/*
http://www.technoids.org/saslmech.html
C: AUTH PLAIN
S: 334
C: AHdlbGRvbgB3M2xkMG4=
S: 235 2.0.0 OK Authenticated
*/
int sendAuthPLAIN(int hSocket, char* szLogin, char* szPassword)
{
unsigned char* bufReceive = NULL;
unsigned char* bufSend = NULL;
unsigned char* szTmpBuf = NULL;
unsigned char* szTmpBuf64 = NULL;
int nSendBufferSize = 0;
int nReceiveBufferSize = 0;
writeError(ERR_DEBUG_MODULE, "[%s] Initiating PLAIN Authentication Attempt.", MODULE_NAME);
/* --- Send initial AUTH PLAIN command --- */
bufSend = malloc(12 + 1);
memset(bufSend, 0, 12 + 1);
sprintf((char *)bufSend, "AUTH PLAIN\r\n");
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
/* Server should respond with a 334 response code */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^334 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] SMTP server did not respond with \"334 \" to AUTH PLAIN request.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* Send logon credentials: B64(USERNAME\0USERNAME\0PASSWORD) */
nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
szTmpBuf = malloc(nSendBufferSize + 1);
memset(szTmpBuf, 0, nSendBufferSize + 1);
strncpy((char *)szTmpBuf, szLogin, strlen((char *)szLogin));
strncpy((char *)szTmpBuf + strlen(szLogin) + 1, szLogin, strlen(szLogin));
strncpy((char *)szTmpBuf + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
szTmpBuf64 = malloc((2 * nSendBufferSize + 2) + 1);
memset(szTmpBuf64, 0, (2 * nSendBufferSize + 2) + 1);
base64_encode((char *)szTmpBuf, nSendBufferSize, (char *)szTmpBuf64);
FREE(szTmpBuf);
bufSend = malloc(strlen((char *)szTmpBuf64) + 2 + 1);
memset(bufSend, 0, strlen((char *)szTmpBuf64) + 2 + 1);
sprintf((char *)bufSend, "%s\r\n", szTmpBuf64);
FREE(szTmpBuf64);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
return SUCCESS;
}
int sendAuthUSER(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char bufSend[BUF_SIZE];
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
int nRet = FAILURE;
writeError(ERR_DEBUG_MODULE, "[%s] Initiating USER (clear-text) Authentication Attempt.", MODULE_NAME);
/* send username */
memset(bufSend, 0, sizeof(bufSend));
if (_psSessionData->szDomain)
sprintf(bufSend, "USER %.100s@%.150s\r\n", szLogin, _psSessionData->szDomain);
else
sprintf(bufSend, "USER %.250s\r\n", szLogin);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+OK.*\r\n|-ERR.*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: Server did not respond as expected to USER authentication attempt: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
else if (strstr(bufReceive, " signing off."))
{
writeError(ERR_DEBUG_MODULE, "[%s] Server informed us it was signing off. Restarting connection.", MODULE_NAME);
nRet = MSTATE_NEW;
return(nRet);
}
else if (strstr(bufReceive, "ERR Cleartext login on this server requires the use of transport level security (SSL/TLS)"))
{
writeError(ERR_ERROR, "[%s] Server requires use of SSL/TLS.", MODULE_NAME);
return FAILURE;
}
else if (strstr(bufReceive, "ERR Clear text passwords have been disabled for this protocol."))
{
writeError(ERR_ERROR, "[%s] Server does not accept clear-text password authentication.", MODULE_NAME);
return FAILURE;
}
/* send password */
memset(bufSend, 0, sizeof(bufSend));
sprintf(bufSend, "PASS %.250s\r\n", szPassword);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
return SUCCESS;
}
int getAuthType(int hSocket, _MODULE_DATA* _psSessionData)
{
unsigned char* bufReceive;
unsigned char* bufSend;
int nSendBufferSize = 0;
int nReceiveBufferSize = 0;
bufSend = malloc(6 + 1);
memset(bufSend, 0, 6 + 1);
sprintf(bufSend, "CAPA\r\n");
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(bufSend);
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+OK .*\r\n\\.*\r\n|-ERR.*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: Server did not respond that it supported any of the authentication types we handle (USER, LOGIN, and NTLM). Use the AUTH module option to force the use of an authentication type: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
else if ((strstr(bufReceive,"USER") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: USER (clear-text)");
_psSessionData->nAuthType = AUTH_USER;
}
else if ((strstr(bufReceive,"SASL") != NULL))
{
if ((strstr(bufReceive,"PLAIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: SASL PLAIN");
_psSessionData->nAuthType = AUTH_PLAIN;
}
else if ((strstr(bufReceive,"LOGIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: SASL LOGIN");
_psSessionData->nAuthType = AUTH_LOGIN;
}
else if ((strstr(bufReceive,"NTLM") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: SASL NTLM");
_psSessionData->nAuthType = AUTH_NTLM;
}
else
{
writeError(ERR_ERROR, "[%s] Server requested unsupported SASL method.", MODULE_NAME);
return FAILURE;
}
}
return SUCCESS;
}
int initAuthSSL(int hSocket, _MODULE_DATA* _psSessionData)
{
unsigned char bufSend[BUF_SIZE];
unsigned char* bufReceive = NULL;
int nReceiveBufferSize;
writeError(ERR_NOTICE, "[%s] Establishing Explicit FTPS (FTP/SSL) session.", MODULE_NAME);
memset(bufSend, 0, BUF_SIZE);
sprintf((char*)bufSend, "AUTH TLS\r\n");
if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3}-.*\r\n[0-9]{3,3} .*\r\n|^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_DEBUG_MODULE, "[%s] failed: Server sent unknown or no response. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* 234 Proceed with negotiation. */
if (strncmp((char*)bufReceive, "234 ", 4) == 0)
{
FREE(bufReceive);
if (medusaConnectSocketSSL(_psSessionData->params, hSocket) < 0)
{
writeError(ERR_ERROR, "[%s] Failed to establish SSL connection.", MODULE_NAME);
return FAILURE;
}
}
else
{
writeError(ERR_ERROR, "[%s] Failed to establish SSL connection. Server sent response: %c%c%c", MODULE_NAME, bufReceive[0], bufReceive[1], bufReceive[2]);
return FAILURE;
}
return SUCCESS;
}
/* A0001 AUTHENTICATE PLAIN credentials(base64) */
int sendAuthPlain(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char* bufSend = NULL;
unsigned char* bufReceive = NULL;
unsigned char* szTmp = NULL;
unsigned char* szEncodedAuth = NULL;
int nSendBufferSize = 0;
int nReceiveBufferSize = 0;
/* Send initial AUTHENTICATE PLAIN command */
nSendBufferSize = strlen(_psSessionData->szTag) + 21;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s AUTHENTICATE PLAIN\r\n", _psSessionData->szTag);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+ *\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] IMAP server did not respond with \"+\" to AUTHENTICATE PLAIN request.", MODULE_NAME);
writeError(ERR_ERROR, "[%s] IMAP server sent the following response: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
/* Build a null separated string of szLogin \0 szLogin \0 szPassword */
nSendBufferSize = strlen(szLogin) + 1 + strlen(szLogin) + 1 + strlen(szPassword);
szTmp = malloc(nSendBufferSize + 1);
memset(szTmp, 0, nSendBufferSize + 1);
/* username\0username\0password */
memcpy(szTmp, szLogin, strlen(szLogin));
memcpy(szTmp + strlen(szLogin) + 1, szLogin, strlen(szLogin));
memcpy(szTmp + strlen(szLogin) + 1 + strlen(szLogin) + 1, szPassword, strlen(szPassword));
szEncodedAuth = malloc(2 * nSendBufferSize + 1);
memset(szEncodedAuth, 0, 2 * nSendBufferSize + 1);
base64_encode(szTmp, nSendBufferSize, szEncodedAuth);
FREE(szTmp);
writeError(ERR_DEBUG_MODULE, "[%s] Sending authenticate plain value: %s", MODULE_NAME, szEncodedAuth);
