github-repos/wget
1
0
Fork 0
mirror of https://github.com/mirror/wget.git synced 2025-03-28 21:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

[svn] Document the Opie code better. Use uint32_t instead of unsigned long

Browse Source 
for 32-bit quantities.
This commit is contained in:
hniksic 2003-11-01 08:36:43 -08:00
parent 7ec83a1b2a
commit 37dd65621c
4 changed files with 117 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/ChangeLog
View File

@ -1,3 +1,8 @@
2003-11-01 Hrvoje Niksic <hniksic@xemacs.org>
* ftp-opie.c (calculate_skey_response): Use uint32_t instead of
`unsigned long' for the cheksum array. Document the function.
2003-11-01 Hrvoje Niksic <hniksic@xemacs.org> 2003-11-01 Hrvoje Niksic <hniksic@xemacs.org>
* connect.c (acceptport): Don't call select_fd when timeout is not * connect.c (acceptport): Don't call select_fd when timeout is not

37
src/ftp-basic.c
View File

@ -134,10 +134,6 @@ ftp_request (const char *command, const char *value)
return res; return res;
} }
#ifdef USE_OPIE
const char *calculate_skey_response PARAMS ((int, const char *, const char *));
#endif
/* Sends the USER and PASS commands to the server, to control /* Sends the USER and PASS commands to the server, to control
connection socket csock. */ connection socket csock. */
uerr_t uerr_t
@ -195,34 +191,35 @@ ftp_login (struct rbuf *rbuf, const char *acc, const char *pass)
"331 opiekey " "331 opiekey "
}; };
int i; int i;
const char *seed = NULL;
for (i = 0; i < countof (skey_head); i++) for (i = 0; i < countof (skey_head); i++)
{ {
if (strncasecmp (skey_head[i], respline, strlen (skey_head[i])) == 0) int l = strlen (skey_head[i]);
break; if (0 == strncasecmp (skey_head[i], respline, l))
{
seed = respline + l;
break;
}
} }
if (i < countof (skey_head)) if (seed)
{ {
const char *cp; const char *seed;
int skey_sequence = 0; int skey_sequence = 0;
for (cp = respline + strlen (skey_head[i]); /* Extract the sequence from SEED. */
'0' <= *cp && *cp <= '9'; for (; ISDIGIT (*seed); seed++)
cp++) skey_sequence = 10 * skey_sequence + *seed - '0';
{ if (*seed == ' ')
skey_sequence = skey_sequence * 10 + *cp - '0'; ++seed;
}
if (*cp == ' ')
cp++;
else else
{ {
bad:
xfree (respline); xfree (respline);
return FTPLOGREFUSED; return FTPLOGREFUSED;
} }
if ((cp = calculate_skey_response (skey_sequence, cp, pass)) == 0) /* Replace the password with the SKEY response to the
goto bad; challenge. */
pass = cp; pass = skey_response (skey_sequence, seed, pass);
} }
} }
#endif /* USE_OPIE */ #endif /* USE_OPIE */

