1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2021, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 * RFC4616 PLAIN authentication
22 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
24 ***************************************************************************/
26 #include "curl_setup.h"
28 #if !defined(CURL_DISABLE_IMAP) || !defined(CURL_DISABLE_SMTP) || \
29 !defined(CURL_DISABLE_POP3)
31 #include <curl/curl.h>
34 #include "vauth/vauth.h"
39 #include "curl_printf.h"
41 /* The last #include files should be: */
42 #include "curl_memory.h"
46 * Curl_auth_create_plain_message()
48 * This is used to generate an already encoded PLAIN message ready
49 * for sending to the recipient.
53 * authzid [in] - The authorization identity.
54 * authcid [in] - The authentication identity.
55 * passwd [in] - The password.
56 * out [out] - The result storage.
58 * Returns CURLE_OK on success.
60 CURLcode Curl_auth_create_plain_message(const char *authzid,
71 zlen = (authzid == NULL ? 0 : strlen(authzid));
72 clen = strlen(authcid);
73 plen = strlen(passwd);
75 /* Compute binary message length. Check for overflows. */
76 if((zlen > SIZE_T_MAX/4) || (clen > SIZE_T_MAX/4) ||
77 (plen > (SIZE_T_MAX/2 - 2)))
78 return CURLE_OUT_OF_MEMORY;
79 plainlen = zlen + clen + plen + 2;
81 plainauth = malloc(plainlen + 1);
83 return CURLE_OUT_OF_MEMORY;
85 /* Calculate the reply */
87 memcpy(plainauth, authzid, zlen);
88 plainauth[zlen] = '\0';
89 memcpy(plainauth + zlen + 1, authcid, clen);
90 plainauth[zlen + clen + 1] = '\0';
91 memcpy(plainauth + zlen + clen + 2, passwd, plen);
92 plainauth[plainlen] = '\0';
93 Curl_bufref_set(out, plainauth, plainlen, curl_free);
98 * Curl_auth_create_login_message()
100 * This is used to generate an already encoded LOGIN message containing the
101 * user name or password ready for sending to the recipient.
105 * valuep [in] - The user name or user's password.
106 * out [out] - The result storage.
108 * Returns CURLE_OK on success.
110 CURLcode Curl_auth_create_login_message(const char *valuep, struct bufref *out)
112 Curl_bufref_set(out, valuep, strlen(valuep), NULL);
117 * Curl_auth_create_external_message()
119 * This is used to generate an already encoded EXTERNAL message containing
120 * the user name ready for sending to the recipient.
124 * user [in] - The user name.
125 * out [out] - The result storage.
127 * Returns CURLE_OK on success.
129 CURLcode Curl_auth_create_external_message(const char *user,
132 /* This is the same formatting as the login message */
133 return Curl_auth_create_login_message(user, out);
136 #endif /* if no users */