dovecot/core-2.2: src/auth/mech-rpa.c annotate

annotate src/auth/mech-rpa.c @ 2708:f1e9f3ec8135 HEAD

Buffer API change: we no longer support limited sized buffers where writes past limit wouldn't kill the process. They weren't used hardly anywhere, they could have hidden bugs and the code for handling them was too complex. This also changed base64 and hex-binary APIs.

author	Timo Sirainen <tss@iki.fi>
date	Fri, 08 Oct 2004 20:51:47 +0300
parents	6ba9dcff11b9
children	0f31778d3c34

rev	line source
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	1 /*
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	2 * Compuserve RPA authentication mechanism.
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	3 *
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	4 * Copyright (c) 2004 Andrey Panin <pazke@donpac.ru>
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	5 *
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	6 * This program is free software; you can redistribute it and/or modify
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	7 * it under the terms of the GNU Lesser General Public License as published
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	8 * by the Free Software Foundation; either version 2 of the License, or
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	9 * (at your option) any later version.
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	10 */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	11
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	12 #include "common.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	13 #include "mech.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	14 #include "passdb.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	15 #include "str.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	16 #include "strfuncs.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	17 #include "safe-memset.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	18 #include "randgen.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	19 #include "buffer.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	20 #include "hostpid.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	21 #include "hex-binary.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	22 #include "md5.h"
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	23
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	24 struct rpa_auth_request {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	25 struct auth_request auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	26
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	27 pool_t pool;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	28
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	29 int phase;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	30
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	31 /* cached: */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	32 unsigned char *pwd_md5;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	33 size_t service_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	34 const unsigned char *service_ucs2be;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	35 size_t username_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	36 const unsigned char *username_ucs2be;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	37 size_t realm_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	38 const unsigned char *realm_ucs2be;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	39
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	40 /* requested: */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	41 unsigned char *service_challenge;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	42 unsigned char *service_timestamp;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	43
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	44 /* received: */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	45 unsigned int user_challenge_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	46 unsigned char *user_challenge;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	47 unsigned char *user_response;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	48 unsigned char *session_key;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	49 };
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	50
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	51 #define RPA_SCHALLENGE_LEN 32
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	52 #define RPA_UCHALLENGE_LEN 16
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	53 #define RPA_TIMESTAMP_LEN 14
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	54
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	55 #define ASN1_APPLICATION 0x60
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	56
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	57 /* Object id encoded using ASN.1 DER */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	58 static const unsigned char rpa_oid[] = {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	59 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x73, 0x01, 0x01
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	60 };
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	61
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	62 void ucs2be_str(pool_t pool, const char str, size_t *size);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	63
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	64 /*
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	65 * Compute client -> server authentication response.
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	66 */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	67 static void rpa_user_response(struct rpa_auth_request *auth,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	68 unsigned char *digest)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	69 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	70 struct md5_context ctx;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	71 unsigned char z[48];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	72
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	73 memset(z, 0, sizeof(z));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	74
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	75 md5_init(&ctx);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	76 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	77 md5_update(&ctx, z, sizeof(z));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	78 md5_update(&ctx, auth->username_ucs2be, auth->username_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	79 md5_update(&ctx, auth->service_ucs2be, auth->service_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	80 md5_update(&ctx, auth->realm_ucs2be, auth->realm_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	81 md5_update(&ctx, auth->user_challenge, auth->user_challenge_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	82 md5_update(&ctx, auth->service_challenge, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	83 md5_update(&ctx, auth->service_timestamp, RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	84 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	85 md5_final(&ctx, digest);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	86 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	87
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	88 /*
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	89 * Compute server -> client authentication response.
