[FFmpeg-devel] [PATCH] avformat/httpauth.c Support RFC7616 [Style fixed]
Stefano Sabatini
stefasab at gmail.com
Mon Apr 22 15:58:51 EEST 2024
On date Thursday 2024-04-18 12:49:53 +0200, Stefano Sabatini wrote:
> On date Monday 2024-04-15 19:56:48 +0200, Stefano Sabatini wrote:
> > On date Monday 2024-04-15 02:32:14 +0000, ������ | Eugene wrote:
> > > Update digest authentication in httpauth.c
> > >
> > > - Refactor make_digest_auth() to support RFC 2617 and RFC 7617
> > > - Add support for SHA-256 and SHA-512/256 algorithms along with MD5
> > > - MD5 and SHA-256 tested, but SHA-512/256 untested due to lack of server
> > > - Replace AVMD5 structure with AVHashContext for hash algorithm flexibility
> > > - Rename update_md5_strings() to update_hash_strings() for consistency
> > > - Address coding style feedback from reviewer:
> > >
> > > This is a feature update focused on digest authentication enhancements.
> > > Some lint issues in the existing code remain unaddressed in this patch.
> > >
> > > Signed-off-by: Eugene-bitsensing <eugene at bitsensing.com>
> > > ---
> >
> > > libavformat/httpauth.c | 102 +++++++++++++++++++++--------------------
> > > 1 file changed, 53 insertions(+), 49 deletions(-)
> >
> > add entry to Changelog?
>
> Updated the patch with a few fixes, please check in attachment.
>
> [...]
> > nit++: to avoid semantic overlap I'd rather name this
> > selected_algorithm
> >
> > > + if (!*algorithm) {
> > > + algorithm = "MD5"; // if empty, use MD5 as Default
> > > + hashing_algorithm = "MD5";
> > > + } else if (av_stristr(algorithm, "MD5")) {
> > > + hashing_algorithm = "MD5";
> > > + } else if (av_stristr(algorithm, "sha256") || av_stristr(algorithm, "sha-256")) {
> > > + hashing_algorithm = "SHA256";
> > > + len_hash = 65; // SHA-2: 64 characters.
>
> > > + } else if (av_stristr(algorithm, "sha512-256") || av_stristr(algorithm, "sha-512-256")) {
> > > + hashing_algorithm = "SHA512_256";
> > > + len_hash = 65; // SHA-2: 64 characters.
>
> I'm concerned by this, as it will never be reached because the "sha256"
> branch is always selected instead, that's why this should be made an
> exact match?
Ping to Eugene. I think it would be safe with the use of stricmp.
More information about the ffmpeg-devel
mailing list