// Write a message into Cedar log void CedarLog(char *str) { char *tmp; // Validate arguments if (str == NULL) { return; } if (cedar_log_ref == NULL) { return; } tmp = CopyStr(str); if (StrLen(tmp) > 1) { if (tmp[StrLen(tmp) - 1] == '\n') { tmp[StrLen(tmp) - 1] = 0; } if (StrLen(tmp) > 1) { if (tmp[StrLen(tmp) - 1] == '\r') { tmp[StrLen(tmp) - 1] = 0; } } } InsertStringRecord(cedar_log, tmp); Free(tmp); }
int IDriveRenameFile(TFileStore *FS, char *FromArg, char *ToArg) { char *Tempstr=NULL, *Error=NULL, *FromPath=NULL, *ToPath=NULL; HTTPInfoStruct *Info; ListNode *Headers; int result, val; STREAM *S; FromPath=MakeFullPath(FromPath,FS, FromArg); ToPath=MakeFullPath(ToPath,FS, ToArg); Tempstr=MCopyStr(Tempstr,"https://",FS->Host,"/evs/renameFileFolder?uid=",FS->Logon,"&pwd=",FS->Passwd,"&oldpath=",FromPath,"&newpath=",ToPath,NULL); S=HTTPMethod("POST",Tempstr,"","","","",0); val=HTTPReadDocument(S, &Tempstr); if (Settings.Flags & FLAG_VERBOSE) printf("\n%s\n",Tempstr); Error=CopyStr(Error,""); result=IDriveParseStatusResponse(Tempstr, &Error); DestroyString(Tempstr); DestroyString(Error); DestroyString(FromPath); DestroyString(ToPath); return(result); }
static char *FindExtender( char *fullpath, char **endname ) { #if defined(DOS4G) char *name; const char __far *d4gname; unsigned len; d4gname = DOSEnvFind( "DOS4GPATH" ); if( d4gname != NULL ) { _DBG_Write("Got DOS4GPATH -<"); _DBG_Write(d4gname); _DBG_Writeln(">"); len = _fstrlen( d4gname ); if( len > 4 ) { const char __far *ext = d4gname + len - 4; if( ext[0] == '.' && LOW( ext[1] ) == 'e' && LOW( ext[2] ) == 'x' && LOW( ext[3] ) == 'e' ) { _DBG_Writeln( "is exe\r\n" ); *endname = CopyStr( d4gname, fullpath ); return( fullpath ); } } name = CheckPath( d4gname, fullpath, endname ); if( name != NULL ) { _DBG_Writeln( "found in path\r\n" ); return( name ); } } #endif return( CheckPath( DOSEnvFind( "PATH" ), fullpath, endname ) ); }
int PAMConvFunc(int NoOfMessages, const struct pam_message **messages, struct pam_response **responses, void *appdata) { int count; const struct pam_message *mess; struct pam_response *resp; *responses=(struct pam_response *) calloc(NoOfMessages,sizeof(struct pam_response)); mess=*messages; resp=*responses; for (count=0; count < NoOfMessages; count++) { if ((mess->msg_style==PAM_PROMPT_ECHO_OFF) || (mess->msg_style==PAM_PROMPT_ECHO_ON)) { resp->resp=CopyStr(NULL,(char *) appdata); resp->resp_retcode=0; } mess++; resp++; } return(PAM_SUCCESS); }
time_t DateStrToSecs(const char *DateFormat, const char *Str, const char *TimeZone) { time_t Secs=0; struct tm TMS; char *Tempstr=NULL; if (StrLen(DateFormat)==0) return(0); if (StrLen(Str)==0) return(0); if (StrLen(TimeZone)) { if (getenv("TZ")) Tempstr=CopyStr(Tempstr,getenv("TZ")); setenv("TZ",TimeZone,TRUE); tzset(); } strptime(Str,DateFormat,&TMS); TMS.tm_isdst=-1; Secs=mktime(&TMS); if (StrLen(TimeZone)) { if (! Tempstr) unsetenv("TZ"); else setenv("TZ",Tempstr,TRUE); tzset(); } return(Secs); }
// Get Ethernet device list on Solaris TOKEN_LIST *GetEthListSolaris() { TOKEN_LIST *t; int i, s; LIST *o; o = NewListFast(CompareStr); s = socket(AF_INET, SOCK_DGRAM, 0); if (s != INVALID_SOCKET) { struct lifnum lifn; lifn.lifn_family = AF_INET; lifn.lifn_flags = 0; if (ioctl(s, SIOCGLIFNUM, (char *)&lifn) >= 0) { struct lifconf lifc; struct lifreq *buf; UINT numifs; UINT bufsize; numifs = lifn.lifn_count; Debug("NumIFs:%d\n",numifs); bufsize = numifs * sizeof(struct lifreq); buf = Malloc(bufsize); lifc.lifc_family = AF_INET; lifc.lifc_flags = 0; lifc.lifc_len = bufsize; lifc.lifc_buf = (char*) buf; if (ioctl(s, SIOCGLIFCONF, (char *)&lifc) >= 0) { for (i = 0; i<numifs; i++) { if(StartWith(buf[i].lifr_name, "lo") == false){ Add(o, CopyStr(buf[i].lifr_name)); } } } Free(buf); } closesocket(s); } Sort(o); t = ZeroMalloc(sizeof(TOKEN_LIST)); t->NumTokens = LIST_NUM(o); t->Token = ZeroMalloc(sizeof(char *) * t->NumTokens); for (i = 0;i < LIST_NUM(o);i++) { char *name = LIST_DATA(o, i); t->Token[i] = name; } ReleaseList(o); return t; }
