gsasl.c (3522B)
1 /*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) Simon Josefsson, <simon@josefsson.org>, et al. 9 * 10 * This software is licensed as described in the file COPYING, which 11 * you should have received as part of this distribution. The terms 12 * are also available at https://curl.se/docs/copyright.html. 13 * 14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 15 * copies of the Software, and permit persons to whom the Software is 16 * furnished to do so, under the terms of the COPYING file. 17 * 18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 19 * KIND, either express or implied. 20 * 21 * SPDX-License-Identifier: curl 22 * 23 * RFC5802 SCRAM-SHA-1 authentication 24 * 25 ***************************************************************************/ 26 27 #include "../curl_setup.h" 28 29 #ifdef USE_GSASL 30 31 #include <curl/curl.h> 32 33 #include "vauth.h" 34 #include "../urldata.h" 35 #include "../sendf.h" 36 37 #include <gsasl.h> 38 39 /* The last 3 #include files should be in this order */ 40 #include "../curl_printf.h" 41 #include "../curl_memory.h" 42 #include "../memdebug.h" 43 44 bool Curl_auth_gsasl_is_supported(struct Curl_easy *data, 45 const char *mech, 46 struct gsasldata *gsasl) 47 { 48 int res; 49 50 res = gsasl_init(&gsasl->ctx); 51 if(res != GSASL_OK) { 52 failf(data, "gsasl init: %s\n", gsasl_strerror(res)); 53 return FALSE; 54 } 55 56 res = gsasl_client_start(gsasl->ctx, mech, &gsasl->client); 57 if(res != GSASL_OK) { 58 gsasl_done(gsasl->ctx); 59 return FALSE; 60 } 61 62 return TRUE; 63 } 64 65 CURLcode Curl_auth_gsasl_start(struct Curl_easy *data, 66 const char *userp, 67 const char *passwdp, 68 struct gsasldata *gsasl) 69 { 70 #if GSASL_VERSION_NUMBER >= 0x010b00 71 int res; 72 res = 73 #endif 74 gsasl_property_set(gsasl->client, GSASL_AUTHID, userp); 75 #if GSASL_VERSION_NUMBER >= 0x010b00 76 if(res != GSASL_OK) { 77 failf(data, "setting AUTHID failed: %s\n", gsasl_strerror(res)); 78 return CURLE_OUT_OF_MEMORY; 79 } 80 #endif 81 82 #if GSASL_VERSION_NUMBER >= 0x010b00 83 res = 84 #endif 85 gsasl_property_set(gsasl->client, GSASL_PASSWORD, passwdp); 86 #if GSASL_VERSION_NUMBER >= 0x010b00 87 if(res != GSASL_OK) { 88 failf(data, "setting PASSWORD failed: %s\n", gsasl_strerror(res)); 89 return CURLE_OUT_OF_MEMORY; 90 } 91 #endif 92 93 (void)data; 94 95 return CURLE_OK; 96 } 97 98 CURLcode Curl_auth_gsasl_token(struct Curl_easy *data, 99 const struct bufref *chlg, 100 struct gsasldata *gsasl, 101 struct bufref *out) 102 { 103 int res; 104 char *response; 105 size_t outlen; 106 107 res = gsasl_step(gsasl->client, 108 (const char *) Curl_bufref_ptr(chlg), Curl_bufref_len(chlg), 109 &response, &outlen); 110 if(res != GSASL_OK && res != GSASL_NEEDS_MORE) { 111 failf(data, "GSASL step: %s\n", gsasl_strerror(res)); 112 return CURLE_BAD_CONTENT_ENCODING; 113 } 114 115 Curl_bufref_set(out, response, outlen, gsasl_free); 116 return CURLE_OK; 117 } 118 119 void Curl_auth_gsasl_cleanup(struct gsasldata *gsasl) 120 { 121 gsasl_finish(gsasl->client); 122 gsasl->client = NULL; 123 124 gsasl_done(gsasl->ctx); 125 gsasl->ctx = NULL; 126 } 127 #endif