nSendBufferSize = strlen(szEncodedAuth) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s\r\n", szEncodedAuth);
FREE(szEncodedAuth);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(bufSend);
return SUCCESS;
}
/* Module Specific Functions */
int initConnection(_MODULE_DATA *_psSessionData, int hSocket, sConnectParams *params)
{
unsigned char *bufSend = NULL;
unsigned char *bufReceive = NULL;
int nReceiveBufferSize = 0;
int nSendBufferSize = 0;
/* Retrieve IMAP server banner */
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\* OK .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed to retrieve IMAP server banner. Exiting...", MODULE_NAME);
return FAILURE;
}
else if ((strstr(bufReceive,"* OK ") != NULL))
{
writeError(ERR_DEBUG_MODULE, "[%s] Received IMAP server banner: %s", MODULE_NAME, bufReceive);
FREE(bufReceive);
}
else if ((strstr(bufReceive,"* BYE Connection refused") != NULL))
{
writeError(ERR_ERROR, "[%s] IMAP server refused connection. Is SSL required?", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
else
{
writeError(ERR_ERROR, "[%s] Failed to retrieve IMAP server banner.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* Request IMAP server capabilities */
writeError(ERR_DEBUG_MODULE, "[%s] Sending IMAP CAPABILITIES request.", MODULE_NAME);
nSendBufferSize = strlen(_psSessionData->szTag) + 13;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s CAPABILITY\r\n", _psSessionData->szTag);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "OK CAPABILITY .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: No OK message received for CAPABILITY request.", MODULE_NAME);
return FAILURE;
}
/* If server supports STARTTLS and we are not already within a SSL connection, let's use it. */
if ((params->nUseSSL == 0) && (strstr(bufReceive, "STARTTLS") != NULL))
{
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] Initiating STARTTLS session.", MODULE_NAME);
bufSend = malloc(strlen(_psSessionData->szTag) + 11 + 1);
memset(bufSend, 0, strlen(_psSessionData->szTag) + 11 + 1);
sprintf(bufSend, "%s STARTTLS\r\n", _psSessionData->szTag);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, " OK .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: No OK message received for STARTTLS request.", MODULE_NAME);
return FAILURE;
}
/* OK Begin TLS negotiation now. */
else
{
FREE(bufReceive);
params->nSSLVersion = 3.1; /* Force the use of TLSv1 */
if (medusaConnectSocketSSL(params, hSocket) < 0)
{
writeError(ERR_ERROR, "[%s] Failed to establish TLSv1 connection.", MODULE_NAME);
return FAILURE;
}
/* Resend CAPABILITY request as the AUTH types may have changed. */
writeError(ERR_DEBUG_MODULE, "[%s] Sending IMAP CAPABILITIES request.", MODULE_NAME);
nSendBufferSize = strlen(_psSessionData->szTag) + 13;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s CAPABILITY\r\n", _psSessionData->szTag);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "OK CAPABILITY .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: No OK message received for CAPABILITY request.", MODULE_NAME);
return FAILURE;
}
}
}
/* Process IMAP supported authentication types */
if (_psSessionData->nAuthType != AUTH_UNKNOWN)
{
writeError(ERR_DEBUG_MODULE, "[%s] Ignoring server requested AUTH type and using user-specified value.", MODULE_NAME);
}
else if ((strstr(bufReceive,"AUTH=LOGIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: LOGIN");
_psSessionData->nAuthType = AUTH_LOGIN;
}
else if ((strstr(bufReceive,"AUTH=PLAIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: PLAIN");
_psSessionData->nAuthType = AUTH_PLAIN;
}
else if ((strstr(bufReceive,"AUTH=NTLM") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Server requested authentication type: NTLM");
_psSessionData->nAuthType = AUTH_NTLM;
}
else
{
writeError(ERR_ERROR, "[%s] Failed: Server did not respond that it supported any of the authentication types we handle (PLAIN, LOGIN, NTLM). Use the AUTH module option to force the use of an authentication type.", MODULE_NAME);
return FAILURE;
}
FREE(bufReceive);
return SUCCESS;
}
int tryLogin(int hSocket, sLogin** psLogin, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
int nRet = FAILURE;
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
switch(_psSessionData->nAuthType)
{
case AUTH_USER:
writeError(ERR_DEBUG_MODULE, "[%s] Sending USER (clear-text) Authentication.", MODULE_NAME);
nRet = sendAuthUSER(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_PLAIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending PLAIN Authentication.", MODULE_NAME);
nRet = sendAuthPLAIN(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_LOGIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending LOGIN Authentication.", MODULE_NAME);
nRet = sendAuthLOGIN(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_NTLM:
writeError(ERR_DEBUG_MODULE, "[%s] Sending NTLM Authentication.", MODULE_NAME);
nRet = sendAuthNTLM(hSocket, _psSessionData, szLogin, szPassword);
break;
default:
break;
}
if (nRet == FAILURE)
{
writeError(ERR_ERROR, "[%s] Failed during sending of authentication data.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_UNKNOWN;
setPassResult(*psLogin, szPassword);
return MSTATE_EXITING;
}
writeError(ERR_DEBUG_MODULE, "[%s] Retrieving server response.", MODULE_NAME);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+OK.*\r\n|-ERR.*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: Unexpected or no data received: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
else if (bufReceive[0] == '+')
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt successful.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_SUCCESS;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"-ERR The specified authentication package is not supported.") != NULL)
{
writeError(ERR_ERROR, "[%s] Server response: The specified authentication package is not supported.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else
{
if (_psSessionData->nMode == MODE_AS400)
{
/*
www.venera.com/downloads/Enumeration_of_AS400_users_via_pop3.pdf
Example: -ERR Logon attempt invalid CPF2204
*/
if (strstr(bufReceive, "CPF2204"))
{
writeError(ERR_ERROR, "[%s] User profile was not found.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive, "CPF22E2"))
{
writeError(ERR_DEBUG_MODULE, "[%s] Valid user, incorrect password.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_NEW;
}
else if (strstr(bufReceive, "CPF22E3"))
{
writeError(ERR_ERROR, "[%s] Valid user, but profile is disabled.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive, "CPF22E4"))
{
writeError(ERR_ERROR, "[%s] Valid user, but password for profile has expired.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive, "CPF22E5"))
{
writeError(ERR_ERROR, "[%s] Valid user, but no password associated with user profile.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else
{
writeError(ERR_ERROR, "[%s] Unknown AS/400 error message: %s", MODULE_NAME, bufReceive);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
}
else
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt failed.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_RUNNING;
}
}
FREE(bufReceive);
setPassResult((*psLogin), szPassword);
return(nRet);
}
/*
AUTH LOGIN method base64-encodes both prompts and credentials.
