Loading lib/curl_sasl.c +2 −0 Original line number Diff line number Diff line Loading @@ -324,9 +324,11 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, if(strcmp(alg, "md5-sess") != 0) return CURLE_LOGIN_DENIED; #ifndef DEBUGBUILD /* Generate 64 bits of random data */ for(i = 0; i < 8; i++) cnonce[i] = table16[Curl_rand(data)%16]; #endif /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); Loading tests/data/Makefile.am +1 −1 Original line number Diff line number Diff line Loading @@ -68,7 +68,7 @@ test809 test810 test811 test812 test813 test814 \ \ test850 test851 test852 test853 test854 test855 test856 test857 test858 \ test859 test860 test861 test862 test863 test864 test865 test866 test867 \ test868 \ test868 test869 \ \ test900 test901 test902 test903 test904 test905 test906 test907 test908 \ test909 test910 test911 test912 test913 test914 test915 test916 test917 \ Loading tests/data/test869 0 → 100644 +60 −0 Original line number Diff line number Diff line <testcase> <info> <keywords> POP3 POP3 AUTH DIGEST-MD5 RFC1734 RFC2831 RFC5034 </keywords> </info> # # Server-side <reply> <servercmd> AUTH DIGEST-MD5 REPLY AUTH + cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDhjMjNjZWQ2MTc1IixhbGdvcml0aG09bWQ1LXNlc3MscW9wPSJhdXRoIg== REPLY dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIxMjM0NTY3OCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YTA2OTE1YTA1ODA3ZDc0MTg0YTkxYjM2NjE2ZTZiOGM= +OK Login successful </servercmd> <data> From: me@somewhere To: fake@nowhere body -- yours sincerely </data> </reply> # # Client-side <client> <server> pop3 </server> <features> debug crypto </features> <name> POP3 DIGEST-MD5 authentication </name> <command> pop3://%HOSTIP:%POP3PORT/869 -u user:secret </command> </client> # # Verify data after the test has been "shot" <verify> <protocol> CAPA AUTH DIGEST-MD5 dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIxMjM0NTY3OCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YTA2OTE1YTA1ODA3ZDc0MTg0YTkxYjM2NjE2ZTZiOGM= RETR 869 QUIT </protocol> </verify> </testcase> Loading
lib/curl_sasl.c +2 −0 Original line number Diff line number Diff line Loading @@ -324,9 +324,11 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, if(strcmp(alg, "md5-sess") != 0) return CURLE_LOGIN_DENIED; #ifndef DEBUGBUILD /* Generate 64 bits of random data */ for(i = 0; i < 8; i++) cnonce[i] = table16[Curl_rand(data)%16]; #endif /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); Loading
tests/data/Makefile.am +1 −1 Original line number Diff line number Diff line Loading @@ -68,7 +68,7 @@ test809 test810 test811 test812 test813 test814 \ \ test850 test851 test852 test853 test854 test855 test856 test857 test858 \ test859 test860 test861 test862 test863 test864 test865 test866 test867 \ test868 \ test868 test869 \ \ test900 test901 test902 test903 test904 test905 test906 test907 test908 \ test909 test910 test911 test912 test913 test914 test915 test916 test917 \ Loading
tests/data/test869 0 → 100644 +60 −0 Original line number Diff line number Diff line <testcase> <info> <keywords> POP3 POP3 AUTH DIGEST-MD5 RFC1734 RFC2831 RFC5034 </keywords> </info> # # Server-side <reply> <servercmd> AUTH DIGEST-MD5 REPLY AUTH + cmVhbG09ImN1cmwiLG5vbmNlPSI1MzAwZDE3YTFkNjk1YmQ0MTFlNGNkZjk2Zjk1NDhjMjNjZWQ2MTc1IixhbGdvcml0aG09bWQ1LXNlc3MscW9wPSJhdXRoIg== REPLY dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIxMjM0NTY3OCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YTA2OTE1YTA1ODA3ZDc0MTg0YTkxYjM2NjE2ZTZiOGM= +OK Login successful </servercmd> <data> From: me@somewhere To: fake@nowhere body -- yours sincerely </data> </reply> # # Client-side <client> <server> pop3 </server> <features> debug crypto </features> <name> POP3 DIGEST-MD5 authentication </name> <command> pop3://%HOSTIP:%POP3PORT/869 -u user:secret </command> </client> # # Verify data after the test has been "shot" <verify> <protocol> CAPA AUTH DIGEST-MD5 dXNlcm5hbWU9InVzZXIiLHJlYWxtPSJjdXJsIixub25jZT0iNTMwMGQxN2ExZDY5NWJkNDExZTRjZGY5NmY5NTQ4YzIzY2VkNjE3NSIsY25vbmNlPSIxMjM0NTY3OCIsbmM9IjAwMDAwMDAxIixkaWdlc3QtdXJpPSJwb3AvY3VybCIscmVzcG9uc2U9YTA2OTE1YTA1ODA3ZDc0MTg0YTkxYjM2NjE2ZTZiOGM= RETR 869 QUIT </protocol> </verify> </testcase>
