int RequestedListingType(HTTPSession *Session, int *Flags) { char *Name=NULL, *Value=NULL, *ptr; int Action=ACTION_HTML; if (! (Settings.DirListFlags & DIR_SHOWFILES)) return(DIR_REJECT); ptr=GetNameValuePair(Session->Arguments,"&","=",&Name,&Value); while (ptr) { if ( StrLen(Name) && StrLen(Value)) { if (strcmp(Name,"format")==0) Action=MatchTokenFromList(Value,DirActionTypes,0); else if (strcmp(Name,"sort")==0) { if (strcmp(Value,"size")==0) *Flags=SORT_SIZE; else if (strcmp(Value,"rsize")==0) *Flags=SORT_RSIZE; else if (strcmp(Value,"time")==0) *Flags=SORT_TIME; else if (strcmp(Value,"rtime")==0) *Flags=SORT_RTIME; else if (strcmp(Value,"name")==0) *Flags=SORT_NAME; else if (strcmp(Value,"rname")==0) *Flags=SORT_RNAME; //if (strcmp(Value,"rss")==0) *SortFlags=DIR_RSS; } else if (strcmp(Name,"all-selected")==0) *Flags|=SELECT_ALL; } ptr=GetNameValuePair(ptr,"&","=",&Name,&Value); } DestroyString(Name); DestroyString(Value); return(Action); }
void HTTPHandleWWWAuthenticate(HTTPInfoStruct *Info, char *Line) { char *ptr, *ptr2, *Token=NULL, *Name=NULL, *Value=NULL; char *AuthTypeStrings[]={"Basic","Digest",NULL}; typedef enum {AUTH_BASIC, AUTH_DIGEST} TAuthTypes; int result; if (! Info->Authorization) Info->Authorization=(HTTPAuthStruct *) calloc(1,sizeof(HTTPAuthStruct)); ptr=Line; while (isspace(*ptr)) ptr++; ptr=GetToken(ptr," ",&Token,0); result=MatchTokenFromList(Token,AuthTypeStrings,0); if (result==AUTH_BASIC) Info->Authorization->Flags |=HTTP_AUTH_BASIC; if (result==AUTH_DIGEST) Info->Authorization->Flags |=HTTP_AUTH_DIGEST; while (ptr) { ptr=GetToken(ptr,",",&Token,GETTOKEN_QUOTES); StripLeadingWhitespace(Token); StripTrailingWhitespace(Token); ptr2=GetToken(Token,"=",&Name,GETTOKEN_QUOTES); ptr2=GetToken(ptr2,"=",&Value,GETTOKEN_QUOTES); if (strcasecmp(Name,"realm")==0) Info->Authorization->AuthRealm=CopyStr(Info->Authorization->AuthRealm,Value); if (strcasecmp(Name,"qop")==0) Info->Authorization->AuthQOP=CopyStr(Info->Authorization->AuthQOP,Value); if (strcasecmp(Name,"nonce")==0) Info->Authorization->AuthNonce=CopyStr(Info->Authorization->AuthNonce,Value); if (strcasecmp(Name,"opaque")==0) Info->Authorization->AuthOpaque=CopyStr(Info->Authorization->AuthOpaque,Value); } DestroyString(Token); DestroyString(Name); DestroyString(Value); }
ListNode *ParserParseDocument(const char *TypeStr, const char *Doc) { ListNode *Node, *Items; const char *Types[]= {"json","rss","yaml","config","ini","url",NULL}; const char *ptr; char *Token=NULL; int Type; if (! StrValid(TypeStr)) return(NULL); if (! StrValid(Doc)) return(NULL); GetToken(TypeStr,";",&Token,0); StripTrailingWhitespace(Token); StripLeadingWhitespace(Token); ptr=Token; if (strncmp(ptr,"application/",12)==0) ptr+=12; if (strncmp(ptr,"x-www-form-urlencoded",21)==0) ptr="url"; Type=MatchTokenFromList(ptr,Types,0); Items=ListCreate(); ptr=Doc; while (isspace(*ptr)) ptr++; if (*ptr=='{') ptr++; if (*ptr=='[') ptr++; ParserParseItems(Type, ptr, Items, 0); fflush(NULL); return(ParserOpenItem(Items,"/")); }
int ANSIParseColor(const char *Str) { int val; val=MatchTokenFromList(Str, ANSIColorStrings, 0); if (val==-1) val=ANSI_NONE; return(val); }
static int CrayonType(const char *String) { int val; if (! StrValid(String)) return(-1); if (*String=='#') return(-1); val=MatchTokenFromList(String, CrayonTypes, 0); if (val==-1) val=0; return(val); }
int OSSAlterVolume(char *device, char *type_str, int delta) { int type; type=MatchTokenFromList(type_str,VolTypeStrings,0); if ((type==VOL_ALL) || (type==-1)) { OSSAlterVolumeType(device, VOL_MASTER, delta); OSSAlterVolumeType(device, VOL_PCM, delta); } else OSSAlterVolumeType(device, type, delta); }
static int IsFlag(const char *String) { const char *AttribStrings[]={"top","bottom","persist","transient","refresh",NULL}; int AttribFlags[]={FLAG_TOP, FLAG_BOTTOM, FLAG_PERSIST, FLAG_TRANSIENT, FLAG_REFRESH}; int val; val=MatchTokenFromList(String,AttribStrings,0); if (val > -1) return(AttribFlags[val]); return(0); }
static int IsAttrib(const char *String) { const char *AttribStrings[]={"caps","bold","hide","blink","uppercase","underline","lowercase","inverse",NULL}; int AttribFlags[]={FLAG_CAPS, FLAG_BOLD, FLAG_HIDE, FLAG_BLINK, FLAG_CAPS, FLAG_UNDER, FLAG_LOWERCASE, FLAG_INVERSE}; int val; val=MatchTokenFromList(String,AttribStrings,0); if (val > -1) return(AttribFlags[val]); return(ParseColor(String)); }
//colors can be either a color name or a forecolor/backcolor pair static int ParseColor(const char *ColorString) { const char *ptr; int val=0, Attrib=0; char *Token=NULL; ptr=strchr(ColorString,'/'); if (ptr) { Token=CopyStrLen(Token,ColorString,ptr-ColorString); val=MatchTokenFromList(ptr+1,Colors,0); if (val > 0) Attrib=val << 8; } else Token=CopyStr(Token, ColorString); val=MatchTokenFromList(Token,Colors,0); if (val > -1) Attrib |= val; Destroy(Token); return(Attrib); }
int ParseQueryType(char *String) { switch (MatchTokenFromList(String,QueryTypeStr,0)) { case QT_ADDR: return(DNSREC_ADDRESS); break; case QT_CNAME: return(CNAME); break; case QT_HINFO: return(DNSREC_HOSTINFO); break; case QT_SOA: return(SOA); break; case QT_WKS: return(DNSREC_KNOWNSERVICE); break; case QT_NS: return(DNSREC_NAMESERVER); break; case QT_MX: return(DNSREC_MAILEXCHANGE); break; case QT_TXT: return(DNSREC_TEXT); break; } return(0); }
