[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CVS gsasl/lib/digest-md5
From: |
gsasl-commit |
Subject: |
CVS gsasl/lib/digest-md5 |
Date: |
Sun, 19 Dec 2004 19:57:00 +0100 |
Update of /home/cvs/gsasl/lib/digest-md5
In directory dopio:/tmp/cvs-serv2661
Modified Files:
server.c
Log Message:
Rewrite, unfinished, but still probably an improvement.
--- /home/cvs/gsasl/lib/digest-md5/server.c 2004/12/19 18:00:13 1.19
+++ /home/cvs/gsasl/lib/digest-md5/server.c 2004/12/19 18:57:00 1.20
@@ -24,32 +24,40 @@
# include "config.h"
#endif
+/* Get specification. */
+#include "digest-md5.h"
+
/* Get malloc, free. */
#include <stdlib.h>
/* Get memcpy, strdup, strlen. */
#include <string.h>
-/* Get specification. */
-#include "digest-md5.h"
-#include "shared.h"
+/* Get tools. */
+#include "tokens.h"
#include "parser.h"
+#include "printer.h"
+#include "free.h"
+#include "session.h"
#include "digesthmac.h"
-/* Get digest_md5_encode, digest_md5_decode. */
-#include "session.h"
+/* Get uint32_t. */
+#include <netinet/in.h>
+
+#define NONCE_ENTROPY_BYTES 16
struct _Gsasl_digest_md5_server_state
{
int step;
- char nonce[NONCE_ENTROPY_BITS / 8];
- Gsasl_qop qop;
- Gsasl_cipher cipher;
+ digest_md5_challenge challenge;
+ digest_md5_response response;
+ digest_md5_finish finish;
+ char secret[DIGEST_MD5_LENGTH];
uint32_t readseqnum, sendseqnum;
- char kic[MD5LEN];
- char kcc[MD5LEN];
- char kis[MD5LEN];
- char kcs[MD5LEN];
+ char kic[DIGEST_MD5_LENGTH];
+ char kcc[DIGEST_MD5_LENGTH];
+ char kis[DIGEST_MD5_LENGTH];
+ char kcs[DIGEST_MD5_LENGTH];
};
typedef struct _Gsasl_digest_md5_server_state _Gsasl_digest_md5_server_state;
@@ -57,32 +65,33 @@
_gsasl_digest_md5_server_start (Gsasl_session * sctx, void **mech_data)
{
_Gsasl_digest_md5_server_state *state;
- Gsasl_server_callback_retrieve cb_retrieve;
- Gsasl_server_callback_digest_md5 cb_digest_md5;
- Gsasl_ctx *ctx;
-
- ctx = gsasl_server_ctx_get (sctx);
- if (ctx == NULL)
- return GSASL_CANNOT_GET_CTX;
-
- cb_retrieve = gsasl_server_callback_retrieve_get (ctx);
- cb_digest_md5 = gsasl_server_callback_digest_md5_get (ctx);
-
- if (gsasl_server_callback_digest_md5_get (ctx) == NULL &&
- gsasl_server_callback_retrieve_get (ctx) == NULL)
- return GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK;
+ char nonce[NONCE_ENTROPY_BYTES];
+ char *p;
+ int rc;
+
+ rc = gsasl_nonce (nonce, NONCE_ENTROPY_BYTES);
+ if (rc != GSASL_OK)
+ return rc;
+
+ rc = gsasl_base64_to (nonce, NONCE_ENTROPY_BYTES, &p, NULL);
+ if (rc != GSASL_OK)
+ return rc;
- state = (_Gsasl_digest_md5_server_state *) malloc (sizeof (*state));
+ state = calloc (1, sizeof (*state));
if (state == NULL)
- return GSASL_MALLOC_ERROR;
+ {
+ free (p);
+ return GSASL_MALLOC_ERROR;
+ }
- state->step = 0;
- state->qop = GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF;
- state->cipher = GSASL_CIPHER_DES | GSASL_CIPHER_3DES | GSASL_CIPHER_RC4 |
- GSASL_CIPHER_RC4_40 | GSASL_CIPHER_RC4_56 | GSASL_CIPHER_AES;
- gsasl_nonce (state->nonce, NONCE_ENTROPY_BITS / 8);
- state->readseqnum = 0;
- state->sendseqnum = 0;
+ state->challenge.qops = GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT
+ | GSASL_QOP_AUTH_CONF;
+ state->challenge.ciphers = GSASL_CIPHER_DES | GSASL_CIPHER_3DES
+ | GSASL_CIPHER_RC4 | GSASL_CIPHER_RC4_40 | GSASL_CIPHER_RC4_56
+ | GSASL_CIPHER_AES;
+
+ state->challenge.nonce = p;
+ state->challenge.utf8 = 1;
*mech_data = state;
@@ -94,636 +103,129 @@
void *mech_data,
const char *input,
size_t input_len,
