You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2013/04/22 16:10:11 UTC
svn commit: r1470527 - in /httpd/httpd/branches/2.4.x: ./ STATUS
modules/aaa/mod_auth_digest.c
Author: jim
Date: Mon Apr 22 14:10:10 2013
New Revision: 1470527
URL: http://svn.apache.org/r1470527
Log:
Merge r1458020, r1463044, r1463045 from trunk:
more simplification with ap_bin2hex()
use apr_array for an array
Submitted by: Christophe JAILLET (with small tweaks by myself)
PR: 52881
ap_log_error already logs the error string, no need to log it twice
Submitted by: sf
Reviewed/backported by: jim
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_digest.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1458020,1463044-1463045
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1470527&r1=1470526&r2=1470527&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Mon Apr 22 14:10:10 2013
@@ -90,15 +90,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_auth_digest: 3 easy votes to keep in line with trunk
- simplification with ap_bin2hex()
- + use apr_array for an array
- + ap_log_error already logs the error string, no need to log it twice
- trunk patches: https://svn.apache.org/r1458020
- https://svn.apache.org/r1463044
- https://svn.apache.org/r1463045
- 2.4.x patch: trunk patch works
- +1: jailletc36, minfrin, sf
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
Modified: httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_digest.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_digest.c?rev=1470527&r1=1470526&r2=1470527&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_digest.c (original)
+++ httpd/httpd/branches/2.4.x/modules/aaa/mod_auth_digest.c Mon Apr 22 14:10:10 2013
@@ -91,7 +91,7 @@ typedef struct digest_config_struct {
const char *dir_name;
authn_provider_list *providers;
const char *realm;
- char **qop_list;
+ apr_array_header_t *qop_list;
apr_sha1_ctx_t nonce_ctx;
apr_time_t nonce_lifetime;
const char *nonce_format;
@@ -240,10 +240,8 @@ static apr_status_t initialize_secret(se
#endif
if (status != APR_SUCCESS) {
- char buf[120];
ap_log_error(APLOG_MARK, APLOG_CRIT, status, s, APLOGNO(01758)
- "error generating secret: %s",
- apr_strerror(status, buf, sizeof(buf)));
+ "error generating secret");
return status;
}
@@ -451,8 +449,7 @@ static void *create_digest_dir_config(ap
conf = (digest_config_rec *) apr_pcalloc(p, sizeof(digest_config_rec));
if (conf) {
- conf->qop_list = apr_palloc(p, sizeof(char*));
- conf->qop_list[0] = NULL;
+ conf->qop_list = apr_array_make(p, 2, sizeof(char *));
conf->nonce_lifetime = DFLT_NONCE_LIFE;
conf->dir_name = apr_pstrdup(p, dir);
conf->algorithm = DFLT_ALGORITHM;
@@ -532,15 +529,10 @@ static const char *add_authn_provider(cm
static const char *set_qop(cmd_parms *cmd, void *config, const char *op)
{
digest_config_rec *conf = (digest_config_rec *) config;
- char **tmp;
- int cnt;
if (!strcasecmp(op, "none")) {
- if (conf->qop_list[0] == NULL) {
- conf->qop_list = apr_palloc(cmd->pool, 2 * sizeof(char*));
- conf->qop_list[1] = NULL;
- }
- conf->qop_list[0] = "none";
+ apr_array_clear(conf->qop_list);
+ *(const char **)apr_array_push(conf->qop_list) = "none";
return NULL;
}
