gsasl-commit
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS gsasl/lib/digest-md5

From: gsasl-commit
Subject: CVS gsasl/lib/digest-md5
Date: Sun, 19 Dec 2004 19:57:00 +0100 
Update of /home/cvs/gsasl/lib/digest-md5
In directory dopio:/tmp/cvs-serv2661

Modified Files:
        server.c 
Log Message:
Rewrite, unfinished, but still probably an improvement.


--- /home/cvs/gsasl/lib/digest-md5/server.c     2004/12/19 18:00:13     1.19
+++ /home/cvs/gsasl/lib/digest-md5/server.c     2004/12/19 18:57:00     1.20
@@ -24,32 +24,40 @@
 # include "config.h"
 #endif
 
+/* Get specification. */
+#include "digest-md5.h"
+
 /* Get malloc, free. */
 #include <stdlib.h>
 
 /* Get memcpy, strdup, strlen. */
 #include <string.h>
 
-/* Get specification. */
-#include "digest-md5.h"
-#include "shared.h"
+/* Get tools. */
+#include "tokens.h"
 #include "parser.h"
+#include "printer.h"
+#include "free.h"
+#include "session.h"
 #include "digesthmac.h"
 
-/* Get digest_md5_encode, digest_md5_decode. */
-#include "session.h"
+/* Get uint32_t. */
+#include <netinet/in.h>
+
+#define NONCE_ENTROPY_BYTES 16
 
 struct _Gsasl_digest_md5_server_state
 {
   int step;
-  char nonce[NONCE_ENTROPY_BITS / 8];
-  Gsasl_qop qop;
-  Gsasl_cipher cipher;
+  digest_md5_challenge challenge;
+  digest_md5_response response;
+  digest_md5_finish finish;
+  char secret[DIGEST_MD5_LENGTH];
   uint32_t readseqnum, sendseqnum;
-  char kic[MD5LEN];
-  char kcc[MD5LEN];
-  char kis[MD5LEN];
-  char kcs[MD5LEN];
+  char kic[DIGEST_MD5_LENGTH];
+  char kcc[DIGEST_MD5_LENGTH];
+  char kis[DIGEST_MD5_LENGTH];
+  char kcs[DIGEST_MD5_LENGTH];
 };
 typedef struct _Gsasl_digest_md5_server_state _Gsasl_digest_md5_server_state;
 
@@ -57,32 +65,33 @@
 _gsasl_digest_md5_server_start (Gsasl_session * sctx, void **mech_data)
 {
   _Gsasl_digest_md5_server_state *state;
-  Gsasl_server_callback_retrieve cb_retrieve;
-  Gsasl_server_callback_digest_md5 cb_digest_md5;
-  Gsasl_ctx *ctx;
-
-  ctx = gsasl_server_ctx_get (sctx);
-  if (ctx == NULL)
-    return GSASL_CANNOT_GET_CTX;
-
-  cb_retrieve = gsasl_server_callback_retrieve_get (ctx);
-  cb_digest_md5 = gsasl_server_callback_digest_md5_get (ctx);
-
-  if (gsasl_server_callback_digest_md5_get (ctx) == NULL &&
-      gsasl_server_callback_retrieve_get (ctx) == NULL)
-    return GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK;
+  char nonce[NONCE_ENTROPY_BYTES];
+  char *p;
+  int rc;
+
+  rc = gsasl_nonce (nonce, NONCE_ENTROPY_BYTES);
+  if (rc != GSASL_OK)
+    return rc;
+
+  rc = gsasl_base64_to (nonce, NONCE_ENTROPY_BYTES, &p, NULL);
+  if (rc != GSASL_OK)
+    return rc;
 
-  state = (_Gsasl_digest_md5_server_state *) malloc (sizeof (*state));
+  state = calloc (1, sizeof (*state));
   if (state == NULL)
-    return GSASL_MALLOC_ERROR;
+    {
+      free (p);
+      return GSASL_MALLOC_ERROR;
+    }
 