- char **output2, size_t * output2_len)
+ char **output, size_t * output_len)
{
_Gsasl_digest_md5_server_state *state = mech_data;
- Gsasl_server_callback_realm cb_realm;
- Gsasl_server_callback_qop cb_qop;
- Gsasl_server_callback_maxbuf cb_maxbuf;
- Gsasl_server_callback_cipher cb_cipher;
- Gsasl_server_callback_retrieve cb_retrieve;
- Gsasl_server_callback_digest_md5 cb_digest_md5;
- Gsasl_ctx *ctx;
- int res;
+ int rc, res;
int outlen;
- unsigned long maxbuf = MAXBUF_DEFAULT;
- /* FIXME: Remove fixed size buffer. */
- char output[BUFSIZ];
- size_t outputlen = BUFSIZ - 1;
- size_t *output_len = &outputlen;
-
- *output2 = NULL;
- *output2_len = 0;
-
- ctx = gsasl_server_ctx_get (sctx);
- if (ctx == NULL)
- return GSASL_CANNOT_GET_CTX;
-
- cb_realm = gsasl_server_callback_realm_get (ctx);
- cb_qop = gsasl_server_callback_qop_get (ctx);
- cb_maxbuf = gsasl_server_callback_maxbuf_get (ctx);
- cb_cipher = gsasl_server_callback_cipher_get (ctx);
- cb_retrieve = gsasl_server_callback_retrieve_get (ctx);
- cb_digest_md5 = gsasl_server_callback_digest_md5_get (ctx);
-
- if (gsasl_server_callback_digest_md5_get (ctx) == NULL &&
- gsasl_server_callback_retrieve_get (ctx) == NULL)
- return GSASL_NEED_SERVER_DIGEST_MD5_CALLBACK;
-
- if (*output_len < 1)
- return GSASL_TOO_SMALL_BUFFER;
- strcpy (output, "");
- outlen = 0;
+ *output = NULL;
+ *output_len = 0;
-#if SERVER_PRINT_OUTPUT
+#if 0
if (input && input_len > 0)
- fprintf (stderr, "%s\n", input);
+ fprintf (stderr, "server in: %s\n", input);
#endif
switch (state->step)
{
case 0:
- if (cb_realm)
- {
- int i;
- size_t realmlen;
-
- realmlen = *output_len;
- for (i = 0; cb_realm (sctx, NULL, &realmlen, i) == GSASL_OK; i++)
- {
- if (outlen + strlen (REALM_PRE) +
- realmlen + strlen (REALM_POST) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
-
- strcat (output, REALM_PRE);
- outlen += strlen (REALM_PRE);
-
- cb_realm (sctx, &output[outlen], &realmlen, i);
- outlen += realmlen;
- output[outlen] = '\0';
-
- strcat (output, REALM_POST);
- outlen += strlen (REALM_POST);
-
- realmlen = *output_len - outlen;
- }
- }
- /* nonce */
+ /* Set realm. */
{
- int i;
-
- if (outlen + strlen (NONCE_PRE) +
- 2 * NONCE_ENTROPY_BITS / 8 + strlen (NONCE_POST) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
-
- strcat (output, NONCE_PRE);
- outlen += strlen (NONCE_PRE);
-
- for (i = 0; i < NONCE_ENTROPY_BITS / 8; i++)
- {
- output[outlen + 2 * i + 1] = HEXCHAR (state->nonce[i]);
- output[outlen + 2 * i + 0] = HEXCHAR (state->nonce[i] >> 4);
- }
- output[outlen + 2 * NONCE_ENTROPY_BITS / 8] = '\0';
- outlen += 2 * NONCE_ENTROPY_BITS / 8;
-
- strcat (output, NONCE_POST);
- outlen += strlen (NONCE_POST);
- }
- /* qop */
- {
- if (outlen +
- strlen (QOP_LIST_PRE) +
- strlen (QOP_AUTH) +
- strlen (QOP_AUTH_INT) +
- strlen (QOP_AUTH_CONF) + strlen (QOP_LIST_POST) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
-
- if (cb_qop)
- state->qop = cb_qop (sctx);
-
- if (state->qop &
- (GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
- {
- strcat (output, QOP_LIST_PRE);
- outlen += strlen (QOP_LIST_PRE);
- }
-
- if (state->qop & GSASL_QOP_AUTH)
- {
- strcat (output, QOP_AUTH);
- outlen += strlen (QOP_AUTH);
-
- strcat (output, QOP_DELIM);
- outlen += strlen (QOP_DELIM);
- }
-
- if (state->qop & GSASL_QOP_AUTH_INT)
- {
- strcat (output, QOP_AUTH_INT);
- outlen += strlen (QOP_AUTH_INT);
-
- strcat (output, QOP_DELIM);
- outlen += strlen (QOP_DELIM);
- }
-
- if (state->qop & GSASL_QOP_AUTH_CONF)
