Mirrors/libwebsockets
1
0
Fork 0
mirror of https://github.com/warmcat/libwebsockets.git synced 2025-03-30 00:00:16 +01:00
Code Issues Releases Wiki Activity

basic-auth: allow NUL in password

Browse source 
https://github.com/warmcat/libwebsockets/issues/3092
This commit is contained in:
c-jimenez 2024-03-11 07:47:27 +00:00 committed by Andy Green
parent 992f40c7a1
commit c57c239368
2 changed files with 33 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
include/libwebsockets/lws-client.h
View file

@ -417,6 +417,26 @@ lws_client_http_multipart(struct lws *wsi, const char *name,
LWS_VISIBLE LWS_EXTERN int LWS_VISIBLE LWS_EXTERN int
lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len); lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len);
/**
* lws_http_basic_auth_gen2() - helper to encode client basic auth string
*
* \param user: user name
* \param pw: password
* \param pwd_len: count of bytes in password
* \param buf: where to store base64 result
* \param len: max usable size of buf
*
* Encodes a username and password in Basic Auth format for use with the
* Authorization header. On return, buf is filled with something like
* "Basic QWxhZGRpbjpPcGVuU2VzYW1l".
*
* This differs from lws_http_baic_auth_gen() in that NUL bytes can
* appear in the password due to an explicit password length argument.
*/
LWS_VISIBLE LWS_EXTERN int
lws_http_basic_auth_gen2(const char *user, const void *pw, size_t pwd_len,
char *buf, size_t len);
/** /**
* lws_tls_session_is_reused() - returns nonzero if tls session was cached * lws_tls_session_is_reused() - returns nonzero if tls session was cached
* *

17
lib/roles/http/client/client-http.c
View file

@ -1686,9 +1686,10 @@ lws_generate_client_handshake(struct lws *wsi, char *pkt)
#if defined(LWS_WITH_HTTP_BASIC_AUTH) #if defined(LWS_WITH_HTTP_BASIC_AUTH)
int int
lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len) lws_http_basic_auth_gen2(const char *user, const void *pw, size_t pwd_len,
char *buf, size_t len)
{ {
size_t n = strlen(user), m = strlen(pw); size_t n = strlen(user), m = pwd_len;
char b[128]; char b[128];
if (len < 6 + ((4 * (n + m + 1)) / 3) + 1) if (len < 6 + ((4 * (n + m + 1)) / 3) + 1)
@ -1696,16 +1697,24 @@ lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len)
memcpy(buf, "Basic ", 6); memcpy(buf, "Basic ", 6);
n = (unsigned int)lws_snprintf(b, sizeof(b), "%s:%s", user, pw); n = (unsigned int)lws_snprintf(b, sizeof(b), "%s:", user);
if (n >= sizeof(b) - 2) if ((n + pwd_len) >= sizeof(b) - 2)
return 2; return 2;
memcpy(&b[n], pw, pwd_len);
n += pwd_len;
lws_b64_encode_string(b, (int)n, buf + 6, (int)len - 6); lws_b64_encode_string(b, (int)n, buf + 6, (int)len - 6);
buf[len - 1] = '\0'; buf[len - 1] = '\0';
return 0; return 0;
} }
int lws_http_basic_auth_gen(const char *user, const char *pw, char *buf, size_t len)
{
return lws_http_basic_auth_gen2(user, pw, strlen(pw), buf, len);
}
#endif #endif
int int