curl/lib/security.c
Howard Chu d64bd82bdc sendrecv: split the I/O handling into private handler
Howard Chu brought the bulk work of this patch that properly
moves out the sending and recving of data to the parts of the
code that are properly responsible for the various ways of doing
so.

Daniel Stenberg assisted with polishing a few bits and fixed some
minor flaws in the original patch.

Another upside of this patch is that we now abuse CURLcodes less
with the "magic" -1 return codes and instead use CURLE_AGAIN more
consistently.
2010-05-07 15:05:34 +02:00

499 lines
12 KiB
C

/* This source code was modified by Martin Hedenfalk <mhe@stacken.kth.se> for
* use in Curl. His latest changes were done 2000-09-18.
*
* It has since been patched and modified a lot by Daniel Stenberg
* <daniel@haxx.se> to make it better applied to curl conditions, and to make
* it not use globals, pollute name space and more. This source code awaits a
* rewrite to work around the paragraph 2 in the BSD licenses as explained
* below.
*
* Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
*
* Copyright (C) 2001 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE. */
#include "setup.h"
#ifndef CURL_DISABLE_FTP
#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
#define _MPRINTF_REPLACE /* we want curl-functions instead of native ones */
#include <curl/mprintf.h>
#include <stdlib.h>
#include <string.h>
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "urldata.h"
#include "krb4.h"
#include "curl_base64.h"
#include "sendf.h"
#include "ftp.h"
#include "curl_memory.h"
#include "rawstr.h"
/* The last #include file should be: */
#include "memdebug.h"
static const struct {
enum protection_level level;
const char *name;
} level_names[] = {
{ prot_clear, "clear" },
{ prot_safe, "safe" },
{ prot_confidential, "confidential" },
{ prot_private, "private" }
};
static enum protection_level
name_to_level(const char *name)
{
int i;
for(i = 0; i < (int)sizeof(level_names)/(int)sizeof(level_names[0]); i++)
if(checkprefix(name, level_names[i].name))
return level_names[i].level;
return (enum protection_level)-1;
}
static const struct Curl_sec_client_mech * const mechs[] = {
#ifdef HAVE_GSSAPI
&Curl_krb5_client_mech,
#endif
#ifdef HAVE_KRB4
&Curl_krb4_client_mech,
#endif
NULL
};
static int
block_read(int fd, void *buf, size_t len)
{
unsigned char *p = buf;
int b;
while(len) {
b = read(fd, p, len);
if(b == 0)
return 0;
else if(b < 0 && (errno == EINTR || errno == EAGAIN))
/* TODO: this will busy loop in the EAGAIN case */
continue;
else if(b < 0)
return -1;
len -= b;
p += b;
}
return p - (unsigned char*)buf;
}
static int
block_write(int fd, const void *buf, size_t len)
{
const unsigned char *p = buf;
int b;
while(len) {
b = write(fd, p, len);
if(b < 0 && (errno == EINTR || errno == EAGAIN))
continue;
else if(b < 0)
return -1;
len -= b;
p += b;
}
return p - (unsigned char*)buf;
}
static int
sec_get_data(struct connectdata *conn,
int fd, struct krb4buffer *buf)
{
int len;
int b;
b = block_read(fd, &len, sizeof(len));
if(b == 0)
return 0;
else if(b < 0)
return -1;
len = ntohl(len);
/* TODO: This realloc will cause a memory leak in an out of memory
* condition */
buf->data = realloc(buf->data, len);
b = buf->data ? block_read(fd, buf->data, len) : -1;
if(b == 0)
return 0;
else if(b < 0)
return -1;