For example:
AUTH LOGIN
+ VXNlcm5hbWU6 (Username:)
Zm9v (foo)
+ UGFzc3dvcmQ6 (Password:)
YmFy (bar)
*/
int sendAuthLOGIN(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char* bufReceive = NULL;
unsigned char* bufSend = NULL;
unsigned char* szPrompt = NULL;
unsigned char* szTmpBuf = NULL;
int nSendBufferSize = 0;
int nReceiveBufferSize = 0;
int nRet = SUCCESS;
writeError(ERR_DEBUG_MODULE, "[%s] Initiating LOGIN Authentication Attempt.", MODULE_NAME);
/* --- Send initial AUTH LOGIN command --- */
bufSend = malloc(12 + 1);
memset(bufSend, 0, 12 + 1);
sprintf(bufSend, "AUTH LOGIN\r\n");
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
/* Server should respond with a base64-encoded username prompt */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+ .*\r\n|-ERR.*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] POP3 server did not respond with \"+ \" to AUTH LOGIN request.", MODULE_NAME);
return FAILURE;
}
else if (strstr(bufReceive,"-ERR The specified authentication package is not supported.") != NULL)
{
writeError(ERR_ERROR, "[%s] Server response: The specified authentication package is not supported.", MODULE_NAME);
return FAILURE;
}
szTmpBuf = ((char*)index(bufReceive, '\r'));
szTmpBuf[0] = '\0';
szPrompt = malloc(strlen(bufReceive + 2) + 1);
memset(szPrompt, 0, strlen(bufReceive + 2) + 1);
base64_decode(bufReceive + 2, szPrompt);
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] POP3 server sent the following prompt: %s", MODULE_NAME, szPrompt);
FREE(szPrompt);
/* --- Send username --- */
/* Base64 encoded value can be up to 2x+2 original text. Leave additional space for "\r\n" and NULL */
bufSend = malloc((2 * strlen(szLogin) + 2) + 2 + 1);
memset(bufSend, 0, (2 * strlen(szLogin) + 2) + 2 + 1);
base64_encode(szLogin, strlen(szLogin), bufSend);
strncat(bufSend, "\r\n", 2);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
/* Server should respond with a base64-encoded password prompt */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+ .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] POP3 server did not respond with \"+ \" to AUTH LOGIN request.", MODULE_NAME);
return FAILURE;
}
szTmpBuf = ((char*)index(bufReceive, '\r'));
szTmpBuf[0] = '\0';
szPrompt = malloc(strlen(bufReceive + 2) + 1);
memset(szPrompt, 0, strlen(bufReceive + 2) + 1);
base64_decode(bufReceive + 2, szPrompt);
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] POP3 server sent the following prompt: %s", MODULE_NAME, szPrompt);
FREE(szPrompt);
/* --- Send password --- */
/* Base64 encoded value can be up to 2x+2 original text. Leave additional space for "\r\n" and NULL */
bufSend = malloc((2 * strlen(szPassword) + 2) + 2 + 1);
memset(bufSend, 0, (2 * strlen(szPassword) + 2) + 2 + 1);
base64_encode(szPassword, strlen(szPassword), bufSend);
strncat(bufSend, "\r\n", 2);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
return SUCCESS;
}
int tryLogin(int hSocket, sLogin** psLogin, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
int iRet;
unsigned char bufSend[BUF_SIZE];
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
/* send username */
memset(bufSend, 0, sizeof(bufSend));
sprintf((char*)bufSend, "USER %.250s\r\n", szLogin);
if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3}-.*\r\n[0-9]{3,3} .*\r\n|^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] failed: Server sent unknown or no response. Server may have dropped connection due to lack of encryption or due to anti-bruteforce measures. Enabling EXPLICIT mode may help with the former cause and increasing the socket check delay (e.g. -c 1000) may help with the later.", MODULE_NAME);
return FAILURE;
}
/* FTP service may be configured to require protected authentication for specific users */
if ( (strstr((char*)bufReceive, "530 Non-anonymous sessions must use encryption.") != NULL) ||
(strstr((char*)bufReceive, "331 Non-anonymous sessions must use encryption.") != NULL) ||
(strstr((char*)bufReceive, "331 Rejected--secure connection required") != NULL) )
{
writeError(ERR_NOTICE, "[%s] FTP server (%s) appears to require SSL for specified user.", MODULE_NAME, (*psLogin)->psServer->pHostIP);
FREE(bufReceive);
if ( medusaCheckSocket(hSocket, (*psLogin)->psServer->psAudit->iSocketWait) )
{
writeError(ERR_DEBUG_MODULE, "[%s] Checking socket status: OK", MODULE_NAME);
if (initAuthSSL(hSocket, _psSessionData) == FAILURE)
return FAILURE;
}
else
{
writeError(ERR_DEBUG_MODULE, "[%s] Checking socket status: FAIL - restart connection", MODULE_NAME);
_psSessionData->nAuthType = AUTH_EXPLICIT;
return MSTATE_NEW;
}
/* re-send username */
memset(bufSend, 0, sizeof(bufSend));
sprintf((char*)bufSend, "USER %.250s\r\n", szLogin);
if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3}-.*\r\n[0-9]{3,3} .*\r\n|^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] failed: Server sent unknown or no response. Exiting...", MODULE_NAME);
return FAILURE;
}
}
/* Standard FTP [PR85] specifies a 530 response to the USER command when
the username is rejected. "Not logged in." */
if (strncmp((char*)bufReceive, "530 ", 4) == 0)
{
writeError(ERR_ERROR, "[%s] Server sent 530 response (rejected username).", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* 421 There are too many connections from your internet address. */
else if (strncmp((char*)bufReceive, "421 ", 4) == 0)
{
writeError(ERR_ERROR, "[%s] Server sent 421 response (too many connections).", MODULE_NAME);
FREE(bufReceive);
return MSTATE_EXITING;
}
/* Expect: "331 Please specify the password." */
else if (strncmp((char*)bufReceive, "331 ", 4) != 0)
{
writeError(ERR_ERROR, "[%s] failed: Server did not respond with a '331'.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
FREE(bufReceive);
/* send password */
memset(bufSend, 0, sizeof(bufSend));
sprintf((char*)bufSend, "PASS %.250s\r\n", szPassword);
if (medusaSend(hSocket, bufSend, strlen((char*)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3}-.*\r\n[0-9]{3,3} .*\r\n|^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "%s failed: medusaReceive returned no data.", MODULE_NAME);
