| SrpClient.cpp (Firebird-3.0.2.32703-0.tar.bz2) | : | SrpClient.cpp (Firebird-3.0.4.33054-0.tar.bz2) |
|---|
| | |
| skipping to change at line 37 | | skipping to change at line 37 |
|---|
| #include "firebird.h" | | #include "firebird.h" |
| | |
| #include "../auth/SecureRemotePassword/client/SrpClient.h" | | #include "../auth/SecureRemotePassword/client/SrpClient.h" |
| #include "../auth/SecureRemotePassword/srp.h" | | #include "../auth/SecureRemotePassword/srp.h" |
| #include "../common/classes/ImplementHelper.h" | | #include "../common/classes/ImplementHelper.h" |
| | |
| using namespace Firebird; | | using namespace Firebird; |
| | |
| namespace Auth { | | namespace Auth { |
| | |
|
| class SrpClient FB_FINAL : public StdPlugin<IClientImpl<SrpClient, CheckStatusWr
apper> > | | class SrpClient : public StdPlugin<IClientImpl<SrpClient, CheckStatusWrapper> > |
| { | | { |
| public: | | public: |
| explicit SrpClient(IPluginConfig*) | | explicit SrpClient(IPluginConfig*) |
| : client(NULL), data(getPool()), | | : client(NULL), data(getPool()), |
| sessionKey(getPool()) | | sessionKey(getPool()) |
| { } | | { } |
| | |
| ~SrpClient() | | ~SrpClient() |
| { | | { |
| delete client; | | delete client; |
| } | | } |
| | |
| // IClient implementation | | // IClient implementation |
| int authenticate(CheckStatusWrapper*, IClientBlock* cb); | | int authenticate(CheckStatusWrapper*, IClientBlock* cb); |
| int release(); | | int release(); |
| | |
| private: | | private: |
| RemotePassword* client; | | RemotePassword* client; |
| string data; | | string data; |
| UCharBuffer sessionKey; | | UCharBuffer sessionKey; |
|
| | protected: |
| | virtual RemotePassword* RemotePasswordFactory()=0; |
| | }; |
| | |
| | template <class SHA> class SrpClientImpl FB_FINAL : public SrpClient |
| | { |
| | public: |
| | explicit SrpClientImpl<SHA>(IPluginConfig* ipc) |
| | : SrpClient(ipc) {} |
| | protected: |
| | RemotePassword* RemotePasswordFactory() |
| | { |
| | return FB_NEW RemotePasswordImpl<SHA>; |
| | } |
| }; | | }; |
| | |
| int SrpClient::authenticate(CheckStatusWrapper* status, IClientBlock* cb) | | int SrpClient::authenticate(CheckStatusWrapper* status, IClientBlock* cb) |
| { | | { |
| try | | try |
| { | | { |
| if (sessionKey.hasData()) | | if (sessionKey.hasData()) |
| { | | { |
| // Why are we called when auth is completed? | | // Why are we called when auth is completed? |
| (Arg::Gds(isc_random) << "Auth sync failure - SRP's authe
nticate called more times than supported").raise(); | | (Arg::Gds(isc_random) << "Auth sync failure - SRP's authe
nticate called more times than supported").raise(); |
| | |
| skipping to change at line 79 | | skipping to change at line 93 |
|---|
| | |
| if (!client) | | if (!client) |
| { | | { |
| HANDSHAKE_DEBUG(fprintf(stderr, "Cli: SRP phase1: login=%
s password=%s\n", | | HANDSHAKE_DEBUG(fprintf(stderr, "Cli: SRP phase1: login=%
s password=%s\n", |
| cb->getLogin(), cb->getPassword())); | | cb->getLogin(), cb->getPassword())); |
| if (!(cb->getLogin() && cb->getPassword())) | | if (!(cb->getLogin() && cb->getPassword())) |
| { | | { |
| return AUTH_CONTINUE; | | return AUTH_CONTINUE; |
| } | | } |
| | |
|
| client = FB_NEW RemotePassword; | | client = RemotePasswordFactory(); |
| client->genClientKey(data); | | client->genClientKey(data); |
| dumpIt("Clnt: clientPubKey", data); | | dumpIt("Clnt: clientPubKey", data); |
| cb->putData(status, data.length(), data.begin()); | | cb->putData(status, data.length(), data.begin()); |
