/** Serializes a QName.
*/
int tnet_dns_rr_qname_serialize(const char* qname, tsk_buffer_t* output)
{
/*
QNAME a domain name represented as a sequence of labels, where
each label consists of a length octet followed by that
number of octets. The domain name terminates with the
zero length octet for the null label of the root. Note
that this field may be an odd number of octets; no
padding is used.
Example: "doubango.com" ==> 8doubango3comNULL
*/
static uint8_t null = 0;
if(qname){
char* _qname = tsk_strdup(qname);
char* label = strtok(_qname, ".");
while(label){
uint8_t length = tsk_strlen(label);
tsk_buffer_append(output, &length, 1);
tsk_buffer_append(output, label, tsk_strlen(label));
label = strtok (tsk_null, ".");
}
TSK_FREE(_qname);
}
/* terminates domain name */
tsk_buffer_append(output, &null, 1);
return 0;
}
/**@ingroup thttp_auth_group
*
* Generates WebSocket Accept key.
* @param [in] key The value of the key received from the client ("Sec-WebSocket-Key" header). Must be null-terminated.
* @param [in,out] response The response ("Sec-WebSocket-Value" header).
*
* @return The size of the response. Zero if error.
*/
tsk_size_t thttp_auth_ws_response(const char* key, thttp_auth_ws_keystring_t* response)
{
if (!key || !response){
TSK_DEBUG_ERROR("invalid parameter");
return 0;
}
else{
tsk_sha1string_t sha1result;
char* tmp = tsk_null;
long ret;
tsk_size_t size, i;
uint8_t result[21] = { 0 };
tsk_strcat_2(&tmp, "%s258EAFA5-E914-47DA-95CA-C5AB0DC85B11", key);
tsk_sha1compute(tmp, tsk_strlen(tmp), &sha1result);
size = tsk_strlen((char*)sha1result);
for (i = 0; i < size; i += 2){
if (sscanf((const char*)&sha1result[i], "%2x", (unsigned int*)&ret) != EOF){
;
result[i >> 1] = (char)ret;
}
}
TSK_FREE(tmp);
return tsk_base64_encode(result, (size >> 1), (char**)&response);
}
/**@ingroup tsip_challenge_group
*/
static tsk_object_t* tsip_challenge_ctor(tsk_object_t *self, va_list * app)
{
tsip_challenge_t *challenge = self;
if(challenge){
const char* qop;
challenge->stack = va_arg(*app, const tsip_stack_handle_t *);
challenge->isproxy = va_arg(*app, tsk_bool_t);
challenge->username = tsk_strdup(((const struct tsip_stack_s*)challenge->stack)->identity.impi);
challenge->scheme = tsk_strdup(va_arg(*app, const char*));
challenge->realm = tsk_strdup(va_arg(*app, const char*));
challenge->nonce = tsk_strdup(va_arg(*app, const char*));
challenge->opaque = tsk_strdup(va_arg(*app, const char*));
challenge->algorithm = tsk_strdup(va_arg(*app, const char*));
qop = va_arg(*app, const char*);
if(qop){
challenge->qop = tsk_strcontains(qop, tsk_strlen(qop), "auth-int") ? "auth-int" :
(tsk_strcontains(qop, tsk_strlen(qop), "auth") ? "auth" : tsk_null);
}
if(challenge->qop){
tsip_challenge_reset_cnonce(challenge);
}
}
else TSK_DEBUG_ERROR("Failed to create new sip challenge object.");
int tnet_transport_get_public_ip_n_port(const tnet_transport_handle_t *handle, tnet_fd_t fd, tnet_ip_t *ip, tnet_port_t *port)
{
tsk_bool_t stun_ok = tsk_false;
struct tnet_nat_ctx_s* natt_ctx;
const tnet_transport_t *transport = handle;
if(!transport){
TSK_DEBUG_ERROR("Invalid parameter");
return -1;
}
if (TNET_SOCKET_TYPE_IS_DGRAM(transport->type) && (natt_ctx = tsk_object_ref(transport->natt_ctx))) {
tnet_stun_binding_id_t bind_id = kStunBindingInvalidId;
// if the socket is already monitored by the transport we should pause because both the transport and
// NAT binder will try to read from it
// Pause the soket
tnet_transport_pause_socket(transport, fd, tsk_true);
// Performs STUN binding
bind_id = tnet_nat_stun_bind(transport->natt_ctx, fd);
// Resume the socket
tnet_transport_pause_socket(transport, fd, tsk_false);
