description: RPA authorisation code for POP3 client
The sole entry point is POP3_auth_rpa()
-
***********************************************************************/
#include "config.h"
#include "socket.h"
#include "fetchmail.h"
#include "md5.h"
+#include "i18n.h"
#ifdef TESTMODE
extern unsigned char line1[];
unsigned char buf [POPBUFSIZE];
unsigned char *bufp;
int status,aulin,kuslin;
- char* stdec[4] = { "Success" ,
- "Restricted user (something wrong with account)" ,
- "Invalid userid or passphrase" ,
- "Deity error" };
+ char* stdec[4] = { N_("Success") ,
+ N_("Restricted user (something wrong with account)") ,
+ N_("Invalid userid or passphrase") ,
+ N_("Deity error") };
/* Initiate RPA authorisation */
SockPrintf(socket,"AUTH RPA\r\n");
if (outlevel >= O_MONITOR)
- error(0, 0, "> AUTH RPA\n");
+ report(stdout, "> AUTH RPA\n");
/* Create unicode user name in Nu. */
/* Create MD5 digest of user's passphrase in Pu */
if ((ok = POP3_rpa_resp(buf,socket)) != 0)
{
if (outlevel > O_SILENT && outlevel < O_MONITOR)
- error(0, 0, "%s\n",buf);
+ report(stdout, "%s\n",buf);
return(ok);
}
SockPrintf(socket,"%s\r\n",buf);
#endif
if (outlevel >= O_MONITOR)
- error(0, 0, "> %s\n",buf);
+ report(stdout, "> %s\n",buf);
if ((ok = POP3_rpa_resp(buf,socket)) != 0)
{
if (outlevel > O_SILENT && outlevel < O_MONITOR)
- error(0, 0, "%s\n",buf);
+ report(stdout, "%s\n",buf);
return(ok);
}
if ((rxlen = DecBase64(buf)) == 0)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA token 2: Base64 decode error\n");
+ report(stderr, _("RPA token 2: Base64 decode error\n"));
return(PS_RPA);
}
bufp = buf;
verh = *(bufp++); verl = *(bufp++);
if (outlevel >= O_DEBUG)
- error(0, 0, "Service chose RPA version %d.%d\n",verh,verl);
+ report(stdout, _("Service chose RPA version %d.%d\n"),verh,verl);
Csl = *(bufp++);
memcpy(Cs, bufp, Csl);
bufp += Csl;
if (outlevel >= O_DEBUG)
{
- error(0, 0, "Service challenge (l=%d):",Csl);
+ report(stdout, _("Service challenge (l=%d):\n"),Csl);
for (i=0; i<Csl; i++)
- error_build("%02X ",Cs[i]);
- error_complete(0, 0, "");
+ report_build(stdout, "%02X ",Cs[i]);
+ report_complete(stdout, "\n");
}
memcpy(Ts, bufp, Tsl);
Ts[Tsl] = 0;
bufp += Tsl;
if (outlevel >= O_DEBUG)
- error(0, 0, "Service timestamp %s\n",Ts);
+ report(stdout, _("Service timestamp %s\n"),Ts);
rll = *(bufp++) << 8; rll = rll | *(bufp++);
if ((bufp-buf+rll) != rxlen)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA token 2 length error\n");
+ report(stderr, _("RPA token 2 length error\n"));
return(PS_RPA);
}
if (outlevel >= O_DEBUG)
- error(0, 0, "Realm list: %s\n",bufp);
+ report(stdout, _("Realm list: %s\n"),bufp);
if (SetRealmService(bufp) != 0)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA error in service@realm string\n");
+ report(stderr, _("RPA error in service@realm string\n"));
return(PS_RPA);
}
SockPrintf(socket,"%s\r\n",buf);
#endif
if (outlevel >= O_MONITOR)
- error(0, 0, "> %s\n",buf);
+ report(stdout, "> %s\n",buf);
if ((ok = POP3_rpa_resp(buf,socket)) != 0)
{
if (outlevel > O_SILENT && outlevel < O_MONITOR)
- error(0, 0, "%s\n",buf);
+ report(stdout, "%s\n",buf);
return(ok);
}
if ((rxlen = DecBase64(buf)) == 0)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA token 4: Base64 decode error\n");
+ report(stderr, _("RPA token 4: Base64 decode error\n"));
return(PS_RPA);
}
bufp = buf;
aulin = *(bufp++);
if (outlevel >= O_DEBUG)
{
- error(0, 0, "User authentication (l=%d):",aulin);
