4 * $Id: saslutil.c,v 1.44.2.1 2009/04/27 17:47:17 murch Exp $
7 * Copyright (c) 1998-2003 Carnegie Mellon University. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. The name "Carnegie Mellon University" must not be used to
22 * endorse or promote products derived from this software without
23 * prior written permission. For permission or any other legal
24 * details, please contact
25 * Office of Technology Transfer
26 * Carnegie Mellon University
28 * Pittsburgh, PA 15213-3890
29 * (412) 268-4387, fax: (412) 268-7395
30 * tech-transfer@andrew.cmu.edu
32 * 4. Redistributions of any form whatsoever must retain the following
34 * "This product includes software developed by Computing Services
35 * at Carnegie Mellon University (http://www.cmu.edu/computing/)."
37 * CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO
38 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
39 * AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE
40 * FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
41 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
42 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
43 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
51 #include <sys/types.h>
82 unsigned short pool[RPOOL_SIZE];
83 /* since the init time might be really bad let's make this lazy */
87 #define CHAR64(c) (((c) < 0 || (c) > 127) ? -1 : index_64[(c)])
89 static char basis_64[] =
90 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????";
92 static char index_64[128] = {
93 -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
94 -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
95 -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
96 52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1,-1,-1,-1,
97 -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10, 11,12,13,14,
98 15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
99 -1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
100 41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1
105 * inlen -- input data length
106 * out -- output buffer (will be NUL terminated)
107 * outmax -- max size of output buffer
109 * outlen -- gets actual length of output buffer (optional)
111 * Returns SASL_OK on success, SASL_BUFOVER if result won't fit
114 int sasl_encode64(const char *_in, unsigned inlen,
115 char *_out, unsigned outmax, unsigned *outlen)
117 const unsigned char *in = (const unsigned char *)_in;
118 unsigned char *out = (unsigned char *)_out;
124 if ((inlen >0) && (in == NULL)) return SASL_BADPARAM;
127 olen = (inlen + 2) / 3 * 4;
131 if (outmax <= olen) {
138 /* user provided max buffer size; make sure we don't go over it */
139 *out++ = basis_64[in[0] >> 2];
140 *out++ = basis_64[((in[0] << 4) & 0x30) | (in[1] >> 4)];
141 *out++ = basis_64[((in[1] << 2) & 0x3c) | (in[2] >> 6)];
142 *out++ = basis_64[in[2] & 0x3f];
147 /* user provided max buffer size; make sure we don't go over it */
148 *out++ = basis_64[in[0] >> 2];
149 oval = (in[0] << 4) & 0x30;
150 if (inlen > 1) oval |= in[1] >> 4;
151 *out++ = basis_64[oval];
152 *out++ = (inlen < 2) ? '=' : basis_64[(in[1] << 2) & 0x3c];
163 * inlen -- length of input data
164 * out -- output data (may be same as in, must have enough space)
165 * outmax -- max size of output buffer
167 * outlen -- actual output length
170 * SASL_BADPROT on bad base64,
171 * SASL_BUFOVER if result won't fit,
172 * SASL_CONTINUE on a partial block,
176 int sasl_decode64(const char *in,
179 unsigned outmax, /* size of the buffer, not counting the NUL */
187 /* check parameters */
188 if (out == NULL) return SASL_FAIL;
190 if (inlen > 0 && *in == '\r') return SASL_FAIL;
193 /* No data is valid after an '=' character */
198 for (j = 0; j < 4; j++) {
204 if (CHAR64(c[0]) == -1 || CHAR64(c[1]) == -1) return SASL_BADPROT;
205 if (c[2] != '=' && CHAR64(c[2]) == -1) return SASL_BADPROT;
206 if (c[3] != '=' && CHAR64(c[3]) == -1) return SASL_BADPROT;
207 /* No data is valid after a '=' character, unless it is another '=' */
