challenger

OAuth 2.0-based authentication service that validates user can receive messages at a certain address
Log | Files | Refs | Submodules | README | LICENSE

commit 51e5e356b2137a2ca34113c1c107b261ac15a5b3
parent 134ff3844a1d5cc043fedc8ab359643b246679d2
Author: Christian Grothoff <grothoff@gnunet.org>
Date:   Wed, 15 Jul 2026 23:49:56 +0200

allow 'bearer' (case-insensitive) as per RFC

Diffstat:
Msrc/challenger/challenger-httpd_common.c | 7++++---
Msrc/challenger/challenger-httpd_info.c | 7++++---
2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/challenger/challenger-httpd_common.c b/src/challenger/challenger-httpd_common.c @@ -63,9 +63,10 @@ CH_get_client_secret (struct MHD_Connection *connection) MHD_HTTP_HEADER_AUTHORIZATION); if (NULL == auth) return NULL; - if (0 != strncmp (auth, - bearer, - strlen (bearer))) + /* RFC 7235: the auth-scheme token ("Bearer") is case-insensitive. */ + if (0 != strncasecmp (auth, + bearer, + strlen (bearer))) { return NULL; } diff --git a/src/challenger/challenger-httpd_info.c b/src/challenger/challenger-httpd_info.c @@ -60,9 +60,10 @@ CH_handler_info (struct CH_HandlerContext *hc, TALER_EC_GENERIC_PARAMETER_MISSING, MHD_HTTP_HEADER_AUTHORIZATION); } - if (0 != strncmp (auth, - BEARER_PREFIX, - strlen (BEARER_PREFIX))) + /* RFC 7235: the auth-scheme token ("Bearer") is case-insensitive. */ + if (0 != strncasecmp (auth, + BEARER_PREFIX, + strlen (BEARER_PREFIX))) { GNUNET_break_op (0); return TALER_MHD_reply_with_error (hc->connection,