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	90 */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	91 static void rpa_server_response(struct rpa_auth_request *auth,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	92 unsigned char *digest)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	93 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	94 struct md5_context ctx;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	95 unsigned char tmp[16];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	96 unsigned char z[48];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	97 int i;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	98
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	99 memset(z, 0, sizeof(z));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	100
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	101 md5_init(&ctx);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	102 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	103 md5_update(&ctx, z, sizeof(z));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	104 md5_update(&ctx, auth->service_ucs2be, auth->service_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	105 md5_update(&ctx, auth->username_ucs2be, auth->username_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	106 md5_update(&ctx, auth->realm_ucs2be, auth->realm_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	107 md5_update(&ctx, auth->service_challenge, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	108 md5_update(&ctx, auth->user_challenge, auth->user_challenge_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	109 md5_update(&ctx, auth->service_timestamp, RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	110 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	111 md5_final(&ctx, tmp);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	112
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	113 for (i = 0; i < 16; i++)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	114 tmp[i] = auth->session_key[i] ^ tmp[i];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	115
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	116 md5_init(&ctx);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	117 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	118 md5_update(&ctx, z, sizeof(z));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	119 md5_update(&ctx, auth->service_ucs2be, auth->service_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	120 md5_update(&ctx, auth->username_ucs2be, auth->username_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	121 md5_update(&ctx, auth->realm_ucs2be, auth->realm_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	122 md5_update(&ctx, auth->session_key, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	123 md5_update(&ctx, auth->service_challenge, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	124 md5_update(&ctx, auth->user_challenge, auth->user_challenge_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	125 md5_update(&ctx, auth->service_timestamp, RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	126 md5_update(&ctx, tmp, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	127 md5_update(&ctx, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	128 md5_final(&ctx, digest);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	129 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	130
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	131 static const unsigned char *
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	132 rpa_check_message(const unsigned char data, const unsigned char end,
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	133 const char **error)
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	134 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	135 const unsigned char *p = data;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	136 unsigned int len = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	137
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	138 if (p + 2 > end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	139 *error = "message too short";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	140 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	141 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	142
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	143 if (*p++ != ASN1_APPLICATION) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	144 *error = "invalid data type";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	145 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	146 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	147
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	148 if ((*p & 0x80) != 0) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	149 unsigned int nbytes = *p++ & 0x7f;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	150
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	151 while (nbytes-- > 0) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	152 if (p >= end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	153 *error = "invalid structure length";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	154 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	155 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	156
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	157 len = (len << 8) \| *p++;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	158 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	159 } else
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	160 len = *p++;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	161
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	162 if ((size_t)(end - p) != len) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	163 *error = "structure length disagrees with data size";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	164 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	165 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	166
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	167 if (p + sizeof(rpa_oid) > end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	168 *error = "not enough space for object id";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	169 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	170 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	171
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	172 if (memcmp(p, rpa_oid, sizeof(rpa_oid)) != 0) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	173 *error = "invalid object id";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	174 return NULL;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	175 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	176
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	177 return p + sizeof(rpa_oid);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	178 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	179
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	180 static int
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	181 rpa_parse_token1(const void data, size_t data_size, const char *error)
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	182 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	183 const unsigned char end = ((unsigned char ) data) + data_size;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	184 const unsigned char *p;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	185 unsigned int version_lo, version_hi;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	186
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	187 p = rpa_check_message(data, end, error);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	188 if (p == NULL)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	189 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	190
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	191 if (p + 6 > end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	192 *error = "message too short";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	193 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	194 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	195
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	196 version_lo = p[0] + (p[1] << 8);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	197 version_hi = p[2] + (p[3] << 8);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	198
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	199 if ((version_lo > 3) \|\| (version_hi < 3)) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	200 *error = "protocol version mismatch";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	201 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	202 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	203 p += 4;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	204
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	205 if ((p[0] != 0) \|\| (p[1] != 1)) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	206 *error = "invalid message flags";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	207 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	208 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	209 p += 2;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	210
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	211 if (p != end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	212 *error = "unneeded data found";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	213 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	214 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	215
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	216 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	217 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	218
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	219 static unsigned int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	220 rpa_read_buffer(pool_t pool, const unsigned char **data,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	221 const unsigned char end, unsigned char *buffer)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	222 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	223 const unsigned char p = data;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	224 unsigned int len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	225
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	226 if (p > end)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	227 return 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	228
