Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100755 67 lines (61 sloc) 2.882 kb
2471d3a9 » alecpl
2009-05-16 - Added possibility to encrypt received header, option 'http_received…
1 #!/usr/bin/env php
2 <?php
3 /*
4 +-----------------------------------------------------------------------+
30aa4cca » alecpl
2010-05-18 - Renamed all php-cli scripts to use .sh extension
5 | bin/decrypt.sh |
2471d3a9 » alecpl
2009-05-16 - Added possibility to encrypt received header, option 'http_received…
6 | |
e019f2d0 » alecpl
2010-09-25 - s/RoundCube/Roundcube/
7 | This file is part of the Roundcube Webmail client |
f5e7b353 » thomascube
2011-01-12 Bumbed version; Roundcube development is not Switzerland only
8 | Copyright (C) 2005-2009, The Roundcube Dev Team |
7fe3811c » thomascube
2012-01-18 Changed license to GNU GPLv3+ with exceptions for skins and plugins
9 | |
10 | Licensed under the GNU General Public License version 3 or |
11 | any later version with exceptions for skins & plugins. |
12 | See the README file for a full license statement. |
2471d3a9 » alecpl
2009-05-16 - Added possibility to encrypt received header, option 'http_received…
13 | |
14 | PURPOSE: |
15 | Decrypt the encrypted parts of the HTTP Received: headers |
16 | |
17 +-----------------------------------------------------------------------+
18 | Author: Tomas Tevesz <ice@extreme.hu> |
19 +-----------------------------------------------------------------------+
20 */
21
22 /*-
23 * If http_received_header_encrypt is configured, the IP address and the
24 * host name of the added Received: header is encrypted with 3DES, to
25 * protect information that some could consider sensitve, yet their
26 * availability is a must in some circumstances.
27 *
28 * Such an encrypted Received: header might look like:
29 *
30 * Received: from DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==
31 * [my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4]
32 * with HTTP/1.1 (POST); Thu, 14 May 2009 19:17:28 +0200
33 *
34 * In this example, the two encrypted components are the sender host name
35 * (DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ==) and the IP
36 * address (my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4).
37 *
38 * Using this tool, they can be decrypted into plain text:
39 *
30aa4cca » alecpl
2010-05-18 - Renamed all php-cli scripts to use .sh extension
40 * $ bin/decrypt.sh 'my0nUbjZXKtl7KVBZcsvWOxxtyVFxza4' \
2471d3a9 » alecpl
2009-05-16 - Added possibility to encrypt received header, option 'http_received…
41 * > 'DzgkvJBO5+bw+oje5JACeNIa/uSI4mRw2cy5YoPBba73eyBmjtyHnQ=='
42 * 84.3.187.208
43 * 5403BBD0.catv.pool.telekom.hu
44 * $
45 *
46 * Thus it is known that this particular message was sent by 84.3.187.208,
47 * having, at the time of sending, the name of 5403BBD0.catv.pool.telekom.hu.
48 *
49 * If (most likely binary) junk is shown, then
50 * - either the encryption password has, between the time the mail was sent
51 * and `now', changed, or
52 * - you are dealing with counterfeit header data.
53 */
54
55 define('INSTALL_PATH', realpath(dirname(__FILE__).'/..') . '/');
6cc3f588 » alecpl
2011-04-20 - Use clisetup.php where possible, remove redundant code
56
57 require INSTALL_PATH . 'program/include/clisetup.php';
2471d3a9 » alecpl
2009-05-16 - Added possibility to encrypt received header, option 'http_received…
58
59 if ($argc < 2) {
60 die("Usage: " . basename($argv[0]) . " encrypted-hdr-part [encrypted-hdr-part ...]\n");
61 }
62
63 $RCMAIL = rcmail::get_instance();
64
65 for ($i = 1; $i < $argc; $i++) {
66 printf("%s\n", $RCMAIL->decrypt($argv[$i]));
67 };
Something went wrong with that request. Please try again.