void ParseEventConfig(char *ConfigLine) { const char *EventTypeStrings[]={"Method","Path","User","ClientIP","BadURL","Header","ResponseCode",NULL}; char *Token=NULL, *ptr; ListNode *Node; int Type; if (! Settings.Events) Settings.Events=ListCreate(); ptr=GetToken(ConfigLine,":",&Token,0); Type=MatchTokenFromList(Token,EventTypeStrings,0); ptr=GetToken(ptr,":",&Token,0); Node=ListAddNamedItem(Settings.Events,Token,CopyStr(NULL,ptr)); Node->ItemType=Type; DestroyString(Token); }
int GetContainerFileType(char *URL) { char *Tempstr=NULL, *ptr; int val; Tempstr=CopyStr(Tempstr,URL); //strip off any 'http GET' style arguments ptr=strrchr(Tempstr,'?'); if (ptr) *ptr='\0'; //get path file extension ptr=strrchr(Tempstr,'.'); val=MatchTokenFromList(ptr,ContainerTypes,0); DestroyString(Tempstr); return(val); }
int SetGlobalConnectionChain(const char *Chain) { char *Token=NULL, *Type=NULL; const char *ptr; int result=TRUE, count=0; ptr=GetToken(Chain, "|", &Token, 0); while (ptr) { GetToken(Token,":",&Type,0); if (MatchTokenFromList(Type, HopTypes, 0)==-1) result=FALSE; count++; ptr=GetToken(ptr, "|", &Token, 0); } GlobalConnectionChain=CopyStr(GlobalConnectionChain, Chain); DestroyString(Token); DestroyString(Type); return(result); }
char *FormatFancyDirComment(char *RetStr, ListNode *Vars) { ListNode *Curr; const char *NonDisplayingValues[]={"executable","FileSize","CTime-Secs","MTime-Secs","IsExecutable","getcontentlength","getcontenttype","getlastmodified","creationdate",NULL}; const char *ptr; RetStr=CopyStr(RetStr, ""); Curr=ListGetNext(Vars); while (Curr) { if (MatchTokenFromList(Curr->Tag, NonDisplayingValues,0)==-1) { ptr=Curr->Tag; if (strncmp(ptr,"Media-",6)==0) ptr+=6; RetStr=MCatStr(RetStr,ptr, ":", Curr->Item, " ", NULL); } Curr=ListGetNext(Curr); } return(RetStr); }
int GetContainerFileType(const char *URL) { char *Tempstr=NULL, *ptr; int val; Tempstr=CopyStr(Tempstr,URL); //strip off any 'http GET' style arguments ptr=strrchr(Tempstr,'?'); if (ptr) *ptr='\0'; //get path file extension ptr=strrchr(Tempstr,'.'); val=MatchTokenFromList(ptr,ContainerTypes,0); DestroyString(Tempstr); if (val==-1) return(TYPE_NONE); if (Flags & FLAG_DEBUG2) fprintf(stderr,"CONTAINERTYPE: %s\n",ContainerTypes[val]); return(ContainerIDs[val]); }
int HTTPServerReadHeaders(HTTPSession *Session) { char *Tempstr=NULL, *Token=NULL, *ptr; ListNode *Curr; int val; HTTPSessionClear(Session); Tempstr=STREAMReadLine(Tempstr,Session->S); if (! Tempstr) return(FALSE); StripTrailingWhitespace(Tempstr); //First line of the HTTP request is the 'Command' in the form "<method> <url>?<arguments> <HTTP version>" HTTPServerParseCommand(Session, Session->S, Tempstr); Tempstr=STREAMReadLine(Tempstr,Session->S); if (Tempstr) { StripTrailingWhitespace(Tempstr); StripLeadingWhitespace(Tempstr); } while (StrLen(Tempstr) ) { if (Settings.Flags & FLAG_LOG_VERBOSE) LogToFile(Settings.LogPath,"<< %s",Tempstr); ptr=GetToken(Tempstr,":",&Token,0); while (isspace(*ptr)) ptr++; val=MatchTokenFromList(Token,HeaderStrings,0); ListAddNamedItem(Session->Headers,Token,CopyStr(NULL,ptr)); switch (val) { case HEAD_PROXYAUTH: if (IsProxyMethod(Session->MethodID)) { ptr=GetToken(ptr,"\\S",&Token,0); HTTPServerHandleAuthHeader(Session,val,Token,ptr); Session->AuthFlags |= FLAG_AUTH_PRESENT; } break; case HEAD_AUTH: if (IsProxyMethod(Session->MethodID)) { Session->RemoteAuthenticate=CopyStr(Session->RemoteAuthenticate,ptr); } if (StrLen(Session->UserName)==0) { ptr=GetToken(ptr,"\\S",&Token,0); HTTPServerHandleAuthHeader(Session,val,Token,ptr); Session->AuthFlags |= FLAG_AUTH_PRESENT; } break; case HEAD_HOST: Session->Host=CopyStr(Session->Host,ptr); ptr=strchr(Session->Host,':'); if (! ptr) { Token=FormatStr(Token,":%d",Settings.Port); Session->Host=CatStr(Session->Host,Token); } break; case HEAD_DEST: Session->Destination=HTTPUnQuote(Session->Destination,ptr); break; case HEAD_CONTENT_TYPE: HTTPServerParsePostContentType(Session, ptr); break; case HEAD_CONTENT_LENGTH: Session->ContentSize=atoi(ptr); break; case HEAD_DEPTH: if (strcasecmp(ptr,"infinity")==0) Session->Depth=INT_MAX; else Session->Depth=atoi(ptr); break; case HEAD_OVERWRITE: if (*ptr=='T') Session->Flags |= SESSION_OVERWRITE; break; case HEAD_CONNECTION: if ((Settings.Flags & FLAG_KEEPALIVES) && (strcasecmp(ptr,"Keep-Alive")==0)) Session->Flags |= SESSION_KEEPALIVE; break; case HEAD_AGENT: Session->UserAgent=CopyStr(Session->UserAgent,ptr); Curr=ListGetNext(Settings.UserAgents); while (Curr) { if (fnmatch(Curr->Tag,Session->UserAgent,0)==0) { if (Settings.Flags & FLAG_LOG_VERBOSE) LogToFile(Settings.LogPath,"Applying User Agent Settings: %s",Curr->Item); ParseConfigItemList((char *) Curr->Item); } Curr=ListGetNext(Curr); } break; case HEAD_COOKIE: if (StrLen(Session->Cookies)) Session->Cookies=MCopyStr(Session->Cookies,"; ",ptr,NULL); else Session->Cookies=CopyStr(Session->Cookies,ptr); Session->AuthFlags |= FLAG_AUTH_PRESENT; break; case HEAD_REFERER: Session->ClientReferrer=CopyStr(Session->ClientReferrer,ptr); break; case HEAD_ACCEPT_ENCODING: ptr=GetToken(ptr,",",&Token,0); while (ptr) { if (strcmp(Token,"gzip")==0) Session->Flags|=SESSION_ENCODE_GZIP; if (strcmp(Token,"x-gzip")==0) Session->Flags|=SESSION_ENCODE_GZIP | SESSION_ENCODE_XGZIP; ptr=GetToken(ptr,",",&Token,0); } break; case HEAD_ICECAST: if (atoi(ptr)) Session->Flags |= SESSION_ICECAST; break; case HEAD_IFMOD_SINCE: Session->IfModifiedSince=DateStrToSecs("%a, %d %b %Y %H:%M:%S %Z",ptr,NULL); break; case HEAD_UPGRADE: if ((strcasecmp(ptr,"Upgrade")==0) && SSLAvailable()) { if (! HTTPServerActivateSSL(Session,Settings.SSLKeys)) return; } else if (strcasecmp(ptr,"websocket")==0) Session->MethodID = METHOD_WEBSOCKET; break; case HEAD_WEBSOCK_KEY: Session->ContentBoundary=CopyStr(Session->ContentBoundary, ptr); break; case HEAD_WEBSOCK_KEY1: Session->ContentBoundary=CopyStr(Session->ContentBoundary, ptr); if (Session->MethodID==METHOD_WEBSOCKET) Session->MethodID = METHOD_WEBSOCKET75; break; case HEAD_WEBSOCK_KEY2: Session->ContentType=CopyStr(Session->ContentType, ptr); if (Session->MethodID==METHOD_WEBSOCKET) Session->MethodID = METHOD_WEBSOCKET75; break; case HEAD_WEBSOCK_PROTOCOL: Session->ContentType=CopyStr(Session->ContentType, ptr); break; case HEAD_WEBSOCK_VERSION: break; case HEAD_ORIGIN: break; } Tempstr=STREAMReadLine(Tempstr,Session->S); StripTrailingWhitespace(Tempstr); StripLeadingWhitespace(Tempstr); } if (strstr(Session->Arguments,"AccessToken")) Session->AuthFlags |= FLAG_AUTH_PRESENT | FLAG_AUTH_ACCESS_TOKEN; Session->URL=HTTPUnQuote(Session->URL,Session->OriginalURL); if (*Session->URL=='/') Session->Path=CopyStr(Session->Path,Session->URL); else Session->Path=MCopyStr(Session->Path,"/",Session->URL,NULL); DestroyString(Tempstr); DestroyString(Token); return(TRUE); }
static int MatchActionType(const char *Str) { const char *ActStrings[]={"", "args", "echo", "replace","setstr","setenv","send","bell","playsound","exec","passto","passinput","basename","setxtitle","restorextitle","setxlabel","xselection","setxiconname","raise","lower","iconify","deiconify","maximize","demaximize","wide","high","font","fontup","fontdown","cls","clearscreen","cleartoeol","altscreen","normscreen","xtermbgcolor","xtermfgcolor","rxvtbgcolor","rxvtfgcolor","bgcolor","fgcolor","dontcrayon","allowchildcrayon","redraw","infobar","querybar","selectbar","historybar","call",NULL}; return(MatchTokenFromList(Str, ActStrings, 0)); }
void ParseConfigItem(char *ConfigLine) { char *Token=NULL, *ptr; int result; const char *ConfTokens[]={"Chroot","Chshare","Chhome","AllowUsers","DenyUsers","Port","Banner","BannerFile","DataConnectionLowPort","DataConnectionHighPort","DataConnectionPortRange","ServLogFile","LogFile","Idle","MaxIdle","Locks","AuthFile","BindAddress","LogPasswords","AuthMethods","UserPrompt","PermittedCommands","DefaultGroup","MaxFileSize","UploadHook", "DownloadHook","RenameHook","DeleteHook","LoginHook","LogoutHook","ConnectUpHook","ConnectDownHook","ConfirmTransfer",NULL}; typedef enum {CT_CHROOT, CT_CHSHARE, CT_CHHOME, CT_ALLOWUSERS,CT_DENYUSERS,CT_PORT,CT_BANNER,CT_BANNERFILE,CT_DC_LOW_PORT, CT_DC_HIGH_PORT, CT_DC_RANGE,CT_SERVLOGFILE,CT_LOGFILE,CT_IDLE,CT_MAXIDLE,CT_LOCKS,CT_AUTHFILE,CT_BINDADDRESS,CT_LOGPASSWORDS,CT_AUTHMETHODS,CT_USERPROMPT,CT_PERMITTEDCOMMANDS,CT_DEFAULTGROUP, CT_MAXFILESIZE, CT_UPLOADHOOK, CT_DOWNLOADHOOK, CT_RENAMEHOOK, CT_DELETEHOOK, CT_LOGINHOOK, CT_LOGOUTHOOK, CT_CONNECTUPHOOK, CT_CONNECTDOWNHOOK, CT_CONFIRM_TRANSFER} EConfigStrings; struct group *grent; ptr=GetToken(ConfigLine,"=",&Token,0); StripLeadingWhitespace(Token); StripTrailingWhitespace(Token); result=MatchTokenFromList(Token,ConfTokens,0); if (ptr) { StripLeadingWhitespace(ptr); StripTrailingWhitespace(ptr); } switch(result) { case CT_PORT: Settings.Port=atoi(ptr); break; case CT_CHROOT: Settings.Flags|=FLAG_CHROOT; Settings.Chroot=CopyStr(Settings.Chroot,ptr); break; case CT_CHSHARE: Settings.Flags|=FLAG_CHSHARE; Settings.Chroot=CopyStr(Settings.Chroot,ptr); break; case CT_CHHOME: Settings.Flags|=FLAG_CHHOME; break; case CT_ALLOWUSERS: Settings.AllowUsers=CopyStr(Settings.AllowUsers,ptr); break; case CT_DENYUSERS: Settings.DenyUsers=CopyStr(Settings.DenyUsers,ptr); break; case CT_DC_LOW_PORT: Settings.DataConnectionLowPort=atoi(ptr); break; case CT_DC_HIGH_PORT: Settings.DataConnectionHighPort=atoi(ptr); break; case CT_DC_RANGE: ptr=GetToken(ptr,"-",&Token,0); Settings.DataConnectionLowPort=atoi(Token); Settings.DataConnectionHighPort=atoi(ptr); break; case CT_IDLE: Settings.DefaultIdle=atoi(ptr); break; case CT_MAXIDLE: Settings.MaxIdle=atoi(ptr); break; case CT_BANNER: Settings.ConnectBanner=CopyStr(Settings.ConnectBanner,ptr); break; case CT_BANNERFILE: Settings.ConnectBanner=ReadBannerFile(Settings.ConnectBanner,ptr); break; case CT_AUTHFILE: Settings.AuthFile=CopyStr(Settings.AuthFile,ptr); break; case CT_SERVLOGFILE: Settings.ServerLogPath=CopyStr(Settings.ServerLogPath,ptr); break; case CT_LOGFILE: Settings.LogPath=CopyStr(Settings.LogPath,ptr); break; case CT_LOCKS: if (strcmp(ptr,"Advisory")==0) Settings.Flags |= FLAG_ALOCK; else if (strcmp(ptr,"Mandatory")==0) Settings.Flags |= FLAG_MLOCK; else if (strcmp(ptr,"MandatoryWrite")==0) Settings.Flags |= FLAG_MLOCK | FLAG_ALOCK; break; case CT_BINDADDRESS: Settings.BindAddress=CopyStr(Settings.BindAddress,ptr); break; case CT_LOGPASSWORDS: Settings.Flags |= FLAG_LOGPASSWORDS; break; case CT_AUTHMETHODS: Settings.AuthMethods=CopyStr(Settings.AuthMethods,ptr); break; case CT_USERPROMPT: Settings.UserPrompt=CopyStr(Settings.UserPrompt,ptr); break; case CT_PERMITTEDCOMMANDS: ParsePermittedCommands(&Settings,ptr); break; case CT_DEFAULTGROUP: grent=getgrnam(ptr); Settings.DefaultGroupID=grent->gr_gid; break; case CT_MAXFILESIZE: Settings.MaxFileSize=strtod(ptr,NULL); break; case CT_UPLOADHOOK: Settings.UploadHook=CopyStr(Settings.UploadHook,ptr); break; case CT_DOWNLOADHOOK: Settings.DownloadHook=CopyStr(Settings.DownloadHook,ptr); break; case CT_RENAMEHOOK: Settings.RenameHook=CopyStr(Settings.RenameHook,ptr); break; case CT_DELETEHOOK: Settings.DeleteHook=CopyStr(Settings.DeleteHook,ptr); break; case CT_LOGINHOOK: Settings.LoginHook=CopyStr(Settings.LoginHook,ptr); break; case CT_LOGOUTHOOK: Settings.LogoutHook=CopyStr(Settings.LogoutHook,ptr); break; case CT_CONNECTUPHOOK: Settings.ConnectUpHook=CopyStr(Settings.ConnectUpHook,ptr); break; case CT_CONNECTDOWNHOOK: Settings.ConnectDownHook=CopyStr(Settings.ConnectDownHook,ptr); break; case CT_CONFIRM_TRANSFER: Settings.ConfirmTransfer=MatchTokenFromList(ptr,HashNames,0); break; } DestroyString(Token); }
