int SMTPLogin(STREAM *S, int Caps, const char *User, const char *Pass)
{
char *Tempstr=NULL, *Base64=NULL, *ptr;
int len, result=FALSE;
if (Caps & CAP_AUTH_LOGIN)
{
Tempstr=CopyStr(Tempstr, "AUTH LOGIN\r\n");
if (SMTPInteract(Tempstr, S))
{
Base64=EncodeBytes(Base64, User, StrLen(User), ENCODE_BASE64);
Tempstr=MCopyStr(Tempstr, Base64, "\r\n", NULL);
if (SMTPInteract(Tempstr, S))
{
Base64=EncodeBytes(Base64, Pass, StrLen(Pass), ENCODE_BASE64);
Tempstr=MCopyStr(Tempstr, Base64, "\r\n", NULL);
if (SMTPInteract(Tempstr, S)) result=TRUE;
}
}
}
else if (Caps & CAP_AUTH_PLAIN)
{
Tempstr=SetStrLen(Tempstr, StrLen(User) + StrLen(Pass) +10);
//this isn't what it looks like. The '\0' here do not terminate the string
//as this authentication system uses a string with '\0' as separators
len=StrLen(User);
ptr=Tempstr;
memcpy(ptr, User, len);
ptr+=len;
*ptr='\0';
ptr++;
len=StrLen(Pass);
memcpy(ptr, Pass, len);
ptr+=len;
*ptr='\0';
ptr++;
Base64=EncodeBytes(Base64, Tempstr, ptr-Tempstr, ENCODE_BASE64);
Tempstr=MCopyStr(Tempstr, "AUTH PLAIN ", Base64, "\r\n",NULL);
if (SMTPInteract(Tempstr, S)) result=TRUE;
}
DestroyString(Tempstr);
DestroyString(Base64);
return(result);
}
int HashFinish(HASH *Hash, int Encoding, char **Return)
{
char *Token=NULL, *Bytes=NULL, *Hashed=NULL, *ptr;
int len;
ptr=GetToken(Hash->Type, "\\S", &Token, 0);
len=Hash->Finish(Hash, &Bytes);
while (StrValid(ptr))
{
ptr=GetToken(ptr, "\\S", &Token, 0);
len=HashBytes(&Hashed, Token, Bytes, len, 0);
Bytes=SetStrLen(Bytes, len);
memcpy(Bytes,Hashed,len);
}
if (Encoding > 0)
{
*Return=EncodeBytes(*Return, Bytes, len, Encoding);
len=StrLen(*Return);
}
else
{
*Return=SetStrLen(*Return, len);
memcpy(*Return, Bytes, len);
}
DestroyString(Hashed);
DestroyString(Token);
DestroyString(Bytes);
return(len);
}
int PBK2DF2(char **Return, char *Type, char *Bytes, int Len, char *Salt, int SaltLen, uint32_t Rounds, int Encoding)
{
char *Tempstr=NULL, *Hash=NULL;
uint32_t RoundsBE;
int i, len, hlen;
//Network byte order is big endian
RoundsBE=htonl(Rounds);
Tempstr=SetStrLen(Tempstr, Len + SaltLen + 20);
memcpy(Tempstr, Bytes, Len);
memcpy(Tempstr+Len, Salt, SaltLen);
memcpy(Tempstr+Len+SaltLen, &RoundsBE, sizeof(uint32_t));
len=Len+SaltLen+sizeof(uint32_t);
for (i=0; i <Rounds; i++)
{
hlen=HashBytes(&Hash, Type, Tempstr, len, 0);
Tempstr=SetStrLen(Tempstr, Len + hlen + 20);
memcpy(Tempstr, Bytes, Len);
memcpy(Tempstr+Len, Hash, hlen);
len=Len + hlen;
}
*Return=EncodeBytes(*Return, Hash, hlen, Encoding);
DestroyString(Tempstr);
DestroyString(Hash);
StrLen(*Return);
}
int HashFinishWhirlpool(THash *Hash, int Encoding, char **HashStr)
{
int count, len;
char *Tempstr=NULL, *DigestBuff=NULL;
DigestBuff=(char *) calloc(1,WHIRLPOOL_DIGESTBYTES+1);
WHIRLPOOLfinalize((WHIRLPOOLstruct *) Hash->Ctx, DigestBuff);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, DigestBuff, WHIRLPOOL_DIGESTBYTES, Encoding);
len=StrLen(*HashStr);
}
else
{
len=WHIRLPOOL_DIGESTBYTES;
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,DigestBuff,len);
}
DestroyString(DigestBuff);
DestroyString(Tempstr);
return(len);
}
int HashFinishJH(THash *Hash, int Encoding, char **HashStr)
