summaryrefslogtreecommitdiffstats
path: root/kio/misc/tdesasl
diff options
context:
space:
mode:
Diffstat (limited to 'kio/misc/tdesasl')
-rw-r--r--kio/misc/tdesasl/CMakeLists.txt42
-rw-r--r--kio/misc/tdesasl/Makefile.am12
-rw-r--r--kio/misc/tdesasl/tdesasl.cpp285
-rw-r--r--kio/misc/tdesasl/tdesasl.h169
4 files changed, 0 insertions, 508 deletions
diff --git a/kio/misc/tdesasl/CMakeLists.txt b/kio/misc/tdesasl/CMakeLists.txt
deleted file mode 100644
index 27cacfbb9..000000000
--- a/kio/misc/tdesasl/CMakeLists.txt
+++ /dev/null
@@ -1,42 +0,0 @@
-#################################################
-#
-# (C) 2010 Serghei Amelian
-# serghei (DOT) amelian (AT) gmail.com
-#
-# Improvements and feedback are welcome
-#
-# This file is released under GPL >= 2
-#
-#################################################
-
-include_directories(
- ${TQT_INCLUDE_DIRS}
- ${CMAKE_CURRENT_BINARY_DIR}
- ${CMAKE_BINARY_DIR}/tdecore
- ${CMAKE_SOURCE_DIR}/tdecore
-)
-
-link_directories(
- ${TQT_LIBRARY_DIRS}
-)
-
-
-##### headers ###################################
-
-install(FILES tdesasl.h DESTINATION ${INCLUDE_INSTALL_DIR}/kio )
-
-
-##### tdesasl ###################################
-
-set( target tdesasl )
-
-set( ${target}_SRCS
- tdesasl.cpp
-)
-
-tde_add_library( ${target} SHARED
- SOURCES ${${target}_SRCS}
- VERSION 1.2.0
- LINK tdecore-shared
- DESTINATION ${LIB_INSTALL_DIR}
-)
diff --git a/kio/misc/tdesasl/Makefile.am b/kio/misc/tdesasl/Makefile.am
deleted file mode 100644
index 4dd36a6d7..000000000
--- a/kio/misc/tdesasl/Makefile.am
+++ /dev/null
@@ -1,12 +0,0 @@
-INCLUDES=$(all_includes)
-
-lib_LTLIBRARIES = libtdesasl.la
-METASOURCES = AUTO
-
-tdesaslincludedir = $(includedir)/kio
-tdesaslinclude_HEADERS = tdesasl.h
-
-libtdesasl_la_SOURCES = tdesasl.cpp
-libtdesasl_la_LDFLAGS = $(all_libraries) -version-info 3:0:2 -no-undefined
-libtdesasl_la_LIBADD = $(LIB_TDECORE) $(LIB_QT)
-
diff --git a/kio/misc/tdesasl/tdesasl.cpp b/kio/misc/tdesasl/tdesasl.cpp
deleted file mode 100644
index ef0768f98..000000000
--- a/kio/misc/tdesasl/tdesasl.cpp
+++ /dev/null
@@ -1,285 +0,0 @@
-/* This file is part of the KDE libraries
- Copyright (C) 2001-2002 Michael Häckel <haeckel@kde.org>
- $Id$
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Library General Public
- License version 2 as published by the Free Software Foundation.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Library General Public License
- along with this library; see the file COPYING.LIB. If not, write to
- the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- Boston, MA 02110-1301, USA.
