pop3.c

* A ncurses user interface. * Network statistics to view the amount of packets and data in many

/*

  This file is part of sniffer, a packet capture utility and
  network moniter
  The author can be contacted at <mistral@stev.org>
  the lastest version is avilable from 
  http://stev.org

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/

#include "config.h"

#ifdef POP3

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <pthread.h>
#include <unistd.h>

#include <sys/stat.h>

#include "list.h"
#include "locks.h"
#include "tcp.h"
#include "pop3.h"
#include "log.h"


/* 	the lock is so that more than 1 connection 
	does not write to the file at the same time */
pthread_mutex_t pop3_mutex = PTHREAD_MUTEX_INITIALIZER;

void pop3_src(struct sniff_pkt *pkt, struct tcp_data *tcp, char *data, int length) {
	struct pop3_data *tmp;
	tmp = tcp->dat;

	if (length < 2)
		return;

	data[length + 1] = (char ) NULL;
	data = strtok(data, "\r\n");

	while (data && data[1]) {
		if (strncmp("USER ", data, 5) == 0) {
			/* we have a user name lets save it */
			if (tmp->user != NULL)
				free(tmp->user);
			tmp->user = malloc( strlen(data + 5) + 1 );
			if (!tmp->user) {
				log_errno("malloc");
				return;
			}
			strcpy(tmp->user, data + 5);
			tmp->state = POP3_USER;
			return;
		}
		if (strncmp("PASS ", data, 5) == 0) {
			/* we have a user name lets save it */
			if (tmp->pass != NULL)
				free(tmp->pass);
			tmp->pass = malloc( strlen(data + 5) + 1 );
			if (!tmp->pass) {
				log_errno("malloc");
				return;
			}
			strcpy(tmp->pass, data + 5);
			tmp->state = POP3_PASS;
			return;
		}

		if (strncmp("STAT", data, 4) == 0) {
			tmp->state = POP3_STAT;
			return;
		}

		if (strncmp("LIST", data, 4) == 0) {
			tmp->state = POP3_LIST;
			return;
		}

		if (strncmp("QUIT", data, 4) == 0) {
			tmp->state = POP3_BYE;
			return;
		}

		data = strtok(NULL, "\r\n");
	} /* end of while loop */
}

void pop3_dst(struct sniff_pkt *pkt, struct tcp_data *tcp, char *data, int length) {
	char *t; /* used for temp text vars */
	struct pop3_data *tmp;
	tmp = tcp->dat;

	if (length == 0)
		return;

	data[length + 1] = (char ) NULL;

	data = strtok(data, "\r\n");
	while (data && data[1]) {
		if (strncmp(data, "+OK", 3) == 0) { /* get an ok from a commmand */
			/* lets find out what the ok is for */
			switch (tmp->state) {
				case POP3_START: /* just got a connection */
					break;
				case POP3_USER: /* mark user as good */
					tmp->user_good = 1;
					break;
				case POP3_PASS: /* mark pass as good */
					tmp->pass_good = 1;
					tmp->state = POP3_LOGIN;
					break;
				/* no POP3_LOGIN this is for commmand mode */

				case POP3_STAT:
					tmp->state = POP3_LOGIN;
					break;
				case POP3_LIST:
					t = malloc(strlen(data) + 1);
					if (!t) {
						log_errno("malloc");
						return;
					}
					strcpy(t, data);
					list_add(tmp->mails, t);
					break;
				case POP3_BYE: /* its all over :) */
					tmp->exit_good = 1;
					break;
				default:
					break;
			} /* switch state */
		} else {
			switch(tmp->state) {
				case POP3_LIST: /* the response from the list command */
					if (data[0] == '.') {
						tmp->state = POP3_LOGIN;
						tmp->list_good = 1;
					} else {
						t = malloc(strlen(data) + 1);
						if (!t) {
							log_errno("malloc");
							return;
						}
						strcpy(t, data);
						list_add(tmp->mails, t);
					}
					break;
				default:
					break;
			}
		} /* if +OK else */
		data = strtok(NULL, "\n");
	}
	return;
}

void pop3_clean(struct tcp_data *tcp) {
	int i,total;
	char *t;
	struct pop3_data *tmp;
	FILE *pop3_file = NULL;
	char *fname = NULL;
	tmp = tcp->dat;

