diff options
Diffstat (limited to 'plugins/FTPFileYM/curl/lib/curl_sasl.c')
-rw-r--r-- | plugins/FTPFileYM/curl/lib/curl_sasl.c | 89 |
1 files changed, 67 insertions, 22 deletions
diff --git a/plugins/FTPFileYM/curl/lib/curl_sasl.c b/plugins/FTPFileYM/curl/lib/curl_sasl.c index d07387d471..b3ffc66156 100644 --- a/plugins/FTPFileYM/curl/lib/curl_sasl.c +++ b/plugins/FTPFileYM/curl/lib/curl_sasl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012-2013, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -22,6 +22,7 @@ * RFC2831 DIGEST-MD5 authentication * RFC4422 Simple Authentication and Security Layer (SASL) * RFC4616 PLAIN authentication + * RFC6749 OAuth 2.0 Authorization Framework * ***************************************************************************/ @@ -32,7 +33,7 @@ #include "curl_base64.h" #include "curl_md5.h" -#include "curl_rand.h" +#include "sslgen.h" #include "curl_hmac.h" #include "curl_ntlm_msgs.h" #include "curl_sasl.h" @@ -90,22 +91,22 @@ static bool sasl_digest_get_key_value(const unsigned char *chlg, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data, - const char* userp, - const char* passwdp, + const char *userp, + const char *passwdp, char **outptr, size_t *outlen) { - char plainauth[2 * MAX_CURL_USER_LENGTH + MAX_CURL_PASSWORD_LENGTH]; + CURLcode result; + char *plainauth; size_t ulen; size_t plen; ulen = strlen(userp); plen = strlen(passwdp); - if(2 * ulen + plen + 2 > sizeof(plainauth)) { + plainauth = malloc(2 * ulen + plen + 2); + if(!plainauth) { *outlen = 0; *outptr = NULL; - - /* Plainauth too small */ return CURLE_OUT_OF_MEMORY; } @@ -117,8 +118,10 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data, memcpy(plainauth + 2 * ulen + 2, passwdp, plen); /* Base64 encode the reply */ - return Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, - outlen); + result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, + outlen); + Curl_safefree(plainauth); + return result; } /* @@ -138,7 +141,7 @@ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data, - const char* valuep, char **outptr, + const char *valuep, char **outptr, size_t *outlen) { size_t vlen = strlen(valuep); @@ -179,9 +182,9 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, - const char* chlg64, - const char* userp, - const char* passwdp, + const char *chlg64, + const char *userp, + const char *passwdp, char **outptr, size_t *outlen) { CURLcode result = CURLE_OK; @@ -190,7 +193,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, size_t chlglen = 0; HMAC_context *ctxt; unsigned char digest[MD5_DIGEST_LEN]; - char response[MAX_CURL_USER_LENGTH + 2 * MD5_DIGEST_LEN + 1]; + char *response; /* Decode the challenge if necessary */ if(chlg64len && *chlg64 != '=') { @@ -220,14 +223,19 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, Curl_HMAC_final(ctxt, digest); /* Prepare the response */ - snprintf(response, sizeof(response), + response = aprintf( "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", userp, digest[0], digest[1], digest[2], digest[3], digest[4], digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], digest[11], digest[12], digest[13], digest[14], digest[15]); + if(!response) + return CURLE_OUT_OF_MEMORY; /* Base64 encode the reply */ - return Curl_base64_encode(data, response, 0, outptr, outlen); + result = Curl_base64_encode(data, response, 0, outptr, outlen); + + Curl_safefree(response); + return result; } /* @@ -250,10 +258,10 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, - const char* chlg64, - const char* userp, - const char* passwdp, - const char* service, + const char *chlg64, + const char *userp, + const char *passwdp, + const char *service, char **outptr, size_t *outlen) { static const char table16[] = "0123456789abcdef"; @@ -283,6 +291,9 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, if(result) return result; + if(!chlg) + return CURLE_LOGIN_DENIED; + /* Retrieve nonce string from the challenge */ if(!sasl_digest_get_key_value(chlg, "nonce=\"", nonce, sizeof(nonce), '\"')) { @@ -311,7 +322,7 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, /* Generate 64 bits of random data */ for(i = 0; i < 8; i++) - cnonce[i] = table16[Curl_rand()%16]; + cnonce[i] = table16[Curl_rand(data)%16]; /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); @@ -468,6 +479,40 @@ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, #endif /* USE_NTLM */ /* + * Curl_sasl_create_xoauth2_message() + * + * This is used to generate an already encoded XOAUTH2 message ready + * for sending to the recipient. + * + * Parameters: + * + * data [in] - The session handle. + * user [in] - The user name. + * bearer [in] - The XOAUTH Bearer token. + * outptr [in/out] - The address where a pointer to newly allocated memory + * holding the result will be stored upon completion. + * outlen [out] - The length of the output message. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_sasl_create_xoauth2_message(struct SessionHandle *data, + const char *user, + const char *bearer, + char **outptr, size_t *outlen) +{ + char *xoauth; + + xoauth = aprintf("user=%s\1auth=Bearer %s\1\1", user, bearer); + + if(!xoauth) + return CURLE_OUT_OF_MEMORY; + + /* Base64 encode the reply */ + return Curl_base64_encode(data, xoauth, strlen(xoauth), outptr, + outlen); +} + +/* * Curl_sasl_cleanup() * * This is used to cleanup any libraries or curl modules used by the sasl |