-*/
-
-#include "tdesasl.h"
-
-#include <kmdcodec.h>
-#include <kurl.h>
-
-#include <tqstrlist.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-KDESasl::KDESasl(const KURL &aUrl)
-{
- mProtocol = aUrl.protocol();
- mUser = aUrl.user();
- mPass = aUrl.pass();
- mFirst = true;
-}
-
-KDESasl::KDESasl(const TQString &aUser, const TQString &aPass,
- const TQString &aProtocol)
-{
- mProtocol = aProtocol;
- mUser = aUser;
- mPass = aPass;
- mFirst = true;
-}
-
-KDESasl::~KDESasl() {
-}
-
-TQCString KDESasl::chooseMethod(const TQStrIList aMethods)
-{
- if (aMethods.contains("DIGEST-MD5")) mMethod = "DIGEST-MD5";
- else if (aMethods.contains("CRAM-MD5")) mMethod = "CRAM-MD5";
- else if (aMethods.contains("PLAIN")) mMethod = "PLAIN";
- else if (aMethods.contains("LOGIN")) mMethod = "LOGIN";
- else mMethod = TQCString();
- return mMethod;
-}
-
-void KDESasl::setMethod(const TQCString &aMethod)
-{
- mMethod = aMethod.upper();
-}
-
-TQByteArray KDESasl::getPlainResponse()
-{
- TQCString user = mUser.utf8();
- TQCString pass = mPass.utf8();
- int userlen = user.length();
- int passlen = pass.length();
- // result = $user\0$user\0$pass (no trailing \0)
- TQByteArray result(2 * userlen + passlen + 2);
- if ( userlen ) {
- memcpy( result.data(), user.data(), userlen );
- memcpy( result.data() + userlen + 1, user.data(), userlen );
- }
- if ( passlen )
- memcpy( result.data() + 2 * userlen + 2, pass.data(), passlen );
- result[userlen] = result[2*userlen+1] = '\0';
- return result;
-}
-
-TQByteArray KDESasl::getLoginResponse()
-{
- TQByteArray result = (mFirst) ? mUser.utf8() : mPass.utf8();
- mFirst = !mFirst;
- if (result.size()) result.resize(result.size() - 1);
- return result;
-}
-
-TQByteArray KDESasl::getCramMd5Response(const TQByteArray &aChallenge)
-{
- uint i;
- TQByteArray secret = mPass.utf8();
- int len = mPass.utf8().length();
- secret.resize(len);
- if (secret.size() > 64)
- {
- KMD5 md5(secret);
- secret.duplicate((const char*)(&(md5.rawDigest()[0])), 16);
- len = 16;
- }
- secret.resize(64);
- for (i = len; i < 64; i++) secret[i] = 0;
- TQByteArray XorOpad(64);
- for (i = 0; i < 64; i++) XorOpad[i] = secret[i] ^ 0x5C;
- TQByteArray XorIpad(64);
- for (i = 0; i < 64; i++) XorIpad[i] = secret[i] ^ 0x36;
- KMD5 md5;
- md5.update(XorIpad);
- md5.update(aChallenge);
- KMD5 md5a;
- md5a.update(XorOpad);
- md5a.update(md5.rawDigest(), 16);
- TQByteArray result = mUser.utf8();
- len = mUser.utf8().length();
- result.resize(len + 33);
- result[len] = ' ';
- TQCString ch = md5a.hexDigest();
- for (i = 0; i < 32; i++) result[i+len+1] = *(ch.data() + i);
- return result;
-}
-
-TQByteArray KDESasl::getDigestMd5Response(const TQByteArray &aChallenge)
-{
- mFirst = !mFirst;
- if (mFirst) return TQByteArray();
- TQCString str, realm, nonce, qop, algorithm, charset;
- TQCString nc = "00000001";
- unsigned int a, b, c, d;
- a = 0;
- while (a < aChallenge.size())
- {
- b = a;
- while (b < aChallenge.size() && aChallenge[b] != '=') b++;
- c = b + 1;
- if (aChallenge[c] == '"')
- {
- d = c + 1;
- while (d < aChallenge.size() && aChallenge[d] != '"') d++;
- c++;
- } else {
- d = c;
- while (d < aChallenge.size() && aChallenge[d] != ',') d++;
- }
- str = TQCString(aChallenge.data() + c, d - c + 1);
- if (tqstrnicmp(aChallenge.data() + a, "realm=", 6) == 0) realm = str;
- else if (tqstrnicmp(aChallenge.data() + a, "nonce=", 6) == 0) nonce = str;
- else if (tqstrnicmp(aChallenge.data() + a, "qop=", 4) == 0) qop = str;
- else if (tqstrnicmp(aChallenge.data() + a, "algorithm=", 10) == 0)
- algorithm = str;
- else if (tqstrnicmp(aChallenge.data() + a, "charset=", 8) == 0)
- charset = str;
- a = (d < aChallenge.size() && aChallenge[d] == '"') ? d + 2 : d + 1;
- }
- if (qop.isEmpty()) qop = "auth";
- qop = "auth";
- bool utf8 = tqstricmp(charset, "utf-8") == 0;
- TQCString digestUri = TQCString(mProtocol.latin1()) + "/" + realm;
-
- /* Calculate the response */
- /* Code based on code from the http io-slave
- Copyright (C) 2000,2001 Dawit Alemayehu <adawit@kde.org>
- Copyright (C) 2000,2001 Waldo Bastian <bastian@kde.org>
- Copyright (C) 2000,2001 George Staikos <staikos@kde.org> */
- KMD5 md, md2;
- TQCString HA1, HA2;
- TQCString cnonce;
- cnonce.setNum((1 + static_cast<int>(100000.0*rand()/(RAND_MAX+1.0))));
- cnonce = KCodecs::base64Encode( cnonce );
-
- // Calculate H(A1)
- TQCString authStr = (utf8) ? mUser.utf8() : TQCString(mUser.latin1());
- authStr += ':';
- authStr += realm;
- authStr += ':';
- authStr += (utf8) ? mPass.utf8() : TQCString(mPass.latin1());
-
- md.update( authStr );
- authStr = "";
- if ( algorithm == "md5-sess" )
- {
- authStr += ':';
- authStr += nonce;
- authStr += ':';
- authStr += cnonce;
- }
- md2.reset();
- /* SASL authentication uses rawDigest here, whereas HTTP authentication uses
- hexDigest() */
- md2.update(md.rawDigest(), 16);
- md2.update( authStr );
- md2.hexDigest( HA1 );
-
- // Calcualte H(A2)
- authStr = "AUTHENTICATE:";
- authStr += digestUri;
- if ( qop == "auth-int" || qop == "auth-conf" )
- {
- authStr += ":00000000000000000000000000000000";
- }
- md.reset();
- md.update( authStr );
- md.hexDigest( HA2 );
-
- // Calcualte the response.