if (bind_id != kStunBindingInvalidId) {
char* public_ip = tsk_null;
if(tnet_nat_stun_get_reflexive_address(transport->natt_ctx, bind_id, &public_ip, port) == 0){
if(ip && public_ip){
tsk_size_t ip_len = tsk_strlen(public_ip);
memcpy(ip, public_ip, ip_len> sizeof(*ip)?sizeof(*ip):ip_len);
}
stun_ok = tsk_true;
}
TSK_FREE(public_ip);
tnet_nat_stun_unbind(transport->natt_ctx, bind_id);
}
tsk_object_unref(natt_ctx);
}
if(!stun_ok){
if(fd == TNET_INVALID_FD && transport->local_ip){
memcpy(*ip, transport->local_ip, TSK_MIN(sizeof(tnet_ip_t), tsk_strlen(transport->local_ip)));
*port = transport->bind_local_port;
return 0;
}
else{
return tnet_transport_get_ip_n_port(handle, fd, ip, port);
}
}
return 0;
}
tsk_plugin_t* tsk_plugin_create(const char* path)
{
tsk_plugin_t* plugin;
symbol_get_def_count funcptr_get_def_count;
tsk_plugin_handle_t* handle;
#if TSK_UNDER_WINDOWS
# if TSK_UNDER_WINDOWS_RT
wchar_t* szPath = (wchar_t*)tsk_calloc(tsk_strlen(path) + 1, sizeof(wchar_t));
static const wchar_t* szFormat = L"%hs";
swprintf(szPath, tsk_strlen(path) * sizeof(wchar_t), szFormat, path);
handle = LoadPackagedLibrary(szPath, 0x00000000);
TSK_FREE(szPath);
# else /* Windows desktop */
UINT currErrMode = SetErrorMode(SEM_FAILCRITICALERRORS); // save current ErrorMode. GetErrorMode() not supported on XP.
SetErrorMode(currErrMode | SEM_FAILCRITICALERRORS);
handle = LoadLibraryA(path);
SetErrorMode(currErrMode); // restore ErrorMode
# endif
#else
handle = dlopen(path, RTLD_NOW);
#endif
if(!handle){
TSK_DEBUG_ERROR("Failed to load library with path=%s", path);
return tsk_null;
}
if(!(funcptr_get_def_count = (symbol_get_def_count)_tsk_plugin_handle_get_symbol(handle, TSK_PLUGIN_FUNC_NAME_DEF_COUNT))){
TSK_DEBUG_ERROR("Cannot find function with name=%s", TSK_PLUGIN_FUNC_NAME_DEF_COUNT);
_tsk_plugin_handle_destroy(&handle);
return tsk_null;
}
if(!(plugin = (tsk_plugin_t*)tsk_object_new(&tsk_plugin_def_s))){
TSK_DEBUG_ERROR("Failed to create plugin object");
_tsk_plugin_handle_destroy(&handle);
return tsk_null;
}
plugin->handle = handle;
plugin->def_count = funcptr_get_def_count();
plugin->path = tsk_strdup(path);
TSK_DEBUG_INFO("Plugin with path=[%s] created with [%d] defs", plugin->path, plugin->def_count);
return plugin;
}
tnet_ice_candidate_t* tnet_ice_candidate_create(tnet_ice_cand_type_t type_e, tnet_socket_t* socket, tsk_bool_t is_ice_jingle, tsk_bool_t is_rtp, tsk_bool_t is_video, const char* ufrag, const char* pwd, const char *foundation)
{
tnet_ice_candidate_t* candidate;
if(!(candidate = tsk_object_new(&tnet_ice_candidate_def_s))){
TSK_DEBUG_ERROR("Failed to create candidate");
return tsk_null;
}
candidate->type_e = type_e;
candidate->socket = tsk_object_ref(socket);
candidate->local_pref = 0xFFFF;
candidate->is_ice_jingle = is_ice_jingle;
candidate->is_rtp = is_rtp;
candidate->is_video = is_video;
candidate->comp_id = is_rtp ? TNET_ICE_CANDIDATE_COMPID_RTP : TNET_ICE_CANDIDATE_COMPID_RTCP;
if(foundation){
memcpy(candidate->foundation, foundation, TSK_MIN(tsk_strlen(foundation), TNET_ICE_CANDIDATE_FOUND_SIZE_PREF));
}
else{
tnet_ice_utils_compute_foundation((char*)candidate->foundation, TSK_MIN(sizeof(candidate->foundation), TNET_ICE_CANDIDATE_FOUND_SIZE_PREF));
}
candidate->priority = tnet_ice_utils_get_priority(candidate->type_e, candidate->local_pref, candidate->is_rtp);
if(candidate->socket){
memcpy(candidate->connection_addr, candidate->socket->ip, sizeof(candidate->socket->ip));
candidate->port = candidate->socket->port;
candidate->transport_e = socket->type;
}
tnet_ice_candidate_set_credential(candidate, ufrag, pwd);
return candidate;
}
/**@ingroup tsk_buffer_group
* Appends new data to the buffer.
