[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[libmicrohttpd] 06/07: configure: implemented setting DAuth defaults by
|
From: |
gnunet |
|
Subject: |
[libmicrohttpd] 06/07: configure: implemented setting DAuth defaults by parameters |
|
Date: |
Fri, 29 Dec 2023 14:59:34 +0100 |
This is an automated email from the git hooks/post-receive script.
karlson2k pushed a commit to branch master
in repository libmicrohttpd.
commit 8d4496944bf0ada2f2fc176e589eb0a921da72d9
Author: Evgeny Grin (Karlson2k) <k2k@narod.ru>
AuthorDate: Fri Dec 29 16:54:29 2023 +0300
configure: implemented setting DAuth defaults by parameters
---
configure.ac | 99 +++++++++++++++++++++++++++++++++++++++++++++++
src/include/mhd_options.h | 7 ++++
src/microhttpd/daemon.c | 4 +-
3 files changed, 108 insertions(+), 2 deletions(-)
diff --git a/configure.ac b/configure.ac
index 32f038bc..05591770 100644
--- a/configure.ac
+++ b/configure.ac
@@ -4034,6 +4034,104 @@ AS_IF([[test "x$enable_dauth" != "xno"]],
AM_CONDITIONAL([ENABLE_DAUTH], [test "x$enable_dauth" != "xno"])
AC_MSG_RESULT([[$enable_dauth]])
+AS_VAR_IF([enable_dauth], ["yes"],
+ [
+ AC_MSG_CHECKING([[for Digest Authentication default nonce timeout value]])
+ AC_ARG_ENABLE([dauth-def-timeout],
+ [AS_HELP_STRING([--enable-dauth-def-timeout=NNN],
+ [set default Digest Auth nonce validity time to NNN
seconds])],
+ [enable_dauth_def_timeout="${enableval}"],
+ [enable_dauth_def_timeout=""]
+ )
+ AS_VAR_IF([enable_dauth_def_timeout], ["no"],
+ [
+ AC_MSG_WARN([Default Diget Auth nonce validity time cannot be
disabled, --disable-dauth-def-timeout parameter is ignored])
+ enable_dauth_def_timeout=""
+ ]
+ )
+ AS_IF([test -z "${enable_dauth_def_timeout}"],
+ [
+ enable_dauth_def_timeout="90"
+ enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds
(default)"
+ ],
+ [
+ AS_IF([[test "x${enable_dauth_def_timeout}" = "x`echo
${enable_dauth_def_timeout}|${SED-sed} 's/[^0-9]//g'`" && \
+ test "${enable_dauth_def_timeout}" -ge "0" 2>/dev/null ]],[:],
+ [AC_MSG_ERROR([Invalid parameter
--enable-dauth-def-timeout=${enable_dauth_def_timeout}. Timeout value must be a
positive integer.])
+ ]
+ )
+ AC_COMPILE_IFELSE(
+ [
+ AC_LANG_PROGRAM([],
+ [[
+ static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_timeout} !=
((unsigned int)${enable_dauth_def_timeout}))];
+ (void) arr;
+ ]]
+ )
+ ],
+ [],
+ [AC_MSG_ERROR([The value specified by
--enable-dauth-def-timeout=${enable_dauth_def_timeout} is too large.])]
+ )
+ enable_dauth_def_timeout_MSG="${enable_dauth_def_timeout} seconds (set
by parameter)"
+ ]
+ )
+ AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_TIMEOUT_],[${enable_dauth_def_timeout}],
+ [The default HTTP Digest Auth default nonce timeout value (in
seconds)])
+ AC_MSG_RESULT([[${enable_dauth_def_timeout_MSG}]])
+
+ AC_MSG_CHECKING([[for Digest Authentication default maximum nc value]])
+ AC_ARG_ENABLE([dauth-def-max-nc],
+ [AS_HELP_STRING([--enable-dauth-def-max-nc=NNN],
+ [set default Digest Auth maximum nc (nonce count) value
to NNN])],
+ [enable_dauth_def_max_nc="${enableval}"],
+ [enable_dauth_def_max_nc=""]
+ )
+ AS_VAR_IF([enable_dauth_def_max_nc], ["no"],
+ [
+ AC_MSG_WARN([Default Diget Auth maximum nc cannot be disabled,
--disable-dauth-def-max-nc parameter is ignored])
+ enable_dauth_def_max_nc=""
+ ]
+ )
+ AS_IF([test -z "${enable_dauth_def_max_nc}"],
+ [
+ enable_dauth_def_max_nc="1000"
+ enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (default)"
+ ],
+ [
+ AS_IF([[test "x${enable_dauth_def_max_nc}" = "x`echo
${enable_dauth_def_max_nc}|${SED-sed} 's/[^0-9]//g'`" && \
+ test "${enable_dauth_def_max_nc}" -ge "0" 2>/dev/null ]],[:],
+ [AC_MSG_ERROR([Invalid parameter
--enable-dauth-def-max-nc=${enable_dauth_def_max_nc}. The value must be a
positive integer.])
