static void clean_session(http_auth_session *sess) { sess->can_handle = 0; HTTP_FREE(sess->basic); HTTP_FREE(sess->unq_realm); HTTP_FREE(sess->unq_nonce); HTTP_FREE(sess->unq_cnonce); HTTP_FREE(sess->opaque); HTTP_FREE(sess->username); if (sess->domain_count > 0) { split_string_free(sess->domain); sess->domain_count = 0; } }
void * capture(void *arg) { struct bpf_program bpf; char errbuf[PCAP_ERRBUF_SIZE]; char filter[300]; char ports_str[256]; char **ports; int r, n_ports; // Second argument 0 stands for non-promiscuous mode pcap = pcap_open_live(global_options.interface, CAPTURE_LENGTH, 0, READ_TIMEOUT, errbuf); if (!pcap) { LOGGER(ERROR, "pcap: %s\n", errbuf); return NULL; } if(port) { int i, n = 0 ; ports = split_string(port, strlen(port), ",", 1, &n_ports); if(n_ports > 10) { LOGGER(ERROR, "it's unscientific to listen so many ports.\n", errbuf); return NULL; } n = snprintf(ports_str, 256, "tcp port %s", ports[0]); for(i = 1; i < n_ports; i++) { n += snprintf(ports_str + n, 256, " or tcp port %s", ports[i]); } split_string_free(ports, n_ports); } // Capture only TCP if (global_options.server && n_ports) { sprintf(filter, "host %s and (%s)", global_options.server, ports_str); } else if (global_options.server && !n_ports) { sprintf(filter, "host %s", global_options.server); } else if (!global_options.server && n_ports) { sprintf(filter, " (%s)", ports_str); } else { sprintf(filter, "tcp"); } if (pcap_compile(pcap, &bpf, filter, 1, 0)) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return NULL; } if (pcap_setfilter(pcap, &bpf)) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return NULL; } // The -1 here stands for "infinity" r = pcap_loop(pcap, -1, process_packet, (unsigned char *) pcap); if (r == -1) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return NULL; } return NULL; }
int offline_capture(FILE *fcapture) { struct bpf_program bpf; char errbuf[PCAP_ERRBUF_SIZE]; char filter[300]; char ports_str[256]; char **ports; int r, n_ports; pcap = pcap_fopen_offline(fcapture, errbuf); if (!pcap) { LOGGER(ERROR, "pcap: %s\n", errbuf); return 1; } if(port) { int i, n = 0 ; ports = split_string(port, strlen(port), ",", 1, &n_ports); if(n_ports > 10) { LOGGER(ERROR, "it's unscientific to listen so many ports.\n", errbuf); return 1; } n = snprintf(ports_str, 256, "tcp port %s", ports[0]); for(i = 1; i < n_ports; i++) { n += snprintf(ports_str + n, 256, " or tcp port %s", ports[i]); } split_string_free(ports, n_ports); } // Capture only TCP if (global_options.server && n_ports) { sprintf(filter, "host %s and (%s)", global_options.server, ports_str); } else if (global_options.server && !n_ports) { sprintf(filter, "host %s", global_options.server); } else if (!global_options.server && n_ports) { sprintf(filter, "(%s)", ports_str); } else { sprintf(filter, "tcp"); } if (pcap_compile(pcap, &bpf, filter, 1, 0)) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return 1; } if (pcap_setfilter(pcap, &bpf)) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return 1; } // The -1 here stands for "infinity" r = pcap_loop(pcap, -1, process_packet, (unsigned char *) pcap); if (r == -1) { LOGGER(ERROR, "pcap: %s\n", pcap_geterr(pcap)); return 1; } return 1; }
