16 files changed, 83 insertions, 64 deletions
diff --git a/dev/scripts/auth/legacy.pl b/dev/scripts/auth/legacy.pl
index ce8882ce..8e979eae 100755
--- a/dev/scripts/auth/legacy.pl
+++ b/dev/scripts/auth/legacy.pl
@@ -16,15 +16,18 @@ if (length($userid) == 0  or length($inpass) == 0) {
 	}
 
 
-$key = sha512_base64($userid . $salt . $inpass);
-$token = sha512_base64($inpass, sha512($inpass, sha512($userid . $salt . $inpass)));
-
-$key =~ s/\//\_/g;
-$key =~ s/\+/\-/g; 	
-$token =~ s/\//\_/g;
-$token =~ s/\+/\-/g; 	
-
-print "key = " . $key . "\n";
-print "token = " . $token . "\n";
-
+$key1 = sha512_base64($userid . $salt . $inpass);
+$key2 = sha512_hex($userid . $salt . $inpass);
+$token1 = sha512_base64($inpass, sha512($inpass, sha512($userid . $salt . $inpass)));
+$token2 = sha512_hex($inpass, sha512($inpass, sha512($userid . $salt . $inpass)));
+
+$key1 =~ s/\//\_/g;
+$key1 =~ s/\+/\-/g; 	
+$token1 =~ s/\//\_/g;
+$token1 =~ s/\+/\-/g; 	
+
+print "key[b64] = " . $key1 . "\n";
+print "key[hex] = " . $key2 . "\n";
+print "token[b64] = " . $token1 . "\n";
+print "token[hex] = " . $token2 . "\n";
 
diff --git a/dev/scripts/test/t.authlogin.sh b/dev/scripts/test/t.authlogin.sh
index 21f2206b..7cd63a0b 100755
--- a/dev/scripts/test/t.authlogin.sh
+++ b/dev/scripts/test/t.authlogin.sh
@@ -7,18 +7,18 @@
 
 echo ""
 
-# Success (ladar/test)
+# Success (magma/password)
 tput setaf 6; echo "Valid AUTH LOGIN requests:"; tput sgr0
 echo ""
-printf "AUTH LOGIN bGFkYXI=\r\ndGVzdA==\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH LOGIN bWFnbWE=\r\ncGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
 echo ""
-printf "AUTH LOGIN\r\nbGFkYXI=\r\ndGVzdA==\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH LOGIN\r\nbWFnbWE=\r\ncGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
 echo ""
 
-# Fail (ladar/password)
+# Fail (magma/invalidpassword)
 tput setaf 6; echo "Invalid AUTH LOGIN requests:"; tput sgr0
 echo ""
-printf "AUTH LOGIN bGFkYXI=\r\ncGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH LOGIN bWFnbWE=\r\naW52YWxpZHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
 echo ""
-printf "AUTH LOGIN\r\nbGFkYXI=\r\ncGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH LOGIN\r\nbWFnbWE=\r\naW52YWxpZHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
 echo ""
diff --git a/dev/scripts/test/t.authplain.sh b/dev/scripts/test/t.authplain.sh
index d4e9d54d..125667e7 100755
--- a/dev/scripts/test/t.authplain.sh
+++ b/dev/scripts/test/t.authplain.sh
@@ -7,18 +7,18 @@
 
 echo ""
 
-# Success (ladar/test)
+# Success (magma/password)
 tput setaf 6; echo "Valid AUTH PLAIN requests:"; tput sgr0
 echo ""
-printf "AUTH PLAIN AGxhZGFyQGxhdmFiaXQuY29tAHRlc3Q=\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH PLAIN bWFnbWEAbWFnbWEAcGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
 echo ""
-printf "AUTH PLAIN\r\nAGxhZGFyQGxhdmFiaXQuY29tAHRlc3Q=\r\nQUIT\r\n" | nc localhost 7000
+printf "AUTH PLAIN\r\nbWFnbWEAbWFnbWEAcGFzc3dvcmQ=\r\nQUIT\r\n" | nc localhost 7000
 echo ""
 
