[dovecot-cvs] dovecot/src/auth mech-rpa.c,1.31,1.32
tss at dovecot.org
tss at dovecot.org
Sun May 13 14:53:07 EEST 2007
- Previous message: [dovecot-cvs] dovecot/src/auth password-scheme.c,1.32,1.33
- Next message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.53, 1.54 auth-request.c, 1.98, 1.99 auth-request.h, 1.38, 1.39 auth-worker-client.c, 1.34, 1.35 mech-apop.c, 1.27, 1.28 mech-cram-md5.c, 1.29, 1.30 mech-digest-md5.c, 1.46, 1.47 mech-ntlm.c, 1.30, 1.31 mech-otp.c, 1.4, 1.5 mech-rpa.c, 1.32, 1.33 mech-skey.c, 1.4, 1.5 passdb-ldap.c, 1.62, 1.63 passdb-passwd-file.c, 1.31, 1.32 passdb.c, 1.50, 1.51 passdb.h, 1.40, 1.41 password-scheme-cram-md5.c, 1.5, NONE password-scheme-ntlm.c, 1.2, NONE password-scheme-rpa.c, 1.3, 1.4 password-scheme.c, 1.33, 1.34 password-scheme.h, 1.11, 1.12 userdb-static.c, 1.26, 1.27
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv9607
Modified Files:
mech-rpa.c
Log Message:
cleanup: use a bit less magic numbers
Index: mech-rpa.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-rpa.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -d -r1.31 -r1.32
--- mech-rpa.c 13 May 2007 08:24:06 -0000 1.31
+++ mech-rpa.c 13 May 2007 11:53:05 -0000 1.32
@@ -26,7 +26,7 @@
int phase;
/* cached: */
- unsigned char pwd_md5[16];
+ unsigned char pwd_md5[MD5_RESULTLEN];
size_t service_len;
const unsigned char *service_ucs2be;
size_t username_len;
@@ -42,7 +42,7 @@
unsigned int user_challenge_len;
unsigned char *user_challenge;
unsigned char *user_response;
- unsigned char *session_key;
+ unsigned char session_key[16];
};
#define RPA_SCHALLENGE_LEN 32
@@ -62,7 +62,7 @@
* Compute client -> server authentication response.
*/
static void rpa_user_response(struct rpa_auth_request *request,
- unsigned char *digest)
+ unsigned char digest[MD5_RESULTLEN])
{
struct md5_context ctx;
unsigned char z[48];
@@ -70,7 +70,7 @@
memset(z, 0, sizeof(z));
md5_init(&ctx);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_update(&ctx, z, sizeof(z));
md5_update(&ctx, request->username_ucs2be, request->username_len);
md5_update(&ctx, request->service_ucs2be, request->service_len);
@@ -78,7 +78,7 @@
md5_update(&ctx, request->user_challenge, request->user_challenge_len);
md5_update(&ctx, request->service_challenge, RPA_SCHALLENGE_LEN);
md5_update(&ctx, request->service_timestamp, RPA_TIMESTAMP_LEN);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_final(&ctx, digest);
}
@@ -86,17 +86,17 @@
* Compute server -> client authentication response.
*/
static void rpa_server_response(struct rpa_auth_request *request,
- unsigned char *digest)
+ unsigned char digest[MD5_RESULTLEN])
{
struct md5_context ctx;
- unsigned char tmp[16];
+ unsigned char tmp[MD5_RESULTLEN];
unsigned char z[48];
- int i;
+ unsigned int i;
memset(z, 0, sizeof(z));
md5_init(&ctx);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_update(&ctx, z, sizeof(z));
md5_update(&ctx, request->service_ucs2be, request->service_len);
md5_update(&ctx, request->username_ucs2be, request->username_len);
@@ -104,24 +104,24 @@
md5_update(&ctx, request->service_challenge, RPA_SCHALLENGE_LEN);
md5_update(&ctx, request->user_challenge, request->user_challenge_len);
md5_update(&ctx, request->service_timestamp, RPA_TIMESTAMP_LEN);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_final(&ctx, tmp);
- for (i = 0; i < 16; i++)
+ for (i = 0; i < sizeof(tmp); i++)
tmp[i] = request->session_key[i] ^ tmp[i];
md5_init(&ctx);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_update(&ctx, z, sizeof(z));
md5_update(&ctx, request->service_ucs2be, request->service_len);
