util/sasl.lua

   1 -- sasl.lua v0.1
   2 -- Copyright (C) 2008 Tobias Markmann
   3 --
   4 --    All rights reserved.
   5 --
   6 --    Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
   7 --
   8 --        * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
   9 --        * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
  10 --        * Neither the name of Tobias Markmann nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
  11 --
  12 --    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  13
  14
  15 local md5 = require "util.hashes".md5;
  16 local log = require "util.logger".init("sasl");
  17 local tostring = tostring;
  18 local st = require "util.stanza";
  19 local generate_uuid = require "util.uuid".generate;
  20 local t_insert, t_concat = table.insert, table.concat;
  21 local to_byte, to_char = string.byte, string.char;
  22 local s_match = string.match;
  23 local gmatch = string.gmatch
  24 local string = string
  25 local math = require "math"
  26 local type = type
  27 local error = error
  28 local print = print
  29 local idna_ascii = require "util.encodings".idna.to_ascii
  30 local idna_unicode = require "util.encodings".idna.to_unicode
  31
  32 module "sasl"
  33
  34 local function new_plain(realm, password_handler)
  35         local object = { mechanism = "PLAIN", realm = realm, password_handler = password_handler}
  36         function object.feed(self, message)
  37
  38                 if message == "" or message == nil then return "failure", "malformed-request" end
  39                 local response = message
  40                 local authorization = s_match(response, "([^&%z]+)")
  41                 local authentication = s_match(response, "%z([^&%z]+)%z")
  42                 local password = s_match(response, "%z[^&%z]+%z([^&%z]+)")
  43
  44                 if authentication == nil or password == nil then return "failure", "malformed-request" end
  45
  46                 local password_encoding, correct_password = self.password_handler(authentication, self.realm, "PLAIN")
  47
  48                 if correct_password == nil then return "failure", "not-authorized"
  49                 elseif correct_password == false then return "failure", "account-disabled" end
  50
  51                 local claimed_password = ""
  52                 if password_encoding == nil then claimed_password = password
  53                 else claimed_password = password_encoding(password) end
  54
  55                 self.username = authentication
  56                 if claimed_password == correct_password then
  57                         return "success"
  58                 else
  59                         return "failure", "not-authorized"
  60                 end
  61         end
  62         return object
  63 end
  64
  65 local function new_digest_md5(realm, password_handler)
  66         --TODO maybe support for authzid
  67
  68         local function serialize(message)
  69                 local data = ""
  70
  71                 if type(message) ~= "table" then error("serialize needs an argument of type table.") end
  72
  73                 -- testing all possible values
  74                 if message["nonce"] then data = data..[[nonce="]]..message.nonce..[[",]] end
  75                 if message["qop"] then data = data..[[qop="]]..message.qop..[[",]] end
  76                 if message["charset"] then data = data..[[charset=]]..message.charset.."," end
  77                 if message["algorithm"] then data = data..[[algorithm=]]..message.algorithm.."," end
  78                 if message["realm"] then data = data..[[realm="]]..message.realm..[[",]] end
  79                 if message["rspauth"] then data = data..[[rspauth=]]..message.rspauth.."," end
  80                 data = data:gsub(",$", "")
  81                 return data
  82         end
  83
  84         local function utf8tolatin1ifpossible(passwd)
  85                 local i = 1;
  86                 while i <= #passwd do
  87                         local passwd_i = to_byte(passwd:sub(i, i));
  88                         if passwd_i > 0x7F then
  89                                 if passwd_i < 0xC0 or passwd_i > 0xC3 then
  90                                         return passwd;
  91                                 end
  92                                 i = i + 1;
  93                                 passwd_i = to_byte(passwd:sub(i, i));
  94                                 if passwd_i < 0x80 or passwd_i > 0xBF then
  95                                         return passwd;
  96                                 end
  97                         end
  98                         i = i + 1;
  99                 end
 100
 101                 local p = {};
 102                 local j = 0;
 103                 i = 1;
 104                 while (i <= #passwd) do
 105                         local passwd_i = to_byte(passwd:sub(i, i));
 106                         if passwd_i > 0x7F then
 107                                 i = i + 1;
 108                                 local passwd_i_1 = to_byte(passwd:sub(i, i));
 109                                 t_insert(p, to_char(passwd_i%4*64 + passwd_i_1%64)); -- I'm so clever
 110                         else
 111                                 t_insert(p, to_char(passwd_i));
 112                         end
 113                         i = i + 1;
 114                 end
 115                 return t_concat(p);
 116         end
 117         local function latin1toutf8(str)
 118                 local p = {};
 119                 for ch in gmatch(str, ".") do
 120                         ch = to_byte(ch);
 121                         if (ch < 0x80) then
 122                                 t_insert(p, to_char(ch));
 123                         elseif (ch < 0xC0) then
 124                                 t_insert(p, to_char(0xC2, ch));
 125                         else
 126                                 t_insert(p, to_char(0xC3, ch - 64));
 127                         end
 128                 end
 129                 return t_concat(p);
 130         end
 131         local function parse(data)
 132                 message = {}
 133                 for k, v in gmatch(data, [[([%w%-]+)="?([^",]*)"?,?]]) do -- FIXME The hacky regex makes me shudder
 134                         message[k] = v
 135                 end
