Loading lib/curl_sasl.c +23 −10 Original line number Diff line number Diff line Loading @@ -264,9 +264,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, } /* * Curl_sasl_decode_digest_md5_message() * sasl_decode_digest_md5_message() * * This is used to decode an already encoded DIGEST-MD5 challenge message. * This is used internally to decode an already encoded DIGEST-MD5 challenge * message into the seperate attributes. * * Parameters: * Loading @@ -280,7 +281,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, * * Returns CURLE_OK on success. */ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, static CURLcode sasl_decode_digest_md5_message(const char *chlg64, char *nonce, size_t nlen, char *realm, size_t rlen, char *alg, size_t alen) Loading Loading @@ -332,8 +333,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, * Parameters: * * data [in] - The session handle. * nonce [in] - The nonce. * realm [in] - The realm. * chlg64 [in] - Pointer to the base64 encoded challenge message. * userp [in] - The user name. * passdwp [in] - The user's password. * service [in] - The service type such as www, smtp, pop or imap. Loading @@ -344,8 +344,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, const char *nonce, const char *realm, const char *chlg64, const char *userp, const char *passwdp, const char *service, Loading @@ -363,12 +362,26 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, char HA2_hex[2 * MD5_DIGEST_LEN + 1]; char resp_hash_hex[2 * MD5_DIGEST_LEN + 1]; char nonce[64]; char realm[128]; char algorithm[64]; char nonceCount[] = "00000001"; char cnonce[] = "12345678"; /* will be changed */ char method[] = "AUTHENTICATE"; char qop[] = "auth"; char uri[128]; /* Decode the challange message */ result = sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result) return result; /* We only support md5 sessions */ if(strcmp(algorithm, "md5-sess") != 0) return CURLE_BAD_CONTENT_ENCODING; #ifndef DEBUGBUILD /* Generate 64 bits of random data */ for(i = 0; i < 8; i++) Loading lib/curl_sasl.h +3 −10 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -77,17 +77,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, const char *passwdp, char **outptr, size_t *outlen); /* This is used to decode a base64 encoded DIGEST-MD5 challange message */ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, char *nonce, size_t nlen, char *realm, size_t rlen, char *alg, size_t alen); /* This is used to generate a base64 encoded DIGEST-MD5 response message */ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, const char *nonce, const char *realm, const char *user, const char *chlg64, const char *userp, const char *passwdp, const char *service, char **outptr, size_t *outlen); Loading lib/imap.c +16 −24 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -1110,10 +1110,6 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(imapcode != '+') { Loading @@ -1124,30 +1120,26 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ imap_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "imap", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*"); if(!result) state(conn, IMAP_AUTHENTICATE_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "imap", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64); if(!result) state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading lib/pop3.c +16 −24 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -978,10 +978,6 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(pop3code != '+') { Loading @@ -992,30 +988,26 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ pop3_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "pop", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*"); if(!result) state(conn, POP3_AUTH_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "pop", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64); if(!result) state(conn, POP3_AUTH_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading lib/smtp.c +15 −23 Original line number Diff line number Diff line Loading @@ -996,10 +996,6 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(smtpcode != 334) { Loading @@ -1010,30 +1006,26 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ smtp_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "smtp", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*"); if(!result) state(conn, SMTP_AUTH_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "smtp", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64); if(!result) state(conn, SMTP_AUTH_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading Loading
