Gautam Iyer wrote:
On Fri, May 29, 2009 at 12:24:00PM -0400, Jeff Buchbinder wrote:
I'm attaching a patch I came up with since our users weren't cool with
their passwords being plaintext readable in their config files. Base64
keeps the casual viewer/grepper from seeing a password... but the
solution is pretty simple and could be easily modified to support
other two way encryption methods.
IMAP + Kerberos avoids keeping plaintext passwords! Unfortunately isync
doesn't support it, and I've been waiting a while to get the time to
patch it.
The other alternative I sometimes use is IMAP+ssh tunnels, but that
doesn't always work so well for me,
I put that patch together as a "quick hack" so that users wouldn't get
upset about plaintext passwords laying around in a config file. Only
*slightly* better than rot13...
Anyways, the patch was wrong to begin with. I'm attaching a corrected
version.
--
Jeff Buchbinder
Senior Infrastructure Engineer
Rave Wireless, Inc
jbuchbin...@ravewireless.com
diff -uNr isync-1.0.4-orig/src/drv_imap.c isync-1.0.4/src/drv_imap.c
--- isync-1.0.4-orig/src/drv_imap.c 2009-05-29 11:50:07.000000000 -0400
+++ isync-1.0.4/src/drv_imap.c 2009-05-29 12:02:00.000000000 -0400
@@ -176,6 +176,7 @@
static int get_cmd_result( imap_store_t *ctx, struct imap_cmd *tcmd );
+int b64decode(unsigned char* str);
static const char *Flags[] = {
"Draft",
@@ -1750,6 +1751,8 @@
server->user = nfstrdup( cfg->val );
else if (!strcasecmp( "Pass", cfg->cmd ))
server->pass = nfstrdup( cfg->val );
+ else if (!strcasecmp( "Base64Pass", cfg->cmd ))
+ server->pass = b64decode( cfg->val );
else if (!strcasecmp( "Port", cfg->cmd ))
server->port = parse_int( cfg );
#if HAVE_LIBSSL
@@ -1837,3 +1840,68 @@
imap_check,
imap_close
};
+
+/*
+ * Found at http://www.jeremie.com/frolic/base64/
+ */
+int b64decode(unsigned char* str)
+{
+ unsigned char *cur, *start;
+ int d, dlast, phase;
+ unsigned char c;
+ static int table[256] = {
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 00-0F */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 10-1F */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,62,-1,-1,-1,63, /* 20-2F */
+ 52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-1,-1,-1, /* 30-3F */
+ -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,10,11,12,13,14, /* 40-4F */
+ 15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1, /* 50-5F */
+ -1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40, /* 60-6F */
+ 41,42,43,44,45,46,47,48,49,50,51,-1,-1,-1,-1,-1, /* 70-7F */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 80-8F */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* 90-9F */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* A0-AF */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* B0-BF */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* C0-CF */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* D0-DF */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1, /* E0-EF */
+ -1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1 /* F0-FF */
+ };
+
+ d = dlast = phase = 0;
+ start = str;
+ for (cur = str; *cur != '\0'; ++cur )
+ {
+ // jer: this is my bit that treats line endings as physical breaks
+ if(*cur == '\n' || *cur == '\r'){phase = dlast = 0; continue;}
+ d = table[(int)*cur];
+ if(d != -1)
+ {
+ switch(phase)
+ {
+ case 0:
+ ++phase;
+ break;
+ case 1:
+ c = ((dlast << 2) | ((d & 0x30) >> 4));
+ *str++ = c;
+ ++phase;
+ break;
+ case 2:
+ c = (((dlast & 0xf) << 4) | ((d & 0x3c) >> 2));
+ *str++ = c;
+ ++phase;
+ break;
+ case 3:
+ c = (((dlast & 0x03 ) << 6) | d);
+ *str++ = c;
+ phase = 0;
+ break;
+ }
+ dlast = d;
+ }
+ }
+ *str = '\0';
+ return str - start;
+}
+
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp as they present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://p.sf.net/sfu/creativitycat-com
_______________________________________________
isync-devel mailing list
isync-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/isync-devel