* @param self The buffer to append to. The buffer should be created using @ref tsk_buffer_create or @ref tsk_buffer_create_null.
* @param format A string with embedded tag to be substituted.
* @param ... List of parameters.
* @retval Zero if succeed and non-zero error code otherwise.
* @sa @ref tsk_buffer_append.
*
* @code
* tsk_buffer_t* buffer = tsk_buffer_create_null();
* tsk_buffer_append_2(buffer, "str1=%s, c1=%c and val1=%x", "str1", 'c', 0x2554);
* printf(TSK_BUFFER_TO_STRING(buffer));
* TSK_OBJECT_SAFE_FREE(buffer);
* @endcode
*/
int tsk_buffer_append_2(tsk_buffer_t* self, const char* format, ...)
{
/*
* I suppose that sizeof(char) = 1-byte
*/
int len = 0;
va_list ap;
char *buffer;
tsk_size_t oldsize;
va_list ap2;
if(!self){
return -1;
}
oldsize = self->size;
buffer = (char*)TSK_BUFFER_DATA(self);
/* initialize variable arguments (needed for 64bit platforms where vsnprintf will change the va_list) */
va_start(ap, format);
va_start(ap2, format);
/* compute destination len for windows mobile
*/
#if defined(_WIN32_WCE)
{
int n;
len = (tsk_strlen(format)*2);
buffer = (char*)tsk_realloc(buffer, (oldsize+len));
for(;;){
if( (n = vsnprintf((char*)(buffer + oldsize), len, format, ap)) >= 0 && (n<=len) ){
len = n;
break;
}
else{
len += 10;
buffer = (char*)tsk_realloc(buffer, (oldsize+len));
}
}
}
#else
len = vsnprintf(tsk_null, 0, format, ap);
buffer = (char*)tsk_realloc(buffer, oldsize+len+1);
vsnprintf((buffer + oldsize), len
#if !defined(_MSC_VER) || defined(__GNUC__)
+1
#endif
, format, ap2);
#endif
/* reset variable arguments */
va_end(ap);
va_end(ap2);
self->data = buffer;
self->size = (oldsize+len);
return 0;
}
trtp_srtp_set_crypto(struct trtp_manager_s* rtp_mgr, const char* crypto_line, int32_t idx)
{
//e.g. 2 F8_128_HMAC_SHA1_80 inline:MTIzNDU2Nzg5QUJDREUwMTIzNDU2Nzg5QUJjZGVm|2^20|1:4;inline:QUJjZGVmMTIzNDU2Nzg5QUJDREUwMTIzNDU2Nzg5|2^20|2:4"
trtp_srtp_ctx_xt* srtp_ctx;
int ret;
uint8_t *key_bin;
err_status_t srtp_err;
int32_t tag, crypto_type;
char key_str[SRTP_MAX_KEY_LEN + 1];
memset(key_str, 0, sizeof(key_str));
if((ret = trtp_srtp_match_line(crypto_line, &tag, &crypto_type, key_str, sizeof(key_str) - 1))){
return ret;
}
srtp_ctx = &rtp_mgr->srtp_contexts[idx][crypto_type];
ret = trtp_srtp_ctx_deinit(srtp_ctx);
srtp_ctx->tag = tag;
srtp_ctx->crypto_type = (trtp_srtp_crypto_type_t)crypto_type;