char *FormatURL(char *Buff, HTTPSession *Session, const char *ItemPath) { char *Tempstr=NULL, *Quoted=NULL; const char *ptr=NULL, *sd_ptr; int len; if (StrLen(Session->Host)) { if (Settings.Flags & FLAG_SSL) Tempstr=MCopyStr(Buff,"https://",Session->Host,"/",NULL); else Tempstr=MCopyStr(Buff,"http://",Session->Host,"/",NULL); } else Tempstr=CopyStr(Tempstr,"/"); ptr=ItemPath; while (*ptr == '/') ptr++; if (StrLen(Session->StartDir)) sd_ptr=Session->StartDir; else sd_ptr=""; while (*sd_ptr == '/') sd_ptr++; len=StrLen(sd_ptr); if (strncmp(ptr, sd_ptr,len)==0) ptr+=len; Quoted=HTTPQuoteChars(Quoted,ptr," ()[]{}\t?&%!,+\':;#"); Tempstr=CatStr(Tempstr,Quoted); DestroyString(Quoted); return(Tempstr); }
void HTTPServerFindAndSendDocument(STREAM *S, HTTPSession *Session, int Flags) { char *Path=NULL, *ptr; TPathItem *PI=NULL; ListNode *Curr; if (! VPathProcess(S, Session, Flags)) { ptr=Session->StartDir; if (*ptr=='.') ptr++; if (strcmp(ptr,"/")==0) Path=CopyStr(Path,Session->Path); else Path=MCopyStr(Path,ptr,Session->Path,NULL); PI=VPathFind(PATHTYPE_FILETYPE, Session->Path); if (PI) { if (PI->Flags & PATHITEM_COMPRESS) Session->Flags |= FLAG_COMPRESS; if (PI->Flags & PATHITEM_NO_COMPRESS) Session->Flags &= ~FLAG_COMPRESS; if (PI->CacheTime > 0) Session->CacheTime=PI->CacheTime; } //One day we will be able to handle scripts inside of chroot using embedded //scripting. But not today. // if (PI && (PI->Flags & PATHITEM_EXEC)) HTTPServerExecCGI(S, Session, Path); //else HTTPServerSendDocument(S, Session, Path, Flags); } DestroyString(Path); }
// Create new user object USER *NewUser(char *name, wchar_t *realname, wchar_t *note, UINT authtype, void *authdata) { USER *u; // Validate arguments if (name == NULL || realname == NULL || note == NULL) { return NULL; } if (authtype != AUTHTYPE_ANONYMOUS && authdata == NULL) { return NULL; } u = ZeroMalloc(sizeof(USER)); u->lock = NewLock(); u->ref = NewRef(); u->Name = CopyStr(name); u->RealName = CopyUniStr(realname); u->Note = CopyUniStr(note); u->GroupName = NULL; u->Group = NULL; u->AuthType = authtype; u->AuthData = authdata; u->CreatedTime = SystemTime64(); u->UpdatedTime = SystemTime64(); u->Policy = NULL; u->Traffic = NewTraffic(); return u; }
TFingerprint *CheckForMatch(HashratCtx *Ctx, const char *Path, struct stat *FStat, const char *HashStr) { TFingerprint *Lookup, *Head=NULL, *Prev=NULL, *Item=NULL, *Result=NULL; void *ptr; if (! StrValid(Path)) return(NULL); Lookup=TFingerprintCreate(HashStr,"","",Path); switch (Ctx->Action) { case ACT_FINDMATCHES_MEMCACHED: Lookup->Data=MemcachedGet(Lookup->Data, Lookup->Hash); if (StrValid(Lookup->Data)) Result=TFingerprintCreate(Lookup->Hash, Lookup->HashType, Lookup->Data, ""); break; case ACT_FINDDUPLICATES: case ACT_FINDMATCHES: ptr=tfind(Lookup, &Tree, MatchCompareFunc); if (ptr) { Item=*(TFingerprint **) ptr; //we have to make a copy because 'Result' is destroyed by parent function Result=TFingerprintCreate(Item->Hash, Item->HashType, Item->Data, Item->Path); } break; default: