HGKeeper

pidgin/pidgin

Move HTTP Digest calculation to simple.

2019-07-04, Elliott Sales de Andrade

95d1e40d7de5

Parents 54284ab06efd
Children 9aea69045c1f

Move HTTP Digest calculation to simple.

It's not used in any other protocol, and being generic, supports a lot
of extra, unused stuff. So remove that extra stuff as well.

6 files changed, 186 insertions(+), 223 deletions(-)

+101 -0

libpurple/protocols/simple/http.c

+71 -0

libpurple/protocols/simple/http.h

+2 -0

libpurple/protocols/simple/meson.build

+12 -9

libpurple/protocols/simple/simple.c

+0 -169

libpurple/util.c

+0 -45

libpurple/util.h

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/libpurple/protocols/simple/http.c Thu Jul 04 00:19:02 2019 -0400

@@ -0,0 +1,101 @@

+/* purple

+ *

+ * Purple is the legal property of its developers, whose names are too numerous

+ * to list here. Please refer to the COPYRIGHT file distributed with this

+ * source distribution.

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, write to the Free Software

+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA

+ *

+ */

+#include "internal.h"

+#include <glib.h>

+/* plugin includes */

+#include "http.h"

+gchar *

+simple_http_digest_calculate_session_key(const gchar *username,

+ const gchar *realm,

+ const gchar *password,

+ const gchar *nonce)

+ GChecksum *hasher;

+ gchar *hash;

+ g_return_val_if_fail(username != NULL, NULL);

+ g_return_val_if_fail(realm != NULL, NULL);

+ g_return_val_if_fail(password != NULL, NULL);

+ g_return_val_if_fail(nonce != NULL, NULL);

+ hasher = g_checksum_new(G_CHECKSUM_MD5);

+ g_return_val_if_fail(hasher != NULL, NULL);

+ g_checksum_update(hasher, (guchar *)username, -1);

+ g_checksum_update(hasher, (guchar *)":", -1);

+ g_checksum_update(hasher, (guchar *)realm, -1);

+ g_checksum_update(hasher, (guchar *)":", -1);

+ g_checksum_update(hasher, (guchar *)password, -1);

+ hash = g_strdup(g_checksum_get_string(hasher));

+ g_checksum_free(hasher);

+ return hash;

+gchar *

+simple_http_digest_calculate_response(const gchar *method,

+ const gchar *digest_uri,

+ const gchar *nonce,

+ const gchar *nonce_count,

+ const gchar *session_key)

+ GChecksum *hash;

+ gchar *hash2;

+ g_return_val_if_fail(method != NULL, NULL);

+ g_return_val_if_fail(digest_uri != NULL, NULL);

+ g_return_val_if_fail(nonce != NULL, NULL);

+ g_return_val_if_fail(session_key != NULL, NULL);

+ hash = g_checksum_new(G_CHECKSUM_MD5);

+ g_return_val_if_fail(hash != NULL, NULL);

+ g_checksum_update(hash, (guchar *)method, -1);

+ g_checksum_update(hash, (guchar *)":", -1);

+ g_checksum_update(hash, (guchar *)digest_uri, -1);

+ hash2 = g_strdup(g_checksum_get_string(hash));

+ g_checksum_reset(hash);

+ if (hash2 == NULL) {

+ g_checksum_free(hash);

+ g_return_val_if_reached(NULL);

+ }

+ g_checksum_update(hash, (guchar *)session_key, -1);

+ g_checksum_update(hash, (guchar *)":", -1);

+ g_checksum_update(hash, (guchar *)nonce, -1);

+ g_checksum_update(hash, (guchar *)":", -1);

+ g_checksum_update(hash, (guchar *)hash2, -1);

+ g_free(hash2);

+ hash2 = g_strdup(g_checksum_get_string(hash));

+ g_checksum_free(hash);

+ return hash2;

~~--- /dev/null Thu Jan 01 00:00:00 1970 +0000~~

+++ b/libpurple/protocols/simple/http.h Thu Jul 04 00:19:02 2019 -0400

@@ -0,0 +1,71 @@

+/* purple

+ *

+ * Purple is the legal property of its developers, whose names are too numerous

+ * to list here. Please refer to the COPYRIGHT file distributed with this

+ * source distribution.

