tree_cell * nasl_telnet_init(lex_ctxt * lexic)
{
int soc = get_int_var_by_num(lexic, 0, -1);
int opts; /* number of options recorded */
unsigned char buffer[1024];
#define iac buffer[0]
#define code buffer[1]
#define option buffer[2]
tree_cell * retc;
int n = 0, n2;
if(soc <= 0 )
{
nasl_perror(lexic, "Syntax error in the telnet_init() function\n");
nasl_perror(lexic, "Correct syntax is : output = telnet_init(<socket>)\n");
return NULL;
}
iac = 255;
opts = 0;
while(iac == 255)
{
n = read_stream_connection_min(soc, buffer, 3, 3);
if((iac!=255)||(n<=0)||(n!=3))break;
if((code == 251)||(code == 252))code = 254; /* WILL , WONT -> DON'T */
else if((code == 253)||(code == 254))code = 252; /* DO,DONT -> WONT */
write_stream_connection(soc, buffer,3);
opts++;
if (opts>100) break;
}
if (n <= 0)
{
if (opts == 0)
return NULL;
else
n = 0;
}
if (opts>100) /* remote telnet server is crazy */
{
nasl_perror(lexic, "More than 100 options received by telnet_init() function! exiting telnet_init.\n");
return NULL;
}
n2 = read_stream_connection(soc, buffer + n, sizeof(buffer) - n);
if (n2 > 0)
n += n2;
retc = alloc_typed_cell(CONST_DATA);
retc->size = n;
retc->x.str_val = strndup(buffer, n);
#undef iac
#undef data
#undef option
return retc;
}
int
ftp_log_in (int soc, char *username, char *passwd)
{
char buf[1024];
int n;
int counter;
buf[sizeof (buf) - 1] = '\0';
n = recv_line (soc, buf, sizeof (buf) - 1);
if (n <= 0)
return (1);
if (strncmp (buf, "220", 3) != 0)
{
return 1;
}
counter = 0;
while (buf[3] == '-' && n > 0 && counter < 1024)
{
n = recv_line (soc, buf, sizeof (buf) - 1);
counter++;
}
if (counter >= 1024)
return 1; /* Rogue FTP server */
if (n <= 0)
return 1;
snprintf (buf, sizeof (buf), "USER %s\r\n", username); /* RATS: ignore */
write_stream_connection (soc, buf, strlen (buf));
n = recv_line (soc, buf, sizeof (buf) - 1);
if (n <= 0)
return 1;
if (strncmp (buf, "230", 3) == 0)
{
counter = 0;
while (buf[3] == '-' && n > 0 && counter < 1024)
{
n = recv_line (soc, buf, sizeof (buf) - 1);
counter++;
}
return 0;
}
if (strncmp (buf, "331", 3) != 0)
{
return 1;
}
counter = 0;
n = 1;
while (buf[3] == '-' && n > 0 && counter < 1024)
{
n = recv_line (soc, buf, sizeof (buf) - 1);
counter++;
}
if (counter >= 1024)
return 1;
snprintf (buf, sizeof (buf), "PASS %s\r\n", passwd); /* RATS: ignore */
write_stream_connection (soc, buf, strlen (buf));
n = recv_line (soc, buf, sizeof (buf) - 1);
if (n <= 0)
return 1;
if (strncmp (buf, "230", 3) != 0)
{
return 1;
}
counter = 0;
n = 1;
while (buf[3] == '-' && n > 0 && counter < 1024)
{
n = recv_line (soc, buf, sizeof (buf) - 1);
counter++;
}
return 0;
}
int
ftp_get_pasv_address (int soc, struct sockaddr_in *addr)
{
char buf[512];
char *t, *s;
unsigned char l[6];
unsigned long *a;
unsigned short *p;
snprintf (buf, 7, "PASV\r\n"); /* RATS: ignore */
write_stream_connection (soc, buf, strlen (buf));
bzero (buf, sizeof (buf));
bzero (addr, sizeof (struct sockaddr_in));
recv_line (soc, buf, sizeof (buf) - 1);
if (strncmp (buf, "227", 3) != 0)
return 1;
t = strchr (buf, '(');
if (t == NULL)
return 1;
t++;
s = strchr (t, ',');
if (s == NULL)
return 1;
s[0] = '\0';
l[0] = (unsigned char) atoi (t);
s++;
t = strchr (s, ',');
if (t == NULL)
return 1;
t[0] = 0;
l[1] = (unsigned char) atoi (s);
t++;
s = strchr (t, ',');
if (s == NULL)
return 1;
s[0] = 0;
l[2] = (unsigned char) atoi (t);
s++;
t = strchr (s, ',');
if (t == NULL)
return 1;
t[0] = 0;
l[3] = (unsigned char) atoi (s);
t++;
s = strchr (t, ',');
if (s == NULL)
return 1;
s[0] = 0;
l[4] = (unsigned char) atoi (t);
s++;
t = strchr (s, ')');
if (t == NULL)
return 1;
t[0] = 0;
l[5] = (unsigned char) atoi (s);
a = (unsigned long *) l;
p = (unsigned short *) (l + 4);
addr->sin_addr.s_addr = *a;
addr->sin_port = *p;
addr->sin_family = AF_INET;
return 0;
}
