gsasl-commit
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gsasl branch, master, updated. gsasl-1-2-75-g3f5017a


From: Simon Josefsson
Subject: [SCM] GNU gsasl branch, master, updated. gsasl-1-2-75-g3f5017a
Date: Thu, 10 Sep 2009 15:53:55 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".

http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=3f5017a39bbeb5a9f85e6b9ddf2f7e1ac41cd69e

The branch, master has been updated
       via  3f5017a39bbeb5a9f85e6b9ddf2f7e1ac41cd69e (commit)
       via  1fc71fb69d062c29e14509ea41e208a0c883f805 (commit)
      from  d6dc44a2fa20b3a8d7c8e44343a573afcd8c2693 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3f5017a39bbeb5a9f85e6b9ddf2f7e1ac41cd69e
Author: Simon Josefsson <address@hidden>
Date:   Thu Sep 10 17:06:13 2009 +0200

    SCRAM: Compute proof.  Add property GSASL_SCRAM_SALTED_PASSWORD.

commit 1fc71fb69d062c29e14509ea41e208a0c883f805
Author: Simon Josefsson <address@hidden>
Date:   Thu Sep 10 15:12:48 2009 +0200

    Add SHA-1 gnulib modules.

-----------------------------------------------------------------------

Summary of changes:
 doc/Makefile.am                               |    4 +
 lib/NEWS                                      |    3 +-
 lib/gl/Makefile.am                            |   11 ++-
 lib/gl/m4/{gc-md5.m4 => gc-sha1.m4}           |    6 +-
 lib/gl/m4/gnulib-cache.m4                     |    4 +-
 lib/gl/m4/gnulib-comp.m4                      |    4 +
 lib/gltests/Makefile.am                       |    9 ++
 lib/gltests/{test-gc-md5.c => test-gc-sha1.c} |   47 ++++-----
 lib/scram/client.c                            |  137 ++++++++++++++++++++++++-
 lib/src/gsasl.h                               |    1 +
 lib/src/internal.h                            |    1 +
 lib/src/property.c                            |    4 +
 lib/src/xfinish.c                             |    1 +
 13 files changed, 199 insertions(+), 33 deletions(-)
 copy lib/gl/m4/{gc-md5.m4 => gc-sha1.m4} (85%)
 copy lib/gltests/{test-gc-md5.c => test-gc-sha1.c} (67%)

diff --git a/doc/Makefile.am b/doc/Makefile.am
index 0b4c58e..f9509e6 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -84,6 +84,8 @@ gdoc_MANS += man/gsasl_nonce.3
 gdoc_MANS += man/gsasl_random.3
 gdoc_MANS += man/gsasl_md5.3
 gdoc_MANS += man/gsasl_hmac_md5.3
+gdoc_MANS += man/gsasl_sha1.3
+gdoc_MANS += man/gsasl_hmac_sha1.3
 gdoc_MANS += man/gsasl_done.3
 gdoc_MANS += man/gsasl_strerror.3
 gdoc_MANS += man/gsasl_strerror_name.3
@@ -221,6 +223,8 @@ gdoc_TEXINFOS += texi/gsasl_nonce.texi
 gdoc_TEXINFOS += texi/gsasl_random.texi
 gdoc_TEXINFOS += texi/gsasl_md5.texi
 gdoc_TEXINFOS += texi/gsasl_hmac_md5.texi
+gdoc_TEXINFOS += texi/gsasl_sha1.texi
+gdoc_TEXINFOS += texi/gsasl_hmac_sha1.texi
 gdoc_TEXINFOS += texi/gsasl_done.texi
 gdoc_TEXINFOS += texi/gsasl_strerror.texi
 gdoc_TEXINFOS += texi/gsasl_strerror_name.texi
diff --git a/lib/NEWS b/lib/NEWS
index 9ae17d9..1737ed3 100644
--- a/lib/NEWS
+++ b/lib/NEWS
@@ -5,7 +5,8 @@ See the end for copying conditions.
 * Version 1.3 (unreleased)
 
 ** libgsasl: Implement SCRAM-SHA-1.
-New properties are GSASL_SCRAM_ITER and GSASL_SCRAM_SALT.
+New properties are GSASL_SCRAM_ITER, GSASL_SCRAM_SALT, and
+GSASL_SCRAM_SALTED_PASSWORD.
 
