aboutsummaryrefslogtreecommitdiffstats
path: root/testing/dsniff/0001-rewrite-and-modernize-POP-decoder.patch
blob: 71d670744892d50fe379dc5bb4b29fdca4d0b44a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
>From b05e27ba9b0ba9ef00ad2183933652e08d8c89af Mon Sep 17 00:00:00 2001
From: Stefan Tomanek <stefan@pico.ruhr.de>
Date: Sat, 29 Oct 2011 20:48:55 +0200
Subject: [PATCH] rewrite and modernize POP decoder


Signed-off-by: Stefan Tomanek <stefan@pico.ruhr.de>
---
 decode_pop.c |   96 ++++++++++++++++++++++++++++++++++++++++++++++-----------
 1 files changed, 77 insertions(+), 19 deletions(-)

diff --git a/decode_pop.c b/decode_pop.c
index 04044f5..767da41 100644
--- a/decode_pop.c
+++ b/decode_pop.c
@@ -6,6 +6,8 @@
  * Copyright (c) 2000 Dug Song <dugsong@monkey.org>
  *
  * $Id: decode_pop.c,v 1.4 2001/03/15 08:33:02 dugsong Exp $
+ *
+ * Rewritten by Stefan Tomanek 2011 <stefan@pico.ruhr.de>
  */
 
 #include "config.h"
@@ -45,32 +47,88 @@ int
 decode_pop(u_char *buf, int len, u_char *obuf, int olen)
 {
 	char *p;
+	char *s;
+	int n;
 	int i, j;
+	char *user;
+	char *password;
+	enum {
+		NONE,
+		AUTHPLAIN,
+		AUTHLOGIN,
+		USERPASS
+	} mode = NONE;
+
 	
 	obuf[0] = '\0';
 	
 	for (p = strtok(buf, "\r\n"); p != NULL; p = strtok(NULL, "\r\n")) {
-		if (strncasecmp(p, "AUTH PLAIN", 10) == 0 ||
-		    strncasecmp(p, "AUTH LOGIN", 10) == 0) {
-			strlcat(obuf, p, olen);
-			strlcat(obuf, "\n", olen);
-			
-			/* Decode SASL auth. */
-			for (i = 0; i < 2 && (p = strtok(NULL, "\r\n")); i++) {
-				strlcat(obuf, p, olen);
-				j = base64_pton(p, p, strlen(p));
-				p[j] = '\0';
-				strlcat(obuf, " [", olen);
-				strlcat(obuf, p, olen);
-				strlcat(obuf, "]\n", olen);
+		if (mode == NONE) {
+			user = NULL;
+			password = NULL;
+			if (strncasecmp(p, "AUTH PLAIN", 10) == 0) {
+				mode = AUTHPLAIN;
+				continue;
+			}
+			if (strncasecmp(p, "AUTH LOGIN", 10) == 0) {
+				mode = AUTHLOGIN;
+				continue;
+			}
+			if (strncasecmp(p, "USER ", 5) == 0) {
+				mode = USERPASS;
+				/* the traditional login cuts right to the case,
+				 * so no continue here
+				 */
 			}
 		}
-		/* Save regular POP2, POP3 auth info. */
-		else if (strncasecmp(p, "USER ", 5) == 0 ||
-			 strncasecmp(p, "PASS ", 5) == 0 ||
-			 strncasecmp(p, "HELO ", 5) == 0) {
-			strlcat(obuf, p, olen);
-			strlcat(obuf, "\n", olen);
+		printf("(%d) %s\n", mode, p);
+		if (mode == USERPASS) {
+			if (strncasecmp(p, "USER ", 5) == 0) {
+				user = &p[5];
+			} else if (strncasecmp(p, "PASS ", 5) == 0) {
+				password = &p[5];
+			}
+		}
+
+		if (mode == AUTHPLAIN) {
+			j = base64_pton(p, p, strlen(p));
+			p[j] = '\0';
+			n = 0;
+			s = p;
+			/* p consists of three parts, divided by \0 */
+			while (s <= &p[j] && n<=3) {
+				if (n == 0) {
+					/* we do not process this portion yet */
+				} else if (n == 1) {
+					user = s;
+				} else if (n == 2) {
+					password = s;
+				}
+				n++;
+				while (*s) s++;
+				s++;
+			}
+		}
+
+		if (mode == AUTHLOGIN) {
+			j = base64_pton(p, p, strlen(p));
+			p[j] = '\0';
+			if (! user) {
+				user = p;
+			} else {
+				password = p;
+				/* got everything we need :-) */
+			}
+		}
+
+		if (user && password) {
+			strlcat(obuf, "\nusername [", olen);
+			strlcat(obuf, user, olen);
+			strlcat(obuf, "] password [", olen);
+			strlcat(obuf, password, olen);
+			strlcat(obuf, "]\n", olen);
+
+			mode = NONE;
 		}
 	}
 	return (strlen(obuf));
-- 
1.7.5.4