Mirrors/i2pd
2
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-04-23 17:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

fix http auth fail when auth too long

Browse source
This commit is contained in:
Jeff Becker 2017-01-01 08:52:36 -05:00
parent 585a6c29d4
commit 7ef6c72fc0
1 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
HTTPServer.cpp
View file

@ -713,9 +713,11 @@ namespace http {
} }
/* method #2: 'Authorization' header sent */ /* method #2: 'Authorization' header sent */
if (req.headers.count("Authorization") > 0) { if (req.headers.count("Authorization") > 0) {
bool result = false;
std::string provided = req.headers.find("Authorization")->second; std::string provided = req.headers.find("Authorization")->second;
std::string expected = user + ":" + pass; std::string expected = user + ":" + pass;
char b64_creds[64]; size_t b64_sz = i2p::data::Base64EncodingBufferSize(expected.length());
char * b64_creds = new char[b64_sz+1];
std::size_t len = 0; std::size_t len = 0;
len = i2p::data::ByteStreamToBase64((unsigned char *)expected.c_str(), expected.length(), b64_creds, sizeof(b64_creds)); len = i2p::data::ByteStreamToBase64((unsigned char *)expected.c_str(), expected.length(), b64_creds, sizeof(b64_creds));
/* if we decoded properly then check credentials */ /* if we decoded properly then check credentials */
@ -723,10 +725,10 @@ namespace http {
b64_creds[len] = '\0'; b64_creds[len] = '\0';
expected = "Basic "; expected = "Basic ";
expected += b64_creds; expected += b64_creds;
return expected == provided; result = expected == provided;
} }
/** we decoded wrong so it's not a correct login credential */ delete [] b64_creds;
return false; return result;
} }
LogPrint(eLogWarning, "HTTPServer: auth failure from ", m_Socket->remote_endpoint().address ()); LogPrint(eLogWarning, "HTTPServer: auth failure from ", m_Socket->remote_endpoint().address ());