- authStr = HA1;
- authStr += ':';
- authStr += nonce;
- authStr += ':';
- if ( !qop.isEmpty() )
- {
- authStr += nc;
- authStr += ':';
- authStr += cnonce;
- authStr += ':';
- authStr += qop;
- authStr += ':';
- }
- authStr += HA2;
- md.reset();
- md.update( authStr );
- TQCString response = md.hexDigest();
- /* End of response calculation */
-
- TQCString result;
- if (utf8)
- {
- result = "charset=utf-8,username=\"" + mUser.utf8();
- } else {
- result = "charset=iso-8859-1,username=\"" + TQCString(mUser.latin1());
- }
- result += "\",realm=\"" + realm + "\",nonce=\"" + nonce;
- result += "\",nc=" + nc + ",cnonce=\"" + cnonce;
- result += "\",digest-uri=\"" + digestUri;
- result += "\",response=" + response + ",qop=" + qop;
- TQByteArray ba;
- ba.duplicate(result.data(), result.length());
- return ba;
-}
-
-TQByteArray KDESasl::getBinaryResponse(const TQByteArray &aChallenge, bool aBase64)
-{
- if (aBase64)
- {
- TQByteArray ba;
- KCodecs::base64Decode(aChallenge, ba);
- KCodecs::base64Encode(getBinaryResponse(ba, false), ba);
- return ba;
- }
- if (tqstricmp(mMethod, "PLAIN") == 0) return getPlainResponse();
- if (tqstricmp(mMethod, "LOGIN") == 0) return getLoginResponse();
- if (tqstricmp(mMethod, "CRAM-MD5") == 0)
- return getCramMd5Response(aChallenge);
- if (tqstricmp(mMethod, "DIGEST-MD5") == 0)
- return getDigestMd5Response(aChallenge);
-// return getDigestMd5Response(TQCString("realm=\"elwood.innosoft.com\",nonce=\"OA6MG9tEQGm2hh\",qop=\"auth\",algorithm=md5-sess,charset=utf-8"));
- return TQByteArray();
-}
-
-TQCString KDESasl::getResponse(const TQByteArray &aChallenge, bool aBase64)
-{
- TQByteArray ba = getBinaryResponse(aChallenge, aBase64);
- return TQCString(ba.data(), ba.size() + 1);
-}
-
-TQCString KDESasl::method() const {
- return mMethod;
-}
-
-bool KDESasl::clientStarts() const {
- return method() == "PLAIN";
-}
-
-bool KDESasl::dialogComplete( int n ) const {
- if ( method() == "PLAIN" || method() == "CRAM-MD5" )
- return n >= 1;
- if ( method() == "LOGIN" || method() == "DIGEST-MD5" )
- return n >= 2;
- return true;
-}
-
-bool KDESasl::isClearTextMethod() const {
- return method() == "PLAIN" || method() == "LOGIN" ;
-}
diff --git a/kio/misc/tdesasl/tdesasl.h b/kio/misc/tdesasl/tdesasl.h
deleted file mode 100644
index 0c57096a8..000000000
--- a/kio/misc/tdesasl/tdesasl.h
+++ /dev/null
@@ -1,169 +0,0 @@
-/* This file is part of the KDE libraries
- Copyright (C) 2001-2002 Michael Häckel <haeckel@kde.org>
- $Id$
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Library General Public
- License version 2 as published by the Free Software Foundation.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Library General Public License for more details.
-
- You should have received a copy of the GNU Library General Public License
- along with this library; see the file COPYING.LIB. If not, write to
- the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- Boston, MA 02110-1301, USA.
-*/
-
-#ifndef TDESASL_H
-#define TDESASL_H
-
-#include <tqstring.h>
-
-#include <tdelibs_export.h>
-
-class KURL;
-class TQStrIList;
-
-/**
- * This library can create responses for SASL authentication for a given
- * challenge and a given secret. This way of authentication is common for
- * SMTP, POP3, IMAP and LDAP.