+ report(stdout, _("User authentication (l=%d):\n"),aulin);
for (i=0; i<aulin; i++)
- error_build("%02X ",bufp[i]);
- error_complete(0, 0, "");
+ report_build(stdout, "%02X ",bufp[i]);
+ report_complete(stdout, "\n");
}
if (aulin == Aul) memcpy(Au, bufp, Aul);
bufp += aulin;
{
status = *(bufp++);
if (outlevel >= O_DEBUG)
- error(0, 0, "RPA status: %02X\n",status);
+ report(stdout, _("RPA status: %02X\n"),status);
}
else status = 0;
if ((bufp - buf) != rxlen)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA token 4 length error\n");
+ report(stderr, _("RPA token 4 length error\n"));
return(PS_RPA);
}
if (status != 0)
{
if (outlevel > O_SILENT)
if (status < 4)
- error(0, 0, "RPA rejects you: %s\n",stdec[status]);
+ report(stderr, _("RPA rejects you: %s\n"),_(stdec[status]));
else
- error(0, 0, "RPA rejects you, reason unknown\n");
+ report(stderr, _("RPA rejects you, reason unknown\n"));
return(PS_AUTHFAIL);
}
if (Aul != aulin)
{
- error(0, 0, "RPA User Authentication length error: %d\n",aulin);
+ report(stderr,
+ _("RPA User Authentication length error: %d\n"),aulin);
return(PS_RPA);
}
if (Kusl != kuslin)
{
- error(0, 0, "RPA Session key length error: %d\n",kuslin);
+ report(stderr, _("RPA Session key length error: %d\n"),kuslin);
return(PS_RPA);
}
if (CheckUserAuth() != 0)
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA _service_ auth fail. Spoof server?\n");
+ report(stderr, _("RPA _service_ auth fail. Spoof server?\n"));
return(PS_AUTHFAIL);
}
if (outlevel >= O_DEBUG)
{
- error(0, 0, "Session key established:");
+ report(stdout, _("Session key established:\n"));
for (i=0; i<Kusl; i++)
- error_build("%02X ",Kus[i]);
- error_complete(0, 0, "");
+ report_build(stdout, "%02X ",Kus[i]);
+ report_complete(stdout, "\n");
}
/* Assemble Token 5 in buf and send (not in ver 2 though) */
SockPrintf(socket,"%s\r\n",buf);
#endif
if (outlevel >= O_MONITOR)
- error(0, 0, "> %s\n",buf);
+ report(stdout, "> %s\n",buf);
if ((ok = POP3_rpa_resp(buf,socket)) != 0)
{
if (outlevel > O_SILENT && outlevel < O_MONITOR)
- error(0, 0, "%s\n",buf);
+ report(stdout, "%s\n",buf);
return(ok);
}
}
if (outlevel > O_SILENT)
- error(0, 0, "RPA authorisation complete\n");
+ report(stdout, _("RPA authorisation complete\n"));
return(PS_SUCCESS);
}
int sockrc;
if (outlevel >= O_DEBUG)
- error(0, 0, "Get response\n");
+ report(stdout, _("Get response\n"));
#ifndef TESTMODE
sockrc = gen_recv(socket, buf, sizeof(buf));
#else
if (linecount == 1) strcpy(buf,line1);
if (linecount == 2) strcpy(buf,line2);
if (linecount == 3) strcpy(buf,line3);
-/* error(0, 0, "--> "); fflush(stderr); */
+/* report(stdout, "--> "); fflush(stderr); */
/* scanf("%s",&buf) */
sockrc = PS_SUCCESS;
#endif
else
ok = PS_SOCKET;
if (outlevel >= O_DEBUG)
- error(0, 0, "Get response return %d [%s]\n", ok, buf);
+ report(stdout, _("Get response return %d [%s]\n"), ok, buf);
buf[sockrc] = 0;
return(ok);
}
save = *pptr;
if (**pptr != HDR)
{
- if (outlevel > O_SILENT) error(0, 0, "Hdr not 60\n");
+ if (outlevel > O_SILENT)
+ report(stderr, _("Hdr not 60\n"));
return(0);
}
(*pptr)++;
if (len==0)
{
if (outlevel>O_SILENT)
- error(0, 0, "Token length error\n");
+ report(stderr, _("Token length error\n"));
}
else if (((*pptr-save)+len) != rxlen)
{
if (outlevel>O_SILENT)
- error(0, 0, "Token Length %d disagrees with rxlen %d\n",len,rxlen);
+ report(stderr, _("Token Length %d disagrees with rxlen %d\n"),len,rxlen);
len = 0;
}
else if (memcmp(*pptr,MECH,11))
