From 88c8e28e6b4986b52f3e6d8da45f26b5ee30469a Mon Sep 17 00:00:00 2001
From: Omar Kallel <omar.kallel@pivasoftware.com>
Date: Mon, 6 Dec 2021 17:31:16 +0100
Subject: [PATCH] Return MHD_INVALID_NONCE when nonce_priv_key is NULL

---
 digestauth.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/digestauth.c b/digestauth.c
index 7b3d669..d84b145 100644
--- a/digestauth.c
+++ b/digestauth.c
@@ -396,7 +396,7 @@ int http_digest_auth_check(const char *http_method, const char *url, const char
 		}
 		if (nonce_privacy_key == NULL) {
 			if (generate_nonce_priv_key() != CWMP_OK)
-				return MHD_NO;
+				return MHD_INVALID_NONCE;
 		}
 		nonce_key_len = strlen(nonce_privacy_key);
 		calculate_nonce(nonce_time, http_method, nonce_privacy_key, nonce_key_len, url, realm, noncehashexp);
@@ -413,7 +413,7 @@ int http_digest_auth_check(const char *http_method, const char *url, const char
 
 		if (0 != strcmp(nonce, noncehashexp)) {
 			CWMP_LOG(ERROR, "Nonce value is valid and possibly fabricated");
-			return MHD_INVALID_NONCE;
+			return MHD_NO;
 		}
 
 		if ((0 == lookup_sub_value(cnonce, sizeof(cnonce), header, "cnonce")) || (0 == lookup_sub_value(qop, sizeof(qop), header, "qop")) || ((0 != strcmp(qop, "auth")) && (0 != strcmp(qop, ""))) || (0 == lookup_sub_value(nc, sizeof(nc), header, "nc")) ||