 ** libgsasl: Add helper APIs for SHA-1 and HMAC-SHA-1.
 New functions are gsasl_sha1 and gsasl_hmac_sha1.
diff --git a/lib/gl/Makefile.am b/lib/gl/Makefile.am
index fe20fb0..2770fef 100644
--- a/lib/gl/Makefile.am
+++ b/lib/gl/Makefile.am
@@ -9,7 +9,7 @@
 # the same distribution terms as the rest of that program.
 #
 # Generated by gnulib-tool.
-# Reproduce by: gnulib-tool --import --dir=. --local-dir=gl/override 
--lib=libgl --source-base=gl --m4-base=gl/m4 --doc-base=doc 
--tests-base=gltests --aux-dir=build-aux --with-tests 
--avoid=vc-list-files-tests --lgpl=2 --libtool --macro-prefix=gl --no-vc-files 
base64 crypto/gc crypto/gc-hmac-md5 crypto/gc-hmac-md5-tests crypto/gc-md5 
crypto/gc-md5-tests crypto/gc-pbkdf2-sha1 crypto/gc-random crypto/gc-tests 
getline gettext lib-msvc-compat lib-symbol-versions lib-symbol-visibility 
maintainer-makefile minmax strchrnul strverscmp vasprintf
+# Reproduce by: gnulib-tool --import --dir=. --local-dir=gl/override 
--lib=libgl --source-base=gl --m4-base=gl/m4 --doc-base=doc 
--tests-base=gltests --aux-dir=build-aux --with-tests 
--avoid=vc-list-files-tests --lgpl=2 --libtool --macro-prefix=gl --no-vc-files 
base64 crypto/gc crypto/gc-hmac-md5 crypto/gc-hmac-md5-tests 
crypto/gc-hmac-sha1 crypto/gc-md5 crypto/gc-md5-tests crypto/gc-pbkdf2-sha1 
crypto/gc-random crypto/gc-sha1 crypto/gc-tests getline gettext lib-msvc-compat 
lib-symbol-versions lib-symbol-visibility maintainer-makefile minmax strchrnul 
strverscmp vasprintf
 
 AUTOMAKE_OPTIONS = 1.5 gnits
 
@@ -111,6 +111,15 @@ EXTRA_libgl_la_SOURCES += gc-pbkdf2-sha1.c
 
 ## end   gnulib module crypto/gc-pbkdf2-sha1
 
+## begin gnulib module crypto/gc-sha1
+
+
+EXTRA_DIST += sha1.c sha1.h
+
+EXTRA_libgl_la_SOURCES += sha1.c
+
+## end   gnulib module crypto/gc-sha1
+
 ## begin gnulib module errno
 
 BUILT_SOURCES += $(ERRNO_H)
diff --git a/lib/gl/m4/gc-md5.m4 b/lib/gl/m4/gc-sha1.m4
similarity index 85%
copy from lib/gl/m4/gc-md5.m4
copy to lib/gl/m4/gc-sha1.m4
index 62cadce..78466b0 100644
--- a/lib/gl/m4/gc-md5.m4
+++ b/lib/gl/m4/gc-sha1.m4
@@ -1,13 +1,13 @@
-# gc-md5.m4 serial 2
+# gc-sha1.m4 serial 2
 dnl Copyright (C) 2005, 2007 Free Software Foundation, Inc.
 dnl This file is free software; the Free Software Foundation
 dnl gives unlimited permission to copy and/or distribute it,
 dnl with or without modifications, as long as this notice is preserved.
 
-AC_DEFUN([gl_GC_MD5],
+AC_DEFUN([gl_GC_SHA1],
 [
   AC_REQUIRE([gl_GC])
   if test "$ac_cv_libgcrypt" != yes; then
-    gl_MD5
+    gl_SHA1
   fi
 ])
diff --git a/lib/gl/m4/gnulib-cache.m4 b/lib/gl/m4/gnulib-cache.m4
index 0fb1947..95ac01a 100644
--- a/lib/gl/m4/gnulib-cache.m4
+++ b/lib/gl/m4/gnulib-cache.m4
@@ -15,7 +15,7 @@
 