memcpy(srtp_ctx->key_str, key_str, sizeof(srtp_ctx->key_str));
switch(srtp_ctx->crypto_type){
case HMAC_SHA1_80:
{
crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtp);
crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtcp);
if(idx == TRTP_SRTP_LINE_IDX_REMOTE){
trtp_srtp_ctx_deinit(&rtp_mgr->srtp_contexts[TRTP_SRTP_LINE_IDX_LOCAL][HMAC_SHA1_32]);
rtp_mgr->srtp_contexts[TRTP_SRTP_LINE_IDX_LOCAL][HMAC_SHA1_80].tag = srtp_ctx->tag;
}
break;
}
case HMAC_SHA1_32:
{
crypto_policy_set_aes_cm_128_hmac_sha1_32(&srtp_ctx->policy.rtp);
crypto_policy_set_aes_cm_128_hmac_sha1_80(&srtp_ctx->policy.rtcp); // RTCP always 80
if(idx == TRTP_SRTP_LINE_IDX_REMOTE){
trtp_srtp_ctx_deinit(&rtp_mgr->srtp_contexts[TRTP_SRTP_LINE_IDX_LOCAL][HMAC_SHA1_80]);
rtp_mgr->srtp_contexts[TRTP_SRTP_LINE_IDX_LOCAL][HMAC_SHA1_32].tag = srtp_ctx->tag;
}
break;
}
}
key_bin = (unsigned char*)srtp_ctx->key_bin;
tsk_base64_decode((const uint8_t*)srtp_ctx->key_str, tsk_strlen(srtp_ctx->key_str), (char**)&key_bin);
srtp_ctx->policy.key = key_bin;
srtp_ctx->policy.ssrc.type = idx == TRTP_SRTP_LINE_IDX_REMOTE ? ssrc_any_inbound : ssrc_any_outbound;
if((srtp_err = srtp_create(&srtp_ctx->session, &srtp_ctx->policy)) != err_status_ok){
TSK_DEBUG_ERROR("srtp_create() failed: %d", srtp_err);
return -3;
}
srtp_ctx->initialized = tsk_true;
return 0;
}
int tsip_challenge_set_cred(tsip_challenge_t *self, const char* username, const char* ha1_hexstr)
{
if(!self || tsk_strlen(ha1_hexstr) != (TSK_MD5_DIGEST_SIZE << 1)){
TSK_DEBUG_ERROR("Invalid parameter");
return -1;
}
tsk_strupdate(&self->username, username);
tsk_strupdate(&self->ha1_hexstr, ha1_hexstr);
return 0;
}
/**@ingroup tsk_string_group
* Removes quotes from the beginning and end of @a str. The string must starts with @a lquote
* and end with @a rquote.
* @param str The string to unquote.
* @param lquote Quote to remove from the begining of @a str.
* @param rquote Quote to remove from the end of @a str.
*/
void tsk_strunquote_2(char **str, char lquote, char rquote)
{
if(str && *str){
tsk_size_t size = tsk_strlen(*str);
if(size>=2 && **str == lquote && *((*str)+size-1) == rquote){
strcpy((*str), (*str)+1);
*((*str)+size-2) = '\0';
}
}
}
/**@ingroup tsk_string_group
* Removes all occurrences of white space characters from the end of @a str.
* @param str The string to trim.
