luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vauth: Moved the CRAM-MD5 authentication code to the new vauth directory

Browse Source
This commit is contained in:
Steve Holme 2015-09-12 13:02:27 +01:00
parent 6101e35819
commit ec5b8dc647
6 changed files with 156 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Makefile.inc
View File

@ -20,7 +20,7 @@
# #
########################################################################### ###########################################################################
LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c LIB_VAUTH_CFILES = vauth/vauth.c vauth/cleartext.c vauth/cram.c
LIB_VAUTH_HFILES = vauth/vauth.h LIB_VAUTH_HFILES = vauth/vauth.h

1
lib/Makefile.vc6
View File

@ -622,6 +622,7 @@ X_OBJS= \
$(DIROBJ)\ssh.obj \ $(DIROBJ)\ssh.obj \
$(DIROBJ)\vauth.obj \ $(DIROBJ)\vauth.obj \
$(DIROBJ)\cleartext.obj \ $(DIROBJ)\cleartext.obj \
$(DIROBJ)\cram.obj \
$(DIROBJ)\vtls.obj \ $(DIROBJ)\vtls.obj \
$(DIROBJ)\openssl.obj \ $(DIROBJ)\openssl.obj \
$(DIROBJ)\strdup.obj \ $(DIROBJ)\strdup.obj \

101
lib/curl_sasl.c
View File

@ -159,9 +159,8 @@ bool Curl_sasl_digest_get_pair(const char *str, char *value, char *content,
return TRUE; return TRUE;
} }
#endif
#if !defined(CURL_DISABLE_CRYPTO_AUTH) && !defined(USE_WINDOWS_SSPI) #if !defined(USE_WINDOWS_SSPI)
/* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ascii string*/ /* Convert md5 chunk to RFC2617 (section 3.1.3) -suitable ascii string*/
static void sasl_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */ static void sasl_digest_md5_to_ascii(unsigned char *source, /* 16 bytes */
unsigned char *dest) /* 33 bytes */ unsigned char *dest) /* 33 bytes */
@ -259,105 +258,7 @@ static CURLcode sasl_digest_get_qop_values(const char *options, int *value)
return CURLE_OK; return CURLE_OK;
} }
#endif /* !CURL_DISABLE_CRYPTO_AUTH && !USE_WINDOWS_SSPI */
#ifndef CURL_DISABLE_CRYPTO_AUTH
/*
* sasl_decode_cram_md5_message()
*
* This is used to decode an already encoded CRAM-MD5 challenge message.
*
* Parameters:
*
* chlg64 [in] - The base64 encoded challenge message.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
static CURLcode sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlg64len = strlen(chlg64);
*outptr = NULL;
*outlen = 0;
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=')
result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen);
return result;
}
/*
* sasl_create_cram_md5_message()
*
* This is used to generate an already encoded CRAM-MD5 response message ready
* for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* chlg [in] - The challenge.
* userp [in] - The user name.
* passdwp [in] - The user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
static CURLcode sasl_create_cram_md5_message(struct SessionHandle *data,
const char *chlg,
const char *userp,
const char *passwdp,
char **outptr, size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlglen = 0;
HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
char *response;
if(chlg)
chlglen = strlen(chlg);
/* Compute the digest using the password as the key */
ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
(const unsigned char *) passwdp,
curlx_uztoui(strlen(passwdp)));
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
/* Update the digest with the given challenge */
if(chlglen > 0)
Curl_HMAC_update(ctxt, (const unsigned char *) chlg,
curlx_uztoui(chlglen));
/* Finalise the digest */
Curl_HMAC_final(ctxt, digest);
/* Generate the response */
response = aprintf(
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
userp, digest[0], digest[1], digest[2], digest[3], digest[4],
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
digest[11], digest[12], digest[13], digest[14], digest[15]);
if(!response)
return CURLE_OUT_OF_MEMORY;
/* Base64 encode the response */
result = Curl_base64_encode(data, response, 0, outptr, outlen);
free(response);
return result;
}
#ifndef USE_WINDOWS_SSPI
/* /*
* sasl_decode_digest_md5_message() * sasl_decode_digest_md5_message()
* *