-  state->step = 0;
-  state->qop = GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF;
-  state->cipher = GSASL_CIPHER_DES | GSASL_CIPHER_3DES | GSASL_CIPHER_RC4 |
-    GSASL_CIPHER_RC4_40 | GSASL_CIPHER_RC4_56 | GSASL_CIPHER_AES;
-  gsasl_nonce (state->nonce, NONCE_ENTROPY_BITS / 8);
-  state->readseqnum = 0;
-  state->sendseqnum = 0;
+  state->challenge.qops = GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT
+    | GSASL_QOP_AUTH_CONF;
+  state->challenge.ciphers = GSASL_CIPHER_DES | GSASL_CIPHER_3DES
+    | GSASL_CIPHER_RC4 | GSASL_CIPHER_RC4_40 | GSASL_CIPHER_RC4_56
+    | GSASL_CIPHER_AES;
+
+  state->challenge.nonce = p;
+  state->challenge.utf8 = 1;
 
   *mech_data = state;
 
@@ -94,636 +103,129 @@
                               void *mech_data,
                               const char *input,
                               size_t input_len,
-                              char **output2, size_t * output2_len)
+                              char **output, size_t * output_len)
 {
   _Gsasl_digest_md5_server_state *state = mech_data;
-  Gsasl_server_callback_realm cb_realm;
-  Gsasl_server_callback_qop cb_qop;
-  Gsasl_server_callback_maxbuf cb_maxbuf;
-  Gsasl_server_callback_cipher cb_cipher;
-  Gsasl_server_callback_retrieve cb_retrieve;
-  Gsasl_server_callback_digest_md5 cb_digest_md5;
-  Gsasl_ctx *ctx;
-  int res;
+  int rc, res;
   int outlen;
-  unsigned long maxbuf = MAXBUF_DEFAULT;
-  /* FIXME: Remove fixed size buffer. */
-  char output[BUFSIZ];
-  size_t outputlen = BUFSIZ - 1;
-  size_t *output_len = &outputlen;
-
-  *output2 = NULL;
-  *output2_len = 0;
-
-  ctx = gsasl_server_ctx_get (sctx);
-  if (ctx == NULL)
-    return GSASL_CANNOT_GET_CTX;
-
-  cb_realm = gsasl_server_callback_realm_get (ctx);
-  cb_qop = gsasl_server_callback_qop_get (ctx);
-  cb_maxbuf = gsasl_server_callback_maxbuf_get (ctx);
-  cb_cipher = gsasl_server_callback_cipher_get (ctx);
-  cb_retrieve = gsasl_server_callback_retrieve_get (ctx);
-  cb_digest_md5 = gsasl_server_callback_digest_md5_get (ctx);
-
-  if (gsasl_server_callback_digest_md5_get (ctx) == NULL &&
-      gsasl_server_callback_retrieve_get (ctx) == NULL)
-    return GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK;
-
-  if (*output_len < 1)
-    return GSASL_TOO_SMALL_BUFFER;
 
-  strcpy (output, "");
-  outlen = 0;
+  *output = NULL;
+  *output_len = 0;
 
-#if SERVER_PRINT_OUTPUT
+#if 0
   if (input && input_len > 0)
-    fprintf (stderr, "%s\n", input);
+    fprintf (stderr, "server in: %s\n", input);
 #endif
 
