flim 1:1.14.9+0.20110516-1 / usr / share / emacs / site-lisp / flim / sasl-digest.el

This file is indexed.

/usr/share/emacs/site-lisp/flim/sasl-digest.el is in flim 1:1.14.9+0.20110516-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
;;; sasl-digest.el --- DIGEST-MD5 module for the SASL client framework

;; Copyright (C) 2000 Free Software Foundation, Inc.

;; Author: Daiki Ueno <ueno@unixuser.org>
;;	Kenichi OKADA <okada@opaopa.org>
;; Keywords: SASL, DIGEST-MD5

;; This file is part of FLIM (Faithful Library about Internet Message).

;; This program is free software; you can redistribute it and/or
;; modify it under the terms of the GNU General Public License as
;; published by the Free Software Foundation; either version 2, or (at
;; your option) any later version.

;; This program is distributed in the hope that it will be useful, but
;; WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
;; General Public License for more details.

;; You should have received a copy of the GNU General Public License
;; along with this program; see the file COPYING.  If not, write to the
;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
;; Boston, MA 02110-1301, USA.

;; This program is implemented from draft-leach-digest-sasl-05.txt.
;;
;; It is caller's responsibility to base64-decode challenges and
;; base64-encode responses in IMAP4 AUTHENTICATE command.
;;
;; Passphrase should be longer than 16 bytes. (See RFC 2195)

;;; Commentary:

(require 'sasl)
(require 'hmac-md5)

(defvar sasl-digest-md5-nonce-count 1)
(defvar sasl-digest-md5-unique-id-function
  sasl-unique-id-function)

(defvar sasl-digest-md5-syntax-table
  (let ((table (make-syntax-table)))
    (modify-syntax-entry ?= "." table)
    (modify-syntax-entry ?, "." table)
    table)
  "A syntax table for parsing digest-challenge attributes.")

(defconst sasl-digest-md5-steps
  '(ignore				;no initial response
    sasl-digest-md5-response
    ignore))				;""

(defun sasl-digest-md5-parse-string (string)
  "Parse STRING and return a property list.
The value is a cons cell of the form \(realm nonce qop-options stale maxbuf
charset algorithm cipher-opts auth-param)."
  (with-temp-buffer
    (set-syntax-table sasl-digest-md5-syntax-table)
    (save-excursion
      (insert string)
      (goto-char (point-min))
      (insert "(")
      (while (progn (forward-sexp) (not (eobp)))
	(delete-char 1)
	(insert " "))
      (insert ")")
      (read (point-min-marker)))))

(defun sasl-digest-md5-digest-uri (serv-type host &optional serv-name)
  (concat serv-type "/" host
	  (if (and serv-name
		   (not (string= host serv-name)))
	      (concat "/" serv-name))))

(defun sasl-digest-md5-cnonce ()
  (let ((sasl-unique-id-function sasl-digest-md5-unique-id-function))
    (sasl-unique-id)))

(defun sasl-digest-md5-response-value (username
				       realm
				       nonce
				       cnonce
				       nonce-count
				       qop
				       digest-uri
				       authzid)
  (let ((passphrase
	 (sasl-read-passphrase
	  (format "DIGEST-MD5 passphrase for %s: "
		  username))))
    (unwind-protect
	(encode-hex-string
	 (md5-binary
	  (concat
	   (encode-hex-string
	    (md5-binary (concat (md5-binary 
				 (concat username ":" realm ":" passphrase))
				":" nonce ":" cnonce
				(if authzid 
				    (concat ":" authzid)))))
	   ":" nonce
	   ":" (format "%08x" nonce-count) ":" cnonce ":" qop ":"
	   (encode-hex-string
	    (md5-binary
	     (concat "AUTHENTICATE:" digest-uri
		     (if (member qop '("auth-int" "auth-conf"))
			 ":00000000000000000000000000000000")))))))
      (fillarray passphrase 0))))

(defun sasl-digest-md5-response (client step)
  (let* ((plist
	  (sasl-digest-md5-parse-string (sasl-step-data step)))
	 (realm
	  (or (sasl-client-property client 'realm)
	      (plist-get plist 'realm))) ;need to check
	 (nonce-count
	  (or (sasl-client-property client 'nonce-count)
	       sasl-digest-md5-nonce-count))
	 (qop
	  (or (sasl-client-property client 'qop)
	      "auth"))
	 (digest-uri
	  (sasl-digest-md5-digest-uri
	   (sasl-client-service client)(sasl-client-server client)))
	 (cnonce
	  (or (sasl-client-property client 'cnonce)
	      (sasl-digest-md5-cnonce))))
    (sasl-client-set-property client 'nonce-count (1+ nonce-count))
    (unless (string= qop "auth")
      (sasl-error (format "Unsupported \"qop-value\": %s" qop)))
    (concat
     "username=\"" (sasl-client-name client) "\","
     "realm=\"" realm "\","
     "nonce=\"" (plist-get plist 'nonce) "\","
     "cnonce=\"" cnonce "\","
     (format "nc=%08x," nonce-count)
     "digest-uri=\"" digest-uri "\","
     "qop=" qop ","
     "response="
     (sasl-digest-md5-response-value
      (sasl-client-name client)
      realm
      (plist-get plist 'nonce)
      cnonce
      nonce-count
      qop
      digest-uri
      (plist-get plist 'authzid)))))

(put 'sasl-digest 'sasl-mechanism
     (sasl-make-mechanism "DIGEST-MD5" sasl-digest-md5-steps))

(provide 'sasl-digest)

;;; sasl-digest.el ends here

APT Browse - Built by Thomas Orozco.