138
lib/vauth/cram.c Normal file
View File

@ -0,0 +1,138 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* RFC2195 CRAM-MD5 authentication
*
***************************************************************************/
#include "curl_setup.h"
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
#include <curl/curl.h>
#include "urldata.h"
#include "vauth/vauth.h"
#include "curl_base64.h"
#include "curl_hmac.h"
#include "curl_md5.h"
#include "warnless.h"
#include "curl_printf.h"
/* The last #include files should be: */
#include "curl_memory.h"
#include "memdebug.h"
/*
* sasl_decode_cram_md5_message()
*
* This is used to decode an already encoded CRAM-MD5 challenge message.
*
* Parameters:
*
* chlg64 [in] - The base64 encoded challenge message.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlg64len = strlen(chlg64);
*outptr = NULL;
*outlen = 0;
/* Decode the challenge if necessary */
if(chlg64len && *chlg64 != '=')
result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen);
return result;
}
/*
* sasl_create_cram_md5_message()
*
* This is used to generate an already encoded CRAM-MD5 response message ready
* for sending to the recipient.
*
* Parameters:
*
* data [in] - The session handle.
* chlg [in] - The challenge.
* userp [in] - The user name.
* passdwp [in] - The user's password.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode sasl_create_cram_md5_message(struct SessionHandle *data,
const char *chlg,
const char *userp,
const char *passwdp,
char **outptr, size_t *outlen)
{
CURLcode result = CURLE_OK;
size_t chlglen = 0;
HMAC_context *ctxt;
unsigned char digest[MD5_DIGEST_LEN];
char *response;
if(chlg)
chlglen = strlen(chlg);
/* Compute the digest using the password as the key */
ctxt = Curl_HMAC_init(Curl_HMAC_MD5,
(const unsigned char *) passwdp,
curlx_uztoui(strlen(passwdp)));
if(!ctxt)
return CURLE_OUT_OF_MEMORY;
/* Update the digest with the given challenge */
if(chlglen > 0)
Curl_HMAC_update(ctxt, (const unsigned char *) chlg,
curlx_uztoui(chlglen));
/* Finalise the digest */
Curl_HMAC_final(ctxt, digest);
/* Generate the response */
response = aprintf(
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
userp, digest[0], digest[1], digest[2], digest[3], digest[4],
digest[5], digest[6], digest[7], digest[8], digest[9], digest[10],
digest[11], digest[12], digest[13], digest[14], digest[15]);
if(!response)
return CURLE_OUT_OF_MEMORY;
/* Base64 encode the response */
result = Curl_base64_encode(data, response, 0, outptr, outlen);
free(response);
return result;
}
#endif /* !CURL_DISABLE_CRYPTO_AUTH */

13
lib/vauth/vauth.h
View File

@ -53,4 +53,17 @@ CURLcode sasl_create_external_message(struct SessionHandle *data,
const char *user, char **outptr, const char *user, char **outptr,
size_t *outlen); size_t *outlen);
#if !defined(CURL_DISABLE_CRYPTO_AUTH)
/* This is used to decode a CRAM-MD5 challenge message */
CURLcode sasl_decode_cram_md5_message(const char *chlg64, char **outptr,
size_t *outlen);
/* This is used to generate a CRAM-MD5 response message */
CURLcode sasl_create_cram_md5_message(struct SessionHandle *data,
const char *chlg,
const char *userp,
const char *passwdp,
char **outptr, size_t *outlen);
#endif /* !CURL_DISABLE_CRYPTO_AUTH */
#endif /* HEADER_CURL_VAUTH_H */ #endif /* HEADER_CURL_VAUTH_H */

3
packages/Symbian/group/libcurl.mmp
View File

@ -40,7 +40,8 @@ SOURCE \
curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c \ curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_ntlm_msgs.c \
curl_sasl.c vtls/schannel.c curl_multibyte.c vtls/darwinssl.c \ curl_sasl.c vtls/schannel.c curl_multibyte.c vtls/darwinssl.c \
conncache.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c \ conncache.c curl_sasl_sspi.c smb.c curl_sasl_gssapi.c \
curl_endian.c curl_des.c vauth/vauth.c vauth/cleartext.c curl_endian.c curl_des.c vauth/vauth.c vauth/cleartext.c \
vauth/cram.c
USERINCLUDE ../../../lib ../../../include/curl USERINCLUDE ../../../lib ../../../include/curl
#ifdef ENABLE_SSL #ifdef ENABLE_SSL