SASL: make some procedures local-scoped
This commit is contained in:
Patrick Monnerat
@@ -281,7 +281,7 @@ char *Curl_sasl_build_spn(const char *service, const char *host)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Curl_sasl_create_plain_message()
|
* create_plain_message()
|
||||||
*
|
*
|
||||||
* This is used to generate an already encoded PLAIN message ready
|
* This is used to generate an already encoded PLAIN message ready
|
||||||
* for sending to the recipient.
|
* for sending to the recipient.
|
||||||
@@ -297,10 +297,9 @@ char *Curl_sasl_build_spn(const char *service, const char *host)
|
|||||||
*
|
*
|
||||||
* Returns CURLE_OK on success.
|
* Returns CURLE_OK on success.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
|
static CURLcode create_plain_message(struct SessionHandle *data,
|
||||||
const char *userp,
|
const char *userp, const char *passwdp,
|
||||||
const char *passwdp,
|
char **outptr, size_t *outlen)
|
||||||
char **outptr, size_t *outlen)
|
|
||||||
{
|
{
|
||||||
CURLcode result;
|
CURLcode result;
|
||||||
char *plainauth;
|
char *plainauth;
|
||||||
@@ -332,7 +331,7 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Curl_sasl_create_login_message()
|
* create_login_message()
|
||||||
*
|
*
|
||||||
* This is used to generate an already encoded LOGIN message containing the
|
* This is used to generate an already encoded LOGIN message containing the
|
||||||
* user name or password ready for sending to the recipient.
|
* user name or password ready for sending to the recipient.
|
||||||
@@ -347,9 +346,9 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
|
|||||||
*
|
*
|
||||||
* Returns CURLE_OK on success.
|
* Returns CURLE_OK on success.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
static CURLcode create_login_message(struct SessionHandle *data,
|
||||||
const char *valuep, char **outptr,
|
const char *valuep, char **outptr,
|
||||||
size_t *outlen)
|
size_t *outlen)
|
||||||
{
|
{
|
||||||
size_t vlen = strlen(valuep);
|
size_t vlen = strlen(valuep);
|
||||||
|
|
||||||
@@ -371,7 +370,7 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
|||||||
|
|
||||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||||
/*
|
/*
|
||||||
* Curl_sasl_decode_cram_md5_message()
|
* decode_cram_md5_message()
|
||||||
*
|
*
|
||||||
* This is used to decode an already encoded CRAM-MD5 challenge message.
|
* This is used to decode an already encoded CRAM-MD5 challenge message.
|
||||||
*
|
*
|
||||||
@@ -384,8 +383,8 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
|||||||
*
|
*
|
||||||
* Returns CURLE_OK on success.
|
* Returns CURLE_OK on success.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
|
static CURLcode decode_cram_md5_message(const char *chlg64, char **outptr,
|
||||||
size_t *outlen)
|
size_t *outlen)
|
||||||
{
|
{
|
||||||
CURLcode result = CURLE_OK;
|
CURLcode result = CURLE_OK;
|
||||||
size_t chlg64len = strlen(chlg64);
|
size_t chlg64len = strlen(chlg64);
|
||||||
@@ -401,7 +400,7 @@ CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Curl_sasl_create_cram_md5_message()
|
* create_cram_md5_message()
|
||||||
*
|
*
|
||||||
* This is used to generate an already encoded CRAM-MD5 response message ready
|
* This is used to generate an already encoded CRAM-MD5 response message ready
|
||||||
* for sending to the recipient.
|
* for sending to the recipient.
|
||||||
@@ -418,11 +417,11 @@ CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
|
|||||||
*
|
*
|
||||||
* Returns CURLE_OK on success.
|
* Returns CURLE_OK on success.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
static CURLcode create_cram_md5_message(struct SessionHandle *data,
|
||||||
const char *chlg,
|
const char *chlg,
|
||||||
const char *userp,
|
const char *userp,
|
||||||
const char *passwdp,
|
const char *passwdp,
|
||||||
char **outptr, size_t *outlen)
|
char **outptr, size_t *outlen)
|
||||||
{
|
{
|
||||||
CURLcode result = CURLE_OK;
|
CURLcode result = CURLE_OK;
|
||||||
size_t chlglen = 0;
|
size_t chlglen = 0;
|
||||||
@@ -1130,7 +1129,7 @@ void Curl_sasl_ntlm_cleanup(struct ntlmdata *ntlm)
|
|||||||
#endif /* USE_NTLM && !USE_WINDOWS_SSPI*/
|
#endif /* USE_NTLM && !USE_WINDOWS_SSPI*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Curl_sasl_create_xoauth2_message()
|
* create_xoauth2_message()
|
||||||
*
|
*
|
||||||
* This is used to generate an already encoded OAuth 2.0 message ready for
|
* This is used to generate an already encoded OAuth 2.0 message ready for
|
||||||
* sending to the recipient.