buf->size = (conn->mech->decode)(conn->app_data, buf->data, len,
conn->data_prot, conn);
buf->index = 0;
return 0;
}
static size_t
buffer_read(struct krb4buffer *buf, void *data, size_t len)
{
if(buf->size - buf->index < len)
len = buf->size - buf->index;
memcpy(data, (char*)buf->data + buf->index, len);
buf->index += len;
return len;
}
static ssize_t sec_read(struct connectdata *conn, int num,
char *buffer, size_t length, CURLcode *err)
{
size_t len;
int rx = 0;
curl_socket_t fd = conn->sock[num];
*err = CURLE_OK;
if(conn->in_buffer.eof_flag) {
conn->in_buffer.eof_flag = 0;
return 0;
}
len = buffer_read(&conn->in_buffer, buffer, length);
length -= len;
rx += len;
buffer = (char*)buffer + len;
while(length) {
if(sec_get_data(conn, fd, &conn->in_buffer) < 0)
return -1;
if(conn->in_buffer.size == 0) {
if(rx)
conn->in_buffer.eof_flag = 1;
return rx;
}
len = buffer_read(&conn->in_buffer, buffer, length);
length -= len;
rx += len;
buffer = (char*)buffer + len;
}
return rx;
}
static int
sec_send(struct connectdata *conn, int fd, const char *from, int length)
{
int bytes;
void *buf;
enum protection_level protlevel = conn->data_prot;
int iscmd = protlevel == prot_cmd;
if(iscmd) {
if(!strncmp(from, "PASS ", 5) || !strncmp(from, "ACCT ", 5))
protlevel = prot_private;
else
protlevel = conn->command_prot;
}
bytes = (conn->mech->encode)(conn->app_data, from, length, protlevel,
&buf, conn);
if(iscmd) {
char *cmdbuf;
bytes = Curl_base64_encode(conn->data, (char *)buf, bytes, &cmdbuf);
if(bytes > 0) {
if(protlevel == prot_private)
block_write(fd, "ENC ", 4);
else
block_write(fd, "MIC ", 4);
block_write(fd, cmdbuf, bytes);
block_write(fd, "\r\n", 2);
Curl_infof(conn->data, "%s %s\n",
protlevel == prot_private ? "ENC" : "MIC", cmdbuf);
free(cmdbuf);
}
}
else {
bytes = htonl(bytes);
block_write(fd, &bytes, sizeof(bytes));
block_write(fd, buf, ntohl(bytes));
}
free(buf);
return length;
}
static ssize_t sec_write(struct connectdata *conn, int fd,
const char *buffer, int length)
{
int len = conn->buffer_size;
int tx = 0;
len -= (conn->mech->overhead)(conn->app_data, conn->data_prot, len);
if(len <= 0)
len = length;
while(length){
if(length < len)
len = length;
sec_send(conn, fd, buffer, len);
length -= len;
buffer += len;
tx += len;
}
return tx;
}
int
Curl_sec_fflush_fd(struct connectdata *conn, int fd)
{
if(conn->data_prot != prot_clear) {
if(conn->out_buffer.index > 0){
sec_write(conn, fd, conn->out_buffer.data, conn->out_buffer.index);
conn->out_buffer.index = 0;
}
sec_send(conn, fd, NULL, 0);
}
return 0;
}
static ssize_t _sec_send(struct connectdata *conn, int num,
const void *buffer, size_t length, CURLcode *err)
{
curl_socket_t fd = conn->sock[num];
*err = CURLE_OK;
return sec_write(conn, fd, buffer, length);
}
int
Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
{
int len;
unsigned char *buf;
int code;
len = Curl_base64_decode(s + 4, &buf); /* XXX */
if(len > 0)
len = (conn->mech->decode)(conn->app_data, buf, len, level, conn);
else
return -1;
if(len < 0) {
free(buf);
return -1;
}
if(conn->data->set.verbose) {
buf[len] = '\n';
Curl_debug(conn->data, CURLINFO_HEADER_IN, (char *)buf, len + 1, conn);
}
buf[len] = '\0';
if(buf[3] == '-')
code = 0;
else
sscanf((char *)buf, "%d", &code);
if(buf[len-1] == '\n')
buf[len-1] = '\0';
strcpy(s, (char *)buf);
free(buf);
return code;
}
enum protection_level