+ ]
+ )
+ AC_COMPILE_IFELSE(
+ [
+ AC_LANG_PROGRAM(
+ [[
+#include <stdint.h>
+ ]],
+ [[
+ static int arr[((int) 2) - 4 * (int)(${enable_dauth_def_max_nc} !=
((uint32_t)${enable_dauth_def_max_nc}))];
+ (void) arr;
+ ]]
+ )
+ ],
+ [],
+ [AC_MSG_ERROR([The value specified by
--enable-dauth-def-max-nc=${enable_dauth_def_max_nc} is too large.])]
+ )
+ enable_dauth_def_max_nc_MSG="${enable_dauth_def_max_nc} (set by
parameter)"
+ ]
+ )
+ AC_DEFINE_UNQUOTED([MHD_DAUTH_DEF_MAX_NC_],[${enable_dauth_def_max_nc}],
+ [The default HTTP Digest Auth default maximum nc (nonce count) value])
+ AC_MSG_RESULT([[${enable_dauth_def_max_nc_MSG}]])
+
+ dauth_defs_MSG="timeout: ${enable_dauth_def_timeout_MSG}, max nc:
${enable_dauth_def_max_nc_MSG}"
+ ],
+ [
+ dauth_defs_MSG="N/A"
+ ]
+)
+
AM_CONDITIONAL([HAVE_ANYAUTH],[test "x$enable_bauth" != "xno" || test
"x$enable_dauth" != "xno"])
# optional: HTTP "Upgrade" support. Enabled by default
@@ -5964,6 +6062,7 @@ AC_MSG_NOTICE([GNU libmicrohttpd ${PACKAGE_VERSION}
Configuration Summary:
HTTP "Upgrade": ${enable_httpupgrade}
Basic auth.: ${enable_bauth}
Digest auth.: ${enable_dauth}
+ Digest auth. defaults: ${dauth_defs_MSG}
MD5: ${enable_md5_MSG}
SHA-256: ${enable_sha256_MSG}
SHA-512/256: ${enable_sha512_256_MSG}
diff --git a/src/include/mhd_options.h b/src/include/mhd_options.h
index f5334e1d..39316a28 100644
--- a/src/include/mhd_options.h
+++ b/src/include/mhd_options.h
@@ -278,4 +278,11 @@
# endif /* 0 != HAVE_DECL_CPU_SETSIZE */
#endif /* HAVE_DECL_CPU_SETSIZE */
+#ifndef MHD_DAUTH_DEF_TIMEOUT_
+# define MHD_DAUTH_DEF_TIMEOUT_ 90
+#endif /* ! MHD_DAUTH_DEF_TIMEOUT_ */
+#ifndef MHD_DAUTH_DEF_MAX_NC_
+# define MHD_DAUTH_DEF_MAX_NC_ 1000
+#endif /* ! MHD_DAUTH_DEF_MAX_NC_ */
+
#endif /* MHD_OPTIONS_H */
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index f4fd8166..8345c793 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -7808,8 +7808,8 @@ MHD_start_daemon_va (unsigned int flags,
daemon->digest_auth_rand_size = 0;
daemon->digest_auth_random = NULL;
daemon->nonce_nc_size = 4; /* tiny */
- daemon->dauth_def_nonce_timeout = 90;
- daemon->dauth_def_max_nc = 1000;
+ daemon->dauth_def_nonce_timeout = MHD_DAUTH_DEF_TIMEOUT_;
+ daemon->dauth_def_max_nc = MHD_DAUTH_DEF_MAX_NC_;
#endif
#ifdef HTTPS_SUPPORT
if (0 != (*pflags & MHD_USE_TLS))
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [libmicrohttpd] branch master updated (c39c55a2 -> a532889e), gnunet, 2023/12/29
- [libmicrohttpd] 02/07: internal.h: reordered members in struct MHD_Daemon, gnunet, 2023/12/29
- [libmicrohttpd] 04/07: Added daemon options for default nonce timeout and max nc values, gnunet, 2023/12/29
- [libmicrohttpd] 07/07: test_digestauth_concurrent: fixed error message, gnunet, 2023/12/29
- [libmicrohttpd] 06/07: configure: implemented setting DAuth defaults by parameters,
gnunet <=
- [libmicrohttpd] 05/07: tests: added setting of DAuth max nc value by daemon option, gnunet, 2023/12/29
- [libmicrohttpd] 03/07: digest auth: added default timeout and max nc values, gnunet, 2023/12/29
- [libmicrohttpd] 01/07: microhttpd.h: minor doxy improvement, gnunet, 2023/12/29