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	229 len = *p++;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	230 if (p + len > end)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	231 return 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	232
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	233 *buffer = p_malloc(pool, len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	234 memcpy(*buffer, p, len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	235
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	236 *data += 1 + len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	237
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	238 return len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	239 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	240
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	241 static char *
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	242 rpa_parse_username(pool_t pool, const char *username)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	243 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	244 const char *p = strrchr(username, '@');
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	245
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	246 return p == NULL ? p_strdup(pool, username) :
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	247 p_strdup_until(pool, username, p);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	248 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	249
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	250 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	251 rpa_parse_token3(struct rpa_auth_request auth, const void data,
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	252 size_t data_size, const char **error)
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	253 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	254 struct auth_request auth_request = (struct auth_request )auth;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	255 const unsigned char end = ((unsigned char )data) + data_size;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	256 const unsigned char *p;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	257 unsigned int len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	258 const char *user;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	259
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	260 p = rpa_check_message(data, end, error);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	261 if (p == NULL)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	262 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	263
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	264 /* Read username@realm */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	265 if (p + 2 > end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	266 *error = "message too short";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	267 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	268 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	269
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	270 len = (p[0] >> 8) + p[1];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	271 if (p + 2 + len > end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	272 *error = "message too short";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	273 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	274 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	275 p += 2;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	276
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	277 user = t_strndup(p, len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	278 p += len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	279
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	280 auth_request->user = rpa_parse_username(auth->pool, user);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	281
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	282 auth->username_ucs2be = ucs2be_str(auth->pool, auth_request->user,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	283 &auth->username_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	284
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	285 /* Read user challenge */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	286 auth->user_challenge_len = rpa_read_buffer(auth->pool, &p, end,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	287 &auth->user_challenge);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	288 if (auth->user_challenge_len == 0) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	289 *error = "invalid user challenge";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	290 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	291 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	292
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	293 /* Read user response */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	294 len = rpa_read_buffer(auth->pool, &p, end, &auth->user_response);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	295 if (len != RPA_UCHALLENGE_LEN) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	296 *error = "invalid user response";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	297 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	298 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	299
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	300 if (p != end) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	301 *error = "unneeded data found";
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	302 return FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	303 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	304
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	305 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	306 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	307
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	308 static void
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	309 buffer_append_asn1_length(buffer_t *buf, unsigned int length)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	310 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	311 if (length < 0x80) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	312 buffer_append_c(buf, length);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	313 } else if (length < 0x100) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	314 buffer_append_c(buf, 0x81);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	315 buffer_append_c(buf, length);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	316 } else {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	317 buffer_append_c(buf, 0x82);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	318 buffer_append_c(buf, length >> 8);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	319 buffer_append_c(buf, length & 0xff);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	320 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	321 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	322
2629 6ba9dcff11b9 Compiler warning fixes and cleanups Timo Sirainen <tss@iki.fi> parents: 2522 diff changeset	323 static const unsigned char *
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	324 mech_rpa_build_token2(struct rpa_auth_request *auth,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	325 const char realms, size_t size)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	326 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	327 unsigned int realms_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	328 unsigned int length;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	329 buffer_t *buf;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	330 unsigned char timestamp[RPA_TIMESTAMP_LEN / 2];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	331
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	332 realms_len = strlen(realms);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	333 length = sizeof(rpa_oid) + 3 + RPA_SCHALLENGE_LEN +
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	334 RPA_TIMESTAMP_LEN + 2 + realms_len;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	335
2708 f1e9f3ec8135 Buffer API change: we no longer support limited sized buffers where Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	336 buf = buffer_create_dynamic(auth->pool, length + 4);
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	337
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	338 buffer_append_c(buf, ASN1_APPLICATION);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	339 buffer_append_asn1_length(buf, length);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	340 buffer_append(buf, rpa_oid, sizeof(rpa_oid));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	341
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	342 /* Protocol version */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	343 buffer_append_c(buf, 3);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	344 buffer_append_c(buf, 0);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	345
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	346 /* Service challenge */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	347 auth->service_challenge = p_malloc(auth->pool, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	348 random_fill(auth->service_challenge, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	349 buffer_append_c(buf, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	350 buffer_append(buf, auth->service_challenge, RPA_SCHALLENGE_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	351
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	352 /* Timestamp, looks like clients accept anything we send */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	353 random_fill(timestamp, sizeof(timestamp));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	354 auth->service_timestamp = p_malloc(auth->pool, RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	355 memcpy(auth->service_timestamp,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	356 binary_to_hex(timestamp, sizeof(timestamp)),
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	357 RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	358 buffer_append(buf, auth->service_timestamp, RPA_TIMESTAMP_LEN);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	359
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	360 /* Realm list */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	361 buffer_append_c(buf, realms_len >> 8);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	362 buffer_append_c(buf, realms_len & 0xff);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	363 buffer_append(buf, realms, realms_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	364
