From: Jean-Marc Pigeon (Delson) Date: Fri, 4 Jul 2025 15:09:12 +0000 (-0400) Subject: Working out the DISGEST-MD5 sequencing X-Git-Tag: tag-0.12~30 X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=e34fd0543d147a0f6f81bc90014d5d01f4eea8a3;p=jmp%2Fmailleur Working out the DISGEST-MD5 sequencing --- diff --git a/lib/DIGEST-MD5 b/lib/DIGEST-MD5 new file mode 100644 index 0000000..477cee4 --- /dev/null +++ b/lib/DIGEST-MD5 @@ -0,0 +1,21 @@ +Sequence pour "calculer la reponse digest-MD5 +#----------------------------------------- +https://stackoverflow.com/questions/40505711/digest-md5-response-generation + +chris:elwood.innosoft.com:secret + -> eb5a750053e4d2c34aa84bbc9b0b6ee7 + +A1: +chris+secret nonce cnonce +eb5a750053e4d2c34aa84bbc9b0b6ee7:OA6MG9tEQGm2hh:OA6MHXh6VqTrRk + -> 54442ff1f394d9d0de1205cef4d9cebe +A2 +AUTHENTICATE:imap/elwood.innosoft.com + -> 15e3594677e51ade69715d1cb7d207ba + +RESPONSE + A1A nonce nc-value cnonce qpop A2 +54442ff1f394d9d0de1205cef4d9cebe:OA6MG9tEQGm2hh:00000001:OA6MHXh6VqTrRk:auth:15e3594677e51ade69715d1cb7d207ba + -> 26ef1190b643a36e879673066098379c +OK. +#----------------------------------------- diff --git a/lib/lvleml.c b/lib/lvleml.c index 04eb6d6..7d75206 100644 --- a/lib/lvleml.c +++ b/lib/lvleml.c @@ -468,6 +468,82 @@ return decoded; /* Return a builded "decoded" string from */ /* the exchange with the remote sereur */ /* */ +/* */ +/********************************************************/ +static char *get_auth_digest_md5(CONTYP *contact,int delay) + +{ +#define OPEP "lvleml.c:get_auth_digest_md5," + +char *decoded; +char challenge[300]; +char answer[300]; +int phase; +_Bool proceed; + +decoded=(char *)0; +(void) memset(challenge,'\000',sizeof(challenge)); +(void) memset(answer,'\000',sizeof(answer)); +phase=0; +proceed=true; +while (proceed==true) { + (void) rou_alert(0,"%s JMPDBG phase='%d'",OPEP,phase); + switch (phase) { + case 0 : { //Building the challenge sequence + #define FMT "realm=\"%s\",nonce=\"%s\",qop=\"auth\",algorithm=md5-sess,charset=utf-8" + char *nonce; + + //nonce=cnv_getrndstr(20); + nonce=strdup("ABCDEF"); + (void) snprintf(challenge,sizeof(challenge),FMT,contact->locname,nonce); + nonce=rou_freestr(nonce); + } + break; + case 1 : { //sending challenge to remote + char *b64; + + (void) rou_alert(0,"JMPDBG CHAL <%s>",challenge); + b64=cnv_setb64(challenge); + (void) transmit(contact,true,"%d %s",SENDB64,b64); + b64=rou_freestr(b64); + } + break; + case 2 : { //getting the challenge answer + char *line; + + if (tcp_getline(contact->socptr,delay,&line)>0) { + char *res; + + res=cnv_getb64(line); + (void) snprintf(answer,sizeof(answer),"%s",res); + (void) rou_alert(0,"JMPDBG Got <%s>",answer); + res=rou_freestr(res); + line=rou_freestr(line); + } + if (strlen(answer)==0) + phase=999; //no need to go further + } + default : //SAFE Guard + proceed=false; + break; + } + phase++; + } +return decoded; + +#undef OPEP +} +#ifdef BADDIGEST +/* +^L +*/ +/********************************************************/ +/* */ +/* Procedure to manage authentication in */ +/* digest-md5 mode. */ +/* Return a builded "decoded" string from */ +/* the exchange with the remote sereur */ +/* */ /********************************************************/ static char *get_auth_md5(CONTYP *contact,int delay) @@ -574,6 +650,7 @@ return decoded; #undef OPEP } +#endif /* ^L */ @@ -796,7 +873,7 @@ while (proceed==true) { decoded=get_auth_cram_md5(contact,delay); break; case 3 : //AUTH DIGEST-MD5 - decoded=get_auth_md5(contact,delay); + decoded=get_auth_digest_md5(contact,delay); break; default : //not yet implemented (void) transmit(contact,true,"%d 5.7.3 Unknown auth mode",FAILED); diff --git a/lib/subcnv.c b/lib/subcnv.c index 5458d05..07e3939 100644 --- a/lib/subcnv.c +++ b/lib/subcnv.c @@ -254,4 +254,33 @@ if ((str!=(char *)0)&&(strlen(str)>0)) { } return hexa; } +/* + +*/ +/********************************************************/ +/* */ +/* Procedure to generate a random string with a */ +/* specific lenght. */ +/* */ +/********************************************************/ +PUBLIC char *cnv_getrndstr(size_t length) +{ +char charset[] = "0123456789" + "abcdefghijklmnopqrstuvwxyz" + "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + +char *rndstr; + +rndstr=(char *)0; +if (length>0) { + rndstr=(char *)calloc(length+1,sizeof(char)); + for (size_t t=0;t