   switch (state->step)
     {
     case 0:
-      if (cb_realm)
-       {
-         int i;
-         size_t realmlen;
-
-         realmlen = *output_len;
-         for (i = 0; cb_realm (sctx, NULL, &realmlen, i) == GSASL_OK; i++)
-           {
-             if (outlen + strlen (REALM_PRE) +
-                 realmlen + strlen (REALM_POST) >= *output_len)
-               return GSASL_TOO_SMALL_BUFFER;
-
-             strcat (output, REALM_PRE);
-             outlen += strlen (REALM_PRE);
-
-             cb_realm (sctx, &output[outlen], &realmlen, i);
-             outlen += realmlen;
-             output[outlen] = '\0';
-
-             strcat (output, REALM_POST);
-             outlen += strlen (REALM_POST);
-
-             realmlen = *output_len - outlen;
-           }
-       }
-      /* nonce */
+      /* Set realm. */
       {
-       int i;
-
-       if (outlen + strlen (NONCE_PRE) +
-           2 * NONCE_ENTROPY_BITS / 8 + strlen (NONCE_POST) >= *output_len)
-         return GSASL_TOO_SMALL_BUFFER;
-
-       strcat (output, NONCE_PRE);
-       outlen += strlen (NONCE_PRE);
-
-       for (i = 0; i < NONCE_ENTROPY_BITS / 8; i++)
-         {
-           output[outlen + 2 * i + 1] = HEXCHAR (state->nonce[i]);
-           output[outlen + 2 * i + 0] = HEXCHAR (state->nonce[i] >> 4);
-         }
-       output[outlen + 2 * NONCE_ENTROPY_BITS / 8] = '\0';
-       outlen += 2 * NONCE_ENTROPY_BITS / 8;
-
-       strcat (output, NONCE_POST);
-       outlen += strlen (NONCE_POST);
-      }
-      /* qop */
-      {
-       if (outlen +
-           strlen (QOP_LIST_PRE) +
-           strlen (QOP_AUTH) +
-           strlen (QOP_AUTH_INT) +
-           strlen (QOP_AUTH_CONF) + strlen (QOP_LIST_POST) >= *output_len)
-         return GSASL_TOO_SMALL_BUFFER;
-
-       if (cb_qop)
-         state->qop = cb_qop (sctx);
-
-       if (state->qop &
-           (GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
-         {
-           strcat (output, QOP_LIST_PRE);
-           outlen += strlen (QOP_LIST_PRE);
-         }
-
-       if (state->qop & GSASL_QOP_AUTH)
-         {
-           strcat (output, QOP_AUTH);
-           outlen += strlen (QOP_AUTH);
-
-           strcat (output, QOP_DELIM);
-           outlen += strlen (QOP_DELIM);
-         }
-
-       if (state->qop & GSASL_QOP_AUTH_INT)
-         {
-           strcat (output, QOP_AUTH_INT);
-           outlen += strlen (QOP_AUTH_INT);
-
-           strcat (output, QOP_DELIM);
-           outlen += strlen (QOP_DELIM);
-         }
-
-       if (state->qop & GSASL_QOP_AUTH_CONF)
-         {
-           strcat (output, QOP_AUTH_CONF);
-           outlen += strlen (QOP_AUTH_CONF);
-         }
+       const char *c;
+       c = gsasl_property_get (sctx, GSASL_REALM);
+       if (c)
+         {
+           state->challenge.nrealms = 1;
+
+           state->challenge.realms =
+             malloc (sizeof (*state->challenge.realms));
+           if (!state->challenge.realms)
+             return GSASL_MALLOC_ERROR;
 