-# Fail (ladar/password)
+# Fail (magma/invalidpassword)
 tput setaf 6; echo "Invalid AUTH PLAIN requests:"; tput sgr0
 echo ""
-printf "AUTH PLAIN AGxhZGFyQGxhdmFiaXQuY29tAHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
-echo "" 
-printf "AUTH PLAIN\r\nAGxhZGFyQGxhdmFiaXQuY29tAHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
-echo ""
-\ No newline at end of file
+printf "AUTH PLAIN bWFnbWEAbWFnbWEAaW52YWxpZHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
+echo ""
+printf "AUTH PLAIN\r\nbWFnbWEAbWFnbWEAaW52YWxpZHBhc3N3b3Jk\r\nQUIT\r\n" | nc localhost 7000
+echo ""
diff --git a/dev/scripts/test/t.authstacie.sh b/dev/scripts/test/t.authstacie.sh
index b86d796b..8bd85473 100755
--- a/dev/scripts/test/t.authstacie.sh
+++ b/dev/scripts/test/t.authstacie.sh
@@ -10,11 +10,11 @@ echo ""
 # Success (ladar/test)
 tput setaf 6; echo "Valid STACIE login over POP:"; tput sgr0
 echo ""
-printf "USER stacie\r\nPASS test\r\nQUIT\r\n" | nc localhost 8000
+printf "USER stacie\r\nPASS password\r\nQUIT\r\n" | nc localhost 8000
 echo ""
 
 # Fail (ladar/password)
 tput setaf 6; echo "Invalid STACIE login over POP:"; tput sgr0
 echo ""
-printf "USER stacie\r\nPASS stacie\r\nQUIT\r\n" | nc localhost 8000
-echo "" 
+printf "USER stacie\r\nPASS password\r\nQUIT\r\n" | nc localhost 8000
+echo ""
diff --git a/dev/scripts/test/t.camel.sh b/dev/scripts/test/t.camel.sh
index 610be1e8..d04d0978 100755
--- a/dev/scripts/test/t.camel.sh
+++ b/dev/scripts/test/t.camel.sh
@@ -5,13 +5,14 @@ export RANDOM=$SEED
 
 export IDNUM="1"
 export USERID="magma"
+export PASSWORD="password"
 export COOKIES=`mktemp`
 export SQLHOST="localhost"
 export CAMELHOST="http://localhost:10000"
 export CAMELPATH="$CAMELHOST/portal/camel"
 
 # Check and make sure magmad is running before attempting a connection.
-PID=`pidof magmad magmad.check`       
+PID=`pidof magmad magmad.check`
 
 if [ -z "$PID" ]; then
 	tput setaf 1; tput bold; echo "Magma process isn't running."; tput sgr0
@@ -22,29 +23,29 @@ wget --quiet --retry-connrefused --connect-timeout=1 --waitretry=1 --tries=0 --o
 if [ $? != 0 ]; then
 	tput setaf 1; tput bold; echo "tired of waiting on the magma daemon start"; tput sgr0
 	exit
-fi	
+fi
 
 submit() {
-	
-	# Client submission in yellow, server responses in red. 
-	tput setaf 3; tput bold; echo "$1"; 
-	
+
+	# Client submission in yellow, server responses in red.
+	tput setaf 3; tput bold; echo "$1";
+
 	# Submit using cURL
 	# To print the server supplied HTTP headers add --include
 
 	# export OUTPUT=`curl --silent --cookie "$COOKIES" --cookie-jar "$COOKIES" --data "$1" "$CAMELPATH"`
-	
+
 	# Submit using wget
 	# To print the server supplied HTTP headers add --server-response
 
 	export OUTPUT=`wget --load-cookies="$COOKIES" --save-cookies="$COOKIES" --quiet --output-document=- --post-data="$1" "$CAMELPATH"`
-	
+
 	if [[ "$OUTPUT" =~ "\"result\":" ]] && [[ ! "$OUTPUT" =~ "\"failed\"" ]]; then
-		tput setaf 2; tput bold; echo $OUTPUT	
+		tput setaf 2; tput bold; echo $OUTPUT
 	else
 		tput setaf 1; tput bold; echo $OUTPUT
-	fi  
-	
+	fi
+
 	tput sgr0; echo ""
 	export IDNUM=`expr $IDNUM + 1`
 }
@@ -71,7 +72,7 @@ echo ""
 tput setaf 6; echo "Camel requests:"; tput sgr0
 echo ""
 