+ *

+ * This program is free software; you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation; either version 2 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program; if not, write to the Free Software

+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA

+ *

+ */

+#ifndef SIMPLE_HTTP_H

+#define SIMPLE_HTTP_H

+#include <glib.h>

+G_BEGIN_DECLS

+/**

+ * simple_http_digest_calculate_session_key:

+ * @username: The username provided by the user

+ * @realm: The authentication realm provided by the server

+ * @password: The password provided by the user

+ * @nonce: The nonce provided by the server

+ * @client_nonce: The nonce provided by the client

+ *

+ * Calculates a session key for HTTP Digest authentation

+ *

+ * See RFC 2617 for more information.

+ *

+ * Returns: The session key, or %NULL if an error occurred.

+ */

+gchar *simple_http_digest_calculate_session_key(const gchar *username,

+ const gchar *realm,

+ const gchar *password,

+ const gchar *nonce);

+/**

+ * simple_http_digest_calculate_response:

+ * @method: The HTTP method in use

+ * @digest_uri: The URI from the initial request

+ * @nonce: The nonce provided by the server

+ * @nonce_count: The nonce count

+ * @session_key: The session key from simple_http_digest_calculate_session_key()

+ *

+ * Calculate a response for HTTP Digest authentication

+ *

+ * See RFC 2617 for more information.

+ *

+ * Returns: The hashed response, or %NULL if an error occurred.

+ */

+gchar *simple_http_digest_calculate_response(const gchar *method,

+ const gchar *digest_uri,

+ const gchar *nonce,

+ const gchar *nonce_count,

+ const gchar *session_key);

+G_END_DECLS

+#endif /* SIMPLE_HTTP_H */

~~--- a/libpurple/protocols/simple/meson.build Tue Oct 08 23:55:59 2019 -0400~~

+++ b/libpurple/protocols/simple/meson.build Thu Jul 04 00:19:02 2019 -0400

@@ -1,4 +1,6 @@

SIMPLESOURCES = [

+ 'http.c',

+ 'http.h',

'ntlm.c',

'ntlm.h',

'simple.c',

~~--- a/libpurple/protocols/simple/simple.c Tue Oct 08 23:55:59 2019 -0400~~

+++ b/libpurple/protocols/simple/simple.c Thu Jul 04 00:19:02 2019 -0400

@@ -25,9 +25,10 @@

#include "internal.h"

#include <purple.h>

+#include "http.h"

+#include "ntlm.h"

#include "simple.h"

#include "sipmsg.h"

~~-#include "ntlm.h"~~

static PurpleProtocol *my_protocol = NULL;

@@ -313,9 +314,9 @@

if(auth->type == 1) { /* Digest */

sprintf(noncecount, "%08d", auth->nc++);

~~- response = purple_http_digest_calculate_response(~~

~~- "md5", method, target, NULL, NULL,~~

~~- auth->nonce, noncecount, NULL, auth->digest_session_key);~~

+ response = simple_http_digest_calculate_response(

+ method, target, auth->nonce, noncecount,

+ auth->digest_session_key);

purple_debug(PURPLE_DEBUG_MISC, "simple", "response %s\n", response);

ret = g_strdup_printf("Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", nc=\"%s\", response=\"%s\"", authuser, auth->realm, auth->nonce, target, noncecount, response);

@@ -345,9 +346,9 @@

}

sprintf(noncecount, "%08d", auth->nc++);

~~- response = purple_http_digest_calculate_response(~~

~~- "md5", method, target, NULL, NULL,~~

~~- auth->nonce, noncecount, NULL, auth->digest_session_key);~~

+ response = simple_http_digest_calculate_response(

+ method, target, auth->nonce, noncecount,

+ auth->digest_session_key);

purple_debug(PURPLE_DEBUG_MISC, "simple", "response %s\n", response);

ret = g_strdup_printf("Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", nc=\"%s\", response=\"%s\"", authuser, auth->realm, auth->nonce, target, noncecount, response);

@@ -455,8 +456,10 @@

auth->realm ? auth->realm : "(null)");

if(auth->realm) {

~~- auth->digest_session_key = purple_http_digest_calculate_session_key(~~

~~- "md5", authuser, auth->realm, sip->password, auth->nonce, NULL);~~

+ auth->digest_session_key =

+ simple_http_digest_calculate_session_key(

+ authuser, auth->realm, sip->password,

+ auth->nonce);

auth->nc = 1;

}

~~--- a/libpurple/util.c Tue Oct 08 23:55:59 2019 -0400~~

+++ b/libpurple/util.c Thu Jul 04 00:19:02 2019 -0400

@@ -4388,175 +4388,6 @@

g_free(value);

