/* * HttpAuth * * Copyright (C) 2004 Stefan Walter * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. * See the GNU General Public License for more details. * You should have received a copy of the GNU General Public License * along with this program; if not, write to the * Free Software Foundation, Inc., * 59 Temple Place, Suite 330, * Boston, MA 02111-1307, USA. */ #ifndef __DIGEST_H__ #define __DIGEST_H__ #include "httpauthd.h" #include "md5.h" #include #define DIGEST_NONCE_LEN sizeof(time_t) + sizeof(unsigned int) + MD5_LEN #define DIGEST_SECRET_LEN 16 /* Parsed Digest response from the client */ typedef struct digest_header { const char* scheme; const char* realm; const char* username; const char* nonce; const char* uri; const char* method; const char* digest; const char* algorithm; const char* cnonce; const char* opaque; const char* qop; const char* nc; } digest_header_t; typedef struct digest_context { digest_header_t client; long server_nc; const char* server_uri; const char* server_method; unsigned char server_userhash[MD5_LEN]; unsigned char server_ha1[MD5_LEN]; } digest_context_t; void digest_makeha1(unsigned char* digest, const char* user, const char* realm, const char* password); int digest_parse(const char* header, ha_buffer_t* buf, digest_header_t* dg); const char* digest_challenge(ha_buffer_t* buf, const char* nonce_str, const char* realm, const char* domains, int stale); /* * Validate digest headers once they've been parsed. Note that it's up * to the caller to validate the 'username' and 'nonce' fields. */ int digest_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf); int digest_pre_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf); /* This assumes a digest_context that's been prechecked successfully */ int digest_complete_check(digest_context_t* dg, const ha_context_t* opts, ha_buffer_t* buf); /* This assumes a digest_context that's been checked and validated successfully */ const char* digest_respond(digest_context_t* dg, ha_buffer_t* buf, unsigned char* next); void digest_makenonce(unsigned char* nonce, unsigned char* secret, unsigned char* old); int digest_checknonce(unsigned char* nonce, unsigned char* secret, time_t* tm); void digest_escape (ha_buffer_t *buf, const char *orig); #endif /* __DIGEST_H__ */