ffmpeg-2.1.1: move directory

git-svn-id: svn://kolibrios.org@6148 a494cfbc-eb01-0410-851d-a64ba20cac60

contrib/sdk/sources/ffmpeg/ffmpeg-2.1/libavformat/httpauth.c

@@ -0,0 +1,287 @@
+/*
+ * HTTP authentication
+ * Copyright (c) 2010 Martin Storsjo
+ *
+ * This file is part of FFmpeg.
+ *
+ * FFmpeg is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * FFmpeg is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with FFmpeg; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ */
+
+#include "httpauth.h"
+#include "libavutil/base64.h"
+#include "libavutil/avstring.h"
+#include "internal.h"
+#include "libavutil/random_seed.h"
+#include "libavutil/md5.h"
+#include "urldecode.h"
+#include "avformat.h"
+
+static void handle_basic_params(HTTPAuthState *state, const char *key,
+                                int key_len, char **dest, int *dest_len)
+{
+    if (!strncmp(key, "realm=", key_len)) {
+        *dest     =        state->realm;
+        *dest_len = sizeof(state->realm);
+    }
+}
+
+static void handle_digest_params(HTTPAuthState *state, const char *key,
+                                 int key_len, char **dest, int *dest_len)
+{
+    DigestParams *digest = &state->digest_params;
+
+    if (!strncmp(key, "realm=", key_len)) {
+        *dest     =        state->realm;
+        *dest_len = sizeof(state->realm);
+    } else if (!strncmp(key, "nonce=", key_len)) {
+        *dest     =        digest->nonce;
+        *dest_len = sizeof(digest->nonce);
+    } else if (!strncmp(key, "opaque=", key_len)) {
+        *dest     =        digest->opaque;
+        *dest_len = sizeof(digest->opaque);
+    } else if (!strncmp(key, "algorithm=", key_len)) {
+        *dest     =        digest->algorithm;
+        *dest_len = sizeof(digest->algorithm);
+    } else if (!strncmp(key, "qop=", key_len)) {
+        *dest     =        digest->qop;
+        *dest_len = sizeof(digest->qop);
+    } else if (!strncmp(key, "stale=", key_len)) {
+        *dest     =        digest->stale;
+        *dest_len = sizeof(digest->stale);
+    }
+}
+
+static void handle_digest_update(HTTPAuthState *state, const char *key,
+                                 int key_len, char **dest, int *dest_len)
+{
+    DigestParams *digest = &state->digest_params;
+
+    if (!strncmp(key, "nextnonce=", key_len)) {
+        *dest     =        digest->nonce;
+        *dest_len = sizeof(digest->nonce);
+    }
+}
+
+static void choose_qop(char *qop, int size)
+{
+    char *ptr = strstr(qop, "auth");
+    char *end = ptr + strlen("auth");
+
+    if (ptr && (!*end || av_isspace(*end) || *end == ',') &&
+        (ptr == qop || av_isspace(ptr[-1]) || ptr[-1] == ',')) {
+        av_strlcpy(qop, "auth", size);
+    } else {
+        qop[0] = 0;
+    }
+}
+
+void ff_http_auth_handle_header(HTTPAuthState *state, const char *key,
+                                const char *value)
+{
+    if (!strcmp(key, "WWW-Authenticate") || !strcmp(key, "Proxy-Authenticate")) {
+        const char *p;
+        if (av_stristart(value, "Basic ", &p) &&
+            state->auth_type <= HTTP_AUTH_BASIC) {
+            state->auth_type = HTTP_AUTH_BASIC;
+            state->realm[0] = 0;
+            state->stale = 0;
+            ff_parse_key_value(p, (ff_parse_key_val_cb) handle_basic_params,
+                               state);
+        } else if (av_stristart(value, "Digest ", &p) &&
+                   state->auth_type <= HTTP_AUTH_DIGEST) {
+            state->auth_type = HTTP_AUTH_DIGEST;
+            memset(&state->digest_params, 0, sizeof(DigestParams));
+            state->realm[0] = 0;
+            state->stale = 0;
+            ff_parse_key_value(p, (ff_parse_key_val_cb) handle_digest_params,
+                               state);
+            choose_qop(state->digest_params.qop,
+                       sizeof(state->digest_params.qop));
+            if (!av_strcasecmp(state->digest_params.stale, "true"))
+                state->stale = 1;
+        }
+    } else if (!strcmp(key, "Authentication-Info")) {
+        ff_parse_key_value(value, (ff_parse_key_val_cb) handle_digest_update,
+                           state);
+    }
+}
+
+
+static void update_md5_strings(struct AVMD5 *md5ctx, ...)
+{
+    va_list vl;
+
+    va_start(vl, md5ctx);
+    while (1) {
+        const char* str = va_arg(vl, const char*);
+        if (!str)
+            break;
+        av_md5_update(md5ctx, str, strlen(str));
+    }
+    va_end(vl);
+}
+
+/* Generate a digest reply, according to RFC 2617. */
+static char *make_digest_auth(HTTPAuthState *state, const char *username,
+                              const char *password, const char *uri,
+                              const char *method)
+{
+    DigestParams *digest = &state->digest_params;
+    int len;
+    uint32_t cnonce_buf[2];
+    char cnonce[17];
+    char nc[9];