lib/curl_sasl.c +23 −10 Original line number Diff line number Diff line Loading @@ -264,9 +264,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, } /* * Curl_sasl_decode_digest_md5_message() * sasl_decode_digest_md5_message() * * This is used to decode an already encoded DIGEST-MD5 challenge message. * This is used internally to decode an already encoded DIGEST-MD5 challenge * message into the seperate attributes. * * Parameters: * Loading @@ -280,7 +281,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, * * Returns CURLE_OK on success. */ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, static CURLcode sasl_decode_digest_md5_message(const char *chlg64, char *nonce, size_t nlen, char *realm, size_t rlen, char *alg, size_t alen) Loading Loading @@ -332,8 +333,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, * Parameters: * * data [in] - The session handle. * nonce [in] - The nonce. * realm [in] - The realm. * chlg64 [in] - Pointer to the base64 encoded challenge message. * userp [in] - The user name. * passdwp [in] - The user's password. * service [in] - The service type such as www, smtp, pop or imap. Loading @@ -344,8 +344,7 @@ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, const char *nonce, const char *realm, const char *chlg64, const char *userp, const char *passwdp, const char *service, Loading @@ -363,12 +362,26 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, char HA2_hex[2 * MD5_DIGEST_LEN + 1]; char resp_hash_hex[2 * MD5_DIGEST_LEN + 1]; char nonce[64]; char realm[128]; char algorithm[64]; char nonceCount[] = "00000001"; char cnonce[] = "12345678"; /* will be changed */ char method[] = "AUTHENTICATE"; char qop[] = "auth"; char uri[128]; /* Decode the challange message */ result = sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result) return result; /* We only support md5 sessions */ if(strcmp(algorithm, "md5-sess") != 0) return CURLE_BAD_CONTENT_ENCODING; #ifndef DEBUGBUILD /* Generate 64 bits of random data */ for(i = 0; i < 8; i++) Loading
lib/curl_sasl.h +3 −10 Original line number Diff line number Diff line Loading @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -77,17 +77,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, const char *passwdp, char **outptr, size_t *outlen); /* This is used to decode a base64 encoded DIGEST-MD5 challange message */ CURLcode Curl_sasl_decode_digest_md5_message(const char *chlg64, char *nonce, size_t nlen, char *realm, size_t rlen, char *alg, size_t alen); /* This is used to generate a base64 encoded DIGEST-MD5 response message */ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, const char *nonce, const char *realm, const char *user, const char *chlg64, const char *userp, const char *passwdp, const char *service, char **outptr, size_t *outlen); Loading
lib/imap.c +16 −24 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -1110,10 +1110,6 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(imapcode != '+') { Loading @@ -1124,30 +1120,26 @@ static CURLcode imap_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ imap_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "imap", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*"); if(!result) state(conn, IMAP_AUTHENTICATE_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "imap", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64); if(!result) state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading
lib/pop3.c +16 −24 Original line number Diff line number Diff line Loading @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms Loading Loading @@ -978,10 +978,6 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(pop3code != '+') { Loading @@ -992,30 +988,26 @@ static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ pop3_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "pop", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*"); if(!result) state(conn, POP3_AUTH_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "pop", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64); if(!result) state(conn, POP3_AUTH_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading
lib/smtp.c +15 −23 Original line number Diff line number Diff line Loading @@ -996,10 +996,6 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn, char *rplyb64 = NULL; size_t len = 0; char nonce[64]; char realm[128]; char algorithm[64]; (void)instate; /* no use for this yet */ if(smtpcode != 334) { Loading @@ -1010,30 +1006,26 @@ static CURLcode smtp_state_auth_digest_resp(struct connectdata *conn, /* Get the challenge message */ smtp_get_message(data->state.buffer, &chlg64); /* Decode the challange message */ result = Curl_sasl_decode_digest_md5_message(chlg64, nonce, sizeof(nonce), realm, sizeof(realm), algorithm, sizeof(algorithm)); if(result || strcmp(algorithm, "md5-sess") != 0) { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user, conn->passwd, "smtp", &rplyb64, &len); if(result) { if(result == CURLE_BAD_CONTENT_ENCODING) { /* Send the cancellation */ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*"); if(!result) state(conn, SMTP_AUTH_CANCEL); } } else { /* Create the response message */ result = Curl_sasl_create_digest_md5_message(data, nonce, realm, conn->user, conn->passwd, "smtp", &rplyb64, &len); if(!result && rplyb64) { /* Send the response */ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64); if(!result) state(conn, SMTP_AUTH_DIGESTMD5_RESP); } } Curl_safefree(rplyb64); Loading