return FAILURE;
}
if (bufReceive[0] == '2')
{
writeError(ERR_DEBUG_MODULE, "%s : Login attempt successful.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_SUCCESS;
iRet = MSTATE_EXITING;
}
else
{
writeError(ERR_DEBUG_MODULE, "%s : Login attempt failed.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
/* Restarting session for now as it's currently faster when dealing with anti-bruteforce services */
iRet = MSTATE_NEW;
}
FREE(bufReceive);
setPassResult((*psLogin), szPassword);
return(iRet);
}
int initModule(sLogin* psLogin, _MODULE_DATA *_psSessionData)
{
int hSocket = -1;
enum MODULE_STATE nState = MSTATE_NEW;
unsigned char* bufReceive;
int nReceiveBufferSize = 0;
sCredentialSet *psCredSet = NULL;
psCredSet = malloc( sizeof(sCredentialSet) );
memset(psCredSet, 0, sizeof(sCredentialSet));
if (getNextCredSet(psLogin, psCredSet) == FAILURE)
{
writeError(ERR_ERROR, "[%s] Error retrieving next credential set to test.", MODULE_NAME);
nState = MSTATE_COMPLETE;
}
else if (psCredSet->psUser)
{
writeError(ERR_DEBUG_MODULE, "[%s] module started for host: %s user: %s", MODULE_NAME, psLogin->psServer->pHostIP, psCredSet->psUser->pUser);
}
else
{
writeError(ERR_DEBUG_MODULE, "[%s] module started for host: %s - no more available users to test.", MODULE_NAME);
nState = MSTATE_COMPLETE;
}
_psSessionData->params = malloc( sizeof(sConnectParams) );
memset(_psSessionData->params, 0, sizeof(sConnectParams));
if (_psSessionData->nAuthType == AUTH_IMPLICIT)
{
psLogin->psServer->psHost->iUseSSL = 1;
_psSessionData->params->nPort = PORT_FTPS;
}
else
{
_psSessionData->params->nPort = PORT_FTP;
}
if (psLogin->psServer->psAudit->iPortOverride > 0)
_psSessionData->params->nPort = psLogin->psServer->psAudit->iPortOverride;
else if (psLogin->psServer->psHost->iUseSSL > 0)
_psSessionData->params->nPort = PORT_FTPS;
initConnectionParams(psLogin, _psSessionData->params);
while (nState != MSTATE_COMPLETE)
{
switch (nState)
{
case MSTATE_NEW:
// Already have an open socket - close it
if (hSocket > 0)
medusaDisconnect(hSocket);
if (psLogin->psServer->psHost->iUseSSL > 0)
hSocket = medusaConnectSSL(_psSessionData->params);
else
hSocket = medusaConnect(_psSessionData->params);
if (hSocket < 0)
{
writeError(ERR_NOTICE, "%s: failed to connect, port %d was not open on %s", MODULE_NAME, _psSessionData->params->nPort, psLogin->psServer->pHostIP);
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
return FAILURE;
}
/* establish initial connection */
/* http://www.faqs.org/rfcs/rfc959.html
Thus the format for multi-line replies is that the first line
will begin with the exact required reply code, followed
immediately by a Hyphen, "-" (also known as Minus), followed by
text. The last line will begin with the same code, followed
immediately by Space <SP>, optionally some text, and the Telnet
end-of-line code.
*/
writeError(ERR_DEBUG_MODULE, "[%s] Retrieving FTP banner.", MODULE_NAME);
bufReceive = NULL;
nReceiveBufferSize = 0;
/* Grab entire banner and verify format */
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3}-.*\r\n[0-9]{3,3} .*\r\n|^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_DEBUG_MODULE, "[%s] failed: Server sent unknown response. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
if (strncmp((char*)bufReceive, "220", 3) == 0)
{
writeError(ERR_DEBUG_MODULE, "[%s] Server sent 220 response.", MODULE_NAME);
FREE(bufReceive);
}
else if (strncmp((char*)bufReceive, "421", 3) == 0)
{
writeError(ERR_ERROR, "[%s] Server sent 421 response (too many connections).", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
else
{
writeError(ERR_ERROR, "[%s] Server sent unknown response code: %c%c%c", MODULE_NAME, bufReceive[0], bufReceive[1], bufReceive[2]);
FREE(bufReceive);
return FAILURE;
}
/* Establish Explicit FTPS mode authentication if requested */
if (_psSessionData->nAuthType == AUTH_EXPLICIT)
{
if (initAuthSSL(hSocket, _psSessionData) == FAILURE)
{
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
nState = MSTATE_EXITING;
}
}
nState = MSTATE_RUNNING;
break;
case MSTATE_RUNNING:
/* The FTP service may be configured to drop connections after an arbitrary number of failed
logon attempts. We will reuse the established connection to send authentication attempts
until that disconnect happens. At that point the connection should be reestablished. */
if ( medusaCheckSocket(hSocket, psLogin->psServer->psAudit->iSocketWait) )
{
nState = tryLogin(hSocket, &psLogin, _psSessionData, psCredSet->psUser->pUser, psCredSet->pPass);
if (psLogin->iResult != LOGIN_RESULT_UNKNOWN)
{
if (getNextCredSet(psLogin, psCredSet) == FAILURE)
{
writeError(ERR_ERROR, "[%s] Error retrieving next credential set to test.", MODULE_NAME);
nState = MSTATE_EXITING;
}
else
{
if (psCredSet->iStatus == CREDENTIAL_DONE)
{
writeError(ERR_DEBUG_MODULE, "[%s] No more available credential sets to test.", MODULE_NAME);
nState = MSTATE_EXITING;
}
else if (psCredSet->iStatus == CREDENTIAL_NEW_USER)
{
writeError(ERR_DEBUG_MODULE, "[%s] Starting testing for new user: %s.", MODULE_NAME, psCredSet->psUser->pUser);
nState = MSTATE_NEW;
}
else
writeError(ERR_DEBUG_MODULE, "[%s] Next credential set - user: %s password: %s", MODULE_NAME, psCredSet->psUser->pUser, psCredSet->pPass);
}
}
}
else
{
writeError(ERR_NOTICE, "[%s] Socket is no longer valid. Server likely dropped connection. Establishing new session.", MODULE_NAME);
nState = MSTATE_NEW;
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
}
break;
case MSTATE_EXITING:
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
nState = MSTATE_COMPLETE;
break;
default:
writeError(ERR_CRITICAL, "Unknown %s module state %d", MODULE_NAME, nState);
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
return FAILURE;
}
}
FREE(psCredSet);
return SUCCESS;
}
int tryLogin(int hSocket, sLogin** psLogin, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
int nRet = FAILURE;
