diff --git a/lib/http_digest.c b/lib/http_digest.c index 76175ef95..9d1864f1d 100644 --- a/lib/http_digest.c +++ b/lib/http_digest.c @@ -1,8 +1,8 @@ /*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2004, Daniel Stenberg, , et al. @@ -10,7 +10,7 @@ * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms * are also available at http://curl.haxx.se/docs/copyright.html. - * + * * You may opt to use, copy, modify, merge, publish, distribute and/or sell * copies of the Software, and permit persons to whom the Software is * furnished to do so, under the terms of the COPYING file. @@ -33,9 +33,10 @@ #include "urldata.h" #include "sendf.h" #include "strequal.h" - +#include "base64.h" #include "md5.h" #include "http_digest.h" +#include "strtok.h" #include "url.h" /* for Curl_safefree() */ #define _MPRINTF_REPLACE /* use our functions only */ @@ -57,6 +58,10 @@ CURLdigest Curl_input_digest(struct connectdata *conn, header */ { bool more = TRUE; + char *token = NULL; + char *tmp = NULL; + bool foundAuth = FALSE; + bool foundAuthInt = FALSE; struct SessionHandle *data=conn->data; bool before = FALSE; /* got a nonce before */ struct digestdata *d = &data->state.digest; @@ -82,7 +87,7 @@ CURLdigest Curl_input_digest(struct connectdata *conn, while(*header && isspace((int)*header)) header++; - + /* how big can these strings be? */ if((2 == sscanf(header, "%31[^=]=\"%127[^\"]\"", value, content)) || @@ -94,16 +99,43 @@ CURLdigest Curl_input_digest(struct connectdata *conn, d->nonce = strdup(content); } else if(strequal(value, "stale")) { - if(strequal(content, "true")) + if(strequal(content, "true")) { d->stale = TRUE; - } - else if(strequal(value, "cnonce")) { - d->cnonce = strdup(content); + d->nc = 1; /* we make a new nonce now */ + } } else if(strequal(value, "realm")) { d->realm = strdup(content); } + else if(strequal(value, "opaque")) { + d->opaque = strdup(content); + } + else if(strequal(value, "qop")) { + char *tok_buf; + /* tokenize the list and choose auth if possible, use a temporary + clone of the buffer since strtok_r() ruins it */ + tmp = strdup(content); + token = strtok_r(tmp, ",", &tok_buf); + while (token != NULL) { + if (strequal(token, "auth")) { + foundAuth = TRUE; + } + else if (strequal(token, "auth-int")) { + foundAuthInt = TRUE; + } + token = strtok (NULL, ","); + } + free(tmp); + /*select only auth o auth-int. Otherwise, ignore*/ + if (foundAuth) { + d->qop = strdup("auth"); + } + else if (foundAuthInt) { + d->qop = strdup("auth-int"); + } + } else if(strequal(value, "algorithm")) { + d->algorithm = strdup(content); if(strequal(content, "MD5-sess")) d->algo = CURLDIGESTALGO_MD5SESS; else if(strequal(content, "MD5")) @@ -116,18 +148,17 @@ CURLdigest Curl_input_digest(struct connectdata *conn, } totlen = strlen(value)+strlen(content)+3; } - else + else break; /* we're done here */ - + header += totlen; if(',' == *header) /* allow the list to be comma-separated */ - header++; + header++; } /* We had a nonce since before, and we got another one now without - 'stale=true'. This means we provided bad credentials in the previous - request */ - + 'stale=true'. This means we provided bad credentials in the previous + request */ if(before && !d->stale) return CURLDIGEST_BAD; @@ -135,7 +166,7 @@ CURLdigest Curl_input_digest(struct connectdata *conn, if(!d->nonce) return CURLDIGEST_BAD; } - else + else /* else not a digest, get out */ return CURLDIGEST_NONE; @@ -159,17 +190,34 @@ CURLcode Curl_output_digest(struct connectdata *conn, this sorted out, I must urge you dear friend to read up on the RFC2617 section 3.2.2, */ unsigned char md5buf[16]; /* 16 bytes/128 bits */ - unsigned char ha1[33]; /* 32 digits and 1 zero byte */ - unsigned char ha2[33]; unsigned char request_digest[33]; unsigned char *md5this; + unsigned char *ha1; + unsigned char ha2[33];/* 32 digits and 1 zero byte */ + char cnoncebuf[7]; + char *cnonce; + char *tmp = NULL; + struct timeval now; struct SessionHandle *data = conn->data; struct digestdata *d = &data->state.digest; + ha1 = (unsigned char *)malloc(33); /* 32 digits and 1 zero byte */ + + if(!d->nc) + d->nc = 1; + + if(!d->cnonce) { + /* Generate a cnonce */ + now = Curl_tvnow(); + snprintf(cnoncebuf, sizeof(cnoncebuf), "%06d", now.tv_sec); + Curl_base64_encode(cnoncebuf, strlen(cnoncebuf), &cnonce); + d->cnonce = cnonce; + } + /* if the algorithm is "MD5" or unspecified (which then defaults to MD5): - + A1 = unq(username-value) ":" unq(realm-value) ":" passwd if the algorithm is "MD5-sess" then: @@ -177,40 +225,61 @@ CURLcode Curl_output_digest(struct connectdata *conn, A1 = H( unq(username-value) ":" unq(realm-value) ":" passwd ) ":" unq(nonce-value) ":" unq(cnonce-value) */ - if(d->algo == CURLDIGESTALGO_MD5SESS) { - md5this = (unsigned char *) - aprintf("%s:%s:%s:%s:%s", - conn->user, - d->realm, - conn->passwd, - d->nonce, - d->cnonce); - } - else { - md5this = (unsigned char *) - aprintf("%s:%s:%s", - conn->user, - d->realm, - conn->passwd); - } + + md5this = (unsigned char *) + aprintf("%s:%s:%s", conn->user, d->realm, conn->passwd); Curl_md5it(md5buf, md5this); free(md5this); /* free this again */ md5_to_ascii(md5buf, ha1); + if(d->algo == CURLDIGESTALGO_MD5SESS) { + /* nonce and cnonce are OUTSIDE the hash */ + tmp = aprintf("%s:%s:%s", ha1, d->nonce, d->cnonce); + + free(ha1); + ha1 = (unsigned char *)tmp; + } + /* - A2 = Method ":" digest-uri-value - + If the "qop" directive's value is "auth" or is unspecified, then A2 is: + + A2 = Method ":" digest-uri-value + + If the "qop" value is "auth-int", then A2 is: + + A2 = Method ":" digest-uri-value ":" H(entity-body) + (The "Method" value is the HTTP request method as specified in section 5.1.1 of RFC 2616) */ md5this = (unsigned char *)aprintf("%s:%s", request, uripath); + if (d->qop && strequal(d->qop, "auth-int")) { + /* We don't support auth-int at the moment. I can't see a easy way to get + entity-body here */ + /* TODO: Append H(entity-body)*/ + } Curl_md5it(md5buf, md5this); free(md5this); /* free this again */ md5_to_ascii(md5buf, ha2); - - md5this = (unsigned char *)aprintf("%s:%s:%s", ha1, d->nonce, - ha2); + + if (d->qop) { + md5this = (unsigned char *)aprintf("%s:%s:%08x:%s:%s:%s", + ha1, + d->nonce, + d->nc, + d->cnonce, + d->qop, + ha2); + } + else { + md5this = (unsigned char *)aprintf("%s:%s:%s", + ha1, + d->nonce, + ha2); + } + free(ha1); + Curl_md5it(md5buf, md5this); free(md5this); /* free this again */ md5_to_ascii(md5buf, request_digest); @@ -222,18 +291,73 @@ CURLcode Curl_output_digest(struct connectdata *conn, */ Curl_safefree(conn->allocptr.userpwd); - conn->allocptr.userpwd = - aprintf( "Authorization: Digest " - "username=\"%s\", " - "realm=\"%s\", " - "nonce=\"%s\", " - "uri=\"%s\", " - "response=\"%s\"\r\n", - conn->user, - d->realm, - d->nonce, - uripath, /* this is the PATH part of the URL */ - request_digest ); + + if (d->qop) { + conn->allocptr.userpwd = + aprintf( "Authorization: Digest " + "username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "cnonce=\"%s\", " + "nc=\"%08x\", " + "qop=\"%s\", " + "response=\"%s\"", + conn->user, + d->realm, + d->nonce, + uripath, /* this is the PATH part of the URL */ + d->cnonce, + d->nc, + d->qop, + request_digest); + + if(strequal(d->qop, "auth")) + d->nc++; /* The nc (from RFC) has to be a 8 hex digit number 0 padded + which tells to the server how many times you are using the + same nonce in the qop=auth mode. */ + } + else { + conn->allocptr.userpwd = + aprintf( "Authorization: Digest " + "username=\"%s\", " + "realm=\"%s\", " + "nonce=\"%s\", " + "uri=\"%s\", " + "response=\"%s\"", + conn->user, + d->realm, + d->nonce, + uripath, /* this is the PATH part of the URL */ + request_digest); + } + + /* Add optional fields */ + if(d->opaque) { + /* append opaque */ + tmp = aprintf(", opaque=\"%s\"", d->opaque); + conn->allocptr.userpwd = (char*) + realloc(conn->allocptr.userpwd, + strlen(conn->allocptr.userpwd) + strlen(tmp) + 1); + strcat(conn->allocptr.userpwd, tmp); + free(tmp); + } + + if(d->algorithm) { + /* append algorithm */ + tmp = aprintf(", algorithm=\"%s\"", d->algorithm); + conn->allocptr.userpwd = (char*) + realloc(conn->allocptr.userpwd, + strlen(conn->allocptr.userpwd) + strlen(tmp) + 1); + strcat(conn->allocptr.userpwd, tmp); + free(tmp); + } + + /* append CRLF to the userpwd header */ + conn->allocptr.userpwd = (char*) + realloc(conn->allocptr.userpwd, + strlen(conn->allocptr.userpwd) + 3 + 1); + strcat(conn->allocptr.userpwd, "\r\n"); return CURLE_OK; } @@ -254,8 +378,20 @@ void Curl_digest_cleanup(struct SessionHandle *data) free(d->realm); d->realm = NULL; - d->algo = CURLDIGESTALGO_MD5; /* default algorithm */ + if(d->opaque) + free(d->opaque); + d->opaque = NULL; + if(d->qop) + free(d->qop); + d->qop = NULL; + + if(d->algorithm) + free(d->algorithm); + d->algorithm = NULL; + + d->nc = 0; + d->algo = CURLDIGESTALGO_MD5; /* default algorithm */ d->stale = FALSE; /* default means normal, not stale */ } diff --git a/lib/urldata.h b/lib/urldata.h index 19e83ca4f..9cda637b9 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -171,6 +171,10 @@ struct digestdata { char *realm; int algo; bool stale; /* set true for re-negotiation */ + char *opaque; + char *qop; + char *algorithm; + int nc; /* nounce count */ }; typedef enum {