sasl: Moved ntlm authentication message handling from smtp.c

Moved the ntlm message creation and decoding from smtp.c into the sasl
module to allow for use by other modules such as pop3.
This commit is contained in:
Steve Holme 2012-06-02 11:07:58 +01:00
parent 2df6e6d9f8
commit d9ca9e9869
3 changed files with 131 additions and 31 deletions

View File

@ -28,6 +28,7 @@
#include "urldata.h"
#include "curl_base64.h"
#include "curl_ntlm_msgs.h"
#include "curl_sasl.h"
/* The last #include file should be: */
@ -113,3 +114,94 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
}
#ifdef USE_NTLM
/*
* Curl_sasl_create_ntlm_type1_message()
*
* This is used to generate an already encoded NTLM type-1 message ready for
* sending to the recipient.
*
* Note: This is a simple wrapper of the NTLM function which means that any
* SASL based protocols don't have to include the NTLM functions directly.
*
* Parameters:
*
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen)
{
return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr,
outlen);
}
/*
* Curl_sasl_decode_ntlm_type2_message()
*
* This is used to decode a ntlm type-2 message received from a recipient and
* generate the already encoded NTLM type-3 message ready for sending back.
*
* Parameters:
*
* data [in] - Pointer to session handle.
* header [in] - Pointer to the input buffer.
* userp [in] - The user name in the format User or Domain\User.
* passdwp [in] - The user's password.
* ntlm [in/out] - The ntlm data struct being used and modified.
* outptr [in/out] - The address where a pointer to newly allocated memory
* holding the result will be stored upon completion.
* outlen [out] - The length of the output message.
*
* Returns CURLE_OK on success.
*/
CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
const char *header,
const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen)
{
CURLcode result = Curl_ntlm_decode_type2_message(data, header, ntlm);
if(!result)
result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm,
outptr, outlen);
return result;
}
#endif /* USE_NTLM */
/*
* Curl_sasl_cleanup()
*
* This is used to cleanup any libraries or curl modules used by the sasl
* functions.
*
* Parameters:
*
* conn [in] - Pointer to the connection data.
* authused [in] - The authentication mechanism used.
*/
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused)
{
#ifdef USE_NTLM
/* Cleanup the ntlm structure */
if(authused == SASL_AUTH_NTLM) {
Curl_ntlm_sspi_cleanup(&conn->ntlm);
}
#else
/* Reserved for future use */
(void)conn;
(void)authused;
#endif
}

View File

@ -45,4 +45,27 @@ CURLcode Curl_sasl_create_login_message(struct SessionHandle *data,
const char* valuep, char **outptr,
size_t *outlen);
#ifdef USE_NTLM
/* This is used to generate a base64 encoded NTLM type-1 message */
CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr,
size_t *outlen);
/* This is used to decode an incoming NTLM type-2 message and generate a
base64 encoded type-3 response */
CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data,
const char *type2msg,
const char *userp,
const char *passwdp,
struct ntlmdata *ntlm,
char **outptr, size_t *outlen);
#endif /* USE_NTLM */
/* This is used to cleanup any libraries or curl modules used by the sasl
functions */
void Curl_sasl_cleanup(struct connectdata *conn, unsigned int authused);
#endif /* HEADER_CURL_SASL_H */

View File

@ -87,7 +87,6 @@
#include "curl_md5.h"
#include "curl_hmac.h"
#include "curl_gethostname.h"
#include "curl_ntlm_msgs.h"
#include "curl_sasl.h"
#include "warnless.h"
@ -383,15 +382,6 @@ static CURLcode smtp_state_helo(struct connectdata *conn)
return CURLE_OK;
}
#ifdef USE_NTLM
static CURLcode smtp_auth_ntlm_type1_message(struct connectdata *conn,
char **outptr, size_t *outlen)
{
return Curl_ntlm_create_type1_message(conn->user, conn->passwd,
&conn->ntlm, outptr, outlen);
}
#endif
static CURLcode smtp_authenticate(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
@ -431,7 +421,8 @@ static CURLcode smtp_authenticate(struct connectdata *conn)
state1 = SMTP_AUTHNTLM;
state2 = SMTP_AUTHNTLM_TYPE2MSG;
smtpc->authused = SASL_AUTH_NTLM;
result = smtp_auth_ntlm_type1_message(conn, &initresp, &len);
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
&conn->ntlm, &initresp, &len);
}
else
#endif
@ -1039,7 +1030,8 @@ static CURLcode smtp_state_auth_ntlm_resp(struct connectdata *conn,
result = CURLE_LOGIN_DENIED;
}
else {
result = smtp_auth_ntlm_type1_message(conn, &type1msg, &len);
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
&conn->ntlm, &type1msg, &len);
if(!result) {
if(type1msg) {
@ -1073,22 +1065,20 @@ static CURLcode smtp_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
result = CURLE_LOGIN_DENIED;
}
else {
result = Curl_ntlm_decode_type2_message(data, data->state.buffer + 4,
&conn->ntlm);
result = Curl_sasl_decode_ntlm_type2_message(data,
data->state.buffer + 4,
conn->user, conn->passwd,
&conn->ntlm,
&type3msg, &len);
if(!result) {
result = Curl_ntlm_create_type3_message(conn->data, conn->user,
conn->passwd, &conn->ntlm,
&type3msg, &len);
if(!result) {
if(type3msg) {
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
if(type3msg) {
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
if(!result)
state(conn, SMTP_AUTH);
}
Curl_safefree(type3msg);
if(!result)
state(conn, SMTP_AUTH);
}
Curl_safefree(type3msg);
}
}
@ -1763,12 +1753,7 @@ static CURLcode smtp_disconnect(struct connectdata *conn,
Curl_pp_disconnect(&smtpc->pp);
#ifdef USE_NTLM
/* Cleanup the ntlm structure */
if(smtpc->authused == SASL_AUTH_NTLM) {
Curl_ntlm_sspi_cleanup(&conn->ntlm);
}
#endif
Curl_sasl_cleanup(conn, smtpc->authused);
/* This won't already be freed in some error cases */
Curl_safefree(smtpc->domain);