}

~~-gchar *purple_http_digest_calculate_session_key(~~

~~- const gchar *algorithm,~~

~~- const gchar *username,~~

~~- const gchar *realm,~~

~~- const gchar *password,~~

~~- const gchar *nonce,~~

~~- const gchar *client_nonce)~~

~~- GChecksum *hasher;~~

~~- gchar *hash;~~

~~- g_return_val_if_fail(username != NULL, NULL);~~

~~- g_return_val_if_fail(realm != NULL, NULL);~~

~~- g_return_val_if_fail(password != NULL, NULL);~~

~~- g_return_val_if_fail(nonce != NULL, NULL);~~

~~- /* Check for a supported algorithm. */~~

~~- g_return_val_if_fail(algorithm == NULL ||~~

~~- *algorithm == '\0' ||~~

~~- g_ascii_strcasecmp(algorithm, "MD5") ||~~

~~- g_ascii_strcasecmp(algorithm, "MD5-sess"), NULL);~~

~~- hasher = g_checksum_new(G_CHECKSUM_MD5);~~

~~- g_return_val_if_fail(hasher != NULL, NULL);~~

~~- g_checksum_update(hasher, (guchar *)username, -1);~~

~~- g_checksum_update(hasher, (guchar *)":", -1);~~

~~- g_checksum_update(hasher, (guchar *)realm, -1);~~

~~- g_checksum_update(hasher, (guchar *)":", -1);~~

~~- g_checksum_update(hasher, (guchar *)password, -1);~~

~~- if (algorithm != NULL && !g_ascii_strcasecmp(algorithm, "MD5-sess"))~~

~~- {~~

~~- guchar digest[16];~~

~~- gsize digest_len = 16;~~

~~- if (client_nonce == NULL)~~

~~- {~~

~~- g_object_unref(hasher);~~

~~- purple_debug_error("hash", "Required client_nonce missing for MD5-sess digest calculation.\n");~~

~~- return NULL;~~

~~- }~~

~~- g_checksum_get_digest(hasher, digest, &digest_len);~~

~~- g_checksum_reset(hasher);~~

~~- g_checksum_update(hasher, digest, sizeof(digest));~~

~~- g_checksum_update(hasher, (guchar *)":", -1);~~

~~- g_checksum_update(hasher, (guchar *)nonce, -1);~~

~~- g_checksum_update(hasher, (guchar *)":", -1);~~

~~- g_checksum_update(hasher, (guchar *)client_nonce, -1);~~

~~- }~~

~~- hash = g_strdup(g_checksum_get_string(hasher));~~

~~- g_checksum_free(hasher);~~

~~- return hash;~~

~~-gchar *purple_http_digest_calculate_response(~~

~~- const gchar *algorithm,~~

~~- const gchar *method,~~

~~- const gchar *digest_uri,~~

~~- const gchar *qop,~~

~~- const gchar *entity,~~

~~- const gchar *nonce,~~

~~- const gchar *nonce_count,~~

~~- const gchar *client_nonce,~~

~~- const gchar *session_key)~~

~~- GChecksum *hash;~~

~~- gchar *hash2;~~

~~- g_return_val_if_fail(method != NULL, NULL);~~

~~- g_return_val_if_fail(digest_uri != NULL, NULL);~~

~~- g_return_val_if_fail(nonce != NULL, NULL);~~

~~- g_return_val_if_fail(session_key != NULL, NULL);~~

~~- /* Check for a supported algorithm. */~~

~~- g_return_val_if_fail(algorithm == NULL ||~~

~~- *algorithm == '\0' ||~~

~~- g_ascii_strcasecmp(algorithm, "MD5") ||~~

~~- g_ascii_strcasecmp(algorithm, "MD5-sess"), NULL);~~

~~- /* Check for a supported "quality of protection". */~~

~~- g_return_val_if_fail(qop == NULL ||~~

~~- *qop == '\0' ||~~

~~- g_ascii_strcasecmp(qop, "auth") ||~~

~~- g_ascii_strcasecmp(qop, "auth-int"), NULL);~~

~~- hash = g_checksum_new(G_CHECKSUM_MD5);~~

~~- g_return_val_if_fail(hash != NULL, NULL);~~

~~- g_checksum_update(hash, (guchar *)method, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- g_checksum_update(hash, (guchar *)digest_uri, -1);~~

~~- if (qop != NULL && !g_ascii_strcasecmp(qop, "auth-int"))~~

~~- {~~

~~- gchar *entity_hash;~~

~~- if (entity == NULL)~~

~~- {~~

~~- g_checksum_free(hash);~~

~~- purple_debug_error("hash", "Required entity missing for auth-int digest calculation.\n");~~