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	365 *size = buffer_get_used_size(buf);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	366 return buffer_free_without_data(buf);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	367 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	368
2629 6ba9dcff11b9 Compiler warning fixes and cleanups Timo Sirainen <tss@iki.fi> parents: 2522 diff changeset	369 static const unsigned char *
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	370 mech_rpa_build_token4(struct rpa_auth_request auth, size_t size)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	371 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	372 unsigned int length = sizeof(rpa_oid) + 17 + 17 + 1;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	373 buffer_t *buf;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	374 unsigned char server_response[16];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	375
2708 f1e9f3ec8135 Buffer API change: we no longer support limited sized buffers where Timo Sirainen <tss@iki.fi> parents: 2629 diff changeset	376 buf = buffer_create_dynamic(auth->pool, length + 4);
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	377
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	378 buffer_append_c(buf, ASN1_APPLICATION);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	379 buffer_append_asn1_length(buf, length);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	380 buffer_append(buf, rpa_oid, sizeof(rpa_oid));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	381
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	382 /* Generate random session key */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	383 auth->session_key = p_malloc(auth->pool, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	384 random_fill(auth->session_key, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	385
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	386 /* Server authentication response */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	387 rpa_server_response(auth, server_response);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	388 buffer_append_c(buf, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	389 buffer_append(buf, server_response, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	390
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	391 buffer_append_c(buf, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	392 buffer_append(buf, auth->session_key, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	393
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	394 /* Status, 0 - success */
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	395 buffer_append_c(buf, 0);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	396
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	397 *size = buffer_get_used_size(buf);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	398 return buffer_free_without_data(buf);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	399 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	400
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	401 static void
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	402 rpa_credentials_callback(const char *credentials,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	403 struct auth_request *auth_request)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	404 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	405 struct rpa_auth_request *auth =
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	406 (struct rpa_auth_request *)auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	407 buffer_t *hash_buffer;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	408
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	409 if (credentials == NULL)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	410 return;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	411
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	412 auth->pwd_md5 = p_malloc(auth->pool, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	413
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	414 hash_buffer = buffer_create_data(auth->pool, auth->pwd_md5, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	415
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	416 hex_to_binary(credentials, hash_buffer);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	417 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	418
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	419 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	420 mech_rpa_auth_phase1(struct auth_request *auth_request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	421 const unsigned char *data, size_t data_size,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	422 mech_callback_t *callback)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	423 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	424 struct rpa_auth_request *auth =
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	425 (struct rpa_auth_request *)auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	426 struct auth_client_request_reply reply;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	427 const unsigned char *token2;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	428 size_t token2_size;
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	429 const char service, error;
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	430
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	431 if (!rpa_parse_token1(data, data_size, &error)) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	432 if (verbose) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	433 i_info("rpa(%s): invalid token 1, %s",
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	434 get_log_prefix(auth_request), error);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	435 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	436 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	437 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	438 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	439
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	440 service = t_str_lcase(auth_request->protocol);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	441
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	442 token2 = mech_rpa_build_token2(auth, t_strconcat(service, "@",
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	443 my_hostname, NULL), &token2_size);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	444
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	445 auth->service_ucs2be = ucs2be_str(auth->pool, service,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	446 &auth->service_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	447 auth->realm_ucs2be = ucs2be_str(auth->pool, my_hostname,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	448 &auth->realm_len);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	449
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	450 mech_init_auth_client_reply(&reply);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	451 reply.id = auth_request->id;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	452 reply.result = AUTH_CLIENT_RESULT_CONTINUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	453
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	454 reply.reply_idx = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	455 reply.data_size = token2_size;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	456 callback(&reply, token2, auth_request->conn);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	457
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	458 auth->phase = 1;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	459
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	460 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	461 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	462
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	463 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	464 mech_rpa_auth_phase2(struct auth_request *auth_request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	465 const unsigned char *data, size_t data_size,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	466 mech_callback_t *callback)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	467 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	468 struct rpa_auth_request *auth =
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	469 (struct rpa_auth_request *)auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	470 struct auth_client_request_reply reply;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	471 unsigned char response[16];
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	472 const unsigned char *token4;
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	473 const char *error;
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	474 size_t token4_size;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	475
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	476 if (!rpa_parse_token3(auth, data, data_size, &error)) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	477 if (verbose) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	478 i_info("rpa(%s): invalid token 3, %s",
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	479 get_log_prefix(auth_request), error);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	480 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	481 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	482 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	483 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	484
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	485 if (!mech_fix_username(auth_request->user, &error)) {
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	486 if (verbose) {
2522 a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	487 i_info("rpa(%s): %s",
a07fb16b9a24 Changed "invalid username" error message. Timo Sirainen <tss@iki.fi> parents: 2510 diff changeset	488 get_log_prefix(auth_request), error);
2428 abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	489 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	490 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	491 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	492 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	493
