From: Stefano Sabatini <stefasab@gmail.com>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [PATCH] avformat/httpauth: add SHA-256 Digest Authorization [update]
Date: Thu, 4 Apr 2024 18:53:00 +0200
Message-ID: <Zg7a7LS00aXOtDPS@mariano> (raw)
In-Reply-To: <SL2P216MB148126315D0B8ABA204250F6B83C2@SL2P216MB1481.KORP216.PROD.OUTLOOK.COM>
On date Thursday 2024-04-04 02:07:17 +0000, ������ | Eugene wrote:
> add SHA-256 Digest Authorization for RFC7616 using avutil/hash.h
> - make_digest_auth_sha() : A1hash-> a1_hash and A2hash -> a2_hash
> - combine with lint fix patch
>
> Signed-off-by: Eugene-bitsensing <eugene@bitsensing.com>
> ---
> libavformat/httpauth.c | 130 ++++++++++++++++++++++++++++++++++++++---
> libavformat/httpauth.h | 8 +++
> 2 files changed, 130 insertions(+), 8 deletions(-)
>
> diff --git a/libavformat/httpauth.c b/libavformat/httpauth.c
> index 9780928357..6069523bca 100644
> --- a/libavformat/httpauth.c
> +++ b/libavformat/httpauth.c
> @@ -25,6 +25,7 @@
> #include "internal.h"
> #include "libavutil/random_seed.h"
> #include "libavutil/md5.h"
> +#include "libavutil/hash.h"
> #include "urldecode.h"
>
> static void handle_basic_params(HTTPAuthState *state, const char *key,
> @@ -143,7 +144,7 @@ static char *make_digest_auth(HTTPAuthState *state, const char *username,
> char cnonce[17];
> char nc[9];
> int i;
> - char A1hash[33], A2hash[33], response[33];
> + char a1_hash[33], a2_hash[33], response[33];
> struct AVMD5 *md5ctx;
> uint8_t hash[16];
> char *authstr;
> @@ -163,14 +164,14 @@ static char *make_digest_auth(HTTPAuthState *state, const char *username,
> av_md5_init(md5ctx);
> update_md5_strings(md5ctx, username, ":", state->realm, ":", password, NULL);
> av_md5_final(md5ctx, hash);
> - ff_data_to_hex(A1hash, hash, 16, 1);
> + ff_data_to_hex(a1_hash, hash, 16, 1);
>
> if (!strcmp(digest->algorithm, "") || !strcmp(digest->algorithm, "MD5")) {
> } else if (!strcmp(digest->algorithm, "MD5-sess")) {
> av_md5_init(md5ctx);
> - update_md5_strings(md5ctx, A1hash, ":", digest->nonce, ":", cnonce, NULL);
> + update_md5_strings(md5ctx, a1_hash, ":", digest->nonce, ":", cnonce, NULL);
> av_md5_final(md5ctx, hash);
> - ff_data_to_hex(A1hash, hash, 16, 1);
> + ff_data_to_hex(a1_hash, hash, 16, 1);
> } else {
> /* Unsupported algorithm */
> av_free(md5ctx);
> @@ -180,14 +181,14 @@ static char *make_digest_auth(HTTPAuthState *state, const char *username,
> av_md5_init(md5ctx);
> update_md5_strings(md5ctx, method, ":", uri, NULL);
> av_md5_final(md5ctx, hash);
> - ff_data_to_hex(A2hash, hash, 16, 1);
> + ff_data_to_hex(a2_hash, hash, 16, 1);
>
> av_md5_init(md5ctx);
> - update_md5_strings(md5ctx, A1hash, ":", digest->nonce, NULL);
> + update_md5_strings(md5ctx, a1_hash, ":", digest->nonce, NULL);
> if (!strcmp(digest->qop, "auth") || !strcmp(digest->qop, "auth-int")) {
> update_md5_strings(md5ctx, ":", nc, ":", cnonce, ":", digest->qop, NULL);
> }
> - update_md5_strings(md5ctx, ":", A2hash, NULL);
> + update_md5_strings(md5ctx, ":", a2_hash, NULL);
> av_md5_final(md5ctx, hash);
> ff_data_to_hex(response, hash, 16, 1);
this is fine but it would be better sent as a separate patch (to avoid
mixing functional and cosmetical changes)
>
> @@ -236,6 +237,114 @@ static char *make_digest_auth(HTTPAuthState *state, const char *username,
> return authstr;
> }
>
> +/**
> + * Generate a digest reply SHA-256, according to RFC 7616.
> + * TODO : support other RFC 7616 Algorithm
> + */
> +static char *make_digest_auth_sha(HTTPAuthState *state, const char *username,
> + const char *password, const char *uri,
> + const char *method, const char *algorithm)
> +{
BTW I see this function contains much duplicated code from
make_digest_auth().
Is it possible to make make_digest_auth use this new function with the
MD5 algorithm? This would avoid much code duplication.
[...]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
prev parent reply other threads:[~2024-04-04 16:53 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-04 2:07 정지우 | Eugene
2024-04-04 16:53 ` Stefano Sabatini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zg7a7LS00aXOtDPS@mariano \
--to=stefasab@gmail.com \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git