{
int count, len;
char *Tempstr=NULL, *DigestBuff=NULL;
DigestBuff=(char *) calloc(1,1024);
len=JHFinal((hashState *) Hash->Ctx, DigestBuff);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, DigestBuff, len, Encoding);
len=StrLen(*HashStr);
}
else
{
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,DigestBuff,len);
}
DestroyString(DigestBuff);
DestroyString(Tempstr);
return(len);
}
int HashFinishSHA512(THash *Hash, int Encoding, char **HashStr)
{
int count, len;
char *Tempstr=NULL, *DigestBuff=NULL;
DigestBuff=(char *) calloc(1,SHA2_SHA512_DIGEST_LENGTH+1);
SHA2_SHA512_Final(DigestBuff, (SHA2_SHA512_CTX *) Hash->Ctx);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, DigestBuff, SHA2_SHA512_DIGEST_LENGTH, Encoding);
len=StrLen(*HashStr);
}
else
{
len=SHA2_SHA512_DIGEST_LENGTH;
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,DigestBuff,len);
}
DestroyString(DigestBuff);
DestroyString(Tempstr);
return(len);
}
int HashFinishSHA1(THash *Hash, int Encoding, char **HashStr)
{
int count, len;
char *Tempstr=NULL, *DigestBuff=NULL;
DigestBuff=(char *) calloc(1,SHA1LEN+1);
sha1_finish_ctx((struct sha1_ctx *) Hash->Ctx, DigestBuff);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, DigestBuff, SHA1LEN, Encoding);
len=StrLen(*HashStr);
}
else
{
len=SHA1LEN;
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,DigestBuff,len);
}
DestroyString(DigestBuff);
DestroyString(Tempstr);
return(len);
}
int HashFinishMD5(THash *Hash, int Encoding, char **HashStr)
{
int count, len;
char *Tempstr=NULL, *DigestBuff=NULL;
DigestBuff=(char *) calloc(1,MD5LEN+1);
MD5Final(DigestBuff, (MD5_CTX *) Hash->Ctx);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, DigestBuff, MD5LEN, Encoding);
len=StrLen(*HashStr);
}
else
{
len=MD5LEN;
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,DigestBuff,len);
}
DestroyString(DigestBuff);
DestroyString(Tempstr);
return(len);
}
int HashFinishCRC(THash *Hash, int Encoding, char **HashStr)
{
unsigned long crc;
int len;
len=sizeof(unsigned long);
crc32Finish((unsigned long *) Hash->Ctx);
//crc=htonl((unsigned long *) Hash->Ctx);
free(Hash->Ctx);
if (Encoding > 0)
{
*HashStr=EncodeBytes(*HashStr, (char *) &crc, len, Encoding);
return(StrLen(*HashStr));
}
else
{
*HashStr=SetStrLen(*HashStr,len);
memcpy(*HashStr,&crc,len);
return(len);
}
}
//This function checks the Paths configured in the server for virtual
//documents like cgi scripts or streams, or for directories to which we
//are allowed access from outside chroot
int VPathProcess(STREAM *S, HTTPSession *Session, int Flags)
{
ListNode *Curr=NULL, *Default=NULL;
TPathItem *PI=NULL;
char *Path=NULL, *Tempstr=NULL, *ptr;
HTTPSession *VPathSession=NULL;
int result=FALSE;
Curr=ListGetNext(Settings.VPaths);
while (Curr)
{
if (StrLen(Curr->Tag) < 2) Default=Curr;
else if (strncmp(Session->Path,Curr->Tag,StrLen(Curr->Tag))==0) break;
Curr=ListGetNext(Curr);
}
//If Curr is set then we found a VPath
if (! Curr) Curr=Default;
if (! Curr) return(FALSE);
if (Curr)
{
VPathSession=HTTPSessionClone(Session);
PI=(TPathItem *) Curr->Item;
result=TRUE;
//Some things are configureable on a VPath basis. Set those up.
