email: Added support for cancelling NTLM authentication

This commit is contained in:
Steve Holme 2013-10-27 22:20:18 +00:00
parent 08f97f3b1d
commit f68559c086
5 changed files with 90 additions and 49 deletions

View File

@ -270,7 +270,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
* *
* Parameters: * Parameters:
* *
* chlg64 [in] - Pointer to the base64 encoded challenge buffer. * chlg64 [in] - Pointer to the base64 encoded challenge message.
* nonce [in/out] - The buffer where the nonce will be stored. * nonce [in/out] - The buffer where the nonce will be stored.
* nlen [in] - The length of the nonce buffer. * nlen [in] - The length of the nonce buffer.
* realm [in/out] - The buffer where the realm will be stored. * realm [in/out] - The buffer where the realm will be stored.
@ -488,8 +488,36 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
struct ntlmdata *ntlm, struct ntlmdata *ntlm,
char **outptr, size_t *outlen) char **outptr, size_t *outlen)
{ {
return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr, return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr, outlen);
outlen); }
/*
* Curl_sasl_decode_ntlm_type2_message()
*
* This is used to decode an already encoded NTLM type-2 message.
*
* Parameters:
*
* data [in] - Pointer to session handle.
* type2msg [in] - Pointer to the base64 encoded type-2 message.
* ntlm [in/out] - The ntlm data struct being used and modified.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
const char *type2msg,
struct ntlmdata *ntlm)
{
#ifdef USE_NSS
CURLcode result;
/* make sure the crypto backend is initialized */
result = Curl_nss_force_init(data);
if(result)
return result;
#endif
return Curl_ntlm_decode_type2_message(data, type2msg, ntlm);
} }
/* /*
@ -501,7 +529,6 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
* Parameters: * Parameters:
* *
* data [in] - Pointer to session handle. * data [in] - Pointer to session handle.
* header [in] - Pointer to the base64 encoded type-2 message buffer.
* userp [in] - The user name in the format User or Domain\User. * userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password. * passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified. * ntlm [in/out] - The ntlm data struct being used and modified.
@ -512,26 +539,13 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
* Returns CURLE_OK on success. * Returns CURLE_OK on success.
*/ */
CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data,
const char *header,
const char *userp, const char *userp,
const char *passwdp, const char *passwdp,
struct ntlmdata *ntlm, struct ntlmdata *ntlm,
char **outptr, size_t *outlen) char **outptr, size_t *outlen)
{ {
CURLcode result; return Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm, outptr,
#ifdef USE_NSS outlen);
/* make sure the crypto backend is initialized */
result = Curl_nss_force_init(data);
if(result)
return result;
#endif
result = Curl_ntlm_decode_type2_message(data, header, ntlm);
if(!result)
result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm,
outptr, outlen);
return result;
} }
#endif /* USE_NTLM */ #endif /* USE_NTLM */

View File

@ -101,10 +101,13 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
char **outptr, char **outptr,
size_t *outlen); size_t *outlen);
/* This is used to decode an incoming NTLM type-2 message and generate a /* This is used to decode a base64 encoded NTLM type-2 message */
base64 encoded type-3 response */ CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
const char *type2msg,
struct ntlmdata *ntlm);
/* This is used to generate a base64 encoded NTLM type-3 message */
CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data,
const char *header,
const char *userp, const char *userp,
const char *passwdp, const char *passwdp,
struct ntlmdata *ntlm, struct ntlmdata *ntlm,

View File

@ -1290,23 +1290,31 @@ static CURLcode imap_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
/* Get the challenge message */ /* Get the challenge message */
imap_get_message(data->state.buffer, &type2msg); imap_get_message(data->state.buffer, &type2msg);
/* Decode the type-2 message */
result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
if(!result)
state(conn, IMAP_AUTHENTICATE_CANCEL);
}
else {
/* Create the type-3 message */ /* Create the type-3 message */
result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
conn->passwd, &conn->ntlm, conn->passwd, &conn->ntlm,
&type3msg, &len); &type3msg, &len);
if(!result && type3msg) {
/* Send the message */ /* Send the message */
if(!result) {
if(type3msg) {
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type3msg); result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type3msg);
if(!result) if(!result)
state(conn, IMAP_AUTHENTICATE_FINAL); state(conn, IMAP_AUTHENTICATE_FINAL);
} }
}
}
Curl_safefree(type3msg); Curl_safefree(type3msg);
}
}
return result; return result;
} }

View File

@ -1148,23 +1148,31 @@ static CURLcode pop3_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
/* Get the type-2 message */ /* Get the type-2 message */
pop3_get_message(data->state.buffer, &type2msg); pop3_get_message(data->state.buffer, &type2msg);
/* Decode the type-2 message */
result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
if(!result)
state(conn, POP3_AUTH_CANCEL);
}
else {
/* Create the type-3 message */ /* Create the type-3 message */
result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
conn->passwd, &conn->ntlm, conn->passwd, &conn->ntlm,
&type3msg, &len); &type3msg, &len);
if(!result && type3msg) {
/* Send the message */ /* Send the message */
if(!result) {
if(type3msg) {
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type3msg); result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type3msg);
if(!result) if(!result)
state(conn, POP3_AUTH_FINAL); state(conn, POP3_AUTH_FINAL);
} }
}
}
Curl_safefree(type3msg); Curl_safefree(type3msg);
}
}
return result; return result;
} }

View File

@ -1129,23 +1129,31 @@ static CURLcode smtp_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
/* Get the type-2 message */ /* Get the type-2 message */
smtp_get_message(data->state.buffer, &type2msg); smtp_get_message(data->state.buffer, &type2msg);
/* Decode the type-2 message */
result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
if(!result)
state(conn, SMTP_AUTH_CANCEL);
}
else {
/* Create the type-3 message */ /* Create the type-3 message */
result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
conn->passwd, &conn->ntlm, conn->passwd, &conn->ntlm,
&type3msg, &len); &type3msg, &len);
if(!result && type3msg) {
/* Send the message */ /* Send the message */
if(!result) {
if(type3msg) {
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg); result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
if(!result) if(!result)
state(conn, SMTP_AUTH_FINAL); state(conn, SMTP_AUTH_FINAL);
} }
}
}
Curl_safefree(type3msg); Curl_safefree(type3msg);
}
}
return result; return result;
} }