|
* sending to the recipient.
|
||||||
@@ -1146,10 +1145,9 @@ void Curl_sasl_ntlm_cleanup(struct ntlmdata *ntlm)
|
|||||||
*
|
*
|
||||||
* Returns CURLE_OK on success.
|
* Returns CURLE_OK on success.
|
||||||
*/
|
*/
|
||||||
CURLcode Curl_sasl_create_xoauth2_message(struct SessionHandle *data,
|
static CURLcode create_xoauth2_message(struct SessionHandle *data,
|
||||||
const char *user,
|
const char *user, const char *bearer,
|
||||||
const char *bearer,
|
char **outptr, size_t *outlen)
|
||||||
char **outptr, size_t *outlen)
|
|
||||||
{
|
{
|
||||||
CURLcode result = CURLE_OK;
|
CURLcode result = CURLE_OK;
|
||||||
char *xoauth = NULL;
|
char *xoauth = NULL;
|
||||||
@@ -1396,9 +1394,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
|
|||||||
sasl->authused = SASL_MECH_XOAUTH2;
|
sasl->authused = SASL_MECH_XOAUTH2;
|
||||||
|
|
||||||
if(force_ir || data->set.sasl_ir)
|
if(force_ir || data->set.sasl_ir)
|
||||||
result = Curl_sasl_create_xoauth2_message(data, conn->user,
|
result = create_xoauth2_message(data, conn->user, conn->xoauth2_bearer,
|
||||||
conn->xoauth2_bearer,
|
&resp, &len);
|
||||||
&resp, &len);
|
|
||||||
}
|
}
|
||||||
else if(enabledmechs & SASL_MECH_LOGIN) {
|
else if(enabledmechs & SASL_MECH_LOGIN) {
|
||||||
mech = SASL_MECH_STRING_LOGIN;
|
mech = SASL_MECH_STRING_LOGIN;
|
||||||
@@ -1407,7 +1404,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
|
|||||||
sasl->authused = SASL_MECH_LOGIN;
|
sasl->authused = SASL_MECH_LOGIN;
|
||||||
|
|
||||||
if(force_ir || data->set.sasl_ir)
|
if(force_ir || data->set.sasl_ir)
|
||||||
result = Curl_sasl_create_login_message(data, conn->user, &resp, &len);
|
result = create_login_message(data, conn->user, &resp, &len);
|
||||||
}
|
}
|
||||||
else if(enabledmechs & SASL_MECH_PLAIN) {
|
else if(enabledmechs & SASL_MECH_PLAIN) {
|
||||||
mech = SASL_MECH_STRING_PLAIN;
|
mech = SASL_MECH_STRING_PLAIN;
|
||||||
@@ -1415,8 +1412,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
|
|||||||
sasl->authused = SASL_MECH_PLAIN;
|
sasl->authused = SASL_MECH_PLAIN;
|
||||||
|
|
||||||
if(force_ir || data->set.sasl_ir)
|
if(force_ir || data->set.sasl_ir)
|
||||||
result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
|
result = create_plain_message(data, conn->user, conn->passwd,
|
||||||
&resp, &len);
|
&resp, &len);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
state2 = SASL_STOP; /* No authentication started */
|
state2 = SASL_STOP; /* No authentication started */
|
||||||
@@ -1478,24 +1475,23 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
|
|||||||
*progress = SASL_DONE;
|
*progress = SASL_DONE;
|
||||||
return result;
|
return result;
|
||||||
case SASL_PLAIN:
|
case SASL_PLAIN:
|
||||||
result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
|
result = create_plain_message(data, conn->user, conn->passwd, &resp, &len);
|
||||||
&resp, &len);
|
|
||||||
break;
|
break;
|
||||||
case SASL_LOGIN:
|
case SASL_LOGIN:
|
||||||
result = Curl_sasl_create_login_message(data, conn->user, &resp, &len);
|
result = create_login_message(data, conn->user, &resp, &len);
|
||||||
newstate = SASL_LOGIN_PASSWD;
|
newstate = SASL_LOGIN_PASSWD;
|
||||||
break;
|
break;
|
||||||
case SASL_LOGIN_PASSWD:
|
case SASL_LOGIN_PASSWD:
|
||||||
result = Curl_sasl_create_login_message(data, conn->passwd, &resp, &len);
|
result = create_login_message(data, conn->passwd, &resp, &len);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||||
case SASL_CRAMMD5:
|
case SASL_CRAMMD5:
|
||||||
sasl->params->getmessage(data->state.buffer, &serverdata);
|
sasl->params->getmessage(data->state.buffer, &serverdata);
|
||||||
result = Curl_sasl_decode_cram_md5_message(serverdata, &chlg, &chlglen);
|
