sasl: Combined DIGEST-MD5 message decoding and generation
This commit is contained in:
parent
45d3f00803
commit
3a92de5636
@ -264,9 +264,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
||||
}
|
||||
|
||||
/*
|
||||
* Curl_sasl_decode_digest_md5_message()
|
||||
* sasl_decode_digest_md5_message()
|
||||
*
|
||||
* This is used to decode an already encoded DIGEST-MD5 challenge message.
|
||||
* This is used internally to decode an already encoded DIGEST-MD5 challenge
|
||||
* message into the seperate attributes.
|
||||
*
|
||||
* Parameters:
|
||||
*
|
||||
@ -280,10 +281,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
||||
*
|
||||
* Returns CURLE_OK on success.
|
||||
*/
|
||||
CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
|
||||
char *nonce, size_t nlen,
|
||||
char *realm, size_t rlen,
|
||||
char *alg, size_t alen)
|
||||
static CURLcode sasl_decode_digest_md5_message(const char *chlg64,
|
||||
char *nonce, size_t nlen,
|
||||
char *realm, size_t rlen,
|
||||
char *alg, size_t alen)
|
||||
{
|
||||
CURLcode result = CURLE_OK;
|
||||
unsigned char *chlg = NULL;
|
||||
@ -332,8 +333,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
|
||||
* Parameters:
|
||||
*
|
||||
* data [in] - The session handle.
|
||||
* nonce [in] - The nonce.
|
||||
* realm [in] - The realm.
|
||||
* chlg64 [in] - Pointer to the base64 encoded challenge message.
|
||||
* userp [in] - The user name.
|
||||
* passdwp [in] - The user's password.
|
||||
* service [in] - The service type such as www, smtp, pop or imap.
|
||||
@ -344,8 +344,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
|
||||
* Returns CURLE_OK on success.
|
||||
*/
|
||||
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
||||
const char *nonce,
|
||||
const char *realm,
|
||||
const char *chlg64,
|
||||
const char *userp,
|
||||
const char *passwdp,
|
||||
const char *service,
|
||||
@ -363,12 +362,26 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
||||
char HA2_hex[2 * MD5_DIGEST_LEN + 1];
|
||||
char resp_hash_hex[2 * MD5_DIGEST_LEN + 1];
|
||||
|
||||
char nonce[64];
|
||||
char realm[128];
|
||||
char algorithm[64];
|
||||
char nonceCount[] = "00000001";
|
||||
char cnonce[] = "12345678"; /* will be changed */
|
||||
char method[] = "AUTHENTICATE";
|
||||
char qop[] = "auth";
|
||||
char uri[128];
|
||||
|
||||
/* Decode the challange message */
|
||||
result = sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
|
||||
realm, sizeof(realm),
|
||||
algorithm, sizeof(algorithm));
|
||||
if(result)
|
||||
return result;
|
||||
|
||||
/* We only support md5 sessions */
|
||||
if(strcmp(algorithm, "md5-sess") != 0)
|
||||
return CURLE_BAD_CONTENT_ENCODING;
|
||||
|
||||
#ifndef DEBUGBUILD
|
||||
/* Generate 64 bits of random data */
|
||||
for(i = 0; i < 8; i++)
|
||||
|
@ -7,7 +7,7 @@
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
* Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
@ -77,17 +77,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
||||
const char *passwdp,
|
||||
char **outptr, size_t *outlen);
|
||||
|
||||
/* This is used to decode a base64 encoded DIGEST-MD5 challange message */
|
||||
CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64,
|
||||
char *nonce, size_t nlen,
|
||||
char *realm, size_t rlen,
|
||||
char *alg, size_t alen);
|
||||
|
||||
/* This is used to generate a base64 encoded DIGEST-MD5 response message */
|
||||
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
||||
const char *nonce,
|
||||
const char *realm,
|
||||
const char *user,
|
||||
const char *chlg64,
|
||||
const char *userp,
|
||||
const char *passwdp,
|
||||
const char *service,
|
||||
char **outptr, size_t *outlen);
|
||||
|
42
lib/imap.c
42
lib/imap.c
@ -5,7 +5,7 @@
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
@ -1110,10 +1110,6 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
|
||||
char *rplyb64 = NULL;
|
||||
size_t len = 0;
|
||||
|
||||
char nonce[64];
|
||||
char realm[128];
|
||||
char algorithm[64];
|
||||
|
||||
(void)instate; /* no use for this yet */
|
||||
|
||||
if(imapcode != '+') {
|
||||
@ -1124,30 +1120,26 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn,
|
||||
/* Get the challenge message */
|
||||
imap_get_message(data->state.buffer, &chlg64);
|
||||
|
||||
/* Decode the challange message */
|
||||