void ParseCommandLine(int argc, char *argv[]) { int count, val; if (argc < 2) return; if (strcmp(argv[1],"-user")==0) { ParseCommandLineUpdateUser(argc,argv); exit(0); } for (count=1; count < argc; count++) { val=MatchTokenFromList(argv[count],ArgStrings,MATCH_TOKEN_CASE); switch (val) { case ARG_PROXY: Settings.Flags |= MODE_FTP_PROXY; break; case ARG_CHHOME: Settings.Flags |= FLAG_CHHOME; break; case ARG_SYSLOG: Settings.Flags |= FLAG_SYSLOG; break; case ARG_INETD: case ARG_INETD2: Settings.Flags |= MODE_INETD; break; case ARG_CHROOT: Settings.Flags|=FLAG_CHROOT; Settings.Chroot=CopyStr(Settings.Chroot,argv[++count]); break; case ARG_CHSHARE: Settings.Flags|=FLAG_CHSHARE; Settings.Chroot=CopyStr(Settings.Chroot,argv[++count]); break; case ARG_PORT: case ARG_PORT2: Settings.Port=atoi(argv[++count]); break; case ARG_NODEMON: Settings.Flags &= ~FLAG_DEMON; break; case ARG_CONFIG_FILE: Settings.ConfigFile=CopyStr(Settings.ConfigFile,argv[++count]); break; case ARG_AUTH_METHODS: Settings.AuthMethods=CopyStr(Settings.AuthMethods,argv[++count]); break; case ARG_AUTH_FILE: Settings.AuthFile=CopyStr(Settings.AuthFile,argv[++count]); break; case ARG_LOGFILE: case ARG_LOGFILE2: Settings.LogPath=CopyStr(Settings.LogPath,argv[++count]); break; case ARG_ALLOWUSERS: Settings.AllowUsers=CopyStr(Settings.AllowUsers,argv[++count]); break; case ARG_DENYUSERS: Settings.DenyUsers=CopyStr(Settings.DenyUsers,argv[++count]); break; case ARG_NOPASV: Settings.Flags |= FLAG_NOPASV; break; case ARG_DCLOW: Settings.DataConnectionLowPort=atoi(argv[++count]); break; case ARG_DCHIGH: Settings.DataConnectionHighPort=atoi(argv[++count]); break; case ARG_IDLE: Settings.DefaultIdle=atoi(argv[++count]); break; case ARG_MAXIDLE: Settings.MaxIdle=atoi(argv[++count]); break; case ARG_MLOCKS: Settings.Flags |= FLAG_MLOCK; break; case ARG_ALOCKS: Settings.Flags |= FLAG_ALOCK; break; case ARG_MALOCKS: Settings.Flags |= FLAG_MLOCK | FLAG_ALOCK; break; case ARG_BINDADDRESS: case ARG_INTERFACE: Settings.BindAddress=CopyStr(Settings.BindAddress,argv[++count]); break; case ARG_IPV4: Settings.BindAddress=CopyStr(Settings.BindAddress,"0.0.0.0"); break; case ARG_UPDATE_PASSWORD: Settings.UpdatePasswordType=CopyStr(Settings.UpdatePasswordType, argv[++count]); break; case ARG_CONFIRM_TRANSFER: Settings.ConfirmTransfer=MatchTokenFromList(argv[++count],HashNames,0); break; /* case ARG_PERMITTEDCOMMANDS: Settings.PermittedCommands=CopyStr(Settings.PermittedCommands,argv[++count]); break; */ case ARG_HELP1: case ARG_HELP2: case ARG_HELP3: PrintUsage(); break; case ARG_VERSION: case ARG_VERSION2: printf("metaftpd %s\n",Version); exit(0); break; } } if ( (! (Settings.Flags & MODE_FTP_SERVER)) && (! (Settings.Flags & MODE_FTP_PROXY)) ) { Settings.Flags |= MODE_FTP_SERVER; } }
void ParseConfigItem(char *ConfigLine) { const char *ConfTokens[]={"Chroot","Chhome","AllowUsers","DenyUsers","Port","LogFile","AuthPath","BindAddress","LogPasswords","HttpMethods","AuthMethods","DefaultUser","DefaultGroup","Path","FileType","LogVerbose","AuthRealm","Compression","DirListType","DisplayNameLen","MaxLogSize","ScriptHandler","ScriptHashFile","WebsocketHandler","LookupClientName","SanitizeAllowTags","CustomHeader","UserAgentSettings", "SSLKey","SSLCert","SSLCiphers","SSLDHParams","SSLClientCertificate","SSLVerifyPath", "SSLVersion", "Event","FileCacheTime","HttpKeepAlive","AccessTokenKey","Timezone","MaxMemory","MaxStack","ActivityTimeout","PackFormats",NULL}; typedef enum {CT_CHROOT, CT_CHHOME, CT_ALLOWUSERS,CT_DENYUSERS,CT_PORT, CT_LOGFILE,CT_AUTHFILE,CT_BINDADDRESS,CT_LOGPASSWORDS,CT_HTTPMETHODS, CT_AUTHMETHODS,CT_DEFAULTUSER, CT_DEFAULTGROUP, CT_PATH, CT_FILETYPE, CT_LOG_VERBOSE, CT_AUTH_REALM, CT_COMPRESSION, CT_DIRTYPE, CT_DISPLAYNAMELEN, CT_MAXLOGSIZE, CT_SCRIPTHANDLER, CT_SCRIPTHASHFILE, CT_WEBSOCKETHANDLER, CT_LOOKUPCLIENT, CT_SANITIZEALLOW, CT_CUSTOMHEADER, CT_USERAGENTSETTINGS, CT_SSLKEY, CT_SSLCERT, CT_SSLCIPHERS, CT_SSLDHPARAMS, CT_CLIENT_CERTIFICATION, CT_SSLVERIFY_PATH, CT_SSL_VERSION, CT_EVENT, CT_FILE_CACHE_TIME, CT_SESSION_KEEPALIVE, CT_ACCESS_TOKEN_KEY, CT_TIMEZONE, CT_MAX_MEM, CT_MAX_STACK, CT_ACTIVITY_TIMEOUT, CT_ARCHIVE_FORMATS} TConfigTokens; char *Token=NULL, *ptr; struct group *grent; struct stat Stat; TConfigTokens TokType; ptr=GetToken(ConfigLine,"=|:",&Token,GETTOKEN_MULTI_SEPARATORS); StripLeadingWhitespace(Token); StripTrailingWhitespace(Token); TokType=MatchTokenFromList(Token,ConfTokens,0); switch(TokType) { case CT_PORT: Settings.Port=atoi(ptr); break; case CT_CHROOT: Settings.Flags &= ~FLAG_CHHOME; Settings.Flags |= FLAG_CHROOT; Settings.DefaultDir=CopyStr(Settings.DefaultDir,ptr); break; case