auth: minor log messages, comments and sanity fixes

- use sizeof(nc_t) when initializing a nonce count tracking entry
 (do not assume nc_t is char). This does not affect existing code.
- removed a debugging ERR message
- various minor comment fixes

modules/auth/nc.c

@@ -162,7 +162,7 @@ void destroy_nonce_count()
  * nc array corresponding to p.
  * WARNING: the result is  an index in the nc_array converted to nc_t
  * (unsigned char by default), to get the index of the unsigned int in which
- * nc is packed, call 
+ * nc is packed, call get_nc_array_uint_idx(get_nc_array_raw_idx(i,p))).
  */
 #define get_nc_array_raw_idx(i,p) \
 	(((i)&nc_partition_mask)+((p)<<nc_partition_k))
@@ -204,7 +204,7 @@ nid_t nc_new(nid_t id, unsigned char p)
 	do{
 		v=atomic_get_int(&nc_array[i]);
 		/* new_value = old_int with the corresponding byte or short zeroed*/
-		new_v=v & ~(((1<<(sizeof(nc_t)*8))-1)<< (r*8));
+		new_v=v & ~(((1<<(sizeof(nc_t)*8))-1)<< (r*sizeof(nc_t)*8));
 	}while(atomic_cmpxchg_int((int*)&nc_array[i], v, new_v)!=v);
 	return id;
 }

modules/auth/nid.h

@@ -47,8 +47,8 @@ extern unsigned nid_pool_no; /* number of index pools */
  * array locations it should be a number prime with the array size and
  * bigger then the cacheline. Since this is used also for onetime nonces
  * => NID_INC/8 > CACHELINE
- * This number also limit the maximum pool/partition size, since the
- * id overlfow checks check if crt_id - nonce_id >= partition_size*NID_INC
+ * This number also limits the maximum pool/partition size, since the
+ * id overflow check checks if crt_id - nonce_id >= partition_size*NID_INC
  * => maximum partition size is (nid_t)(-1)/NID_INC*/
 #define NID_INC 257
 

modules/auth/nonce.c

@@ -406,8 +406,6 @@ int check_nonce(auth_body_t* auth, str* secret1, str* secret2,
 				auth->digest.nc.len){
 			if (str2int(&auth->digest.nc, &nc)!=0){
 				/* error, bad nc */
-				ERR("FIXME:check_nonce: bad nc value %.*s\n",
-						auth->digest.nc.len, auth->digest.nc.s);
 				return 5; /* invalid nc */
 			}
 			switch(nc_check_val(n_id, pf & NF_POOL_NO_MASK, nc)){

modules/auth/nonce.h

@@ -134,7 +134,7 @@ union bin_nonce{
 
 /* maximum nonce length in binary form (not converted to base64/hex):
  * expires_t | since_t | MD5(expires_t | since_t | s1) | \
- *   MD5(info(auth_extra_checks, s2)   => 4  + 4 + 16 + 16 = 40 bytes
+ *   MD5(info(auth_extra_checks, s2))   => 4  + 4 + 16 + 16 = 40 bytes
  * or if nc_enabled:
  * expires_t | since_t | MD5...| MD5... | nonce_id | flag+pool_no(1 byte)
  * => 4 + 4 + 16 + 16 + 4 + 1 = 45 bytes