vlc | branch: master | Marvin Scholz <[email protected]> | Wed Apr 1 15:39:58 2020 +0200| [f5666f079e243dcd9c9c6fced17a1a353736d81c] | committer: Marvin Scholz
src: http_auth: use new md5 API > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=f5666f079e243dcd9c9c6fced17a1a353736d81c --- src/network/http_auth.c | 137 +++++++++++++++++++++--------------------------- 1 file changed, 59 insertions(+), 78 deletions(-) diff --git a/src/network/http_auth.c b/src/network/http_auth.c index ff1796c25d..6d31d98cc0 100644 --- a/src/network/http_auth.c +++ b/src/network/http_auth.c @@ -32,7 +32,7 @@ #include <vlc_common.h> #include <vlc_http.h> -#include <vlc_md5.h> +#include <vlc_hash.h> #include <vlc_rand.h> #include <vlc_strings.h> @@ -87,137 +87,118 @@ static char *AuthGetParamNoQuotes( const char *psz_header, const char *psz_param static char *GenerateCnonce() { char ps_random[32]; - struct md5_s md5; + char *md5_hex; + vlc_hash_md5_t md5; + + md5_hex = malloc( VLC_HASH_MD5_DIGEST_HEX_SIZE ); + if (unlikely( md5_hex == NULL )) + return NULL; vlc_rand_bytes( ps_random, sizeof( ps_random ) ); - InitMD5( &md5 ); - AddMD5( &md5, ps_random, sizeof( ps_random ) ); - EndMD5( &md5 ); + vlc_hash_md5_Init( &md5 ); + vlc_hash_md5_Update( &md5, ps_random, sizeof( ps_random ) ); - return psz_md5_hash( &md5 ); + vlc_hash_FinishHex( &md5, md5_hex ); } static char *AuthDigest( vlc_object_t *p_this, vlc_http_auth_t *p_auth, const char *psz_method, const char *psz_path, const char *psz_username, const char *psz_password ) { - char *psz_HA1 = NULL; - char *psz_HA2 = NULL; - char *psz_ent = NULL; + char psz_HA1[VLC_HASH_MD5_DIGEST_HEX_SIZE]; + char psz_HA2[VLC_HASH_MD5_DIGEST_HEX_SIZE]; + char psz_ent[VLC_HASH_MD5_DIGEST_HEX_SIZE]; char *psz_result = NULL; char psz_inonce[9]; - struct md5_s md5; - struct md5_s ent; + vlc_hash_md5_t md5; + vlc_hash_md5_t ent; if ( p_auth->psz_realm == NULL ) { msg_Warn( p_this, "Digest Authentication: " "Mandatory 'realm' value not available" ); - goto error; + return NULL; } /* H(A1) */ if ( p_auth->psz_HA1 ) { - psz_HA1 = strdup( p_auth->psz_HA1 ); - if ( psz_HA1 == NULL ) - goto error; + strncpy( psz_HA1, p_auth->psz_HA1, sizeof(psz_HA1) ); } else { - InitMD5( &md5 ); - AddMD5( &md5, psz_username, strlen( psz_username ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, psz_password, strlen( psz_password ) ); - EndMD5( &md5 ); - - psz_HA1 = psz_md5_hash( &md5 ); - if ( psz_HA1 == NULL ) - goto error; + vlc_hash_md5_Init( &md5 ); + vlc_hash_md5_Update( &md5, psz_username, strlen( psz_username ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, psz_password, strlen( psz_password ) ); + vlc_hash_FinishHex( &md5, psz_HA1 ); if ( p_auth->psz_algorithm && strcmp( p_auth->psz_algorithm, "MD5-sess" ) == 0 ) { - InitMD5( &md5 ); - AddMD5( &md5, psz_HA1, 32 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); - EndMD5( &md5 ); - - free( psz_HA1 ); - - psz_HA1 = psz_md5_hash( &md5 ); - if ( psz_HA1 == NULL ) - goto error; + vlc_hash_md5_Init( &md5 ); + vlc_hash_md5_Update( &md5, psz_HA1, sizeof(psz_HA1) - 1 ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); + vlc_hash_FinishHex( &md5, psz_HA1 ); p_auth->psz_HA1 = strdup( psz_HA1 ); if ( p_auth->psz_HA1 == NULL ) - goto error; + return NULL; } } /* H(A2) */ - InitMD5( &md5 ); + vlc_hash_md5_Init( &md5 ); if ( *psz_method ) - AddMD5( &md5, psz_method, strlen( psz_method ) ); - AddMD5( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, psz_method, strlen( psz_method ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); if ( psz_path ) - AddMD5( &md5, psz_path, strlen( psz_path ) ); + vlc_hash_md5_Update( &md5, psz_path, strlen( psz_path ) ); else - AddMD5( &md5, "/", 1 ); + vlc_hash_md5_Update( &md5, "/", 1 ); if ( p_auth->psz_qop && strcmp( p_auth->psz_qop, "auth-int" ) == 0 ) { - InitMD5( &ent ); + vlc_hash_md5_Init( &ent ); /* TODO: Support for "qop=auth-int" */ - AddMD5( &ent, "", 0 ); - EndMD5( &ent ); - - psz_ent = psz_md5_hash( &ent ); - if ( psz_ent == NULL ) - goto error; - - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, psz_ent, 32 ); + vlc_hash_md5_Update( &ent, "", 0 ); + vlc_hash_FinishHex( &ent, psz_ent ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, psz_ent, sizeof(psz_ent) - 1 ); } - EndMD5( &md5 ); - psz_HA2 = psz_md5_hash( &md5 ); - if ( psz_HA2 == NULL ) - goto error; + vlc_hash_FinishHex( &md5, psz_HA2 ); /* Request digest */ - InitMD5( &md5 ); - AddMD5( &md5, psz_HA1, 32 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); - AddMD5( &md5, ":", 1 ); + vlc_hash_md5_Init( &md5 ); + vlc_hash_md5_Update( &md5, psz_HA1, sizeof(psz_HA1) - 1 ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); if ( p_auth->psz_qop && ( strcmp( p_auth->psz_qop, "auth" ) == 0 || strcmp( p_auth->psz_qop, "auth-int" ) == 0 ) ) { snprintf( psz_inonce, sizeof( psz_inonce ), "%08x", p_auth->i_nonce ); - AddMD5( &md5, psz_inonce, 8 ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); - AddMD5( &md5, ":", 1 ); - AddMD5( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) ); - AddMD5( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, psz_inonce, 8 ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); + vlc_hash_md5_Update( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) ); + vlc_hash_md5_Update( &md5, ":", 1 ); } - AddMD5( &md5, psz_HA2, 32 ); - EndMD5( &md5 ); + vlc_hash_md5_Update( &md5, psz_HA2, sizeof(psz_HA2) - 1 ); - psz_result = psz_md5_hash( &md5 ); - -error: - free( psz_HA1 ); - free( psz_HA2 ); - free( psz_ent ); + psz_result = malloc(VLC_HASH_MD5_DIGEST_HEX_SIZE); + if (psz_result == NULL) + return NULL; + vlc_hash_FinishHex( &md5, psz_result ); return psz_result; } _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