+    int i;
+    char A1hash[33], A2hash[33], response[33];
+    struct AVMD5 *md5ctx;
+    uint8_t hash[16];
+    char *authstr;
+
+    digest->nc++;
+    snprintf(nc, sizeof(nc), "%08x", digest->nc);
+
+    /* Generate a client nonce. */
+    for (i = 0; i < 2; i++)
+        cnonce_buf[i] = av_get_random_seed();
+    ff_data_to_hex(cnonce, (const uint8_t*) cnonce_buf, sizeof(cnonce_buf), 1);
+    cnonce[2*sizeof(cnonce_buf)] = 0;
+
+    md5ctx = av_md5_alloc();
+    if (!md5ctx)
+        return NULL;
+
+    av_md5_init(md5ctx);
+    update_md5_strings(md5ctx, username, ":", state->realm, ":", password, NULL);
+    av_md5_final(md5ctx, hash);
+    ff_data_to_hex(A1hash, hash, 16, 1);
+    A1hash[32] = 0;
+
+    if (!strcmp(digest->algorithm, "") || !strcmp(digest->algorithm, "MD5")) {
+    } else if (!strcmp(digest->algorithm, "MD5-sess")) {
+        av_md5_init(md5ctx);
+        update_md5_strings(md5ctx, A1hash, ":", digest->nonce, ":", cnonce, NULL);
+        av_md5_final(md5ctx, hash);
+        ff_data_to_hex(A1hash, hash, 16, 1);
+        A1hash[32] = 0;
+    } else {
+        /* Unsupported algorithm */
+        av_free(md5ctx);
+        return NULL;
+    }
+
+    av_md5_init(md5ctx);
+    update_md5_strings(md5ctx, method, ":", uri, NULL);
+    av_md5_final(md5ctx, hash);
+    ff_data_to_hex(A2hash, hash, 16, 1);
+    A2hash[32] = 0;
+
+    av_md5_init(md5ctx);
+    update_md5_strings(md5ctx, A1hash, ":", digest->nonce, NULL);
+    if (!strcmp(digest->qop, "auth") || !strcmp(digest->qop, "auth-int")) {
+        update_md5_strings(md5ctx, ":", nc, ":", cnonce, ":", digest->qop, NULL);
+    }
+    update_md5_strings(md5ctx, ":", A2hash, NULL);
+    av_md5_final(md5ctx, hash);
+    ff_data_to_hex(response, hash, 16, 1);
+    response[32] = 0;
+
+    av_free(md5ctx);
+
+    if (!strcmp(digest->qop, "") || !strcmp(digest->qop, "auth")) {
+    } else if (!strcmp(digest->qop, "auth-int")) {
+        /* qop=auth-int not supported */
+        return NULL;
+    } else {
+        /* Unsupported qop value. */
+        return NULL;
+    }
+
+    len = strlen(username) + strlen(state->realm) + strlen(digest->nonce) +
+              strlen(uri) + strlen(response) + strlen(digest->algorithm) +
+              strlen(digest->opaque) + strlen(digest->qop) + strlen(cnonce) +
+              strlen(nc) + 150;
+
+    authstr = av_malloc(len);
+    if (!authstr)
+        return NULL;
+    snprintf(authstr, len, "Authorization: Digest ");
+
+    /* TODO: Escape the quoted strings properly. */
+    av_strlcatf(authstr, len, "username=\"%s\"",   username);
+    av_strlcatf(authstr, len, ",realm=\"%s\"",     state->realm);
+    av_strlcatf(authstr, len, ",nonce=\"%s\"",     digest->nonce);
+    av_strlcatf(authstr, len, ",uri=\"%s\"",       uri);
+    av_strlcatf(authstr, len, ",response=\"%s\"",  response);
+    if (digest->algorithm[0])
+        av_strlcatf(authstr, len, ",algorithm=%s",  digest->algorithm);
+    if (digest->opaque[0])
+        av_strlcatf(authstr, len, ",opaque=\"%s\"", digest->opaque);
+    if (digest->qop[0]) {
+        av_strlcatf(authstr, len, ",qop=\"%s\"",    digest->qop);
+        av_strlcatf(authstr, len, ",cnonce=\"%s\"", cnonce);
+        av_strlcatf(authstr, len, ",nc=%s",         nc);
+    }
+
+    av_strlcatf(authstr, len, "\r\n");
+
+    return authstr;
+}
+
+char *ff_http_auth_create_response(HTTPAuthState *state, const char *auth,
+                                   const char *path, const char *method)
+{
+    char *authstr = NULL;
+
+    /* Clear the stale flag, we assume the auth is ok now. It is reset
+     * by the server headers if there's a new issue. */
+    state->stale = 0;
+    if (!auth || !strchr(auth, ':'))
+        return NULL;
+
+    if (state->auth_type == HTTP_AUTH_BASIC) {
+        int auth_b64_len, len;
+        char *ptr, *decoded_auth = ff_urldecode(auth);
+
+        if (!decoded_auth)
+            return NULL;
+
+        auth_b64_len = AV_BASE64_SIZE(strlen(decoded_auth));
+        len = auth_b64_len + 30;
+
+        authstr = av_malloc(len);
+        if (!authstr) {
+            av_free(decoded_auth);
+            return NULL;
+        }
+
+        snprintf(authstr, len, "Authorization: Basic ");
+        ptr = authstr + strlen(authstr);
+        av_base64_encode(ptr, auth_b64_len, decoded_auth, strlen(decoded_auth));
+        av_strlcat(ptr, "\r\n", len - (ptr - authstr));
+        av_free(decoded_auth);
+    } else if (state->auth_type == HTTP_AUTH_DIGEST) {
+        char *username = ff_urldecode(auth), *password;
+
+        if (!username)
+            return NULL;
+
+        if ((password = strchr(username, ':'))) {
+            *password++ = 0;
+            authstr = make_digest_auth(state, username, password, path, method);
+        }
+        av_free(username);
+    }
+    return authstr;
+}