ptr=tfind(Lookup, &Tree, MatchCompareFunc); if (ptr) { Item=FindPathMatches(Ctx, *(TFingerprint **) ptr, Path); if (Item) { Result=TFingerprintCreate(Item->Hash, Item->HashType, Item->Data, Item->Path); if (Ctx->Action==ACT_CHECK) { if (Item==Head) { if (Item->Next==NULL) { // tree functions take a copy of the 'head' item, so we cannot // destroy it. No idea how they do this, it's magic // however we can destroy non-head items that we hang off // the tree tdelete(Lookup, &Tree, MatchCompareFunc); } else Item->Path=CopyStr(Item->Path, ""); } //else TFingerprintDestroy(Item); } } } break; } TFingerprintDestroy(Lookup); return(Result); }
int AuthPAM(TSession *Session) { int result; AuthenticationsTried=CatStr(AuthenticationsTried,"pam "); if(! PAMStart(Session, Session->User)) { LogToFile(Settings.ServerLogPath,"PAM: No such user %s",Session->User); return(USER_UNKNOWN); } /* set the credentials for the remote user and remote host */ result=pam_authenticate(pamh,0); if (result==PAM_SUCCESS) { Session->Flags |= SESSION_PAM; Session->RealUser=CopyStr(Session->RealUser,Session->User); return(TRUE); } else return(FALSE); }
int IDriveOpen(TFileStore *FS) { char *Tempstr=NULL, *TagName=NULL, *TagData=NULL, *ptr; ListNode *Vars; STREAM *S; int result=FALSE; if (! FS) { return(FALSE); } //Always require login for IDrive if (! StrLen(FS->Passwd)) RequestAuthDetails(&FS->Logon,&FS->Passwd); time(&StartTime); HTTPSetFlags(HTTP_NODECODE); //Get Address of the server that stores my data FS->CurrDir=CopyStr(FS->CurrDir,"/"); if (StrLen(FS->InitDir)) FS->ChDir(FS,FS->InitDir); Tempstr=MCopyStr(Tempstr,"https://evs.idrive.com/evs/getServerAddress?uid=",FS->Logon,"&pwd=",FS->Passwd,NULL); S=HTTPMethod("POST",Tempstr,"","","","",0); if (S) { Tempstr=STREAMReadDocument(Tempstr, S, TRUE); Vars=ListCreate(); IDriveParseResponse(Tempstr, Vars); FS->Host=CopyStr(FS->Host,GetVar(Vars,"webApiServer")); PrintConnectionDetails(FS,S); STREAMClose(S); result=TRUE; } ListDestroy(Vars,DestroyString); DestroyString(Tempstr); DestroyString(TagData); DestroyString(TagName); return(result); }
// Cut out the token from the string (not ignore the blanks between delimiters) TOKEN_LIST *ParseTokenWithNullStr(char *str, char *split_chars) { LIST *o; UINT i, len; BUF *b; char zero = 0; TOKEN_LIST *t; // Validate arguments if (str == NULL) { return NullToken(); } if (split_chars == NULL) { split_chars = DefaultTokenSplitChars(); } b = NewBuf(); o = NewListFast(NULL); len = StrLen(str); for (i = 0;i < (len + 1);i++) { char c = str[i]; bool flag = IsCharInStr(split_chars, c); if (c == '\0') { flag = true; } if (flag == false) { WriteBuf(b, &c, sizeof(char)); } else { WriteBuf(b, &zero, sizeof(char)); Insert(o, CopyStr((char *)b->Buf)); ClearBuf(b); } } t = ZeroMalloc(sizeof(TOKEN_LIST)); t->NumTokens = LIST_NUM(o); t->Token = ZeroMalloc(sizeof(char *) * t->NumTokens); for (i = 0;i < t->NumTokens;i++) { t->Token[i] = LIST_DATA(o, i); } ReleaseList(o); FreeBuf(b); return t; }
OAUTH *OAuthCreate(const char *Type, const char *Name, const char *ClientID, const char *ClientSecret, const char *Scopes, const char *RefreshURL) { OAUTH *Ctx; char *Tempstr=NULL, *Token=NULL; const char *ptr; if (OAuthTypes==NULL) SetupOAuthTypes(); ptr=GetVar(OAuthTypes, Type); if (! StrValid(ptr)) return(NULL); Ctx=(OAUTH *) calloc(1,sizeof(OAUTH)); ptr=GetToken(ptr,",",&(Ctx->Stage1), 0); ptr=GetToken(ptr,",",&(Ctx->Stage2), 0); ptr=GetToken(ptr,",",&(Ctx->VerifyTemplate), 