/* * crypt_verify_password is a frontend to crypt_string(). */ boolean_t crypt_verify_password(char *uinput, char *pass) { char *cstr = crypt_string(uinput, pass); if (!strcmp(cstr, pass)) return TRUE; return FALSE; }
/* * crypt_verify_password is a frontend to crypt_string(). */ bool crypt_verify_password(const char *uinput, const char *pass) { const char *cstr = crypt_string(uinput, pass); if (!strcmp(cstr, pass)) return true; return false; }
void set_password(myuser_t *mu, const char *newpassword) { if (mu == NULL || newpassword == NULL) return; /* if we can, try to crypt it */ if (crypto_module_loaded) { mu->flags |= MU_CRYPTPASS; mowgli_strlcpy(mu->pass, crypt_string(newpassword, gen_salt()), PASSLEN); } else { mu->flags &= ~MU_CRYPTPASS; /* just in case */ mowgli_strlcpy(mu->pass, newpassword, PASSLEN); } }
static void ns_cmd_generatehash(sourceinfo_t *si, int parc, char *parv[]) { char *pass = parv[0]; char hash[PASSLEN]; if (parc < 1) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "GENERATEHASH"); command_fail(si, fault_needmoreparams, _("Syntax: GENERATEHASH <password>")); return; } if (crypto_module_loaded) { mowgli_strlcpy(hash, crypt_string(pass, gen_salt()), PASSLEN); command_success_string(si, hash, "Hash is: %s", hash); } else command_success_nodata(si, "No crypto module loaded so could not hash anything."); logcommand(si, CMDLOG_GET, "GENERATEHASH"); }
static void ns_cmd_sendpass(sourceinfo_t *si, int parc, char *parv[]) { myuser_t *mu; char *name = parv[0]; char *newpass = NULL; char *key; metadata_t *md; enum specialoperation op = op_none; bool ismarked = false; char cmdtext[NICKLEN + 20]; hook_user_needforce_t needforce_hdata; if (!name) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "SENDPASS"); command_fail(si, fault_needmoreparams, _("Syntax: SENDPASS <account>")); return; } if (parc > 1) { if (!strcasecmp(parv[1], "FORCE")) op = op_force; else if (!strcasecmp(parv[1], "CLEAR")) op = op_clear; else { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SENDPASS"); command_fail(si, fault_badparams, _("Syntax: SENDPASS <account> [FORCE|CLEAR]")); return; } } if (!(mu = myuser_find_by_nick(name))) { command_fail(si, fault_nosuch_target, _("\2%s\2 is not registered."), name); return; } if (is_soper(mu) && !has_priv(si, PRIV_ADMIN)) { logcommand(si, CMDLOG_ADMIN, "failed SENDPASS \2%s\2 (is SOPER)", name); command_fail(si, fault_badparams, _("\2%s\2 belongs to a services operator; you need %s privilege to send the password."), name, PRIV_ADMIN); return; } if (mu->flags & MU_WAITAUTH) { command_fail(si, fault_badparams, _("\2%s\2 is not verified."), entity(mu)->name); return; } if ((md = metadata_find(mu, "private:mark:setter"))) { ismarked = true; if (op == op_none) { logcommand(si, CMDLOG_ADMIN, "failed SENDPASS \2%s\2 (marked by \2%s\2)", entity(mu)->name, md->value); command_fail(si, fault_badparams, _("This operation cannot be performed on %s, because the account has been marked by %s."), entity(mu)->name, md->value); if (has_priv(si, PRIV_MARK)) { snprintf(cmdtext, sizeof cmdtext, "SENDPASS %s FORCE", entity(mu)->name); command_fail(si, fault_badparams, _("Use %s to override this restriction."), cmdtext); } return; } else if (!has_priv(si, PRIV_MARK)) { logcommand(si, CMDLOG_ADMIN, "failed SENDPASS \2%s\2 (marked by \2%s\2)", entity(mu)->name, md->value); command_fail(si, fault_noprivs, STR_NO_PRIVILEGE, PRIV_MARK); return; } } needforce_hdata.si = si; needforce_hdata.mu = mu; needforce_hdata.allowed = 1; hook_call_user_needforce(&needforce_hdata); if (!needforce_hdata.allowed) { ismarked = true; if (op == op_none) { logcommand(si, CMDLOG_ADMIN, "failed SENDPASS \2%s\2 (marked)", entity(mu)->name); command_fail(si, fault_badparams, _("This operation cannot be performed on %s, because the account has been