aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrick Monnerat <pm@datasphere.ch>2014-12-05 16:11:07 +0100
committerPatrick Monnerat <pm@datasphere.ch>2014-12-05 18:42:39 +0100
commit9b0b9f209e11c7562761214e5cc6801b2bbbaf2e (patch)
tree21054d0affd450e4d227f9780eecac52376143ae
parentadbee7ecf5097c2aba37548e88e3163b313fdda3 (diff)
OS400: enable NTLM authentication
-rw-r--r--lib/config-os400.h3
-rw-r--r--lib/curl_md4.h8
-rw-r--r--lib/curl_ntlm_core.c26
-rw-r--r--lib/curl_setup.h3
-rw-r--r--lib/md4.c8
-rw-r--r--packages/OS400/make-lib.sh7
6 files changed, 42 insertions, 13 deletions
diff --git a/lib/config-os400.h b/lib/config-os400.h
index 14c685ae7..1e622281d 100644
--- a/lib/config-os400.h
+++ b/lib/config-os400.h
@@ -540,6 +540,9 @@
/* Define to use the GSKit package. */
#define USE_GSKIT
+/* Define to use the OS/400 crypto library. */
+#define USE_OS400CRYPTO
+
/* Define to use Unix sockets. */
#define USE_UNIX_SOCKETS
diff --git a/lib/curl_md4.h b/lib/curl_md4.h
index b0be9cf6c..c26649f44 100644
--- a/lib/curl_md4.h
+++ b/lib/curl_md4.h
@@ -24,10 +24,10 @@
#include "curl_setup.h"
-/* NSS crypto library does not provide the MD4 hash algorithm, so that we have
- * a local implementation of it */
-#ifdef USE_NSS
+/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so
+ * that we have a local implementation of it */
+#if defined(USE_NSS) || defined(USE_OS400CRYPTO)
void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);
-#endif /* USE_NSS */
+#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */
#endif /* HEADER_CURL_MD4_H */
diff --git a/lib/curl_ntlm_core.c b/lib/curl_ntlm_core.c
index 68c82cad1..21fb37550 100644
--- a/lib/curl_ntlm_core.c
+++ b/lib/curl_ntlm_core.c
@@ -87,6 +87,9 @@
# include <CommonCrypto/CommonCryptor.h>
# include <CommonCrypto/CommonDigest.h>
+#elif defined(USE_OS400CRYPTO)
+# include "cipher.mih" /* mih/cipher */
+# include "curl_md4.h"
#else
# error "Can't compile NTLM support without a crypto library."
#endif
@@ -249,7 +252,22 @@ static bool encrypt_des(const unsigned char *in, unsigned char *out,
return err == kCCSuccess;
}
-#endif /* defined(USE_DARWINSSL) */
+#elif defined(USE_OS400CRYPTO)
+
+static bool encrypt_des(const unsigned char *in, unsigned char *out,
+ const unsigned char *key_56)
+{
+ char key[8];
+ _CIPHER_Control_T ctl;
+
+ ctl.Func_ID = ENCRYPT_ONLY;
+ ctl.Data_Len = 8;
+ extend_key_56_to_64(key_56, ctl.Crypto_Key);
+ _CIPHER((_SPCPTR *) &out, &ctl, (_SPCPTR *) &in);
+ return TRUE;
+}
+
+#endif /* defined(USE_OS400CRYPTO) */
#endif /* defined(USE_SSLEAY) */
@@ -301,7 +319,7 @@ void Curl_ntlm_core_lm_resp(const unsigned char *keys,
setup_des_key(keys + 14, &des);
gcry_cipher_encrypt(des, results + 16, 8, plaintext, 8);
gcry_cipher_close(des);
-#elif defined(USE_NSS) || defined(USE_DARWINSSL)
+#elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO)
encrypt_des(plaintext, results, keys);
encrypt_des(plaintext, results + 8, keys + 7);
encrypt_des(plaintext, results + 16, keys + 14);
@@ -364,7 +382,7 @@ CURLcode Curl_ntlm_core_mk_lm_hash(struct SessionHandle *data,
setup_des_key(pw + 7, &des);
gcry_cipher_encrypt(des, lmbuffer + 8, 8, magic, 8);
gcry_cipher_close(des);
-#elif defined(USE_NSS) || defined(USE_DARWINSSL)
+#elif defined(USE_NSS) || defined(USE_DARWINSSL) || defined(USE_OS400CRYPTO)
encrypt_des(magic, lmbuffer, pw);
encrypt_des(magic, lmbuffer + 8, pw + 7);
#endif
@@ -455,7 +473,7 @@ CURLcode Curl_ntlm_core_mk_nt_hash(struct SessionHandle *data,
gcry_md_write(MD4pw, pw, 2 * len);
memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH);
gcry_md_close(MD4pw);
-#elif defined(USE_NSS)
+#elif defined(USE_NSS) || defined(USE_OS400CRYPTO)
Curl_md4it(ntbuffer, pw, 2 * len);
#elif defined(USE_DARWINSSL)
(void)CC_MD4(pw, (CC_LONG)(2 * len), ntbuffer);
diff --git a/lib/curl_setup.h b/lib/curl_setup.h
index a82855989..6370e80f5 100644
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@@ -623,7 +623,8 @@ int netware_init(void);
/* Single point where USE_NTLM definition might be defined */
#if !defined(CURL_DISABLE_NTLM) && !defined(CURL_DISABLE_CRYPTO_AUTH)
#if defined(USE_SSLEAY) || defined(USE_WINDOWS_SSPI) || \
- defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL)
+ defined(USE_GNUTLS) || defined(USE_NSS) || defined(USE_DARWINSSL) || \
+ defined(USE_OS400CRYPTO)
#define USE_NTLM
#endif
#endif
diff --git a/lib/md4.c b/lib/md4.c
index 6930e021a..fd0c6d4ab 100644
--- a/lib/md4.c
+++ b/lib/md4.c
@@ -22,9 +22,9 @@
#include "curl_setup.h"
-/* NSS crypto library does not provide the MD4 hash algorithm, so that we have
- * a local implementation of it */
-#ifdef USE_NSS
+/* NSS and OS/400 crypto library do not provide the MD4 hash algorithm, so
+ * that we have a local implementation of it */
+#if defined(USE_NSS) || defined(USE_OS400CRYPTO)
#include "curl_md4.h"
#include "warnless.h"
@@ -279,4 +279,4 @@ void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len)
MD4Update(&ctx, input, curlx_uztoui(len));
MD4Final(output, &ctx);
}
-#endif /* USE_NSS */
+#endif /* defined(USE_NSS) || defined(USE_OS400CRYPTO) */
diff --git a/packages/OS400/make-lib.sh b/packages/OS400/make-lib.sh
index d987207f9..a4e505935 100644
--- a/packages/OS400/make-lib.sh
+++ b/packages/OS400/make-lib.sh
@@ -7,6 +7,13 @@ SCRIPTDIR=`dirname "${0}"`
. "${SCRIPTDIR}/initscript.sh"
cd "${TOPDIR}/lib"
+# Need to have IFS access to the mih/cipher header file.
+
+if action_needed cipher.mih '/QSYS.LIB/QSYSINC.LIB/MIH.FILE/CIPHER.MBR'
+then rm -f cipher.mih
+ ln -s '/QSYS.LIB/QSYSINC.LIB/MIH.FILE/CIPHER.MBR' cipher.mih
+fi
+
# Create and compile the identification source file.