Mercurial > hgrepos > Python2 > PyMuPDF
comparison mupdf-source/thirdparty/curl/lib/vauth/cram.c @ 2:b50eed0cc0ef upstream
ADD: MuPDF v1.26.7: the MuPDF source as downloaded by a default build of PyMuPDF 1.26.4.
The directory name has changed: no version number in the expanded directory now.
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Mon, 15 Sep 2025 11:43:07 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| 1:1d09e1dec1d9 | 2:b50eed0cc0ef |
|---|---|
| 1 /*************************************************************************** | |
| 2 * _ _ ____ _ | |
| 3 * Project ___| | | | _ \| | | |
| 4 * / __| | | | |_) | | | |
| 5 * | (__| |_| | _ <| |___ | |
| 6 * \___|\___/|_| \_\_____| | |
| 7 * | |
| 8 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al. | |
| 9 * | |
| 10 * This software is licensed as described in the file COPYING, which | |
| 11 * you should have received as part of this distribution. The terms | |
| 12 * are also available at https://curl.haxx.se/docs/copyright.html. | |
| 13 * | |
| 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell | |
| 15 * copies of the Software, and permit persons to whom the Software is | |
| 16 * furnished to do so, under the terms of the COPYING file. | |
| 17 * | |
| 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY | |
| 19 * KIND, either express or implied. | |
| 20 * | |
| 21 * RFC2195 CRAM-MD5 authentication | |
| 22 * | |
| 23 ***************************************************************************/ | |
| 24 | |
| 25 #include "curl_setup.h" | |
| 26 | |
| 27 #if !defined(CURL_DISABLE_CRYPTO_AUTH) | |
| 28 | |
| 29 #include <curl/curl.h> | |
| 30 #include "urldata.h" | |
| 31 | |
| 32 #include "vauth/vauth.h" | |
| 33 #include "curl_base64.h" | |
| 34 #include "curl_hmac.h" | |
| 35 #include "curl_md5.h" | |
| 36 #include "warnless.h" | |
| 37 #include "curl_printf.h" | |
| 38 | |
| 39 /* The last #include files should be: */ | |
| 40 #include "curl_memory.h" | |
| 41 #include "memdebug.h" | |
| 42 | |
| 43 /* | |
| 44 * Curl_auth_decode_cram_md5_message() | |
| 45 * | |
| 46 * This is used to decode an already encoded CRAM-MD5 challenge message. | |
| 47 * | |
| 48 * Parameters: | |
| 49 * | |
| 50 * chlg64 [in] - The base64 encoded challenge message. | |
| 51 * outptr [in/out] - The address where a pointer to newly allocated memory | |
| 52 * holding the result will be stored upon completion. | |
| 53 * outlen [out] - The length of the output message. | |
| 54 * | |
| 55 * Returns CURLE_OK on success. | |
| 56 */ | |
| 57 CURLcode Curl_auth_decode_cram_md5_message(const char *chlg64, char **outptr, | |
| 58 size_t *outlen) | |
| 59 { | |
| 60 CURLcode result = CURLE_OK; | |
| 61 size_t chlg64len = strlen(chlg64); | |
| 62 | |
| 63 *outptr = NULL; | |
| 64 *outlen = 0; | |
| 65 | |
| 66 /* Decode the challenge if necessary */ | |
| 67 if(chlg64len && *chlg64 != '=') | |
| 68 result = Curl_base64_decode(chlg64, (unsigned char **) outptr, outlen); | |
| 69 | |
| 70 return result; | |
| 71 } | |
| 72 | |
| 73 /* | |
| 74 * Curl_auth_create_cram_md5_message() | |
| 75 * | |
| 76 * This is used to generate an already encoded CRAM-MD5 response message ready | |
| 77 * for sending to the recipient. | |
| 78 * | |
| 79 * Parameters: | |
| 80 * | |
| 81 * data [in] - The session handle. | |
| 82 * chlg [in] - The challenge. | |
| 83 * userp [in] - The user name. | |
| 84 * passwdp [in] - The user's password. | |
| 85 * outptr [in/out] - The address where a pointer to newly allocated memory | |
| 86 * holding the result will be stored upon completion. | |
| 87 * outlen [out] - The length of the output message. | |
| 88 * | |
| 89 * Returns CURLE_OK on success. | |
| 90 */ | |
| 91 CURLcode Curl_auth_create_cram_md5_message(struct Curl_easy *data, | |
| 92 const char *chlg, | |
| 93 const char *userp, | |
| 94 const char *passwdp, | |
| 95 char **outptr, size_t *outlen) | |
| 96 { | |
| 97 CURLcode result = CURLE_OK; | |
| 98 size_t chlglen = 0; | |
| 99 HMAC_context *ctxt; | |
| 100 unsigned char digest[MD5_DIGEST_LEN]; | |
| 101 char *response; | |
| 102 | |
| 103 if(chlg) | |
| 104 chlglen = strlen(chlg); | |
| 105 | |
| 106 /* Compute the digest using the password as the key */ | |
| 107 ctxt = Curl_HMAC_init(Curl_HMAC_MD5, | |
| 108 (const unsigned char *) passwdp, | |
| 109 curlx_uztoui(strlen(passwdp))); | |
| 110 if(!ctxt) | |
| 111 return CURLE_OUT_OF_MEMORY; | |
| 112 | |
| 113 /* Update the digest with the given challenge */ | |
| 114 if(chlglen > 0) | |
| 115 Curl_HMAC_update(ctxt, (const unsigned char *) chlg, | |
| 116 curlx_uztoui(chlglen)); | |
| 117 | |
| 118 /* Finalise the digest */ | |
| 119 Curl_HMAC_final(ctxt, digest); | |
| 120 | |
| 121 /* Generate the response */ | |
| 122 response = aprintf( | |
| 123 "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", | |
| 124 userp, digest[0], digest[1], digest[2], digest[3], digest[4], | |
| 125 digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], | |
| 126 digest[11], digest[12], digest[13], digest[14], digest[15]); | |
| 127 if(!response) | |
| 128 return CURLE_OUT_OF_MEMORY; | |
| 129 | |
| 130 /* Base64 encode the response */ | |
| 131 result = Curl_base64_encode(data, response, 0, outptr, outlen); | |
| 132 | |
| 133 free(response); | |
| 134 | |
| 135 return result; | |
| 136 } | |
| 137 | |
| 138 #endif /* !CURL_DISABLE_CRYPTO_AUTH */ |