--- /dev/null
+T:(feed05) sending a small email after beeing authenticated
+R:220 mailleur.example.com, ESMTP (cleartext) mailleur...
+#====================================================
+#-sending authentication request via BASE64
+#https://www.base64encode.org/
+#AUTH LOGIN
+#-Usernanme 'webmaster@example.com' --> 'd2VibWFzdGVyQGV4YW1wbGUuY29t'
+#-password 'mailleur' --> 'bWFpbGxldXI="
+#AUTH PLAIN
+#-full seq "authid\0webmaster@example.com\0mailleur'
+# --> YXV0aGlkXDB3ZWJtYXN0ZXJAZXhhbXBsZS5jb21cMG1haWxsZXVy
+# authid will be discarded by authentication procedure
+#authid can be missing
+S:AUTH PLAIN AHVzZXIxQG1haWxwb3N0Zy5leGFtcGxlLmNvbQBtYWlsbGV1cg==
+R:504 5.7.4 authentication failed
+S:QUIT
+R:221 2.0.0 Bye, closing connection...
static char *get_auth_plain(CONTYP *contact,int delay,char *received)
{
+#define OPEP "lvleml.c:get_auth_plain,"
char *decoded;
char local[200];
decoded=(char *)0;
(void) memset(local,'\000',sizeof(local));
(void) strncpy(local,received,sizeof(local)-1);
+(void) rou_alert(0,"%s received=<%s",OPEP,received);
if (strlen(local)==0) {
char *line;
int got;
}
if (strlen(local)>0)
decoded=cnv_getb64(local);
+(void) rou_alert(0,"%s decoded=<%s",OPEP,decoded);
return decoded;
+
+#undef OPEP
}
/*
^L
*/
/********************************************************/
/* */
+/* Procedure to split a plain authentication string*/
+/* Match with the user provided. */
+/* */
+/********************************************************/
+static void split_auth_plain(char *sequence,char *data[3])
+
+{
+char *locdata[3];
+char *dup;
+char *ptr;
+int count;
+
+(void) memset(locdata,'\000',sizeof(locdata));
+dup=strdup(sequence);
+ptr=dup;
+for (count=0;(count<3)&&(ptr!=(char *)0);count++) {
+ char *mark;
+
+ if ((mark=strstr(ptr,IOBNULL))!=(char *)0) {
+ *mark='\000';
+ mark+=strlen(IOBNULL);
+ }
+ locdata[count]=strdup(ptr);
+ ptr=mark;
+ }
+(void) memmove(data,locdata,sizeof(locdata));
+dup=rou_freestr(dup);
+}
+/*
+^L
+*/
+/********************************************************/
+/* */
/* Procedure to check if the password submitted */
/* Match with the user provided. */
/* */
isok=false;
(void) memset(data,'\000',sizeof(data));
-for (int i=0;i<3;i++) {
- char *ptr;
-
- if ((ptr=strstr(sequence,IOBNULL))!=(char *)0)
- *ptr='\000';
- data[i]=strdup(sequence);
- if (ptr==(char *)0)
- break; //no more data available
- ptr+=strlen(IOBNULL);
- (void) memmove(sequence,ptr,strlen(ptr)+1);
- }
+(void) split_auth_plain(sequence,data);
if ((data[1]!=(char *)0)&&(data[2]!=(char *)0)) {
- if ((strlen(data[1])>0)&&(strlen(data[2])>0)) {
- USRTYP *usr;
+ USRTYP *usr;
- usr=(USRTYP *)0;
- if (sql_mngusr(sqlptr,sql_select,data[1],&usr)==true) {
- char *crypted;
+ usr=(USRTYP *)0;
+ if (sql_mngusr(sqlptr,sql_select,data[1],&usr)==true) {
+ char *crypted;
- crypted=crypt(data[2],usr->passwd);
- if ((crypted!=(char *)0)&&(strcmp(crypted,usr->passwd)==0))
- isok=true; //Passord match
- usr=sql_freeusr(usr);
- }
+ crypted=crypt(data[2],usr->passwd);
+ if ((crypted!=(char *)0)&&(strcmp(crypted,usr->passwd)==0))
+ isok=true; //Passord match
+ usr=sql_freeusr(usr);
}
}
for (int i=0;i<3;i++)
break;
case 4 : //we have a decoded sequence, check password
if (checklogin(contact->sqlptr,decoded)==false) {
- char *fmt;
- char *user;
- char *pass;
-
- user=decoded;
- if ((pass=strchr(decoded,' '))!=(char *)0) {
- *pass='\000';
- pass++;
- }
- fmt="Auth Rejected status='%d' for user=<%s> pass=<%s>";
- (void) log_fprintlog(contact->logptr,true,fmt,BADAUTH,user,pass);
+ char *data[3];
+ const char *fmt;
+
+ (void) memset(data,'\000',sizeof(data));
+ (void) split_auth_plain(decoded,data);
+ fmt=" Auth Rejected status='%d' for user=<%s> pass=<%s>";
+ (void) log_fprintlog(contact->logptr,true,fmt,BADAUTH,data[1],data[2]);
(void) sleep(2);
(void) transmit(contact,true,"%d 5.7.4 authentication failed",BADAUTH);
+ for (int i=0;i<3;i++)
+ data[i]=rou_freestr(data[i]);
phase=999;
}
decoded=rou_freestr(decoded);
vps2: / jmp / mailleur / commitdiff