-submit "{\"id\":$IDNUM,\"method\":\"auth\",\"params\":{\"username\":\"$USERID\",\"password\":\"test\"}}"
+submit "{\"id\":$IDNUM,\"method\":\"auth\",\"params\":{\"username\":\"$USERID\",\"password\":\"$PASSWORD\"}}"
 submit "{\"id\":$IDNUM,\"method\":\"config.edit\",\"params\":{\"key\":\"value\"}}"
 submit "{\"id\":$IDNUM,\"method\":\"config.load\"}"
 submit "{\"id\":$IDNUM,\"method\":\"config.edit\",\"params\":{\"key\":null}}"
@@ -91,7 +92,7 @@ foldernum "Lovers"; contactnums "Flight Crew" "1"; submit "{\"id\":$IDNUM,\"meth
 foldernum "Flight Crew"; submit "{\"id\":$IDNUM,\"method\":\"contacts.list\",\"params\":{\"folderID\":$FOLDERNUM }}"
 foldernum "Lovers"; submit "{\"id\":$IDNUM,\"method\":\"contacts.list\",\"params\":{\"folderID\":$FOLDERNUM }}"
 contactnums "Flight Crew" "1"; submit "{\"id\":$IDNUM,\"method\":\"contacts.remove\",\"params\":{\"folderID\":$SOURCENUM, \"contactID\":$CONTACTNUM }}"
-contactnums "Lovers" "1"; submit "{\"id\":$IDNUM,\"method\":\"contacts.remove\",\"params\":{\"folderID\":$SOURCENUM, \"contactID\":$CONTACTNUM }}"  
+contactnums "Lovers" "1"; submit "{\"id\":$IDNUM,\"method\":\"contacts.remove\",\"params\":{\"folderID\":$SOURCENUM, \"contactID\":$CONTACTNUM }}"
 foldernum "Lovers"; submit "{\"id\":$IDNUM,\"method\":\"contacts.list\",\"params\":{\"folderID\":$FOLDERNUM }}"
 foldernum "Flight Crew"; submit "{\"id\":$IDNUM,\"method\":\"folders.remove\",\"params\":{\"context\":\"contacts\",\"folderID\":$FOLDERNUM }}"
 foldernum "Lovers"; submit "{\"id\":$IDNUM,\"method\":\"folders.remove\",\"params\":{\"context\":\"contacts\",\"folderID\":$FOLDERNUM }}"
@@ -121,7 +122,7 @@ messagenums "Inbox" "1"; submit "{\"id\":$IDNUM,\"method\":\"messages.load\",\"p
 foldernum "Duplicate"; messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.copy\",\"params\":{\"messageIDs\": [$MESSAGENUM], \"sourceFolderID\":$SOURCENUM, \"targetFolderID\":$FOLDERNUM }}"
 foldernum "Duplicate"; submit "{\"id\":$IDNUM,\"method\":\"folders.remove\",\"params\":{\"context\":\"mail\",\"folderID\":$FOLDERNUM }}"
 messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.flag\",\"params\":{\"action\":\"add\", \"flags\":[\"flagged\"], \"messageIDs\": [$MESSAGENUM], \"folderID\":$SOURCENUM }}"
-messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.tags\",\"params\":{\"action\":\"add\", \"tags\":[\"girlie\",\"girlie-$RANDOM\"], \"messageIDs\": [$MESSAGENUM], \"folderID\":$SOURCENUM }}" 
+messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.tags\",\"params\":{\"action\":\"add\", \"tags\":[\"girlie\",\"girlie-$RANDOM\"], \"messageIDs\": [$MESSAGENUM], \"folderID\":$SOURCENUM }}"
 messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.flag\",\"params\":{\"action\":\"list\", \"messageIDs\": [$MESSAGENUM], \"folderID\":$SOURCENUM }}"
 messagenums "Inbox" "100"; submit "{\"id\":$IDNUM,\"method\":\"messages.tags\",\"params\":{\"action\":\"list\", \"messageIDs\": [$MESSAGENUM], \"folderID\":$SOURCENUM }}"
 foldernum "Inbox"; submit "{\"id\":$IDNUM,\"method\":\"messages.list\",\"params\":{\"folderID\":$FOLDERNUM }}"
diff --git a/dev/scripts/test/t.imap.body.sh b/dev/scripts/test/t.imap.body.sh
index a42fd09a..db0ced5e 100755
--- a/dev/scripts/test/t.imap.body.sh
+++ b/dev/scripts/test/t.imap.body.sh
@@ -9,7 +9,7 @@ echo ""
 tput setaf 6; echo "IMAP session:"; tput sgr0
 echo ""
 nc localhost 9000 <<EOF
-A01 LOGIN magma test
+A01 LOGIN magma password
 A02 LIST "" "*"
 A03 SELECT Inbox
 A04 FETCH 1:* (UID BODY[HEADER.FIELDS (SUBJECT DATE)])
diff --git a/dev/scripts/test/t.imap.purge.sh b/dev/scripts/test/t.imap.purge.sh
index 7ad0a6a7..c29d0478 100755
--- a/dev/scripts/test/t.imap.purge.sh
+++ b/dev/scripts/test/t.imap.purge.sh
@@ -8,4 +8,4 @@
 echo ""
 tput setaf 6; echo "IMAP Purge Inbox Folder:"; tput sgr0
 echo ""
-printf "A01 LOGIN magma test\r\nA02 SELECT Inbox\r\nA03 STORE 1:* FLAGS.SILENT (\Deleted)\r\nA05 EXPUNGE\r\nA06 CLOSE\r\nA07 LOGOUT\r\n" | nc localhost 9000
+printf "A01 LOGIN magma password\r\nA02 SELECT Inbox\r\nA03 STORE 1:* FLAGS.SILENT (\Deleted)\r\nA05 EXPUNGE\r\nA06 CLOSE\r\nA07 LOGOUT\r\n" | nc localhost 9000
diff --git a/dev/scripts/test/t.imap.sh b/dev/scripts/test/t.imap.sh
index fbad6381..7aaacb28 100755
--- a/dev/scripts/test/t.imap.sh
+++ b/dev/scripts/test/t.imap.sh
@@ -8,4 +8,4 @@
 echo ""
 tput setaf 6; echo "IMAP session:"; tput sgr0
 echo ""
-printf "A01 LOGIN magma test\r\nA02 LIST \"\" \"*\"\r\nA03 SELECT Inbox\r\nA04 FETCH 1:* RFC822\r\nA05 LOGOUT\r\n" | nc localhost 9000
+printf "A01 LOGIN magma password\r\nA02 LIST \"\" \"*\"\r\nA03 SELECT Inbox\r\nA04 FETCH 1:* RFC822\r\nA05 LOGOUT\r\n" | nc localhost 9000
diff --git a/dev/scripts/test/t.inbound.attachment.1.sh b/dev/scripts/test/t.inbound.attachment.1.sh
index 1e83033b..11b82d20 100755
--- a/dev/scripts/test/t.inbound.attachment.1.sh
+++ b/dev/scripts/test/t.inbound.attachment.1.sh
@@ -12,7 +12,7 @@ tput setaf 6; echo "Inbound Attachmented Message 1:"; tput sgr0
 nc localhost 7000 <<EOF
 EHLO bubba
 MAIL FROM: <bubba@example.com>
-RCPT TO: <ladar@lavabit.com>
+RCPT TO: <magma@lavabit.com>
 DATA
 Return-Path: <fudd-return-4287-ladar=lavabit.com@stranded.org>
 Received: from mail.stranded.org (stranded.org [209.59.192.220])
@@ -43,9 +43,9 @@ Content-Type: text/plain; charset=ISO-8859-1
 Awesomeness...
 
