From f68559c086b74e092f72b72641d3a1a043cfa636 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sun, 27 Oct 2013 22:20:18 +0000 Subject: email: Added support for cancelling NTLM authentication --- lib/curl_sasl.c | 52 +++++++++++++++++++++++++++++++++------------------- lib/curl_sasl.h | 9 ++++++--- lib/imap.c | 26 +++++++++++++++++--------- lib/pop3.c | 26 +++++++++++++++++--------- lib/smtp.c | 26 +++++++++++++++++--------- 5 files changed, 90 insertions(+), 49 deletions(-) (limited to 'lib') diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index c06494678..2ef81992d 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -270,7 +270,7 @@ CURLcode Curl_sasl_create_cram_md5_message(struct SessionHandle *data, * * Parameters: * - * chlg64 [in] - Pointer to the base64 encoded challenge buffer. + * chlg64 [in] - Pointer to the base64 encoded challenge message. * nonce [in/out] - The buffer where the nonce will be stored. * nlen [in] - The length of the nonce buffer. * realm [in/out] - The buffer where the realm will be stored. @@ -488,8 +488,36 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, struct ntlmdata *ntlm, char **outptr, size_t *outlen) { - return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr, - outlen); + return Curl_ntlm_create_type1_message(userp, passwdp, ntlm, outptr, outlen); +} + +/* + * Curl_sasl_decode_ntlm_type2_message() + * + * This is used to decode an already encoded NTLM type-2 message. + * + * Parameters: + * + * data [in] - Pointer to session handle. + * type2msg [in] - Pointer to the base64 encoded type-2 message. + * ntlm [in/out] - The ntlm data struct being used and modified. + * + * Returns CURLE_OK on success. + */ +CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, + const char *type2msg, + struct ntlmdata *ntlm) +{ +#ifdef USE_NSS + CURLcode result; + + /* make sure the crypto backend is initialized */ + result = Curl_nss_force_init(data); + if(result) + return result; +#endif + + return Curl_ntlm_decode_type2_message(data, type2msg, ntlm); } /* @@ -501,7 +529,6 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, * Parameters: * * data [in] - Pointer to session handle. - * header [in] - Pointer to the base64 encoded type-2 message buffer. * userp [in] - The user name in the format User or Domain\User. * passdwp [in] - The user's password. * ntlm [in/out] - The ntlm data struct being used and modified. @@ -512,26 +539,13 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, * Returns CURLE_OK on success. */ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, - const char *header, const char *userp, const char *passwdp, struct ntlmdata *ntlm, char **outptr, size_t *outlen) { - CURLcode result; -#ifdef USE_NSS - /* make sure the crypto backend is initialized */ - result = Curl_nss_force_init(data); - if(result) - return result; -#endif - result = Curl_ntlm_decode_type2_message(data, header, ntlm); - - if(!result) - result = Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm, - outptr, outlen); - - return result; + return Curl_ntlm_create_type3_message(data, userp, passwdp, ntlm, outptr, + outlen); } #endif /* USE_NTLM */ diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h index 06b9ea271..120e551d5 100644 --- a/lib/curl_sasl.h +++ b/lib/curl_sasl.h @@ -101,10 +101,13 @@ CURLcode Curl_sasl_create_ntlm_type1_message(const char *userp, char **outptr, size_t *outlen); -/* This is used to decode an incoming NTLM type-2 message and generate a - base64 encoded type-3 response */ +/* This is used to decode a base64 encoded NTLM type-2 message */ +CURLcode Curl_sasl_decode_ntlm_type2_message(struct SessionHandle *data, + const char *type2msg, + struct ntlmdata *ntlm); + +/* This is used to generate a base64 encoded NTLM type-3 message */ CURLcode Curl_sasl_create_ntlm_type3_message(struct SessionHandle *data, - const char *header, const char *userp, const char *passwdp, struct ntlmdata *ntlm, diff --git a/lib/imap.c b/lib/imap.c index 9fa737b39..c11e43bd6 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -1290,24 +1290,32 @@ static CURLcode imap_state_auth_ntlm_type2msg_resp(struct connectdata *conn, /* Get the challenge message */ imap_get_message(data->state.buffer, &type2msg); - /* Create the type-3 message */ - result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, - conn->passwd, &conn->ntlm, - &type3msg, &len); + /* Decode the type-2 message */ + result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm); + if(result) { + /* Send the cancellation */ + result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*"); - /* Send the message */ - if(!result) { - if(type3msg) { + if(!result) + state(conn, IMAP_AUTHENTICATE_CANCEL); + } + else { + /* Create the type-3 message */ + result = Curl_sasl_create_ntlm_type3_message(data, conn->user, + conn->passwd, &conn->ntlm, + &type3msg, &len); + if(!result && type3msg) { + /* Send the message */ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type3msg); if(!result) state(conn, IMAP_AUTHENTICATE_FINAL); } - - Curl_safefree(type3msg); } } + Curl_safefree(type3msg); + return result; } #endif diff --git a/lib/pop3.c b/lib/pop3.c index cd7a4a4d3..b22d66e05 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -1148,24 +1148,32 @@ static CURLcode pop3_state_auth_ntlm_type2msg_resp(struct connectdata *conn, /* Get the type-2 message */ pop3_get_message(data->state.buffer, &type2msg); - /* Create the type-3 message */ - result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, - conn->passwd, &conn->ntlm, - &type3msg, &len); + /* Decode the type-2 message */ + result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm); + if(result) { + /* Send the cancellation */ + result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*"); - /* Send the message */ - if(!result) { - if(type3msg) { + if(!result) + state(conn, POP3_AUTH_CANCEL); + } + else { + /* Create the type-3 message */ + result = Curl_sasl_create_ntlm_type3_message(data, conn->user, + conn->passwd, &conn->ntlm, + &type3msg, &len); + if(!result && type3msg) { + /* Send the message */ result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type3msg); if(!result) state(conn, POP3_AUTH_FINAL); } - - Curl_safefree(type3msg); } } + Curl_safefree(type3msg); + return result; } #endif diff --git a/lib/smtp.c b/lib/smtp.c index 54688bcd9..19fe4ff6e 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -1129,24 +1129,32 @@ static CURLcode smtp_state_auth_ntlm_type2msg_resp(struct connectdata *conn, /* Get the type-2 message */ smtp_get_message(data->state.buffer, &type2msg); - /* Create the type-3 message */ - result = Curl_sasl_create_ntlm_type3_message(data, type2msg, conn->user, - conn->passwd, &conn->ntlm, - &type3msg, &len); + /* Decode the type-2 message */ + result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm); + if(result) { + /* Send the cancellation */ + result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*"); - /* Send the message */ - if(!result) { - if(type3msg) { + if(!result) + state(conn, SMTP_AUTH_CANCEL); + } + else { + /* Create the type-3 message */ + result = Curl_sasl_create_ntlm_type3_message(data, conn->user, + conn->passwd, &conn->ntlm, + &type3msg, &len); + if(!result && type3msg) { + /* Send the message */ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg); if(!result) state(conn, SMTP_AUTH_FINAL); } - - Curl_safefree(type3msg); } } + Curl_safefree(type3msg); + return result; } #endif -- cgit v1.2.3