diff options
Diffstat (limited to 'branches/1.0/tinyHTTP/src/auth/thttp_auth.c')
-rw-r--r-- | branches/1.0/tinyHTTP/src/auth/thttp_auth.c | 234 |
1 files changed, 0 insertions, 234 deletions
diff --git a/branches/1.0/tinyHTTP/src/auth/thttp_auth.c b/branches/1.0/tinyHTTP/src/auth/thttp_auth.c deleted file mode 100644 index 3b996ba..0000000 --- a/branches/1.0/tinyHTTP/src/auth/thttp_auth.c +++ /dev/null @@ -1,234 +0,0 @@ -/* -* Copyright (C) 2009-2010 Mamadou Diop. -* -* Contact: Mamadou Diop <diopmamadou(at)doubango.org> -* -* This file is part of Open Source Doubango Framework. -* -* DOUBANGO is free software: you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation, either version 3 of the License, or -* (at your option) any later version. -* -* DOUBANGO is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with DOUBANGO. -* -*/ -/**@file thttp_auth.c - * @brief HTTP basic/digest authetication (RFC 2617) implementations. - * - * @author Mamadou Diop <diopmamadou(at)doubango.org> - * - * @date Created: Sat Nov 8 16:54:58 2009 mdiop - */ -#include "tinyhttp/auth/thttp_auth.h" - -#include "tsk_string.h" -#include "tsk_base64.h" -#include "tsk_buffer.h" -#include "tsk_memory.h" - -#include <string.h> - -/**@defgroup thttp_auth_group HTTP basic/digest authentication (RFC 2617) -*/ - -/**@ingroup thttp_auth_group - * - * Generates HTTP-basic response as per RFC 2617. - * - * @param [in,out] userid The user-id. - * @param [in,out] password The user-password. - * @param [in,out] response A pointer to the response. It will be up to the caller to free the newly allocated buffer. - * - * @return The size of the response. -**/ -tsk_size_t thttp_auth_basic_response(const char* userid, const char* password, char** response) -{ - tsk_size_t ret; - - /* RFC 2617 - 2 Basic Authentication Scheme - - To receive authorization, the client sends the userid and password, - separated by a single colon (":") character, within a base64 [7] - encoded string in the credentials. - */ - - char *res = 0; - tsk_sprintf(&res, "%s:%s", userid, password); - ret = tsk_base64_encode((const uint8_t*)res, tsk_strlen(res), response); - TSK_FREE(res); - - return ret; -} - - -/**@ingroup thttp_auth_group - * Generates digest HA1 value as per RFC 2617 subclause 3.2.2.2. - * - * - * @param [in,out] username The user's name (unquoted) in the specified @a realm. - * @param [in,out] realm The realm. (unquoted) - * @param [in,out] password The user's password. - * @param [in,out] ha1 A pointer to the result. - * - * @return Zero if succeed and non-zero error code otherwise. -**/ -int thttp_auth_digest_HA1(const char* username, const char* realm, const char* password, tsk_md5string_t* ha1) -{ - int ret; - - /* RFC 2617 - 3.2.2.2 A1 - A1 = unq(username-value) ":" unq(realm-value) ":" passwd - */ - char *a1 = 0; - tsk_sprintf(&a1, "%s:%s:%s", username, realm, password); - ret = tsk_md5compute(a1, tsk_strlen(a1), ha1); - TSK_FREE(a1); - - return ret; -} - -/**@ingroup thttp_auth_group - * - * Generates digest HA1 value for 'MD5-sess' algo as per RFC 2617 subclause 3.2.2.2. - * - * - * @param [in,out] username The user's name (unquoted) in the specified @a realm. - * @param [in,out] realm The realm (unquoted). - * @param [in,out] password The user's password. - * @param [in,out] nonce The nonce (unquoted). - * @param [in,out] cnonce The client nonce (unquoted). - * @param [in,out] ha1sess A pointer to the result. - * - * @return Zero if succeed and non-zero error code otherwise. -**/ -int thttp_auth_digest_HA1sess(const char* username, const char* realm, const