 558 | msgbody, realm, nonce, cnonce, nc, result); |
| 559 | getAuthParameter("response", auth, response, sizeof(response)); |
| 560 | TRACE_CALLDEBUG("Processing verifyauth command - user %s, password %s, method %s, uri %s, realm %s, nonce %s, result expected %s, response from user %s\n", |
no test coverage detected