/*
+ * Copyright notice from original mutt:
* Copyright (C) 1999-2000 Brendan Cully <brendan@kublai.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
- */
+ *
+ * This file is part of mutt-ng, see http://www.muttng.org/.
+ * It's licensed under the GNU General Public License,
+ * please see the file GPL in the top level source directory.
+ */
/* IMAP login/authentication code */
#include "mutt.h"
#include "imap_private.h"
#include "auth.h"
-#include "md5.h"
#define MD5_BLOCK_LEN 64
#define MD5_DIGEST_LEN 16
+#include <lib-lib/macros.h>
+#include <lib-hash/hash.h>
+#include "lib/debug.h"
+
/* forward declarations */
-static void hmac_md5 (const char* password, char* challenge,
- unsigned char* response);
+static void hmac_md5 (const char *password, char *challenge,
+ unsigned char *response);
/* imap_auth_cram_md5: AUTH=CRAM-MD5 support. */
-imap_auth_res_t imap_auth_cram_md5 (IMAP_DATA* idata, const char* method)
+imap_auth_res_t imap_auth_cram_md5 (IMAP_DATA * idata, const char *method)
{
- char ibuf[LONG_STRING*2], obuf[LONG_STRING];
+ char ibuf[LONG_STRING * 2], obuf[LONG_STRING];
unsigned char hmac_response[MD5_DIGEST_LEN];
int len;
int rc;
mutt_message _("Authenticating (CRAM-MD5)...");
/* get auth info */
- if (mutt_account_getuser (&idata->conn->account))
+ if (mutt_account_getlogin (&idata->conn->account))
return IMAP_AUTH_FAILURE;
if (mutt_account_getpass (&idata->conn->account))
return IMAP_AUTH_FAILURE;
do
rc = imap_cmd_step (idata);
while (rc == IMAP_CMD_CONTINUE);
-
- if (rc != IMAP_CMD_RESPOND)
- {
- dprint (1, (debugfile, "Invalid response from server: %s\n", ibuf));
+
+ if (rc != IMAP_CMD_RESPOND) {
+ debug_print (1, ("Invalid response from server: %s\n", ibuf));
goto bail;
}
- if ((len = mutt_from_base64 (obuf, idata->cmd.buf + 2)) == -1)
- {
- dprint (1, (debugfile, "Error decoding base64 response.\n"));
+ if ((len = mutt_from_base64 (obuf, idata->cmd.buf + 2)) == -1) {
+ debug_print (1, ("Error decoding base64 response.\n"));
goto bail;
}
obuf[len] = '\0';
- dprint (2, (debugfile, "CRAM challenge: %s\n", obuf));
+ debug_print (2, ("CRAM challenge: %s\n", obuf));
/* The client makes note of the data and then responds with a string
* consisting of the user name, a space, and a 'digest'. The latter is
hmac_md5 (idata->conn->account.pass, obuf, hmac_response);
/* dubious optimisation I saw elsewhere: make the whole string in one call */
snprintf (obuf, sizeof (obuf),
- "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
- idata->conn->account.user,
- hmac_response[0], hmac_response[1], hmac_response[2], hmac_response[3],
- hmac_response[4], hmac_response[5], hmac_response[6], hmac_response[7],
- hmac_response[8], hmac_response[9], hmac_response[10], hmac_response[11],
- hmac_response[12], hmac_response[13], hmac_response[14], hmac_response[15]);
- dprint(2, (debugfile, "CRAM response: %s\n", obuf));
+ "%s %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
+ idata->conn->account.user,
+ hmac_response[0], hmac_response[1], hmac_response[2],
+ hmac_response[3], hmac_response[4], hmac_response[5],
+ hmac_response[6], hmac_response[7], hmac_response[8],
+ hmac_response[9], hmac_response[10], hmac_response[11],
+ hmac_response[12], hmac_response[13], hmac_response[14],
+ hmac_response[15]);
+ debug_print (2, ("CRAM response: %s\n", obuf));
/* XXX - ibuf must be long enough to store the base64 encoding of obuf,
* plus the additional debris
*/
-
- mutt_to_base64 ((unsigned char*) ibuf, (unsigned char*) obuf, strlen (obuf),
- sizeof (ibuf) - 2);
- safe_strcat (ibuf, sizeof (ibuf), "\r\n");
+
+ mutt_to_base64 ((unsigned char *) ibuf, (unsigned char *) obuf,
+ m_strlen(obuf), sizeof (ibuf) - 2);
+ m_strcat(ibuf, sizeof(ibuf), "\r\n");
mutt_socket_write (idata->conn, ibuf);
do
rc = imap_cmd_step (idata);
while (rc == IMAP_CMD_CONTINUE);
- if (rc != IMAP_CMD_OK)
- {
- dprint (1, (debugfile, "Error receiving server response.\n"));
+ if (rc != IMAP_CMD_OK) {
+ debug_print (1, ("Error receiving server response.\n"));
goto bail;
}
if (imap_code (idata->cmd.buf))
return IMAP_AUTH_SUCCESS;
- bail:
+bail:
mutt_error _("CRAM-MD5 authentication failed.");
mutt_sleep (2);
return IMAP_AUTH_FAILURE;
}
/* hmac_md5: produce CRAM-MD5 challenge response. */
-static void hmac_md5 (const char* password, char* challenge,
- unsigned char* response)
+static void hmac_md5 (const char *password, char *challenge,
+ unsigned char *response)
{
MD5_CTX ctx;
unsigned char ipad[MD5_BLOCK_LEN], opad[MD5_BLOCK_LEN];
- unsigned char secret[MD5_BLOCK_LEN+1];
+ unsigned char secret[MD5_BLOCK_LEN + 1];
unsigned char hash_passwd[MD5_DIGEST_LEN];
unsigned int secret_len, chal_len;
int i;
- secret_len = strlen (password);
- chal_len = strlen (challenge);
+ secret_len = m_strlen(password);
+ chal_len = m_strlen(challenge);
/* passwords longer than MD5_BLOCK_LEN bytes are substituted with their MD5
* digests */
- if (secret_len > MD5_BLOCK_LEN)
- {
+ if (secret_len > MD5_BLOCK_LEN) {
MD5Init (&ctx);
- MD5Update (&ctx, (unsigned char*) password, secret_len);
+ MD5Update (&ctx, (unsigned char *) password, secret_len);
MD5Final (hash_passwd, &ctx);
- strfcpy ((char*) secret, (char*) hash_passwd, MD5_DIGEST_LEN);
+ m_strcpy((char *)secret, MD5_DIGEST_LEN, (char *)hash_passwd);
secret_len = MD5_DIGEST_LEN;
}
else
- strfcpy ((char *) secret, password, sizeof (secret));
+ m_strcpy((char *)secret, sizeof(secret), password);
- memset (ipad, 0, sizeof (ipad));
- memset (opad, 0, sizeof (opad));
+ p_clear(ipad, 1);
+ p_clear(opad, 1);
memcpy (ipad, secret, secret_len);
memcpy (opad, secret, secret_len);
- for (i = 0; i < MD5_BLOCK_LEN; i++)
- {
+ for (i = 0; i < MD5_BLOCK_LEN; i++) {
ipad[i] ^= 0x36;
opad[i] ^= 0x5c;
}
/* inner hash: challenge and ipadded secret */
MD5Init (&ctx);
MD5Update (&ctx, ipad, MD5_BLOCK_LEN);
- MD5Update (&ctx, (unsigned char*) challenge, chal_len);
+ MD5Update (&ctx, (unsigned char *) challenge, chal_len);
MD5Final (response, &ctx);
/* outer hash: inner hash and opadded secret */