md5_update(&ctx, request->username_ucs2be, request->username_len);
md5_update(&ctx, request->realm_ucs2be, request->realm_len);
- md5_update(&ctx, request->session_key, 16);
+ md5_update(&ctx, request->session_key, sizeof(request->session_key));
md5_update(&ctx, request->service_challenge, RPA_SCHALLENGE_LEN);
md5_update(&ctx, request->user_challenge, request->user_challenge_len);
md5_update(&ctx, request->service_timestamp, RPA_TIMESTAMP_LEN);
- md5_update(&ctx, tmp, 16);
- md5_update(&ctx, request->pwd_md5, 16);
+ md5_update(&ctx, tmp, sizeof(tmp));
+ md5_update(&ctx, request->pwd_md5, sizeof(request->pwd_md5));
md5_final(&ctx, digest);
}
@@ -407,9 +407,11 @@
static const unsigned char *
mech_rpa_build_token4(struct rpa_auth_request *request, size_t *size)
{
- unsigned int length = sizeof(rpa_oid) + 17 + 17 + 1;
buffer_t *buf;
- unsigned char server_response[16];
+ unsigned char server_response[MD5_RESULTLEN];
+ unsigned int length = sizeof(rpa_oid) +
+ sizeof(server_response) + 1 +
+ sizeof(request->session_key) + 1 + 1;
buf = buffer_create_dynamic(request->pool, length + 4);
@@ -418,16 +420,15 @@
buffer_append(buf, rpa_oid, sizeof(rpa_oid));
/* Generate random session key */
- request->session_key = p_malloc(request->pool, 16);
- random_fill(request->session_key, 16);
+ random_fill(request->session_key, sizeof(request->session_key));
/* Server authentication response */
rpa_server_response(request, server_response);
- buffer_append_c(buf, 16);
- buffer_append(buf, server_response, 16);
+ buffer_append_c(buf, sizeof(server_response));
+ buffer_append(buf, server_response, sizeof(server_response));
- buffer_append_c(buf, 16);
- buffer_append(buf, request->session_key, 16);
+ buffer_append_c(buf, sizeof(request->session_key));
+ buffer_append(buf, request->session_key, sizeof(request->session_key));
/* Status, 0 - success */
buffer_append_c(buf, 0);
@@ -439,18 +440,19 @@
static bool verify_credentials(struct rpa_auth_request *request,
const char *credentials)
{
- unsigned char response[16];
+ unsigned char response[MD5_RESULTLEN];
buffer_t *hash_buffer;
- if (strlen(credentials) != 32)
+ if (strlen(credentials) != sizeof(request->pwd_md5)*2)
return FALSE;
- hash_buffer = buffer_create_data(request->pool, request->pwd_md5, 16);
+ hash_buffer = buffer_create_data(request->pool, request->pwd_md5,
+ sizeof(request->pwd_md5));
if (hex_to_binary(credentials, hash_buffer) < 0)
return FALSE;
rpa_user_response(request, response);
- return memcmp(response, request->user_response, 16) == 0;
+ return memcmp(response, request->user_response, sizeof(response)) == 0;
}
static void
@@ -578,7 +580,7 @@
(struct rpa_auth_request *)auth_request;
if (request->pwd_md5 != NULL)
- safe_memset(request->pwd_md5, 0, 16);
+ safe_memset(request->pwd_md5, 0, sizeof(request->pwd_md5));
pool_unref(auth_request->pool);
}
- Previous message: [dovecot-cvs] dovecot/src/auth password-scheme.c,1.32,1.33
- Next message: [dovecot-cvs] dovecot/src/auth Makefile.am, 1.53, 1.54 auth-request.c, 1.98, 1.99 auth-request.h, 1.38, 1.39 auth-worker-client.c, 1.34, 1.35 mech-apop.c, 1.27, 1.28 mech-cram-md5.c, 1.29, 1.30 mech-digest-md5.c, 1.46, 1.47 mech-ntlm.c, 1.30, 1.31 mech-otp.c, 1.4, 1.5 mech-rpa.c, 1.32, 1.33 mech-skey.c, 1.4, 1.5 passdb-ldap.c, 1.62, 1.63 passdb-passwd-file.c, 1.31, 1.32 passdb.c, 1.50, 1.51 passdb.h, 1.40, 1.41 password-scheme-cram-md5.c, 1.5, NONE password-scheme-ntlm.c, 1.2, NONE password-scheme-rpa.c, 1.3, 1.4 password-scheme.c, 1.33, 1.34 password-scheme.h, 1.11, 1.12 userdb-static.c, 1.26, 1.27
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the dovecot-cvs
mailing list