Enable binkp non-secure mode

This commit is contained in:
Deon George 2023-09-06 09:32:04 +12:00
parent 005aa88514
commit 485d67b366
3 changed files with 48 additions and 11 deletions

View File

@ -128,7 +128,7 @@ class Node
{
switch ($key) {
case 'ftn':
if (! is_object($value) OR ! $value instanceof Address)
if ((! is_object($value)) || (! $value instanceof Address))
throw new Exception('Not an Address object: '.(is_object($value) ? get_class($value) : serialize($value)));
// Ignore any duplicate FTNs that we get

View File

@ -686,6 +686,7 @@ final class Binkp extends BaseProtocol
while ($rem_aka=$this->strsep($buf,' ')) {
try {
if (! ($o=Address::findFTN($rem_aka,FALSE,NULL,TRUE))) {
// @todo when we have multiple inactive records, this returns more than 1, so pluck the active record if there is one
Log::alert(sprintf('%s:? AKA is UNKNOWN [%s]',self::LOGKEY,$rem_aka));
$this->node->ftn_other = $rem_aka;
@ -746,6 +747,11 @@ final class Binkp extends BaseProtocol
// Add our mail to the queue if we have authenticated
if ($this->node->aka_authed)
foreach ($this->node->aka_remote_authed as $ao) {
if (! $ao->validated) {
Log::alert(sprintf('%s:! Address [%s] is not validated, so we wont bundle mail for it',self::LOGKEY,$ao->ftn));
continue;
}
$this->send->mail($ao);
$this->send->files($ao);
}
@ -815,6 +821,12 @@ final class Binkp extends BaseProtocol
if ($this->node->aka_authed)
foreach ($this->node->aka_remote_authed as $ao) {
Log::debug(sprintf('%s:- Checking for any new mail and files to [%s]',self::LOGKEY,$ao->ftn));
if (! $ao->validated) {
Log::alert(sprintf('%s:! Address [%s] is not validated, so we wont bundle mail for it',self::LOGKEY,$ao->ftn));
continue;
}
$this->send->mail($ao);
$this->send->files($ao);
}
@ -1175,17 +1187,23 @@ final class Binkp extends BaseProtocol
$buf = $this->skip_blanks($buf);
if ($this->optionGet(self::O_PWD) && $buf) {
while (($t = $this->strsep($buf," \t")))
while (($t=$this->strsep($buf," \t")))
if (strcmp($t,'non-secure') === 0) {
Log::debug(sprintf('%s:- NOT secure',self::LOGKEY));
Log::info(sprintf('%s:- NOT secure',self::LOGKEY));
$this->capSet(self::F_CRYPT,self::O_NO);
$this->optionClear(self::O_PWD);
break;
} else {
Log::debug(sprintf('%s:? Got unknown string from M_ok [%s]',self::LOGKEY,$t));
}
}
if ($this->optionGet(self::O_PWD))
Log::info(sprintf('%s:- SECURE',self::LOGKEY));
return $this->binkp_hsdone();
}
@ -1208,9 +1226,11 @@ final class Binkp extends BaseProtocol
if ($this->md_challenge) {
if ($have_CRAM) {
// Loop to match passwords
$this->node->auth(substr($buf,9),$this->md_challenge);
$x = $this->node->auth(substr($buf,9),$this->md_challenge);
$this->capSet(self::F_MD,self::O_THEY);
Log::info(sprintf('%s:- We authed [%d] akas',self::LOGKEY,$x));
} elseif ($this->capGet(self::F_MD,self::O_NEED)) {
Log::error(sprintf('%s:! Remote doesnt support MD5, but we want it',self::LOGKEY));
@ -1223,15 +1243,16 @@ final class Binkp extends BaseProtocol
if (! $this->md_challenge || (! $have_CRAM && (! $this->capGet(self::F_MD,self::O_NEED)))) {
// Loop to match passwords
$this->node->auth($buf);
$x = $this->node->auth($buf);
Log::info(sprintf('%s:- We authed [%d] akas',self::LOGKEY,$x));
}
if ($have_pwd) {
// If no passwords matched (ie: aka_authed is 0)
if (! $this->node->aka_authed) {
// If no passwords matched (ie: aka_authed is 0), but we know this system
if ((! $this->node->aka_authed) && ($this->node->aka_remote->count())) {
Log::error(sprintf('%s:! Bad password [%s]',self::LOGKEY,$buf));
$this->msgs(self::BPM_ERR,'Security violation');
$this->optionSet(self::O_BAD);
$this->rc = self::S_FAILURE;
@ -1274,14 +1295,25 @@ final class Binkp extends BaseProtocol
$this->msgs(self::BPM_NUL,sprintf('OPT%s',$opt));
// Add our mail to the queue if we have authenticated
if ($this->node->aka_authed)
if ($this->node->aka_authed) {
foreach ($this->node->aka_remote_authed as $ao) {
if (! $ao->validated) {
Log::alert(sprintf('%s:! Address [%s] is not validated, so we wont bundle mail for it',self::LOGKEY,$ao->ftn));
continue;
}
$this->send->mail($ao);
$this->send->files($ao);
}
$this->msgs(self::BPM_NUL,sprintf('TRF %lu %lu',$this->send->mail_size,$this->send->files_size));
$this->msgs(self::BPM_OK,sprintf('%ssecure',$have_pwd ? '' : 'non-'));
$this->msgs(self::BPM_NUL,sprintf('TRF %lu %lu',$this->send->mail_size,$this->send->files_size));
$this->msgs(self::BPM_OK,sprintf('%ssecure',$have_pwd ? '' : 'non-'));
} else {
// @todo Send any direct netmail to this node, if that node is unknown to us
$this->msgs(self::BPM_NUL,sprintf('TRF %lu %lu',$this->send->mail_size,$this->send->files_size));
$this->msgs(self::OK,'non-secure');
}
return $this->binkp_hsdone();
}

View File

@ -1206,6 +1206,11 @@ final class EMSI extends BaseProtocol implements CRCInterface,ZmodemInterface
// Add our mail to the queue if we have authenticated
if ($this->node->aka_authed)
foreach ($this->node->aka_remote_authed as $ao) {
if (! $ao->validated) {
Log::alert(sprintf('%s:! Address [%s] is not validated, so we wont bundle mail for it',self::LOGKEY,$ao->ftn));
continue;
}
// Send mail
while ($this->send->mail($ao)) {
$z = new Zmodem;