 
 # Specification in the form of a command-line invocation:
-#   gnulib-tool --import --dir=. --local-dir=gl/override --lib=libgl 
--source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gltests 
--aux-dir=build-aux --with-tests --avoid=vc-list-files-tests --lgpl=2 --libtool 
--macro-prefix=gl --no-vc-files base64 crypto/gc crypto/gc-hmac-md5 
crypto/gc-hmac-md5-tests crypto/gc-md5 crypto/gc-md5-tests 
crypto/gc-pbkdf2-sha1 crypto/gc-random crypto/gc-tests getline gettext 
lib-msvc-compat lib-symbol-versions lib-symbol-visibility maintainer-makefile 
minmax strchrnul strverscmp vasprintf
+#   gnulib-tool --import --dir=. --local-dir=gl/override --lib=libgl 
--source-base=gl --m4-base=gl/m4 --doc-base=doc --tests-base=gltests 
--aux-dir=build-aux --with-tests --avoid=vc-list-files-tests --lgpl=2 --libtool 
--macro-prefix=gl --no-vc-files base64 crypto/gc crypto/gc-hmac-md5 
crypto/gc-hmac-md5-tests crypto/gc-hmac-sha1 crypto/gc-md5 crypto/gc-md5-tests 
crypto/gc-pbkdf2-sha1 crypto/gc-random crypto/gc-sha1 crypto/gc-tests getline 
gettext lib-msvc-compat lib-symbol-versions lib-symbol-visibility 
maintainer-makefile minmax strchrnul strverscmp vasprintf
 
 # Specification in the form of a few gnulib-tool.m4 macro invocations:
 gl_LOCAL_DIR([gl/override])
@@ -24,10 +24,12 @@ gl_MODULES([
   crypto/gc
   crypto/gc-hmac-md5
   crypto/gc-hmac-md5-tests
+  crypto/gc-hmac-sha1
   crypto/gc-md5
   crypto/gc-md5-tests
   crypto/gc-pbkdf2-sha1
   crypto/gc-random
+  crypto/gc-sha1
   crypto/gc-tests
   getline
   gettext
diff --git a/lib/gl/m4/gnulib-comp.m4 b/lib/gl/m4/gnulib-comp.m4
index a4ec967..6ba7f2a 100644
--- a/lib/gl/m4/gnulib-comp.m4
+++ b/lib/gl/m4/gnulib-comp.m4
@@ -57,6 +57,8 @@ AC_DEFUN([gl_INIT],
   gl_GC_PBKDF2_SHA1
   gl_GC_RANDOM
   gl_MODULE_INDICATOR([gc-random])
+  gl_GC_SHA1
+  gl_MODULE_INDICATOR([gc-sha1])
   gl_HEADER_ERRNO_H
   gl_FLOAT_H
   gl_FUNC_GETDELIM
@@ -310,6 +312,7 @@ AC_DEFUN([gl_FILE_LIST], [
   m4/gc-md5.m4
   m4/gc-pbkdf2-sha1.m4
   m4/gc-random.m4
+  m4/gc-sha1.m4
   m4/gc.m4
   m4/getdelim.m4
   m4/getline.m4
@@ -379,6 +382,7 @@ AC_DEFUN([gl_FILE_LIST], [
   tests/test-gc-hmac-sha1.c
   tests/test-gc-md5.c
   tests/test-gc-pbkdf2-sha1.c
+  tests/test-gc-sha1.c
   tests/test-gc.c
   tests/test-getdelim.c
   tests/test-getline.c
diff --git a/lib/gltests/Makefile.am b/lib/gltests/Makefile.am
index 8910664..4047a7f 100644
--- a/lib/gltests/Makefile.am
+++ b/lib/gltests/Makefile.am
@@ -77,6 +77,15 @@ EXTRA_DIST += test-gc-pbkdf2-sha1.c
 
 ## end   gnulib module crypto/gc-pbkdf2-sha1-tests
 
+## begin gnulib module crypto/gc-sha1-tests
+
+TESTS += test-gc-sha1
+check_PROGRAMS += test-gc-sha1
+
+EXTRA_DIST += test-gc-sha1.c
+
+## end   gnulib module crypto/gc-sha1-tests
+
 ## begin gnulib module errno-tests
 
