1 /*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel (at) haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at https://curl.haxx.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 * RFC4616 PLAIN authentication 22 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt> 23 * 24 ***************************************************************************/ 25 26 #include "curl_setup.h" 27 28 #include <curl/curl.h> 29 #include "urldata.h" 30 31 #include "vauth/vauth.h" 32 #include "curl_base64.h" 33 #include "curl_md5.h" 34 #include "warnless.h" 35 #include "strtok.h" 36 #include "strequal.h" 37 #include "rawstr.h" 38 #include "sendf.h" 39 #include "curl_printf.h" 40 41 /* The last #include files should be: */ 42 #include "curl_memory.h" 43 #include "memdebug.h" 44 45 /* 46 * Curl_auth_create_plain_message() 47 * 48 * This is used to generate an already encoded PLAIN message ready 49 * for sending to the recipient. 50 * 51 * Parameters: 52 * 53 * data [in] - The session handle. 54 * userp [in] - The user name. 55 * passdwp [in] - The user's password. 56 * outptr [in/out] - The address where a pointer to newly allocated memory 57 * holding the result will be stored upon completion. 58 * outlen [out] - The length of the output message. 59 * 60 * Returns CURLE_OK on success. 61 */ 62 CURLcode Curl_auth_create_plain_message(struct Curl_easy *data, 63 const char *userp, 64 const char *passwdp, 65 char **outptr, size_t *outlen) 66 { 67 CURLcode result; 68 char *plainauth; 69 size_t ulen; 70 size_t plen; 71 72 ulen = strlen(userp); 73 plen = strlen(passwdp); 74 75 plainauth = malloc(2 * ulen + plen + 2); 76 if(!plainauth) { 77 *outlen = 0; 78 *outptr = NULL; 79 return CURLE_OUT_OF_MEMORY; 80 } 81 82 /* Calculate the reply */ 83 memcpy(plainauth, userp, ulen); 84 plainauth[ulen] = '\0'; 85 memcpy(plainauth + ulen + 1, userp, ulen); 86 plainauth[2 * ulen + 1] = '\0'; 87 memcpy(plainauth + 2 * ulen + 2, passwdp, plen); 88 89 /* Base64 encode the reply */ 90 result = Curl_base64_encode(data, plainauth, 2 * ulen + plen + 2, outptr, 91 outlen); 92 free(plainauth); 93 94 return result; 95 } 96 97 /* 98 * Curl_auth_create_login_message() 99 * 100 * This is used to generate an already encoded LOGIN message containing the 101 * user name or password ready for sending to the recipient. 102 * 103 * Parameters: 104 * 105 * data [in] - The session handle. 106 * valuep [in] - The user name or user's password. 107 * outptr [in/out] - The address where a pointer to newly allocated memory 108 * holding the result will be stored upon completion. 109 * outlen [out] - The length of the output message. 110 * 111 * Returns CURLE_OK on success. 112 */ 113 CURLcode Curl_auth_create_login_message(struct Curl_easy *data, 114 const char *valuep, char **outptr, 115 size_t *outlen) 116 { 117 size_t vlen = strlen(valuep); 118 119 if(!vlen) { 120 /* Calculate an empty reply */ 121 *outptr = strdup("="); 122 if(*outptr) { 123 *outlen = (size_t) 1; 124 return CURLE_OK; 125 } 126 127 *outlen = 0; 128 return CURLE_OUT_OF_MEMORY; 129 } 130 131 /* Base64 encode the value */ 132 return Curl_base64_encode(data, valuep, vlen, outptr, outlen); 133 } 134 135 /* 136 * Curl_auth_create_external_message() 137 * 138 * This is used to generate an already encoded EXTERNAL message containing 139 * the user name ready for sending to the recipient. 140 * 141 * Parameters: 142 * 143 * data [in] - The session handle. 144 * user [in] - The user name. 145 * outptr [in/out] - The address where a pointer to newly allocated memory 146 * holding the result will be stored upon completion. 147 * outlen [out] - The length of the output message. 148 * 149 * Returns CURLE_OK on success. 150 */ 151 CURLcode Curl_auth_create_external_message(struct Curl_easy *data, 152 const char *user, char **outptr, 153 size_t *outlen) 154 { 155 /* This is the same formatting as the login message */ 156 return Curl_auth_create_login_message(data, user, outptr, outlen); 157 } 158