0); Ctx->Name=CopyStr(Ctx->Name, Name); Ctx->Vars=ListCreate(); SetVar(Ctx->Vars,"client_name",ClientID); SetVar(Ctx->Vars,"client_id",ClientID); SetVar(Ctx->Vars,"client_secret",ClientSecret); Tempstr=HTTPQuote(Tempstr, Scopes); SetVar(Ctx->Vars,"scope",Tempstr); SetVar(Ctx->Vars,"redirect_uri","urn:ietf:wg:oauth:2.0:oob"); SetVar(Ctx->Vars,"connect_back_page","<html><body><h1>Code Accepted By Application</h1><body></html>"); Ctx->AccessToken=CopyStr(Ctx->AccessToken, ""); Ctx->RefreshToken=CopyStr(Ctx->RefreshToken, ""); Ctx->RefreshURL=CopyStr(Ctx->RefreshURL, RefreshURL); Ctx->SavePath=MCopyStr(Ctx->SavePath, GetCurrUserHomeDir(), "/.oauth.creds",NULL); if (strcasecmp(Type, "getpocket.com")==0) { ptr=GetToken(ClientID,"-",&Token,0); Tempstr=MCopyStr(Tempstr, "pocketapp",Token,":authorizationFinished",NULL); SetVar(Ctx->Vars, "redirect_uri",Tempstr); //Ctx->VerifyURL=MCopyStr(Ctx->VerifyURL,"https://getpocket.com/auth/authorize?request_token=",Ctx->AccessToken,"&redirect_uri=",Args,NULL); } else if (strcasecmp(Type, "implicit")==0) Ctx->Flags |= OAUTH_IMPLICIT; if (! OAuthKeyChain) OAuthKeyChain=ListCreate(); ListAddNamedItem(OAuthKeyChain, Name, Ctx); DestroyString(Tempstr); DestroyString(Token); return(Ctx); }
char *LogFileInternalGetRotateDestinationPath(char *RetStr, TLogFile *LogFile) { char *Tempstr=NULL; Tempstr=CopyStr(Tempstr, STREAMGetValue(LogFile->S,"RotatePath")); if (StrLen(Tempstr) && strchr(Tempstr,'$')) { STREAMSetValue(LogFile->S, "Date",GetDateStr("%Y_%m_%d",NULL)); STREAMSetValue(LogFile->S, "Time",GetDateStr("%H:%M:%S",NULL)); RetStr=SubstituteVarsInString(RetStr,Tempstr,LogFile->S->Values,0); } else RetStr=CopyStr(RetStr,LogFile->Path); DestroyString(Tempstr); return(RetStr); }
char *GetDefaultUser() { char *Possibilities[]={"nobody","daemon","guest",NULL}; TSession *Session; int i; Session=(TSession *) calloc(1,sizeof(TSession)); for (i=0; Possibilities[i] !=NULL; i++) { Session->User=CopyStr(Session->User,Possibilities[i]); Session->Passwd=CopyStr(Session->Passwd,""); if (AuthPasswdFile(Session) != USER_UNKNOWN) break; } return(Possibilities[i]); }
// Main function void MainFunction(char *cmd) { char tmp[MAX_SIZE]; bool first = true; bool exit_now = false; while (true) { if (first && StrLen(cmd) != 0 && g_memcheck == false) { first = false; StrCpy(tmp, sizeof(tmp), cmd); exit_now = true; Print("%s\n", cmd); } else { _exit(0); } Trim(tmp); if (StrLen(tmp) != 0) { UINT i, num; bool b = false; TOKEN_LIST *token = ParseCmdLine(tmp); char *cmd = token->Token[0]; num = sizeof(test_list) / sizeof(TEST_LIST); for (i = 0;i < num;i++) { if (!StrCmpi(test_list[i].command_str, cmd)) { char **arg = Malloc(sizeof(char *) * (token->NumTokens - 1)); UINT j; for (j = 0;j < token->NumTokens - 1;j++) { arg[j] = CopyStr(token->Token[j + 1]); } test_list[i].proc(token->NumTokens - 1, arg); for (j = 0;j < token->NumTokens - 1;j++) { Free(arg[j]); } Free(arg); b = true; _exit(1); break; } } FreeToken(token); if (exit_now) { break; } } } }
int AuthShadowFile(HTTPSession *Session) { char *sptr, *eptr, *Salt=NULL, *Digest=NULL; int result=FALSE; #ifdef HAVE_SHADOW_H #include <shadow.h> struct spwd *pass_struct=NULL; pass_struct=getspnam(Session->UserName); if (pass_struct==NULL) return(USER_UNKNOWN); sptr=pass_struct->sp_pwdp; #ifdef HAVE_LIBCRYPT // this is an md5 password if ( (StrLen(sptr) > 4) && (strncmp(sptr,"$1$",3)==0) ) { eptr=strchr(sptr+3,'$'); Salt=CopyStrLen(Salt,sptr,eptr-sptr); Digest=CopyStr(Digest, crypt(Session->Password,Salt)); if (sptr && (strcmp(Digest,sptr)==0) ) { result=TRUE; } } else { // assume old des crypt password sptr=crypt(Session->Password,pass_struct->sp_pwdp); if (sptr && (strcmp(pass_struct->sp_pwdp, sptr)==0)) { result=TRUE; } } AuthenticationsTried=CatStr(AuthenticationsTried,"shadow "); #endif if (result && (Settings.Flags & FLAG_LOG_VERBOSE)) { LogToFile(Settings.LogPath,"AUTH: UserName '%s' Authenticated via /etc/shadow.",Session->UserName); } #endif DestroyString(Salt); DestroyString(Digest); return(result); }