208 if (c[2] == '=' && c[3] != '=') return SASL_BADPROT;
209 if (c[2] == '=' || c[3] == '=') {
213 *out++ = (CHAR64(c[0]) << 2) | (CHAR64(c[1]) >> 4);
214 if (++len >= outmax) return SASL_BUFOVER;
216 *out++ = ((CHAR64(c[1]) << 4) & 0xf0) | (CHAR64(c[2]) >> 2);
217 if (++len >= outmax) return SASL_BUFOVER;
219 *out++ = ((CHAR64(c[2]) << 6) & 0xc0) | CHAR64(c[3]);
220 if (++len >= outmax) return SASL_BUFOVER;
227 /* Unless there is CRLF at the end? */
230 return (SASL_CONTINUE);
234 *out = '\0'; /* NUL terminate the output string */
236 if (outlen) *outlen = len;
241 /* make a challenge string (NUL terminated)
242 * buf -- buffer for result
243 * maxlen -- max length of result
244 * hostflag -- 0 = don't include hostname, 1 = include hostname
245 * returns final length or 0 if not enough space
248 int sasl_mkchal(sasl_conn_t *conn,
253 sasl_rand_t *pool = NULL;
254 unsigned long randnum;
260 + (2 * 20); /* 2 numbers, 20 => max size of 64bit
261 * ulong in base 10 */
262 if (hostflag && conn->serverFQDN)
263 len += (unsigned) strlen(conn->serverFQDN) + 1 /* for the @ */;
268 ret = sasl_randcreate(&pool);
269 if(ret != SASL_OK) return 0; /* xxx sasl return code? */
271 sasl_rand(pool, (char *)&randnum, sizeof(randnum));
272 sasl_randfree(&pool);
276 if (hostflag && conn->serverFQDN)
277 snprintf(buf,maxlen, "<%lu.%lu@%s>", randnum, now, conn->serverFQDN);
279 snprintf(buf,maxlen, "<%lu.%lu>", randnum, now);
281 return (int) strlen(buf);
284 /* borrowed from larry. probably works :)
285 * probably is also in acap server somewhere
287 int sasl_utf8verify(const char *str, unsigned len)
290 for (i = 0; i < len; i++) {
291 /* how many octets? */
293 while (str[i] & (0x80 >> seqlen)) ++seqlen;
294 if (seqlen == 0) continue; /* this is a valid US-ASCII char */
295 if (seqlen == 1) return SASL_BADPROT; /* this shouldn't happen here */
296 if (seqlen > 6) return SASL_BADPROT; /* illegal */
298 if ((str[++i] & 0xC0) != 0xF0) return SASL_BADPROT; /* needed a 10 octet */
304 * To see why this is really bad see RFC 1750
306 * unfortunatly there currently is no way to make
307 * cryptographically secure pseudo random numbers
308 * without specialized hardware etc...
309 * thus, this is for nonce use only
311 void getranddata(unsigned short ret[RPOOL_SIZE])
315 memset(ret, 0, RPOOL_SIZE*sizeof(unsigned short));
321 fd = open(DEV_RANDOM, O_RDONLY);
323 unsigned char *buf = (unsigned char *)ret;
324 ssize_t bytesread = 0;
325 size_t bytesleft = RPOOL_SIZE*sizeof(unsigned short);
328 bytesread = read(fd, buf, bytesleft);
329 if(bytesread == -1 && errno == EINTR) continue;
330 else if(bytesread <= 0) break;
331 bytesleft -= bytesread;
333 } while(bytesleft != 0);
341 ret[0] ^= (unsigned short) getpid();
344 #ifdef HAVE_GETTIMEOFDAY
348 /* xxx autoconf macro */
350 if (!gettimeofday(&tv))
352 if (!gettimeofday(&tv, NULL))
355 /* longs are guaranteed to be at least 32 bits; we need
356 16 bits in each short */
357 ret[0] ^= (unsigned short) (tv.tv_sec & 0xFFFF);
358 ret[1] ^= (unsigned short) (clock() & 0xFFFF);
359 ret[1] ^= (unsigned short) (tv.tv_usec >> 16);
360 ret[2] ^= (unsigned short) (tv.tv_usec & 0xFFFF);
364 #endif /* HAVE_GETTIMEOFDAY */
366 /* if all else fails just use time() */
367 curtime = (long) time(NULL); /* better be at least 32 bits */
369 ret[0] ^= (unsigned short) (curtime >> 16);
370 ret[1] ^= (unsigned short) (curtime & 0xFFFF);
371 ret[2] ^= (unsigned short) (clock() & 0xFFFF);
376 int sasl_randcreate(sasl_rand_t **rpool)
378 (*rpool)=sasl_ALLOC(sizeof(sasl_rand_t));
379 if ((*rpool) == NULL) return SASL_NOMEM;
382 (*rpool)->initialized = 0;
387 void sasl_randfree(sasl_rand_t **rpool)
392 void sasl_randseed (sasl_rand_t *rpool, const char *seed, unsigned len)
394 /* is it acceptable to just use the 1st 3 char's given??? */
398 if (seed == NULL) return;
399 if (rpool == NULL) return;
401 rpool->initialized = 1;
403 if (len > sizeof(unsigned short)*RPOOL_SIZE)
404 len = sizeof(unsigned short)*RPOOL_SIZE;
406 for (lup = 0; lup < len; lup += 2)
