From: Jean-Marc Pigeon (Delson) Date: Mon, 7 Jul 2025 08:15:05 +0000 (-0400) Subject: digest-md5 authentication is working with user password X-Git-Tag: tag-0.12~6 X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=d09c0040f5febb3b7daebbcc8c834b08d0e86547;p=jmp%2Fmailleur digest-md5 authentication is working with user password --- diff --git a/conf/mailleur.conf b/conf/mailleur.conf index 62c55de..b75e89a 100644 --- a/conf/mailleur.conf +++ b/conf/mailleur.conf @@ -6,6 +6,8 @@ APPNAME=mailleur ROOTBASE="/" #defining local default domain DFLTDOMAIN="localdomain" +#defineing the local REALM +REALM="mailleur-email" #------------------------------------------------ #list of listening port to do SMTP protocole #format diff --git a/conf/mailleur.conf.dvl b/conf/mailleur.conf.dvl index b8b3a0d..ff79301 100644 --- a/conf/mailleur.conf.dvl +++ b/conf/mailleur.conf.dvl @@ -7,6 +7,8 @@ APPNAME=mailleur ROOTBASE="/home/jmp/safe-mailleur/mailleur/test_area/" #defining local default domain DFLTDOMAIN="example.com" +#defineing the local REALM +REALM="mailleur-email-dvl" #------------------------------------------------ #list of listening port to do SMTP protocole #format diff --git a/lib/lvleml.c b/lib/lvleml.c index 79f0e03..7a65919 100644 --- a/lib/lvleml.c +++ b/lib/lvleml.c @@ -479,22 +479,24 @@ static char *get_auth_digest_md5(CONTYP *contact,int delay) char *decoded; char *challenge; -char answer[300]; +char *curpass; RSPTYP *resp; +char answer[300]; int phase; _Bool proceed; decoded=(char *)0; challenge=(char *)0; -(void) memset(answer,'\000',sizeof(answer)); +curpass=(char *)0; resp=(RSPTYP *)0; +(void) memset(answer,'\000',sizeof(answer)); phase=0; proceed=true; while (proceed==true) { //(void) rou_alert(0,"%s JMPDBG phase='%d'",OPEP,phase); switch (phase) { case 0 : //Building the challenge sequence - if ((challenge=dig_getchallenge(contact->locname))==(char *)0) { + if ((challenge=dig_getchallenge())==(char *)0) { (void) rou_alert(0,"%s Unable to get challenge sequence (Bug!)",OPEP); phase=999; } @@ -505,7 +507,6 @@ while (proceed==true) { b64=cnv_setb64(challenge); (void) transmit(contact,true,"%d %s",SENDB64,b64); b64=rou_freestr(b64); - challenge=rou_freestr(challenge); } break; case 2 : { //getting the challenge answer @@ -530,14 +531,24 @@ while (proceed==true) { if ((resp=dig_parseresp(answer))==(RSPTYP *)0) phase=999; //Unable to parse answer break; - case 4 : //getting the user name and password + case 4 : { //getting the user name and password + USRTYP *usr; + + if (sql_mngusr(contact->sqlptr,sql_select,resp->username,&usr)==true) { + if (usr->passwd!=(char *)0) + curpass=strdup(usr->passwd); + usr=sql_freeusr(usr); + } + if (curpass==(char *)0) + phase=999; //No user found + } break; case 5 : { //sending the rspauth sequence. char *HAS; char *rspauth; char *b64; - if ((HAS=dig_hashresp(resp,"","xxx"))==(char *)0) { + if ((HAS=dig_hashresp(resp,"",curpass))==(char *)0) { (void) rou_alert(0,"%s Unable to get the hash rspauth (Bug!)",OPEP); break; } @@ -553,15 +564,18 @@ while (proceed==true) { char *line; int count; + line=(char *)0; count=tcp_getline(contact->socptr,delay,&line); - if (count>0) - rou_freestr(line); //EMPTY Line! + if (count<0) + (void) rou_alert(0,"%s delay expired to get remote empty line (network?)", + OPEP); + line=rou_freestr(line); //EMPTY Line! } break; case 7 : { //comparing result. char *HA0; - if ((HA0=dig_hashresp(resp,"AUTHENTICATE","xxx"))==(char *)0) { + if ((HA0=dig_hashresp(resp,"AUTHENTICATE",curpass))==(char *)0) { (void) rou_alert(0,"%s Unable to get the hash response (Bug!)",OPEP); break; } @@ -573,7 +587,8 @@ while (proceed==true) { break; case 8 : //comparing answer (void) rou_alert(0,"JMPDBG Bingo!"); - (void) rou_asprintf(&decoded,"%s%s%s%s",IOBNULL,resp->username,IOBNULL,"mailleur2"); + (void) rou_asprintf(&decoded,"%s%s%s%s",IOBNULL,resp->username, + IOBNULL,curpass); break; default : //SAFE Guard proceed=false; @@ -582,6 +597,9 @@ while (proceed==true) { phase++; } (void) rou_alert(0,"%s JMPDBG decoded=<%s>",OPEP,decoded); +resp=dig_freeresp(resp); +curpass=rou_freestr(curpass); +challenge=rou_freestr(challenge); return decoded; #undef OPEP diff --git a/lib/subrou.c b/lib/subrou.c index cbccf02..749198d 100644 --- a/lib/subrou.c +++ b/lib/subrou.c @@ -846,14 +846,8 @@ if (mode!=modopen) { break; case false : (void) closelog(); - if (appname!=(char *)0) { - (void) free(appname); - appname=(char *)0; - } - if (rootdir!=(char *)0) { - (void) free(rootdir); - rootdir=(char *)0; - } + appname=rou_freestr(appname); + rootdir=rou_freestr(rootdir); break; default : (void) fprintf(stderr,"Calling %s with wrong mode='%d' (Bug?!):", diff --git a/lib/subrou.h b/lib/subrou.h index 082890f..1a3c786 100644 --- a/lib/subrou.h +++ b/lib/subrou.h @@ -13,9 +13,9 @@ #include -#define APPNAME "mailleur" //application name - -#define ITSOK 0 //to check errno against no error +#define APPNAME "mailleur" //application name +#define REALM APPNAME"-email" //application REALM (DIGEST-MD5) +#define ITSOK 0 //to check errno against no error //defining database #define #define USE_NODB 0 //No DB TYPE defined @@ -32,7 +32,7 @@ extern _Bool foreground; //process is in foreground mode extern char *rootdir; //application root directory extern char *appname; //application "official" name -extern char execname[]; ///Application exec/binary name +extern char execname[]; //Application exec/binary name //--- Routines implemented within subrou.c --------- diff --git a/lib/unidig.c b/lib/unidig.c index 88f42df..625222c 100644 --- a/lib/unidig.c +++ b/lib/unidig.c @@ -315,7 +315,7 @@ return hashmd5; /* challenge as an B64 string. */ /* */ /********************************************************/ -PUBLIC char *dig_getchallenge(char *realm) +PUBLIC char *dig_getchallenge() { #define OPEP "unidig.c:dig_getchallenge," @@ -323,7 +323,6 @@ PUBLIC char *dig_getchallenge(char *realm) static char *comp[]={ "realm=\"%s\"", //the LOCAL realm ",nonce=\"%s\"", - ",maxbuf=%d", ",qop=%s", ",algorithm=%s", ",charset=%s", @@ -331,8 +330,11 @@ static char *comp[]={ }; char *challenge; +char *realm; challenge=(char *)calloc(MAXBUF,sizeof(char)); +if ((realm=getenv("REALM"))==(char *)0) + realm=REALM; for (int num=0;comp[num]!=(char *)0;num++) { char loc[MAXBUF/2]; @@ -352,16 +354,13 @@ for (int num=0;comp[num]!=(char *)0;num++) { nonce=rou_freestr(nonce); } break; - case 2 : //maxbuf - (void) snprintf(loc,sizeof(loc),comp[num],MAXBUF); - break; - case 3 : //qop + case 2 : //qop (void) snprintf(loc,sizeof(loc),comp[num],"auth"); break; - case 4 : //algorithm + case 3 : //algorithm (void) snprintf(loc,sizeof(loc),comp[num],ALGO); break; - case 5 : //charset + case 4 : //charset (void) snprintf(loc,sizeof(loc),comp[num],CHARSET); break; default : //none expect field BUG! diff --git a/lib/unidig.h b/lib/unidig.h index 2bf1ae3..417322d 100644 --- a/lib/unidig.h +++ b/lib/unidig.h @@ -39,7 +39,7 @@ extern char *dig_cryptmd5(const void *key,unsigned char *seq); //Procedure to generate a DISGEST-MD5 challaneg as a //b64 string. -extern char *dig_getchallenge(char *realm); +extern char *dig_getchallenge(); //Procedure to compute local response to challenge and //check if the remote session is the same