void ParseURL(char *URL, char **Proto, char **Host, char **Port, char **User, char **Password, char **Path, char **Args) { char *ptr, *aptr; char *Token=NULL, *tProto=NULL; //Even if they pass NULL for protocol, we need to take a copy for use in //the 'guess the port' section below ptr=GetToken(URL,":",&tProto,0); strlwr(tProto); if (Proto) *Proto=CopyStr(*Proto,tProto); //some number of '//' follow protocol while (*ptr=='/') ptr++; ptr=GetToken(ptr,"/",&Token,0); ParseHostDetails(Token,Host,Port,User,Password); //Only split the HTTP CGI arguments from the document path if we were asked to return //the args seperately if (Args) { aptr=strrchr(ptr,'?'); if (aptr) { *aptr='\0'; aptr++; *Args=CopyStr(*Args,aptr); } } //the 'GetToken' call will have thrown away the '/' at the start of the path //add it back in if (Path) *Path=MCopyStr(*Path,"/",ptr,NULL); if (Port && (! StrLen(*Port))) { if (strcmp(tProto,"http")==0) *Port=CopyStr(*Port,"80"); else if (strcmp(tProto,"https")==0) *Port=CopyStr(*Port,"443"); else if (strcmp(tProto,"ssh")==0) *Port=CopyStr(*Port,"22"); else if (strcmp(tProto,"ftp")==0) *Port=CopyStr(*Port,"21"); else if (strcmp(tProto,"telnet")==0) *Port=CopyStr(*Port,"23"); else if (strcmp(tProto,"smtp")==0) *Port=CopyStr(*Port,"25"); else if (strcmp(tProto,"mailto")==0) *Port=CopyStr(*Port,"25"); } DestroyString(Token); DestroyString(tProto); }
TTransferContext *TransferContextCreate(TFileStore *SrcFS, TFileStore *DestFS, int Command, int CmdFlags, ListNode *Vars) { TTransferContext *Ctx; char *ptr; Ctx=(TTransferContext *) calloc(1,sizeof(TTransferContext)); Ctx->SrcFS=SrcFS; Ctx->DestFS=DestFS; Ctx->Command=Command; Ctx->CmdFlags=CmdFlags; Ctx->Vars=Vars; ptr=GetVar(Vars,"Throttle"); if (ptr) Ctx->Throttle=atoi(ptr); Ctx->IncludePattern=CopyStr(Ctx->IncludePattern,GetVar(Vars,"IncludePattern")); Ctx->ExcludePattern=CopyStr(Ctx->ExcludePattern,GetVar(Vars,"ExcludePattern")); Ctx->PostCopyHook=CopyStr(Ctx->PostCopyHook,GetVar(Vars,"PostCopyHook")); Ctx->PreCopyHook=CopyStr(Ctx->PreCopyHook,GetVar(Vars,"PreCopyHook")); if (Command == CMD_PUT) Ctx->ActionName=CopyStr(Ctx->ActionName,"put"); else if (Command == CMD_CREATE) Ctx->ActionName=CopyStr(Ctx->ActionName,"create"); else Ctx->ActionName=CopyStr(Ctx->ActionName,"get"); ptr=GetVar(Vars,"CompareLevel"); Ctx->CompareLevel=FileStoreSelectCompareLevel(SrcFS,DestFS,ptr); ptr=GetVar(Vars,"IntegrityLevel"); if (StrLen(ptr)) Ctx->IntegrityLevel=FileStoreSelectCompareLevel(SrcFS,DestFS,ptr); return(Ctx); }
//This is the function we call in the child process for 'SpawnCommand' int BASIC_FUNC_EXEC_COMMAND(void *Command, int Flags) { int result; char *Token=NULL, *FinalCommand=NULL, *ExecPath=NULL; char **argv; const char *ptr; int i; if (Flags & SPAWN_TRUST_COMMAND) FinalCommand=CopyStr(FinalCommand, (char *) Command); else FinalCommand=MakeShellSafeString(FinalCommand, (char *) Command, 0); StripTrailingWhitespace(FinalCommand); if (Flags & SPAWN_NOSHELL) { argv=(char **) calloc(101,sizeof(char *)); ptr=FinalCommand; ptr=GetToken(FinalCommand,"\\S",&Token,GETTOKEN_QUOTES); ExecPath=FindFileInPath(ExecPath,Token,getenv("PATH")); i=0; if (! (Flags & SPAWN_ARG0)) { argv[0]=CopyStr(argv[0],ExecPath); i=1; } for (; i < 100; i++) { ptr=GetToken(ptr,"\\S",&Token,GETTOKEN_QUOTES); if (! ptr) break; argv[i]=CopyStr(argv[i],Token); } execv(ExecPath,argv); } else result=execl("/bin/sh","/bin/sh","-c",(char *) Command,NULL); RaiseError(ERRFLAG_ERRNO, "Spawn", "Failed to execute '%s'",Command); //We'll never get to here unless something fails! DestroyString(FinalCommand); DestroyString(ExecPath); DestroyString(Token); return(result); }
// Remove duplications from the token list TOKEN_LIST *UniqueToken(TOKEN_LIST *t) { UINT i, num, j, n; TOKEN_LIST *ret; // Validate arguments if (t == NULL) { return NULL; } num = 0; for (i = 0;i < t->NumTokens;i++) { bool exists = false; for (j = 0;j < i;j++) { if (StrCmpi(t->Token[j], t->Token[i]) == 0) { exists = true; break; } } if (exists == false) { num++; } } ret = ZeroMalloc(sizeof(TOKEN_LIST)); ret->Token = ZeroMalloc(sizeof(char *) * num); ret->NumTokens = num; n = 0; for (i = 0;i < t->NumTokens;i++) { bool exists = false; for (j = 0;j < i;j++) { if (StrCmpi(t->Token[j], t->Token[i]) == 0) { exists = true; break; } } if (exists == false) { ret->Token[n++] = CopyStr(t->Token[i]); } } return ret; }
// Get network connection name from Ethernet device name void GetEthNetworkConnectionName(wchar_t *dst, UINT size, char *device_name) { WP_ADAPTER *t; char *tmp = NULL, guid[MAX_SIZE]; wchar_t *ncname = NULL; UniStrCpy(dst, size, L""); // Validate arguments if (device_name == NULL || IsEthSupported() == false || IsNt() == false || MsIsWin2000OrGreater() == false) { return; } Lock(eth_list_lock); InitEthAdaptersList(); t = Win32EthSearch(device_name); if (t == NULL) { Unlock(eth_list_lock); return; } tmp = CopyStr(t->Name); Unlock(eth_list_lock); if (IsEmptyStr(t->Guid) == false) { StrCpy(guid, sizeof(guid), t->Guid); Free(tmp); } else { ReplaceStr(guid, sizeof(guid), tmp, "\\Device\\SEE_", ""); Free(tmp); ReplaceStr(guid, sizeof(guid), guid, "\\Device\\NPF_", ""); ReplaceStr(guid, sizeof(guid), guid, "\\Device\\PCD_", ""); } if(guid == NULL) { return; } ncname = MsGetNetworkConnectionName(guid); if(ncname != NULL) { UniStrCpy(dst, size, ncname); } Free(ncname); }
char *VFormatStr(char *InBuff, const char *InputFmtStr, va_list args) { int inc=100, count=1, result=0, FmtLen; char *Tempstr=NULL, *FmtStr=NULL, *ptr; va_list argscopy; Tempstr=InBuff; //Take a copy of the supplied Format string and change it. //Do not allow '%n', it's useable for exploits FmtLen=StrLen(InputFmtStr); FmtStr=CopyStr(FmtStr,InputFmtStr); //Deny %n. Replace it with %x which prints out the value of any supplied argument ptr=strstr(FmtStr,"%n"); while (ptr) { memcpy(ptr,"%x",2); ptr++; ptr=strstr(ptr,"%n"); } inc=4 * FmtLen; //this should be a good average for (count=1; count < 100; count++) { result=inc * count +1; Tempstr=SetStrLen(Tempstr, result); //the vsnprintf function DESTROYS the arg list that is passed to it. //This is just plain WRONG, it's a long-standing bug. The solution is to //us va_copy to make a new one every time and pass that in. va_copy(argscopy,args); result=vsnprintf(Tempstr,result,FmtStr,argscopy); va_end(argscopy); /* old style returns -1 to say couldn't fit data into buffer.. so we */ /* have to guess again */ if (result==-1) continue; /* new style returns how long buffer should have been.. so we resize it */ if (result > (inc * count)) { Tempstr=SetStrLen(Tempstr, result+10); va_copy(argscopy,args); result=vsnprintf(Tempstr,result+10,FmtStr,argscopy); va_end(argscopy); } break; } DestroyString(FmtStr); return(Tempstr); }
