mirror/icwmp
1
0
Fork 0
mirror of https://dev.iopsys.eu/bbf/icwmp.git synced 2026-03-14 21:10:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix the URI path for auth validation

Browse source
This commit is contained in:
vdutta 2022-07-26 18:41:58 +05:30
parent 58a32f910b
commit a3eaadd9d0
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/http.c
View file

@ -335,9 +335,10 @@ static void http_cr_new_client(int client, bool service_available)
while (fgets(buffer, sizeof(buffer), fp)) {
if (strstr(buffer, "GET ") != NULL && strstr(buffer, "HTTP/1.1") != NULL) {
// check if extra url parameter then ignore extra params
char rec_http_get_head[HTTP_GET_HDR_LEN];
int j = 0;
bool ignore = false;
char rec_http_get_head[HTTP_GET_HDR_LEN] = {0};
memset(rec_http_get_head, 0, HTTP_GET_HDR_LEN);
for (size_t i = 0; i < strlen(buffer) && j < (HTTP_GET_HDR_LEN - 1); i++) {
if (buffer[i] == '?')
@ -368,7 +369,7 @@ static void http_cr_new_client(int client, bool service_available)
goto http_end;
}
int auth_check = validate_http_digest_auth("GET", "/", auth_digest_buffer + strlen("Authorization: Digest "), REALM, username, password, 300);
int auth_check = validate_http_digest_auth("GET", cwmp_main.conf.connection_request_path, auth_digest_buffer + strlen("Authorization: Digest "), REALM, username, password, 300);
if (auth_check == -1) { /* invalid nonce */
internal_error = true;
goto http_end;