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
switch(_psSessionData->nAuthType)
{
case AUTH_PLAIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending PLAIN Authentication.", MODULE_NAME);
nRet = sendAuthPLAIN(hSocket, szLogin, szPassword);
break;
case AUTH_LOGIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending LOGIN Authentication.", MODULE_NAME);
nRet = sendAuthLOGIN(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_NTLM:
writeError(ERR_DEBUG_MODULE, "[%s] Sending NTLM Authentication.", MODULE_NAME);
nRet = sendAuthNTLM(hSocket, _psSessionData, szLogin, szPassword);
break;
default:
break;
}
if (nRet == FAILURE)
{
writeError(ERR_ERROR, "[%s] Failed during sending of authentication data.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_UNKNOWN;
setPassResult(*psLogin, szPassword);
return MSTATE_EXITING;
}
writeError(ERR_DEBUG_MODULE, "[%s] Retrieving server response.", MODULE_NAME);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^[0-9]{3,3} .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Unknown SMTP server response: %s", MODULE_NAME, bufReceive);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
if (strstr((char *)bufReceive, "235 ") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt successful.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_SUCCESS;
nRet = MSTATE_EXITING;
}
/* 435 Unable to authenticate at present: Authentication Failure */
else if (strstr((char *)bufReceive, "435 ") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt failed (435).", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_RUNNING;
}
/* GroupWise - 501 Authentication failed! */
else if (strstr((char *)bufReceive, "501 ") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt failed (501).", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_RUNNING;
}
else if (strstr((char *)bufReceive, "535 ") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt failed (535).", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_RUNNING;
}
else
{
writeError(ERR_ERROR, "[%s] Unknown SMTP server response: %s", MODULE_NAME, bufReceive);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
FREE(bufReceive);
setPassResult((*psLogin), szPassword);
return(nRet);
}
/*
http://davenport.sourceforge.net/ntlm.html#ntlmSmtpAuthentication
*/
int sendAuthNTLM(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char* bufSend = NULL;
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
int nSendBufferSize = 0;
tSmbNtlmAuthRequest sTmpReq;
tSmbNtlmAuthChallenge sTmpChall;
tSmbNtlmAuthResponse sTmpResp;
unsigned char* szTmpBuf = NULL;
unsigned char* szTmpBuf64 = NULL;
writeError(ERR_DEBUG_MODULE, "[%s] Initiating NTLM Authentication Attempt.", MODULE_NAME);
/* --- Send Base-64 encoded Type-1 message --- */
buildAuthRequest(&sTmpReq, 0, NULL, NULL);
szTmpBuf64 = malloc(2 * SmbLength(&sTmpReq) + 2);
memset(szTmpBuf64, 0, 2 * SmbLength(&sTmpReq) + 2);
base64_encode((char *)&sTmpReq, SmbLength(&sTmpReq), (char *)szTmpBuf64);
writeError(ERR_DEBUG_MODULE, "[%s] Sending initial challenge (B64 Encoded): %s", MODULE_NAME, szTmpBuf64);
nSendBufferSize = strlen((char *)szTmpBuf64) + 2;
bufSend = malloc(10 + nSendBufferSize + 1);
memset(bufSend, 0, 10 + nSendBufferSize + 1);
sprintf((char *)bufSend, "AUTH NTLM %s\r\n", szTmpBuf64);
FREE(szTmpBuf64);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(bufSend);
/* Server should respond with a Base-64 encoded Type-2 challenge message. The challenge response format is
"334", followed by a space, followed by the challenge message. */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^334 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Server did not send valid Type-2 challenge response.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
szTmpBuf = (unsigned char *)index((char *)bufReceive, '\r');
szTmpBuf[0] = '\0';
writeError(ERR_DEBUG_MODULE, "[%s] NTLM Challenge (B64 Encoded): %s", MODULE_NAME, bufReceive + 4);
base64_decode((char *)bufReceive + 4, (char *)&sTmpChall);
FREE(bufReceive);
/* --- Calculate and send Base-64 encoded Type 3 response --- */
buildAuthResponse(&sTmpChall, &sTmpResp, 0, szLogin, szPassword, _psSessionData->szDomain, NULL);
szTmpBuf64 = malloc(2 * SmbLength(&sTmpResp) + 2);
memset(szTmpBuf64, 0, 2 * SmbLength(&sTmpResp) + 2);
base64_encode((char *)&sTmpResp, SmbLength(&sTmpResp), (char *)szTmpBuf64);
writeError(ERR_DEBUG_MODULE, "[%s] NTLM Response (B64 Encoded): %s", MODULE_NAME, szTmpBuf64);
nSendBufferSize = strlen((char *)szTmpBuf64) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf((char *)bufSend, "%s\r\n", szTmpBuf64);
if (medusaSend(hSocket, bufSend, nSendBufferSize, 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(szTmpBuf64);
FREE(bufSend);
return SUCCESS;
}
/*
http://www.technoids.org/saslmech.html
C: AUTH LOGIN
S: 334 VXNlcm5hbWU6 (Username:)
C: d2VsZG9u (weldon)
S: 334 UGFzc3dvcmQ6 (Password:)
C: dzNsZDBu (w3ld0n)
S: 235 2.0.0 OK Authenticated
*/
int sendAuthLOGIN(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char* bufReceive = NULL;
unsigned char* bufSend = NULL;
unsigned char* szPrompt = NULL;
unsigned char* szTmpBuf = NULL;
unsigned char* szTmpBuf2 = NULL;
unsigned char* szLoginDomain = NULL;
int nReceiveBufferSize = 0;
writeError(ERR_DEBUG_MODULE, "[%s] Initiating LOGIN Authentication Attempt.", MODULE_NAME);
/* --- Send initial AUTH LOGIN command --- */
bufSend = malloc(12 + 1);
memset(bufSend, 0, 12 + 1);
sprintf((char *)bufSend, "AUTH LOGIN\r\n");
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
/* Server should respond with a base64-encoded username prompt */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^334 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] SMTP server did not respond with \"334 \" to AUTH LOGIN request.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
if (((szTmpBuf = (unsigned char *)strstr((char *)bufReceive, "334 ")) == NULL) || ((szTmpBuf2 = (unsigned char *)index((char *)szTmpBuf, '\r')) == NULL))
{