char *FolderDlgInnerA(HWND hWnd, wchar_t *title, char *default_dir) { BROWSEINFOA info; char display_name[MAX_PATH]; FOLDER_DLG_INNER_DATA data; LPMALLOC pMalloc; char *ret = NULL; char *title_a; if (UniIsEmptyStr(title)) { title = NULL; } if (IsEmptyStr(default_dir)) { default_dir = NULL; } Zero(&data, sizeof(data)); data.default_dir = CopyStrToUni(default_dir); Zero(display_name, sizeof(display_name)); Zero(&info, sizeof(info)); info.hwndOwner = hWnd; info.pidlRoot = NULL; info.pszDisplayName = display_name; title_a = CopyUniToStr(title); info.lpszTitle = title_a; info.ulFlags = BIF_NEWDIALOGSTYLE | BIF_RETURNONLYFSDIRS | BIF_VALIDATE | BIF_SHAREABLE; info.lpfn = FolderDlgInnerCallbackA; info.lParam = (LPARAM)&data; if (SUCCEEDED(SHGetMalloc(&pMalloc))) { LPITEMIDLIST pidl; pidl = SHBrowseForFolderA(&info); if (pidl) { char tmp[MAX_PATH]; if (SHGetPathFromIDListA(pidl, tmp)) { ret = CopyStr(tmp); } pMalloc->Free(pidl); } pMalloc->Release(); } Free(data.default_dir); Free(title_a); return ret; }
int UploadReadMultipartHeaders(STREAM *S, char **Field, char **FileName) { char *Tempstr=NULL, *Name=NULL, *Value=NULL, *ptr; int result=FALSE; Tempstr=STREAMReadLine(Tempstr,S); while (StrLen(Tempstr)) { StripTrailingWhitespace(Tempstr); ptr=GetToken(Tempstr,":",&Name,0); if (strcasecmp(Name,"Content-Disposition")==0) { ptr=GetNameValuePair(ptr,";","=",&Name,&Value); while (ptr) { StripLeadingWhitespace(Name); StripTrailingWhitespace(Name); StripLeadingWhitespace(Value); StripTrailingWhitespace(Value); if (strcasecmp(Name,"name")==0) { *Field=CopyStr(*Field,Value); result=TRUE; } if (strcasecmp(Name,"filename")==0) { *FileName=CopyStr(*FileName,Value); result=TRUE; } ptr=GetNameValuePair(ptr,";","=",&Name,&Value); } } Tempstr=STREAMReadLine(Tempstr,S); StripTrailingWhitespace(Tempstr); } DestroyString(Tempstr); DestroyString(Name); DestroyString(Value); return(result); }
char *HTTPHeadersAppendAuth(char *RetStr, char *AuthHeader, HTTPInfoStruct *Info, HTTPAuthStruct *AuthInfo) { char *SendStr=NULL, *Tempstr=NULL; char *HA1=NULL, *HA2=NULL, *ClientNonce=NULL, *Digest=NULL; int i, AuthCounter; if (! AuthInfo) return(RetStr); SendStr=CatStr(RetStr,""); //Authentication by an opaque authentication token that is handled //elsewhere, and is set as the 'Password' if (AuthInfo->Flags & HTTP_AUTH_TOKEN) { SendStr=MCatStr(SendStr,AuthHeader,": ",AuthInfo->Password,"\r\n",NULL); AuthInfo->Flags |= HTTP_SENT_AUTH; } else if (AuthInfo->Flags & HTTP_AUTH_DIGEST) { AuthCounter++; Tempstr=FormatStr(Tempstr,"%s:%s:%s",AuthInfo->Logon,AuthInfo->AuthRealm,AuthInfo->Password); HashBytes(&HA1,"md5",Tempstr,StrLen(Tempstr),0); Tempstr=FormatStr(Tempstr,"%s:%s",Info->Method,Info->Doc); HashBytes(&HA2,"md5",Tempstr,StrLen(Tempstr),0); for (i=0; i < 10; i++) { Tempstr=FormatStr(Tempstr,"%x",rand() % 255); ClientNonce=CatStr(ClientNonce,Tempstr); } Tempstr=FormatStr(Tempstr,"%s:%s:%08d:%s:auth:%s",HA1,AuthInfo->AuthNonce,AuthCounter,ClientNonce,HA2); HashBytes(&Digest,"md5",Tempstr,StrLen(Tempstr),0); Tempstr=FormatStr(Tempstr,"%s: Digest username=\"%s\",realm=\"%s\",nonce=\"%s\",uri=\"%s\",qop=auth,nc=%08d,cnonce=\"%s\",response=\"%s\"\r\n",AuthHeader,AuthInfo->Logon,AuthInfo->AuthRealm,AuthInfo->AuthNonce,Info->Doc,AuthCounter,ClientNonce,Digest); SendStr=CatStr(SendStr,Tempstr); AuthInfo->Flags |= HTTP_SENT_AUTH; } else { Tempstr=CopyStr(Tempstr,AuthInfo->Logon); Tempstr=CatStr(Tempstr,":"); Tempstr=CatStr(Tempstr,AuthInfo->Password); Digest=SetStrLen(Digest,StrLen(Tempstr) *2); to64frombits(Digest,Tempstr,strlen(Tempstr)); SendStr=MCatStr(SendStr,AuthHeader,": Basic ",Digest,"\r\n",NULL); AuthInfo->Flags |= HTTP_SENT_AUTH; } DestroyString(HA1); DestroyString(HA2); DestroyString(ClientNonce); DestroyString(Digest); DestroyString(Tempstr); return(SendStr); }