char* password, const char* nonce, const char* cnonce, tsk_md5string_t* ha1sess) -{ - int ret; - - /* RFC 2617 - 3.2.2.2 A1 - A1 = H( unq(username-value) ":" unq(realm-value) - ":" passwd ) - ":" unq(nonce-value) ":" unq(cnonce-value) - */ - - char *a1sess = 0; - tsk_sprintf(&a1sess, "%s:%s:%s:%s:%s", username, realm, password, nonce, cnonce); - ret = tsk_md5compute(a1sess, tsk_strlen(a1sess), ha1sess); - TSK_FREE(a1sess); - - return ret; -} - -/**@ingroup thttp_auth_group - * Generates digest HA2 value as per RFC 2617 subclause 3.2.2.3. - * - * - * @param [in,out] method The HTTP/SIP method name. - * @param [in,out] url The HTTP URL or SIP URI of the request. - * @param [in,out] entity_body The entity body. - * @param [in,out] qop The Quality Of Protection. - * @param [in,out] ha2 A pointer to the response. - * - * @return Zero if succeed and non-zero error code otherwise. -**/ -int thttp_auth_digest_HA2(const char* method, const char* url, const tsk_buffer_t* entity_body, const char* qop, tsk_md5string_t* ha2) -{ - int ret; - /* RFC 2617 - 3.2.2.3 A2 - - If the "qop" directive's value is "auth" or is unspecified, then A2 - is: - A2 = Method ":" digest-url-value - - If the "qop" value is "auth-int", then A2 is: - A2 = Method ":" digest-url-value ":" H(entity-body) - */ - - char *a2 = 0; - - if(!qop || tsk_strempty(qop) || tsk_striequals(qop, "auth")){ - tsk_sprintf(&a2, "%s:%s", method, url); - } - else if(tsk_striequals(qop, "auth-int")) - { - if(entity_body && entity_body->data){ - tsk_md5string_t hEntity; - if((ret = tsk_md5compute(entity_body->data, entity_body->size, &hEntity))){ - goto bail; - } - tsk_sprintf(&a2, "%s:%s:%s", method, url, hEntity); - } - else{ - tsk_sprintf(&a2, "%s:%s:%s", method, url, TSK_MD5_EMPTY); - } - } - - ret = tsk_md5compute(a2, tsk_strlen(a2), ha2); - -bail: - TSK_FREE(a2); - - return ret; -} - - -/**@ingroup thttp_auth_group - * - * Generates HTTP digest response as per RFC 2617 subclause 3.2.2.1. - * - * @param [in,out] ha1 HA1 string generated using @ref thttp_auth_digest_HA1 or @ref thttp_auth_digest_HA1sess. - * @param [in,out] nonce The nonce value. - * @param [in,out] noncecount The nonce count. - * @param [in,out] cnonce The client nounce (unquoted). - * @param [in,out] qop The Quality Of Protection (unquoted). - * @param [in,out] ha2 HA2 string generated using @ref thttp_auth_digest_HA2. - * @param [in,out] response A pointer to the response. - * - * @return Zero if succeed and non-zero error code otherwise. -**/ -int thttp_auth_digest_response(const tsk_md5string_t *ha1, const char* nonce, const nonce_count_t noncecount, const char* cnonce, - const char* qop, const tsk_md5string_t* ha2, tsk_md5string_t* response) -{ - int ret; - - /* RFC 2617 3.2.2.1 Request-Digest - - ============ CASE 1 ============ - If the "qop" value is "auth" or "auth-int": - request-digest = <"> < KD ( H(A1), unq(nonce-value) - ":" nc-value - ":" unq(cnonce-value) - ":" unq(qop-value) - ":" H(A2) - ) <"> - ============ CASE 2 ============ - If the "qop" directive is not present (this construction is for - compatibility with RFC 2069): - request-digest = - <"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) > - <"> - */ - - char *res = 0; - - if(tsk_striequals(qop, "auth") || tsk_striequals(qop, "auth-int")){ - /* CASE 1 */ - tsk_sprintf(&res, "%s:%s:%s:%s:%s:%s", *ha1, nonce, noncecount, cnonce, qop, *ha2); - } - else{ - /* CASE 2 */ - tsk_sprintf(&res, "%s:%s:%s", *ha1, nonce, *ha2); - } - - ret = tsk_md5compute(res, tsk_strlen(res), response); - TSK_FREE(res); - - return ret; -} |