result = decode_cram_md5_message(serverdata, &chlg, &chlglen);
|
||||||
if(!result)
|
if(!result)
|
||||||
result = Curl_sasl_create_cram_md5_message(data, chlg, conn->user,
|
result = create_cram_md5_message(data, chlg, conn->user, conn->passwd,
|
||||||
conn->passwd, &resp, &len);
|
&resp, &len);
|
||||||
Curl_safefree(chlg);
|
Curl_safefree(chlg);
|
||||||
break;
|
break;
|
||||||
case SASL_DIGESTMD5:
|
case SASL_DIGESTMD5:
|
||||||
@@ -1570,9 +1566,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
|
|||||||
|
|
||||||
case SASL_XOAUTH2:
|
case SASL_XOAUTH2:
|
||||||
/* Create the authorisation message */
|
/* Create the authorisation message */
|
||||||
result = Curl_sasl_create_xoauth2_message(data, conn->user,
|
result = create_xoauth2_message(data, conn->user, conn->xoauth2_bearer,
|
||||||
conn->xoauth2_bearer,
|
&resp, &len);
|
||||||
&resp, &len);
|
|
||||||
break;
|
break;
|
||||||
case SASL_CANCEL:
|
case SASL_CANCEL:
|
||||||
/* Remove the offending mechanism from the supported list */
|
/* Remove the offending mechanism from the supported list */
|
||||||
|
|||||||
@@ -137,29 +137,7 @@ TCHAR *Curl_sasl_build_spn(const char *service, const char *instance);
|
|||||||
char *Curl_sasl_build_gssapi_spn(const char *service, const char *host);
|
char *Curl_sasl_build_gssapi_spn(const char *service, const char *host);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* This is used to generate a base64 encoded PLAIN authentication message */
|
|
||||||
CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
|
|
||||||
const char *userp,
|
|
||||||
const char *passwdp,
|
|
||||||
char **outptr, size_t *outlen);
|
|
||||||
|
|
||||||
/* This is used to generate a base64 encoded LOGIN authentication message
|
|
||||||
containing either the user name or password details */
|
|
||||||
CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
|
||||||
const char *valuep, char **outptr,
|
|
||||||
size_t *outlen);
|
|
||||||
|
|
||||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||||
/* This is used to decode a base64 encoded CRAM-MD5 challange message */
|
|
||||||
CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
|
|
||||||
size_t *outlen);
|
|
||||||
|
|
||||||
/* This is used to generate a base64 encoded CRAM-MD5 response message */
|
|
||||||
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
|
||||||
const char *chlg,
|
|
||||||
const char *user,
|
|
||||||
const char *passwdp,
|
|
||||||
char **outptr, size_t *outlen);
|
|
||||||
|
|
||||||
/* This is used to generate a base64 encoded DIGEST-MD5 response message */
|
/* This is used to generate a base64 encoded DIGEST-MD5 response message */
|
||||||
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
|
||||||
@@ -235,13 +213,6 @@ CURLcode Curl_sasl_create_gssapi_security_message(struct SessionHandle *data,
|
|||||||
void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5);
|
void Curl_sasl_gssapi_cleanup(struct kerberos5data *krb5);
|
||||||
#endif /* USE_KERBEROS5 */
|
#endif /* USE_KERBEROS5 */
|
||||||
|
|
||||||
/* This is used to generate a base64 encoded XOAUTH2 authentication message
|
|
||||||
containing the user name and bearer token */
|
|
||||||
CURLcode Curl_sasl_create_xoauth2_message(struct SessionHandle *data,
|
|
||||||
const char *user,
|
|
||||||
const char *bearer,
|
|
||||||
char **outptr, size_t *outlen);
|
|
||||||
|
|
||||||
/* This is used to cleanup any libraries or curl modules used by the sasl
|
/* This is used to cleanup any libraries or curl modules used by the sasl
|
||||||
functions */
|
functions */
|
||||||
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);
|
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);
|
||||||
|
|||||||
Reference in New Issue
Block a user