~~- return NULL;~~

~~- }~~

~~- entity_hash = g_compute_checksum_for_string(G_CHECKSUM_MD5,~~

~~- entity, -1);~~

~~- if (entity_hash == NULL) {~~

~~- g_checksum_free(hash);~~

~~- g_return_val_if_reached(NULL);~~

~~- }~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- g_checksum_update(hash, (guchar *)entity_hash, -1);~~

~~- g_free(entity_hash);~~

~~- }~~

~~- hash2 = g_strdup(g_checksum_get_string(hash));~~

~~- g_checksum_reset(hash);~~

~~- if (hash2 == NULL) {~~

~~- g_checksum_free(hash);~~

~~- g_return_val_if_reached(NULL);~~

~~- }~~

~~- g_checksum_update(hash, (guchar *)session_key, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- g_checksum_update(hash, (guchar *)nonce, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- if (qop != NULL && *qop != '\0')~~

~~- {~~

~~- if (nonce_count == NULL)~~

~~- {~~

~~- g_checksum_free(hash);~~

~~- purple_debug_error("hash", "Required nonce_count missing for digest calculation.\n");~~

~~- return NULL;~~

~~- }~~

~~- if (client_nonce == NULL)~~

~~- {~~

~~- g_checksum_free(hash);~~

~~- purple_debug_error("hash", "Required client_nonce missing for digest calculation.\n");~~

~~- return NULL;~~

~~- }~~

~~- g_checksum_update(hash, (guchar *)nonce_count, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- g_checksum_update(hash, (guchar *)client_nonce, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- g_checksum_update(hash, (guchar *)qop, -1);~~

~~- g_checksum_update(hash, (guchar *)":", -1);~~

~~- }~~

~~- g_checksum_update(hash, (guchar *)hash2, -1);~~

~~- g_free(hash2);~~

~~- hash2 = g_strdup(g_checksum_get_string(hash));~~

~~- g_checksum_free(hash);~~

~~- return hash2;~~

int

_purple_fstat(int fd, GStatBuf *st)

{

~~--- a/libpurple/util.h Tue Oct 08 23:55:59 2019 -0400~~

+++ b/libpurple/util.h Thu Jul 04 00:19:02 2019 -0400

@@ -1520,51 +1520,6 @@

void purple_value_free(GValue *value);

-/**

~~- * purple_http_digest_calculate_session_key:~~

~~- * @algorithm: The hash algorithm to use~~

~~- * @username: The username provided by the user~~

~~- * @realm: The authentication realm provided by the server~~

~~- * @password: The password provided by the user~~

~~- * @nonce: The nonce provided by the server~~

~~- * @client_nonce: The nonce provided by the client~~

- *

~~- * Calculates a session key for HTTP Digest authentation~~

- *

~~- * See RFC 2617 for more information.~~

- *

~~- * Returns: The session key, or %NULL if an error occurred.~~

~~- */~~

~~-gchar *purple_http_digest_calculate_session_key(~~

~~- const gchar *algorithm, const gchar *username,~~

~~- const gchar *realm, const gchar *password,~~

~~- const gchar *nonce, const gchar *client_nonce);~~

-/**

~~- * purple_http_digest_calculate_response:~~

~~- * @algorithm: The hash algorithm to use~~

~~- * @method: The HTTP method in use~~

~~- * @digest_uri: The URI from the initial request~~

~~- * @qop: The "quality of protection"~~

~~- * @entity: The entity body~~

~~- * @nonce: The nonce provided by the server~~

~~- * @nonce_count: The nonce count~~

~~- * @client_nonce: The nonce provided by the client~~

~~- * @session_key: The session key from purple_http_digest_calculate_session_key()~~

- *

~~- * Calculate a response for HTTP Digest authentication~~

- *

~~- * See RFC 2617 for more information.~~

- *

~~- * Returns: The hashed response, or %NULL if an error occurred.~~

~~- */~~

~~-gchar *purple_http_digest_calculate_response(~~

~~- const gchar *algorithm, const gchar *method,~~

~~- const gchar *digest_uri, const gchar *qop,~~

~~- const gchar *entity, const gchar *nonce,~~

~~- const gchar *nonce_count, const gchar *client_nonce,~~

~~- const gchar *session_key);~~

G_END_DECLS

#endif /* PURPLE_UTIL_H */