407 rpool->pool[lup/2] = (seed[lup] << 8) + seed[lup + 1];
410 static void randinit(sasl_rand_t *rpool)
414 if (!rpool->initialized) {
415 getranddata(rpool->pool);
416 rpool->initialized = 1;
417 #if !(defined(WIN32)||defined(macintosh))
420 /* xxx varies by platform */
421 unsigned int *foo = (unsigned int *)rpool->pool;
424 #endif /* HAVE_JRAND48 */
430 void sasl_rand (sasl_rand_t *rpool, char *buf, unsigned len)
434 if (!rpool || !buf) return;
436 /* init if necessary */
439 #if (defined(WIN32)||defined(macintosh))
440 for (lup=0;lup<len;lup++)
441 buf[lup] = (char) (rand() >> 8);
444 for (lup=0; lup<len; lup++)
445 buf[lup] = (char) (jrand48(rpool->pool) >> 8);
447 for (lup=0;lup<len;lup++)
448 buf[lup] = (char) (random() >> 8);
449 #endif /* HAVE_JRAND48 */
453 /* this function is just a bad idea all around, since we're not trying to
454 implement a true random number generator */
455 void sasl_churn (sasl_rand_t *rpool, const char *data, unsigned len)
460 if (!rpool || !data) return;
462 /* init if necessary */
465 for (lup=0; lup<len; lup++)
466 rpool->pool[lup % RPOOL_SIZE] ^= data[lup];
469 void sasl_erasebuffer(char *buf, unsigned len) {
474 /*****************************************************************************
476 * MODULE NAME : GETOPT.C
479 * This module contains code made available by IBM
480 * Corporation on an AS IS basis. Any one receiving the
481 * module is considered to be licensed under IBM copyrights
482 * to use the IBM-provided source code in any way he or she
483 * deems fit, including copying it, compiling it, modifying
484 * it, and redistributing it, with or without
485 * modifications. No license under any IBM patents or
486 * patent applications is to be implied from this copyright
489 * A user of the module should understand that IBM cannot
490 * provide technical support for the module and will not be
491 * responsible for any consequences of use of the program.
493 * Any notices, including this one, are not to be removed
494 * from the module without the prior written consent of
497 * AUTHOR: Original author:
498 * G. R. Blair (BOBBLAIR at AUSVM1)
499 * Internet: bobblair@bobblair.austin.ibm.com
501 * Extensively revised by:
502 * John Q. Walker II, Ph.D. (JOHHQ at RALVM6)
503 * Internet: johnq@ralvm6.vnet.ibm.com
505 *****************************************************************************/
507 /******************************************************************************
510 * The getopt() function is a command line parser. It returns the next
511 * option character in argv that matches an option character in opstring.
513 * The argv argument points to an array of argc+1 elements containing argc
514 * pointers to character strings followed by a null pointer.
516 * The opstring argument points to a string of option characters; if an
517 * option character is followed by a colon, the option is expected to have
518 * an argument that may or may not be separated from it by white space.
519 * The external variable optarg is set to point to the start of the option
520 * argument on return from getopt().
522 * The getopt() function places in optind the argv index of the next argument
523 * to be processed. The system initializes the external variable optind to
524 * 1 before the first call to getopt().
526 * When all options have been processed (that is, up to the first nonoption
527 * argument), getopt() returns EOF. The special option "--" may be used to
528 * delimit the end of the options; EOF will be returned, and "--" will be
531 * The getopt() function returns a question mark (?) when it encounters an
532 * option character not included in opstring. This error message can be
533 * disabled by setting opterr to zero. Otherwise, it returns the option
534 * character that was detected.
536 * If the special option "--" is detected, or all options have been
537 * processed, EOF is returned.
539 * Options are marked by either a minus sign (-) or a slash (/).
541 * No errors are defined.