writeError(ERR_ERROR, "[%s] SMTP server sent unexpected response to AUTH LOGIN request.", MODULE_NAME);
return FAILURE;
}
szTmpBuf2[0] = '\0';
szTmpBuf += 4;
szPrompt = malloc(strlen((char *)szTmpBuf) + 1);
memset(szPrompt, 0, strlen((char *)szTmpBuf) + 1);
base64_decode((char *)szTmpBuf, (char *)szPrompt);
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] SMTP server sent the following prompt: %s", MODULE_NAME, szPrompt);
FREE(szPrompt);
/* --- Send username --- */
/* Base64 encoded value can be up to 2x+2 original text. Leave additional space for "\r\n" and NULL */
if (_psSessionData->szDomain)
{
/* DOMAIN\USERNAME */
szLoginDomain = malloc(strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
memset(szLoginDomain, 0, strlen(_psSessionData->szDomain) + 1 + strlen(szLogin) + 1);
sprintf((char *)szLoginDomain, "%s\\%s", _psSessionData->szDomain, szLogin);
}
else
szLoginDomain = (unsigned char *)szLogin;
writeError(ERR_DEBUG_MODULE, "[%s] Sending authenticate login value: %s %s", MODULE_NAME, szLoginDomain, szPassword);
bufSend = malloc((2 * strlen((char *)szLoginDomain) + 2) + 2 + 1);
memset(bufSend, 0, (2 * strlen((char *)szLoginDomain) + 2) + 2 + 1);
base64_encode((char *)szLoginDomain, strlen((char *)szLoginDomain), (char *)bufSend);
strncat((char *)bufSend, "\r\n", 2);
if (_psSessionData->szDomain)
FREE(szLoginDomain);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
/* Server should respond with a base64-encoded password prompt */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^334 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] SMTP server did not respond with \"334 \" to AUTH LOGIN request.", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
if (((szTmpBuf = (unsigned char *)strstr((char *)bufReceive, "334 ")) == NULL) || ((szTmpBuf2 = (unsigned char *)index((char *)szTmpBuf, '\r')) == NULL))
{
writeError(ERR_ERROR, "[%s] SMTP server sent unexpected response to AUTH LOGIN request.", MODULE_NAME);
return FAILURE;
}
szTmpBuf2[0] = '\0';
szTmpBuf += 4;
szPrompt = malloc(strlen((char *)szTmpBuf) + 1);
memset(szPrompt, 0, strlen((char *)szTmpBuf) + 1);
base64_decode((char *)szTmpBuf, (char *)szPrompt);
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] SMTP server sent the following prompt: %s", MODULE_NAME, szPrompt);
FREE(szPrompt);
/* --- Send password --- */
/* Base64 encoded value can be up to 2x+2 original text. Leave additional space for "\r\n" and NULL */
bufSend = malloc((2 * strlen(szPassword) + 2) + 2 + 1);
memset(bufSend, 0, (2 * strlen(szPassword) + 2) + 2 + 1);
base64_encode((char *)szPassword, strlen((char *)szPassword), (char *)bufSend);
strncat((char *)bufSend, "\r\n", 2);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
}
return SUCCESS;
}
/*
A0001 AUTHENTICATE NTLM
NTLM IMAP Authentication
Based on:
http://curl.haxx.se/rfc/ntlm.html#ntlmImapAuthentication
http://src.opensolaris.org/source/xref/sfw/usr/src/cmd/fetchmail/fetchmail-6.3.8/README.NTLM
*/
int sendAuthNTLM(int hSocket, _MODULE_DATA* _psSessionData, char* szLogin, char* szPassword)
{
unsigned char* bufSend = NULL;
unsigned char* bufReceive = NULL;
int nSendBufferSize = 0;
int nReceiveBufferSize = 0;
tSmbNtlmAuthRequest sTmpReq;
tSmbNtlmAuthChallenge sTmpChall;
tSmbNtlmAuthResponse sTmpResp;
unsigned char* szTmpBuf = NULL;
unsigned char* szTmpBuf64 = NULL;
/* --- Send initial AUTHENTICATE NTLM command --- */
nSendBufferSize = strlen(_psSessionData->szTag) + 21;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s AUTHENTICATE NTLM\r\n", _psSessionData->szTag);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "%s failed: medusaSend was not successful", MODULE_NAME);
}
FREE(bufSend);
/* Server should respond with an empty challenge, consisting simply of a "+" */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] IMAP server did not respond with \"+\" to AUTHENTICATE NTLM request.", MODULE_NAME);
writeError(ERR_ERROR, "[%s] IMAP server sent the following response: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
FREE(bufReceive);
/* --- Send Base-64 encoded Type-1 message --- */
buildAuthRequest(&sTmpReq, 0, NULL, NULL);
szTmpBuf64 = malloc(2 * SmbLength(&sTmpReq) + 2);
memset(szTmpBuf64, 0, 2 * SmbLength(&sTmpReq) + 2);
base64_encode((char *)&sTmpReq, SmbLength(&sTmpReq), szTmpBuf64);
writeError(ERR_DEBUG_MODULE, "[%s] Sending initial challenge (B64 Encoded): %s", MODULE_NAME, szTmpBuf64);
nSendBufferSize = strlen(szTmpBuf64) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s\r\n", szTmpBuf64);
FREE(szTmpBuf64);
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(bufSend);
/* Server should respond with a Base-64 encoded Type-2 challenge message. The challenge response format is
specified by RFC 1730 ("+", followed by a space, followed by the challenge message). */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+ .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Server did not send valid Type-2 challenge response.", MODULE_NAME);
return FAILURE;
}
szTmpBuf = ((char*)index(bufReceive, '\r'));
szTmpBuf[0] = '\0';
writeError(ERR_DEBUG_MODULE, "[%s] NTLM Challenge (B64 Encoded): %s", MODULE_NAME, bufReceive + 2);
base64_decode(bufReceive + 2, (char *)&sTmpChall);
FREE(bufReceive);
/* --- Calculate and send Base-64 encoded Type 3 response --- */
buildAuthResponse(&sTmpChall, &sTmpResp, 0, szLogin, szPassword, _psSessionData->szDomain, NULL);
szTmpBuf64 = malloc(2 * SmbLength(&sTmpResp) + 2);
memset(szTmpBuf64, 0, 2 * SmbLength(&sTmpResp) + 2);
base64_encode((char *)&sTmpResp, SmbLength(&sTmpResp), szTmpBuf64);
writeError(ERR_DEBUG_MODULE, "[%s] NTLM Response (B64 Encoded): %s", MODULE_NAME, szTmpBuf64);
nSendBufferSize = strlen(szTmpBuf64) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf(bufSend, "%s\r\n", szTmpBuf64);
if (medusaSend(hSocket, bufSend, nSendBufferSize, 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
FREE(szTmpBuf64);
FREE(bufSend);
/* Server should validate the response and indicate the result of authentication.