 --001517511b480725f6049b3c2eda
-Content-Type: image/jpeg; 
+Content-Type: image/jpeg;
 	name="165385_10150133725564402_646419401_8016034_14112_n.jpg"
-Content-Disposition: attachment; 
+Content-Disposition: attachment;
 	filename="165385_10150133725564402_646419401_8016034_14112_n.jpg"
 Content-Transfer-Encoding: base64
 X-Attachment-Id: f_gjn3u6450
@@ -669,4 +669,4 @@ BqS8thKVrcWVYKiN21CBt5JKfxH1BxzTpYsTLT4ZmuSHfBcU0kq2pCx+EHy//wCs1lZRt/YUf//Z
 --001517511b480725f6049b3c2eda--
 .
 QUIT
-EOF
-\ No newline at end of file
+EOF
diff --git a/dev/scripts/test/t.inbound.attachment.2.sh b/dev/scripts/test/t.inbound.attachment.2.sh
index 285f6ad5..e489a5da 100755
--- a/dev/scripts/test/t.inbound.attachment.2.sh
+++ b/dev/scripts/test/t.inbound.attachment.2.sh
@@ -13,7 +13,7 @@ tput setaf 6; echo "Inbound Attachmented Message 2:"; tput sgr0
 nc localhost 7000 <<EOF
 EHLO bubba
 MAIL FROM: <bubba@example.com>
-RCPT TO: <ladar@lavabit.com>
+RCPT TO: <magma@lavabit.com>
 DATA
 Return-Path: <fudd-return-4141-ladar=lavabit.com@stranded.org>
 Received: from mail.stranded.org (stranded.org [209.59.192.220])
@@ -49,7 +49,7 @@ Content-Type: text/plain; charset=ISO-8859-1
 $30 a month for this speed!
 
