From de44fe7893da8d8c9903f1a7268fa6fe03446d36 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Wed, 11 Jun 2008 22:03:08 +0000 Subject: Allow better migration of live digest sessions between httpauth daemons by using the 'stale' flag when things seem out of date. --- daemon/digest.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'daemon/digest.c') diff --git a/daemon/digest.c b/daemon/digest.c index 21cb453..93f433b 100644 --- a/daemon/digest.c +++ b/daemon/digest.c @@ -242,20 +242,22 @@ int digest_parse(const char* head, ha_buffer_t* buf, digest_header_t* rec) return HA_OK; } -int digest_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf) +int digest_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf, int *stale) { int r; - r = digest_pre_check(dg, opts, buf); + r = digest_pre_check(dg, opts, buf, stale); if(r == HA_OK) r = digest_complete_check(dg, opts, buf); return r; } -int digest_pre_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf) +int digest_pre_check(digest_context_t* dg, const ha_context_t* opts, + ha_buffer_t* buf, int *stale) { ASSERT(buf && buf && dg); + ASSERT(stale); /* Check for digest */ if(!dg->client.digest || !dg->client.digest[0]) @@ -337,6 +339,7 @@ int digest_pre_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t ha_messagex(NULL, LOG_WARNING, "digest response has wrong nc value: %s " "possible replay attack, should be: %d", dg->client.nc, dg->server_nc); + *stale = 1; return HA_FALSE; } } -- cgit v1.2.3