-       if (state->qop &
-           (GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
-         {
-           strcat (output, QOP_LIST_POST);
-           outlen += strlen (QOP_LIST_POST);
+           state->challenge.realms[0] = strdup (c);
+           if (!state->challenge.realms[0])
+             return GSASL_MALLOC_ERROR;
          }
       }
-      /* maxbuf */
-      if (cb_maxbuf)
-       maxbuf = cb_maxbuf (sctx);
-      if (maxbuf >= MAXBUF_MIN &&
-         maxbuf != MAXBUF_DEFAULT && maxbuf <= MAXBUF_MAX)
-       {
-         char tmp[MAXBUF_MAX_DECIMAL_SIZE + 1];
-
-         sprintf (tmp, "%ld", maxbuf);
-
-         if (outlen + strlen (MAXBUF_PRE) + strlen (tmp) +
-             strlen (MAXBUF_POST) >= *output_len)
-           {
-             res = GSASL_TOO_SMALL_BUFFER;
-             goto done;
-           }
-
-         strcat (output, MAXBUF_PRE);
-         outlen += strlen (MAXBUF_PRE);
-
-         strcat (output, tmp);
-         outlen += strlen (tmp);
-
-         strcat (output, MAXBUF_POST);
-         outlen += strlen (MAXBUF_POST);
-       }
-      /* charset */
-      {
-       if (outlen + strlen (CHARSET) >= *output_len)
-         return GSASL_TOO_SMALL_BUFFER;
-
-       strcat (output, CHARSET);
-       outlen += strlen (CHARSET);
-      }
-      /* algorithm */
-      {
-       if (outlen + strlen (ALGORITHM) >= *output_len)
-         return GSASL_TOO_SMALL_BUFFER;
-
-       strcat (output, ALGORITHM);
-       outlen += strlen (ALGORITHM);
-      }
-      /* cipher */
-      {
-       if (outlen +
-           strlen (CIPHER_PRE) +
-           strlen (CIPHER_DES) +
-           strlen (CIPHER_DELIM) +
-           strlen (CIPHER_3DES) +
-           strlen (CIPHER_DELIM) +
-           strlen (CIPHER_RC4) +
-           strlen (CIPHER_DELIM) +
-           strlen (CIPHER_RC4_40) +
-           strlen (CIPHER_DELIM) +
-           strlen (CIPHER_RC4_56) +
-           strlen (CIPHER_DELIM) +
-           strlen (CIPHER_AES) +
-           strlen (CIPHER_DELIM) + strlen (CIPHER_POST) >= *output_len)
-         return GSASL_TOO_SMALL_BUFFER;
 
-       if (cb_cipher)
-         state->cipher = cb_cipher (sctx);
+      /* FIXME: qop, cipher, maxbuf, more realms. */
 
-       strcat (output, CIPHER_PRE);
-       outlen += strlen (CIPHER_PRE);
+      /* Create challenge. */
+      *output = digest_md5_print_challenge (&state->challenge);
+      if (!*output)
+       return GSASL_AUTHENTICATION_ERROR;
 
-       if (state->cipher & GSASL_CIPHER_DES)
-         {
-           strcat (output, CIPHER_DES);
-           outlen += strlen (CIPHER_DES);
-
-           strcat (output, CIPHER_DELIM);
-           outlen += strlen (CIPHER_DELIM);
-         }
-
-       if (state->cipher & GSASL_CIPHER_3DES)
-         {
-           strcat (output, CIPHER_3DES);
-           outlen += strlen (CIPHER_3DES);
-
-           strcat (output, CIPHER_DELIM);
-           outlen += strlen (CIPHER_DELIM);
-         }
-
-       if (state->cipher & GSASL_CIPHER_RC4)
-         {
-           strcat (output, CIPHER_RC4);
-           outlen += strlen (CIPHER_RC4);
-
-           strcat (output, CIPHER_DELIM);
-           outlen += strlen (CIPHER_DELIM);
-         }
-
-       if (state->cipher & GSASL_CIPHER_RC4_40)
-         {
-           strcat (output, CIPHER_RC4_40);
-           outlen += strlen (CIPHER_RC4_40);
-
-           strcat (output, CIPHER_DELIM);
-           outlen += strlen (CIPHER_DELIM);
-         }
-
-       if (state->cipher & GSASL_CIPHER_RC4_56)
-         {
-           strcat (output, CIPHER_RC4_56);
-           outlen += strlen (CIPHER_RC4_56);
-
-           strcat (output, CIPHER_DELIM);
-           outlen += strlen (CIPHER_DELIM);
-         }
-
-       if (state->cipher & GSASL_CIPHER_AES)

[491 lines skipped]
reply via email to
[Prev in Thread] Current Thread [Next in Thread]