result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
|
||||
realm, sizeof(realm),
|
||||
algorithm, sizeof(algorithm));
|
||||
if(result || strcmp(algorithm, "md5-sess") != 0) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, IMAP_AUTHENTICATE_CANCEL);
|
||||
}
|
||||
else {
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
|
||||
conn->user, conn->passwd,
|
||||
"imap", &rplyb64, &len);
|
||||
if(!result && rplyb64) {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, chlg64,
|
||||
conn->user, conn->passwd,
|
||||
"imap", &rplyb64, &len);
|
||||
if(result) {
|
||||
if(result == CURLE_BAD_CONTENT_ENCODING) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
|
||||
state(conn, IMAP_AUTHENTICATE_CANCEL);
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
|
||||
|
||||
if(!result)
|
||||
state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
|
||||
}
|
||||
|
||||
Curl_safefree(rplyb64);
|
||||
|
||||
|
42
lib/pop3.c
42
lib/pop3.c
@ -5,7 +5,7 @@
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
* Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
@ -978,10 +978,6 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
|
||||
char *rplyb64 = NULL;
|
||||
size_t len = 0;
|
||||
|
||||
char nonce[64];
|
||||
char realm[128];
|
||||
char algorithm[64];
|
||||
|
||||
(void)instate; /* no use for this yet */
|
||||
|
||||
if(pop3code != '+') {
|
||||
@ -992,30 +988,26 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
|
||||
/* Get the challenge message */
|
||||
pop3_get_message(data->state.buffer, &chlg64);
|
||||
|
||||
/* Decode the challange message */
|
||||
result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
|
||||
realm, sizeof(realm),
|
||||
algorithm, sizeof(algorithm));
|
||||
if(result || strcmp(algorithm, "md5-sess") != 0) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, POP3_AUTH_CANCEL);
|
||||
}
|
||||
else {
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
|
||||
conn->user, conn->passwd,
|
||||
"pop", &rplyb64, &len);
|
||||
if(!result && rplyb64) {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, chlg64,
|
||||
conn->user, conn->passwd,
|
||||
"pop", &rplyb64, &len);
|
||||
if(result) {
|
||||
if(result == CURLE_BAD_CONTENT_ENCODING) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, POP3_AUTH_DIGESTMD5_RESP);
|
||||
state(conn, POP3_AUTH_CANCEL);
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
|
||||
|
||||
if(!result)
|
||||
state(conn, POP3_AUTH_DIGESTMD5_RESP);
|
||||
}
|
||||
|
||||
Curl_safefree(rplyb64);
|
||||
|
||||
|
40
lib/smtp.c
40
lib/smtp.c
@ -996,10 +996,6 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn,
|
||||
char *rplyb64 = NULL;
|
||||
size_t len = 0;
|
||||
|
||||
char nonce[64];
|
||||
char realm[128];
|
||||
char algorithm[64];
|
||||
|
||||
(void)instate; /* no use for this yet */
|
||||
|
||||
if(smtpcode != 334) {
|
||||
@ -1010,30 +1006,26 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn,
|
||||
/* Get the challenge message */
|
||||
smtp_get_message(data->state.buffer, &chlg64);
|
||||
|
||||
/* Decode the challange message */
|
||||
result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce),
|
||||
realm, sizeof(realm),
|
||||
algorithm, sizeof(algorithm));
|
||||
if(result || strcmp(algorithm, "md5-sess") != 0) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, SMTP_AUTH_CANCEL);
|
||||
}
|
||||
else {
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, nonce, realm,
|
||||
conn->user, conn->passwd,
|
||||
"smtp", &rplyb64, &len);
|
||||
if(!result && rplyb64) {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
|
||||
/* Create the response message */
|
||||
result = Curl_sasl_create_digest_md5_message(data, chlg64,
|
||||
conn->user, conn->passwd,
|
||||
"smtp", &rplyb64, &len);
|
||||
if(result) {
|
||||
if(result == CURLE_BAD_CONTENT_ENCODING) {
|
||||
/* Send the cancellation */
|
||||
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
|
||||
|
||||
if(!result)
|
||||
state(conn, SMTP_AUTH_DIGESTMD5_RESP);
|
||||
state(conn, SMTP_AUTH_CANCEL);
|
||||
}
|
||||
}
|
||||
else {
|
||||
/* Send the response */
|
||||
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
|
||||
|
||||
if(!result)
|
||||
state(conn, SMTP_AUTH_DIGESTMD5_RESP);
|
||||
}
|
||||
|
||||
Curl_safefree(rplyb64);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user