From: Juho Vähä-Herttua Date: Tue, 20 Mar 2012 20:00:14 +0000 (+0200) Subject: Fix bugs in the digest handling. X-Git-Tag: upstream/0.9.0~4^2~91 X-Git-Url: https://git.piment-noir.org/?a=commitdiff_plain;h=268f72c87ed44283cc7d35e16198fed76353a098;p=deb_shairplay.git Fix bugs in the digest handling. --- diff --git a/src/lib/digest.c b/src/lib/digest.c index 132f27e..78c916e 100644 --- a/src/lib/digest.c +++ b/src/lib/digest.c @@ -73,14 +73,14 @@ digest_generate_nonce(char *result, int resultlen) MD5_Final(md5buf, &md5ctx); digest_md5_to_hex(md5buf, md5hex); + memset(result, 0, resultlen); strncpy(result, md5hex, resultlen-1); - result[resultlen-1] = '\0'; } int digest_is_valid(const char *our_realm, const char *password, const char *our_nonce, const char *method, - const char *authorization) + const char *our_uri, const char *authorization) { char *auth; char *current; @@ -140,6 +140,13 @@ digest_is_valid(const char *our_realm, const char *password, response = first+10; } + if (!username || !realm || !nonce || !uri || !response) { + return 0; + } + if (strcmp(realm, our_realm) || strcmp(nonce, our_nonce) || strcmp(uri, our_uri)) { + return 0; + } + /* Calculate our response */ memset(our_response, 0, sizeof(our_response)); digest_get_response(username, realm, password, nonce, diff --git a/src/lib/digest.h b/src/lib/digest.h index f4b46e7..aa52afb 100644 --- a/src/lib/digest.h +++ b/src/lib/digest.h @@ -4,6 +4,6 @@ void digest_generate_nonce(char *result, int resultlen); int digest_is_valid(const char *our_realm, const char *password, const char *our_nonce, const char *method, - const char *authorization); + const char *our_uri, const char *authorization); #endif diff --git a/src/lib/raop.c b/src/lib/raop.c index 9aafe65..1994ed3 100644 --- a/src/lib/raop.c +++ b/src/lib/raop.c @@ -36,7 +36,7 @@ #define MAX_PASSWORD_LEN 64 /* MD5 as hex fits here */ -#define MAX_NONCE_LEN 33 +#define MAX_NONCE_LEN 32 struct raop_s { /* Callbacks for audio */ @@ -143,9 +143,10 @@ conn_request(void *ptr, http_request_t *request, http_response_t **response) authorization = http_request_get_header(request, "Authorization"); if (authorization) { + logger_log(&conn->raop->logger, LOGGER_DEBUG, "Our nonce: %s\n", conn->nonce); logger_log(&conn->raop->logger, LOGGER_DEBUG, "Authorization: %s\n", authorization); } - if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, authorization)) { + if (!digest_is_valid("AppleTV", raop->password, conn->nonce, method, http_request_get_url(request), authorization)) { char *authstr; int authstrlen;