[quark][patch][digestauth] add stale nonce handling - sites

commit ff395473a9dc81bdf9fb4988cbbcdb10826c1493
parent c5f1fdefb49c01f9ff1622ab22ba053d3ba9fc3a
Author: José Miguel Sánchez García <soy.jmi2k@gmail.com>
Date:   Fri, 30 Oct 2020 22:45:34 +0000

[quark][patch][digestauth] add stale nonce handling

Diffstat:
M tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff  | 41 ++++++++++++++++++++++-------------------

1 file changed, 22 insertions(+), 19 deletions(-)
diff --git a/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff b/tools.suckless.org/quark/patches/digestauth/quark-digestauth-20200916-5d0221d.diff
@@ -1,4 +1,4 @@
-From b62f5dbb095f337f62ed3379948da4283175d7fb Mon Sep 17 00:00:00 2001
+From e0efcece3647fad31ca2750aaf59dd39dd192496 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jos=C3=A9=20Miguel=20S=C3=A1nchez=20Garc=C3=ADa?=
  <soy.jmi2k@gmail.com>
 Date: Thu, 29 Oct 2020 10:05:27 +0000
@@ -8,14 +8,14 @@ This follows RFC 7616, but only MD5 algorithm and auth qop is supported.
 ---
  Makefile     |   3 +-
  config.def.h |   2 +-
- http.c       | 289 +++++++++++++++++++++++++++++++++++++++++++++++++--
- http.h       |  27 ++++-
+ http.c       | 291 +++++++++++++++++++++++++++++++++++++++++++++++++--
+ http.h       |  28 ++++-
  main.c       |  77 ++++++++++++--
  md5.c        | 148 ++++++++++++++++++++++++++
  md5.h        |  18 ++++
  quark.1      |  26 +++++
  util.h       |  14 +++
- 9 files changed, 581 insertions(+), 23 deletions(-)
+ 9 files changed, 584 insertions(+), 23 deletions(-)
  create mode 100644 md5.c
  create mode 100644 md5.h
 
@@ -53,7 +53,7 @@ index 56f62aa..a322e7a 100644
  /* mime-types */
  static const struct {
 diff --git a/http.c b/http.c
-index f1e15a4..4ceef04 100644
+index f1e15a4..1862dc4 100644
 --- a/http.c
 +++ b/http.c
 @@ -17,13 +17,16 @@
@@ -301,7 +301,7 @@ index f1e15a4..4ceef04 100644
  	char *p, *mime;
  	const char *targethost;
  
-@@ -787,14 +969,62 @@ http_prepare_response(const struct request *req, struct response *res,
+@@ -787,14 +969,63 @@ http_prepare_response(const struct request *req, struct response *res,
  		}
  	}
  
@@ -352,8 +352,9 @@ index f1e15a4..4ceef04 100644
 +			                        auth.cnonce, auth.qop))) {
 +				goto err;
 +			}
-+			printf("client nonce: %s\n", auth.nonce);
-+			printf("server nonce: %s\n", nonce);
++			if (strcmp(auth.nonce, nonce)) {
++				req->stale = 1;
++			}
 +			if (strncmp(response, auth.response, sizeof(response))) {
 +				s = S_UNAUTHORIZED;
 +				goto err;
@@ -367,7 +368,7 @@ index f1e15a4..4ceef04 100644
  	if (esnprintf(res->field[RES_ACCEPT_RANGES],
  	              sizeof(res->field[RES_ACCEPT_RANGES]),
  		      "%s", "bytes")) {
-@@ -832,17 +1062,22 @@ http_prepare_response(const struct request *req, struct response *res,
+@@ -832,17 +1063,22 @@ http_prepare_response(const struct request *req, struct response *res,
  
  	return;
  err:
@@ -393,7 +394,7 @@ index f1e15a4..4ceef04 100644
  	memset(res, 0, sizeof(*res));
  
