#====================================================
#-sending authentication request via BASE64
#https://www.base64encode.org/
+#AUTH LOGIN
#-Usernanme 'webmaster@example.com' --> 'd2VibWFzdGVyQGV4YW1wbGUuY29t'
#-password 'mailleur' --> 'bWFpbGxldXI="
-S:AUTH LOGIN d2VibWFzdGVyQGV4YW1wbGUuY29t
+#AUTH PLAIN
+#-full seq "authid\0webmaster@example.com\0mailleur'
+# --> YXV0aGlkXDB3ZWJtYXN0ZXJAZXhhbXBsZS5jb21cMG1haWxsZXVy
+# authid will be discarded by authentication procedure
+#authid can be missing
+S:AUTH PLAIN
+R:334 5.7.1 Please provide auth sequence
+S:YXV0aGlkXDB3ZWJtYXN0ZXJAZXhhbXBsZS5jb21cMG1haWxsZXVy
+R:235 5.7.4 Authentication successful
+S:AUTH PLAIN YXV0aGlkXDB3ZWJtYXN0ZXJAZXhhbXBsZS5jb21cMG1haWxsZXVy
+R:235 5.7.4 Authentication successful
+S:AUTH LOGIN
+#requesting Username:
+R:334 VXNlcm5hbWU6
+#sending 'webmaster@example.com' as B64
+S:d2VibWFzdGVyQGV4YW1wbGUuY29t
+#requesting Password:
R:334 UGFzc3dvcmQ6
-#-le mot de passe est 'badpass'
-S:bWFpbGxldXI=
-R:535 1 authentication failed
+#sending 'mailleur' as B64
+S:bWFpbGxldXIK
+R:235 5.7.4 Authentication successful
S:QUIT
R:221 2.0.0 Bye, closing connection...
/* NULL if unable to extract login */
/* */
/********************************************************/
-static void getauth(CONTYP *contact,char *buffer)
+static void getauth(CONTYP *contact,int delay,char *buffer)
{
#define OPEP "lvleml.c:getauth,"
-static char *vocloc[]={"plain ","login ",(char *)0};
+static char *vocloc[]={"plain","login",(char *)0};
static char *logdat[]={"VXNlcm5hbWU6", //Username: in B64
"UGFzc3dvcmQ6", //Password: in B64
(char *)0};
+
int code;
+char *decoded;
+char local[200];
int phase;
_Bool proceed;
code=-1;
+decoded=(char *)0;
+(void) memset(local,'\000',sizeof(memset));
phase=0;
proceed=(strlen(buffer)>0);
while (proceed==true) {
- (void) rou_alert(0,"%s JMPDBG phase='%d' buffer=<%s>",OPEP,phase,buffer);
+ //(void) rou_alert(0,"%s JMPDBG phase='%d'",OPEP,phase);
switch (phase) {
- case 0 : //check the authentication type
+ case 0 : //are we encrypted and on the right port
+ break;
+ case 1 : //check buffer
+ if ((buffer==(char *)0)||(strlen(buffer)==0)) {
+ (void) transmit(contact,true,"%d 5.7.0 Missing auth type",FAILED);
+ phase=999; //No need to go further
+ }
+ break;
+ case 2 : //check the authentication type
+ (void) strncpy(local,buffer,sizeof(local)-1);
for (code=0;vocloc[code]!=(char *)0;code++) {
- if (strncasecmp(buffer,vocloc[code],strlen(vocloc[code]))==0) {
+ if (strncasecmp(local,vocloc[code],strlen(vocloc[code]))==0) {
register int taille;
register char *ptr;
taille=strlen(vocloc[code]);
- ptr=buffer+taille;
- (void) memcpy(buffer,ptr,strlen(ptr)+1);
+ ptr=local+taille+1;
+ (void) memcpy(local,ptr,strlen(ptr)+1);
break;
}
}
if (vocloc[code]==(char *)0) {
- (void) rou_alert(0,"%s auth type <%s> unknown (Bug?)",OPEP,buffer);
+ (void) rou_alert(0,"%s auth type <%s> unknown (Bug?)",OPEP,local);
(void) transmit(contact,true,"%d 5.7.0 bad authentication type",BADPAR);
phase=999; //Trouble Trouble
}
break;
- case 1 : //working accoring auth mode
- (void) rou_alert(0,"%s clean buffer=<%s>",OPEP,cnv_getb64(buffer));
+ case 3 : //getting "username password" accorind login type
switch (code) {
- case 0 : //plain auth
-
+ case 0 : //AUTH PLAIN
+ if (strlen(local)==0) {
+ char *line;
+ int got;
+
+ line=(char *)0;
+ (void) transmit(contact,true,"%d 5.7.1 Please provide auth sequence",
+ SENDB64);
+ got=tcp_getline(contact->socptr,delay,&line);
+ if (got>0) {
+ (void) strncpy(local,line,sizeof(local)-1);
+ line=rou_freestr(line);
+ }
+ }
+ if (strlen(local)>0)
+ decoded=cnv_getb64(local);
break;
- case 1 : //login auth
+ case 1 : //AUTH LOGIN
+ (void) strcpy(local,"");
+ for (int i=0;i<2;i++) {
+ char *line;
+ char *ptr;
+ int got;
+
+ (void) strcat(local,IOBNULL);
+ (void) transmit(contact,true,"%d %s",SENDB64,logdat[i]);
+ got=tcp_getline(contact->socptr,delay,&line);
+ if (got<=0) {
+ (void) strcpy(local,"");
+ (void) transmit(contact,true,"%d 5.7.3 auth sequence missing",
+ UKNUSER);
+ phase=999; //trouble trouble
+ break; //eiting from loop then current phase
+ }
+ if ((ptr=cnv_getb64(line))!=(char *)0) {
+ (void) strncat(local,ptr,(sizeof(local)-1)-strlen(ptr));
+ ptr=rou_freestr(ptr);
+ }
+ line=rou_freestr(line);
+ }
+ if(strlen(local)>0)
+ decoded=strdup(local);
break;
default : //not yet implemented
(void) rou_alert(0,"%s auth type <%d> not yet implemented",OPEP);
break;
}
break;
+ case 4 : //do we have a decoded sequence
+ if (decoded==(char *)0) {
+ (void) transmit(contact,true,"%d 5.7.2 auth sequence missing",UKNUSER);
+ phase=999; //trouble trouble
+ }
+ break;
+ case 5 : //check password
+ (void) rou_alert(0,"JMPDBG decoded=<%s>",decoded);
+ (void) transmit(contact,true,"%d 5.7.4 Authentication successful",IDOK);
+ break;
default : //SAFE Guard
proceed=false;
break;
(void) checkfrom(contact,line);
break;
case c_auth : //Auth request
- (void) getauth(contact,line);
+ (void) getauth(contact,delay,line);
break;
case c_rcpt : //Doing rpt scanning
if (checkto(contact,line)==false) {
vps2: / jmp / mailleur / commitdiff