*/
void tsk_strtrim_right(char **str)
{
if(str && *str){
tsk_size_t size;
if((size = tsk_strlen(*str))){
while(isspace(*((*str)+size-1))) size--;
*(*str + size) = '\0';
}
}
}
/**@ingroup tsk_string_group
*/
void tsk_strncat(char** destination, const char* source, tsk_size_t n)
{
tsk_size_t index = 0;
tsk_size_t tsk_size_to_cat = (n > tsk_strlen(source)) ? tsk_strlen(source) : n;
if(!source || !n){
return;
}
if(!*destination){
*destination = (char*)tsk_malloc(tsk_size_to_cat+1);
strncpy(*destination, source, tsk_size_to_cat+1);
}else{
index = tsk_strlen(*destination);
*destination = tsk_realloc(*destination, index + tsk_size_to_cat+1);
strncpy(((*destination)+index), source, tsk_size_to_cat+1);
}
(*destination)[index + tsk_size_to_cat] = '\0';
}
int tnet_ice_candidate_set_rflx_addr(tnet_ice_candidate_t* self, const char* addr, tnet_port_t port)
{
if(!self || !addr || !port){
TSK_DEBUG_ERROR("Invalid argument");
return -1;
}
memset(self->connection_addr, 0, sizeof(self->connection_addr));
memcpy(self->connection_addr, addr, TSK_MIN(tsk_strlen(addr), sizeof(self->connection_addr)));
self->port = port;
return 0;
}
int trtp_srtp_match_line(const char* crypto_line, int32_t* tag, int32_t* crypto_type, char* key, tsk_size_t key_size)
{
char* v = strtok((char*)crypto_line, " :|;");
int32_t k = 0;
while(v){
switch(k){
case 0:
{
if(tag){
*tag = atoi(v);
}
break;
}
case 1:
{
if(tsk_striequals(v, TRTP_SRTP_AES_CM_128_HMAC_SHA1_80)){
if(crypto_type){
*crypto_type = HMAC_SHA1_80;
}
}
else if(tsk_striequals(v, TRTP_SRTP_AES_CM_128_HMAC_SHA1_32)){
if(crypto_type){
*crypto_type = HMAC_SHA1_32;
}
}
else {
return -0xFF;
}
break;
}
case 2:
{
if(!tsk_striequals(v, "inline")){
return -0xFF;
}
break;
}
case 3:
{
if(key && key_size){
memset(key, 0, key_size);
memcpy(key, v, TSK_MIN(key_size, tsk_strlen(v)));
}
return 0;
}
}
++k;
v = strtok(tsk_null, " :|;");
}
return -0xF0;
}
int tsip_challenge_update(tsip_challenge_t *self, const char* scheme, const char* realm, const char* nonce, const char* opaque, const char* algorithm, const char* qop)
{
if(self){
int noncechanged = !tsk_striequals(self->nonce, nonce);
tsk_strupdate(&self->scheme, scheme);
tsk_strupdate(&self->realm, realm);
tsk_strupdate(&self->nonce, nonce);
tsk_strupdate(&self->opaque, opaque);
tsk_strupdate(&self->algorithm, algorithm);
if(qop){
self->qop = tsk_strcontains(qop, tsk_strlen(qop), "auth-int") ? "auth-int" :
(tsk_strcontains(qop, tsk_strlen(qop), "auth") ? "auth" : tsk_null);
}
if(noncechanged && self->qop){
tsip_challenge_reset_cnonce(self);
}
return 0;
}
return -1;
}
/**@ingroup thttp_auth_group
* Generates digest HA1 value as per RFC 2617 subclause 3.2.2.2.
*
*
* @param [in,out] username The user's name (unquoted) in the specified @a realm.
* @param [in,out] realm The realm. (unquoted)
* @param [in,out] password The user's password.
* @param [in,out] ha1 A pointer to the result.
*
* @return Zero if succeed and non-zero error code otherwise.
