static void freesessid(CONTYP *contact)
{
-(void) rou_alert(0,"JMPDBG freesessid contact->session='%p'",contact->session);
if (contact->session!=(SESTYP *)0) {
if (contact->mailfrom!=(char *)0) {
contact->session->sfrom=strdup(contact->mailfrom);
static void getsessid(CONTYP *contact)
{
-(void) rou_alert(0,"JMPDBG getsessid!");
if (contact!=(CONTYP *)0) {
char *newsid;
*/
/********************************************************/
/* */
+/* Procedure to manage authentication in "plain" */
+/* mode, return "decoded", NULL if not extracted */
+/* */
+/********************************************************/
+static char *get_auth_plain(CONTYP *contact,int delay,char *received)
+
+{
+char *decoded;
+char local[200];
+
+decoded=(char *)0;
+(void) memset(local,'\000',sizeof(local));
+(void) strncpy(local,received,sizeof(local)-1);
+if (strlen(local)==0) {
+ char *line;
+ int got;
+
+ line=(char *)0;
+ (void) transmit(contact,true,"%d 5.7.1 Please provide auth sequence",SENDB64);
+ got=tcp_getline(contact->socptr,delay,&line);
+ if (got>0) {
+ (void) strncpy(local,line,sizeof(local)-1);
+ line=rou_freestr(line);
+ }
+ }
+if (strlen(local)>0)
+ decoded=cnv_getb64(local);
+return decoded;
+}
+/*
+^L
+*/
+/********************************************************/
+/* */
+/* Procedure to manage authentication in "login" */
+/* mode, return "decoded", NULL if not extracted */
+/* */
+/********************************************************/
+static char *get_auth_login(CONTYP *contact,int delay)
+
+{
+static char *logdat[]={"VXNlcm5hbWU6", //Username: in B64
+ "UGFzc3dvcmQ6", //Password: in B64
+ (char *)0};
+char *decoded;
+char local[200];
+
+decoded=(char *)0;
+(void) memset(local,'\000',sizeof(local));
+for (int i=0;i<2;i++) {
+ char *line;
+ char *ptr;
+ int got;
+
+ (void) strcat(local,IOBNULL);
+ (void) transmit(contact,true,"%d %s",SENDB64,logdat[i]);
+ got=tcp_getline(contact->socptr,delay,&line);
+ if (got<=0) {
+ (void) strcpy(local,"");
+ (void) transmit(contact,true,"%d 5.7.2 auth sequence missing",UKNUSER);
+ break; //exiting from loop
+ }
+ if ((ptr=cnv_getb64(line))!=(char *)0) {
+ (void) rou_alert(0,"JMPDBG line[%d]=<%s> ptr=<%s>",i,line,ptr);
+ (void) strncat(local,ptr,(sizeof(local)-1)-strlen(ptr));
+ ptr=rou_freestr(ptr);
+ }
+ (void) rou_alert(0,"JMPDBG local[%d]=<%s>",i,local);
+ line=rou_freestr(line);
+ }
+if (strlen(local)>0)
+ decoded=strdup(local);
+return decoded;
+}
+/*
+^L
+*/
+/********************************************************/
+/* */
+/* Procedure to check if the password submitted */
+/* Match with the user provided. */
+/* */
+/********************************************************/
+static _Bool checklogin(SQLPTR *sqlptr,char *sequence)
+
+{
+_Bool isok;
+char *data[3];
+
+isok=false;
+(void) memset(data,'\000',sizeof(data));
+for (int i=0;i<3;i++) {
+ char *ptr;
+
+ if ((ptr=strstr(sequence,IOBNULL))!=(char *)0)
+ *ptr='\000';
+ data[i]=strdup(sequence);
+ if (ptr==(char *)0)
+ break; //no more data available
+ ptr+=strlen(IOBNULL);
+ (void) memmove(sequence,ptr,strlen(ptr)+1);
+ }
+if ((data[1]!=(char *)0)&&(data[2]!=(char *)0)) {
+ if ((strlen(data[1])>0)&&(strlen(data[2])>0)) {
+ USRTYP *usr;
+
+ usr=(USRTYP *)0;
+ (void) rou_alert(0,"JMPDBG name=<%s> pass=<%s>",data[1],data[2]);
