From e2d934b54dbcc35c134d3407ebefec50e525f6fe Mon Sep 17 00:00:00 2001 From: pixel Date: Mon, 23 Jul 2007 14:05:42 +0000 Subject: Adding support for the digest auth method. --- lib/HttpServ.cc | 34 ++++++++++++++++++++++++++++++---- lib/LuaHttp.cc | 6 +++++- 2 files changed, 35 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/HttpServ.cc b/lib/HttpServ.cc index b9fb06b..2558509 100644 --- a/lib/HttpServ.cc +++ b/lib/HttpServ.cc @@ -17,8 +17,9 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* $Id: HttpServ.cc,v 1.53 2007-07-23 08:36:38 pixel Exp $ */ +/* $Id: HttpServ.cc,v 1.54 2007-07-23 14:05:42 pixel Exp $ */ +#include "sha1.h" #ifdef HAVE_CONFIG_H #include "config.h" #endif @@ -52,7 +53,7 @@ class ProcessRequest : public Task { void SendHeads(Handle *, const String &, const String & = "", time_t = -1); void SendRedirect(Handle *); - String file, domain, t, Uri; + String file, domain, t, Method, Uri; Buffer b; Task * c, * a; Action * f; @@ -234,6 +235,7 @@ int ProcessRequest::Do() throw(GeneralException) { request.dip = s.GetDistantAddr(); request.lport = s.GetPort(); request.dport = s.GetDistantPort(); + request.method = Method; d->Do(request, &response); a = response.BuildResponse(&s); } else { @@ -367,6 +369,7 @@ bool ProcessRequest::ParseUri(String & file, String & domain, String & gvars, Ha // std::cerr << "Error: unknow request.\n"; bad = true; } + Method = "POST"; break; case 'G': /* GET? */ if (t.extract(1, 3) == "ET ") { @@ -375,10 +378,12 @@ bool ProcessRequest::ParseUri(String & file, String & domain, String & gvars, Ha // std::cerr << "Error: unknow request.\n"; bad = true; } + Method = "GET"; break; default: // std::cerr << "Error: unknow request.\n"; bad = true; + Method = "Unknown"; } if (!bad) { @@ -666,11 +671,32 @@ void HttpResponse::PrepareResponse(Handle * b) { (*b) << "Location: " << location << "\r\n"; break; case HTTP_401_UNAUTHORIZED: - (*b) << "WWW-Authenticate: Basic realm=\"" << location << "\"\r\n"; + if (domain != "") { + String to_digest; + sha1_context sha1; + static const char hconv[] = "0123456789ABCDEF"; + Uint8 sha1sum[20]; + char sha1sum_r[41]; + int i; + + to_digest = location + ":" + ((Uint64) time(0)) + ":" + domain + ":" + rand(); + sha1_starts(&sha1); + sha1_update(&sha1, (const unsigned char *) to_digest.to_charp(), to_digest.strlen()); + sha1_finish(&sha1, sha1sum); + + for (i = 0; i < 20; i++) { + sha1sum_r[i * 2 + 0] = hconv[sha1sum[i] >> 4]; + sha1sum_r[i * 2 + 1] = hconv[sha1sum[i] % 16]; + } + sha1sum_r[40] = 0; + (*b) << "WWW-Authenticate: Digest realm=\"" << location << "\", domain=\"" << domain << "\", nonce=\"" << sha1sum_r << "\", algorithm=\"MD5\", qop=\"auth\"\r\n"; + } else { + (*b) << "WWW-Authenticate: Basic realm=\"" << location << "\"\r\n"; + } break; } } - if (last_modified >=0) { + if (last_modified >= 0) { ft = gmtime(&last_modified); strftime(buf, 1024, "%a, %d %b %Y %H:%M:%S GMT", ft); (*b) << "Last-Modified: " << buf << "\r\n"; diff --git a/lib/LuaHttp.cc b/lib/LuaHttp.cc index 81e263a..dc22822 100644 --- a/lib/LuaHttp.cc +++ b/lib/LuaHttp.cc @@ -17,7 +17,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ -/* $Id: LuaHttp.cc,v 1.19 2007-07-12 11:32:00 pixel Exp $ */ +/* $Id: LuaHttp.cc,v 1.20 2007-07-23 14:05:42 pixel Exp $ */ #include "md5.h" #include "Domain.h" @@ -357,6 +357,10 @@ void LuaDomain::Do(const HttpRequest & req, HttpResponse * res) throw (GeneralEx free(v); } L->settable(); + + L->push("method"); + L->push(req.method); + L->settable(); L->push("uri"); L->push(req.uri); -- cgit v1.2.3