1/*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at https://curl.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 * SPDX-License-Identifier: curl 22 * 23 * RFC4616 PLAIN authentication 24 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt> 25 * 26 ***************************************************************************/ 27 28#include "curl_setup.h" 29 30#if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \ 31 !defined(CURL_DISABLE_POP3) || \ 32 (!defined(CURL_DISABLE_LDAP) && defined(USE_OPENLDAP)) 33 34#include <curl/curl.h> 35#include "urldata.h" 36 37#include "vauth/vauth.h" 38#include "warnless.h" 39#include "strtok.h" 40#include "sendf.h" 41#include "curl_printf.h" 42 43/* The last #include files should be: */ 44#include "curl_memory.h" 45#include "memdebug.h" 46 47/* 48 * Curl_auth_create_plain_message() 49 * 50 * This is used to generate an already encoded PLAIN message ready 51 * for sending to the recipient. 52 * 53 * Parameters: 54 * 55 * authzid [in] - The authorization identity. 56 * authcid [in] - The authentication identity. 57 * passwd [in] - The password. 58 * out [out] - The result storage. 59 * 60 * Returns CURLE_OK on success. 61 */ 62CURLcode Curl_auth_create_plain_message(const char *authzid, 63 const char *authcid, 64 const char *passwd, 65 struct bufref *out) 66{ 67 char *plainauth; 68 size_t plainlen; 69 size_t zlen; 70 size_t clen; 71 size_t plen; 72 73 zlen = (authzid == NULL ? 0 : strlen(authzid)); 74 clen = strlen(authcid); 75 plen = strlen(passwd); 76 77 /* Compute binary message length. Check for overflows. */ 78 if((zlen > SIZE_T_MAX/4) || (clen > SIZE_T_MAX/4) || 79 (plen > (SIZE_T_MAX/2 - 2))) 80 return CURLE_OUT_OF_MEMORY; 81 plainlen = zlen + clen + plen + 2; 82 83 plainauth = malloc(plainlen + 1); 84 if(!plainauth) 85 return CURLE_OUT_OF_MEMORY; 86 87 /* Calculate the reply */ 88 if(zlen) 89 memcpy(plainauth, authzid, zlen); 90 plainauth[zlen] = '\0'; 91 memcpy(plainauth + zlen + 1, authcid, clen); 92 plainauth[zlen + clen + 1] = '\0'; 93 memcpy(plainauth + zlen + clen + 2, passwd, plen); 94 plainauth[plainlen] = '\0'; 95 Curl_bufref_set(out, plainauth, plainlen, curl_free); 96 return CURLE_OK; 97} 98 99/* 100 * Curl_auth_create_login_message() 101 * 102 * This is used to generate an already encoded LOGIN message containing the 103 * user name or password ready for sending to the recipient. 104 * 105 * Parameters: 106 * 107 * valuep [in] - The user name or user's password. 108 * out [out] - The result storage. 109 * 110 * Returns CURLE_OK on success. 111 */ 112CURLcode Curl_auth_create_login_message(const char *valuep, struct bufref *out) 113{ 114 Curl_bufref_set(out, valuep, strlen(valuep), NULL); 115 return CURLE_OK; 116} 117 118/* 119 * Curl_auth_create_external_message() 120 * 121 * This is used to generate an already encoded EXTERNAL message containing 122 * the user name ready for sending to the recipient. 123 * 124 * Parameters: 125 * 126 * user [in] - The user name. 127 * out [out] - The result storage. 128 * 129 * Returns CURLE_OK on success. 130 */ 131CURLcode Curl_auth_create_external_message(const char *user, 132 struct bufref *out) 133{ 134 /* This is the same formatting as the login message */ 135 return Curl_auth_create_login_message(user, out); 136} 137 138#endif /* if no users */ 139