From 7942372e218568f8b27446115cfbb743f7cabf6c Mon Sep 17 00:00:00 2001
From: fireice-uk <fireice-uk@users.noreply.github.com>
Date: Fri, 10 Nov 2017 19:14:29 +0000
Subject: Add HTTP Digest auth (#98)

---
 xmrstak/http/httpd.cpp | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'xmrstak/http/httpd.cpp')

diff --git a/xmrstak/http/httpd.cpp b/xmrstak/http/httpd.cpp
index a112bbb..8debfa7 100644
--- a/xmrstak/http/httpd.cpp
+++ b/xmrstak/http/httpd.cpp
@@ -62,8 +62,32 @@ int httpd::req_handler(void * cls,
 	if (strcmp(method, "GET") != 0)
 		return MHD_NO;
 
-	*ptr = nullptr;
+	if(strlen(jconf::inst()->GetHttpUsername()) != 0)
+	{
+		char* username;
+		int ret;
+
+		username = MHD_digest_auth_get_username(connection);
+		if (username == NULL)
+		{
+			rsp = MHD_create_response_from_buffer(sHtmlAccessDeniedSize, (void*)sHtmlAccessDenied, MHD_RESPMEM_PERSISTENT);
+			ret = MHD_queue_auth_fail_response(connection, sHttpAuthRelam, sHttpAuthOpaque, rsp, MHD_NO);
+			MHD_destroy_response(rsp);
+			return ret;
+		}
+		free(username);
 
+		ret = MHD_digest_auth_check(connection, sHttpAuthRelam, jconf::inst()->GetHttpUsername(), jconf::inst()->GetHttpPassword(), 300);
+		if (ret == MHD_INVALID_NONCE || ret == MHD_NO)
+		{
+			rsp = MHD_create_response_from_buffer(sHtmlAccessDeniedSize, (void*)sHtmlAccessDenied, MHD_RESPMEM_PERSISTENT);
+			ret = MHD_queue_auth_fail_response(connection, sHttpAuthRelam, sHttpAuthOpaque, rsp, (ret == MHD_INVALID_NONCE) ? MHD_YES : MHD_NO);
+			MHD_destroy_response(rsp);
+			return ret;
+		}
+	}
+    
+	*ptr = nullptr;
 	std::string str;
 	if(strcasecmp(url, "/style.css") == 0)
 	{
-- 
cgit v1.1