moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00
Code Issues Releases Wiki Activity

email: Added support for canceling CRAM-MD5 authentication

Browse Source
This commit is contained in:
Steve Holme 2013-10-27 12:34:56 +00:00
parent 8230af0b94
commit 1e39b95682
5 changed files with 98 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
lib/curl_sasl.c
View File

@ -168,7 +168,37 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
} }
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
/* /*
* Curl_sasl_decode_cram_md5_message()
*
* This is used to decode an already encoded CRAM-MD5 challenge message.
*
* Parameters:
*
* chlg64 [in] - Pointer to the base64 encoded challenge message.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlg64len = strlen(chlg64);
*outptr = NULL;
*outlen = 0;
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=')
result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen);
return result;
}
/*
* Curl_sasl_create_cram_md5_message() * Curl_sasl_create_cram_md5_message()
* *
* This is used to generate an already encoded CRAM-MD5 response message ready * This is used to generate an already encoded CRAM-MD5 response message ready
@ -177,7 +207,7 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
* Parameters: * Parameters:
* *
* data [in] - The session handle. * data [in] - The session handle.
* chlg64 [in] - Pointer to the base64 encoded challenge buffer. * chlg [in] - The challenge.
* userp [in] - The user name. * userp [in] - The user name.
* passdwp [in] - The user's password. * passdwp [in] - The user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory * outptr [in/out] - The address where a pointer to newly allocated memory
@ -187,42 +217,31 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
* Returns CURLE_OK on success. * Returns CURLE_OK on success.
*/ */
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
const char *chlg64, const char *chlg,
const char *userp, const char *userp,
const char *passwdp, const char *passwdp,
char **outptr, size_t *outlen) char **outptr, size_t *outlen)
{ {
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
size_t chlg64len = strlen(chlg64);
unsigned char *chlg = (unsigned char *) NULL;
size_t chlglen = 0; size_t chlglen = 0;
HMAC_context *ctxt; HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN]; unsigned char digest[MD5_DIGEST_LEN];
char *response; char *response;
/* Decode the challenge if necessary */ if(chlg)
if(chlg64len && *chlg64 != '=') { chlglen = strlen(chlg);
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
if(result)
return result;
}
/* Compute the digest using the password as the key */ /* Compute the digest using the password as the key */
ctxt = Curl_HMAC_init(Curl_HMAC_MD5, ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
(const unsigned char *) passwdp, (const unsigned char *) passwdp,
curlx_uztoui(strlen(passwdp))); curlx_uztoui(strlen(passwdp)));
if(!ctxt)
if(!ctxt) {
Curl_safefree(chlg);
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
}
/* Update the digest with the given challenge */ /* Update the digest with the given challenge */
if(chlglen > 0) if(chlglen > 0)
Curl_HMAC_update(ctxt, chlg, curlx_uztoui(chlglen)); Curl_HMAC_update(ctxt, (const unsigned char *) chlg,
curlx_uztoui(chlglen));
Curl_safefree(chlg);
/* Finalise the digest */ /* Finalise the digest */
Curl_HMAC_final(ctxt, digest); Curl_HMAC_final(ctxt, digest);
@ -240,6 +259,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
result = Curl_base64_encode(data, response, 0, outptr, outlen); result = Curl_base64_encode(data, response, 0, outptr, outlen);
Curl_safefree(response); Curl_safefree(response);
return result; return result;
} }

6
lib/curl_sasl.h
View File

@ -66,6 +66,10 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
size_t *outlen); size_t *outlen);
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
/* This is used to decode a base64 encoded CRAM-MD5 challange message */
CURLcode Curl_sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
size_t *outlen);
/* This is used to generate a base64 encoded CRAM-MD5 response message */ /* This is used to generate a base64 encoded CRAM-MD5 response message */
CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
const char *chlg64, const char *chlg64,
@ -75,7 +79,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data,
/* This is used to generate a base64 encoded DIGEST-MD5 response message */ /* This is used to generate a base64 encoded DIGEST-MD5 response message */
CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
const char *chlg64, const char *chlg,
const char *user, const char *user,
const char *passwdp, const char *passwdp,
const char *service, const char *service,

