This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=ce5b4cc9ef03558f68333cc376f43acb700dc531 The branch, master has been updated via ce5b4cc9ef03558f68333cc376f43acb700dc531 (commit) from 12862032ef23cc749db2f2330809d8c4f50c7f27 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ce5b4cc9ef03558f68333cc376f43acb700dc531 Author: Simon Josefsson <[email protected]> Date: Fri Sep 11 12:00:55 2009 +0200 SCRAM: Generate server signature. ----------------------------------------------------------------------- Summary of changes: lib/scram/server.c | 51 ++++++++++++++++++++++++++++++++------------------- 1 files changed, 32 insertions(+), 19 deletions(-) diff --git a/lib/scram/server.c b/lib/scram/server.c index d707757..e0c34c3 100644 --- a/lib/scram/server.c +++ b/lib/scram/server.c @@ -215,6 +215,7 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, { char *storedkey; char *serverkey; + char *authmessage; const char *p; /* Get StoredKey */ @@ -264,32 +265,30 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, else return GSASL_NO_PASSWORD; + /* Compute AuthMessage */ + { + size_t len; + + /* Get client-final-message-without-proof. */ + p = strstr (input, ",p="); + if (!p) + return GSASL_MECHANISM_PARSE_ERROR; + len = p - input; + + asprintf (&authmessage, "%s,%.*s,%.*s", + state->cfmb_str, + strlen (state->sf_str), state->sf_str, + len, input); + } + /* Check client proof. */ { - char *authmessage; char *clientsignature; - /* Compute AuthMessage */ - { - size_t len; - - /* Get client-final-message-without-proof. */ - p = strstr (input, ",p="); - if (!p) - return GSASL_MECHANISM_PARSE_ERROR; - len = p - input; - - asprintf (&authmessage, "%s,%.*s,%.*s", - state->cfmb_str, - strlen (state->sf_str), state->sf_str, - len, input); - } - /* ClientSignature := HMAC(StoredKey, AuthMessage) */ rc = gsasl_hmac_sha1 (storedkey, 20, authmessage, strlen (authmessage), &clientsignature); - free (authmessage); if (rc != 0) return rc; @@ -315,11 +314,25 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, /* Generate server verifier. */ { - state->sl.verifier = strdup ("verifier"); + char *serversignature; + + /* ServerSignature := HMAC(ServerKey, AuthMessage) */ + rc = gsasl_hmac_sha1 (storedkey, 20, + authmessage, strlen (authmessage), + &serversignature); + if (rc != 0) + return rc; + + rc = gsasl_base64_to (serversignature, 20, + &state->sl.verifier, NULL); + free (serversignature); + if (rc != 0) + return rc; } free (storedkey); free (serverkey); + free (authmessage); } rc = scram_print_server_final (&state->sl, output); hooks/post-receive -- GNU gsasl _______________________________________________ Gsasl-commit mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gsasl-commit
