|
auth_cram
auth_cram
/*
* Copyright (C) 1999-2000 Brendan Cully
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
*/
/* IMAP login/authentication code */
#include "mutt.h"
#include "imap_private.h"
#include "auth.h"
#include "md5.h"
#define MD5_BLOCK_LEN 64
#define MD5_DIGEST_LEN 16
/* forward declarations */
static void hmac_md5 (const char* password, char* challenge,
unsigned char* response);
/* imap_auth_cram_md5: AUTH=CRAM-MD5 support. */
imap_auth_res_t imap_auth_cram_md5 (IMAP_DATA* idata, const char* method)
{
char ibuf[LONG_STRING*2], obuf[LONG_STRING];
unsigned char hmac_response[MD5_DIGEST_LEN];
int len;
int rc;
if (!mutt_bit_isset (idata->capabilities, ACRAM_MD5))
return IMAP_AUTH_UNAVAIL;
mutt_message _("Authenticating (CRAM-MD5)...");
/* get auth info */
if (mutt_account_getuser (&idata->conn->account))
return IMAP_AUTH_FAILURE;
if (mutt_account_getpass (&idata->conn->account))
return IMAP_AUTH_FAILURE;
imap_cmd_start (idata, "AUTHENTICATE CRAM-MD5");
/* From RFC 2195:
* The data encoded in the first ready response contains a presumptively
* arbitrary string of random digits, a timestamp, and the fully-qualified
* primary host name of the server. The syntax of the unencoded form must
* correspond to that of an RFC 822 'msg-id' [RFC822] as described in [POP3].
*/
do
rc = imap_cmd_step (idata);
while (rc == IMAP_CMD_CONTINUE);
if (rc != IMAP_CMD_RESPOND)
{
dprint (1, (debugfile, "Invalid response from server: %s\n", ibuf));
goto bail;
}
if ((len = mutt_from_base64 (obuf, idata->cmd.buf + 2)) == -1)
{
dprint (1, (debugfile, "Error decoding base64 response.\n"));
goto bail;
}
obuf[len] = '\0';
dprint (2, (debugfile, "CRAM challenge: %s\n", obuf));
/* The client makes note of the data and then responds with a string
* consisting of the user name, a space, and a 'digest'. The latter is
* computed by applying the keyed MD5 algorithm from [KEYED-MD5] where the
* key is a shared secret and the digested text is the timestamp (including
* angle-brackets).
*
* Note: The user name shouldn't be quoted. Since the digest can't contain
* spaces, there is no ambiguity. Some servers get this wrong, we'll work
* around them when the bug report comes in. Until then, we'll remain
* blissfully RFC-compliant.
*/
hmac_md5 (idata->conn->account.pass, obuf, hmac_response);
/* dubious optimisation I saw elsewhere: make the whole string in one call */
snprintf (obuf, sizeof (obuf),
"%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
idata->conn->account.user,
hmac_response[0], hmac_response[1], hmac_response[2], hmac_response[3],
hmac_response[4], hmac_response[5], hmac_response[6], hmac_response[7],
hmac_response[8], hmac_response[9], hmac_response[10], hmac_response[11],
hmac_response[12], hmac_response[13], hmac_response[14], hmac_response[15]);
dprint(2, (debugfile, "CRAM response: %s\n", obuf));
/* XXX - ibuf must be long enough to store the base64 encoding of obuf,
* plus the additional debris
*/
mutt_to_base64 ((unsigned char*) ibuf, (unsigned char*) obuf, strlen (obuf),
sizeof (ibuf) - 2);
strncat (ibuf, "\r\n", sizeof (ibuf));
mutt_socket_write (idata->conn, ibuf);
do
rc = imap_cmd_step (idata);
while (rc == IMAP_CMD_CONTINUE);
if (rc != IMAP_CMD_OK)
{
dprint (1, (debugfile, "Error receiving server response.\n"));
goto bail;
}
if (imap_code (idata->cmd.buf))
return IMAP_AUTH_SUCCESS;
bail:
mutt_error _("CRAM-MD5 authentication failed.");
mutt_sleep (2);
return IMAP_AUTH_FAILURE;
}
/* hmac_md5: produce CRAM-MD5 challenge response. */
static void hmac_md5 (const char* password, char* challenge,
unsigned char* response)
{
MD5_CTX ctx;
unsigned char ipad[MD5_BLOCK_LEN], opad[MD5_BLOCK_LEN];
unsigned char secret[MD5_BLOCK_LEN+1];
unsigned char hash_passwd[MD5_DIGEST_LEN];
unsigned int secret_len, chal_len;
int i;
secret_len = strlen (password);
chal_len = strlen (challenge);
/* passwords longer than MD5_BLOCK_LEN bytes are substituted with their MD5
* digests */
if (secret_len > MD5_BLOCK_LEN)
{
MD5Init (&ctx);
MD5Update (&ctx, (unsigned char*) password, secret_len);
