sasl: Moved cram-md5 authentication message creation from smtp.c
Moved the cram-md5 message creation from smtp.c into the sasl module to allow for use by other modules such as pop3.
This commit is contained in:
Steve Holme
Родитель
b5bb61ee69
Коммит
c12a414b21
|
|
@ -18,6 +18,7 @@
|
|||
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
||||
* KIND, either express or implied.
|
||||
*
|
||||
* RFC2195 CRAM-MD5 authentication
|
||||
* RFC4616 PLAIN authentication
|
||||
*
|
||||
***************************************************************************/
|
||||
|
|
@ -28,8 +29,14 @@
|
|||
#include "urldata.h"
|
||||
|
||||
#include "curl_base64.h"
|
||||
#include "curl_md5.h"
|
||||
#include "curl_hmac.h"
|
||||
#include "curl_ntlm_msgs.h"
|
||||
#include "curl_sasl.h"
|
||||
#include "warnless.h"
|
||||
|
||||
#define _MPRINTF_REPLACE /* use our functions only */
|
||||
#include <curl/mprintf.h>
|
||||
|
||||
/* The last #include file should be: */
|
||||
#include "memdebug.h"
|
||||
|
|
@ -115,6 +122,79 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
|||
return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
|
||||
}
|
||||
|
||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||
/*
|
||||
* Curl_sasl_create_cram_md5_message()
|
||||
*
|
||||
* This is used to generate an already encoded CRAM-MD5 message ready for
|
||||
* sending to the recipient.
|
||||
*
|
||||
* Parameters:
|
||||
*
|
||||
* data [in] - The session handle.
|
||||
* chlg64 [in] - Pointer to the input buffer.
|
||||
* userp [in] - The user name in the format User or Domain\User.
|
||||
* passdwp [in] - The user's password.
|
||||
* outptr [in/out] - The address where a pointer to newly allocated memory
|
||||
* holding the result will be stored upon completion.
|
||||
* outlen [out] - The length of the output message.
|
||||
*
|
||||
* Returns CURLE_OK on success.
|
||||
*/
|
||||
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
||||
const char* chlg64,
|
||||
const char* user,
|
||||
const char* passwdp,
|
||||
char **outptr, size_t *outlen)
|
||||
{
|
||||
CURLcode result = CURLE_OK;
|
||||
size_t chlg64len = strlen(chlg64);
|
||||
size_t len = 0;
|
||||
unsigned char *chlg = (unsigned char *) NULL;
|
||||
size_t chlglen = 0;
|
||||
HMAC_context *ctxt;
|
||||
unsigned char digest[MD5_DIGEST_LEN];
|
||||
char reply[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
|
||||
|
||||
/* Decode the challenge if necessary */
|
||||
if(chlg64len && *chlg64 != '=') {
|
||||
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
|
||||
|
||||
if(result)
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Compute the digest using the password as the key */
|
||||
ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
|
||||
(const unsigned char *) passwdp,
|
||||
curlx_uztoui(strlen(passwdp)));
|
||||
|
||||
if(!ctxt) {
|
||||
Curl_safefree(chlg);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
/* Update the digest with the given challenge */
|
||||
if(chlglen > 0)
|
||||
Curl_HMAC_update(ctxt, chlg, curlx_uztoui(chlglen));
|
||||
|
||||
Curl_safefree(chlg);
|
||||
|
||||
/* Finalise the digest */
|
||||
Curl_HMAC_final(ctxt, digest);
|
||||
|
||||
/* Prepare the reply */
|
||||
snprintf(reply, sizeof(reply),
|
||||
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
|
||||
user, digest[0], digest[1], digest[2], digest[3], digest[4],
|
||||
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
|
||||
digest[11], digest[12], digest[13], digest[14], digest[15]);
|
||||
|
||||
/* Base64 encode the reply */
|
||||
return Curl_base64_encode(data, reply, 0, outptr, outlen);
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef USE_NTLM