+ if (sql_mngusr(sqlptr,sql_select,data[1],&usr)==true) {
+ char *crypted;
+
+ crypted=crypt(data[2],usr->passwd);
+ if ((crypted!=(char *)0)&&(strcmp(crypted,usr->passwd)==0))
+ isok=true; //Passord match
+ usr=sql_freeusr(usr);
+ }
+ }
+ }
+for (int i=0;i<3;i++)
+ data[i]=rou_freestr(data[i]);
+return isok;
+}
+/*
+^L
+*/
+/********************************************************/
+/* */
/* Procedure to extract authentication info. */
/* return a login sequence as */
/* 'username password' if successful */
#define OPEP "lvleml.c:getauth,"
static char *vocloc[]={"plain","login",(char *)0};
-static char *logdat[]={"VXNlcm5hbWU6", //Username: in B64
- "UGFzc3dvcmQ6", //Password: in B64
- (char *)0};
int code;
char *decoded;
case 3 : //getting "username password" accorind login type
switch (code) {
case 0 : //AUTH PLAIN
- if (strlen(local)==0) {
- char *line;
- int got;
-
- line=(char *)0;
- (void) transmit(contact,true,"%d 5.7.1 Please provide auth sequence",
- SENDB64);
- got=tcp_getline(contact->socptr,delay,&line);
- if (got>0) {
- (void) strncpy(local,line,sizeof(local)-1);
- line=rou_freestr(line);
- }
- }
- if (strlen(local)>0)
- decoded=cnv_getb64(local);
+ if ((decoded=get_auth_plain(contact,delay,local))==(char *)0)
+ phase=999;
break;
case 1 : //AUTH LOGIN
- (void) strcpy(local,"");
- for (int i=0;i<2;i++) {
- char *line;
- char *ptr;
- int got;
-
- (void) strcat(local,IOBNULL);
- (void) transmit(contact,true,"%d %s",SENDB64,logdat[i]);
- got=tcp_getline(contact->socptr,delay,&line);
- if (got<=0) {
- (void) strcpy(local,"");
- (void) transmit(contact,true,"%d 5.7.3 auth sequence missing",
- UKNUSER);
- phase=999; //trouble trouble
- break; //eiting from loop then current phase
- }
- if ((ptr=cnv_getb64(line))!=(char *)0) {
- (void) strncat(local,ptr,(sizeof(local)-1)-strlen(ptr));
- ptr=rou_freestr(ptr);
- }
- line=rou_freestr(line);
- }
- if(strlen(local)>0)
- decoded=strdup(local);
+ if ((decoded=get_auth_login(contact,delay))==(char *)0)
+ phase=999;
break;
default : //not yet implemented
+ (void) transmit(contact,true,"%d 5.7.3 Unknown auth mode",FAILED);
(void) rou_alert(0,"%s auth type <%d> not yet implemented",OPEP);
+ phase=999;
break;
}
break;
- case 4 : //do we have a decoded sequence
- if (decoded==(char *)0) {
- (void) transmit(contact,true,"%d 5.7.2 auth sequence missing",UKNUSER);
- phase=999; //trouble trouble
- }
- break;
- case 5 : //check password
+ case 4 : //we have a decoded sequence, check password
(void) rou_alert(0,"JMPDBG decoded=<%s>",decoded);
- break;
- case 6 : //everything is fine
+ if (checklogin(contact->sqlptr,decoded)==false) {
+ (void) transmit(contact,true,"%d 5.7.4 authentication failed",BADAUTH);
+ phase=999;
+ }
decoded=rou_freestr(decoded);
- (void) transmit(contact,true,"%d 5.7.4 Authentication successful",IDOK);
+ break;
+ case 5 : //everything is fine
+ (void) transmit(contact,true,"%d 5.7.5 Authentication successful",IDOK);
break;
default : //SAFE Guard
proceed=false;
phase=0;
proceed=true;
while (proceed==true) {
- (void) rou_alert(0,"JMPDBG %s phase='%d'",OPEP,phase);
+ //(void) rou_alert(0,"JMPDBG %s phase='%d'",OPEP,phase);
switch (phase){
case 0 : //check for binding
if (contact==(CONTYP *)0) {
vps2: / jmp / mailleur / commitdiff