Fix crash if qop is not set in the authorize response

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.3.x@360 152afb58-edef-0310-8abb-c4023f1b3aa9
18 years ago · dfe03995d7
parent b90f231042
commit dfe03995d7
1 changed files with 2 additions and 2 deletions
--- a/src/http_auth.c
+++ b/src/http_auth.c
@ -850,7 +850,7 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p
 	MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
 	MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
 	MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
-	if (strcasecmp(qop, "auth-int") == 0) {
+	if (qop && strcasecmp(qop, "auth-int") == 0) {
 		MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
 		MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
 	}
@ -863,7 +863,7 @@ int http_auth_digest_check(server *srv, connection *con, mod_auth_plugin_data *p
 	MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
 	MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
 	MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-	if (*qop) {
+	if (qop && *qop) {
 		MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
 		MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
 		MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));