static gboolean auth_backend_htdigest(liVRequest *vr, const GString *username, const GString *password, AuthBasicData *bdata, gboolean debug) { const char *pass, *realm; AuthFileData *afd = auth_file_get_data(vr->wrk, bdata->data); GChecksum *md5sum; gboolean res = FALSE; if (NULL == afd) return FALSE; /* unknown user? */ if (!(pass = g_hash_table_lookup(afd->users, username->str))) { if (debug) { VR_DEBUG(vr, "User \"%s\" not found", username->str); } goto out; } realm = pass; pass = strchr(pass, ':'); /* no realm/wrong realm? */ if (NULL == pass || 0 != strncmp(realm, bdata->realm->str, bdata->realm->len)) { if (debug) { VR_DEBUG(vr, "Realm for user \"%s\" doesn't match", username->str); } goto out; } pass++; md5sum = g_checksum_new(G_CHECKSUM_MD5); g_checksum_update(md5sum, GUSTR_LEN(username)); g_checksum_update(md5sum, CONST_USTR_LEN(":")); g_checksum_update(md5sum, GUSTR_LEN(bdata->realm)); g_checksum_update(md5sum, CONST_USTR_LEN(":")); g_checksum_update(md5sum, GUSTR_LEN(password)); /* wrong password? */ if (g_str_equal(pass, g_checksum_get_string(md5sum))) { res = TRUE; } else { if (debug) { VR_DEBUG(vr, "Password digest \"%s\" doesn't match \"%s\" for user \"%s\"", g_checksum_get_string(md5sum), pass, username->str); } } g_checksum_free(md5sum); out: auth_file_data_release(afd); return res; }
/* len != 0 */ static void http_chunk_append_len(liChunkQueue *cq, size_t len) { size_t i, olen = len, j; GByteArray *a; a = g_byte_array_sized_new(sizeof(len) * 2 + 2); for (i = 0; i < 8 && len; i++) { len >>= 4; } /* i is the number of hex digits we have */ g_byte_array_set_size(a, i); for (j = i, len = olen; j-- > 0; ) { a->data[j] = (len & 0xf) + (((len & 0xf) <= 9) ? '0' : 'a' - 10); len >>= 4; } g_byte_array_append(a, CONST_USTR_LEN("\r\n")); li_chunkqueue_append_bytearr(cq, a); }