From 93c4cb8ffab8bd76fa95545777d0bb1beae23e55 Mon Sep 17 00:00:00 2001 From: joe Date: Sat, 10 Sep 2016 19:12:46 +0000 Subject: * src/ne_md5.h: Allow ne_md5_create_ctx to return NULL. * src/ne_auth.c (auth_register): Disable Digest support without MD5 support. * test/auth.c (make_digest): Don't crash in above case. * test/util-tests.c (digest_md5, md5_alignment): Likewise. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1970 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845 --- src/ne_auth.c | 12 ++++++++++++ src/ne_md5.h | 4 +++- 2 files changed, 15 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/ne_auth.c b/src/ne_auth.c index 48a0cb5..96f34d3 100644 --- a/src/ne_auth.c +++ b/src/ne_auth.c @@ -1616,6 +1616,18 @@ static void auth_register(ne_session *sess, int isproxy, unsigned protomask, protomask |= NE_AUTH_GSSAPI_ONLY | NE_AUTH_SSPI; } + if (protomask | NE_AUTH_DIGEST) { + struct ne_md5_ctx *ctx = ne_md5_create_ctx(); + + if (ctx) { + ne_md5_destroy_ctx(ctx); + } + else { + NE_DEBUG(NE_DBG_HTTPAUTH, "auth: Disabling Digest support without MD5.\n"); + protomask &= ~NE_AUTH_DIGEST; + } + } + ahs = ne_get_session_private(sess, id); if (ahs == NULL) { ahs = ne_calloc(sizeof *ahs); diff --git a/src/ne_md5.h b/src/ne_md5.h index 9a625bc..cb850bf 100644 --- a/src/ne_md5.h +++ b/src/ne_md5.h @@ -34,7 +34,9 @@ NE_BEGIN_DECLS */ struct ne_md5_ctx; -/* Create structure containing state of computation. */ +/* Create structure containing state of computation. Can return NULL + * if the MD5 algorithm is prohibited (such as FIPS-enabled + * systems). */ extern struct ne_md5_ctx *ne_md5_create_ctx(void); /* Starting with the result of former calls of this function (or the -- cgit v1.2.1