- {
- strcat (output, QOP_AUTH_CONF);
- outlen += strlen (QOP_AUTH_CONF);
- }
+ const char *c;
+ c = gsasl_property_get (sctx, GSASL_REALM);
+ if (c)
+ {
+ state->challenge.nrealms = 1;
+
+ state->challenge.realms =
+ malloc (sizeof (*state->challenge.realms));
+ if (!state->challenge.realms)
+ return GSASL_MALLOC_ERROR;
- if (state->qop &
- (GSASL_QOP_AUTH | GSASL_QOP_AUTH_INT | GSASL_QOP_AUTH_CONF))
- {
- strcat (output, QOP_LIST_POST);
- outlen += strlen (QOP_LIST_POST);
+ state->challenge.realms[0] = strdup (c);
+ if (!state->challenge.realms[0])
+ return GSASL_MALLOC_ERROR;
}
}
- /* maxbuf */
- if (cb_maxbuf)
- maxbuf = cb_maxbuf (sctx);
- if (maxbuf >= MAXBUF_MIN &&
- maxbuf != MAXBUF_DEFAULT && maxbuf <= MAXBUF_MAX)
- {
- char tmp[MAXBUF_MAX_DECIMAL_SIZE + 1];
-
- sprintf (tmp, "%ld", maxbuf);
-
- if (outlen + strlen (MAXBUF_PRE) + strlen (tmp) +
- strlen (MAXBUF_POST) >= *output_len)
- {
- res = GSASL_TOO_SMALL_BUFFER;
- goto done;
- }
-
- strcat (output, MAXBUF_PRE);
- outlen += strlen (MAXBUF_PRE);
-
- strcat (output, tmp);
- outlen += strlen (tmp);
-
- strcat (output, MAXBUF_POST);
- outlen += strlen (MAXBUF_POST);
- }
- /* charset */
- {
- if (outlen + strlen (CHARSET) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
-
- strcat (output, CHARSET);
- outlen += strlen (CHARSET);
- }
- /* algorithm */
- {
- if (outlen + strlen (ALGORITHM) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
-
- strcat (output, ALGORITHM);
- outlen += strlen (ALGORITHM);
- }
- /* cipher */
- {
- if (outlen +
- strlen (CIPHER_PRE) +
- strlen (CIPHER_DES) +
- strlen (CIPHER_DELIM) +
- strlen (CIPHER_3DES) +
- strlen (CIPHER_DELIM) +
- strlen (CIPHER_RC4) +
- strlen (CIPHER_DELIM) +
- strlen (CIPHER_RC4_40) +
- strlen (CIPHER_DELIM) +
- strlen (CIPHER_RC4_56) +
- strlen (CIPHER_DELIM) +
- strlen (CIPHER_AES) +
- strlen (CIPHER_DELIM) + strlen (CIPHER_POST) >= *output_len)
- return GSASL_TOO_SMALL_BUFFER;
- if (cb_cipher)
- state->cipher = cb_cipher (sctx);
+ /* FIXME: qop, cipher, maxbuf, more realms. */
- strcat (output, CIPHER_PRE);
- outlen += strlen (CIPHER_PRE);
+ /* Create challenge. */
+ *output = digest_md5_print_challenge (&state->challenge);
+ if (!*output)
+ return GSASL_AUTHENTICATION_ERROR;
- if (state->cipher & GSASL_CIPHER_DES)
- {
- strcat (output, CIPHER_DES);
- outlen += strlen (CIPHER_DES);
-
- strcat (output, CIPHER_DELIM);
- outlen += strlen (CIPHER_DELIM);
- }
-
- if (state->cipher & GSASL_CIPHER_3DES)
- {
- strcat (output, CIPHER_3DES);
- outlen += strlen (CIPHER_3DES);
-
- strcat (output, CIPHER_DELIM);
- outlen += strlen (CIPHER_DELIM);
- }
-
- if (state->cipher & GSASL_CIPHER_RC4)
- {
- strcat (output, CIPHER_RC4);
- outlen += strlen (CIPHER_RC4);
-
- strcat (output, CIPHER_DELIM);
- outlen += strlen (CIPHER_DELIM);
- }
-
- if (state->cipher & GSASL_CIPHER_RC4_40)
- {
- strcat (output, CIPHER_RC4_40);
- outlen += strlen (CIPHER_RC4_40);
-
- strcat (output, CIPHER_DELIM);
- outlen += strlen (CIPHER_DELIM);
- }
-
- if (state->cipher & GSASL_CIPHER_RC4_56)
- {
- strcat (output, CIPHER_RC4_56);
- outlen += strlen (CIPHER_RC4_56);
-
- strcat (output, CIPHER_DELIM);
- outlen += strlen (CIPHER_DELIM);
- }
-
- if (state->cipher & GSASL_CIPHER_AES)
[491 lines skipped]
- CVS gsasl/lib/digest-md5, (continued)
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5,
gsasl-commit <=
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19
- CVS gsasl/lib/digest-md5, gsasl-commit, 2004/12/19