int
decode_mountd(u_char *buf, int len, u_char *obuf, int olen)
{
XDR xdrs;
struct buf outbuf;
struct rpc_msg msg;
struct xid_map *xm;
struct fhstatus fhstat;
char *p, *dir;
int i, hdrlen;
buf_init(&outbuf, obuf, olen);
if ((hdrlen = rpc_decode(buf, len, &msg)) == 0)
return (0);
if (msg.rm_direction == CALL &&
msg.rm_call.cb_prog == MOUNTPROG &&
msg.rm_call.cb_proc == MOUNTPROC_MNT) {
xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen, XDR_DECODE);
dir = NULL;
if (xdr_string(&xdrs, &dir, MAXPATHLEN)) {
xid_map_enter(msg.rm_xid, MOUNTPROG, MOUNTVERS,
MOUNTPROC_MNT, (void *) dir);
}
xdr_destroy(&xdrs);
}
else if (msg.rm_direction == REPLY &&
(xm = xid_map_find(msg.rm_xid)) != NULL) {
if (msg.rm_reply.rp_stat == MSG_ACCEPTED &&
msg.acpted_rply.ar_stat == SUCCESS) {
xdrmem_create(&xdrs, buf + hdrlen, len - hdrlen,
XDR_DECODE);
if (xdr_fhstatus(&xdrs, &fhstat)) {
if (fhstat.fhs_status == 0) {
buf_putf(&outbuf, "%s [",
(char *)xm->data);
p = fhstat.fhstatus_u.fhs_fhandle;
for (i = 0; i < FHSIZE; i++) {
buf_putf(&outbuf, "%.2x ",
p[i] & 0xff);
}
buf_put(&outbuf, "]\n", 2);
}
}
xdr_destroy(&xdrs);
}
free(xm->data);
memset(xm, 0, sizeof(*xm));
}
buf_end(&outbuf);
return (buf_len(&outbuf));
}
int
decode_imap(u_char *buf, int len, u_char *obuf, int olen)
{
struct buf *line, inbuf, outbuf;
int i;
buf_init(&inbuf, buf, len);
buf_init(&outbuf, obuf, olen);
while ((i = buf_index(&inbuf, "\r\n", 2)) != -1) {
line = buf_tok(&inbuf, NULL, i);
buf_skip(&inbuf, 2);
if ((i = buf_index(line, " ", 1)) != -1) {
buf_skip(line, i + 1);
if (buf_cmp(line, "LOGIN ", 6) == 0) {
buf_putf(&outbuf, "%.*s\n",
buf_len(line), buf_ptr(line));
}
}
}
buf_end(&outbuf);
return (buf_len(&outbuf));
}
int
decode_ftp(u_char *buf, int len, u_char *obuf, int olen)
{
struct buf *line, inbuf, outbuf;
int i, n;
if ((len = strip_telopts(buf, len)) == 0)
return (0);
buf_init(&inbuf, buf, len);
buf_init(&outbuf, obuf, olen);
if (!buf_isascii(&inbuf))
return (0);
n = 0;
while ((i = buf_index(&inbuf, "\n", 1)) != -1) {
line = buf_tok(&inbuf, NULL, i);
buf_skip(&inbuf, 1);
if (i > 0 && line->base[i - 1] == '\r')
line->end--;
line->base[line->end] = '\0';
if (strncasecmp(buf_ptr(line), "USER ", 5) == 0 ||
strncasecmp(buf_ptr(line), "ACCT ", 5) == 0 ||
strncasecmp(buf_ptr(line), "PASS ", 5) == 0) {
buf_putf(&outbuf, "%s\n", buf_ptr(line));
n++;
}
}
if (n < 2) return (0);
buf_end(&outbuf);
return (buf_len(&outbuf));
}
int
decode_aim(u_char *buf, int len, u_char *obuf, int olen)
{
struct buf *msg, inbuf, outbuf;
struct flap *flap;
u_char c, *p;
int i, j;
buf_init(&inbuf, buf, len);
buf_init(&outbuf, obuf, olen);
if (buf_cmp(&inbuf, "FLAPON\r\n\r\n", 10) == 0)
buf_skip(&inbuf, 10);
while (buf_len(&inbuf) > sizeof(*flap)) {
flap = (struct flap *)buf_ptr(&inbuf);
flap->datalen = ntohs(flap->datalen);
i = sizeof(*flap) + flap->datalen;
if ((msg = buf_tok(&inbuf, NULL, i)) == NULL)
break;
buf_skip(msg, sizeof(*flap));
if (buf_cmp(msg, "toc_signon ", 11) == 0) {
msg->base[msg->end - 1] = '\0';
p = buf_ptr(msg);
for (i = 0; i < 4; i++) {
if ((j = strcspn(p, " ")) > 0)
p += (j + 1);
}
if (strtok(p, " ") == NULL)
continue;
buf_putf(&outbuf, "%s ", buf_ptr(msg));
i = strlen(p);
j = hex_decode(p, i, p, i);
for (i = 0; i < j; i++)
p[i] = p[i] ^ aim_xor1[i % 7];
p[i] = '\0';
buf_putf(&outbuf, "[%s]\n", p);
}
else if (flap->start == 0x2a && flap->channel == 0x01 &&
buf_cmp(msg, "\x00\x00\x00\x01", 4) == 0) {
buf_skip(msg, 7);
buf_get(msg, &c, 1);
p = buf_ptr(msg);
if (c == 0 || buf_skip(msg, c + 3) < 0)
continue;
p[c] = '\0';
buf_get(msg, &c, 1);
if (buf_len(msg) < c + 1)
continue;
buf_putf(&outbuf, "%s\n", p);
p = buf_ptr(msg);
for (i = 0; i < c; i++) {
p[i] = p[i] ^ aim_xor2[i % sizeof(aim_xor2)];
}
p[i] = '\0';
buf_putf(&outbuf, "%s\n", p);
break;
}
}
buf_end(&outbuf);
return (buf_len(&outbuf));
}
