moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-02-28 17:31:46 -05:00
Code Issues Releases Wiki Activity

pop3: Added support for sasl digest-md5 authentication

Browse Source
This commit is contained in:
Steve Holme 2012-06-04 21:50:16 +01:00
parent 32ab3276ee
commit 7759d10f36
3 changed files with 85 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
RELEASE-NOTES
View File

@ -15,6 +15,7 @@ This release includes the following changes:
o pop3: Added support for sasl login authentication o pop3: Added support for sasl login authentication
o pop3: Added support for sasl ntlm authentication o pop3: Added support for sasl ntlm authentication
o pop3: Added support for sasl cram-md5 authentication o pop3: Added support for sasl cram-md5 authentication
o pop3: Added support for sasl digest-md5 authentication
This release includes the following bugfixes: This release includes the following bugfixes:
@ -32,7 +33,7 @@ This release would not have looked like this without help, code, reports and
advice from friends like these: advice from friends like these:
Anthony Bryan, Guenter Knauf, Kamil Dudka, Steve Holme, Tatsuhiro Tsujikawa, Anthony Bryan, Guenter Knauf, Kamil Dudka, Steve Holme, Tatsuhiro Tsujikawa,
Yang Tse Yang Tse, Gokhan Sengun
Thanks! (and sorry if I forgot to mention someone) Thanks! (and sorry if I forgot to mention someone)

82
lib/pop3.c
View File

@ -23,6 +23,7 @@
* RFC2195 CRAM-MD5 authentication * RFC2195 CRAM-MD5 authentication
* RFC2384 POP URL Scheme * RFC2384 POP URL Scheme
* RFC2595 Using TLS with IMAP, POP3 and ACAP * RFC2595 Using TLS with IMAP, POP3 and ACAP
* RFC2831 DIGEST-MD5 authentication
* RFC4616 PLAIN authentication * RFC4616 PLAIN authentication
* *
***************************************************************************/ ***************************************************************************/
@ -315,6 +316,8 @@ static void state(struct connectdata *conn, pop3state newstate)
"AUTH_LOGIN", "AUTH_LOGIN",
"AUTH_LOGIN_PASSWD", "AUTH_LOGIN_PASSWD",
"AUTH_CRAMMD5", "AUTH_CRAMMD5",
"AUTH_DIGESTMD5",
"AUTH_DIGESTMD5_RESP",
"AUTH_NTLM", "AUTH_NTLM",
"AUTH_NTLM_TYPE2MSG", "AUTH_NTLM_TYPE2MSG",
"AUTH_FINAL", "AUTH_FINAL",
@ -387,7 +390,12 @@ static CURLcode pop3_authenticate(struct connectdata *conn)
/* Check supported authentication mechanisms by decreasing order of /* Check supported authentication mechanisms by decreasing order of
security */ security */
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
if(pop3c->authmechs & SASL_AUTH_CRAM_MD5) { if(pop3c->authmechs & SASL_AUTH_DIGEST_MD5) {
mech = "DIGEST-MD5";
authstate = POP3_AUTH_DIGESTMD5;
pop3c->authused = SASL_AUTH_DIGEST_MD5;
}
else if(pop3c->authmechs & SASL_AUTH_CRAM_MD5) {
mech = "CRAM-MD5"; mech = "CRAM-MD5";
authstate = POP3_AUTH_CRAMMD5; authstate = POP3_AUTH_CRAMMD5;
pop3c->authused = SASL_AUTH_CRAM_MD5; pop3c->authused = SASL_AUTH_CRAM_MD5;
@ -674,6 +682,70 @@ static CURLcode pop3_state_auth_cram_resp(struct connectdata *conn,
return result; return result;
} }
/* For AUTH DIGEST-MD5 challenge responses */
static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
int pop3code,
pop3state instate)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
char *chlg64 = data->state.buffer;
size_t len = 0;
char *rplyb64 = NULL;
(void)instate; /* no use for this yet */
if(pop3code != '+') {
failf(data, "Access denied: %d", pop3code);
return CURLE_LOGIN_DENIED;
}
/* Get the challenge */
for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
;
result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,
conn->passwd, "pop",
&rplyb64, &len);
if(!result) {
if(rplyb64) {
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
if(!result)
state(conn, POP3_AUTH_DIGESTMD5_RESP);
}
Curl_safefree(rplyb64);
}
return result;
}
/* For AUTH DIGEST-MD5 challenge-response responses */
static CURLcode pop3_state_auth_digest_resp_resp(struct connectdata *conn,
int pop3code,
pop3state instate)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
(void)instate; /* no use for this yet */
if(pop3code != '+') {
failf(data, "Authentication failed: %d", pop3code);
result = CURLE_LOGIN_DENIED;
}
else {
result = Curl_pp_sendf(&conn->proto.pop3c.pp, "");
if(!result)
state(conn, POP3_AUTH_FINAL);
}
return result;
}
#endif #endif
#ifdef USE_NTLM #ifdef USE_NTLM
@ -962,6 +1034,14 @@ static CURLcode pop3_statemach_act(struct connectdata *conn)
case POP3_AUTH_CRAMMD5: case POP3_AUTH_CRAMMD5:
result = pop3_state_auth_cram_resp(conn, pop3code, pop3c->state); result = pop3_state_auth_cram_resp(conn, pop3code, pop3c->state);
break; break;
case POP3_AUTH_DIGESTMD5:
result = pop3_state_auth_digest_resp(conn, pop3code, pop3c->state);
break;
case POP3_AUTH_DIGESTMD5_RESP:
result = pop3_state_auth_digest_resp_resp(conn, pop3code, pop3c->state);
break;
#endif #endif
#ifdef USE_NTLM #ifdef USE_NTLM

2
lib/pop3.h
View File

@ -35,6 +35,8 @@ typedef enum {
POP3_AUTH_LOGIN, POP3_AUTH_LOGIN,
POP3_AUTH_LOGIN_PASSWD, POP3_AUTH_LOGIN_PASSWD,
POP3_AUTH_CRAMMD5, POP3_AUTH_CRAMMD5,
POP3_AUTH_DIGESTMD5,
POP3_AUTH_DIGESTMD5_RESP,
POP3_AUTH_NTLM, POP3_AUTH_NTLM,
POP3_AUTH_NTLM_TYPE2MSG, POP3_AUTH_NTLM_TYPE2MSG,
POP3_AUTH_FINAL, POP3_AUTH_FINAL,