142
src/ftp-opie.c
View File

@ -39,9 +39,11 @@ so, delete this exception statement from your version. */
#include "wget.h" #include "wget.h"
#include "gen-md5.h" #include "gen-md5.h"
#include "ftp.h"
/* Dictionary for integer-word translations. */ /* Dictionary for integer-word translations. Available in appendix D
static char Wp[2048][4] = { of rfc2289. */
static char Wp[2048][4] = {
{ 'A', '\0', '\0', '\0' }, { 'A', '\0', '\0', '\0' },
{ 'A', 'B', 'E', '\0' }, { 'A', 'B', 'E', '\0' },
{ 'A', 'C', 'E', '\0' }, { 'A', 'C', 'E', '\0' },
@ -2093,99 +2095,137 @@ static char Wp[2048][4] = {
}; };
/* Extract LENGTH bits from the char array S starting with bit number /* Extract LENGTH bits from the char array S starting with bit number
START. */ START. It always reads three consecutive octects, which means it
static unsigned long can read past end of data when START is at the edge of the region. */
extract (const char *s, int start, int length)
static uint32_t
extract (const unsigned char *s, int start, int length)
{ {
unsigned char cl = s[start / 8]; unsigned char cl = s[start / 8];
unsigned char cc = s[start / 8 + 1]; unsigned char cc = s[start / 8 + 1];
unsigned char cr = s[start / 8 + 2]; unsigned char cr = s[start / 8 + 2];
unsigned long x = ((long)(cl << 8 | cc) << 8 | cr); uint32_t x;
x = (uint32_t)(cl << 8 | cc) << 8 | cr;
x = x >> (24 - (length + (start % 8))); x >>= 24 - (length + (start % 8));
x = (x & (0xffff >> (16 - length))); x &= (0xffff >> (16 - length));
return x; return x;
} }
#define STRLEN4(s) (!*(s) ? 0 : \ /* Length of a string known to be at least 1 and at most 4 chars
(!*(s + 1) ? 1 : \ long. */
(!*(s + 2) ? 2 : \
(!*(s + 3) ? 3 : 4)))) #define STRLEN_1_4(s) (!(s)[1] ? 1 : !(s)[2] ? 2 : !(s)[3] ? 3 : 4)
/* Encode 8 bytes in C as a string of English words and store them to /* Encode 8 bytes in C as a string of English words and store them to
STORE. Returns STORE. */ STORE. Returns STORE. */
static char * static char *
btoe (char *store, const char *c) btoe (char *store, const unsigned char *c)
{ {
char cp[10]; /* add in room for the parity 2 bits + unsigned char cp[10]; /* add in room for the parity 2 bits +
extract() slop. */ extract() slop. */
int p, i; int p, i;
char *ostore = store; char *store_beg = store;
*store = '\0'; *store = '\0';
/* Workaround for extract() reads beyond end of data */ /* Workaround for extract() reads beyond end of data */
xzero (cp); xzero (cp);
memcpy (cp, c, 8); memcpy (cp, c, 8);
/* Compute parity. */
/* Compute parity and append it to CP. */
for (p = 0, i = 0; i < 64; i += 2) for (p = 0, i = 0; i < 64; i += 2)
p += extract (cp, i, 2); p += extract (cp, i, 2);
cp[8] = (char)p << 6; cp[8] = (char)p << 6;
/* The 64 bits of input and the two parity bits comprise 66 bits of
data that are now in CP. We convert that information, 11 bits at
a time, to English words indexed from Wp. Since there are 2048
(2^11) words in Wp, every 11-bit combination corresponds to a
distinct word. */
memcpy (store, &Wp[extract (cp, 0, 11)][0], 4); memcpy (store, &Wp[extract (cp, 0, 11)][0], 4);
store += STRLEN4 (store); store += STRLEN_1_4 (store);
*store++ = ' '; *store++ = ' ';
memcpy (store, &Wp[extract (cp, 11, 11)][0], 4); memcpy (store, &Wp[extract (cp, 11, 11)][0], 4);
store += STRLEN4 (store); store += STRLEN_1_4 (store);
*store++ = ' '; *store++ = ' ';
memcpy (store, &Wp[extract (cp, 22, 11)][0], 4); memcpy (store, &Wp[extract (cp, 22, 11)][0], 4);
store += STRLEN4 (store); store += STRLEN_1_4 (store);
*store++ = ' '; *store++ = ' ';
memcpy (store, &Wp[extract (cp, 33, 11)][0], 4); memcpy (store, &Wp[extract (cp, 33, 11)][0], 4);
store += STRLEN4 (store); store += STRLEN_1_4 (store);
*store++ = ' '; *store++ = ' ';
