deepend/zoitechat
1
0
Fork 0
mirror of https://github.com/ZoiteChat/zoitechat.git synced 2026-03-19 04:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

SASL SCRAM: Apply changes from code review

Browse Source
This commit is contained in:
Patrick Okraku
2023-11-06 15:04:15 +01:00
committed by Patrick
parent 9b76b557ec
commit c82ad32171
3 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/common/inbound.c
View File

@@ -1985,7 +1985,7 @@ scram_authenticate (server *serv, const char *data, const char *digest,
if (serv->scram_session == NULL) if (serv->scram_session == NULL)
{ {
serv->scram_session = scram_create_session (digest, user, password); serv->scram_session = scram_session_create (digest, user, password);
if (serv->scram_session == NULL) if (serv->scram_session == NULL)
{ {

14
src/common/scram.c
View File

@@ -35,7 +35,7 @@
#endif #endif
scram_session scram_session
*scram_create_session (const char *digest, const char *username, const char *password) *scram_session_create (const char *digest, const char *username, const char *password)
{ {
scram_session *session; scram_session *session;
const EVP_MD *md; const EVP_MD *md;
@@ -162,10 +162,12 @@ process_server_first (scram_session *session, const char *data, char **output,
{ {
if (!strncmp (params[i], "r=", 2)) if (!strncmp (params[i], "r=", 2))
{ {
g_free (server_nonce_b64);
server_nonce_b64 = g_strdup (params[i] + 2); server_nonce_b64 = g_strdup (params[i] + 2);
} }
else if (!strncmp (params[i], "s=", 2)) else if (!strncmp (params[i], "s=", 2))
{ {
g_free (salt);
salt = g_strdup (params[i] + 2); salt = g_strdup (params[i] + 2);
} }
else if (!strncmp (params[i], "i=", 2)) else if (!strncmp (params[i], "i=", 2))
@@ -180,6 +182,8 @@ process_server_first (scram_session *session, const char *data, char **output,
*salt == '\0' || iteration_count == 0) *salt == '\0' || iteration_count == 0)
{ {
session->error = g_strdup_printf ("Invalid server-first-message: %s", data); session->error = g_strdup_printf ("Invalid server-first-message: %s", data);
g_free (server_nonce_b64);
g_free (salt);
return SCRAM_ERROR; return SCRAM_ERROR;
} }
@@ -219,6 +223,10 @@ process_server_first (scram_session *session, const char *data, char **output,
// StoredKey := H(ClientKey) // StoredKey := H(ClientKey)
if (!create_SHA (session, client_key, session->digest_size, stored_key, &stored_key_len)) if (!create_SHA (session, client_key, session->digest_size, stored_key, &stored_key_len))
{ {
g_free (client_final_message_without_proof);
g_free (server_nonce_b64);
g_free (salt);
g_free (client_key);
return SCRAM_ERROR; return SCRAM_ERROR;
} }
@@ -241,10 +249,12 @@ process_server_first (scram_session *session, const char *data, char **output,
*output_len = strlen (*output); *output_len = strlen (*output);
g_free (server_nonce_b64); g_free (server_nonce_b64);
g_free (client_final_message_without_proof);
g_free (salt); g_free (salt);
g_free (client_final_message_without_proof);
g_free (client_key);
g_free (client_signature); g_free (client_signature);
g_free (client_proof); g_free (client_proof);
g_free (client_proof_b64);
session->step++; session->step++;
return SCRAM_IN_PROGRESS; return SCRAM_IN_PROGRESS;

2
src/common/scram.h
View File

@@ -43,7 +43,7 @@ typedef enum
SCRAM_SUCCESS SCRAM_SUCCESS
} scram_status; } scram_status;
scram_session *scram_create_session (const char *digset, const char *username, const char *password); scram_session *scram_session_create (const char *digset, const char *username, const char *password);
void scram_free_session (scram_session *session); void scram_free_session (scram_session *session);
scram_status scram_process (scram_session *session, const char *input, char **output, size_t *output_len); scram_status scram_process (scram_session *session, const char *input, char **output, size_t *output_len);