From: Daniel Earl Poirier Date: Wed, 9 Sep 2009 13:04:34 +0000 (+0000) Subject: mod_auth_digest: When qop is none, client doesn't send nonce count, X-Git-Tag: 2.3.3~335 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6db0a1889e4f7a1a13030b6d2893ee1f9e5bf013;p=thirdparty%2Fapache%2Fhttpd.git mod_auth_digest: When qop is none, client doesn't send nonce count, but module was segfaulting trying to check the nonce count anyway. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@812934 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index e82595e1c88..15e76457519 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,8 @@ Changes with Apache 2.3.3 + *) mod_auth_digest: Fix null pointer when qop=none. [Dan Poirier] + *) Add support for HTTP PUT to ab. [Jeff Barnes ] *) ServerTokens now accepts 'Off' which disables sending of diff --git a/modules/aaa/mod_auth_digest.c b/modules/aaa/mod_auth_digest.c index 6b6ee10ef44..34dfea6c7f9 100644 --- a/modules/aaa/mod_auth_digest.c +++ b/modules/aaa/mod_auth_digest.c @@ -1436,6 +1436,20 @@ static int check_nc(const request_rec *r, const digest_header_rec *resp, return OK; } + if ((conf->qop_list != NULL) + &&(conf->qop_list[0] != NULL) + &&!strcasecmp(conf->qop_list[0], "none")) { + /* qop is none, client must not send a nonce count */ + if (snc != NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "Digest: invalid nc %s received - no nonce count allowed when qop=none", + snc); + return !OK; + } + /* qop is none, cannot check nonce count */ + return OK; + } + nc = strtol(snc, &endptr, 16); if (endptr < (snc+strlen(snc)) && !apr_isspace(*endptr)) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,