1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-23 16:48:49 -05:00

vauth/cleartext: Update the PLAIN login function signature to match RFC 4616

Functionally this doesn't change anything as we still use the username
for both the authorisation identity and the authentication identity.

Closes #3757
This commit is contained in:
Steve Holme 2019-04-10 22:17:02 +01:00
parent 1489d1db85
commit 762a292f87
3 changed files with 27 additions and 23 deletions

View File

@ -367,8 +367,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_PLAIN; sasl->authused = SASL_MECH_PLAIN;
if(force_ir || data->set.sasl_ir) if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, result = Curl_auth_create_plain_message(data, conn->user, conn->user,
&resp, &len); conn->passwd, &resp, &len);
} }
else if(enabledmechs & SASL_MECH_LOGIN) { else if(enabledmechs & SASL_MECH_LOGIN) {
mech = SASL_MECH_STRING_LOGIN; mech = SASL_MECH_STRING_LOGIN;
@ -450,9 +450,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
*progress = SASL_DONE; *progress = SASL_DONE;
return result; return result;
case SASL_PLAIN: case SASL_PLAIN:
result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, result = Curl_auth_create_plain_message(data, conn->user, conn->user,
&resp, conn->passwd, &resp, &len);
&len);
break; break;
case SASL_LOGIN: case SASL_LOGIN:
result = Curl_auth_create_login_message(data, conn->user, &resp, &len); result = Curl_auth_create_login_message(data, conn->user, &resp, &len);

View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -49,8 +49,9 @@
* Parameters: * Parameters:
* *
* data [in] - The session handle. * data [in] - The session handle.
* userp [in] - The user name. * authzid [in] - The authorization identity.
* passwdp [in] - The user's password. * authcid [in] - The authentication identity.
* passwd [in] - The password.
* outptr [in/out] - The address where a pointer to newly allocated memory * outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion. * holding the result will be stored upon completion.
* outlen [out] - The length of the output message. * outlen [out] - The length of the output message.
@ -58,36 +59,39 @@
* Returns CURLE_OK on success. * Returns CURLE_OK on success.
*/ */
CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
const char *userp, const char *authzid,
const char *passwdp, const char *authcid,
const char *passwd,
char **outptr, size_t *outlen) char **outptr, size_t *outlen)
{ {
CURLcode result; CURLcode result;
char *plainauth; char *plainauth;
size_t ulen; size_t zlen;
size_t clen;
size_t plen; size_t plen;
size_t plainlen; size_t plainlen;
*outlen = 0; *outlen = 0;
*outptr = NULL; *outptr = NULL;
ulen = strlen(userp); zlen = strlen(authzid);
plen = strlen(passwdp); clen = strlen(authcid);
plen = strlen(passwd);
/* Compute binary message length. Check for overflows. */ /* Compute binary message length. Check for overflows. */
if((ulen > SIZE_T_MAX/4) || (plen > (SIZE_T_MAX/2 - 2))) if(((zlen + clen) > SIZE_T_MAX/4) || (plen > (SIZE_T_MAX/2 - 2)))
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
plainlen = 2 * ulen + plen + 2; plainlen = zlen + clen + plen + 2;
plainauth = malloc(plainlen); plainauth = malloc(plainlen);
if(!plainauth) if(!plainauth)
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
/* Calculate the reply */ /* Calculate the reply */
memcpy(plainauth, userp, ulen); memcpy(plainauth, authzid, zlen);
plainauth[ulen] = '\0'; plainauth[zlen] = '\0';
memcpy(plainauth + ulen + 1, userp, ulen); memcpy(plainauth + zlen + 1, authcid, clen);
plainauth[2 * ulen + 1] = '\0'; plainauth[zlen + clen + 1] = '\0';
memcpy(plainauth + 2 * ulen + 2, passwdp, plen); memcpy(plainauth + zlen + clen + 2, passwd, plen);
/* Base64 encode the reply */ /* Base64 encode the reply */
result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen); result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen);

View File

@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 2014 - 2017, Steve Holme, <steve_holme@hotmail.com>. * Copyright (C) 2014 - 2019, Steve Holme, <steve_holme@hotmail.com>.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -60,8 +60,9 @@ bool Curl_auth_user_contains_domain(const char *user);
/* This is used to generate a base64 encoded PLAIN cleartext message */ /* This is used to generate a base64 encoded PLAIN cleartext message */
CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
const char *userp, const char *authzid,
const char *passwdp, const char *authcid,
const char *passwd,
char **outptr, size_t *outlen); char **outptr, size_t *outlen);
/* This is used to generate a base64 encoded LOGIN cleartext message */ /* This is used to generate a base64 encoded LOGIN cleartext message */