gsasl  2.2.1
cram-md5/server.c
Go to the documentation of this file.
1 /* server.c --- SASL CRAM-MD5 server side functions.
2  * Copyright (C) 2002-2024 Simon Josefsson
3  *
4  * This file is part of GNU SASL Library.
5  *
6  * GNU SASL Library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public License
8  * as published by the Free Software Foundation; either version 2.1 of
9  * the License, or (at your option) any later version.
10  *
11  * GNU SASL Library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with GNU SASL Library; if not, write to the Free
18  * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
19  * Boston, MA 02110-1301, USA.
20  *
21  */
22 
23 #include <config.h>
24 
25 /* Get specification. */
26 #include "cram-md5.h"
27 
28 /* Get malloc, free. */
29 #include <stdlib.h>
30 
31 /* Get memcpy, strdup, strlen. */
32 #include <string.h>
33 
34 /* Get cram_md5_challenge. */
35 #include "challenge.h"
36 
37 /* Get cram_md5_digest. */
38 #include "digest.h"
39 
40 #define MD5LEN 16
41 
42 int
44  void **mech_data)
45 {
46  char *challenge;
47  int rc;
48 
49  challenge = malloc (CRAM_MD5_CHALLENGE_LEN);
50  if (challenge == NULL)
51  return GSASL_MALLOC_ERROR;
52 
53  rc = cram_md5_challenge (challenge);
54  if (rc)
55  {
56  free (challenge);
57  return GSASL_CRYPTO_ERROR;
58  }
59 
60  *mech_data = challenge;
61 
62  return GSASL_OK;
63 }
64 
65 int
67  void *mech_data,
68  const char *input, size_t input_len,
69  char **output, size_t *output_len)
70 {
71  char *challenge = mech_data;
72  char hash[CRAM_MD5_DIGEST_LEN];
73  const char *password;
74  char *username = NULL;
75  int res = GSASL_OK;
76  char *normkey;
77 
78  if (input_len == 0)
79  {
80  *output_len = strlen (challenge);
81  *output = strdup (challenge);
82 
83  return GSASL_NEEDS_MORE;
84  }
85 
86  if (input_len <= MD5LEN * 2)
88 
89  if (input[input_len - MD5LEN * 2 - 1] != ' ')
91 
92  username = calloc (1, input_len - MD5LEN * 2);
93  if (username == NULL)
94  return GSASL_MALLOC_ERROR;
95 
96  memcpy (username, input, input_len - MD5LEN * 2 - 1);
97 
98  res = gsasl_property_set (sctx, GSASL_AUTHID, username);
99  free (username);
100  if (res != GSASL_OK)
101  return res;
102 
103  password = gsasl_property_get (sctx, GSASL_PASSWORD);
104  if (!password)
105  return GSASL_NO_PASSWORD;
106 
107  /* FIXME: Use SASLprep here? Treat string as storage string?
108  Specification is unclear. */
109  res = gsasl_saslprep (password, 0, &normkey, NULL);
110  if (res != GSASL_OK)
111  return res;
112 
113  cram_md5_digest (challenge, strlen (challenge),
114  normkey, strlen (normkey), hash);
115 
116  free (normkey);
117 
118  if (memcmp (&input[input_len - MD5LEN * 2], hash, 2 * MD5LEN) == 0)
119  res = GSASL_OK;
120  else
122 
123  *output_len = 0;
124  *output = NULL;
125 
126  return res;
127 }
128 
129 void
131  void *mech_data)
132 {
133  char *challenge = mech_data;
134 
135  free (challenge);
136 }
int cram_md5_challenge(char challenge[CRAM_MD5_CHALLENGE_LEN])
Definition: challenge.c:66
#define CRAM_MD5_CHALLENGE_LEN
Definition: challenge.h:26
#define MD5LEN
int _gsasl_cram_md5_server_step(Gsasl_session *sctx, void *mech_data, const char *input, size_t input_len, char **output, size_t *output_len)
void _gsasl_cram_md5_server_finish(Gsasl_session *sctx _GL_UNUSED, void *mech_data)
int _gsasl_cram_md5_server_start(Gsasl_session *sctx _GL_UNUSED, void **mech_data)
void cram_md5_digest(const char *challenge, size_t challengelen, const char *secret, size_t secretlen, char response[CRAM_MD5_DIGEST_LEN])
Definition: digest.c:60
#define CRAM_MD5_DIGEST_LEN
Definition: digest.h:29
int rc
Definition: error.c:37
@ GSASL_OK
Definition: gsasl.h:129
@ GSASL_AUTHENTICATION_ERROR
Definition: gsasl.h:138
@ GSASL_NEEDS_MORE
Definition: gsasl.h:130
@ GSASL_MALLOC_ERROR
Definition: gsasl.h:133
@ GSASL_NO_PASSWORD
Definition: gsasl.h:146
@ GSASL_MECHANISM_PARSE_ERROR
Definition: gsasl.h:137
@ GSASL_CRYPTO_ERROR
Definition: gsasl.h:135
_GSASL_API int gsasl_property_set(Gsasl_session *sctx, Gsasl_property prop, const char *data)
Definition: property.c:189
_GSASL_API const char * gsasl_property_get(Gsasl_session *sctx, Gsasl_property prop)
Definition: property.c:292
@ GSASL_PASSWORD
Definition: gsasl.h:226
@ GSASL_AUTHID
Definition: gsasl.h:224
_GSASL_API int gsasl_saslprep(const char *in, Gsasl_saslprep_flags flags, char **out, int *stringpreprc)