1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at https://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 * RFC4616 PLAIN authentication
22 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
24 ***************************************************************************/
26 #include "curl_setup.h"
28 #include <curl/curl.h>
31 #include "vauth/vauth.h"
32 #include "curl_base64.h"
37 #include "curl_printf.h"
39 /* The last #include files should be: */
40 #include "curl_memory.h"
44 * Curl_auth_create_plain_message()
46 * This is used to generate an already encoded PLAIN message ready
47 * for sending to the recipient.
51 * data [in] - The session handle.
52 * userp [in] - The user name.
53 * passdwp [in] - The user's password.
54 * outptr [in/out] - The address where a pointer to newly allocated memory
55 * holding the result will be stored upon completion.
56 * outlen [out] - The length of the output message.
58 * Returns CURLE_OK on success.
60 CURLcode Curl_auth_create_plain_message(struct Curl_easy *data,
63 char **outptr, size_t *outlen)
74 plen = strlen(passwdp);
76 /* Compute binary message length. Check for overflows. */
77 if((ulen > SIZE_T_MAX/2) || (plen > (SIZE_T_MAX/2 - 2)))
78 return CURLE_OUT_OF_MEMORY;
79 plainlen = 2 * ulen + plen + 2;
81 plainauth = malloc(plainlen);
83 return CURLE_OUT_OF_MEMORY;
85 /* Calculate the reply */
86 memcpy(plainauth, userp, ulen);
87 plainauth[ulen] = '\0';
88 memcpy(plainauth + ulen + 1, userp, ulen);
89 plainauth[2 * ulen + 1] = '\0';
90 memcpy(plainauth + 2 * ulen + 2, passwdp, plen);
92 /* Base64 encode the reply */
93 result = Curl_base64_encode(data, plainauth, plainlen, outptr, outlen);
100 * Curl_auth_create_login_message()
102 * This is used to generate an already encoded LOGIN message containing the
103 * user name or password ready for sending to the recipient.
107 * data [in] - The session handle.
108 * valuep [in] - The user name or user's password.
109 * outptr [in/out] - The address where a pointer to newly allocated memory
110 * holding the result will be stored upon completion.
111 * outlen [out] - The length of the output message.
113 * Returns CURLE_OK on success.
115 CURLcode Curl_auth_create_login_message(struct Curl_easy *data,
116 const char *valuep, char **outptr,
119 size_t vlen = strlen(valuep);
122 /* Calculate an empty reply */
123 *outptr = strdup("=");
125 *outlen = (size_t) 1;
130 return CURLE_OUT_OF_MEMORY;
133 /* Base64 encode the value */
134 return Curl_base64_encode(data, valuep, vlen, outptr, outlen);
138 * Curl_auth_create_external_message()
140 * This is used to generate an already encoded EXTERNAL message containing
141 * the user name ready for sending to the recipient.
145 * data [in] - The session handle.
146 * user [in] - The user name.
147 * outptr [in/out] - The address where a pointer to newly allocated memory
148 * holding the result will be stored upon completion.
149 * outlen [out] - The length of the output message.
151 * Returns CURLE_OK on success.
153 CURLcode Curl_auth_create_external_message(struct Curl_easy *data,
154 const char *user, char **outptr,
157 /* This is the same formatting as the login message */
158 return Curl_auth_create_login_message(data, user, outptr, outlen);