diff options
| author | pixel <pixel> | 2007-07-23 14:05:42 +0000 |
|---|---|---|
| committer | pixel <pixel> | 2007-07-23 14:05:42 +0000 |
| commit | e2d934b54dbcc35c134d3407ebefec50e525f6fe (patch) | |
| tree | c061e8fe9f25067638d7317813bbc42b432b9f19 /lib/HttpServ.cc | |
| parent | fc0f17c6e371dd13df72cea2e8ad67b062c630d9 (diff) | |
Adding support for the digest auth method.
Diffstat (limited to 'lib/HttpServ.cc')
| -rw-r--r-- | lib/HttpServ.cc | 34 |
1 files changed, 30 insertions, 4 deletions
diff --git a/lib/HttpServ.cc b/lib/HttpServ.cc index b9fb06b..2558509 100644 --- a/lib/HttpServ.cc +++ b/lib/HttpServ.cc @@ -17,8 +17,9 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* $Id: HttpServ.cc,v 1.53 2007-07-23 08:36:38 pixel Exp $ */ +/* $Id: HttpServ.cc,v 1.54 2007-07-23 14:05:42 pixel Exp $ */ +#include "sha1.h" #ifdef HAVE_CONFIG_H #include "config.h" #endif @@ -52,7 +53,7 @@ class ProcessRequest : public Task { void SendHeads(Handle *, const String &, const String & = "", time_t = -1); void SendRedirect(Handle *); - String file, domain, t, Uri; + String file, domain, t, Method, Uri; Buffer b; Task * c, * a; Action * f; @@ -234,6 +235,7 @@ int ProcessRequest::Do() throw(GeneralException) { request.dip = s.GetDistantAddr(); request.lport = s.GetPort(); request.dport = s.GetDistantPort(); + request.method = Method; d->Do(request, &response); a = response.BuildResponse(&s); } else { @@ -367,6 +369,7 @@ bool ProcessRequest::ParseUri(String & file, String & domain, String & gvars, Ha // std::cerr << "Error: unknow request.\n"; bad = true; } + Method = "POST"; break; case 'G': /* GET? */ if (t.extract(1, 3) == "ET ") { @@ -375,10 +378,12 @@ bool ProcessRequest::ParseUri(String & file, String & domain, String & gvars, Ha // std::cerr << "Error: unknow request.\n"; bad = true; } + Method = "GET"; break; default: // std::cerr << "Error: unknow request.\n"; bad = true; + Method = "Unknown"; } if (!bad) { @@ -666,11 +671,32 @@ void HttpResponse::PrepareResponse(Handle * b) { (*b) << "Location: " << location << "\r\n"; break; case HTTP_401_UNAUTHORIZED: - (*b) << "WWW-Authenticate: Basic realm=\"" << location << "\"\r\n"; + if (domain != "") { + String to_digest; + sha1_context sha1; + static const char hconv[] = "0123456789ABCDEF"; + Uint8 sha1sum[20]; + char sha1sum_r[41]; + int i; + + to_digest = location + ":" + ((Uint64) time(0)) + ":" + domain + ":" + rand(); + sha1_starts(&sha1); + sha1_update(&sha1, (const unsigned char *) to_digest.to_charp(), to_digest.strlen()); + sha1_finish(&sha1, sha1sum); + + for (i = 0; i < 20; i++) { + sha1sum_r[i * 2 + 0] = hconv[sha1sum[i] >> 4]; + sha1sum_r[i * 2 + 1] = hconv[sha1sum[i] % 16]; + } + sha1sum_r[40] = 0; + (*b) << "WWW-Authenticate: Digest realm=\"" << location << "\", domain=\"" << domain << "\", nonce=\"" << sha1sum_r << "\", algorithm=\"MD5\", qop=\"auth\"\r\n"; + } else { + (*b) << "WWW-Authenticate: Basic realm=\"" << location << "\"\r\n"; + } break; } } - if (last_modified >=0) { + if (last_modified >= 0) { ft = gmtime(&last_modified); strftime(buf, 1024, "%a, %d %b %Y %H:%M:%S GMT", ft); (*b) << "Last-Modified: " << buf << "\r\n"; |