CT_CHHOME: Settings.Flags &= ~FLAG_CHROOT; Settings.Flags|=FLAG_CHHOME; break; case CT_ALLOWUSERS: Settings.AllowUsers=CopyStr(Settings.AllowUsers,ptr); break; case CT_DENYUSERS: Settings.DenyUsers=CopyStr(Settings.DenyUsers,ptr); break; case CT_AUTHFILE: Settings.AuthPath=CopyStr(Settings.AuthPath,ptr); break; case CT_BINDADDRESS: Settings.BindAddress=CopyStr(Settings.BindAddress,ptr); break; case CT_LOGPASSWORDS: // Settings.Flags |= FLAG_LOGPASSWORDS; break; case CT_DISPLAYNAMELEN: Settings.DisplayNameLen=atoi(ptr); break; case CT_AUTHMETHODS: Settings.AuthMethods=CopyStr(Settings.AuthMethods,ptr); break; case CT_HTTPMETHODS: Settings.HttpMethods=CopyStr(Settings.HttpMethods,ptr); break; case CT_DEFAULTUSER: Settings.DefaultUser=CopyStr(Settings.DefaultUser,ptr); break; case CT_DEFAULTGROUP: Settings.DefaultGroup=CopyStr(Settings.DefaultGroup,ptr); grent=getgrnam(ptr); if (grent) Settings.DefaultGroupID=grent->gr_gid; break; case CT_SSLKEY: if (! Settings.SSLKeys) Settings.SSLKeys=ListCreate(); Token=FormatStr(Token,"SSL_KEY_FILE:%d",ListSize(Settings.SSLKeys)); ListAddNamedItem(Settings.SSLKeys,Token,CopyStr(NULL,ptr)); Settings.Flags |=FLAG_SSL; break; case CT_SSLCERT: if (! Settings.SSLKeys) Settings.SSLKeys=ListCreate(); Token=FormatStr(Token,"SSL_CERT_FILE:%d",ListSize(Settings.SSLKeys)); ListAddNamedItem(Settings.SSLKeys,Token,CopyStr(NULL,ptr)); Settings.Flags |=FLAG_SSL; break; case CT_SSLCIPHERS: LibUsefulSetValue("SSL-Permitted-Ciphers",ptr); break; case CT_SSLDHPARAMS: LibUsefulSetValue("SSL-DHParams-File",ptr); break; case CT_SSL_VERSION: LibUsefulSetValue("SSL-Level",ptr); break; case CT_AUTH_REALM: Settings.AuthRealm=CopyStr(Settings.AuthRealm,ptr); break; case CT_COMPRESSION: if (strcasecmp(ptr,"partial")==0) { Settings.Flags &= ~FLAG_COMPRESS; Settings.Flags |= FLAG_PARTIAL_COMPRESS; } else if (! YesNoTrueFalse(ptr)) Settings.Flags &= ~(FLAG_COMPRESS | FLAG_PARTIAL_COMPRESS); else { Settings.Flags &= ~FLAG_PARTIAL_COMPRESS; Settings.Flags |= FLAG_COMPRESS; } break; case CT_PATH: ptr=GetToken(ptr,",",&Token,0); VPathParse(Settings.VPaths, Token, ptr); break; case CT_FILETYPE: VPathParse(Settings.VPaths, Token, ptr); break; case CT_DIRTYPE: ParseDirListType(ptr); break; case CT_LOGFILE: Settings.LogPath=CopyStr(Settings.LogPath,ptr); break; case CT_LOG_VERBOSE: if (YesNoTrueFalse(ptr)) Settings.Flags |= FLAG_LOG_VERBOSE; else Settings.Flags &= ~FLAG_LOG_VERBOSE; break; case CT_MAXLOGSIZE: Settings.MaxLogSize = (int) ParseHumanReadableDataQty(ptr, 0); break; case CT_SCRIPTHANDLER: ptr=GetToken(ptr,"=",&Token,0); if (! Settings.ScriptHandlers) Settings.ScriptHandlers=ListCreate(); SetTypedVar(Settings.ScriptHandlers,Token,ptr,PATHTYPE_CGI); break; case CT_SCRIPTHASHFILE: Settings.ScriptHashFile=CopyStr(Settings.ScriptHashFile,ptr); Settings.Flags |= FLAG_CHECK_SCRIPTS; break; case CT_WEBSOCKETHANDLER: if (! Settings.ScriptHandlers) Settings.ScriptHandlers=ListCreate(); ptr=GetToken(ptr,"=",&Token,0); SetTypedVar(Settings.ScriptHandlers,Token,ptr,PATHTYPE_WEBSOCKET); break; case CT_SANITIZEALLOW: if (! Settings.SanitizeArgumentsAllowedTags) Settings.SanitizeArgumentsAllowedTags=ListCreate(); ptr=GetToken(ptr,",",&Token,0); while (ptr) { SetVar(Settings.SanitizeArgumentsAllowedTags,Token,"Y"); ptr=GetToken(ptr,",",&Token,0); } break; case CT_CUSTOMHEADER: if (! Settings.CustomHeaders) Settings.CustomHeaders=ListCreate(); ptr=GetToken(ptr,":",&Token,0); ListAddNamedItem(Settings.CustomHeaders,Token,CopyStr(NULL,ptr)); break; case CT_LOOKUPCLIENT: if (YesNoTrueFalse(ptr)) Settings.Flags |= FLAG_LOOKUP_CLIENT; else Settings.Flags &= ~FLAG_LOOKUP_CLIENT; break; case CT_USERAGENTSETTINGS: if (! Settings.UserAgents) Settings.UserAgents=ListCreate(); ptr=GetToken(ptr,",",&Token,0); ListAddNamedItem(Settings.UserAgents,Token,CopyStr(NULL,ptr)); break; case CT_SSLVERIFY_PATH: if (stat(ptr,&Stat)==0) { if (S_ISDIR(Stat.st_mode)) LibUsefulSetValue("SSL_VERIFY_CERTDIR",ptr); else if (S_ISREG(Stat.st_mode)) LibUsefulSetValue("SSL_VERIFY_CERTFILE",ptr); } else HandleError(ERR_PRINT|ERR_LOG|ERR_EXIT, "ERROR: Can't access SSL certificate verify data at '%s'",ptr); break; case CT_CLIENT_CERTIFICATION: if (strcasecmp(ptr,"ask")==0) Settings.AuthFlags |= FLAG_AUTH_CERT_ASK; if (strcasecmp(ptr,"required")==0) Settings.AuthFlags |= FLAG_AUTH_CERT_REQUIRED; if (strcasecmp(ptr,"sufficient")==0) Settings.AuthFlags |= FLAG_AUTH_CERT_SUFFICIENT; if (strcasecmp(ptr,"optional")==0) Settings.AuthFlags |= FLAG_AUTH_CERT_SUFFICIENT; if (strcasecmp(ptr,"required+sufficient")==0) Settings.AuthFlags |= FLAG_AUTH_CERT_REQUIRED | FLAG_AUTH_CERT_SUFFICIENT; break; case CT_EVENT: ParseEventConfig(ptr); break; case CT_FILE_CACHE_TIME: Settings.DocumentCacheTime=strtol(ptr,NULL,10); break; case CT_SESSION_KEEPALIVE: if (YesNoTrueFalse(ptr)) Settings.Flags |= FLAG_KEEPALIVES; else Settings.Flags &= ~FLAG_KEEPALIVES; break; case CT_ACCESS_TOKEN_KEY: Settings.AccessTokenKey=CopyStr(Settings.AccessTokenKey,ptr); break; case CT_TIMEZONE: Settings.Timezone=CopyStr(Settings.Timezone,ptr); break; case CT_MAX_MEM: Settings.AddressSpace=CopyStr(Settings.AddressSpace,ptr); break; case CT_MAX_STACK: Settings.StackSize=CopyStr(Settings.StackSize,ptr); break; case CT_ACTIVITY_TIMEOUT: Settings.ActivityTimeout=atoi(ptr); break; case CT_ARCHIVE_FORMATS: Settings.PackFormats=ParsePackFormats(Settings.PackFormats, ptr); break; } DestroyString(Token); }