 
--- 
+--
 *Scott Schlee*
 New Media Director
 Maxim Designs
@@ -689,4 +689,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//2Q==
 --001636c5b26f6abed1048f70f632--
 .
 QUIT
-EOF
-\ No newline at end of file
+EOF
diff --git a/dev/scripts/test/t.inbound.sh b/dev/scripts/test/t.inbound.sh
index ada77faa..74b6ff1b 100755
--- a/dev/scripts/test/t.inbound.sh
+++ b/dev/scripts/test/t.inbound.sh
@@ -12,7 +12,16 @@ tput setaf 6; echo "Inbound SMTP request:"; tput sgr0
 printf "EHLO localhost\r\nMAIL FROM: <magma@lavabit.com>\r\n"\
 "RCPT TO: <magma@lavabit.com>\r\nDATA\r\nTo: magma@lavabit.com\r\nFrom: magma@lavabit.com\r\nSubject: Test @ $DATE\r\n\r\n"\
 "Hello world!\r\nTesting outbound at $DATE\r\n\r\n.\r\nQUIT\r\n" | nc localhost 7000
+
+echo ""
+tput setaf 6; echo "Inbound STARTTLS SMTP request:"; tput sgr0
+printf "EHLO localhost\nMAIL FROM: <magma@lavabit.com>\n"\
+"RCPT TO: <magma@lavabit.com>\nDATA\nTo: magma@lavabit.com\nFrom: magma@lavabit.com\nSubject: Test @ $DATE\n\n"\
+"Hello world!\nTesting outbound at $DATE\n\n.\nQUIT\n" | openssl s_client -quiet -starttls smtp -crlf -connect localhost:7000
+
+echo ""
+tput setaf 6; echo "Inbound SMTP over TLS request:"; tput sgr0
+printf "EHLO localhost\nMAIL FROM: <magma@lavabit.com>\n"\
+"RCPT TO: <magma@lavabit.com>\nDATA\nTo: magma@lavabit.com\nFrom: magma@lavabit.com\nSubject: Test @ $DATE\n\n"\
+"Hello world!\nTesting outbound at $DATE\n\n.\nQUIT\n" | openssl s_client -quiet -crlf -connect localhost:7500
 echo ""
-printf "EHLO localhost\r\nMAIL FROM: <ladar@lavabit.com>\r\n"\
-"RCPT TO: <ladar@lavabit.com>\r\nDATA\r\nTo: ladar@lavabit.com\r\nFrom: ladar@lavabit.com\r\nSubject: Test @ $DATE\r\n\r\n"\
-"Hello world!\r\nTesting outbound at $DATE\r\n\r\n.\r\nQUIT\r\n" | nc localhost 7000
-\ No newline at end of file
diff --git a/dev/scripts/test/t.outbound.sh b/dev/scripts/test/t.outbound.sh
index 4fcbc024..f49fd141 100755
--- a/dev/scripts/test/t.outbound.sh
+++ b/dev/scripts/test/t.outbound.sh
@@ -10,7 +10,7 @@ DATE=`date`
 echo ""
 tput setaf 6; echo "Outbound SMTP request:"; tput sgr0
 echo ""
-printf "EHLO localhost\r\nAUTH PLAIN AGxhZGFyQGxhdmFiaXQuY29tAHRlc3Q=\r\nMAIL FROM: <ladar@lavabit.com>\r\n"\
-"RCPT TO: <ladar@lavabit.com>\r\nDATA\r\nTo: ladar@lavabit.com\r\nFrom: ladar@lavabit.com\r\nSubject: Test @ $DATE\r\n\r\n"\
+printf "EHLO localhost\r\nAUTH PLAIN bWFnbWEAbWFnbWEAcGFzc3dvcmQ=\r\nMAIL FROM: <magma@lavabit.com>\r\n"\
+"RCPT TO: <ladar@lavabit.com>\r\nDATA\r\nTo: ladar@lavabit.com\r\nFrom: magma@lavabit.com\r\nSubject: Test @ $DATE\r\n\r\n"\
 "Hello world!\r\nTesting outbound at $DATE\r\n\r\n.\r\nQUIT\r\n" | nc localhost 7000
 