MD5Final (hash_passwd, &ctx);
strfcpy ((char*) secret, (char*) hash_passwd, MD5_DIGEST_LEN);
secret_len = MD5_DIGEST_LEN;
}
else
strfcpy ((char *) secret, password, sizeof (secret));
memset (ipad, 0, sizeof (ipad));
memset (opad, 0, sizeof (opad));
memcpy (ipad, secret, secret_len);
memcpy (opad, secret, secret_len);
for (i = 0; i < MD5_BLOCK_LEN; i++)
{
ipad[i] ^= 0x36;
opad[i] ^= 0x5c;
}
/* inner hash: challenge and ipadded secret */
MD5Init (&ctx);
MD5Update (&ctx, ipad, MD5_BLOCK_LEN);
MD5Update (&ctx, (unsigned char*) challenge, chal_len);
MD5Final (response, &ctx);
/* outer hash: inner hash and opadded secret */
MD5Init (&ctx);
MD5Update (&ctx, opad, MD5_BLOCK_LEN);
MD5Update (&ctx, response, MD5_DIGEST_LEN);
MD5Final (response, &ctx);
}
Domain Registration New Zealand
/*
* Copyright (C) 1996-2000 Michael R. Elkins
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
*/
/*
* This file is named mutt_menu.h so it doesn't collide with ncurses menu.h
*/
#include "keymap.h"
#include "mutt_regex.h"
#define REDRAW_INDEX (1)
#define REDRAW_MOTION (1<<1)
#define REDRAW_MOTION_RESYNCH (1<<2)
#define REDRAW_CURRENT (1<<3)
#define REDRAW_STATUS (1<<4)
#define REDRAW_FULL (1<<5)
#define REDRAW_BODY (1<<6)
#define REDRAW_SIGWINCH (1<<7)
#define M_MODEFMT "-- Mutt: %s"
typedef struct menu_t
{
char *title; /* the title of this menu */
char *help; /* quickref for the current menu */
void *data; /* extra data for the current menu */
int current; /* current entry */
int max; /* the number of entries in the menu */
int redraw; /* when to redraw the screen */
int menu; /* menu definition for keymap entries. */
int offset; /* which screen row to start the index */
int pagelen; /* number of entries per screen */
int tagprefix;
/* Setting dialog != NULL overrides normal menu behaviour.
* In dialog mode menubar is hidden and prompt keys are checked before
* normal menu movement keys. This can cause problems with scrolling, if
* prompt keys override movement keys.
*/
char **dialog; /* dialog lines themselves */
char *prompt; /* prompt for user, similar to mutt_multi_choice */
char *keys; /* keys used in the prompt */
/* callback to generate an index line for the requested element */
void (*make_entry) (char *, size_t, struct menu_t *, int);
/* how to search the menu */
int (*search) (struct menu_t *, regex_t *re, int n);
int (*tag) (struct menu_t *, int i, int m);
/* color pair to be used for the requested element
* (default function returns ColorDefs[MT_COLOR_NORMAL])
*/
int (*color) (int i);
/* the following are used only by mutt_menuLoop() */
int top; /* entry that is the top of the current page */
int oldcurrent; /* for driver use only. */
char *searchBuf; /* last search pattern */
int searchDir; /* direction of search */
int tagged; /* number of tagged entries */
} MUTTMENU;
void menu_jump (MUTTMENU *);
void menu_redraw_full (MUTTMENU *);
void menu_redraw_index (MUTTMENU *);
void menu_redraw_status (MUTTMENU *);
void menu_redraw_motion (MUTTMENU *);
void menu_redraw_current (MUTTMENU *);
void menu_first_entry (MUTTMENU *);
void menu_last_entry (MUTTMENU *);
void menu_top_page (MUTTMENU *);
void menu_bottom_page (MUTTMENU *);
void menu_middle_page (MUTTMENU *);
void menu_next_page (MUTTMENU *);
void menu_prev_page (MUTTMENU *);
void menu_next_line (MUTTMENU *);
void menu_prev_line (MUTTMENU *);
void menu_half_up (MUTTMENU *);
void menu_half_down (MUTTMENU *);
void menu_current_top (MUTTMENU *);
void menu_current_middle (MUTTMENU *);
void menu_current_bottom (MUTTMENU *);
void menu_check_recenter (MUTTMENU *);
void menu_status_line (char *, size_t, MUTTMENU *, const char *);
MUTTMENU *mutt_new_menu (void);
void mutt_menuDestroy (MUTTMENU **);
int mutt_menuLoop (MUTTMENU *);
/* used in both the index and pager index to make an entry. */
void index_make_entry (char *, size_t, struct menu_t *, int);
int index_color (int);
Page:
1
2
3
4
5
6
7
8
9
10
Register Domain Name NZ
Domain Hosting
Register Domain Name NZ
Cheap Domain Hosting
|