 TESTS += test-errno
diff --git a/lib/gltests/test-gc-md5.c b/lib/gltests/test-gc-sha1.c
similarity index 67%
copy from lib/gltests/test-gc-md5.c
copy to lib/gltests/test-gc-sha1.c
index b5985e6..63c111c 100644
--- a/lib/gltests/test-gc-md5.c
+++ b/lib/gltests/test-gc-sha1.c
@@ -36,28 +36,24 @@ main (int argc, char *argv[])
       return 1;
     }
 
-  /* Test vectors from RFC 1321. */
-
   {
-    char *in = "abcdefghijklmnopqrstuvwxyz";
+    char *in = "abcdefgh";
     size_t inlen = strlen (in);
-    char *expect =
-      "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1\x3b";
-    char out[16];
+    char *expect = "\x42\x5a\xf1\x2a\x07\x43\x50\x2b"
+      "\x32\x2e\x93\xa0\x15\xbc\xf8\x68\xe3\x24\xd5\x6a";
+    char out[20];
     const char *p;
 
-    /* MD5 ("abcdefghijklmnopqrstuvwxyz") = c3fcd3d76192e4007dfb496cca67e13b */
-
-    if (gc_md5 (in, inlen, out) != 0)
+    if (gc_sha1 (in, inlen, out) != 0)
       {
-       printf ("gc_md5 call failed\n");
+       printf ("gc_sha1 call failed\n");
        return 1;
       }
 
-    if (memcmp (out, expect, 16) != 0)
+    if (memcmp (out, expect, 20) != 0)
       {
        size_t i;
-       printf ("md5 1 mismatch. expected:\n");
+       printf ("sha1 mismatch. expected:\n");
        for (i = 0; i < 16; i++)
          printf ("%02x ", expect[i] & 0xFF);
        printf ("\ncomputed:\n");
@@ -67,16 +63,17 @@ main (int argc, char *argv[])
        return 1;
       }
 
-    if (gc_hash_buffer (GC_MD5, in, inlen, out) != 0)
+    rc = gc_hash_buffer (GC_SHA1, "abcdefgh", 8, out);
+    if (rc != GC_OK)
       {
-       printf ("gc_hash_buffer(MD5) call failed\n");
+       printf ("gc_hash_buffer(sha1) call failed: %d\n", rc);
        return 1;
       }
 
-    if (memcmp (out, expect, 16) != 0)
+    if (memcmp (out, expect, 20) != 0)
       {
        size_t i;
-       printf ("md5 2 mismatch. expected:\n");
+       printf ("sha1' mismatch. expected:\n");
        for (i = 0; i < 16; i++)
          printf ("%02x ", expect[i] & 0xFF);
        printf ("\ncomputed:\n");
@@ -86,15 +83,15 @@ main (int argc, char *argv[])
        return 1;
       }
 
-    if (gc_hash_digest_length (GC_MD5) != 16)
+    if (gc_hash_digest_length (GC_SHA1) != 20)
       {
-       printf ("gc_hash_digest_length (GC_MD5) failed\n");
+       printf ("gc_hash_digest_length (GC_SHA1) failed\n");
        return 1;
       }
 
-    if ((rc = gc_hash_open (GC_MD5, 0, &h)) != GC_OK)
+    if ((rc = gc_hash_open (GC_SHA1, 0, &h)) != GC_OK)
       {
-       printf ("gc_hash_open(GC_MD5) failed (%d)\n", rc);
+       printf ("gc_hash_open(GC_SHA1) failed (%d)\n", rc);
        return 1;
       }
 
@@ -108,14 +105,14 @@ main (int argc, char *argv[])
        return 1;
       }
 
-    if (memcmp (p, expect, 16) != 0)
-       {
+    if (memcmp (p, expect, 20) != 0)
+      {
        size_t i;
-       printf ("md5 3 mismatch. expected:\n");
-       for (i = 0; i < 16; i++)
+       printf ("sha1 1 mismatch. expected:\n");
+       for (i = 0; i < 20; i++)
          printf ("%02x ", expect[i] & 0xFF);
        printf ("\ncomputed:\n");
-       for (i = 0; i < 16; i++)
+       for (i = 0; i < 20; i++)
          printf ("%02x ", p[i] & 0xFF);
        printf ("\n");
        return 1;
diff --git a/lib/scram/client.c b/lib/scram/client.c
index d440bbc..08aa52b 100644
--- a/lib/scram/client.c
+++ b/lib/scram/client.c
@@ -33,15 +33,21 @@
 /* Get memcpy, strlen. */
 #include <string.h>
 