- *
- * SASL is one way strong encryption and therefore useful for authentication,
- * but not for secret information transfer.
- * It is possibly to prove with SASL to know a shared secret like a password.
- * It is not possible with SASL to transfer any other information in an
- * encrypted way. For that purpose OpenPGP or SSL are useful.
- *
- * Currently PLAIN (RFC 2595), LOGIN (not really a SASL mechanism, but
- * used like that in IMAP and SMTP), CRAM-MD5 (RFC 2195) and
- * DIGEST-MD5 (RFC 2831) authentication are supported. PLAIN and
- * LOGIN transmit the credentials in the clear (apart from a possible
- * base64 encoding).
- *
- * For KDE 3.2, the API has been extended to allow transparent use of
- * all currently supported SASL mechanisms. Example:
- * \code
- * KDESasl sasl( myUser, myPass, myProtocol );
- * if ( !sasl.chooseMethod( myMechanismsSupportedByServer ) )
- * return false; // couldn't agree on a method
- *
- * int numResponses = 0;
- * if ( sasl.clientStarts() ) { // check whether we're supposed to start the dialog
- * ++numResponses;
- * mySendAuthCommand( sasl.method(), sasl.getResponse() );
- * } else {
- * mySendAuthCommand( sasl.method() );
- * }
- * for ( ; !sasl.dialogComplete( numResponses ) ; ++numResponses ) {
- * TQByteArray challenge = myRecvChallenge();
- * mySendResponse( sasl.getResponse( challenge ) );
- * }
- * return myCheckSuccess();
- * \endcode
- *
- * @author Michael Häckel <haeckel@kde.org>
- * @version $Id$
- */
-
-class TDEIO_EXPORT KDESasl
-{
-
-public:
- /**
- * Construct a sasl object and initialize it with the username and password
- * passed via the url.
- */
- KDESasl(const KURL &aUrl);
- /**
- * This is a conveniece function and differs from the above function only by
- * what arguments it accepts.
- */
- KDESasl(const TQString &aUser, const TQString &aPass, const TQString &aProtocol);
- /*
- * You need to have a virtual destructor!
- */
- virtual ~KDESasl();
- /**
- * @returns the most secure method from the given methods and use it for
- * further operations.
- */
- virtual TQCString chooseMethod(const TQStrIList aMethods);
- /**
- * Explicitely set the SASL method used.
- */
- virtual void setMethod(const TQCString &aMethod);
- /**
- * @return the SASL method used.
- * @since 3.2
- */
- TQCString method() const;
- /**
- * @param numCalls number of times getResponse() has been called.
- * @return whether the challenge/response dialog has completed
- *
- * @since 3.2
- */
- bool dialogComplete( int numCalls ) const;
- /**
- * @return whether the currently selected mechanism results in
- * cleartext passwords being sent over the network and thus should
- * be used only under TLS/SSL cover or for legacy servers.
- *
- * @since 3.2
- */
- bool isClearTextMethod() const;
- /**
- * Creates a response using the formerly chosen SASL method.
- * For LOGIN authentication you have to call this function twice. KDESasl
- * realizes on its own, if you are calling it for the first or for the
- * second time.
- * @param aChallenge is the challenge sent to create a response for
- * @param aBase64 specifies, whether the authentication protocol uses base64
- * encoding. The challenge is decoded from base64 and the response is
- * encoded base64 if set to true.
- */
- TQCString getResponse(const TQByteArray &aChallenge=TQByteArray(), bool aBase64 = true);
- /**
- * Create a response as above but place it in a QByteArray
- */
- TQByteArray getBinaryResponse(const TQByteArray &aChallenge=TQByteArray(), bool aBase64=true);
- /**
- * Returns true if the client is supposed to initiate the
- * challenge-respinse dialog with an initial response (which most
- * protocols can transfer alongside the authentication command as an
- * optional second parameter). This method relieves the sasl user
- * from knowing details about the mechanism. If true, use
- * #getResponse() with a null challenge.
- *
- * @since 3.2
- */
- bool clientStarts() const;
-protected:
- /**
- * PLAIN authentication as described in RFC 2595
- */
- virtual TQByteArray getPlainResponse();
- /**
- * LOGIN authentication
- */
- virtual TQByteArray getLoginResponse();
- /**
- * CRAM-MD5 authentication as described in RFC 2195
- */
- virtual TQByteArray getCramMd5Response(const TQByteArray &aChallenge);
- /**
- * DIGEST-MD5 authentication as described in RFC 2831
- */
- virtual TQByteArray getDigestMd5Response(const TQByteArray &aChallenge);
-
-private:
- TQString mProtocol, mUser, mPass;
- TQCString mMethod;
- bool mFirst;
-};
-
-#endif