if (PI->CacheTime) VPathSession->CacheTime=PI->CacheTime;
if (StrLen(PI->User)) VPathSession->RealUser=CopyStr(VPathSession->RealUser, PI->User);
if (StrLen(PI->Group)) VPathSession->Group=CopyStr(VPathSession->Group, PI->Group);
VPathSession->Flags &= ~SESSION_UPLOAD;
if (PI->Flags & PATHITEM_UPLOAD) VPathSession->Flags |= SESSION_UPLOAD;
// if (Flags & HEADERS_POST) HTTPServerHandlePost(S,Session,PI->Type);
LogToFile(Settings.LogPath,"APPLYING VPATH: %d [%s] -> [%s] %d",PI->Type,Curr->Tag,PI->Path,VPathSession->Flags & SESSION_UPLOAD);
switch (PI->Type)
{
case PATHTYPE_CGI:
LogToFile(Settings.LogPath,"CGI EXEC REQUEST: Script='%s' Path='%s'",GetBasename(Session->Path), PI->Path);
ChrootProcessRequest(S, VPathSession, "EXEC", GetBasename(VPathSession->Path), PI->Path);
//Don't reuse this session after CGI. CGI program will not send a 'Content-Length'
Session->Flags &= ~SESSION_REUSE;
break;
case PATHTYPE_EXTFILE:
VPathHandleFilePath(S,VPathSession,PI,Flags);
break;
case PATHTYPE_STREAM:
HTTPServerHandleStream(S,VPathSession,PI->Path,Flags);
break;
case PATHTYPE_LOGOUT:
VPathSession->Path=FormatStr(VPathSession->Path,"%d-%d-%d",getpid(),time(NULL),rand());
HTTPServerHandleRegister(VPathSession, LOGIN_CHANGE);
Path=FormatURL(Path, VPathSession, "/");
Path=MCatStr(Path,"?Logout=",VPathSession->Path,NULL);
VPathSession->Flags &= ~SESSION_KEEPALIVE;
HTTPServerSendResponse(S, VPathSession, "302", "", Path);
break;
case PATHTYPE_URL:
ChrootProcessRequest(S, VPathSession, "PROXY", PI->Path, "");
break;
case PATHTYPE_PROXY:
if (StrLen(VPathSession->UserName))
{
//We don't normally copy Password into VPATH, so we need to get it from 'Session'
if (StrLen(PI->Password)) VPathSession->Password=CopyStr(VPathSession->Password, Session->Password);
else VPathSession->Password=CopyStr(VPathSession->Password, Session->Password);
Path=MCopyStr(Path,VPathSession->UserName,":",VPathSession->Password,NULL);
Tempstr=EncodeBytes(Tempstr, Path, StrLen(Path), ENCODE_BASE64);
VPathSession->RemoteAuthenticate=MCopyStr(VPathSession->RemoteAuthenticate,"Basic ",Tempstr,NULL);
}
Path=MCopyStr(Path,PI->Path,VPathSession->Path+StrLen(PI->URL),NULL);
ChrootProcessRequest(S, VPathSession, "PROXY", Path, "");
break;
case PATHTYPE_MIMEICONS:
VPathMimeIcons(S,VPathSession, PI, Flags);
break;
default:
//We didn't find a VPATH to handle this, so return false
result=FALSE;
break;
}
// HTTPSessionDestroy(VPathSession);
}
DestroyString(Tempstr);
DestroyString(Path);
return(result);
}