diff --git a/dev/scripts/test/t.pop.sh b/dev/scripts/test/t.pop.sh
index 988e2cc4..4060f4e3 100755
--- a/dev/scripts/test/t.pop.sh
+++ b/dev/scripts/test/t.pop.sh
@@ -6,6 +6,12 @@
 # Description: Used for testing the POP protocol handler.
 
 echo ""
-tput setaf 6; echo "POP session:"; tput sgr0
+tput setaf 6; echo "POP session [Should Fail]:"; tput sgr0
 echo ""
-printf "USER ladar\r\nPASS test\r\nSTAT\r\nRETR 1\r\nQUIT\r\n" | nc localhost 8000
+printf "USER magma\r\nPASS password\r\nQUIT\r\n" | nc localhost 8000 | grep -E "^\+|^\-"
+echo ""
+tput setaf 6; echo "Secure POP session [Should Work]:"; tput sgr0
+echo ""
+printf "USER magma\r\nPASS password\r\nSTAT\r\RETR 1\r\nQUIT\r\n" | openssl s_client -quiet -connect localhost:8500 -quiet 2>&1 | grep -E "^\+|^\-"
+
+
diff --git a/res/sql/Data.sql b/res/sql/Data.sql
index e155f9db..c1e8a234 100644
--- a/res/sql/Data.sql
+++ b/res/sql/Data.sql
@@ -219,5 +219,5 @@ INSERT INTO `Profile` VALUES (1,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NUL
 -- ORDER BY:  `usernum`
 
