lib/cpp-httplib
1
0
Fork 0
mirror of synced 2025-04-19 00:24:02 +03:00
Code

Fix #1037

Browse Source
This commit is contained in:
yhirose 2021-09-10 22:42:14 -04:00
parent 461acb02f5
commit e1afe74fe2
1 changed files with 28 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
httplib.h
View File

@ -3957,17 +3957,15 @@ template <typename CTX, typename Init, typename Update, typename Final>
inline std::string message_digest(const std::string &s, Init init, inline std::string message_digest(const std::string &s, Init init,
Update update, Final final, Update update, Final final,
size_t digest_length) { size_t digest_length) {
using namespace std;
std::vector<unsigned char> md(digest_length, 0); std::vector<unsigned char> md(digest_length, 0);
CTX ctx; CTX ctx;
init(&ctx); init(&ctx);
update(&ctx, s.data(), s.size()); update(&ctx, s.data(), s.size());
final(md.data(), &ctx); final(md.data(), &ctx);
stringstream ss; std::stringstream ss;
for (auto c : md) { for (auto c : md) {
ss << setfill('0') << setw(2) << hex << (unsigned int)c; ss << std::setfill('0') << std::setw(2) << std::hex << (unsigned int)c;
} }
return ss.str(); return ss.str();
} }
@ -4035,39 +4033,46 @@ inline std::pair<std::string, std::string> make_digest_authentication_header(
const Request &req, const std::map<std::string, std::string> &auth, const Request &req, const std::map<std::string, std::string> &auth,
size_t cnonce_count, const std::string &cnonce, const std::string &username, size_t cnonce_count, const std::string &cnonce, const std::string &username,
const std::string &password, bool is_proxy = false) { const std::string &password, bool is_proxy = false) {
using namespace std; std::string nc;
string nc;
{ {
stringstream ss; std::stringstream ss;
ss << setfill('0') << setw(8) << hex << cnonce_count; ss << std::setfill('0') << std::setw(8) << std::hex << cnonce_count;
nc = ss.str(); nc = ss.str();
} }
auto qop = auth.at("qop"); std::string qop;
if (auth.find("qop") != auth.end()) {
qop = auth.at("qop");
if (qop.find("auth-int") != std::string::npos) { if (qop.find("auth-int") != std::string::npos) {
qop = "auth-int"; qop = "auth-int";
} else { } else if (qop.find("auth") != std::string::npos) {
qop = "auth"; qop = "auth";
} else {
qop.clear();
}
} }
std::string algo = "MD5"; std::string algo = "MD5";
if (auth.find("algorithm") != auth.end()) { algo = auth.at("algorithm"); } if (auth.find("algorithm") != auth.end()) { algo = auth.at("algorithm"); }
string response; std::string response;
{ {
auto H = algo == "SHA-256" auto H = algo == "SHA-256" ? detail::SHA_256
? detail::SHA_256 : algo == "SHA-512" ? detail::SHA_512
: algo == "SHA-512" ? detail::SHA_512 : detail::MD5; : detail::MD5;
auto A1 = username + ":" + auth.at("realm") + ":" + password; auto A1 = username + ":" + auth.at("realm") + ":" + password;
auto A2 = req.method + ":" + req.path; auto A2 = req.method + ":" + req.path;
if (qop == "auth-int") { A2 += ":" + H(req.body); } if (qop == "auth-int") { A2 += ":" + H(req.body); }
if (qop.empty()) {
response = H(H(A1) + ":" + auth.at("nonce") + ":" + H(A2));
} else {
response = H(H(A1) + ":" + auth.at("nonce") + ":" + nc + ":" + cnonce + response = H(H(A1) + ":" + auth.at("nonce") + ":" + nc + ":" + cnonce +
":" + qop + ":" + H(A2)); ":" + qop + ":" + H(A2));
} }
}
auto field = "Digest username=\"" + username + "\", realm=\"" + auto field = "Digest username=\"" + username + "\", realm=\"" +
auth.at("realm") + "\", nonce=\"" + auth.at("nonce") + auth.at("realm") + "\", nonce=\"" + auth.at("nonce") +