void VPathParse(ListNode *List, const char *PathType, const char *Data) { const char *PathTypes[]={"Files","Cgi","Websocket","Stream","Logout","Proxy","MimeIcons","FileType",NULL}; char *URL=NULL, *Path=NULL, *Tempstr=NULL; char *User=NULL, *Group=NULL, *Password=NULL; const char *ptr; TPathItem *PI=NULL; int Type, Flags=0; unsigned int CacheTime=0; Type=MatchTokenFromList(PathType,PathTypes,0); if (Type > -1) { ptr=GetToken(Data,",",&Tempstr,0); StripLeadingWhitespace(Tempstr); if (*Tempstr !='/') URL=MCopyStr(URL,"/",Tempstr,NULL); else URL=CopyStr(URL,Tempstr); ptr=GetToken(ptr,",",&Tempstr,0); while (ptr) { StripLeadingWhitespace(Tempstr); if (strncasecmp(Tempstr,"cache=",6)==0) CacheTime=atoi(Tempstr+6); else if (strncasecmp(Tempstr,"user="******"pass="******"passwd=",7)==0) Password=CopyStr(Password, Tempstr+7); else if (strncasecmp(Tempstr,"password="******"group=",6)==0) Group=CopyStr(Group, Tempstr+6); else if ( (strncasecmp(Tempstr,"exec=",5)==0) && YesNoTrueFalse(Tempstr+5)) Flags |= PATHITEM_EXEC; else if ( (strncasecmp(Tempstr,"upload=",7)==0) && YesNoTrueFalse(Tempstr+7)) Flags |= PATHITEM_UPLOAD; else if ( (strncasecmp(Tempstr,"uploads=",8)==0) && YesNoTrueFalse(Tempstr+8)) Flags |= PATHITEM_UPLOAD; else if (strncasecmp(Tempstr,"compress=",9)==0) { if (YesNoTrueFalse(Tempstr+9)) Flags |= PATHITEM_COMPRESS; else Flags |= PATHITEM_NO_COMPRESS; } else { if (StrLen(Path)) Path=MCatStr(Path, ":", Tempstr,NULL); else Path=CopyStr(Path, Tempstr); } ptr=GetToken(ptr,",",&Tempstr,0); } PI=PathItemCreate(Type, URL, Path); PI->Flags=Flags; PI->CacheTime=CacheTime; PI->User=CopyStr(PI->User, User); PI->Password=CopyStr(PI->Password, Password); PI->Group=CopyStr(PI->Group, Group); switch (PI->Type) { case PATHTYPE_LOGOUT: Settings.Flags |= FLAG_LOGOUT_AVAILABLE; break; case PATHTYPE_FILETYPE: ptr=PI->URL; if (*ptr=='/') ptr++; PI->Path=CopyStr(PI->Path, ptr); break; } ListAddNamedItem(List,PI->URL,PI); } else LogToFile(Settings.LogPath,"ERROR: Unknown Path type '%s' in Config File",Tempstr); DestroyString(Tempstr); DestroyString(Password); DestroyString(Group); DestroyString(User); DestroyString(Path); DestroyString(URL); }
void CGIDisplayPage() { char *HashType=NULL, *Encoding=NULL, *LineEnding=NULL, *SegmentChar=NULL, *Text=NULL, *Hash=NULL, *Token=NULL, *OptionsFile=NULL; const char *ptr; HashratCtx *Ctx; ListNode *Items; int Flags, i, OutputLength=0, SegmentLength=0; SegmentChar=CopyStr(SegmentChar, " "); Items=ListCreate(); //We don't need to read anything from disk, so in case we're running //as root, or something like that, let's try to chroot, so no weird attacks are possible //shouldn't work, because we shouldn't be running as root chdir("/var/empty"); chroot("."); //Send HTTP Headers printf("Content-type: text/html\r\n"); printf("Connection: close\r\n"); printf("Cache-control: private, max-age=0, no-cache\r\n"); printf("\r\n"); Flags=CGIParseArgs(getenv("QUERY_STRING"),"&","=",&HashType, &Encoding, &LineEnding, &Text, &OutputLength, &SegmentLength, &SegmentChar, &OptionsFile); printf("<body><html><form>\r\n"); printf("<h2 align=center>Hashrat: Online hash calculator</h2>\r\n"); printf("<div align=center>Version: %s, Licence: GPLv3, Author: Colum Paget, BugReports: colums projects at gmail dot com</div><p/>\r\n",VERSION); if (Flags & CGI_DOHASH) { Ctx=(HashratCtx *) calloc(1,sizeof(HashratCtx)); Ctx->HashType=CopyStr(Ctx->HashType,HashType); Ctx->Encoding |=ENCODE_HEX; i=MatchTokenFromList(Encoding, EncodingNames, 0); if (i > -1) Ctx->Encoding=Encodings[i]; if (StrLen(LineEnding)) { if (strcmp(LineEnding, "crlf")==0) Text=CatStr(Text,"\r\n"); if (strcmp(LineEnding, "lf")==0) Text=CatStr(Text,"\n"); if (strcmp(LineEnding, "cr")==0) Text=CatStr(Text,"\r"); } ProcessData(&Hash, Ctx, Text, StrLen(Text)); Token=ReformatHash(Token, Hash, OutputLength, SegmentLength, SegmentChar[0]); CGIDrawHashResult(Token); } printf("<table align=center bgcolor=#BBBBBB>\r\n"); printf("<tr>\r\n"); printf("<th colspan=2 bgcolor=blue><font color=white>New Hash</font></th>\r\n"); if (Flags & CGI_NOOPTIONS) { printf("<input type=hidden name=\"HashType\" value=\"%s\">\n",HashType); printf("<input type=hidden name=\"Encoding\" value=\"%s\">\n",Encoding); printf("<input type=hidden name=\"LineEnding\" value=\"%s\">\n",LineEnding); printf("<input type=hidden name=\"OutputLength\" value=\"%d\">\n",OutputLength); printf("<input type=hidden name=\"SegmentLength\" value=\"%d\">\n",SegmentLength); if (StrLen(SegmentChar)) printf("<input type=hidden name=\"SegmentChar\" value=\"%s\">\n",SegmentChar); printf("<input type=hidden name=\"NoOptions\" value=\"Y\">\n"); //if (StrLen(OptionsFile)) printf("<input type=hidden name=\"OptionsFile\" value=\"%d\">\n",OptionsFile); } else CGIDisplayOptions(HashType, Encoding, LineEnding, OutputLength); printf("<tr>\r\n"); CGIDrawTextInput(Flags); printf("</tr>\r\n"); printf("<tr><td colspan=4><input type=submit value=\"Hash it!\"></td></tr>\r\n"); printf("</table>\r\n"); printf("</form></html></body>\r\n"); fflush(NULL); ListDestroy(Items, Destroy); Destroy(LineEnding); Destroy(OptionsFile); Destroy(SegmentChar); Destroy(Encoding); Destroy(HashType); Destroy(Token); Destroy(Hash); Destroy(Text); }
