int auth_login(const char *service, const char *userid, const char *passwd, int (*callback_func)(struct authinfo *, void *), void *callback_arg) { char *p; int rc; if (badstr(userid) || badstr(passwd)) { errno=EINVAL; return -1; } courier_authdebug_login_init(); courier_authdebug_login( 1, "username=%s", userid ); courier_authdebug_login( 2, "password=%s", passwd ); p = strdupdefdomain(userid, "\n", passwd, "\n"); if (!p) return (-1); rc=auth_generic(service, AUTHTYPE_LOGIN, p, callback_func, callback_arg); free(p); return rc; }
int login_changepwd(const char *u, const char *oldpwd, const char *newpwd, int *rc) { char *uid=strdup(u); char *driver; int i; if (!uid) enomem(); verifyuid(uid); if ((driver=strrchr(uid, '.')) == 0) { free(uid); enomem(); } *driver++=0; for (i=0; authstaticmodulelist[i]; i++) { if (strcmp(authstaticmodulelist[i]->auth_name, driver) == 0) { *rc=badstr(uid) || badstr(oldpwd) || badstr(newpwd) ? 1:(*authstaticmodulelist[i]->auth_changepwd) ("webmail", uid, oldpwd, newpwd); free(uid); return (0); } } return (-1); }
static void verifyuid(char *uid) { if (badstr(uid)) { free(uid); enomem(); } }
const char *login(const char *uid, const char *pass, int *can_changepwd) { const char *driver; const char *p=do_login(uid, pass, &driver, can_changepwd); static char *login_id_buf=0; if (p) { if (badstr(uid) || badstr(pass)) return (NULL); if (login_id_buf) free(login_id_buf); if ((login_id_buf=malloc(strlen(p)+strlen(driver)+2)) == 0) enomem(); p=strcat(strcat(strcpy(login_id_buf, p), "."), driver); } return (p); }
unsigned int x86_nop (unsigned char *dest, unsigned int dest_len, unsigned char *bad, int bad_len) { int walk; int bcount; /* bad counter */ char * xs; char * xferstr[] = { "0011.0111", /* aaa */ "0011.1111", /* aas */ "1001.1000", /* cbw */ "1001.1001", /* cdq */ "1111.1000", /* clc */ "1111.1100", /* cld */ "1111.0101", /* cmc */ "0010.0111", /* daa */ "0010.1111", /* das */ "0100.1r", /* dec <reg> */ "0100.0r", /* inc <reg> */ "1001.1111", /* lahf */ "1001.0000", /* nop */ "1111.1001", /* stc */ "1111.1101", /* std */ "1001.0r", /* xchg al, <reg> */ NULL, }; unsigned char tgt; for (walk = 0 ; dest_len > 0 ; dest_len -= 1 , walk += 1) { /* avoid endless loops on excessive badlisting */ for (bcount = 0 ; bcount < 16384 ; ++bcount) { xs = xferstr[random_get (0, 15)]; tgt = x86_nop_xfer (xs); dest[walk] = tgt; if (badstr (&dest[walk], 1, bad, bad_len) == 0) break; } /* should not happen */ if (bcount >= 16384) { fprintf (stderr, "too much blacklisting, giving up...\n"); exit (EXIT_FAILURE); } } return (walk); }