sasl: Moved ntlm authentication message handling from smtp.c
Moved the ntlm message creation and decoding from smtp.c into the sasl module to allow for use by other modules such as pop3.
This commit is contained in:
Родитель
2df6e6d9f8
Коммит
d9ca9e9869
|
@ -28,6 +28,7 @@
|
||||||
#include "urldata.h"
|
#include "urldata.h"
|
||||||
|
|
||||||
#include "curl_base64.h"
|
#include "curl_base64.h"
|
||||||
|
#include "curl_ntlm_msgs.h"
|
||||||
#include "curl_sasl.h"
|
#include "curl_sasl.h"
|
||||||
|
|
||||||
/* The last #include file should be: */
|
/* The last #include file should be: */
|
||||||
|
@ -113,3 +114,94 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
||||||
|
|
||||||
return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
|
return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef USE_NTLM
|
||||||
|
/*
|
||||||
|
* Curl_sasl_create_ntlm_type1_message()
|
||||||
|
*
|
||||||
|
* This is used to generate an already encoded NTLM type-1 message ready for
|
||||||
|
* sending to the recipient.
|
||||||
|
*
|
||||||
|
* Note: This is a simple wrapper of the NTLM function which means that any
|
||||||
|
* SASL based protocols don't have to include the NTLM functions directly.
|
||||||
|
*
|
||||||
|
* Parameters:
|
||||||
|
*
|
||||||
|
* userp [in] - The user name in the format User or Domain\User.
|
||||||
|
* passdwp [in] - The user's password.
|
||||||
|
* ntlm [in/out] - The ntlm data struct being used and modified.
|
||||||
|
* outptr [in/out] - The address where a pointer to newly allocated memory
|
||||||
|
* holding the result will be stored upon completion.
|
||||||
|
* outlen [out] - The length of the output message.
|
||||||
|
*
|
||||||
|
* Returns CURLE_OK on success.
|
||||||
|
*/
|
||||||
|
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
|
||||||
|
const char *passwdp,
|
||||||
|
struct ntlmdata *ntlm,
|
||||||
|
char **outptr, size_t *outlen)
|
||||||
|
{
|
||||||
|
return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr,
|
||||||
|
outlen);
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Curl_sasl_decode_ntlm_type2_message()
|
||||||
|
*
|
||||||
|
* This is used to decode a ntlm type-2 message received from a recipient and
|
||||||
|
* generate the already encoded NTLM type-3 message ready for sending back.
|
||||||
|
*
|
||||||
|
* Parameters:
|
||||||
|
*
|
||||||
|
* data [in] - Pointer to session handle.
|
||||||
|
* header [in] - Pointer to the input buffer.
|
||||||
|
* userp [in] - The user name in the format User or Domain\User.
|
||||||
|
* passdwp [in] - The user's password.
|
||||||
|
* ntlm [in/out] - The ntlm data struct being used and modified.
|
||||||
|
* outptr [in/out] - The address where a pointer to newly allocated memory
|
||||||
|
* holding the result will be stored upon completion.
|
||||||
|
* outlen [out] - The length of the output message.
|
||||||
|
*
|
||||||
|
* Returns CURLE_OK on success.
|
||||||
|
*/
|
||||||
|
CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
|
||||||
|
const char *header,
|
||||||
|
const char *userp,
|
||||||
|
const char *passwdp,
|
||||||
|
struct ntlmdata *ntlm,
|
||||||
|
char **outptr, size_t *outlen)
|
||||||
|
{
|
||||||
|
CURLcode result = Curl_ntlm_decode_type2_message(data, header, ntlm);
|
||||||
|
|
||||||
|
if(!result)
|
||||||
|
result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm,
|
||||||
|
outptr, outlen);
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
#endif /* USE_NTLM */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Curl_sasl_cleanup()
|
||||||
|
*
|
||||||
|
* This is used to cleanup any libraries or curl modules used by the sasl
|
||||||
|
* functions.
|
||||||
|
*
|
||||||
|
* Parameters:
|
||||||
|
*
|
||||||
|
* conn [in] - Pointer to the connection data.
|
||||||
|
* authused [in] - The authentication mechanism used.
