Permalink
Browse files

Fix bugs in the digest handling.

  • Loading branch information...
juhovh committed Mar 20, 2012
1 parent 02e47e4 commit eff25432c55fe451931cfe193edfc0ec69261bf2
Showing with 13 additions and 5 deletions.
  1. +9 −2 src/lib/digest.c
  2. +1 −1 src/lib/digest.h
  3. +3 −2 src/lib/raop.c
View
@@ -73,14 +73,14 @@ digest_generate_nonce(char *result, int resultlen)
MD5_Final(md5buf, &md5ctx);
digest_md5_to_hex(md5buf, md5hex);
+ memset(result, 0, resultlen);
strncpy(result, md5hex, resultlen-1);
- result[resultlen-1] = '\0';
}
int
digest_is_valid(const char *our_realm, const char *password,
const char *our_nonce, const char *method,
- const char *authorization)
+ const char *our_uri, const char *authorization)
{
char *auth;
char *current;
@@ -140,6 +140,13 @@ digest_is_valid(const char *our_realm, const char *password,
response = first+10;
}
+ if (!username || !realm || !nonce || !uri || !response) {
+ return 0;
+ }
+ if (strcmp(realm, our_realm) || strcmp(nonce, our_nonce) || strcmp(uri, our_uri)) {
+ return 0;
+ }
+
/* Calculate our response */
memset(our_response, 0, sizeof(our_response));
digest_get_response(username, realm, password, nonce,
View
@@ -4,6 +4,6 @@
void digest_generate_nonce(char *result, int resultlen);
int digest_is_valid(const char *our_realm, const char *password,
const char *our_nonce, const char *method,
- const char *authorization);
+ const char *our_uri, const char *authorization);
#endif
View
@@ -36,7 +36,7 @@
#define MAX_PASSWORD_LEN 64
/* MD5 as hex fits here */
-#define MAX_NONCE_LEN 33
+#define MAX_NONCE_LEN 32
struct raop_s {
/* Callbacks for audio */
@@ -143,9 +143,10 @@ conn_request(void *ptr, http_request_t *request, http_response_t **response)
authorization = http_request_get_header(request, "Authorization");
if (authorization) {
+ logger_log(&conn->raop->logger, LOGGER_DEBUG, "Our nonce: %s\n", conn->nonce);
logger_log(&conn->raop->logger, LOGGER_DEBUG, "Authorization: %s\n", authorization);
}
- if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, authorization)) {
+ if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, http_request_get_url(request), authorization)) {
char *authstr;
int authstrlen;

0 comments on commit eff2543

Please sign in to comment.