X-Git-Url: https://git.sesse.net/?a=blobdiff_plain;f=libavformat%2Fhttpauth.c;h=b96da3ef128e22e18512ac989cb720ff7fafdb78;hb=8895bf7b78650c0c21c88cec0484e138ec511a4b;hp=c8b8ace3c2fd9691bf5fba083571e1cb480c9cb7;hpb=b911518d1c17223aa7fb83ace08b2bd41c203da0;p=ffmpeg diff --git a/libavformat/httpauth.c b/libavformat/httpauth.c index c8b8ace3c2f..b96da3ef128 100644 --- a/libavformat/httpauth.c +++ b/libavformat/httpauth.c @@ -25,8 +25,8 @@ #include "internal.h" #include "libavutil/random_seed.h" #include "libavutil/md5.h" +#include "urldecode.h" #include "avformat.h" -#include static void handle_basic_params(HTTPAuthState *state, const char *key, int key_len, char **dest, int *dest_len) @@ -57,6 +57,9 @@ static void handle_digest_params(HTTPAuthState *state, const char *key, } else if (!strncmp(key, "qop=", key_len)) { *dest = digest->qop; *dest_len = sizeof(digest->qop); + } else if (!strncmp(key, "stale=", key_len)) { + *dest = digest->stale; + *dest_len = sizeof(digest->stale); } } @@ -76,8 +79,8 @@ static void choose_qop(char *qop, int size) char *ptr = strstr(qop, "auth"); char *end = ptr + strlen("auth"); - if (ptr && (!*end || isspace(*end) || *end == ',') && - (ptr == qop || isspace(ptr[-1]) || ptr[-1] == ',')) { + if (ptr && (!*end || av_isspace(*end) || *end == ',') && + (ptr == qop || av_isspace(ptr[-1]) || ptr[-1] == ',')) { av_strlcpy(qop, "auth", size); } else { qop[0] = 0; @@ -93,6 +96,7 @@ void ff_http_auth_handle_header(HTTPAuthState *state, const char *key, state->auth_type <= HTTP_AUTH_BASIC) { state->auth_type = HTTP_AUTH_BASIC; state->realm[0] = 0; + state->stale = 0; ff_parse_key_value(p, (ff_parse_key_val_cb) handle_basic_params, state); } else if (av_stristart(value, "Digest ", &p) && @@ -100,10 +104,13 @@ void ff_http_auth_handle_header(HTTPAuthState *state, const char *key, state->auth_type = HTTP_AUTH_DIGEST; memset(&state->digest_params, 0, sizeof(DigestParams)); state->realm[0] = 0; + state->stale = 0; ff_parse_key_value(p, (ff_parse_key_val_cb) handle_digest_params, state); choose_qop(state->digest_params.qop, sizeof(state->digest_params.qop)); + if (!av_strcasecmp(state->digest_params.stale, "true")) + state->stale = 1; } } else if (!strcmp(key, "Authentication-Info")) { ff_parse_key_value(value, (ff_parse_key_val_cb) handle_digest_update, @@ -151,7 +158,7 @@ static char *make_digest_auth(HTTPAuthState *state, const char *username, ff_data_to_hex(cnonce, (const uint8_t*) cnonce_buf, sizeof(cnonce_buf), 1); cnonce[2*sizeof(cnonce_buf)] = 0; - md5ctx = av_malloc(av_md5_size); + md5ctx = av_md5_alloc(); if (!md5ctx) return NULL; @@ -237,22 +244,35 @@ char *ff_http_auth_create_response(HTTPAuthState *state, const char *auth, { char *authstr = NULL; + /* Clear the stale flag, we assume the auth is ok now. It is reset + * by the server headers if there's a new issue. */ + state->stale = 0; if (!auth || !strchr(auth, ':')) return NULL; if (state->auth_type == HTTP_AUTH_BASIC) { - int auth_b64_len = AV_BASE64_SIZE(strlen(auth)); - int len = auth_b64_len + 30; - char *ptr; + int auth_b64_len, len; + char *ptr, *decoded_auth = ff_urldecode(auth); + + if (!decoded_auth) + return NULL; + + auth_b64_len = AV_BASE64_SIZE(strlen(decoded_auth)); + len = auth_b64_len + 30; + authstr = av_malloc(len); - if (!authstr) + if (!authstr) { + av_free(decoded_auth); return NULL; + } + snprintf(authstr, len, "Authorization: Basic "); ptr = authstr + strlen(authstr); - av_base64_encode(ptr, auth_b64_len, auth, strlen(auth)); + av_base64_encode(ptr, auth_b64_len, decoded_auth, strlen(decoded_auth)); av_strlcat(ptr, "\r\n", len - (ptr - authstr)); + av_free(decoded_auth); } else if (state->auth_type == HTTP_AUTH_DIGEST) { - char *username = av_strdup(auth), *password; + char *username = ff_urldecode(auth), *password; if (!username) return NULL; @@ -265,4 +285,3 @@ char *ff_http_auth_create_response(HTTPAuthState *state, const char *auth, } return authstr; } -