mirror/icwmp
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/icwmp.git synced 2025-12-10 07:44:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Return MHD_INVALID_NONCE when nonce_priv_key is NULL

Browse source
This commit is contained in:
Omar Kallel 2021-12-06 17:31:16 +01:00
parent 1e5c96de22
commit 88c8e28e6b
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
digestauth.c
View file

@ -396,7 +396,7 @@ int http_digest_auth_check(const char *http_method, const char *url, const char
}
if (nonce_privacy_key == NULL) {
if (generate_nonce_priv_key() != CWMP_OK)
return MHD_NO;
return MHD_INVALID_NONCE;
}
nonce_key_len = strlen(nonce_privacy_key);
calculate_nonce(nonce_time, http_method, nonce_privacy_key, nonce_key_len, url, realm, noncehashexp);
@ -413,7 +413,7 @@ int http_digest_auth_check(const char *http_method, const char *url, const char
if (0 != strcmp(nonce, noncehashexp)) {
CWMP_LOG(ERROR, "Nonce value is valid and possibly fabricated");
return MHD_INVALID_NONCE;
return MHD_NO;
}
if ((0 == lookup_sub_value(cnonce, sizeof(cnonce), header, "cnonce")) || (0 == lookup_sub_value(qop, sizeof(qop), header, "qop")) || ((0 != strcmp(qop, "auth")) && (0 != strcmp(qop, ""))) || (0 == lookup_sub_value(nc, sizeof(nc), header, "nc")) ||