@@ -551,14 +543,7 @@ static const char *set_qop(cmd_parms *cm
return apr_pstrcat(cmd->pool, "Unrecognized qop: ", op, NULL);
}
- for (cnt = 0; conf->qop_list[cnt] != NULL; cnt++)
- ;
-
- tmp = apr_palloc(cmd->pool, (cnt + 2) * sizeof(char*));
- memcpy(tmp, conf->qop_list, cnt*sizeof(char*));
- tmp[cnt] = apr_pstrdup(cmd->pool, op);
- tmp[cnt+1] = NULL;
- conf->qop_list = tmp;
+ *(const char **)apr_array_push(conf->qop_list) = op;
return NULL;
}
@@ -1056,10 +1041,8 @@ static void gen_nonce_hash(char *hash, c
const server_rec *server,
const digest_config_rec *conf)
{
- const char *hex = "0123456789abcdef";
unsigned char sha1[APR_SHA1_DIGESTSIZE];
apr_sha1_ctx_t ctx;
- int idx;
memcpy(&ctx, &conf->nonce_ctx, sizeof(ctx));
/*
@@ -1075,12 +1058,7 @@ static void gen_nonce_hash(char *hash, c
}
apr_sha1_final(sha1, &ctx);
- for (idx=0; idx<APR_SHA1_DIGESTSIZE; idx++) {
- *hash++ = hex[sha1[idx] >> 4];
- *hash++ = hex[sha1[idx] & 0xF];
- }
-
- *hash++ = '\0';
+ ap_bin2hex(sha1, APR_SHA1_DIGESTSIZE, hash);
}
@@ -1251,19 +1229,17 @@ static void note_digest_auth_failure(req
const char *qop, *opaque, *opaque_param, *domain, *nonce;
/* Setup qop */
- if (conf->qop_list[0] == NULL) {
+ if (apr_is_empty_array(conf->qop_list)) {
qop = ", qop=\"auth\"";
}
- else if (!strcasecmp(conf->qop_list[0], "none")) {
+ else if (!strcasecmp(*(const char **)(conf->qop_list->elts), "none")) {
qop = "";
}
else {
- int cnt;
- qop = apr_pstrcat(r->pool, ", qop=\"", conf->qop_list[0], NULL);
- for (cnt = 1; conf->qop_list[cnt] != NULL; cnt++) {
- qop = apr_pstrcat(r->pool, qop, ",", conf->qop_list[cnt], NULL);
- }
- qop = apr_pstrcat(r->pool, qop, "\"", NULL);
+ qop = apr_pstrcat(r->pool, ", qop=\"",
+ apr_array_pstrcat(r->pool, conf->qop_list, ','),
+ "\"",
+ NULL);
}
/* Setup opaque */
@@ -1464,9 +1440,8 @@ static int check_nc(const request_rec *r
return OK;
}
- if ((conf->qop_list != NULL)
- &&(conf->qop_list[0] != NULL)
- &&!strcasecmp(conf->qop_list[0], "none")) {
+ if (!apr_is_empty_array(conf->qop_list) &&
+ !strcasecmp(*(const char **)(conf->qop_list->elts), "none")) {
/* qop is none, client must not send a nonce count */
if (snc != NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01772)
@@ -1893,15 +1868,17 @@ static int authenticate_digest_user(requ
else {
const char *exp_digest;
int match = 0, idx;
- for (idx = 0; conf->qop_list[idx] != NULL; idx++) {
- if (!strcasecmp(conf->qop_list[idx], resp->message_qop)) {
+ const char **tmp = (const char **)(conf->qop_list->elts);
+ for (idx = 0; idx < conf->qop_list->nelts; idx++) {
+ if (!strcasecmp(*tmp, resp->message_qop)) {
match = 1;
break;
}
+ ++tmp;
}
if (!match
- && !(conf->qop_list[0] == NULL
+ && !(apr_is_empty_array(conf->qop_list)
&& !strcasecmp(resp->message_qop, "auth"))) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01793)
"invalid qop `%s' received: %s",
@@ -1983,7 +1960,8 @@ static int add_auth_info(request_rec *r)
/* do rfc-2069 digest
*/
- if (conf->qop_list[0] && !strcasecmp(conf->qop_list[0], "none")
+ if (!apr_is_empty_array(conf->qop_list) &&
+ !strcasecmp(*(const char **)(conf->qop_list->elts), "none")
&& resp->message_qop == NULL) {
/* use only RFC-2069 format */
ai = nextnonce;