542 *****************************************************************************/
544 #include <string.h> /* for strchr() */
546 /* static (global) variables that are specified as exported by getopt() */
547 __declspec(dllexport) char *optarg = NULL; /* pointer to the start of the option argument */
548 __declspec(dllexport) int optind = 1; /* number of the next argv[] to be evaluated */
549 __declspec(dllexport) int opterr = 1; /* non-zero if a question mark should be returned */
552 /* handle possible future character set concerns by putting this in a macro */
553 #define _next_char(string) (char)(*(string+1))
555 int getopt(int argc, char *argv[], char *opstring)
557 static char *pIndexPosition = NULL; /* place inside current argv string */
558 char *pArgString = NULL; /* where to start from next */
559 char *pOptString; /* the string in our program */
562 if (pIndexPosition != NULL) {
563 /* we last left off inside an argv string */
564 if (*(++pIndexPosition)) {
565 /* there is more to come in the most recent argv */
566 pArgString = pIndexPosition;
570 if (pArgString == NULL) {
571 /* we didn't leave off in the middle of an argv string */
572 if (optind >= argc) {
573 /* more command-line arguments than the argument count */
574 pIndexPosition = NULL; /* not in the middle of anything */
575 return EOF; /* used up all command-line arguments */
578 /*---------------------------------------------------------------------
579 * If the next argv[] is not an option, there can be no more options.
580 *-------------------------------------------------------------------*/
581 pArgString = argv[optind++]; /* set this to the next argument ptr */
583 if (('/' != *pArgString) && /* doesn't start with a slash or a dash? */
584 ('-' != *pArgString)) {
585 --optind; /* point to current arg once we're done */
586 optarg = NULL; /* no argument follows the option */
587 pIndexPosition = NULL; /* not in the middle of anything */
588 return EOF; /* used up all the command-line flags */
591 /* check for special end-of-flags markers */
592 if ((strcmp(pArgString, "-") == 0) ||
593 (strcmp(pArgString, "--") == 0)) {
594 optarg = NULL; /* no argument follows the option */
595 pIndexPosition = NULL; /* not in the middle of anything */
596 return EOF; /* encountered the special flag */
599 pArgString++; /* look past the / or - */
602 if (':' == *pArgString) { /* is it a colon? */
603 /*---------------------------------------------------------------------
604 * Rare case: if opterr is non-zero, return a question mark;
605 * otherwise, just return the colon we're on.
606 *-------------------------------------------------------------------*/
607 return (opterr ? (int)'?' : (int)':');
609 else if ((pOptString = strchr(opstring, *pArgString)) == 0) {
610 /*---------------------------------------------------------------------
611 * The letter on the command-line wasn't any good.
612 *-------------------------------------------------------------------*/
613 optarg = NULL; /* no argument follows the option */
614 pIndexPosition = NULL; /* not in the middle of anything */
615 return (opterr ? (int)'?' : (int)*pArgString);
618 /*---------------------------------------------------------------------
619 * The letter on the command-line matches one we expect to see
620 *-------------------------------------------------------------------*/
621 if (':' == _next_char(pOptString)) { /* is the next letter a colon? */
622 /* It is a colon. Look for an argument string. */
623 if ('\0' != _next_char(pArgString)) { /* argument in this argv? */
624 optarg = &pArgString[1]; /* Yes, it is */
627 /*-------------------------------------------------------------
628 * The argument string must be in the next argv.
629 * But, what if there is none (bad input from the user)?
630 * In that case, return the letter, and optarg as NULL.
631 *-----------------------------------------------------------*/
633 optarg = argv[optind++];
636 return (opterr ? (int)'?' : (int)*pArgString);
639 pIndexPosition = NULL; /* not in the middle of anything */
642 /* it's not a colon, so just return the letter */
643 optarg = NULL; /* no argument follows the option */
644 pIndexPosition = pArgString; /* point to the letter we're on */
646 return (int)*pArgString; /* return the letter that matched */
651 # define PASSWORD_MAX 255
661 static char pbuf[PASSWORD_MAX];
663 fprintf(stderr, "%s", prompt); (void) fflush(stderr);
664 for (p=pbuf; (c = _getch())!=13 && c!=EOF;) {
665 if (p < &pbuf[sizeof(pbuf)-1])
669 fprintf(stderr, "\n"); (void) fflush(stderr);