1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108
|
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h>
#include "ucspi-proxy.h"
extern void accept_client(const char* username);
extern void deny_client(void);
extern void relay_init(int argc, char** argv);
extern char* base64decode(char* data, unsigned long size);
static bool saw_auth = 0;
static char* label = 0;
static ssize_t label_size = 0;
static char* saved_label = 0;
static char* username = 0;
static char* parse_label(char* data, ssize_t size)
{
char* end;
ssize_t len;
if ((end = memchr(data, ' ', size)) == 0) return 0;
len = end - data;
if(!label || len > label_size) {
free(label);
label = malloc(len+1);
}
memcpy(label, data, len);
label[len] = 0;
return end+1;
}
static void filter_client_data(char* data, ssize_t size)
{
char* cmd;
char* ptr;
cmd = parse_label(data, size);
if(cmd) {
/* If we see a "AUTH" or "LOGIN" command, save the preceding label
* for reference when looking for the corresponding "OK" */
if(!strncasecmp(cmd, "AUTHENTICATE ", 5)) {
saved_label = label;
label = 0;
saw_auth = 1;
}
else if(!strncasecmp(cmd, "LOGIN ", 6)) {
ptr = cmd + 6;
while (isspace(*ptr))
++ptr;
ptr = username = strdup(ptr);
while (!isspace(*ptr))
++ptr;
*ptr = 0;
saved_label = label;
label = 0;
}
}
else if(saw_auth) {
ptr = base64decode(data, size);
if (ptr) {
username = ptr;
while (!isspace(*ptr)) ++ptr;
*ptr = 0;
}
saw_auth = 0;
}
write_server(data, size);
}
static void filter_server_data(char* data, ssize_t size)
{
if(saved_label) {
/* Skip continuation data */
if(data[0] != '+') {
/* Check if the response is tagged with the saved label */
const char* resp = parse_label(data, size);
if(resp) {
if(!strcmp(label, saved_label)) {
/* Check if the response was an OK */
if(!strncasecmp(resp, "OK ", 3))
accept_client(username);
else
deny_client();
free(saved_label);
saved_label = 0;
}
}
}
}
write_client(data, size);
}
const char* filter_name = "ucspi-proxy-imap-relay";
const char* filter_usage = "client-ip delay command [args ...]";
void filter_init(int argc, char** argv)
{
relay_init(argc, argv);
add_filter(CLIENT_IN, filter_client_data, 0);
add_filter(SERVER_IN, filter_server_data, 0);
}
void filter_deinit(void)
{
}
|