1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
Index: auth.c
===================================================================
--- auth.c (revision 590)
+++ auth.c (working copy)
@@ -214,7 +214,7 @@
int createAuthHeaderMD5(char * user, char * password, int password_len, char * method,
char * uri, char * msgbody, char * auth,
char * algo, char * result) {
-
+ int res_len = 0;
unsigned char ha1[MD5_HASH_SIZE], ha2[MD5_HASH_SIZE];
unsigned char resp[MD5_HASH_SIZE], body[MD5_HASH_SIZE];
unsigned char ha1_hex[HASH_HEX_SIZE+1], ha2_hex[HASH_HEX_SIZE+1];
@@ -252,9 +252,9 @@
MD5_Final(ha1, &Md5Ctx);
hashToHex(&ha1[0], &ha1_hex[0]);
- sprintf(result, "Digest username=\"%s\",realm=\"%s\"",user,tmp);
+ res_len += sprintf(result + res_len, "Digest username=\"%s\",realm=\"%s\"",user,tmp);
if (cnonce[0] != '\0') {
- sprintf(result, "%s,cnonce=\"%s\",nc=%s,qop=%s",result,cnonce,nc,authtype);
+ res_len += sprintf(result + res_len , ",cnonce=\"%s\",nc=%s,qop=%s",cnonce,nc,authtype);
}
// Construct the URI
@@ -284,7 +284,7 @@
MD5_Final(ha2, &Md5Ctx);
hashToHex(&ha2[0], &ha2_hex[0]);
- sprintf(result, "%s,uri=\"%s\"",result,tmp);
+ res_len += sprintf(result + res_len, ",uri=\"%s\"",tmp);
// Extract the Nonce
if (!getAuthParameter("nonce", auth, tmp, sizeof(tmp))) {
@@ -309,10 +309,10 @@
MD5_Final(resp, &Md5Ctx);
hashToHex(&resp[0], &resp_hex[0]);
- sprintf(result, "%s,nonce=\"%s\",response=\"%s\",algorithm=%s",result,tmp,resp_hex,algo);
+ res_len += sprintf(result + res_len, ",nonce=\"%s\",response=\"%s\",algorithm=%s",tmp,resp_hex,algo);
if (has_opaque) {
- sprintf(result, "%s,opaque=\"%s\"",result,opaque);
+ res_len += sprintf(result + res_len, ",opaque=\"%s\"",opaque);
}
return 1;
@@ -677,7 +677,9 @@
}
auts_hex[AUTS64LEN-1]=0;
- sprintf(result, "%s,auts=\"%s\"",result,auts_hex);
+ int res_len = strlen(result);
+
+ sprintf(result + res_len, ",auts=\"%s\"",auts_hex);
}
free(nonce);
return 1;
|