//This function reads the first line of an HTTP Request, including the Method, URL, and cgi arguments void HTTPServerParseCommand(HTTPSession *Session, STREAM *S, char *Command) { char *Token=NULL, *ptr, *tmp_ptr; int val; GetSockDetails(S->in_fd,&Session->ServerName,&Session->ServerPort,&Session->ClientIP,&val); GetHostARP(Session->ClientIP, &Token, &Session->ClientMAC); if ((Settings.Flags & FLAG_LOOKUP_CLIENT) && StrLen(Session->ClientIP)) Session->ClientHost=CopyStr(Session->ClientHost,IPStrToHostName(Session->ClientIP)); LogToFile(Settings.LogPath,""); //Log first line of the response Token=MCopyStr(Token, "NEW REQUEST: ",Session->ClientHost," (",Session->ClientIP,") ", Command, NULL); if (Settings.Flags & FLAG_SSL) { Session->Cipher=CopyStr(Session->Cipher,STREAMGetValue(S,"SSL-Cipher")); Token=MCatStr(Token," SSL-CIPHER=", Session->Cipher, NULL); if (! HTTPServerCheckCertificate(Session,S)) exit(1); //Set the Username to be the common name signed in the certificate. If it doesn't //authenticate against a user then we can query for a username later Session->UserName=CopyStr(Session->UserName,STREAMGetValue(Session->S,"SSL-Certificate-CommonName")); if (Settings.AuthFlags & FLAG_AUTH_CERT_SUFFICIENT) { if (StrLen(Session->UserName)) Session->AuthFlags |= FLAG_AUTH_PRESENT; } } LogToFile(Settings.LogPath, "%s", Token); //Read Method (GET, POST, etc) ptr=GetToken(Command,"\\S",&Session->Method,0); Session->MethodID=MatchTokenFromList(Session->Method,HTTPMethods,0); //Read URL ptr=GetToken(ptr,"\\S",&Token,0); //Read Protocol (HTTP1.0, HTTP1.1, etc) ptr=GetToken(ptr,"\\S",&Session->Protocol,0); if (! StrLen(Session->Protocol)) Session->Protocol=CopyStr(Session->Protocol,"HTTP/1.0"); tmp_ptr=Token; //Clip out arguments from URL tmp_ptr=strchr(Token,'?'); if (tmp_ptr) { *tmp_ptr='\0'; tmp_ptr++; // Session->Arguments=HTTPUnQuote(Session->Arguments,tmp_ptr); //Don't unquote arguments here, one of them might contain '&' Session->Arguments=CopyStr(Session->Arguments,tmp_ptr); } //URL with arguments removed is the 'true' URL Session->OriginalURL=CopyStr(Session->OriginalURL,Token); if (StrLen(Session->OriginalURL)==0) Session->OriginalURL=CopyStr(Session->OriginalURL,"/"); if ( (strncasecmp(Session->OriginalURL,"http:",5)==0) || (strncasecmp(Session->OriginalURL,"https:",6)==0) ) { if (Session->MethodID==METHOD_GET) { Session->Method=CopyStr(Session->Method,"RGET"); Session->MethodID=METHOD_RGET; } if (Session->MethodID==METHOD_POST) { Session->Method=CopyStr(Session->Method,"RPOST"); Session->MethodID=METHOD_RPOST; } } DestroyString(Token); }
int STREAMProcessConnectHops(STREAM *S, const char *HopList) { int val, result=FALSE; char *Dest=NULL, *HopURL=NULL, *NextHop=NULL, *Token=NULL; const char *ptr; int count=0; ptr=GetToken(HopList, "|", &HopURL,0); //Note we check 'StrValid' not just whether ptr is null. This is because ptr will be an empty string //for the last token, and we don't want to process th last token, which will be the 'actual' connection while (StrValid(ptr)) { ptr=GetToken(ptr, "|", &NextHop,0); ParseConnectDetails(NextHop, NULL, &Dest, &Token, NULL, NULL, NULL); Dest=MCatStr(Dest,":",Token,NULL); GetToken(HopURL,":",&Token,0); val=MatchTokenFromList(Token,HopTypes,0); switch (val) { case CONNECT_HOP_TCP: //this type assumes that connecting to a host and port instantly puts us through to the Destination. //thus we do nothing with the Destination value, except maybe log it if connection fails //It's a no-op unless it's the first item in the connection chain, as otherwise previous connections //will have effectively processed this already if (count > 0) result=TRUE; else { if (STREAMDirectConnect(S, HopURL, 0)) result=TRUE; else RaiseError(0, "ConnectHopTCP", "failed to connect to %s for destination %s", HopURL, Dest); } break; case CONNECT_HOP_HTTPTUNNEL: result=ConnectHopHTTPSProxy(S, HopURL, Dest); break; case CONNECT_HOP_SSH: case CONNECT_HOP_SSHTUNNEL: if (count==0) result=ConnectHopSSH(S, val, HopURL, Dest); else { result=FALSE; RaiseError(0, "ConnectHopSSH", "SSH connect hops must be first in hop chain. Connection failed to %s for destination %s", HopURL, Dest); } break; case CONNECT_HOP_SOCKS4: case CONNECT_HOP_SOCKS5: result=ConnectHopSocks(S, val, HopURL, Dest); break; default: RaiseError(0, "ConnectHop", "unknown connection proxy type %s", HopURL); break; } S->State=SS_INITIAL_CONNECT_DONE; count++; HopURL=CopyStr(HopURL, NextHop); } if (StrValid(HopURL)) { if (! StrLen(S->Path)) S->Path=CopyStr(S->Path,HopURL); if (strncmp(HopURL,"ssl:",4)==0) DoSSLClientNegotiation(S,0); } DestroyString(HopURL); DestroyString(NextHop); DestroyString(Token); DestroyString(Dest); STREAMFlush(S); return(result); }
