/usr/share/emacs/site-lisp/flim/sasl-digest.el is in flim 1:1.14.9+0.20110516-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 | ;;; sasl-digest.el --- DIGEST-MD5 module for the SASL client framework
;; Copyright (C) 2000 Free Software Foundation, Inc.
;; Author: Daiki Ueno <ueno@unixuser.org>
;; Kenichi OKADA <okada@opaopa.org>
;; Keywords: SASL, DIGEST-MD5
;; This file is part of FLIM (Faithful Library about Internet Message).
;; This program is free software; you can redistribute it and/or
;; modify it under the terms of the GNU General Public License as
;; published by the Free Software Foundation; either version 2, or (at
;; your option) any later version.
;; This program is distributed in the hope that it will be useful, but
;; WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
;; General Public License for more details.
;; You should have received a copy of the GNU General Public License
;; along with this program; see the file COPYING. If not, write to the
;; Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
;; Boston, MA 02110-1301, USA.
;; This program is implemented from draft-leach-digest-sasl-05.txt.
;;
;; It is caller's responsibility to base64-decode challenges and
;; base64-encode responses in IMAP4 AUTHENTICATE command.
;;
;; Passphrase should be longer than 16 bytes. (See RFC 2195)
;;; Commentary:
(require 'sasl)
(require 'hmac-md5)
(defvar sasl-digest-md5-nonce-count 1)
(defvar sasl-digest-md5-unique-id-function
sasl-unique-id-function)
(defvar sasl-digest-md5-syntax-table
(let ((table (make-syntax-table)))
(modify-syntax-entry ?= "." table)
(modify-syntax-entry ?, "." table)
table)
"A syntax table for parsing digest-challenge attributes.")
(defconst sasl-digest-md5-steps
'(ignore ;no initial response
sasl-digest-md5-response
ignore)) ;""
(defun sasl-digest-md5-parse-string (string)
"Parse STRING and return a property list.
The value is a cons cell of the form \(realm nonce qop-options stale maxbuf
charset algorithm cipher-opts auth-param)."
(with-temp-buffer
(set-syntax-table sasl-digest-md5-syntax-table)
(save-excursion
(insert string)
(goto-char (point-min))
(insert "(")
(while (progn (forward-sexp) (not (eobp)))
(delete-char 1)
(insert " "))
(insert ")")
(read (point-min-marker)))))
(defun sasl-digest-md5-digest-uri (serv-type host &optional serv-name)
(concat serv-type "/" host
(if (and serv-name
(not (string= host serv-name)))
(concat "/" serv-name))))
(defun sasl-digest-md5-cnonce ()
(let ((sasl-unique-id-function sasl-digest-md5-unique-id-function))
(sasl-unique-id)))
(defun sasl-digest-md5-response-value (username
realm
nonce
cnonce
nonce-count
qop
digest-uri
authzid)
(let ((passphrase
(sasl-read-passphrase
(format "DIGEST-MD5 passphrase for %s: "
username))))
(unwind-protect
(encode-hex-string
(md5-binary
(concat
(encode-hex-string
(md5-binary (concat (md5-binary
(concat username ":" realm ":" passphrase))
":" nonce ":" cnonce
(if authzid
(concat ":" authzid)))))
":" nonce
":" (format "%08x" nonce-count) ":" cnonce ":" qop ":"
(encode-hex-string
(md5-binary
(concat "AUTHENTICATE:" digest-uri
(if (member qop '("auth-int" "auth-conf"))
":00000000000000000000000000000000")))))))
(fillarray passphrase 0))))
(defun sasl-digest-md5-response (client step)
(let* ((plist
(sasl-digest-md5-parse-string (sasl-step-data step)))
(realm
(or (sasl-client-property client 'realm)
(plist-get plist 'realm))) ;need to check
(nonce-count
(or (sasl-client-property client 'nonce-count)
sasl-digest-md5-nonce-count))
(qop
(or (sasl-client-property client 'qop)
"auth"))
(digest-uri
(sasl-digest-md5-digest-uri
(sasl-client-service client)(sasl-client-server client)))
(cnonce
(or (sasl-client-property client 'cnonce)
(sasl-digest-md5-cnonce))))
(sasl-client-set-property client 'nonce-count (1+ nonce-count))
(unless (string= qop "auth")
(sasl-error (format "Unsupported \"qop-value\": %s" qop)))
(concat
"username=\"" (sasl-client-name client) "\","
"realm=\"" realm "\","
"nonce=\"" (plist-get plist 'nonce) "\","
"cnonce=\"" cnonce "\","
(format "nc=%08x," nonce-count)
"digest-uri=\"" digest-uri "\","
"qop=" qop ","
"response="
(sasl-digest-md5-response-value
(sasl-client-name client)
realm
(plist-get plist 'nonce)
cnonce
nonce-count
qop
digest-uri
(plist-get plist 'authzid)))))
(put 'sasl-digest 'sasl-mechanism
(sasl-make-mechanism "DIGEST-MD5" sasl-digest-md5-steps))
(provide 'sasl-digest)
;;; sasl-digest.el ends here
|