ret_t
cherokee_validator_digest_check (cherokee_validator_t *validator, cherokee_buffer_t *passwd, cherokee_connection_t *conn)
{
ret_t ret;
int re = -1;
cherokee_buffer_t a1 = CHEROKEE_BUF_INIT;
cherokee_buffer_t buf = CHEROKEE_BUF_INIT;
/* Sanity check
*/
if (cherokee_buffer_is_empty (&validator->user) ||
cherokee_buffer_is_empty (&validator->realm))
return ret_deny;
/* Build A1
*/
cherokee_buffer_ensure_size (&a1,
validator->user.len + 1 +
validator->realm.len + 1 +
passwd->len);
cherokee_buffer_add_buffer (&a1, &validator->user);
cherokee_buffer_add_str (&a1, ":");
cherokee_buffer_add_buffer (&a1, &validator->realm);
cherokee_buffer_add_str (&a1, ":");
cherokee_buffer_add_buffer (&a1, passwd);
cherokee_buffer_encode_md5_digest (&a1);
/* Build a possible response
*/
ret = cherokee_validator_digest_response (validator, a1.buf, &buf, conn);
if (unlikely(ret != ret_ok))
goto go_out;
/* Compare and return
*/
re = cherokee_buffer_cmp_buf (&conn->validator->response, &buf);
go_out:
cherokee_buffer_mrproper (&a1);
cherokee_buffer_mrproper (&buf);
return (re == 0) ? ret_ok : ret_deny;
}
static ret_t
validate_digest (cherokee_validator_htdigest_t *htdigest, cherokee_connection_t *conn, cherokee_buffer_t *file)
{
int re;
ret_t ret;
char *user = NULL;
char *realm = NULL;
char *passwd = NULL;
cherokee_buffer_t buf = CHEROKEE_BUF_INIT;
/* Sanity check
*/
if (cherokee_buffer_is_empty (&conn->validator->response))
return ret_error;
/* Extact the right entry information
*/
ret = extract_user_entry (file, conn->validator->user.buf, &user, &realm, &passwd);
if (unlikely(ret != ret_ok))
return ret;
/* Build the hash:
* In this case passwd is the HA1 hash: md5(user:realm:passwd)
*/
ret = cherokee_validator_digest_response (VALIDATOR(htdigest), passwd, &buf, conn);
if (unlikely(ret != ret_ok))
goto go_out;
/* Compare and return
*/
re = cherokee_buffer_cmp_buf (&conn->validator->response, &buf);
go_out:
cherokee_buffer_mrproper (&buf);
return (re == 0) ? ret_ok : ret_deny;
}