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	494 passdb->lookup_credentials(auth_request, PASSDB_CREDENTIALS_RPA,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	495 rpa_credentials_callback);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	496 if (auth->pwd_md5 == NULL) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	497 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	498 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	499 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	500
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	501 rpa_user_response(auth, response);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	502 if (memcmp(response, auth->user_response, 16) != 0) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	503 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	504 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	505 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	506
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	507 token4 = mech_rpa_build_token4(auth, &token4_size);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	508
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	509 mech_init_auth_client_reply(&reply);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	510 reply.id = auth_request->id;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	511 reply.result = AUTH_CLIENT_RESULT_CONTINUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	512
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	513 reply.reply_idx = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	514 reply.data_size = token4_size;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	515 callback(&reply, token4, auth_request->conn);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	516
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	517 auth->phase = 2;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	518
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	519 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	520 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	521
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	522 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	523 mech_rpa_auth_phase3(struct auth_request *auth_request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	524 const unsigned char *data, size_t data_size,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	525 mech_callback_t *callback __attr_unused__)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	526 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	527 static const unsigned char client_ack[3] = { 0x60, 0x01, 0x00 };
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	528 int ret = TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	529
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	530 if ((data_size != sizeof(client_ack)) \|\|
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	531 (memcmp(data, client_ack, sizeof(client_ack)) != 0)) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	532 if (verbose) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	533 i_info("rpa(%s): invalid token 5 or client rejects us",
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	534 get_log_prefix(auth_request));
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	535 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	536 ret = FALSE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	537 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	538
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	539 mech_auth_finish(auth_request, NULL, 0, ret);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	540 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	541 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	542
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	543 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	544 mech_rpa_auth_continue(struct auth_request *auth_request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	545 const unsigned char *data, size_t data_size,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	546 mech_callback_t *callback)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	547 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	548 struct rpa_auth_request *auth =
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	549 (struct rpa_auth_request *)auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	550
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	551 auth_request->callback = callback;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	552
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	553 switch (auth->phase) {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	554 case 0: return mech_rpa_auth_phase1(auth_request, data,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	555 data_size, callback);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	556 case 1: return mech_rpa_auth_phase2(auth_request, data,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	557 data_size, callback);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	558 case 2: return mech_rpa_auth_phase3(auth_request, data,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	559 data_size, callback);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	560 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	561
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	562 mech_auth_finish(auth_request, NULL, 0, FALSE);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	563 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	564 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	565
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	566 static int
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	567 mech_rpa_auth_initial(struct auth_request *auth_request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	568 struct auth_client_request_new *request,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	569 const unsigned char *data __attr_unused__,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	570 mech_callback_t *callback)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	571 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	572 struct auth_client_request_reply reply;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	573
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	574 mech_init_auth_client_reply(&reply);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	575 reply.id = request->id;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	576 reply.result = AUTH_CLIENT_RESULT_CONTINUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	577
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	578 reply.reply_idx = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	579 reply.data_size = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	580 callback(&reply, "", auth_request->conn);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	581
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	582 return TRUE;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	583 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	584
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	585 static void
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	586 mech_rpa_auth_free(struct auth_request *auth_request)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	587 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	588 struct rpa_auth_request *auth =
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	589 (struct rpa_auth_request *)auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	590
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	591 if (auth->pwd_md5 != NULL)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	592 safe_memset(auth->pwd_md5, 0, 16);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	593
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	594 pool_unref(auth_request->pool);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	595 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	596
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	597 static struct auth_request *mech_rpa_auth_new(void)
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	598 {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	599 struct rpa_auth_request *auth;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	600 pool_t pool;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	601
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	602 pool = pool_alloconly_create("rpa_auth_request", 256);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	603 auth = p_new(pool, struct rpa_auth_request, 1);
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	604 auth->pool = pool;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	605 auth->phase = 0;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	606
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	607 auth->auth_request.refcount = 1;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	608 auth->auth_request.pool = pool;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	609 auth->auth_request.auth_initial = mech_rpa_auth_initial;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	610 auth->auth_request.auth_continue = mech_rpa_auth_continue;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	611 auth->auth_request.auth_free = mech_rpa_auth_free;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	612
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	613 return &auth->auth_request;
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	614 }
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	615
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	616 const struct mech_module mech_rpa = {
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	617 "RPA",
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	618
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	619 MEMBER(plaintext) FALSE,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	620 MEMBER(advertise) TRUE,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	621
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	622 MEMBER(passdb_need_plain) FALSE,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	623 MEMBER(passdb_need_credentials) TRUE,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	624
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	625 mech_rpa_auth_new,
abef2ac8843a Added Compuserve RPA authentication. Patch by Andrey Panin. Timo Sirainen <tss@iki.fi> parents: diff changeset	626 };

Mercurial > dovecot > core-2.2

annotate src/auth/mech-rpa.c @ 2708:f1e9f3ec8135 HEAD