[vlc-devel] [PATCH v4 04/14] src: http_auth: use new md5 API

Marvin Scholz epirat07 at gmail.com
Wed Apr 15 13:35:19 CEST 2020 

---
 src/network/http_auth.c | 137 +++++++++++++++++-----------------------
 1 file changed, 59 insertions(+), 78 deletions(-)

diff --git a/src/network/http_auth.c b/src/network/http_auth.c
index ff1796c25d..6d31d98cc0 100644
--- a/src/network/http_auth.c
+++ b/src/network/http_auth.c
@@ -32,7 +32,7 @@
 
 #include <vlc_common.h>
 #include <vlc_http.h>
-#include <vlc_md5.h>
+#include <vlc_hash.h>
 #include <vlc_rand.h>
 #include <vlc_strings.h>
 
@@ -87,137 +87,118 @@ static char *AuthGetParamNoQuotes( const char *psz_header, const char *psz_param
 static char *GenerateCnonce()
 {
     char ps_random[32];
-    struct md5_s md5;
+    char *md5_hex;
+    vlc_hash_md5_t md5;
+
+    md5_hex = malloc( VLC_HASH_MD5_DIGEST_HEX_SIZE );
+    if (unlikely( md5_hex == NULL ))
+        return NULL;
 
     vlc_rand_bytes( ps_random, sizeof( ps_random ) );
 
-    InitMD5( &md5 );
-    AddMD5( &md5, ps_random, sizeof( ps_random ) );
-    EndMD5( &md5 );
+    vlc_hash_md5_Init( &md5 );
+    vlc_hash_md5_Update( &md5, ps_random, sizeof( ps_random ) );
 
-    return psz_md5_hash( &md5 );
+    vlc_hash_FinishHex( &md5, md5_hex );
 }
 
 static char *AuthDigest( vlc_object_t *p_this, vlc_http_auth_t *p_auth,
                          const char *psz_method, const char *psz_path,
                          const char *psz_username, const char *psz_password )
 {
-    char *psz_HA1 = NULL;
-    char *psz_HA2 = NULL;
-    char *psz_ent = NULL;
+    char psz_HA1[VLC_HASH_MD5_DIGEST_HEX_SIZE];
+    char psz_HA2[VLC_HASH_MD5_DIGEST_HEX_SIZE];
+    char psz_ent[VLC_HASH_MD5_DIGEST_HEX_SIZE];
     char *psz_result = NULL;
     char psz_inonce[9];
-    struct md5_s md5;
-    struct md5_s ent;
+    vlc_hash_md5_t md5;
+    vlc_hash_md5_t ent;
 
     if ( p_auth->psz_realm == NULL )
     {
         msg_Warn( p_this, "Digest Authentication: "
                   "Mandatory 'realm' value not available" );
-        goto error;
+        return NULL;
     }
 
     /* H(A1) */
     if ( p_auth->psz_HA1 )
     {
-        psz_HA1 = strdup( p_auth->psz_HA1 );
-        if ( psz_HA1 == NULL )
-            goto error;
+        strncpy( psz_HA1, p_auth->psz_HA1, sizeof(psz_HA1) );
     }
     else
     {
-        InitMD5( &md5 );
-        AddMD5( &md5, psz_username, strlen( psz_username ) );
-        AddMD5( &md5, ":", 1 );
-        AddMD5( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) );
-        AddMD5( &md5, ":", 1 );
-        AddMD5( &md5, psz_password, strlen( psz_password ) );
-        EndMD5( &md5 );
-
-        psz_HA1 = psz_md5_hash( &md5 );
-        if ( psz_HA1 == NULL )
-            goto error;
+        vlc_hash_md5_Init( &md5 );
+        vlc_hash_md5_Update( &md5, psz_username, strlen( psz_username ) );
+        vlc_hash_md5_Update( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) );
+        vlc_hash_md5_Update( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, psz_password, strlen( psz_password ) );
+        vlc_hash_FinishHex( &md5, psz_HA1 );
 
         if ( p_auth->psz_algorithm &&
              strcmp( p_auth->psz_algorithm, "MD5-sess" ) == 0 )
         {
-            InitMD5( &md5 );
-            AddMD5( &md5, psz_HA1, 32 );
-            AddMD5( &md5, ":", 1 );
-            AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
-            AddMD5( &md5, ":", 1 );
-            AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
-            EndMD5( &md5 );
-
-            free( psz_HA1 );
-
-            psz_HA1 = psz_md5_hash( &md5 );
-            if ( psz_HA1 == NULL )
-                goto error;
+            vlc_hash_md5_Init( &md5 );
+            vlc_hash_md5_Update( &md5, psz_HA1, sizeof(psz_HA1) - 1 );
+            vlc_hash_md5_Update( &md5, ":", 1 );
+            vlc_hash_md5_Update( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
+            vlc_hash_md5_Update( &md5, ":", 1 );
+            vlc_hash_md5_Update( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
+            vlc_hash_FinishHex( &md5, psz_HA1 );
 