#ifdef DEBUG_POP3
	log_s("Deleted struct");
#endif

	if (!tmp)
		return;

	i = strlen("output/pop3/");
	if (tmp->user)
		i += strlen(tmp->user);
	if (tcp->dest.ip_name) {
		i += strlen(tcp->dest.ip_name);
	} else {
		i += strlen(tcp->dest.ip_str);
	}
	i += 3; /* for @ and null */

	/* lets build a filename */
	fname = malloc(i);
	if (!fname) {
		log_errno("malloc: ");
		goto free_up;
	}

	strcpy(fname, "output/pop3/");
	if (tmp->user)
		strcat(fname, tmp->user);
	strcat(fname, "@");
	if (tcp->dest.ip_name) {
		strcat(fname, tcp->dest.ip_name);
	} else {
		strcat(fname, tcp->dest.ip_str);
	}

	SLOCK(&pop3_mutex);

	/* dont open the file until we have a pop3 lock */
	pop3_file = fopen(fname, "a");
	if (!pop3_file) {
		log_errno("fopen: ");
		goto free_up;
	}

	fprintf(pop3_file, "*******************************************\n");

	if (tcp->dest.ip_name) {
		fprintf(pop3_file, "HOSTNAME: %s\n", tcp->dest.ip_name);
	} else {
		fprintf(pop3_file, "HOSTNAME: %s\n", tcp->dest.ip_str);
	}

	if (tcp->src.ip_name) {
		fprintf(pop3_file, "CLIENT: %s\n", tcp->src.ip_name);
	} else {
		fprintf(pop3_file, "CLIENT: %s\n", tcp->src.ip_str);
	}

	if (tmp->user) {
		if (tmp->user_good) {
			fprintf(pop3_file, "USER: %s\n", tmp->user);
		} else {
			fprintf(pop3_file, "(Mayby False) USER: %s\n", tmp->user);
		}
	}

	if (tmp->pass) {
		if (tmp->pass_good) {
			fprintf(pop3_file, "PASS: %s\n", tmp->pass);
		} else {
			fprintf(pop3_file, "(Mayby False) PASS: %s\n", tmp->pass);
		}
	}

	total = list_length(tmp->mails);
	if (total)
		fprintf(pop3_file, "Emails on Server\n");
	for(i=0;i<total;i++) {
		t = list_get(tmp->mails, 0);
		list_del(tmp->mails, 0);
		fprintf(pop3_file, "\t%s\n", t);
		free(t);
	}

	fprintf(pop3_file, "Clean QUIT\n");
	fclose(pop3_file);

	SUNLOCK(&pop3_mutex);

free_up: /* jump here when things go wrong */

	list_free(tmp->mails);

	if (tmp->user != NULL)
		free(tmp->user);
	if (tmp->pass != NULL)
		free(tmp->pass);

	free(tmp);
	return;
}


void pop3_init(struct tcp_data *tcp) {
	struct pop3_data *tmp;

#ifdef DEBUG_POP3
	log_s("Added struct");
#endif


	/* time to alloc memory for the stuct */
	tmp = malloc( sizeof(struct pop3_data) );
	if (!tmp) {
		log_errno("malloc");
		goto get_out;
		return;
	}

	/* lets now set up our default data and ip addresses */
	tmp->state = POP3_START;
	tmp->user = NULL;
	tmp->user_good = 0;
	tmp->pass = NULL;
	tmp->pass_good = 0;

	tmp->list_good = 0;
	tmp->exit_good = 0;

	tcp->func_src = pop3_src;
	tcp->func_dst = pop3_dst;
	tcp->func_lookup = NULL;
	tcp->func_cleanup = pop3_clean;

	tmp->mails = list_init();

	tcp->dat = tmp;
	return;

get_out:
	tcp->func_src = NULL;
	tcp->func_dst = NULL;
	tcp->func_lookup = NULL;
	tcp->func_cleanup = NULL;
	tcp->dat = NULL;
}


void pop3_open() {

	SLOCK(&pop3_mutex);

	if (mkdir("output/pop3", S_IRWXU) < 0)
		if (errno != EEXIST)
			log_errno_nolock("mkdir: output/pop3 ");

	SUNLOCK(&pop3_mutex);
	return;
}

#endif