2 * Copyright (C) 2005, 2007 Free Software Foundation
4 * Author: Nikos Mavroyanopoulos
6 * This file is part of GNUTLS.
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
25 /* Functions for operating in an PSK passwd file are included here */
27 #include <gnutls_int.h>
32 #include "gnutls_errors.h"
33 #include <auth_psk_passwd.h>
35 #include "gnutls_auth_int.h"
36 #include "gnutls_dh.h"
38 #include <gnutls_str.h>
39 #include <gnutls_datum.h>
40 #include <gnutls_num.h>
43 /* this function parses passwd.psk file. Format is:
44 * string(username):hex(passwd)
47 pwd_put_values (gnutls_datum_t
* psk
, char *str
)
53 p
= strchr (str
, ':');
57 return GNUTLS_E_SRP_PWD_PARSING_ERROR
;
69 if (p
[len
- 1] == '\n' || p
[len
- 1] == ' ')
72 size
= psk
->size
= len
/ 2;
73 psk
->data
= gnutls_malloc (size
);
74 if (psk
->data
== NULL
)
77 return GNUTLS_E_MEMORY_ERROR
;
80 ret
= _gnutls_hex2bin ((opaque
*) p
, len
, psk
->data
, &size
);
81 psk
->size
= (unsigned int)size
;
94 /* Randomizes the given password entry. It actually sets a random password.
95 * Returns 0 on success.
98 _randomize_psk (gnutls_datum_t
* psk
)
100 psk
->data
= gnutls_malloc (16);
101 if (psk
->data
== NULL
)
104 return GNUTLS_E_MEMORY_ERROR
;
108 if (gc_nonce ((char *) psk
->data
, 16) != GC_OK
)
111 return GNUTLS_E_RANDOM_FAILED
;
117 /* Returns the PSK key of the given user.
118 * If the user doesn't exist a random password is returned instead.
121 _gnutls_psk_pwd_find_entry (gnutls_session_t session
, char *username
,
122 gnutls_datum_t
* psk
)
124 gnutls_psk_server_credentials_t cred
;
130 cred
= (gnutls_psk_server_credentials_t
)
131 _gnutls_get_cred (session
->key
, GNUTLS_CRD_PSK
, NULL
);
135 return GNUTLS_E_INSUFFICIENT_CREDENTIALS
;
138 /* if the callback which sends the parameters is
141 if (cred
->pwd_callback
!= NULL
)
143 ret
= cred
->pwd_callback (session
, username
, psk
);
146 { /* the user does not exist */
147 ret
= _randomize_psk (psk
);
159 return GNUTLS_E_SRP_PWD_ERROR
;
165 /* The callback was not set. Proceed.
167 if (cred
->password_file
== NULL
)
170 return GNUTLS_E_SRP_PWD_ERROR
;
173 /* Open the selected password file.
175 fd
= fopen (cred
->password_file
, "r");
179 return GNUTLS_E_SRP_PWD_ERROR
;
182 len
= strlen (username
);
183 while (fgets (line
, sizeof (line
), fd
) != NULL
)
185 /* move to first ':' */
187 while ((line
[i
] != ':') && (line
[i
] != '\0') && (i
< sizeof (line
)))
192 if (strncmp (username
, line
, MAX (i
, len
)) == 0)
194 ret
= pwd_put_values (psk
, line
);
198 return GNUTLS_E_SRP_PWD_ERROR
;
204 /* user was not found. Fake him.
205 * the last index found and randomize the entry.
207 ret
= _randomize_psk (psk
);
219 #endif /* ENABLE PSK */