**/
int thttp_auth_digest_HA1(const char* username, const char* realm, const char* password, tsk_md5string_t* ha1)
{
int ret;
/* RFC 2617 - 3.2.2.2 A1
A1 = unq(username-value) ":" unq(realm-value) ":" passwd
*/
char *a1 = tsk_null;
tsk_sprintf(&a1, "%s:%s:%s", username, realm, password);
ret = tsk_md5compute(a1, tsk_strlen(a1), ha1);
TSK_FREE(a1);
return ret;
}
thttp_challenge_t* thttp_challenge_create(tsk_bool_t isproxy, const char* scheme, const char* realm, const char* nonce, const char* opaque, const char* algorithm, const char* qop)
{
thttp_challenge_t* challenge = tsk_object_new(thttp_challenge_def_t);
if (challenge) {
challenge->isproxy = isproxy;
challenge->scheme = tsk_strdup(scheme);
challenge->realm = tsk_strdup(realm);
challenge->nonce = tsk_strdup(nonce);
challenge->opaque = tsk_strdup(opaque);
challenge->algorithm = tsk_strdup(algorithm);
if (!tsk_strnullORempty(qop)) {
challenge->qop = tsk_strcontains(qop, tsk_strlen(qop), "auth-int") ? "auth-int" :
(tsk_strcontains(qop, tsk_strlen(qop), "auth") ? "auth" : tsk_null);
}
if (challenge->qop) {
_thttp_challenge_reset_cnonce(challenge);
}
}
return challenge;
}
/**@ingroup thttp_challenge_group
*/
static tsk_object_t* thttp_challenge_ctor(tsk_object_t *self, va_list * app)
{
thttp_challenge_t *challenge = self;
if (challenge){
const char* qop;
challenge->isproxy = va_arg(*app, tsk_bool_t);
challenge->scheme = tsk_strdup(va_arg(*app, const char*));
challenge->realm = tsk_strdup(va_arg(*app, const char*));
challenge->nonce = tsk_strdup(va_arg(*app, const char*));
challenge->opaque = tsk_strdup(va_arg(*app, const char*));
challenge->algorithm = tsk_strdup(va_arg(*app, const char*));
qop = va_arg(*app, const char*);
if (qop){
challenge->qop = tsk_strcontains(qop, tsk_strlen(qop), "auth-int") ? "auth-int" :
(tsk_strcontains(qop, tsk_strlen(qop), "auth") ? "auth" : tsk_null);
}
if (challenge->qop){
thttp_challenge_reset_cnonce(challenge);
}
}
else TSK_DEBUG_ERROR("Failed to create new http challenge object.");
/** Duplicates the first @a n chars of @a s1.
* @param s1 The string to duplicate.
* @param n The number of characters to copy to the new string.
* @retval null A copy of @a s1.
**/
char* tsk_strndup(const char *s1, tsk_size_t n)
{
char *ret = tsk_null;
if(s1 && n){
tsk_size_t len = tsk_strlen(s1);
tsk_size_t nret = (n > len) ? (len) : (n);
if((ret = tsk_calloc((nret+1), sizeof(uint8_t)))){
memcpy(ret, s1, nret);
}
}
return ret;
}
static void send_bodiless(tdav_session_msrp_t *msrp){
tmsrp_request_t* BODILESS;
if(msrp->config->To_Path && msrp->config->From_Path){
if((BODILESS = tmsrp_create_bodiless(msrp->config->To_Path->uri, msrp->config->From_Path->uri))){
char* str;
if((str = tmsrp_message_tostring(BODILESS))){
if(!tnet_sockfd_send(msrp->connectedFD, str, tsk_strlen(str), 0)){
TSK_DEBUG_WARN("Failed to send bodiless request.");
}
TSK_FREE(str);
}
TSK_OBJECT_SAFE_FREE(BODILESS);
}
}
}
/**@ingroup tsk_string_group
*/
int tsk_sprintf_2(char** str, const char* format, va_list* ap)
{
int len = 0;
va_list ap2;
/* free previous value */
if(*str){
tsk_free((void**)str);
}
/* needed for 64bit platforms where vsnprintf will change the va_list */
tsk_va_copy(ap2, *ap);
/* compute destination len for windows mobile
*/
#if defined(_WIN32_WCE)
{
int n;
len = (tsk_strlen(format)*2);
*str = (char*)tsk_calloc(1, len+1);
for(;;){
if( (n = vsnprintf(*str, len, format, *ap)) >= 0 && (n<len) ){
len = n;
goto done;
}
else{
len += 10;
*str = tsk_realloc(*str, len+1);
}
}
done:
(*str)[len] = '\0';
}
#else
len = vsnprintf(0, 0, format, *ap);
*str = (char*)tsk_calloc(1, len+1);
vsnprintf(*str, len
#if !defined(_MSC_VER) || defined(__GNUC__)
+1
#endif
, format, ap2);
#endif
va_end(ap2);
return len;
}
/**@ingroup tsk_url_group
* Encode an url.
* @param url The url to encode
* @retval The encoded url. It is up to you to free the returned string.
