Changeset 5f40da7 for lib

Timestamp:

2011-12-26T10:51:19Z (13 years ago)

Author:

Wilmer van der Gaast <wilmer@…>

Branches:

master

Children:

199fea6

Parents:

96f954d (diff), 644b808 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

Merging oauth-xmpp branch, which adds support for OAuth2 authentication
against some XMPP services (Google Talk, Facebook and Microsoft's MSN-XMPP
gateway).

Location:

lib

Files:

• Makefile (modified) (1 diff)
• arc.c (modified) (1 diff)
• md5.c (modified) (2 diffs)
• md5.h (modified) (1 diff)
• misc.c (modified) (1 diff)
• misc.h (modified) (1 diff)
• oauth.c (modified) (8 diffs)
• oauth.h (modified) (1 diff)
• oauth2.c (added)
• oauth2.h (added)

lib/Makefile

@@ -13 +13 @@
 
 # [SH] Program variables
-objects = arc.o base64.o $(DES) $(EVENT_HANDLER) ftutil.o http_client.o ini.o md5.o misc.o oauth.o proxy.o sha1.o $(SSL_CLIENT) url.o xmltree.o
+objects = arc.o base64.o $(DES) $(EVENT_HANDLER) ftutil.o http_client.o ini.o md5.o misc.o oauth.o oauth2.o proxy.o sha1.o $(SSL_CLIENT) url.o xmltree.o
 
 LFLAGS += -r

lib/arc.c

@@ -200 +200 @@
         {
                 *clear = g_strdup( "" );
-                return 0;
+                return -1;
         }
         

lib/md5.c

@@ -24 +24 @@
 #include <sys/types.h>
 #include <string.h>             /* for memcpy() */
+#include <stdio.h>
 #include "md5.h"
 
@@ -160 +161 @@
         memcpy(digest, ctx->buf, 16);
         memset(ctx, 0, sizeof(ctx));    /* In case it's sensitive */
+}
+
+void md5_finish_ascii(struct MD5Context *context, char *ascii)
+{
+        md5_byte_t bin[16];
+        int i;
+        
+        md5_finish(context, bin);
+        for (i = 0; i < 16; i ++)
+                sprintf(ascii + i * 2, "%02x", bin[i]);
 }
 

lib/md5.h

@@ -43 +43 @@
 G_MODULE_EXPORT void md5_append(struct MD5Context *context, const md5_byte_t *buf, unsigned int len);
 G_MODULE_EXPORT void md5_finish(struct MD5Context *context, md5_byte_t digest[16]);
+G_MODULE_EXPORT void md5_finish_ascii(struct MD5Context *context, char *ascii);
 
 #endif

lib/misc.c

@@ -729 +729 @@
         return cmd;
 }
+
+char *get_rfc822_header( char *text, char *header, int len )
+{
+        int hlen = strlen( header ), i;
+        char *ret;
+        
+        if( text == NULL )
+                return NULL;
+        
+        if( len == 0 )
+                len = strlen( text );
+        
+        i = 0;
+        while( ( i + hlen ) < len )
+        {
+                /* Maybe this is a bit over-commented, but I just hate this part... */
+                if( g_strncasecmp( text + i, header, hlen ) == 0 )
+                {
+                        /* Skip to the (probable) end of the header */
+                        i += hlen;
+                        
+                        /* Find the first non-[: \t] character */
+                        while( i < len && ( text[i] == ':' || text[i] == ' ' || text[i] == '\t' ) ) i ++;
+                        
+                        /* Make sure we're still inside the string */
+                        if( i >= len ) return( NULL );
+                        
+                        /* Save the position */
+                        ret = text + i;
+                        
+                        /* Search for the end of this line */
+                        while( i < len && text[i] != '\r' && text[i] != '\n' ) i ++;
+                        
+                        /* Make sure we're still inside the string */
+                        if( i >= len ) return( NULL );
+                        
+                        /* Copy the found data */
+                        return( g_strndup( ret, text + i - ret ) );
+                }
+                
+                /* This wasn't the header we were looking for, skip to the next line. */
+                while( i < len && ( text[i] != '\r' && text[i] != '\n' ) ) i ++;
+                while( i < len && ( text[i] == '\r' || text[i] == '\n' ) ) i ++;
+                
+                /* End of headers? */
+                if( ( i >= 4 && strncmp( text + i - 4, "\r\n\r\n", 4 ) == 0 ) ||
+                    ( i >= 2 && ( strncmp( text + i - 2, "\n\n", 2 ) == 0 ||   
+                                  strncmp( text + i - 2, "\r\r", 2 ) == 0 ) ) )
+                {
+                        break;
+                }
+        }
+        
+        return NULL;
+}

lib/misc.h

@@ -65 +65 @@
 
 G_MODULE_EXPORT char *word_wrap( const char *msg, int line_len );
-
 G_MODULE_EXPORT gboolean ssl_sockerr_again( void *ssl );
-
 G_MODULE_EXPORT int md5_verify_password( char *password, char *hash );
-
 G_MODULE_EXPORT char **split_command_parts( char *command );
+G_MODULE_EXPORT char *get_rfc822_header( char *text, char *header, int len );
 