|
||||||
|
*/
|
||||||
|
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused)
|
||||||
|
{
|
||||||
|
#ifdef USE_NTLM
|
||||||
|
/* Cleanup the ntlm structure */
|
||||||
|
if(authused == SASL_AUTH_NTLM) {
|
||||||
|
Curl_ntlm_sspi_cleanup(&conn->ntlm);
|
||||||
|
}
|
||||||
|
#else
|
||||||
|
/* Reserved for future use */
|
||||||
|
(void)conn;
|
||||||
|
(void)authused;
|
||||||
|
#endif
|
||||||
|
}
|
|
@ -45,4 +45,27 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
|
||||||
const char* valuep, char **outptr,
|
const char* valuep, char **outptr,
|
||||||
size_t *outlen);
|
size_t *outlen);
|
||||||
|
|
||||||
|
#ifdef USE_NTLM
|
||||||
|
/* This is used to generate a base64 encoded NTLM type-1 message */
|
||||||
|
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
|
||||||
|
const char *passwdp,
|
||||||
|
struct ntlmdata *ntlm,
|
||||||
|
char **outptr,
|
||||||
|
size_t *outlen);
|
||||||
|
|
||||||
|
/* This is used to decode an incoming NTLM type-2 message and generate a
|
||||||
|
base64 encoded type-3 response */
|
||||||
|
CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
|
||||||
|
const char *type2msg,
|
||||||
|
const char *userp,
|
||||||
|
const char *passwdp,
|
||||||
|
struct ntlmdata *ntlm,
|
||||||
|
char **outptr, size_t *outlen);
|
||||||
|
|
||||||
|
#endif /* USE_NTLM */
|
||||||
|
|
||||||
|
/* This is used to cleanup any libraries or curl modules used by the sasl
|
||||||
|
functions */
|
||||||
|
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);
|
||||||
|
|
||||||
#endif /* HEADER_CURL_SASL_H */
|
#endif /* HEADER_CURL_SASL_H */
|
||||||
|
|
47
lib/smtp.c
47
lib/smtp.c
|
@ -87,7 +87,6 @@
|
||||||
#include "curl_md5.h"
|
#include "curl_md5.h"
|
||||||
#include "curl_hmac.h"
|
#include "curl_hmac.h"
|
||||||
#include "curl_gethostname.h"
|
#include "curl_gethostname.h"
|
||||||
#include "curl_ntlm_msgs.h"
|
|
||||||
#include "curl_sasl.h"
|
#include "curl_sasl.h"
|
||||||
#include "warnless.h"
|
#include "warnless.h"
|
||||||
|
|
||||||
|
@ -383,15 +382,6 @@ static CURLcode smtp_state_helo(struct connectdata *conn)
|
||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef USE_NTLM
|
|
||||||
static CURLcode smtp_auth_ntlm_type1_message(struct connectdata *conn,
|
|
||||||
char **outptr, size_t *outlen)
|
|
||||||
{
|
|
||||||
return Curl_ntlm_create_type1_message(conn->user, conn->passwd,
|
|
||||||
&conn->ntlm, outptr, outlen);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static CURLcode smtp_authenticate(struct connectdata *conn)
|
static CURLcode smtp_authenticate(struct connectdata *conn)
|
||||||
{
|
{
|
||||||
CURLcode result = CURLE_OK;
|
CURLcode result = CURLE_OK;
|
||||||
|
@ -431,7 +421,8 @@ static CURLcode smtp_authenticate(struct connectdata *conn)
|
||||||
state1 = SMTP_AUTHNTLM;
|
state1 = SMTP_AUTHNTLM;
|
||||||
state2 = SMTP_AUTHNTLM_TYPE2MSG;
|
state2 = SMTP_AUTHNTLM_TYPE2MSG;
|
||||||
smtpc->authused = SASL_AUTH_NTLM;
|
smtpc->authused = SASL_AUTH_NTLM;
|
||||||
result = smtp_auth_ntlm_type1_message(conn, &initresp, &len);
|
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
|
||||||
|
&conn->ntlm, &initresp, &len);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
#endif
|
#endif
|
||||||
|
@ -1039,7 +1030,8 @@ static CURLcode smtp_state_auth_ntlm_resp(struct connectdata *conn,
|
||||||
result = CURLE_LOGIN_DENIED;
|
result = CURLE_LOGIN_DENIED;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
result = smtp_auth_ntlm_type1_message(conn, &type1msg, &len);
|
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
|
||||||
|
&conn->ntlm, &type1msg, &len);
|
||||||
|
|
||||||
if(!result) {
|
if(!result) {
|
||||||
if(type1msg) {
|
if(type1msg) {
|
||||||
|
@ -1073,22 +1065,20 @@ static CURLcode smtp_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
|
||||||
result = CURLE_LOGIN_DENIED;
|
result = CURLE_LOGIN_DENIED;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
result = Curl_ntlm_decode_type2_message(data, data->state.buffer + 4,
|
result = Curl_sasl_decode_ntlm_type2_message(data,
|
||||||
&conn->ntlm);
|
data->state.buffer + 4,
|
||||||
|
conn->user, conn->passwd,
|
||||||
|
&conn->ntlm,
|
||||||
|
&type3msg, &len);
|
||||||
if(!result) {
|
if(!result) {
|
||||||
result = Curl_ntlm_create_type3_message(conn->data, conn->user,
|
if(type3msg) {
|
||||||
conn->passwd, &conn->ntlm,
|
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
|
||||||
&type3msg, &len);
|
|
||||||
if(!result) {
|
|
||||||
if(type3msg) {
|
|
||||||
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
|
|
||||||
|
|
||||||
if(!result)
|
if(!result)
|
||||||
state(conn, SMTP_AUTH);
|
state(conn, SMTP_AUTH);
|
||||||
}
|
|
||||||
|
|
||||||
Curl_safefree(type3msg);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Curl_safefree(type3msg);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1763,12 +1753,7 @@ static CURLcode smtp_disconnect(struct connectdata *conn,
|
||||||
|
|
||||||
Curl_pp_disconnect(&smtpc->pp);
|
Curl_pp_disconnect(&smtpc->pp);
|
||||||
|
|
||||||
#ifdef USE_NTLM
|
Curl_sasl_cleanup(conn, smtpc->authused);
|
||||||
/* Cleanup the ntlm structure */
|
|
||||||
if(smtpc->authused == SASL_AUTH_NTLM) {
|
|
||||||
Curl_ntlm_sspi_cleanup(&conn->ntlm);
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* This won't already be freed in some error cases */
|
/* This won't already be freed in some error cases */
|
||||||
Curl_safefree(smtpc->domain);
|
Curl_safefree(smtpc->domain);
|
||||||
|
|
Загрузка…
Ссылка в новой задаче