*
* @sa tsk_url_decode
*
*/
char* tsk_url_encode(const char* url) {
char *purl = (char*)url, *buf = tsk_malloc(tsk_strlen(url) * 3 + 1), *pbuf = buf;
while (*purl) {
if (isalnum(*purl) || *purl == '-' || *purl == '_' || *purl == '.' || *purl == '~'){
*pbuf++ = *purl;
}
else if (*purl == ' '){
*pbuf++ = '+';
}
else{
*pbuf++ = '%', *pbuf++ = tsk_b10tob16(*purl >> 4), *pbuf++ = tsk_b10tob16(*purl & 15);
}
purl++;
}
*pbuf = '\0';
return buf;
}
static int _thttp_challenge_reset_cnonce(thttp_challenge_t *self)
{
if (self) {
if (self->qop) { /* client nonce is only used if qop=auth, auth-int or both */
#if 0
memcpy(self->cnonce, "f221681c1e42fb5f8f9957bf7e72eb2b", 32);
#else
tsk_istr_t istr;
tsk_strrandom(&istr);
tsk_md5compute(istr, tsk_strlen(istr), &self->cnonce);
#endif
self->nc = 1;
}
}
return -1;
}
/**@ingroup thttp_auth_group
*
* Generates digest HA1 value for 'MD5-sess' algo as per RFC 2617 subclause 3.2.2.2.
*
*
* @param [in,out] username The user's name (unquoted) in the specified @a realm.
* @param [in,out] realm The realm (unquoted).
* @param [in,out] password The user's password.
* @param [in,out] nonce The nonce (unquoted).
* @param [in,out] cnonce The client nonce (unquoted).
* @param [in,out] ha1sess A pointer to the result.
*
* @return Zero if succeed and non-zero error code otherwise.
**/
int thttp_auth_digest_HA1sess(const char* username, const char* realm, const char* password, const char* nonce, const char* cnonce, tsk_md5string_t* ha1sess)
{
int ret;
/* RFC 2617 - 3.2.2.2 A1
A1 = H( unq(username-value) ":" unq(realm-value)
":" passwd )
":" unq(nonce-value) ":" unq(cnonce-value)
*/
char *a1sess = tsk_null;
tsk_sprintf(&a1sess, "%s:%s:%s:%s:%s", username, realm, password, nonce, cnonce);
ret = tsk_md5compute(a1sess, tsk_strlen(a1sess), ha1sess);
TSK_FREE(a1sess);
return ret;
}
int tsip_challenge_reset_cnonce(tsip_challenge_t *self)
{
if(self) {
if(self->qop) { /* client nonce is only used if qop=auth, auth-int or both */
#if 0
memcpy(self->cnonce, "ecb1d3f6931803ce7ae68099cb946594", 32);
#else
tsk_istr_t istr;
tsk_strrandom(&istr);
tsk_md5compute(istr, tsk_strlen(istr), &self->cnonce);
#endif
self->nc = 1;
}
}
return -1;
}
/**@ingroup thttp_auth_group
*
* Generates HTTP-basic response as per RFC 2617.
*
* @param [in,out] userid The user-id.
* @param [in,out] password The user-password.
* @param [in,out] response A pointer to the response. It will be up to the caller to free the newly allocated buffer.
*
* @return The size of the response.
**/
tsk_size_t thttp_auth_basic_response(const char* userid, const char* password, char** response)
{
tsk_size_t ret;
/* RFC 2617 - 2 Basic Authentication Scheme
To receive authorization, the client sends the userid and password,
separated by a single colon (":") character, within a base64 [7]
encoded string in the credentials.
*/
char *res = 0;
tsk_sprintf(&res, "%s:%s", userid, password);
ret = tsk_base64_encode((const uint8_t*)res, tsk_strlen(res), response);
TSK_FREE(res);
return ret;
}
/**@ingroup tsk_url_group
* Decode an url.
* @param url The url to encode
* @retval The decoded url. It is up to you to free the returned string.
*
* @sa tsk_url_encode
*/
char* tsk_url_decode(const char* url) {
char *purl = (char*)url, *buf = tsk_malloc(tsk_strlen(url) + 1), *pbuf = buf;
while (*purl) {
if (*purl == '%') {
if (purl[1] && purl[2]) {
*pbuf++ = tsk_b16tob10(purl[1]) << 4 | tsk_b16tob10(purl[2]);
purl += 2;
}
} else if (*purl == '+') {
*pbuf++ = ' ';
} else {
*pbuf++ = *purl;
}
purl++;
}
*pbuf = '\0';
return buf;
}
/**@ingroup thttp_auth_group
* Generates digest HA2 value as per RFC 2617 subclause 3.2.2.3.