+/* Get bool. */
+#include <stdbool.h>
+
 #include "tokens.h"
 #include "parser.h"
 #include "printer.h"
+#include "gc.h"
+#include "memxor.h"
 
 #define CNONCE_ENTROPY_BYTES 18
 
 struct scram_client_state
 {
   int step;
+  char *cfmb; /* client first message bare */
   struct scram_client_first cf;
   struct scram_server_first sf;
   struct scram_client_final cl;
@@ -79,6 +85,47 @@ _gsasl_scram_sha1_client_start (Gsasl_session * sctx, void 
**mech_data)
   return GSASL_OK;
 }
 
+static char
+hexdigit_to_char (char hexdigit)
+{
+  if (hexdigit >= '0' && hexdigit <= '9')
+    return hexdigit - '0';
+  if (hexdigit >= 'a' && hexdigit <= 'f')
+    return hexdigit - 'a' + 10;
+  return 0;
+}
+
+static char
+hex_to_char (char u, char l)
+{
+  return (char) (((unsigned char) hexdigit_to_char (u)) * 16
+                + hexdigit_to_char (l));
+}
+
+static void
+sha1_hex_to_byte (char *saltedpassword, const char *p)
+{
+  while (*p)
+    {
+      *saltedpassword = hex_to_char (p[0], p[1]);
+      p++;
+
+      saltedpassword += 2;
+    }
+}
+
+static bool
+hex_p (const char *hexstr)
+{
+  static char hexalpha[] = "0123456789abcdef";
+
+  for (; *hexstr; hexstr++)
+    if (!strchr (hexalpha, *hexstr))
+      return false;
+
+  return true;
+}
+
 int
 _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
                               void *mech_data,
@@ -123,7 +170,7 @@ _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
 
        *output_len = strlen (*output);
 
-       /* Save "cbind" for next step. */
+       /* Save "cbind" and "bare" for next step. */
        p = strchr (*output, ',');
        if (!p)
            return GSASL_AUTHENTICATION_ERROR;
@@ -136,6 +183,10 @@ _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
        if (rc != 0)
          return rc;
 
+       state->cfmb = strdup (p);
+       if (!state->cfmb)
+         return GSASL_MALLOC_ERROR;
+
        /* We are done. */
        state->step++;
        return GSASL_NEEDS_MORE;
@@ -155,11 +206,92 @@ _gsasl_scram_sha1_client_step (Gsasl_session * sctx,
                    strlen (state->cf.client_nonce)) != 0)
          return GSASL_AUTHENTICATION_ERROR;
 
+       /* Save salt/iter as properties, so that client callback can
+          access them. */
+       {
+         char *str = NULL;
+         int n;
+         n = asprintf (&str, "%d", state->sf.iter);
+         if (n < 0 || str == NULL)
+           return GSASL_MALLOC_ERROR;
+         gsasl_property_set (sctx, GSASL_SCRAM_ITER, str);
+       }
+
+       gsasl_property_set (sctx, GSASL_SCRAM_SALT, state->sf.salt);
+
        state->cl.nonce = strdup (state->sf.nonce);
        if (!state->cl.nonce)
          return GSASL_MALLOC_ERROR;
 
-       state->cl.proof = strdup ("proof");
+       {
+         char saltedpassword[20];
+         char *clientkey;
+         char *storedkey;
+         char *authmessage;
+         char *clientsignature;
+         char clientproof[20];
+         const char *p;
+
+         p = gsasl_property_get (sctx, GSASL_SCRAM_SALTED_PASSWORD);
+         if (p && strlen (p) == 40 && hex_p (p))
+           sha1_hex_to_byte (saltedpassword, p);
+         else if ((p = gsasl_property_get (sctx, GSASL_PASSWORD)) != NULL)
+           {
+             Gc_rc err;
+
+             /* SaltedPassword := Hi(password, salt) */
+             err = gc_pbkdf2_sha1 (p, strlen (p),
+                                   state->sf.salt, strlen (state->sf.salt),
+                                   state->sf.iter, saltedpassword, 20);
+             if (err != GC_OK)
+               return GSASL_MALLOC_ERROR;
+           }
+         else
+           return GSASL_NO_PASSWORD;
+
+         /* ClientKey := HMAC(SaltedPassword, "Client Key") */
+#define CLIENT_KEY "Client key"
+         rc = gsasl_hmac_sha1 (saltedpassword, 20,
+                               CLIENT_KEY, strlen (CLIENT_KEY),
+                               &clientkey);
+         if (rc != 0)
+           return rc;
+
+         /* StoredKey := H(ClientKey) */
+         rc = gsasl_sha1 (clientkey, 20, &storedkey);
+         if (rc != 0)
+           return rc;
+
+         /* Get client-final-message-without-proof. */
+         state->cl.proof = strdup ("p");
+         rc = scram_print_client_final (&state->cl, output);
+         if (rc != 0)
+           return GSASL_MALLOC_ERROR;
+         free (state->cl.proof);
+
+         /* Compute AuthMessage */
+         asprintf (&authmessage, "%s,%.*s,%.*s",
+                   state->cfmb,
+                   input_len, input,
+                   strlen (*output) - 4,
+                   *output);
+
+         /* ClientSignature := HMAC(StoredKey, AuthMessage) */
+         rc = gsasl_hmac_sha1 (storedkey, 20,
+                               authmessage, strlen (authmessage),
+                               &clientsignature);
+         free (authmessage);
+         if (rc != 0)
+           return rc;
+
+         /* ClientProof := ClientKey XOR ClientSignature */
+         memcpy (clientproof, clientkey, 20);
+         memxor (clientproof, clientsignature, 20);
+
+         rc = gsasl_base64_to (clientproof, 20, &state->cl.proof, NULL);
+         if (rc != 0)
+           return rc;
+       }
 
        rc = scram_print_client_final (&state->cl, output);
        if (rc != 0)
@@ -202,6 +334,7 @@ _gsasl_scram_sha1_client_finish (Gsasl_session * sctx, void 
*mech_data)
   if (!state)
     return;
 
+  free (state->cfmb);
   scram_free_client_first (&state->cf);
   scram_free_server_first (&state->sf);
   scram_free_client_final (&state->cl);
diff --git a/lib/src/gsasl.h b/lib/src/gsasl.h
index 7931d7d..4e36ce8 100644
--- a/lib/src/gsasl.h
+++ b/lib/src/gsasl.h
@@ -200,6 +200,7 @@ extern "C"
     GSASL_QOP = 14,
     GSASL_SCRAM_ITER = 15,
     GSASL_SCRAM_SALT = 16,
+    GSASL_SCRAM_SALTED_PASSWORD = 17,
     /* Server validation callback properties. */
     GSASL_VALIDATE_SIMPLE = 500,
     GSASL_VALIDATE_EXTERNAL = 501,
diff --git a/lib/src/internal.h b/lib/src/internal.h
index 72fe3e6..1e41ea7 100644
--- a/lib/src/internal.h
+++ b/lib/src/internal.h
@@ -101,6 +101,7 @@ struct Gsasl_session
   char *qop;
   char *scram_iter;
   char *scram_salt;
+  char *scram_salted_password;
 
 #ifndef GSASL_NO_OBSOLETE
   /* Obsolete stuff. */
diff --git a/lib/src/property.c b/lib/src/property.c
index 9f57c73..1f3825f 100644
--- a/lib/src/property.c
+++ b/lib/src/property.c
@@ -96,6 +96,10 @@ map (Gsasl_session * sctx, Gsasl_property prop)
       p = &sctx->scram_salt;
       break;
 
+    case GSASL_SCRAM_SALTED_PASSWORD:
+      p = &sctx->scram_salted_password;
+      break;
+
     default:
       break;
     }
diff --git a/lib/src/xfinish.c b/lib/src/xfinish.c
index 3d0e0a8..63d3937 100644
--- a/lib/src/xfinish.c
+++ b/lib/src/xfinish.c
@@ -59,6 +59,7 @@ gsasl_finish (Gsasl_session * sctx)
   free (sctx->qop);
   free (sctx->scram_iter);
   free (sctx->scram_salt);
+  free (sctx->scram_salted_password);
 
   free (sctx);
 }


hooks/post-receive
-- 
GNU gsasl




reply via email to

[Prev in Thread] Current Thread [Next in Thread]