 #endif

lib/oauth.c

@@ -38 +38 @@
                          const char *params, struct oauth_info *oi )
 {
-        sha1_state_t sha1;
         uint8_t hash[sha1_hash_size];
-        uint8_t key[HMAC_BLOCK_SIZE+1];
+        GString *payload = g_string_new( "" );
+        char *key;
         char *s;
-        int i;
-        
-        /* Create K. If our current key is >64 chars we have to hash it,
-           otherwise just pad. */
-        memset( key, 0, HMAC_BLOCK_SIZE );
-        i = strlen( oi->sp->consumer_secret ) + 1 + ( oi->token_secret ? strlen( oi->token_secret ) : 0 );
-        if( i > HMAC_BLOCK_SIZE )
-        {
-                sha1_init( &sha1 );
-                sha1_append( &sha1, (uint8_t*) oi->sp->consumer_secret, strlen( oi->sp->consumer_secret ) );
-                sha1_append( &sha1, (uint8_t*) "&", 1 );
-                if( oi->token_secret )
-                        sha1_append( &sha1, (uint8_t*) oi->token_secret, strlen( oi->token_secret ) );
-                sha1_finish( &sha1, key );
-        }
-        else
-        {
-                g_snprintf( (gchar*) key, HMAC_BLOCK_SIZE + 1, "%s&%s",
-                            oi->sp->consumer_secret, oi->token_secret ? oi->token_secret : "" );
-        }
-        
-        /* Inner part: H(K XOR 0x36, text) */
-        sha1_init( &sha1 );
-        
-        for( i = 0; i < HMAC_BLOCK_SIZE; i ++ )
-                key[i] ^= 0x36;
-        sha1_append( &sha1, key, HMAC_BLOCK_SIZE );
-        
-        /* OAuth: text = method&url&params, all http_encoded. */
-        sha1_append( &sha1, (const uint8_t*) method, strlen( method ) );
-        sha1_append( &sha1, (const uint8_t*) "&", 1 );
+        
+        key = g_strdup_printf( "%s&%s", oi->sp->consumer_secret, oi->token_secret ? oi->token_secret : "" );
+        
+        g_string_append_printf( payload, "%s&", method );
         
         s = g_new0( char, strlen( url ) * 3 + 1 );
         strcpy( s, url );
         http_encode( s );
-        sha1_append( &sha1, (const uint8_t*) s, strlen( s ) );
-        sha1_append( &sha1, (const uint8_t*) "&", 1 );
+        g_string_append_printf( payload, "%s&", s );
         g_free( s );
         
@@ -84 +56 @@
         strcpy( s, params );
         http_encode( s );
-        sha1_append( &sha1, (const uint8_t*) s, strlen( s ) );
-        g_free( s );
-        
-        sha1_finish( &sha1, hash );
-        
-        /* Final result: H(K XOR 0x5C, inner stuff) */
-        sha1_init( &sha1 );
-        for( i = 0; i < HMAC_BLOCK_SIZE; i ++ )
-                key[i] ^= 0x36 ^ 0x5c;
-        sha1_append( &sha1, key, HMAC_BLOCK_SIZE );
-        sha1_append( &sha1, hash, sha1_hash_size );
-        sha1_finish( &sha1, hash );
+        g_string_append( payload, s );
+        g_free( s );
+        
+        sha1_hmac( key, 0, payload->str, 0, hash );
+        
+        g_free( key );
+        g_string_free( payload, TRUE );
         
         /* base64_encode + HTTP escape it (both consumers 
@@ -122 +89 @@
         char *item;
         
+        if( !key || !value )
+                return;
+        
         item = g_strdup_printf( "%s=%s", key, value );
         *params = g_slist_insert_sorted( *params, item, (GCompareFunc) strcmp );
@@ -130 +100 @@
         int key_len = strlen( key );
         GSList *l, *n;
+        
+        if( params == NULL )
+                return;
         
         for( l = *params; l; l = n )
@@ -155 +128 @@
         GSList *l;
         
+        if( params == NULL )
+                return NULL;
+        
         for( l = *params; l; l = l->next )
         {
@@ -165 +141 @@
 }
 
-static void oauth_params_parse( GSList **params, char *in )
+void oauth_params_parse( GSList **params, char *in )
 {
         char *amp, *eq, *s;
@@ -333 +309 @@
                 oauth_params_parse( &params, req->reply_body );
                 st->request_token = g_strdup( oauth_params_get( &params, "oauth_token" ) );
+                st->token_secret = g_strdup( oauth_params_get( &params, "oauth_token_secret" ) );
                 oauth_params_free( &params );
         }
@@ -362 +339 @@
                 oauth_params_parse( &st->params, req->reply_body );
                 st->token = g_strdup( oauth_params_get( &st->params, "oauth_token" ) );
+                g_free( st->token_secret );
                 st->token_secret = g_strdup( oauth_params_get( &st->params, "oauth_token_secret" ) );
         }

lib/oauth.h

@@ -92 +92 @@
 
 /* For reading misc. data. */
+void oauth_params_add( GSList **params, const char *key, const char *value );
+void oauth_params_parse( GSList **params, char *in );
+void oauth_params_free( GSList **params );
+char *oauth_params_string( GSList *params );
+void oauth_params_set( GSList **params, const char *key, const char *value );
 const char *oauth_params_get( GSList **params, const char *key );