*
*
* @param [in,out] method The HTTP/SIP method name.
* @param [in,out] url The HTTP URL or SIP URI of the request.
* @param [in,out] entity_body The entity body.
* @param [in,out] qop The Quality Of Protection.
* @param [in,out] ha2 A pointer to the response.
*
* @return Zero if succeed and non-zero error code otherwise.
**/
int thttp_auth_digest_HA2(const char* method, const char* url, const tsk_buffer_t* entity_body, const char* qop, tsk_md5string_t* ha2)
{
int ret;
/* RFC 2617 - 3.2.2.3 A2
If the "qop" directive's value is "auth" or is unspecified, then A2
is:
A2 = Method ":" digest-url-value
If the "qop" value is "auth-int", then A2 is:
A2 = Method ":" digest-url-value ":" H(entity-body)
*/
char *a2 = tsk_null;
if (!qop || tsk_strempty(qop) || tsk_striequals(qop, "auth")){
tsk_sprintf(&a2, "%s:%s", method, url);
}
else if (tsk_striequals(qop, "auth-int"))
{
if (entity_body && entity_body->data){
tsk_md5string_t hEntity;
if ((ret = tsk_md5compute(entity_body->data, entity_body->size, &hEntity))){
goto bail;
}
tsk_sprintf(&a2, "%s:%s:%s", method, url, hEntity);
}
else{
tsk_sprintf(&a2, "%s:%s:%s", method, url, TSK_MD5_EMPTY);
}
}
ret = tsk_md5compute(a2, tsk_strlen(a2), ha2);
bail:
TSK_FREE(a2);
return ret;
}
/**@ingroup thttp_auth_group
*
* Generates HTTP digest response as per RFC 2617 subclause 3.2.2.1.
*
* @param [in,out] ha1 HA1 string generated using @ref thttp_auth_digest_HA1 or @ref thttp_auth_digest_HA1sess.
* @param [in,out] nonce The nonce value.
* @param [in,out] noncecount The nonce count.
* @param [in,out] cnonce The client nounce (unquoted).
* @param [in,out] qop The Quality Of Protection (unquoted).
* @param [in,out] ha2 HA2 string generated using @ref thttp_auth_digest_HA2.
* @param [in,out] response A pointer to the response.
*
* @return Zero if succeed and non-zero error code otherwise.
**/
int thttp_auth_digest_response(const tsk_md5string_t *ha1, const char* nonce, const nonce_count_t noncecount, const char* cnonce,
const char* qop, const tsk_md5string_t* ha2, tsk_md5string_t* response)
{
int ret;
/* RFC 2617 3.2.2.1 Request-Digest
============ CASE 1 ============
If the "qop" value is "auth" or "auth-int":
request-digest = <"> < KD ( H(A1), unq(nonce-value)
":" nc-value
":" unq(cnonce-value)
":" unq(qop-value)
":" H(A2)
) <">
============ CASE 2 ============
If the "qop" directive is not present (this construction is for
compatibility with RFC 2069):
request-digest =
<"> < KD ( H(A1), unq(nonce-value) ":" H(A2) ) >
<">
*/
char *res = tsk_null;
if (tsk_striequals(qop, "auth") || tsk_striequals(qop, "auth-int")){
/* CASE 1 */
tsk_sprintf(&res, "%s:%s:%s:%s:%s:%s", *ha1, nonce, noncecount, cnonce, qop, *ha2);
}
else{
/* CASE 2 */
tsk_sprintf(&res, "%s:%s:%s", *ha1, nonce, *ha2);
}
ret = tsk_md5compute(res, tsk_strlen(res), response);
TSK_FREE(res);
return ret;
}
/**@ingroup tsk_string_group
*/
int tsk_strLastIndexOf(const char * str, tsk_size_t size, const char * substring)
{
if(str && substring){
tsk_size_t sub_size = tsk_strlen(substring);
const char* last_sub_start = tsk_null;
const char* sub_start = strstr(str, substring);
const char* end = (str + size);
while(sub_start && (sub_start < end)){
last_sub_start = sub_start;
if((sub_start + sub_size)<end){
sub_start = strstr((sub_start + sub_size), substring);
}
else{
break;
}
}
if(last_sub_start){
return (last_sub_start - str);
}
}
return -1;
}