 136                 return message
 137         end
 138
 139         local object = { mechanism = "DIGEST-MD5", realm = realm, password_handler = password_handler}
 140
 141         --TODO: something better than math.random would be nice, maybe OpenSSL's random number generator
 142         object.nonce = generate_uuid()
 143         object.step = 0
 144         object.nonce_count = {}
 145
 146         function object.feed(self, message)
 147                 self.step = self.step + 1
 148                 if (self.step == 1) then
 149                         local challenge = serialize({   nonce = object.nonce,
 150                                                                                         qop = "auth",
 151                                                                                         charset = "utf-8",
 152                                                                                         algorithm = "md5-sess",
 153                                                                                         realm = self.realm});
 154                         return "challenge", challenge
 155                 elseif (self.step == 2) then
 156                         local response = parse(message)
 157                         -- check for replay attack
 158                         if response["nc"] then
 159                                 if self.nonce_count[response["nc"]] then return "failure", "not-authorized" end
 160                         end
 161
 162                         -- check for username, it's REQUIRED by RFC 2831
 163                         if not response["username"] then
 164                                 return "failure", "malformed-request"
 165                         end
 166                         self["username"] = response["username"]
 167
 168                         -- check for nonce, ...
 169                         if not response["nonce"] then
 170                                 return "failure", "malformed-request"
 171                         else
 172                                 -- check if it's the right nonce
 173                                 if response["nonce"] ~= tostring(self.nonce) then return "failure", "malformed-request" end
 174                         end
 175
 176                         if not response["cnonce"] then return "failure", "malformed-request", "Missing entry for cnonce in SASL message." end
 177                         if not response["qop"] then response["qop"] = "auth" end
 178
 179                         if response["realm"] == nil then response["realm"] = "" end
 180                         local raw_realm = response["realm"];
 181
 182                         if response["charset"] == nil then
 183                                 response["username"] = latin1toutf8(response["username"])
 184                                 response["realm"] = utf8tolatin1ifpossible(response["realm"])
 185                         elseif response["charset"] ~= "utf-8" then
 186                                 return "failure", "incorrect-encoding", "The client's response uses "..response["charset"].." for encoding with isn't supported by sasl.lua. Supported encodings are latin or utf-8."
 187                         end
 188
 189                         local domain = ""
 190                         local protocol = ""
 191                         if response["digest-uri"] then
 192                                 protocol, domain = response["digest-uri"]:match("(%w+)/(.*)$")
 193                                 if protocol == nil or domain == nil then return "failure", "malformed-request" end
 194                         else
 195                                 return "failure", "malformed-request", "Missing entry for digest-uri in SASL message."
 196                         end
 197
 198                         --TODO maybe realm support
 199                         self.username = response["username"]
 200                         local password_encoding, Y = self.password_handler(response["username"], response["realm"], "DIGEST-MD5", raw_realm)
 201                         if Y == nil then return "failure", "not-authorized"
 202                         elseif Y == false then return "failure", "account-disabled" end
 203
 204                         local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid
 205                         local A2 = "AUTHENTICATE:"..protocol.."/"..idna_ascii(domain)
 206
 207                         local HA1 = md5(A1, true)
 208                         local HA2 = md5(A2, true)
 209
 210                         local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2
 211                         local response_value = md5(KD, true)
 212
 213                         if response_value == response["response"] then
 214                                 -- calculate rspauth
 215                                 A2 = ":"..protocol.."/"..idna_ascii(domain)
 216
 217                                 HA1 = md5(A1, true)
 218                                 HA2 = md5(A2, true)
 219
 220                                 KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2
 221                                 local rspauth = md5(KD, true)
 222                                 self.authenticated = true
 223                                 return "challenge", serialize({rspauth = rspauth})
 224                         else
 225                                 return "failure", "not-authorized", "The response provided by the client doesn't match the one we calculated."
 226                         end
 227                 elseif self.step == 3 then
 228                         if self.authenticated ~= nil then return "success"
 229                         else return "failure", "malformed-request" end
 230                 end
 231         end
 232         return object
 233 end
 234
 235 function new(mechanism, realm, password_handler)
 236         local object
 237         if mechanism == "PLAIN" then object = new_plain(realm, password_handler)
 238         elseif mechanism == "DIGEST-MD5" then object = new_digest_md5(realm, password_handler)
 239         else
 240                 log("debug", "Unsupported SASL mechanism: "..tostring(mechanism));
 241                 return nil
 242         end
 243         return object
 244 end
 245
 246 return _M;