OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 661 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
672 pos = static_cast<size_t>(temp_pos); | 672 pos = static_cast<size_t>(temp_pos); |
673 while ((pos < len) && isspace(static_cast<unsigned char>(line[pos]))) ++pos; | 673 while ((pos < len) && isspace(static_cast<unsigned char>(line[pos]))) ++pos; |
674 message.assign(line + pos, len - pos); | 674 message.assign(line + pos, len - pos); |
675 return HE_NONE; | 675 return HE_NONE; |
676 } | 676 } |
677 | 677 |
678 ////////////////////////////////////////////////////////////////////// | 678 ////////////////////////////////////////////////////////////////////// |
679 // Http Authentication | 679 // Http Authentication |
680 ////////////////////////////////////////////////////////////////////// | 680 ////////////////////////////////////////////////////////////////////// |
681 | 681 |
682 #define TEST_DIGEST 0 | |
683 #if TEST_DIGEST | |
684 /* | |
685 const char * const DIGEST_CHALLENGE = | |
686 "Digest realm=\"testrealm@host.com\"," | |
687 " qop=\"auth,auth-int\"," | |
688 " nonce=\"dcd98b7102dd2f0e8b11d0f600bfb0c093\"," | |
689 " opaque=\"5ccc069c403ebaf9f0171e9517f40e41\""; | |
690 const char * const DIGEST_METHOD = "GET"; | |
691 const char * const DIGEST_URI = | |
692 "/dir/index.html";; | |
693 const char * const DIGEST_CNONCE = | |
694 "0a4f113b"; | |
695 const char * const DIGEST_RESPONSE = | |
696 "6629fae49393a05397450978507c4ef1"; | |
697 //user_ = "Mufasa"; | |
698 //pass_ = "Circle Of Life"; | |
699 */ | |
700 const char * const DIGEST_CHALLENGE = | |
701 "Digest realm=\"Squid proxy-caching web server\"," | |
702 " nonce=\"Nny4QuC5PwiSDixJ\"," | |
703 " qop=\"auth\"," | |
704 " stale=false"; | |
705 const char * const DIGEST_URI = | |
706 "/"; | |
707 const char * const DIGEST_CNONCE = | |
708 "6501d58e9a21cee1e7b5fec894ded024"; | |
709 const char * const DIGEST_RESPONSE = | |
710 "edffcb0829e755838b073a4a42de06bc"; | |
711 #endif | |
712 | |
713 std::string quote(const std::string& str) { | 682 std::string quote(const std::string& str) { |
714 std::string result; | 683 std::string result; |
715 result.push_back('"'); | 684 result.push_back('"'); |
716 for (size_t i=0; i<str.size(); ++i) { | 685 for (size_t i=0; i<str.size(); ++i) { |
717 if ((str[i] == '"') || (str[i] == '\\')) | 686 if ((str[i] == '"') || (str[i] == '\\')) |
718 result.push_back('\\'); | 687 result.push_back('\\'); |
719 result.push_back(str[i]); | 688 result.push_back(str[i]); |
720 } | 689 } |
721 result.push_back('"'); | 690 result.push_back('"'); |
722 return result; | 691 return result; |
(...skipping 18 matching lines...) Expand all Loading... |
741 }; | 710 }; |
742 #endif // WEBRTC_WIN | 711 #endif // WEBRTC_WIN |
743 | 712 |
744 HttpAuthResult HttpAuthenticate( | 713 HttpAuthResult HttpAuthenticate( |
745 const char * challenge, size_t len, | 714 const char * challenge, size_t len, |
746 const SocketAddress& server, | 715 const SocketAddress& server, |
747 const std::string& method, const std::string& uri, | 716 const std::string& method, const std::string& uri, |
748 const std::string& username, const CryptString& password, | 717 const std::string& username, const CryptString& password, |
749 HttpAuthContext *& context, std::string& response, std::string& auth_method) | 718 HttpAuthContext *& context, std::string& response, std::string& auth_method) |
750 { | 719 { |
751 #if TEST_DIGEST | |
752 challenge = DIGEST_CHALLENGE; | |
753 len = strlen(challenge); | |
754 #endif | |
755 | |
756 HttpAttributeList args; | 720 HttpAttributeList args; |
757 HttpParseAttributes(challenge, len, args); | 721 HttpParseAttributes(challenge, len, args); |
758 HttpHasNthAttribute(args, 0, &auth_method, NULL); | 722 HttpHasNthAttribute(args, 0, &auth_method, NULL); |
759 | 723 |
760 if (context && (context->auth_method != auth_method)) | 724 if (context && (context->auth_method != auth_method)) |
761 return HAR_IGNORE; | 725 return HAR_IGNORE; |
762 | 726 |
763 // BASIC | 727 // BASIC |