Curl_set_command_prot(struct connectdata *conn, enum protection_level level)
{
enum protection_level old = conn->command_prot;
conn->command_prot = level;
return old;
}
static int
sec_prot_internal(struct connectdata *conn, int level)
{
char *p;
unsigned int s = 1048576;
ssize_t nread;
if(!conn->sec_complete){
infof(conn->data, "No security data exchange has taken place.\n");
return -1;
}
if(level){
int code;
if(Curl_ftpsendf(conn, "PBSZ %u", s))
return -1;
if(Curl_GetFTPResponse(&nread, conn, &code))
return -1;
if(code/100 != 2){
failf(conn->data, "Failed to set protection buffer size.");
return -1;
}
conn->buffer_size = s;
p = strstr(conn->data->state.buffer, "PBSZ=");
if(p)
sscanf(p, "PBSZ=%u", &s);
if(s < conn->buffer_size)
conn->buffer_size = s;
}
if(Curl_ftpsendf(conn, "PROT %c", level["CSEP"]))
return -1;
if(Curl_GetFTPResponse(&nread, conn, NULL))
return -1;
if(conn->data->state.buffer[0] != '2'){
failf(conn->data, "Failed to set protection level.");
return -1;
}
conn->data_prot = (enum protection_level)level;
if(level == prot_private)
conn->command_prot = (enum protection_level)level;
return 0;
}
void
Curl_sec_set_protection_level(struct connectdata *conn)
{
if(conn->sec_complete && conn->data_prot != conn->request_data_prot)
sec_prot_internal(conn, conn->request_data_prot);
}
int
Curl_sec_request_prot(struct connectdata *conn, const char *level)
{
int l = name_to_level(level);
if(l == -1)
return -1;
conn->request_data_prot = (enum protection_level)l;
return 0;
}
int
Curl_sec_login(struct connectdata *conn)
{
int ret;
const struct Curl_sec_client_mech * const *m;
ssize_t nread;
struct SessionHandle *data=conn->data;
int ftpcode;
for(m = mechs; *m && (*m)->name; m++) {
void *tmp;
tmp = realloc(conn->app_data, (*m)->size);
if(tmp == NULL) {
failf (data, "realloc %u failed", (*m)->size);
return -1;
}
conn->app_data = tmp;
if((*m)->init && (*(*m)->init)(conn->app_data) != 0) {
infof(data, "Skipping %s...\n", (*m)->name);
continue;
}
infof(data, "Trying %s...\n", (*m)->name);
if(Curl_ftpsendf(conn, "AUTH %s", (*m)->name))
return -1;
if(Curl_GetFTPResponse(&nread, conn, &ftpcode))
return -1;
if(conn->data->state.buffer[0] != '3'){
switch(ftpcode) {
case 504:
infof(data,
"%s is not supported by the server.\n", (*m)->name);
break;
case 534:
infof(data, "%s rejected as security mechanism.\n", (*m)->name);
break;
default:
if(conn->data->state.buffer[0] == '5') {
infof(data, "The server doesn't support the FTP "
"security extensions.\n");
return -1;
}
break;
}
continue;
}
ret = (*(*m)->auth)(conn->app_data, conn);
if(ret == AUTH_CONTINUE)
continue;
else if(ret != AUTH_OK){
/* mechanism is supposed to output error string */
return -1;
}
conn->mech = *m;
conn->sec_complete = 1;
if (conn->data_prot != prot_clear) {
conn->recv = sec_read;
conn->send = _sec_send;
}
conn->command_prot = prot_safe;
/* Set the requested protection level */
/* BLOCKING */
Curl_sec_set_protection_level(conn);
break;
}
return *m == NULL;
}
void
Curl_sec_end(struct connectdata *conn)
{
if(conn->mech != NULL) {
if(conn->mech->end)
(conn->mech->end)(conn->app_data);
memset(conn->app_data, 0, conn->mech->size);
free(conn->app_data);
conn->app_data = NULL;
}
conn->sec_complete = 0;
conn->data_prot = (enum protection_level)0;
conn->mech=NULL;
}
#endif /* HAVE_KRB4 */
#endif /* CURL_DISABLE_FTP */