/* A new challenge presented by the server */ int http_auth_challenge(http_auth_session *sess, const char *value) { char **pairs, *pnt, *unquoted, *key; struct http_auth_chall *chall = NULL, *challenges = NULL; int n, success; DEBUG(DEBUG_HTTPAUTH, "Got new auth challenge: %s\n", value); /* The header value may be made up of one or more challenges. * We split it down into attribute-value pairs, then search for * schemes in the pair keys. */ pairs = pair_string(value, ',', '=', HTTP_QUOTES, HTTP_WHITESPACE); for (n = 0; pairs[n]!=NULL; n+=2) { /* Look for an auth-scheme in the key */ pnt = strchr(pairs[n], ' '); if (pnt != NULL) { /* We have a new challenge */ DEBUG(DEBUG_HTTPAUTH, "New challenge.\n"); chall = ne_calloc(sizeof *chall); chall->next = challenges; challenges = chall; /* Initialize the challenge parameters */ /* Which auth-scheme is it (case-insensitive matching) */ if (strncasecmp(pairs[n], "basic ", 6) == 0) { DEBUG(DEBUG_HTTPAUTH, "Basic scheme.\n"); chall->scheme = http_auth_scheme_basic; } else if (strncasecmp(pairs[n], "digest ", 7) == 0) { DEBUG(DEBUG_HTTPAUTH, "Digest scheme.\n"); chall->scheme = http_auth_scheme_digest; } else { DEBUG(DEBUG_HTTPAUTH, "Unknown scheme.\n"); free(chall); challenges = NULL; break; } /* Now, the real key for this pair starts after the * auth-scheme... skipping whitespace */ while (strchr(HTTP_WHITESPACE, *(++pnt)) != NULL) /* nullop */; key = pnt; } else if (chall == NULL) { /* If we haven't got an auth-scheme, and we're * haven't yet found a challenge, skip this pair. */ continue; } else { key = pairs[n]; } DEBUG(DEBUG_HTTPAUTH, "Got pair: [%s] = [%s]\n", key, pairs[n+1]); /* Most values are quoted, so unquote them here */ unquoted = shave_string(pairs[n+1], '"'); /* Now parse the attribute */ DEBUG(DEBUG_HTTPAUTH, "Unquoted pair is: [%s]\n", unquoted); if (strcasecmp(key, "realm") == 0) { chall->realm = pairs[n+1]; } else if (strcasecmp(key, "nonce") == 0) { chall->nonce = pairs[n+1]; } else if (strcasecmp(key, "opaque") == 0) { chall->opaque = pairs[n+1]; } else if (strcasecmp(key, "domain") == 0) { chall->domain = pairs[n+1]; } else if (strcasecmp(key, "stale") == 0) { /* Truth value */ chall->stale = (strcasecmp(unquoted, "true") == 0); } else if (strcasecmp(key, "algorithm") == 0) { if (strcasecmp(unquoted, "md5") == 0) { chall->alg = http_auth_alg_md5; } else if (strcasecmp(unquoted, "md5-sess") == 0) { chall->alg = http_auth_alg_md5_sess; } else { chall->alg = http_auth_alg_unknown; } } else if (strcasecmp(key, "qop") == 0) { char **qops; int qop; qops = split_string(unquoted, ',', NULL, HTTP_WHITESPACE); chall->got_qop = 1; for (qop = 0; qops[qop] != NULL; qop++) { if (strcasecmp(qops[qop], "auth") == 0) { chall->qop_auth = 1; } else if (strcasecmp(qops[qop], "auth-int") == 0) { chall->qop_auth_int = 1; } } split_string_free(qops); } free(unquoted); } DEBUG(DEBUG_HTTPAUTH, "Finished parsing parameters.\n"); /* Did we find any challenges */ if (challenges == NULL) { pair_string_free(pairs); return -1; } success = 0; DEBUG(DEBUG_HTTPAUTH, "Looking for Digest challenges.\n"); /* Try a digest challenge */ for (chall = challenges; chall != NULL; chall = chall->next) { if (chall->scheme == http_auth_scheme_digest) { if (!digest_challenge(sess, chall)) { success = 1; break; } } } if (!success) { DEBUG(DEBUG_HTTPAUTH, "No good Digest challenges, looking for Basic.\n"); for (chall = challenges; chall != NULL; chall = chall->next) { if (chall->scheme == http_auth_scheme_basic) { if (!basic_challenge(sess, chall)) { success = 1; break; } } } if (!success) { /* No good challenges - record this in the session state */ DEBUG(DEBUG_HTTPAUTH, "Did not understand any challenges.\n"); } } /* Remember whether we can now supply the auth details */ sess->can_handle = success; while (challenges != NULL) { chall = challenges->next; free(challenges); challenges = chall; } /* Free up the parsed header values */ pair_string_free(pairs); return !success; }