From 2471d3a979d00e0cecca64e0d5889ca40c02c5fe Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Sat, 16 May 2009 13:01:49 +0000
Subject: - Added possibility to encrypt received header, option
 'http_received_header_encrypt',   added some more logic in encrypt/decrypt
 functions for security

---
 bin/decrypt.php | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 75 insertions(+)
 create mode 100644 bin/decrypt.php

(limited to 'bin')

diff --git a/bin/decrypt.php b/bin/decrypt.php
new file mode 100644
index 000000000..6c6c4424f
--- /dev/null
+++ b/bin/decrypt.php
@@ -0,0 +1,75 @@
+#!/usr/bin/env php
+<?php
+/*
+
+ +-----------------------------------------------------------------------+
+ | bin/decrypt.php                                                       |
+ |                                                                       |
+ | This file is part of the RoundCube Webmail client                     |
+ | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                 |
+ | Licensed under the GNU GPL                                            |
+ |                                                                       |
+ | PURPOSE:                                                              |
+ |   Decrypt the encrypted parts of the HTTP Received: headers           |
+ |                                                                       |
+ +-----------------------------------------------------------------------+
+ | Author: Tomas Tevesz <ice@extreme.hu>                                 |
+ +-----------------------------------------------------------------------+
+
+ $Id$
+*/
+
+/*-
+ * If http_received_header_encrypt is configured, the IP address and the
+ * host name of the added Received: header is encrypted with 3DES, to
+ * protect information that some could consider sensitve, yet their
+ * availability is a must in some circumstances.
+ *
+ * Such an encrypted Received: header might look like:
+ *
+ * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==
+ * 	[my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4]
+ *	with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200
+ *
+ * In this example, the two encrypted components are the sender host name
+ * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP
+ * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4).
+ *
+ * Using this tool, they can be decrypted into plain text:
+ *
+ * $ bin/decrypt_received.php 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \
+ * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ=='
+ * 84.3.187.208
+ * 5403BBD0.catv.pool.telekom.hu
+ * $
+ *
+ * Thus it is known that this particular message was sent by 84.3.187.208,
+ * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu.
+ *
+ * If (most likely binary) junk is shown, then
+ *  - either the encryption password has, between the time the mail was sent
+ *    and `now', changed, or
+ *  - you are dealing with counterfeit header data.
+ */
+
+if (php_sapi_name() != 'cli') {
+	die("Not on the 'shell' (php-cli).\n");
+}
+
+define('INSTALL_PATH', realpath(dirname(__FILE__).'/..') . '/');
+require INSTALL_PATH . 'program/include/iniset.php';
+
+$config = new rcube_config();
+if (!$config->get('http_received_header_encrypt')) {
+	die("http_received_header_encrypt is not configured\n");
+}
+
+if ($argc < 2) {
+	die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n");
+}
+
+$RCMAIL = rcmail::get_instance();
+
+for ($i = 1; $i < $argc; $i++) {
+	printf("%s\n", $RCMAIL->decrypt($argv[$i]));
+};
-- 
cgit v1.2.3