| if (status->getState() & IStatus::STATE_ERRORS) | | if (status->getState() & IStatus::STATE_ERRORS) |
| return AUTH_FAILED; | | return AUTH_FAILED; |
| return AUTH_MORE_DATA; | | return AUTH_MORE_DATA; |
| } | | } |
| | |
| HANDSHAKE_DEBUG(fprintf(stderr, "Cli: SRP phase2\n")); | | HANDSHAKE_DEBUG(fprintf(stderr, "Cli: SRP phase2\n")); |
| unsigned length; | | unsigned length; |
| | |
| skipping to change at line 133 | | skipping to change at line 147 |
|---|
| key.assign(saltAndKey, charSize); | | key.assign(saltAndKey, charSize); |
| dumpIt("Clnt: key(srvPub)", key); | | dumpIt("Clnt: key(srvPub)", key); |
| | |
| dumpIt("Clnt: login", string(cb->getLogin())); | | dumpIt("Clnt: login", string(cb->getLogin())); |
| dumpIt("Clnt: pass", string(cb->getPassword())); | | dumpIt("Clnt: pass", string(cb->getPassword())); |
| client->clientSessionKey(sessionKey, cb->getLogin(), salt.c_str()
, cb->getPassword(), key.c_str()); | | client->clientSessionKey(sessionKey, cb->getLogin(), salt.c_str()
, cb->getPassword(), key.c_str()); |
| dumpIt("Clnt: sessionKey", sessionKey); | | dumpIt("Clnt: sessionKey", sessionKey); |
| | |
| BigInteger cProof = client->clientProof(cb->getLogin(), salt.c_st
r(), sessionKey); | | BigInteger cProof = client->clientProof(cb->getLogin(), salt.c_st
r(), sessionKey); |
| cProof.getText(data); | | cProof.getText(data); |
|
| | | dumpIt("Clnt: Client Proof",cProof); |
| cb->putData(status, data.length(), data.c_str()); | | cb->putData(status, data.length(), data.c_str()); |
| if (status->getState() & IStatus::STATE_ERRORS) | | if (status->getState() & IStatus::STATE_ERRORS) |
| { | | { |
| return AUTH_FAILED; | | return AUTH_FAILED; |
| } | | } |
| | |
| // output the key | | // output the key |
| ICryptKey* cKey = cb->newKey(status); | | ICryptKey* cKey = cb->newKey(status); |
| if (status->getState() & IStatus::STATE_ERRORS) | | if (status->getState() & IStatus::STATE_ERRORS) |
| { | | { |
| | |
| skipping to change at line 173 | | skipping to change at line 187 |
|---|
| if (--refCounter == 0) | | if (--refCounter == 0) |
| { | | { |
| delete this; | | delete this; |
| return 0; | | return 0; |
| } | | } |
| return 1; | | return 1; |
| } | | } |
| | |
| namespace | | namespace |
| { | | { |
|
| SimpleFactory<SrpClient> factory; | | SimpleFactory<SrpClientImpl<Sha1> > factory_sha1; |
| | SimpleFactory<SrpClientImpl<sha224> > factory_sha224; |
| | SimpleFactory<SrpClientImpl<sha256> > factory_sha256; |
| | SimpleFactory<SrpClientImpl<sha384> > factory_sha384; |
| | SimpleFactory<SrpClientImpl<sha512> > factory_sha512; |
| } | | } |
| | |
| void registerSrpClient(IPluginManager* iPlugin) | | void registerSrpClient(IPluginManager* iPlugin) |
| { | | { |
|
| iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa | | iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa |
| ssword::plugName, &factory); | | ssword::plugName, &factory_sha1); |
| | iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa |
| | ssword::pluginName(224).c_str(), &factory_sha224); |
| | iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa |
| | ssword::pluginName(256).c_str(), &factory_sha256); |
| | iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa |
| | ssword::pluginName(384).c_str(), &factory_sha384); |
| | iPlugin->registerPluginFactory(IPluginManager::TYPE_AUTH_CLIENT, RemotePa |
| | ssword::pluginName(512).c_str(), &factory_sha512); |
| } | | } |
| | |
| } // namespace Auth | | } // namespace Auth |
| | | |
| End of changes. 6 change blocks. |
|---|
| 6 lines changed or deleted | | 32 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 