From: Stephan Bosch <stephan.bosch@dovecot.fi>
Date: Mon, 7 Jan 2019 19:03:16 +0000 (+0100)
Subject: auth: mech-scram: Add support for SCRAM-SHA-256.
X-Git-Tag: 2.3.10~233
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff5305136ae747867b6f6af9a1737188ae7b3b5a;p=thirdparty%2Fdovecot%2Fcore.git

auth: mech-scram: Add support for SCRAM-SHA-256.
---

diff --git a/src/auth/mech-scram.c b/src/auth/mech-scram.c
index b10eac7e5e..35fedc91ab 100644
--- a/src/auth/mech-scram.c
+++ b/src/auth/mech-scram.c
@@ -14,6 +14,7 @@
 #include "buffer.h"
 #include "hmac.h"
 #include "sha1.h"
+#include "sha2.h"
 #include "randgen.h"
 #include "safe-memset.h"
 #include "str.h"
@@ -419,6 +420,11 @@ static struct auth_request *mech_scram_sha1_auth_new(void)
 	return mech_scram_auth_new(&hash_method_sha1, "SCRAM-SHA-1");
 }
 
+static struct auth_request *mech_scram_sha256_auth_new(void)
+{
+	return mech_scram_auth_new(&hash_method_sha256, "SCRAM-SHA-256");
+}
+
 const struct mech_module mech_scram_sha1 = {
 	"SCRAM-SHA-1",
 
@@ -430,3 +436,15 @@ const struct mech_module mech_scram_sha1 = {
 	mech_scram_auth_continue,
 	mech_generic_auth_free
 };
+
+const struct mech_module mech_scram_sha256 = {
+	"SCRAM-SHA-256",
+
+	.flags = MECH_SEC_MUTUAL_AUTH,
+	.passdb_need = MECH_PASSDB_NEED_LOOKUP_CREDENTIALS,
+
+	mech_scram_sha256_auth_new,
+	mech_generic_auth_initial,
+	mech_scram_auth_continue,
+	mech_generic_auth_free
+};
diff --git a/src/auth/mech.c b/src/auth/mech.c
index 202c9d3509..d12c0db2d7 100644
--- a/src/auth/mech.c
+++ b/src/auth/mech.c
@@ -74,6 +74,7 @@ extern const struct mech_module mech_external;
 extern const struct mech_module mech_ntlm;
 extern const struct mech_module mech_otp;
 extern const struct mech_module mech_scram_sha1;
+extern const struct mech_module mech_scram_sha256;
 extern const struct mech_module mech_skey;
 extern const struct mech_module mech_rpa;
 extern const struct mech_module mech_anonymous;
@@ -211,6 +212,7 @@ void mech_init(const struct auth_settings *set)
 	}
 	mech_register_module(&mech_otp);
 	mech_register_module(&mech_scram_sha1);
+	mech_register_module(&mech_scram_sha256);
 	mech_register_module(&mech_skey);
 	mech_register_module(&mech_rpa);
 	mech_register_module(&mech_anonymous);
@@ -240,6 +242,7 @@ void mech_deinit(const struct auth_settings *set)
 	}
 	mech_unregister_module(&mech_otp);
 	mech_unregister_module(&mech_scram_sha1);
+	mech_unregister_module(&mech_scram_sha256);
 	mech_unregister_module(&mech_skey);
 	mech_unregister_module(&mech_rpa);
 	mech_unregister_module(&mech_anonymous);