e.g. 0001 OK AUTHENTICATE NTLM completed. */
return SUCCESS;
}
int initModule(sLogin* psLogin, _MODULE_DATA *_psSessionData)
{
int hSocket = -1;
enum MODULE_STATE nState = MSTATE_NEW;
unsigned char bufSend[BUF_SIZE];
unsigned char* bufReceive;
int nReceiveBufferSize = 0;
sCredentialSet *psCredSet = NULL;
sConnectParams params;
psCredSet = malloc( sizeof(sCredentialSet) );
memset(psCredSet, 0, sizeof(sCredentialSet));
if (getNextCredSet(psLogin, psCredSet) == FAILURE)
{
writeError(ERR_ERROR, "[%s] Error retrieving next credential set to test.", MODULE_NAME);
nState = MSTATE_COMPLETE;
}
else if (psCredSet->psUser)
{
writeError(ERR_DEBUG_MODULE, "[%s] module started for host: %s user: %s", MODULE_NAME, psLogin->psServer->pHostIP, psCredSet->psUser->pUser);
}
else
{
writeError(ERR_DEBUG_MODULE, "[%s] module started for host: %s - no more available users to test.", MODULE_NAME);
nState = MSTATE_COMPLETE;
}
memset(¶ms, 0, sizeof(sConnectParams));
if (psLogin->psServer->psAudit->iPortOverride > 0)
params.nPort = psLogin->psServer->psAudit->iPortOverride;
else if (psLogin->psServer->psHost->iUseSSL > 0)
params.nPort = PORT_POP3S;
else
params.nPort = PORT_POP3;
initConnectionParams(psLogin, ¶ms);
while (nState != MSTATE_COMPLETE)
{
switch (nState)
{
case MSTATE_NEW:
// Already have an open socket - close it
if (hSocket > 0)
medusaDisconnect(hSocket);
if (psLogin->psServer->psHost->iUseSSL > 0)
hSocket = medusaConnectSSL(¶ms);
else
hSocket = medusaConnect(¶ms);
if (hSocket < 0)
{
writeError(ERR_NOTICE, "%s: failed to connect, port %d was not open on %s", MODULE_NAME, params.nPort, psLogin->psServer->pHostIP);
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
return FAILURE;
}
/* establish initial connection */
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+OK.*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_DEBUG_MODULE, "%s failed: Server did not respond with '+OK'. Exiting...", MODULE_NAME);
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
nState = MSTATE_EXITING;
}
else
{
writeError(ERR_DEBUG_MODULE, "Connected");
nState = MSTATE_RUNNING;
}
/* POP3 STARTTLS Extension
http://www.faqs.org/rfcs/rfc2595.html
*/
/* The capability name "STLS" indicates this command is present and
permitted in the current state. "CAPA" can be used to test for its
presence. Are there cases where "STLS" may not be implemented?
*/
/* Initiate STLS only if we don't already have a SSL connection */
if (psLogin->psServer->psHost->iUseSSL == 0)
{
memset(bufSend, 0, BUF_SIZE);
sprintf(bufSend, "STLS\r\n");
if (medusaSend(hSocket, bufSend, strlen(bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
return FAILURE;
}
nReceiveBufferSize = 0;
if (medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "\\+OK.*\r\n|-ERR.*\r\n") == FAILURE)
{
writeError(ERR_ERROR, "[%s] Failed: Unexpected or no data received: %s", MODULE_NAME, bufReceive);
return FAILURE;
}
/*
[SUPPORTED] +OK Begin TLS negotiation / +OK Ready to start TLS
[NOT SUPPORTED] +OK STLS completed
[ERROR] -ERR Command not permitted when TLS active
*/
else if (strstr(bufReceive, "+OK") != NULL)
{
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] Starting TLS negotiation.", MODULE_NAME);
params.nSSLVersion = 3.1; /* Force the use of TLSv1 */
if (medusaConnectSocketSSL(¶ms, hSocket) < 0)
{
writeError(ERR_ERROR, "[%s] Failed to establish SSLv3 connection.", MODULE_NAME);
return FAILURE;
}
}
else
{
writeError(ERR_DEBUG_MODULE, "[%s] TLS negotiation not available.", MODULE_NAME);
FREE(bufReceive);
}
}
/* Query service for accepted authentication methods */
if (_psSessionData->nAuthType == AUTH_UNKNOWN)
{
getAuthType(hSocket, _psSessionData);
if (_psSessionData->nAuthType == AUTH_UNKNOWN)
{
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
return FAILURE;
}
}
break;
case MSTATE_RUNNING:
/* The POP3 service may be configured to drop connections after an arbitrary number of failed
logon attempts. We will reuse the established connection to send authentication attempts
until that disconnect happens. At that point the connection should be reestablished. */
if ( medusaCheckSocket(hSocket) )
{
nState = tryLogin(hSocket, &psLogin, _psSessionData, psCredSet->psUser->pUser, psCredSet->pPass);
if (psLogin->iResult != LOGIN_RESULT_UNKNOWN)
{
if (getNextCredSet(psLogin, psCredSet) == FAILURE)
{
writeError(ERR_ERROR, "[%s] Error retrieving next credential set to test.", MODULE_NAME);
nState = MSTATE_EXITING;
}
else
{
if (psCredSet->iStatus == CREDENTIAL_DONE)
{
writeError(ERR_DEBUG_MODULE, "[%s] No more available credential sets to test.", MODULE_NAME);
nState = MSTATE_EXITING;
}
else if (psCredSet->iStatus == CREDENTIAL_NEW_USER)
{
writeError(ERR_DEBUG_MODULE, "[%s] Starting testing for new user: %s.", MODULE_NAME, psCredSet->psUser->pUser);
nState = MSTATE_NEW;
}
else
writeError(ERR_DEBUG_MODULE, "[%s] Next credential set - user: %s password: %s", MODULE_NAME, psCredSet->psUser->pUser, psCredSet->pPass);
}
}
}
else
{
writeError(ERR_NOTICE, "[%s] Socket is no longer valid. Server likely dropped connection. Establishing new session.", MODULE_NAME);
nState = MSTATE_NEW;
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
}
break;
case MSTATE_EXITING:
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
nState = MSTATE_COMPLETE;
break;
default:
writeError(ERR_CRITICAL, "Unknown %s module state %d", MODULE_NAME, nState);
if (hSocket > 0)
medusaDisconnect(hSocket);
hSocket = -1;
psLogin->iResult = LOGIN_RESULT_UNKNOWN;
return FAILURE;
}
}
FREE(psCredSet);
return SUCCESS;
}
int tryLogin(int hSocket, _MODULE_DATA* _psSessionData, sLogin** psLogin, char* szLogin, char* szPassword)
{
int nRet;
unsigned char* bufReceive = NULL;
int nReceiveBufferSize = 0;
switch(_psSessionData->nAuthType)
{
case AUTH_LOGIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending LOGIN Authentication.", MODULE_NAME);
nRet = sendAuthLogin(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_PLAIN:
writeError(ERR_DEBUG_MODULE, "[%s] Sending PLAIN Authentication.", MODULE_NAME);
nRet = sendAuthPlain(hSocket, _psSessionData, szLogin, szPassword);
break;
case AUTH_NTLM:
writeError(ERR_DEBUG_MODULE, "[%s] Sending NTLM Authentication.", MODULE_NAME);
nRet = sendAuthNTLM(hSocket, _psSessionData, szLogin, szPassword);
break;
default:
break;
}
if (nRet == FAILURE)
{
writeError(ERR_ERROR, "[%s] Failed during sending of authentication data.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_UNKNOWN;
setPassResult(*psLogin, szPassword);
return MSTATE_EXITING;
}
/*
Exchange 2003 Server Response Messages
NO Logon failure: unknown user name or bad password.