{
if (outlevel > O_SILENT)
- error(0, 0, "Mechanism field incorrect\n");
+ report(stderr, _("Mechanism field incorrect\n"));
len = 0;
}
else (*pptr) += 11; /* Skip mechanism field */
else if ( ch=='+' ) new = 62;
else if ( ch=='/' ) new = 63;
else {
- error(0, 0, "dec64 error at char %d: %x\n", inp - bufp, ch);
+ report(stderr, _("dec64 error at char %d: %x\n"), inp - bufp, ch);
return(0);
}
part=((part & 0x3F)*64) + new;
}
if (outlevel >= O_MONITOR)
{
- error(0, 0, "Inbound binary data:\n");
+ report(stdout, _("Inbound binary data:\n"));
for (i=0; i<cnt; i++)
{
- error_build("%02X ",bufp[i]);
+ report_build(stdout, "%02X ",bufp[i]);
if (((i % 16)==15) || (i==(cnt-1)))
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
return(cnt);
if (outlevel >= O_MONITOR)
{
- error(0, 0, "Outbound data:\n");
+ report(stdout, _("Outbound data:\n"));
for (i=0; i<len; i++)
{
- error_build("%02X ",bufp[i]);
+ report_build(stdout, "%02X ",bufp[i]);
if (((i % 16)==15) || (i==(len-1)))
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
outp = bufp + (((len-1)/3)*4);
if ( ((**pptr)!=delim) && ((**pptr)!=0) && ((*plen)==STRMAX) )
{
if (outlevel > O_SILENT)
- error(0, 0, "RPA String too long\n");
+ report(stderr, _("RPA String too long\n"));
*plen = 0;
}
if (outlevel >= O_DEBUG)
{
- error(0, 0, "Unicode:");
+ report(stdout, _("Unicode:\n"));
for (i=0; i<(*plen); i++)
{
- error_build("%02X ",buf[i]);
+ report_build(stdout, "%02X ",buf[i]);
if (((i % 16)==15) || (i==((*plen)-1)))
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
}
devrandom = fopen("/dev/urandom","rb");
if (devrandom == NULL && outlevel > O_SILENT)
{
- error(0, 0, "RPA Failed open of /dev/urandom. This shouldn't\n");
- error(0, 0, " prevent you logging in, but means you\n");
- error(0, 0, " cannot be sure you are talking to the\n");
- error(0, 0, " service that you think you are (replay\n");
- error(0, 0, " attacks by a dishonest service are possible.)\n");
+ report(stdout, _("RPA Failed open of /dev/urandom. This shouldn't\n"));
+ report(stdout, _(" prevent you logging in, but means you\n"));
+ report(stdout, _(" cannot be sure you are talking to the\n"));
+ report(stdout, _(" service that you think you are (replay\n"));
+ report(stdout, _(" attacks by a dishonest service are possible.)\n"));
}
for(i=0; i<len; i++)
buf[i] = devrandom ? fgetc(devrandom) : random();
if (devrandom)
- fclose(devrandom);
+ fclose(devrandom); /* should be safe, file mode was "r" */
if (outlevel >= O_DEBUG)
{
- error(0, 0, "User challenge:");
+ report(stdout, _("User challenge:\n"));
for (i=0; i<len; i++)
{
- error_build("%02X ",buf[i]);
+ report_build(stdout, "%02X ",buf[i]);
if (((i % 16)==15) || (i==(len-1)))
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
}
if (outlevel >= O_DEBUG)
{
- error(0, 0, "MD5 being applied to data block:\n");
+ report(stdout, _("MD5 being applied to data block:\n"));
for (i=0; i<len; i++)
{
- error_build("%02X ",in[i]);
+ report_build(stdout, "%02X ",in[i]);
if (((i % 16)==15) || (i==(len-1)))
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
MD5Init( &md5context );
MD5Final( out, &md5context );
if (outlevel >= O_DEBUG)
{
- error(0, 0, "MD5 result is: ");
+ report(stdout, _("MD5 result is: \n"));
for (i=0; i<16; i++)
{
- error_build("%02X ",out[i]);
+ report_build(stdout, "%02X ",out[i]);
}
- error_complete(0, 0, "");
+ report_complete(stdout, "\n");
}
}
#endif /* POP3_ENABLE && RPA_ENABLE */