 /*!40000 ALTER TABLE `Users` DISABLE KEYS */;
-INSERT INTO `Users` VALUES (1,'magma',NULL, NULL,0,'2e11d362d66c4b5be60341ce5f3302b676b39d1181132c9f00524bb92ef8981bef3a828958742d5eb7e4bcf8e84a2bf432a1e5c1deeaf4cf2b46a1d082182ff1',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(2,'princess', NULL, NULL,0,'3bf5c8a4750b86535fc4ee0944723ec80ce342a31d019f8d850b2b69b85ff9edb537e573ff276e297f6ab4eec9bdfc54ce4a7e1adf3c0fcbbbdc21525493df48',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(3,'ladar', NULL, NULL,0,'46c3c0f5c777aacbdb0c25b14d6889b98efa62fa0ae551ec067d7aa126392805e3e3a2ce07d36df7e715e24f35c88105fff5a9eebff0532f990644cf07a4751f',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(4,'stacie','5e3230d89ad63d4b89e2d95847ee7c4ccc7ba55b29c6b4f1ad9f8b0d90da6adc88e71b603dbbf6f8869144097b9b0196b8c10a44ef9be7333f44e8ec9fe382355747282a7c24b107eedd23cce47190314331d7a61e71d6c5fc2415c30bf0205a997e3a59e6346a41874fdc52f41f0ead9bb0d65606020fdf1a65a372b5ad241e','f29f9d4a2701fec4976acc069994ffcb29427d7031e1dadc8c0842db65fd15a4600f817669650954c54e6270238158350710fee0fbba82d119e8187c7eb2d534',0,NULL,0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00');
+INSERT INTO `Users` VALUES (1,'magma',NULL, NULL,0,'42a7ead6550ee52360222a0e8783645216c3bb4ade95ab531be13cd3060dcdd085fb534e424e067bc4edfe27a87277daaad6428fee737b3adc3c55608fb23ea5',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(2,'princess', NULL, NULL,0,'3a5799cbc019beebd5e779a62343a76ff949c829b792ebe2c2fae406eda57268ce200db1ada838936b0ac6804115d60e83e88189705bd3f52f1723f29ce9cfa1',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(3,'ladar', NULL, NULL,0,'eb5ff977cd0ef6487677b4961995088d3a86caa2e6710829a28047017406e493b6839fbdf69d2e4ee290fee1181ba1a4c105afe7c507e91e5773d71d0461adba',0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00'),(4,'stacie','MOgx1F13HmoSGt05L2AvYwjWVqS_NmEU1b6eaWE9EOb819su6Z2qUvxdsQyx1CCL_xlCYhh2OJhaoxN0UlUIjvZ-yz08TBaWZ7Z0B3ZNrBtTs3OOio4K7pMkDLpXxCjjS2eboU7nNxn1sdrgKLICOZSWtPIDJmAAIyr9GOPF-x4','MAtbJr6lIPOmrYuQMQaPzDq8mNRN8qp9MefYk8vyxnL3DrsuzFeSMhGL5Ew4tDTYA1hNzqroJaoGB8jWpUKAwA',0,NULL,0,'BASIC',0,0,NULL,1,1,0,0,134217728,0,'0000-00-00','0000-00-00');
 /*!40000 ALTER TABLE `Users` ENABLE KEYS */;
diff --git a/sandbox/etc/magma.sandbox.config b/sandbox/etc/magma.sandbox.config
index e872d7da..825d1161 100755
--- a/sandbox/etc/magma.sandbox.config
+++ b/sandbox/etc/magma.sandbox.config
@@ -55,7 +55,7 @@ magma.iface.virus.signatures = sandbox/virus/
 magma.iface.virus.available = false
 
 magma.library.file = ./magmad.so
-magma.library.unload = false
+magma.library.unload = true
 
 magma.spool = sandbox/spool/
 magma.output.path = sandbox/logs/
diff --git a/src/servers/smtp/smtp.c b/src/servers/smtp/smtp.c
index 10839ede..2e1bd3c2 100644
--- a/src/servers/smtp/smtp.c
+++ b/src/servers/smtp/smtp.c
@@ -380,7 +380,7 @@ void smtp_auth_login(connection_t *con) {
 	}
 
 	// Validate that an argument was extracted using the above logic.
-	if (!argument || !(username =	base64_decode(argument, NULL)) || st_empty(username)) {
+	if (!argument || !(username = base64_decode(argument, NULL)) || st_empty(username)) {
 		con_write_bl(con, "501 INVALID AUTH SYNTAX\r\n", 25);
 		st_cleanup(argument, username);
 		return;
@@ -405,7 +405,7 @@ void smtp_auth_login(connection_t *con) {
 	argument = NULL;
 
 	// Create the authentication context.
-	if ((state = auth_login(&username, &password, &auth)) || !auth) {
+	if ((state = auth_login(username, password, &auth)) || !auth) {
 		if (state < 0) {
 			con_write_bl(con, "423 INTERNAL SERVER ERROR - PLEASE TRY AGAIN LATER\r\n", 52);
 		}
@@ -420,7 +420,7 @@ void smtp_auth_login(connection_t *con) {
 	st_cleanup(username, password);
 
 	// Authorize the user, and securely delete the keys.
-	if ((state = smtp_fetch_authorization(auth->username, auth->tokens.verification, &outbound)) < 0) {
+	if ((state = smtp_fetch_authorization(auth->username, auth->tokens.verification, &outbound)) <= 0) {
 		if (state == -4) {
 			con_write_bl(con, "535 AUTHENTICATION FAILURE - THIS ACCOUNT HAS BEEN LOCKED AT THE REQUEST OF THE USER\r\n", 86);
 		}