NO The specified authentication package is not supported.
NO Clear text passwords have been disabled for this protocol.
NO Cleartext login on this server requires the use of transport level security (SSL/TLS)
*/
writeError(ERR_DEBUG_MODULE, "[%s] Retrieving server response.", MODULE_NAME);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, ".*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] Failed: Unexpected or no data received.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"OK") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt successful.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_SUCCESS;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"NO Clear text passwords have been disabled for this protocol.") != NULL)
{
writeError(ERR_ERROR, "[%s] Server reports that clear-text passwords have been disabled.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"NO Cleartext login on this server requires the use of transport level security (SSL/TLS)") != NULL)
{
writeError(ERR_ERROR, "[%s] Server reports that clear-text passwords are only allowed over SSL/TLS.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"NO The specified authentication package is not supported.") != NULL)
{
writeError(ERR_ERROR, "[%s] Server reports that the specified authentication package is not supported.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else if (strstr(bufReceive,"NO") != NULL)
{
writeError(ERR_DEBUG_MODULE, "[%s] Login attempt failed.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_FAIL;
nRet = MSTATE_RUNNING;
}
else if (strstr(bufReceive,"BAD") != NULL)
{
writeError(ERR_ERROR, "[%s] IMAP server responded that the command was unknown or the arguments were invalid.", MODULE_NAME);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
else
{
writeError(ERR_ERROR, "[%s] Unknown IMAP server response: %s", MODULE_NAME, bufReceive);
(*psLogin)->iResult = LOGIN_RESULT_ERROR;
nRet = MSTATE_EXITING;
}
FREE(bufReceive);
setPassResult((*psLogin), szPassword);
return(nRet);
}
int initConnection(_MODULE_DATA *_psSessionData, int hSocket, sConnectParams *params)
{
unsigned char *bufSend = NULL;
unsigned char *bufReceive = NULL;
int nReceiveBufferSize = 0;
int nSendBufferSize = 0;
/* Retrieve SMTP banner */
writeError(ERR_DEBUG_MODULE, "[%s] Retrieving SMTP banner.", MODULE_NAME);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^220 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_DEBUG_MODULE, "[%s] failed: Server did not respond with '220'. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* Send greeting to SMTP server */
writeError(ERR_DEBUG_MODULE, "[%s] Sending SMTP EHLO greeting.", MODULE_NAME);
nSendBufferSize = 5 + strlen(_psSessionData->szEHLO) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf((char *)bufSend, "EHLO %s\r\n", _psSessionData->szEHLO);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "250 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] failed: Server did not respond with '250'. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
/* If server supports STARTTLS and we are not already within a SSL connection, let's use it. */
if ((params->nUseSSL == 0) && (strstr((char *)bufReceive, "STARTTLS") != NULL))
{
FREE(bufReceive);
writeError(ERR_DEBUG_MODULE, "[%s] Initiating STARTTLS session.", MODULE_NAME);
bufSend = malloc(10 + 1);
memset(bufSend, 0, 10 + 1);
sprintf((char *)bufSend, "STARTTLS\r\n");
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "^220 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] failed: Server did not respond with '220'. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
else
{
FREE(bufReceive);
params->nSSLVersion = 3.1; /* Force the use of TLSv1 */
if (medusaConnectSocketSSL(params, hSocket) < 0)
{
writeError(ERR_ERROR, "[%s] Failed to establish SSLv3 connection.", MODULE_NAME);
return FAILURE;
}
/* Resend EHLO greeting as the AUTH types may have changed. */
writeError(ERR_DEBUG_MODULE, "[%s] Sending SMTP EHLO greeting.", MODULE_NAME);
nSendBufferSize = 5 + strlen(_psSessionData->szEHLO) + 2;
bufSend = malloc(nSendBufferSize + 1);
memset(bufSend, 0, nSendBufferSize + 1);
sprintf((char *)bufSend, "EHLO %s\r\n", _psSessionData->szEHLO);
if (medusaSend(hSocket, bufSend, strlen((char *)bufSend), 0) < 0)
{
writeError(ERR_ERROR, "[%s] Failed: medusaSend was not successful", MODULE_NAME);
FREE(bufSend);
return FAILURE;
}
FREE(bufSend);
nReceiveBufferSize = 0;
if ((medusaReceiveRegex(hSocket, &bufReceive, &nReceiveBufferSize, "250 .*\r\n") == FAILURE) || (bufReceive == NULL))
{
writeError(ERR_ERROR, "[%s] failed: Server did not respond with '250'. Exiting...", MODULE_NAME);
FREE(bufReceive);
return FAILURE;
}
}
}
/* Process SMTP supported authentication types */
if (_psSessionData->nAuthType != AUTH_UNKNOWN)
{
writeError(ERR_DEBUG_MODULE, "[%s] Ignoring server requested AUTH type and using user-specified value.", MODULE_NAME);
}
else if ((strstr((char *)bufReceive, "AUTH=LOGIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Detected authentication type: LOGIN");
_psSessionData->nAuthType = AUTH_LOGIN;
}
else if ((strstr((char *)bufReceive, "AUTH=PLAIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Detected authentication type: PLAIN");
_psSessionData->nAuthType = AUTH_PLAIN;
}
else if ((strstr((char *)bufReceive, "AUTH ") != NULL))
{
if ((strstr((char *)bufReceive, "LOGIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Detected authentication type: LOGIN");
_psSessionData->nAuthType = AUTH_LOGIN;
}
else if ((strstr((char *)bufReceive, "PLAIN") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Detected authentication type: PLAIN");
_psSessionData->nAuthType = AUTH_PLAIN;
}
else if ((strstr((char *)bufReceive, "NTLM") != NULL))
{
writeError(ERR_DEBUG_MODULE, "Detected authentication type: NTLM");
_psSessionData->nAuthType = AUTH_NTLM;
}
}
else
{
writeError(ERR_ERROR, "%s failed: Server did not respond that it supported LOGIN, PLAIN or NTLM as an authentication type. Use the AUTH module option to force the use of an authentication type.", MODULE_NAME);
return FAILURE;
}
FREE(bufReceive);
return SUCCESS;
}