             p_auth->psz_HA1 = strdup( psz_HA1 );
             if ( p_auth->psz_HA1 == NULL )
-                goto error;
+                return NULL;
         }
     }
 
     /* H(A2) */
-    InitMD5( &md5 );
+    vlc_hash_md5_Init( &md5 );
     if ( *psz_method )
-        AddMD5( &md5, psz_method, strlen( psz_method ) );
-    AddMD5( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, psz_method, strlen( psz_method ) );
+    vlc_hash_md5_Update( &md5, ":", 1 );
     if ( psz_path )
-        AddMD5( &md5, psz_path, strlen( psz_path ) );
+        vlc_hash_md5_Update( &md5, psz_path, strlen( psz_path ) );
     else
-        AddMD5( &md5, "/", 1 );
+        vlc_hash_md5_Update( &md5, "/", 1 );
     if ( p_auth->psz_qop && strcmp( p_auth->psz_qop, "auth-int" ) == 0 )
     {
-        InitMD5( &ent );
+        vlc_hash_md5_Init( &ent );
         /* TODO: Support for "qop=auth-int" */
-        AddMD5( &ent, "", 0 );
-        EndMD5( &ent );
-
-        psz_ent = psz_md5_hash( &ent );
-        if ( psz_ent == NULL )
-            goto error;
-
-        AddMD5( &md5, ":", 1 );
-        AddMD5( &md5, psz_ent, 32 );
+        vlc_hash_md5_Update( &ent, "", 0 );
+        vlc_hash_FinishHex( &ent, psz_ent );
+        vlc_hash_md5_Update( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, psz_ent, sizeof(psz_ent) - 1 );
     }
-    EndMD5( &md5 );
 
-    psz_HA2 = psz_md5_hash( &md5 );
-    if ( psz_HA2 == NULL )
-        goto error;
+    vlc_hash_FinishHex( &md5, psz_HA2 );
 
     /* Request digest */
-    InitMD5( &md5 );
-    AddMD5( &md5, psz_HA1, 32 );
-    AddMD5( &md5, ":", 1 );
-    AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
-    AddMD5( &md5, ":", 1 );
+    vlc_hash_md5_Init( &md5 );
+    vlc_hash_md5_Update( &md5, psz_HA1, sizeof(psz_HA1) - 1 );
+    vlc_hash_md5_Update( &md5, ":", 1 );
+    vlc_hash_md5_Update( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
+    vlc_hash_md5_Update( &md5, ":", 1 );
     if ( p_auth->psz_qop &&
          ( strcmp( p_auth->psz_qop, "auth" ) == 0 ||
            strcmp( p_auth->psz_qop, "auth-int" ) == 0 ) )
     {
         snprintf( psz_inonce, sizeof( psz_inonce ), "%08x", p_auth->i_nonce );
-        AddMD5( &md5, psz_inonce, 8 );
-        AddMD5( &md5, ":", 1 );
-        AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
-        AddMD5( &md5, ":", 1 );
-        AddMD5( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) );
-        AddMD5( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, psz_inonce, 8 );
+        vlc_hash_md5_Update( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
+        vlc_hash_md5_Update( &md5, ":", 1 );
+        vlc_hash_md5_Update( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) );
+        vlc_hash_md5_Update( &md5, ":", 1 );
     }
-    AddMD5( &md5, psz_HA2, 32 );
-    EndMD5( &md5 );
+    vlc_hash_md5_Update( &md5, psz_HA2, sizeof(psz_HA2) - 1 );
 
-    psz_result = psz_md5_hash( &md5 );
-
-error:
-    free( psz_HA1 );
-    free( psz_HA2 );
-    free( psz_ent );
+    psz_result = malloc(VLC_HASH_MD5_DIGEST_HEX_SIZE);
+    if (psz_result == NULL)
+        return NULL;
 
+    vlc_hash_FinishHex( &md5, psz_result );
     return psz_result;
 }
 
-- 
2.24.1 (Apple Git-126)

More information about the vlc-devel mailing list