26
lib/imap.c
View File

@ -1106,6 +1106,7 @@ static CURLcode imap_state_auth_cram_resp(struct connectdata *conn,
{ {
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
char *chlg = NULL;
char *chlg64 = NULL; char *chlg64 = NULL;
char *rplyb64 = NULL; char *rplyb64 = NULL;
size_t len = 0; size_t len = 0;
@ -1120,22 +1121,31 @@ static CURLcode imap_state_auth_cram_resp(struct connectdata *conn,
/* Get the challenge message */ /* Get the challenge message */
imap_get_message(data->state.buffer, &chlg64); imap_get_message(data->state.buffer, &chlg64);
/* Create the response message */ /* Decode the challenge message */
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user, result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
conn->passwd, &rplyb64, &len); if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
/* Send the response */ if(!result)
if(!result) { state(conn, IMAP_AUTHENTICATE_CANCEL);
if(rplyb64) { }
else {
/* Create the response message */
result = Curl_sasl_create_cram_md5_message(data, chlg, conn->user,
conn->passwd, &rplyb64, &len);
if(!result && rplyb64) {
/* Send the response */
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64); result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
if(!result) if(!result)
state(conn, IMAP_AUTHENTICATE_FINAL); state(conn, IMAP_AUTHENTICATE_FINAL);
} }
Curl_safefree(rplyb64);
} }
Curl_safefree(chlg);
Curl_safefree(rplyb64);
return result; return result;
} }

26
lib/pop3.c
View File

@ -964,6 +964,7 @@ static CURLcode pop3_state_auth_cram_resp(struct connectdata *conn,
{ {
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
char *chlg = NULL;
char *chlg64 = NULL; char *chlg64 = NULL;
char *rplyb64 = NULL; char *rplyb64 = NULL;
size_t len = 0; size_t len = 0;
@ -978,22 +979,31 @@ static CURLcode pop3_state_auth_cram_resp(struct connectdata *conn,
/* Get the challenge message */ /* Get the challenge message */
pop3_get_message(data->state.buffer, &chlg64); pop3_get_message(data->state.buffer, &chlg64);
/* Create the response message */ /* Decode the challenge message */
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user, result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
conn->passwd, &rplyb64, &len); if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
/* Send the response */ if(!result)
if(!result) { state(conn, POP3_AUTH_CANCEL);
if(rplyb64) { }
else {
/* Create the response message */
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
conn->passwd, &rplyb64, &len);
if(!result && rplyb64) {
/* Send the response */
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64); result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
if(!result) if(!result)
state(conn, POP3_AUTH_FINAL); state(conn, POP3_AUTH_FINAL);
} }
Curl_safefree(rplyb64);
} }
Curl_safefree(chlg);
Curl_safefree(rplyb64);
return result; return result;
} }

26
lib/smtp.c
View File

@ -944,6 +944,7 @@ static CURLcode smtp_state_auth_cram_resp(struct connectdata *conn,
{ {
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
char *chlg = NULL;
char *chlg64 = NULL; char *chlg64 = NULL;
char *rplyb64 = NULL; char *rplyb64 = NULL;
size_t len = 0; size_t len = 0;
@ -958,22 +959,31 @@ static CURLcode smtp_state_auth_cram_resp(struct connectdata *conn,
/* Get the challenge message */ /* Get the challenge message */
smtp_get_message(data->state.buffer, &chlg64); smtp_get_message(data->state.buffer, &chlg64);
/* Create the response message */ /* Decode the challenge message */
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user, result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
conn->passwd, &rplyb64, &len); if(result) {
/* Send the cancellation */
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
/* Send the response */ if(!result)
if(!result) { state(conn, SMTP_AUTH_CANCEL);
if(rplyb64) { }
else {
/* Create the response message */
result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
conn->passwd, &rplyb64, &len);
if(!result && rplyb64) {
/* Send the response */
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64); result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
if(!result) if(!result)
state(conn, SMTP_AUTH_FINAL); state(conn, SMTP_AUTH_FINAL);
} }
Curl_safefree(rplyb64);
} }
Curl_safefree(chlg);
Curl_safefree(rplyb64);
return result; return result;
} }