void OAuthParse(OAUTH *Ctx, const char *Line) { char *Name=NULL, *Value=NULL; const char *ptr; ptr=GetToken(Line,"\\S",&Ctx->Name,GETTOKEN_QUOTES); ptr=GetNameValuePair(ptr," ", "=", &Name, &Value); while (ptr) { SetVar(Ctx->Vars, Name, Value); ptr=GetNameValuePair(ptr," ", "=", &Name, &Value); } Ctx->AccessToken=CopyStr(Ctx->AccessToken, GetVar(Ctx->Vars,"access_token")); Ctx->RefreshToken=CopyStr(Ctx->RefreshToken, GetVar(Ctx->Vars,"refresh_token")); DestroyString(Name); DestroyString(Value); }
void CopyRR(ResourceRecord *DstRR, ResourceRecord *SrcRR) { SOADataStruct *SoaData; DstRR->Question=CopyStr(DstRR->Question, SrcRR->Question); DstRR->Answer=CopyStr(DstRR->Answer, SrcRR->Answer); DstRR->TTL=SrcRR->TTL; DstRR->Pref=SrcRR->Pref; DstRR->Type=SrcRR->Type; DstRR->Class=SrcRR->Class; DstRR->Ptr=SrcRR->Ptr; if (SrcRR->Type == SOA) { SoaData=SrcRR->Ptr; if (SoaData) DstRR->Ptr=CreateSOAStruct(SoaData->AuthSource, SoaData->AdminEmail, SoaData->SerialNo, SoaData->Refresh, SoaData->Retry, SoaData->Expire, SoaData->Minimum); } }
int HTTPServerAuthenticate(HTTPSession *Session) { int result=FALSE; //This handles someone clicking a 'logout' button if (! HTTPServerHandleRegister(Session, LOGIN_CHECK_ALLOWED)) { LogToFile(Settings.LogPath,"AUTH: Forcing Relogin for %s@%s (%s) %s %s",Session->ClientIP,Session->ClientHost,Session->ClientIP,Session->Method,Session->Path); return(FALSE); } if (Session->Flags & SESSION_AUTHENTICATED) { if (strcmp(Session->UserName,Session->AuthenticatedUser)==0) { LogToFile(Settings.LogPath,"AUTH: Session Keep-Alive active, reusing authentication for %s@%s (%s) %s %s",Session->ClientIP,Session->ClientHost,Session->ClientIP,Session->Method,Session->Path); return(TRUE); } else LogToFile(Settings.LogPath,"AUTH: ERROR: Session Keep-Alive active, but user has changed to %s@%s (%s) %s %s. Refusing authentication",Session->ClientIP,Session->ClientHost,Session->ClientIP,Session->Method,Session->Path); } //Consider AccessToken Authentication for this URL! if ((! (Session->Flags & SESSION_AUTHENTICATED)) && (Session->AuthFlags & FLAG_AUTH_ACCESS_TOKEN)) ParseAccessToken(Session); if (Session->AuthFlags & FLAG_AUTH_PRESENT) { //if this looks back-to-front it's because for some methods we only get the username //after we've completed authentication (e.g. it's taken from a cookie) //ANYTHING OTHER THAN TRUE FROM AUTHENTICATE MEANS IT FAILED if ((Authenticate(Session)==TRUE) && StrLen(Session->UserName)) result=TRUE; //If authentication provided any users settings, then apply those if (StrLen(Session->UserSettings)) ParseConfigItemList(Session->UserSettings); //The FLAG_SSL_CERT_REQUIRED flag might have been set by user settings //during authentication, so check it again here if (! HTTPServerCheckCertificate(Session, Session->S)) result=FALSE; if (result) HTTPServerHandleRegister(Session, LOGGED_IN); else HTTPServerHandleRegister(Session, LOGIN_FAIL); } if (result==TRUE) { Session->AuthenticatedUser=CopyStr(Session->AuthenticatedUser,Session->UserName); Session->Flags |= SESSION_AUTHENTICATED; } return(result); }