[SCM] GNU gsasl branch, gsasl_1_4_x, updated. gsasl-1-4-1-6-g7bec63b

Simon Josefsson Mon, 15 Mar 2010 00:51:05 -0700

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gsasl".


http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=7bec63b33303b959cd9c61bfecaed1986f44066d

The branch, gsasl_1_4_x has been updated
       via  7bec63b33303b959cd9c61bfecaed1986f44066d (commit)
       via  d99aeaf3d75f2a5859d40e2ba7da8696b108e02c (commit)
       via  a7df3952a8bb571764995245c028d20b3504cef2 (commit)
       via  3469762279cc72d622c08745eca80fc8f48ffae7 (commit)
      from  72ef13449ec062fd49aad59be5b4599b56c9b617 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 7bec63b33303b959cd9c61bfecaed1986f44066d
Author: Simon Josefsson <[email protected]>
Date:   Mon Mar 15 08:49:18 2010 +0100

    Fix NEWS entry.

commit d99aeaf3d75f2a5859d40e2ba7da8696b108e02c
Author: Simon Josefsson <[email protected]>
Date:   Mon Mar 15 08:42:36 2010 +0100

    Add.

commit a7df3952a8bb571764995245c028d20b3504cef2
Author: Simon Josefsson <[email protected]>
Date:   Wed Mar 10 22:02:43 2010 +0100

    SCRAM: (Un)escape username.

commit 3469762279cc72d622c08745eca80fc8f48ffae7
Author: Simon Josefsson <[email protected]>
Date:   Wed Mar 10 21:49:21 2010 +0100

    SCRAM: (Un)escape authzid.

-----------------------------------------------------------------------

Summary of changes:
 lib/NEWS            |    3 ++
 lib/scram/parser.c  |   56 +++++++++++++++++++++++++++++++++++++++-----------
 lib/scram/printer.c |   33 ++++++++++++++++++++++++++---
 lib/scram/server.c  |    3 +-
 tests/scram.c       |   43 +++++++++++++++++++++++++++++++--------
 5 files changed, 111 insertions(+), 27 deletions(-)

diff --git a/lib/NEWS b/lib/NEWS
index fbfc5f1..fd1177c 100644
--- a/lib/NEWS
+++ b/lib/NEWS
@@ -4,6 +4,9 @@ See the end for copying conditions.
 
 * Version 1.4.2 (unreleased) [stable]
 
+** SCRAM: Encode and decode username/authzid properly.
+Before any username/authzid that contained '=' or ',' would not work.
+
 ** API and ABI modifications.
 No changes since last version.
 
diff --git a/lib/scram/parser.c b/lib/scram/parser.c
index 9551b36..a7fbff5 100644
--- a/lib/scram/parser.c
+++ b/lib/scram/parser.c
@@ -1,5 +1,5 @@
 /* parser.c --- SCRAM parser.
- * Copyright (C) 2009  Simon Josefsson
+ * Copyright (C) 2009, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -36,6 +36,41 @@
 /* Get validator. */
 #include "validate.h"
 
+static char *
+unescape (const char *str, size_t len)
+{
+  char *out = malloc (len + 1);
+  char *p = out;
+
+  if (!out)
+    return NULL;
+
+  while (len > 0 && *str)
+    {
+      if (len >= 3 && str[0] == '=' && str[1] == '2' && str[2] == 'C')
+       {
+         *p++ = ',';
+         str += 3;
+         len -= 3;
+       }
+      else if (len >= 3 && str[0] == '=' && str[1] == '3' && str[2] == 'D')
+       {
+         *p++ = '=';
+         str += 3;
+         len -= 3;
+       }
+      else
+       {
+         *p++ = *str;
+         str++;
+         len--;
+       }
+    }
+  *p = '\0';
+
+  return out;
+}
+
 int
 scram_parse_client_first (const char *str, size_t len,
                          struct scram_client_first *cf)
@@ -61,6 +96,11 @@ scram_parse_client_first (const char *str, size_t len,
       const char *p;
       size_t l;
 
+      str++, len--;
+      if (len == 0 || *str != '=')
+       return -1;
+      str++, len--;
+
       p = memchr (str, ',', len);
       if (!p)
        return -1;
@@ -69,15 +109,10 @@ scram_parse_client_first (const char *str, size_t len,
       if (len < l)
        return -1;
 
-      cf->authzid = malloc (l + 1);
+      cf->authzid = unescape (str, l);
       if (!cf->authzid)
        return -1;
 
-      memcpy (cf->authzid, str, l);
-      cf->authzid[l] = '\0';
-
-      /* FIXME decode authzid */
-
       str = p;
       len -= l;
     }
@@ -106,15 +141,10 @@ scram_parse_client_first (const char *str, size_t len,
     if (len < l)
       return -1;
 
-    cf->username = malloc (l + 1);
+    cf->username = unescape (str, l);
     if (!cf->username)
       return -1;
 