  	res->type = RESTYPE_ERROR;
-@@ -861,4 +1096,38 @@ http_prepare_error_response(const struct request *req,
+@@ -861,4 +1097,39 @@ http_prepare_error_response(const struct request *req,
  			res->status = S_INTERNAL_SERVER_ERROR;
  		}
  	}
@@ -412,9 +413,10 @@ index f1e15a4..4ceef04 100644
 +			      "realm=\"%s\", "
 +			      "qop=\"auth\", "
 +			      "algorithm=MD5, "
-+			      "stale=false, "
++			      "stale=%s, "
 +			      "nonce=\"%s\"",
 +			      req->realm->name,
++			      req->stale ? "true" : "false",
 +			      nonce)) {
 +			res->status = S_INTERNAL_SERVER_ERROR;
 +		} else {
@@ -433,7 +435,7 @@ index f1e15a4..4ceef04 100644
 +	}
  }
 diff --git a/http.h b/http.h
-index bfaa807..12de2eb 100644
+index bfaa807..215bb8f 100644
 --- a/http.h
 +++ b/http.h
 @@ -12,6 +12,7 @@ enum req_field {
@@ -444,15 +446,16 @@ index bfaa807..12de2eb 100644
  	NUM_REQ_FIELDS,
  };
  
-@@ -28,6 +29,7 @@ extern const char *req_method_str[];
+@@ -28,6 +29,8 @@ extern const char *req_method_str[];
  struct request {
  	enum req_method method;
  	char uri[PATH_MAX];
 +	struct realm *realm;
++	int stale;
  	char field[NUM_REQ_FIELDS][FIELD_MAX];
  };
  
-@@ -37,6 +39,7 @@ enum status {
+@@ -37,6 +40,7 @@ enum status {
  	S_MOVED_PERMANENTLY     = 301,
  	S_NOT_MODIFIED          = 304,
  	S_BAD_REQUEST           = 400,
@@ -460,7 +463,7 @@ index bfaa807..12de2eb 100644
  	S_FORBIDDEN             = 403,
  	S_NOT_FOUND             = 404,
  	S_METHOD_NOT_ALLOWED    = 405,
-@@ -57,6 +60,7 @@ enum res_field {
+@@ -57,6 +61,7 @@ enum res_field {
  	RES_CONTENT_LENGTH,
  	RES_CONTENT_RANGE,
  	RES_CONTENT_TYPE,
@@ -468,7 +471,7 @@ index bfaa807..12de2eb 100644
  	NUM_RES_FIELDS,
  };
  
-@@ -72,6 +76,7 @@ enum res_type {
+@@ -72,6 +77,7 @@ enum res_type {
  struct response {
  	enum res_type type;
  	enum status status;
@@ -476,7 +479,7 @@ index bfaa807..12de2eb 100644
  	char field[NUM_RES_FIELDS][FIELD_MAX];
  	char uri[PATH_MAX];
  	char path[PATH_MAX];
-@@ -83,6 +88,7 @@ struct response {
+@@ -83,6 +89,7 @@ struct response {
  
  enum conn_state {
  	C_VACANT,
@@ -484,7 +487,7 @@ index bfaa807..12de2eb 100644
  	C_RECV_HEADER,
  	C_SEND_HEADER,
  	C_SEND_BODY,
-@@ -91,6 +97,7 @@ enum conn_state {
+@@ -91,6 +98,7 @@ enum conn_state {
  
  struct connection {
  	enum conn_state state;
@@ -492,7 +495,7 @@ index bfaa807..12de2eb 100644
  	int fd;
  	struct sockaddr_storage ia;
  	struct request req;
-@@ -99,13 +106,25 @@ struct connection {
+@@ -99,13 +107,25 @@ struct connection {
  	size_t progress;
  };

	sites public wiki contents of suckless.org
	git clone git://git.suckless.org/sites
	Log \| Files \| Refs