memcpy (store, &Wp[extract (cp, 44, 11)][0], 4); memcpy (store, &Wp[extract (cp, 44, 11)][0], 4);
store += STRLEN4 (store); store += STRLEN_1_4 (store);
*store++ = ' '; *store++ = ' ';
memcpy (store, &Wp[extract (cp, 55, 11)][0], 4); memcpy (store, &Wp[extract (cp, 55, 11)][0], 4);
store[4] = '\0'; /* make sure the string is terminated */
store[4] = '\0'; /* make sure the string is zero-terminated */ DEBUGP (("wrote `%s' to STORE\n", store_beg));
return store_beg;
DEBUGP (("store is `%s'\n", ostore));
return ostore;
} }
/* #### Document me! */ /* Calculate the MD5 checksum of SRC in one step. The MD5 context
must be declared as md5_ctx. */
#define DO_MD5(src, len, dest) do { \
gen_md5_init (md5_ctx); \
gen_md5_update ((unsigned char *) (src), (len), md5_ctx); \
gen_md5_finish (md5_ctx, (unsigned char *) (dest)); \
} while (0)
/* Calculate the SKEY response, based on the sequence, seed
(challenge), and the secret password. The calculated response is
used instead of the real password when logging in to SKEY-enabled
servers.
The result is calculated like this:
+ Concatenate SEED and PASS and calculate the 16-byte MD5 checksum.
+ Shorten the checksum to eight bytes by folding the second eight
bytes onto the first eight using XOR. The resulting eight-byte
sequence is the key.
+ MD5-process the key, fold the checksum to eight bytes and store
it back to the key. Repeat this crunching SEQUENCE times.
(Sequence is a number that gets decremented every time the user
logs in to the server. Therefore an eavesdropper would have to
invert the hash function in order to guess the next one-time
password.)
+ Convert the resulting 64-bit key to 6 English words separated by
spaces (see btoe for details) and return the resulting ASCII
string.
All this is described in section 6 of rfc2289 in more detail. */
const char * const char *
calculate_skey_response (int sequence, const char *seed, const char *pass) skey_response (int sequence, const char *seed, const char *pass)
{ {
char key[8]; unsigned char key[8];
static char buf[33];
/* Room to hold 6 four-letter words (heh), 5 space separators, and
the terminating \0. 24+5+1 == 30 */
static char english[30];
ALLOCA_MD5_CONTEXT (md5_ctx);
uint32_t checksum[4];
ALLOCA_MD5_CONTEXT (ctx);
unsigned long results[4]; /* #### this looks 32-bit-minded */
char *feed = (char *) alloca (strlen (seed) + strlen (pass) + 1); char *feed = (char *) alloca (strlen (seed) + strlen (pass) + 1);
strcpy (feed, seed); strcpy (feed, seed);
strcat (feed, pass); strcat (feed, pass);
gen_md5_init (ctx); DO_MD5 (feed, strlen (feed), checksum);
gen_md5_update ((unsigned char *)feed, strlen (feed), ctx); checksum[0] ^= checksum[2];
gen_md5_finish (ctx, (unsigned char *)results); checksum[1] ^= checksum[3];
memcpy (key, checksum, 8);
results[0] ^= results[2]; while (sequence-- > 0)
results[1] ^= results[3];
memcpy (key, (char *) results, 8);
while (0 < sequence--)
{ {
gen_md5_init (ctx); DO_MD5 (key, 8, checksum);
gen_md5_update ((unsigned char *)key, 8, ctx); checksum[0] ^= checksum[2];
gen_md5_finish (ctx, (unsigned char *)results); checksum[1] ^= checksum[3];
results[0] ^= results[2]; memcpy (key, checksum, 8);
results[1] ^= results[3];
memcpy (key, (char *) results, 8);
} }
btoe (buf, key); return btoe (english, key);
return buf;
} }

4
src/ftp.h
View File

@ -65,6 +65,10 @@ uerr_t ftp_syst PARAMS ((struct rbuf *, enum stype *));
uerr_t ftp_pwd PARAMS ((struct rbuf *, char **)); uerr_t ftp_pwd PARAMS ((struct rbuf *, char **));
uerr_t ftp_size PARAMS ((struct rbuf *, const char *, long int *)); uerr_t ftp_size PARAMS ((struct rbuf *, const char *, long int *));
#ifdef USE_OPIE
const char *skey_response PARAMS ((int, const char *, const char *));
#endif
struct url; struct url;
/* File types. */ /* File types. */