-    memcpy (cf->username, str, l);
-    cf->username[l] = '\0';
-
-    /* FIXME decode username */
-
     str = p;
     len -= l;
   }
diff --git a/lib/scram/printer.c b/lib/scram/printer.c
index e515960..e1690af 100644
--- a/lib/scram/printer.c
+++ b/lib/scram/printer.c
@@ -1,5 +1,5 @@
 /* printer.h --- Convert SCRAM token structures into strings.
- * Copyright (C) 2009  Simon Josefsson
+ * Copyright (C) 2009, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -42,9 +42,34 @@
 static char *
 scram_escape (const char *str)
 {
-  /* FIXME escape '=' and ',' in authzid to '=3D' and '=2C'
-     respectively. */
-  return strdup (str);
+  char *out = malloc (strlen (str) * 3 + 1);
+  char *p = out;
+
+  if (!out)
+    return NULL;
+
+  while (*str)
+    {
+      if (*str == ',')
+       {
+         memcpy (p, "=2C", 3);
+         p += 3;
+       }
+      else if (*str == '=')
+       {
+         memcpy (p, "=3D", 3);
+         p += 3;
+       }
+      else
+       {
+         *p = *str;
+         p++;
+       }
+      str++;
+    }
+  *p = '\0';
+
+  return out;
 }
 
 /* Print SCRAM client-first token into newly allocated output string
diff --git a/lib/scram/server.c b/lib/scram/server.c
index 54385eb..4926dea 100644
--- a/lib/scram/server.c
+++ b/lib/scram/server.c
@@ -1,5 +1,5 @@
 /* server.c --- SASL CRAM-MD5 server side functions.
- * Copyright (C) 2009  Simon Josefsson
+ * Copyright (C) 2009, 2010  Simon Josefsson
  *
  * This file is part of GNU SASL Library.
  *
@@ -177,6 +177,7 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx,
        }
 
        gsasl_property_set (sctx, GSASL_AUTHID, state->cf.username);
+       gsasl_property_set (sctx, GSASL_AUTHZID, state->cf.authzid);
 
        {
          const char *p = gsasl_property_get (sctx, GSASL_SCRAM_ITER);
diff --git a/tests/scram.c b/tests/scram.c
index d4bb94f..b0add83 100644
--- a/tests/scram.c
+++ b/tests/scram.c
@@ -30,12 +30,18 @@
 #include "utils.h"
 
 #define PASSWORD "Open, Sesame"
-#define USERNAME "Ali Baba"
-/* "Ali " "\xC2\xAD" "Bab" "\xC2\xAA" */
-/* "Al\xC2\xAA""dd\xC2\xAD""in\xC2\xAE" */
-#define AUTHZID "joe"
 
-#define EXPECTED_USERNAME "Ali Baba"
+#define N_AUTHID 4
+static const char *AUTHID[N_AUTHID] = {
+  "Ali Baba", "BAB,ABA", ",=,=", "="
+  /* "Ali " "\xC2\xAD" "Bab" "\xC2\xAA" */
+  /* "Al\xC2\xAA""dd\xC2\xAD""in\xC2\xAE" */
+};
+
+#define N_AUTHZID 4
+static const char *AUTHZID[N_AUTHZID] = {
+  "jas", "BAB,ABA", ",=,=", "="
+};
 
 size_t i;
 
@@ -54,21 +60,21 @@ callback (Gsasl * ctx, Gsasl_session * sctx, Gsasl_property 
prop)
       break;
 
     case GSASL_AUTHID:
-      gsasl_property_set (sctx, prop, USERNAME);
+      gsasl_property_set (sctx, prop, AUTHID[i % N_AUTHID]);
       rc = GSASL_OK;
       break;
 
     case GSASL_AUTHZID:
       if (i & 0x01)
        {
-         gsasl_property_set (sctx, prop, AUTHZID);
+         gsasl_property_set (sctx, prop, AUTHZID[i % N_AUTHZID]);
          rc = GSASL_OK;
        }
       break;
 
     case GSASL_SCRAM_ITER:
       if (strcmp (gsasl_property_fast (sctx, GSASL_AUTHID),
-                 EXPECTED_USERNAME) != 0)
+                 AUTHID[i % N_AUTHID]) != 0)
        fail ("Username mismatch: %s",
              gsasl_property_fast (sctx, GSASL_AUTHID));
       if (i & 0x02)
@@ -219,7 +225,26 @@ doit (void)
        }
 
       if (debug)
-       printf ("C: %.*s\n\n", s1len, s1);
+       printf ("C: %.*s\n", s1len, s1);
+
+      {
+       const char *p = gsasl_property_fast (server, GSASL_AUTHID);
+       if (p && strcmp (p, AUTHID[i % N_AUTHID]) != 0)
+         fail ("Bad authid? %s != %s\n", p, AUTHID[i % N_AUTHID]);
+       if (i & 0x01 && !p)
+         fail ("Expected authid? %d/%s\n", i, AUTHID[i % N_AUTHID]);
+      }
+
+      {
+       const char *p = gsasl_property_fast (server, GSASL_AUTHZID);
+       if (p && strcmp (p, AUTHZID[i % N_AUTHZID]) != 0)
+         fail ("Bad authzid? %s != %s\n", p, AUTHZID[i % N_AUTHZID]);
+       if (i & 0x01 && !p)
+         fail ("Expected authzid? %d/%s\n", i, AUTHZID[i % N_AUTHZID]);
+      }
+
+      if (debug)
+       printf ("\n");
 
       gsasl_finish (client);
       gsasl_finish (server);


hooks/post-receive
-- 
GNU gsasl


_______________________________________________
Gsasl-commit mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/gsasl-commit

[SCM] GNU gsasl branch, gsasl_1_4_x, updated. gsasl-1-4-1-6-g7bec63b

Reply via email to