int libCryptoProcessorInit(TProcessingModule *ProcMod, const char *Args) { int result=FALSE; #ifdef HAVE_LIBSSL libCryptoProcessorData *Data; EVP_CIPHER_CTX *ctx; char *CipherList[]={"blowfish","rc2","rc4","rc5","des","desx","cast","idea","aes","aes-256",NULL}; int val; char *Tempstr=NULL; val=MatchTokenFromList(ProcMod->Name,CipherList,0); if (val==-1) return(FALSE); if (! libCryptoCipherAvailable(val)) return(FALSE); Data=(libCryptoProcessorData *) calloc(1,sizeof(libCryptoProcessorData)); //Tempstr here holds the cipher name InitialiseEncryptionComponents(Args, &Tempstr, &Data->InputVector, &Data->InputVectorLen, & Data->Key, &Data->KeyLen,&ProcMod->Flags); if (StrLen(ProcMod->Name)==0) ProcMod->Name=CopyStr(ProcMod->Name,Tempstr); switch(val) { /* case CI_NONE: Data->Cipher=EVP_enc_null(); break; */ case CI_BLOWFISH: #ifdef HAVE_EVP_BF_CBC Data->Cipher=EVP_bf_cbc(); #endif break; case CI_RC2: #ifdef HAVE_EVP_RC2_CBC Data->Cipher=EVP_rc2_cbc(); #endif break; case CI_RC4: #ifdef HAVE_EVP_RC4_CBC Data->Cipher=EVP_rc4(); #endif break; case CI_RC5: #ifdef HAVE_EVP_RC5_32_12_16_CBC //Data->Cipher=EVP_rc5_32_12_16_cbc(); #endif break; case CI_DES: #ifdef HAVE_EVP_DES_CBC Data->Cipher=EVP_des_cbc(); #endif break; case CI_DESX: #ifdef HAVE_EVP_DESX_CBC Data->Cipher=EVP_desx_cbc(); #endif break; case CI_CAST: #ifdef HAVE_EVP_CAST5_CBC Data->Cipher=EVP_cast5_cbc(); #endif break; case CI_IDEA: #ifdef HAVE_EVP_IDEA_CBC Data->Cipher=EVP_idea_cbc(); #endif break; case CI_AES: #ifdef HAVE_EVP_AES_128_CBC Data->Cipher=EVP_aes_128_cbc(); #endif break; case CI_AES_256: #ifdef HAVE_EVP_AES_256_CBC Data->Cipher=EVP_aes_256_cbc(); #endif break; } if (Data->Cipher) { Data->enc_ctx=(EVP_CIPHER_CTX *) calloc(1,sizeof(EVP_CIPHER_CTX)); Data->dec_ctx=(EVP_CIPHER_CTX *) calloc(1,sizeof(EVP_CIPHER_CTX)); EVP_CIPHER_CTX_init(Data->enc_ctx); EVP_CIPHER_CTX_init(Data->dec_ctx); Data->BlockSize=EVP_CIPHER_block_size(Data->Cipher); EVP_EncryptInit_ex(Data->enc_ctx,Data->Cipher,NULL,Data->Key,Data->InputVector); EVP_DecryptInit_ex(Data->dec_ctx,Data->Cipher,NULL,Data->Key,Data->InputVector); if (ProcMod->Flags & DPM_NOPAD_DATA) EVP_CIPHER_CTX_set_padding(Data->enc_ctx,FALSE); ProcMod->Data=Data; result=TRUE; DataProcessorSetValue(ProcMod,"Cipher",Tempstr); Tempstr=FormatStr(Tempstr,"%d",Data->BlockSize); DataProcessorSetValue(ProcMod,"BlockSize",Tempstr); } DestroyString(Tempstr); #endif return(result); }
int STREAMProcessConnectHop(STREAM *S, char *HopURL, int LastHop) { int val, result=FALSE; char *Token=NULL, *Token2=NULL; char *Tempstr=NULL; char *User=NULL, *Host=NULL,*Pass=NULL, *KeyFile=NULL; int Port=0; ParseConnectDetails(HopURL, &Token, &Host, &Token2, &User, &Pass, NULL); Port=atoi(Token2); val=MatchTokenFromList(Token,HopTypes,0); switch (val) { case CONNECT_HOP_TCP: if (S->in_fd==-1) { S->in_fd=ConnectToHost(Host,Port,0); S->out_fd=S->in_fd; if (S->in_fd > -1) result=TRUE; } break; case CONNECT_HOP_HTTPTUNNEL: result=DoHTTPProxyTunnel(S, Host, Port, S->Path, 0); break; case CONNECT_HOP_SSH: case CONNECT_HOP_SSHTUNNEL: result=ConnectHopSSH(S, val, Host, Port, User, Pass, S->Path); break; case CONNECT_HOP_SOCKS4: result=ConnectHopSocks(S, val, Host, Port, User, Pass, S->Path); break; case CONNECT_HOP_SHELL_CMD: break; case CONNECT_HOP_TELNET: if (Port > 0) { Tempstr=FormatStr(Tempstr,"telnet -8 %s %d ",Host, Port); } else Tempstr=FormatStr(Tempstr,"telnet -8 %s ",Host); if (S->in_fd==-1) { PseudoTTYSpawn(& S->in_fd,Tempstr,0); S->out_fd=S->in_fd; if (S->in_fd > -1) { result=TRUE; STREAMSetFlushType(S,FLUSH_LINE,0,0); } } else { Tempstr=CatStr(Tempstr,";exit\n"); STREAMWriteLine(Tempstr,S); result=TRUE; } if (StrLen(User) > 0) { Tempstr=MCopyStr(Tempstr,User,"\n",NULL); STREAMExpectAndReply(S,"ogin:",Tempstr); } if (StrLen(Pass) > 0) { Tempstr=MCopyStr(Tempstr,Pass,"\n",NULL); STREAMExpectAndReply(S,"assword:",Tempstr); } STREAMExpectSilence(S,2); break; } DestroyString(Tempstr); DestroyString(Token); DestroyString(KeyFile); DestroyString(Host); DestroyString(User); DestroyString(Pass); STREAMFlush(S); return(result); }
int AuthenticateExamineMethods(char *Methods, int LogErrors) { char *ptr, *Token=NULL; int MethodsFound=0, val; LogToFile(Settings.LogPath,"CONSIDER AUTH METHODS: %s",Methods); ptr=GetToken(Methods,",",&Token,0); while (ptr) { StripTrailingWhitespace(Token); StripLeadingWhitespace(Token); val=MatchTokenFromList(Token,AuthMethods,0); switch (val) { case -1: if (LogErrors) LogToFile(Settings.LogPath,"WARNING: unknown authentication method '%s'",Token); break; case AUTHTOK_NONE: case AUTHTOK_OPEN: MethodsFound |= AUTH_OPEN; break; case AUTHTOK_DENY: MethodsFound |= AUTH_DENY; break; case AUTHTOK_NATIVE: MethodsFound |= AUTH_NATIVE; break; case AUTHTOK_PAM: MethodsFound |= AUTH_PAM; break; case AUTHTOK_PASSWD: MethodsFound |= AUTH_PASSWD; break; case AUTHTOK_SHADOW: MethodsFound |= AUTH_SHADOW; break; case AUTHTOK_DIGEST: MethodsFound |= AUTH_DIGEST; break; case AUTHTOK_ACCESSTOKEN: MethodsFound |= AUTH_ACCESSTOKEN; break; case AUTHTOK_ACCESSTOKEN_HTTP: break; } ptr=GetToken(ptr,",",&Token,0); } if (LogErrors) { if ((Settings.AuthFlags & FLAG_AUTH_REQUIRED) && (MethodsFound == 0)) { LogToFile(Settings.LogPath,"WARNING: NO AUTHENTICATION SYSTEM CONFIGURED, but not set to run as an 'open' system"); } else if ((MethodsFound & AUTH_OPEN) && (MethodsFound != AUTH_OPEN)) { LogToFile(Settings.LogPath,"WARNING: 'open' authentication is enabled along with other authentication types. 'open' authentication means no authentication, so other auth types will be disabled."); } else if ( (MethodsFound & AUTH_DIGEST) && (((MethodsFound & ~(AUTH_DIGEST | AUTH_ACCESSTOKEN)) !=0) ) ) { LogToFile(Settings.LogPath,"WARNING: 'digest' authentication is enabled along with other authentication types. Digest authentication requires plain-text passwords in the *native* alaya authentication file, and cannot authenticate against /etc/passwd, /etc/shadow or PAM. Most clients will use digest in preference to 'basic' authentication. Thus including 'digest' will thus disable other authentication types."); } } DestroyString(Token); return(MethodsFound); }