diff options
| author | Michael R Sweet <michaelrsweet@gmail.com> | 2017-11-06 16:19:27 -0500 |
|---|---|---|
| committer | Michael R Sweet <michaelrsweet@gmail.com> | 2017-11-06 16:28:31 -0500 |
| commit | 7ec11630684301572cb7d19a95c244c104961a2a (patch) | |
| tree | 75940c5fb6da6293797bae904c7865433ead08e7 /cgi-bin | |
| parent | 054eee9cd0555f836ef9ad87f21d6e6ace1d47f1 (diff) | |
| download | cups-7ec11630684301572cb7d19a95c244c104961a2a.tar.gz | |
Support the latest HTTP Digest authentication specification (Issue #4862)
Also deprecates all httpMD5* functions.
- cgi-bin/var.c: Use cupsHashData to compute SID hash.
- cups/auth.c: Rewrite WWW-Authenticate parser to support multiple auth schemes
and the new RFC 7616 version of HTTP Digest.
- cups/cups.h: Add cupsHashString function to get a hex version of a hash.
- cups/hash.c: Add MD5 support.
- cups/http.c: Track WWW-Authenticate in a long string, concatenate new set
values.
- cups/http.h: Deprecate httpMD5* and recommend cupsDoAuth and cupsHash*.
- cups/http-private.h: Pull MD5 stuff, nonce_count is unsigned, track
WWW-Authenticate header as a potentially long string.
- cups/http-support.c: Use cupsHashData to compute UUID hash.
- cups/md5.c: Comment everything out if we have an OS-supplied MD5 hash
function.
- cups/md5passwd.c: Use cupsHash* functions.
- cups/tls-*.c: Use cupsHash* functions.
- cups/versioning.h: Add CUPS_API_2_3 definition.
- scheduler/client.c: Update WWW-Authenticate header to include AuthRef,
Local, and PeerCred schemes with parameters as needed.
Diffstat (limited to 'cgi-bin')
| -rw-r--r-- | cgi-bin/var.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/cgi-bin/var.c b/cgi-bin/var.c index c50833cbd..649b65ba9 100644 --- a/cgi-bin/var.c +++ b/cgi-bin/var.c @@ -18,7 +18,6 @@ /*#define DEBUG*/ #include "cgi-private.h" #include <cups/http.h> -#include <cups/md5-private.h> /* @@ -1204,7 +1203,6 @@ cgi_set_sid(void) { char buffer[512], /* SID data */ sid[33]; /* SID string */ - _cups_md5_state_t md5; /* MD5 state */ unsigned char sum[16]; /* MD5 sum */ const char *remote_addr, /* REMOTE_ADDR */ *server_name, /* SERVER_NAME */ @@ -1225,11 +1223,9 @@ cgi_set_sid(void) (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255); - _cupsMD5Init(&md5); - _cupsMD5Append(&md5, (unsigned char *)buffer, (int)strlen(buffer)); - _cupsMD5Finish(&md5, sum); + cupsHashData("md5", (unsigned char *)buffer, strlen(buffer), sum, sizeof(sum)); - cgiSetCookie(CUPS_SID, httpMD5String(sum, sid), "/", NULL, 0, 0); + cgiSetCookie(CUPS_SID, cupsHashString(sum, sizeof(sum), sid, sizeof(sid)), "/", NULL, 0, 0); return (cupsGetOption(CUPS_SID, num_cookies, cookies)); } |