From: Stephan Bosch Date: Mon, 26 Sep 2022 23:28:13 +0000 (+0200) Subject: auth: mech-scram - Move get_scram_server_first() to auth-scram-server.c. X-Git-Tag: 2.4.0~3145 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9aff9002be6c17157a6a5549fe519814c09e45dc;p=thirdparty%2Fdovecot%2Fcore.git auth: mech-scram - Move get_scram_server_first() to auth-scram-server.c. --- diff --git a/src/auth/auth-scram-server.c b/src/auth/auth-scram-server.c index 079fe93979..7eb3c34454 100644 --- a/src/auth/auth-scram-server.c +++ b/src/auth/auth-scram-server.c @@ -157,3 +157,43 @@ parse_scram_client_first(struct scram_auth_request *request, request->client_first_message_bare = p_strdup(request->pool, cfm_bare); return TRUE; } + +static const char * +get_scram_server_first(struct scram_auth_request *request, + int iter, const char *salt) +{ + unsigned char snonce[SCRAM_SERVER_NONCE_LEN+1]; + string_t *str; + size_t i; + + /* RFC 5802, Section 7: + + server-first-message = + [reserved-mext ","] nonce "," salt "," + iteration-count ["," extensions] + + nonce = "r=" c-nonce [s-nonce] + + salt = "s=" base64 + + iteration-count = "i=" posit-number + ;; A positive number. + */ + + random_fill(snonce, sizeof(snonce)-1); + + /* Make sure snonce is printable and does not contain ',' */ + for (i = 0; i < sizeof(snonce)-1; i++) { + snonce[i] = (snonce[i] % ('~' - '!')) + '!'; + if (snonce[i] == ',') + snonce[i] = '~'; + } + snonce[sizeof(snonce)-1] = '\0'; + request->snonce = p_strndup(request->pool, snonce, sizeof(snonce)); + + str = t_str_new(32 + strlen(request->cnonce) + sizeof(snonce) + + strlen(salt)); + str_printfa(str, "r=%s%s,s=%s,i=%d", request->cnonce, request->snonce, + salt, iter); + return str_c(str); +} diff --git a/src/auth/mech-scram.c b/src/auth/mech-scram.c index d4d04eece6..39c8806f8e 100644 --- a/src/auth/mech-scram.c +++ b/src/auth/mech-scram.c @@ -48,46 +48,6 @@ struct scram_auth_request { unsigned char *server_key; }; -static const char * -get_scram_server_first(struct scram_auth_request *request, - int iter, const char *salt) -{ - unsigned char snonce[SCRAM_SERVER_NONCE_LEN+1]; - string_t *str; - size_t i; - - /* RFC 5802, Section 7: - - server-first-message = - [reserved-mext ","] nonce "," salt "," - iteration-count ["," extensions] - - nonce = "r=" c-nonce [s-nonce] - - salt = "s=" base64 - - iteration-count = "i=" posit-number - ;; A positive number. - */ - - random_fill(snonce, sizeof(snonce)-1); - - /* Make sure snonce is printable and does not contain ',' */ - for (i = 0; i < sizeof(snonce)-1; i++) { - snonce[i] = (snonce[i] % ('~' - '!')) + '!'; - if (snonce[i] == ',') - snonce[i] = '~'; - } - snonce[sizeof(snonce)-1] = '\0'; - request->snonce = p_strndup(request->pool, snonce, sizeof(snonce)); - - str = t_str_new(32 + strlen(request->cnonce) + sizeof(snonce) + - strlen(salt)); - str_printfa(str, "r=%s%s,s=%s,i=%d", request->cnonce, request->snonce, - salt, iter); - return str_c(str); -} - static const char *get_scram_server_final(struct scram_auth_request *request) { const struct hash_method *hmethod = request->hash_method;