764 if (_stricmp(auth_method.c_str(), "basic") == 0) { | 728 if (_stricmp(auth_method.c_str(), "basic") == 0) { |
765 if (context) | 729 if (context) |
(...skipping 23 matching lines...) Expand all Loading... |
789 // DIGEST | 753 // DIGEST |
790 if (_stricmp(auth_method.c_str(), "digest") == 0) { | 754 if (_stricmp(auth_method.c_str(), "digest") == 0) { |
791 if (context) | 755 if (context) |
792 return HAR_CREDENTIALS; // Bad credentials | 756 return HAR_CREDENTIALS; // Bad credentials |
793 if (username.empty()) | 757 if (username.empty()) |
794 return HAR_CREDENTIALS; // Missing credentials | 758 return HAR_CREDENTIALS; // Missing credentials |
795 | 759 |
796 context = new HttpAuthContext(auth_method); | 760 context = new HttpAuthContext(auth_method); |
797 | 761 |
798 std::string cnonce, ncount; | 762 std::string cnonce, ncount; |
799 #if TEST_DIGEST | |
800 method = DIGEST_METHOD; | |
801 uri = DIGEST_URI; | |
802 cnonce = DIGEST_CNONCE; | |
803 #else | |
804 char buffer[256]; | 763 char buffer[256]; |
805 sprintf(buffer, "%d", static_cast<int>(time(0))); | 764 sprintf(buffer, "%d", static_cast<int>(time(0))); |
806 cnonce = MD5(buffer); | 765 cnonce = MD5(buffer); |
807 #endif | |
808 ncount = "00000001"; | 766 ncount = "00000001"; |
809 | 767 |
810 std::string realm, nonce, qop, opaque; | 768 std::string realm, nonce, qop, opaque; |
811 HttpHasAttribute(args, "realm", &realm); | 769 HttpHasAttribute(args, "realm", &realm); |
812 HttpHasAttribute(args, "nonce", &nonce); | 770 HttpHasAttribute(args, "nonce", &nonce); |
813 bool has_qop = HttpHasAttribute(args, "qop", &qop); | 771 bool has_qop = HttpHasAttribute(args, "qop", &qop); |
814 bool has_opaque = HttpHasAttribute(args, "opaque", &opaque); | 772 bool has_opaque = HttpHasAttribute(args, "opaque", &opaque); |
815 | 773 |
816 // TODO: convert sensitive to be secure buffer | 774 // TODO: convert sensitive to be secure buffer |
817 //std::string A1 = username + ":" + realm + ":" + password; | 775 //std::string A1 = username + ":" + realm + ":" + password; |
(...skipping 12 matching lines...) Expand all Loading... |
830 middle = nonce + ":" + ncount + ":" + cnonce + ":" + qop; | 788 middle = nonce + ":" + ncount + ":" + cnonce + ":" + qop; |
831 } else { | 789 } else { |
832 middle = nonce; | 790 middle = nonce; |
833 } | 791 } |
834 std::string HA1 = MD5(sensitive); | 792 std::string HA1 = MD5(sensitive); |
835 memset(sensitive, 0, len); | 793 memset(sensitive, 0, len); |
836 delete [] sensitive; | 794 delete [] sensitive; |
837 std::string HA2 = MD5(A2); | 795 std::string HA2 = MD5(A2); |
838 std::string dig_response = MD5(HA1 + ":" + middle + ":" + HA2); | 796 std::string dig_response = MD5(HA1 + ":" + middle + ":" + HA2); |
839 | 797 |
840 #if TEST_DIGEST | |
841 RTC_DCHECK(strcmp(dig_response.c_str(), DIGEST_RESPONSE) == 0); | |
842 #endif | |
843 | |
844 std::stringstream ss; | 798 std::stringstream ss; |
845 ss << auth_method; | 799 ss << auth_method; |
846 ss << " username=" << quote(username); | 800 ss << " username=" << quote(username); |
847 ss << ", realm=" << quote(realm); | 801 ss << ", realm=" << quote(realm); |
848 ss << ", nonce=" << quote(nonce); | 802 ss << ", nonce=" << quote(nonce); |
849 ss << ", uri=" << quote(uri); | 803 ss << ", uri=" << quote(uri); |
850 if (has_qop) { | 804 if (has_qop) { |
851 ss << ", qop=" << qop; | 805 ss << ", qop=" << qop; |
852 ss << ", nc=" << ncount; | 806 ss << ", nc=" << ncount; |
853 ss << ", cnonce=" << quote(cnonce); | 807 ss << ", cnonce=" << quote(cnonce); |
(...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1046 } | 1000 } |
1047 #endif | 1001 #endif |
1048 #endif // WEBRTC_WIN | 1002 #endif // WEBRTC_WIN |
1049 | 1003 |
1050 return HAR_IGNORE; | 1004 return HAR_IGNORE; |
1051 } | 1005 } |
1052 | 1006 |
1053 ////////////////////////////////////////////////////////////////////// | 1007 ////////////////////////////////////////////////////////////////////// |
1054 | 1008 |
1055 } // namespace rtc | 1009 } // namespace rtc |
OLD | NEW |