[FFmpeg-cvslog] r22667 - in trunk/libavformat: httpauth.c httpauth.h
Daniel Verkamp
daniel
Fri Apr 2 23:55:57 CEST 2010
On Thu, Mar 25, 2010 at 8:58 AM, mstorsjo <subversion at mplayerhq.hu> wrote:
> Author: mstorsjo
> Date: Thu Mar 25 14:58:26 2010
> New Revision: 22667
>
> Log:
> Add support for http digest authentication
>
[...]
> +/* Generate a digest reply, according to RFC 2617. */
> +static char *make_digest_auth(HTTPAuthState *state, const char *username,
> + ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?const char *password, const char *uri,
> + ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?const char *method)
> +{
> + ? ?DigestParams *digest = &state->digest_params;
> + ? ?int len;
> + ? ?uint32_t cnonce_buf[2];
> + ? ?char cnonce[9];
> + ? ?char nc[9];
> + ? ?int i;
> + ? ?char A1hash[33], A2hash[33], response[33];
> + ? ?struct AVMD5 *md5ctx;
> + ? ?uint8_t hash[16];
> + ? ?char *authstr;
> +
> + ? ?digest->nc++;
> + ? ?snprintf(nc, sizeof(nc), "%08x", digest->nc);
> +
> + ? ?/* Generate a client nonce. */
> + ? ?for (i = 0; i < 2; i++)
> + ? ? ? ?cnonce_buf[i] = ff_random_get_seed();
> + ? ?ff_data_to_hex(cnonce, (const uint8_t*) cnonce_buf, sizeof(cnonce_buf), 1);
> + ? ?cnonce[2*sizeof(cnonce_buf)] = 0;
GCC warns that this is out of array bounds, and I think it is right:
2*sizeof(cnonce_buf) = 16, but cnonce is only 9 entries long.
Thanks,
-- Daniel Verkamp
More information about the ffmpeg-cvslog
mailing list