|
||||
/*
|
||||
* Curl_sasl_create_ntlm_type1_message()
|
||||
|
|
|
|||
|
|
@ -45,6 +45,15 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
|||
const char* valuep, char **outptr,
|
||||
size_t *outlen);
|
||||
|
||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||
/* This is used to generate a base64 encoded CRAM-MD5 message */
|
||||
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
|
||||
const char* chlg64,
|
||||
const char* user,
|
||||
const char* passwdp,
|
||||
char **outptr, size_t *outlen);
|
||||
#endif
|
||||
|
||||
#ifdef USE_NTLM
|
||||
/* This is used to generate a base64 encoded NTLM type-1 message */
|
||||
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
|
||||
|
|
|
|||
44
lib/smtp.c
44
lib/smtp.c
|
|
@ -85,7 +85,6 @@
|
|||
#include "curl_base64.h"
|
||||
#include "curl_rand.h"
|
||||
#include "curl_md5.h"
|
||||
#include "curl_hmac.h"
|
||||
#include "curl_gethostname.h"
|
||||
#include "curl_sasl.h"
|
||||
#include "warnless.h"
|
||||
|
|
@ -710,7 +709,6 @@ static CURLcode smtp_state_authpasswd_resp(struct connectdata *conn,
|
|||
}
|
||||
|
||||
#ifndef CURL_DISABLE_CRYPTO_AUTH
|
||||
|
||||
/* for AUTH CRAM-MD5 responses */
|
||||
static CURLcode smtp_state_authcram_resp(struct connectdata *conn,
|
||||
int smtpcode,
|
||||
|
|
@ -719,13 +717,8 @@ static CURLcode smtp_state_authcram_resp(struct connectdata *conn,
|
|||
CURLcode result = CURLE_OK;
|
||||
struct SessionHandle *data = conn->data;
|
||||
char *chlg64 = data->state.buffer;
|
||||
unsigned char *chlg;
|
||||
size_t chlglen;
|
||||
size_t len = 0;
|
||||
char *rplyb64 = NULL;
|
||||
HMAC_context *ctxt;
|
||||
unsigned char digest[MD5_DIGEST_LEN];
|
||||
char reply[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1];
|
||||
|
||||
(void)instate; /* no use for this yet */
|
||||
|
||||
|
|
@ -738,9 +731,7 @@ static CURLcode smtp_state_authcram_resp(struct connectdata *conn,
|
|||
for(chlg64 += 4; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
|
||||
;
|
||||
|
||||
chlg = (unsigned char *) NULL;
|
||||
chlglen = 0;
|
||||
|
||||
/* Terminate the challenge */
|
||||
if(*chlg64 != '=') {
|
||||
for(len = strlen(chlg64); len--;)
|
||||
if(chlg64[len] != '\r' && chlg64[len] != '\n' && chlg64[len] != ' ' &&
|
||||
|
|
@ -749,40 +740,11 @@ static CURLcode smtp_state_authcram_resp(struct connectdata *conn,
|
|||
|
||||
if(++len) {
|
||||
chlg64[len] = '\0';
|
||||
|
||||
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
|
||||
if(result)
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
||||
/* Compute digest */
|
||||
ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
|
||||
(const unsigned char *) conn->passwd,
|
||||
curlx_uztoui(strlen(conn->passwd)));
|
||||
|
||||
if(!ctxt) {
|
||||
Curl_safefree(chlg);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
if(chlglen > 0)
|
||||
Curl_HMAC_update(ctxt, chlg, curlx_uztoui(chlglen));
|
||||
|
||||
Curl_safefree(chlg);
|
||||
|
||||
Curl_HMAC_final(ctxt, digest);
|
||||
|
||||
/* Prepare the reply */
|
||||
snprintf(reply, sizeof(reply),
|
||||
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
|
||||
conn->user, digest[0], digest[1], digest[2], digest[3], digest[4],
|
||||
digest[5],
|
||||
digest[6], digest[7], digest[8], digest[9], digest[10], digest[11],
|
||||
digest[12], digest[13], digest[14], digest[15]);
|
||||
|
||||
/* Encode it to base64 and send it */
|
||||
result = Curl_base64_encode(data, reply, 0, &rplyb64, &len);
|
||||
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
|
||||
conn->passwd, &rplyb64, &len);
|
||||
|
||||
if(!result) {
|
||||
if(rplyb64) {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче