1: /***************************************************************************
2: * _ _ ____ _
3: * Project ___| | | | _ \| |
4: * / __| | | | |_) | |
5: * | (__| |_| | _ <| |___
6: * \___|\___/|_| \_\_____|
7: *
8: * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
9: *
10: * This software is licensed as described in the file COPYING, which
11: * you should have received as part of this distribution. The terms
12: * are also available at https://curl.haxx.se/docs/copyright.html.
13: *
14: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15: * copies of the Software, and permit persons to whom the Software is
16: * furnished to do so, under the terms of the COPYING file.
17: *
18: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19: * KIND, either express or implied.
20: *
21: * RFC4616 PLAIN authentication
22: * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
23: *
24: ***************************************************************************/
25:
26: #include "curl_setup.h"
27:
28: #if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \
29: !defined(CURL_DISABLE_POP3)
30:
31: #include <curl/curl.h>
32: #include "urldata.h"
33:
34: #include "vauth/vauth.h"
35: #include "curl_base64.h"
36: #include "curl_md5.h"
37: #include "warnless.h"
38: #include "strtok.h"
39: #include "sendf.h"
40: #include "curl_printf.h"
41:
42: /* The last #include files should be: */
43: #include "curl_memory.h"
44: #include "memdebug.h"
45:
46: /*
47: * Curl_auth_create_plain_message()
48: *
49: * This is used to generate an already encoded PLAIN message ready
50: * for sending to the recipient.
51: *
52: * Parameters:
53: *
54: * data [in] - The session handle.
55: * authzid [in] - The authorization identity.
56: * authcid [in] - The authentication identity.
57: * passwd [in] - The password.
58: * outptr [in/out] - The address where a pointer to newly allocated memory
59: * holding the result will be stored upon completion.
60: * outlen [out] - The length of the output message.
61: *
62: * Returns CURLE_OK on success.
63: */
64: CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
65: const char *authzid,
66: const char *authcid,
67: const char *passwd,
68: char **outptr, size_t *outlen)
69: {
70: CURLcode result;
71: char *plainauth;
72: size_t zlen;
73: size_t clen;
74: size_t plen;
75: size_t plainlen;
76:
77: *outlen = 0;
78: *outptr = NULL;
79: zlen = (authzid == NULL ? 0 : strlen(authzid));
80: clen = strlen(authcid);
81: plen = strlen(passwd);
82:
83: /* Compute binary message length. Check for overflows. */
84: if(((zlen + clen) > SIZE_T_MAX/4) || (plen > (SIZE_T_MAX/2 - 2)))
85: return CURLE_OUT_OF_MEMORY;
86: plainlen = zlen + clen + plen + 2;
87:
88: plainauth = malloc(plainlen);
89: if(!plainauth)
90: return CURLE_OUT_OF_MEMORY;
91:
92: /* Calculate the reply */
93: if(zlen != 0)
94: memcpy(plainauth, authzid, zlen);
95: plainauth[zlen] = '\0';
96: memcpy(plainauth + zlen + 1, authcid, clen);
97: plainauth[zlen + clen + 1] = '\0';
98: memcpy(plainauth + zlen + clen + 2, passwd, plen);
99:
100: /* Base64 encode the reply */
101: result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen);
102: free(plainauth);
103:
104: return result;
105: }
106:
107: /*
108: * Curl_auth_create_login_message()
109: *
110: * This is used to generate an already encoded LOGIN message containing the
111: * user name or password ready for sending to the recipient.
112: *
113: * Parameters:
114: *
115: * data [in] - The session handle.
116: * valuep [in] - The user name or user's password.
117: * outptr [in/out] - The address where a pointer to newly allocated memory
118: * holding the result will be stored upon completion.
119: * outlen [out] - The length of the output message.
120: *
121: * Returns CURLE_OK on success.
122: */
123: CURLcode Curl_auth_create_login_message(struct Curl_easy *data,
124: const char *valuep, char **outptr,
125: size_t *outlen)
126: {
127: size_t vlen = strlen(valuep);
128:
129: if(!vlen) {
130: /* Calculate an empty reply */
131: *outptr = strdup("=");
132: if(*outptr) {
133: *outlen = (size_t) 1;
134: return CURLE_OK;
135: }
136:
137: *outlen = 0;
138: return CURLE_OUT_OF_MEMORY;
139: }
140:
141: /* Base64 encode the value */
142: return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
143: }
144:
145: /*
146: * Curl_auth_create_external_message()
147: *
148: * This is used to generate an already encoded EXTERNAL message containing
149: * the user name ready for sending to the recipient.
150: *
151: * Parameters:
152: *
153: * data [in] - The session handle.
154: * user [in] - The user name.
155: * outptr [in/out] - The address where a pointer to newly allocated memory
156: * holding the result will be stored upon completion.
157: * outlen [out] - The length of the output message.
158: *
159: * Returns CURLE_OK on success.
160: */
161: CURLcode Curl_auth_create_external_message(struct Curl_easy *data,
162: const char *user, char **outptr,
163: size_t *outlen)
164: {
165: /* This is the same formatting as the login message */
166: return Curl_auth_create_login_message(data, user, outptr, outlen);
167: }
168:
169: #endif /* if no users */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to cleartext.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib / vauth