marked."), entity(mu)->name); if (has_priv(si, PRIV_MARK)) { snprintf(cmdtext, sizeof cmdtext, "SENDPASS %s FORCE", entity(mu)->name); command_fail(si, fault_badparams, _("Use %s to override this restriction."), cmdtext); } return; } else if (!has_priv(si, PRIV_MARK)) { logcommand(si, CMDLOG_ADMIN, "failed SENDPASS \2%s\2 (marked)", entity(mu)->name); command_fail(si, fault_noprivs, STR_NO_PRIVILEGE, PRIV_MARK); return; } } if (op == op_clear) { if (metadata_find(mu, "private:setpass:key")) { metadata_delete(mu, "private:setpass:key"); metadata_delete(mu, "private:sendpass:sender"); metadata_delete(mu, "private:sendpass:timestamp"); logcommand(si, CMDLOG_ADMIN, "SENDPASS:CLEAR: \2%s\2", entity(mu)->name); command_success_nodata(si, _("The password change key for \2%s\2 has been cleared."), entity(mu)->name); } else command_fail(si, fault_nochange, _("\2%s\2 did not have a password change key outstanding."), entity(mu)->name); return; } if (MOWGLI_LIST_LENGTH(&mu->logins) > 0) { command_fail(si, fault_noprivs, _("This operation cannot be performed on %s, because someone is logged in to it."), entity(mu)->name); return; } if (metadata_find(mu, "private:freeze:freezer")) { command_fail(si, fault_noprivs, _("%s has been frozen by the %s administration."), entity(mu)->name, me.netname); return; } if (command_find(si->service->commands, "SETPASS")) { if (metadata_find(mu, "private:setpass:key")) { command_fail(si, fault_alreadyexists, _("\2%s\2 already has a password change key outstanding."), entity(mu)->name); command_fail(si, fault_alreadyexists, _("Use SENDPASS %s CLEAR to clear it so that a new one can be sent."), entity(mu)->name); return; } if (ismarked) { wallops("%s sent the password for the \2MARKED\2 account %s.", get_oper_name(si), entity(mu)->name); if (md) command_success_nodata(si, _("Overriding MARK placed by %s on the account %s."), md->value, entity(mu)->name); else command_success_nodata(si, _("Overriding MARK on the account %s."), entity(mu)->name); } logcommand(si, CMDLOG_ADMIN, "SENDPASS: \2%s\2 (change key)", name); key = random_string(12); metadata_add(mu, "private:sendpass:sender", get_oper_name(si)); metadata_add(mu, "private:sendpass:timestamp", number_to_string(time(NULL))); if (!sendemail(si->su != NULL ? si->su : si->service->me, mu, EMAIL_SETPASS, mu->email, key)) { command_fail(si, fault_emailfail, _("Email send failed.")); free(key); return; } metadata_add(mu, "private:setpass:key", crypt_string(key, gen_salt())); free(key); command_success_nodata(si, _("The password change key for \2%s\2 has been sent to \2%s\2."), entity(mu)->name, mu->email); } else { if (ismarked) { wallops("%s sent the password for the \2MARKED\2 account %s.", get_oper_name(si), entity(mu)->name); if (md) command_success_nodata(si, _("Overriding MARK placed by %s on the account %s."), md->value, entity(mu)->name); else command_success_nodata(si, _("Overriding MARK on the account %s."), entity(mu)->name); } logcommand(si, CMDLOG_ADMIN, "SENDPASS: \2%s\2", name); newpass = random_string(12); metadata_add(mu, "private:sendpass:sender", get_oper_name(si)); metadata_add(mu, "private:sendpass:timestamp", number_to_string(time(NULL))); if (!sendemail(si->su != NULL ? si->su : si->service->me, mu, EMAIL_SENDPASS, mu->email, newpass)) { command_fail(si, fault_emailfail, _("Email send failed.")); free(newpass); return; } set_password(mu, newpass); free(newpass); command_success_nodata(si, _("The password for \2%s\2 has been sent to \2%s\2."), entity(mu)->name, mu->email); if (mu->flags & MU_NOPASSWORD) { mu->flags &= ~MU_NOPASSWORD; command_success_nodata(si, _("The \2%s\2 flag has been removed for account \2%s\2."), "NOPASSWORD", entity(mu)->name); } } }
int main(int argc, char **argv) { argp_parse(&werror_argp, argc, argv, 0, NULL, NULL); { struct crypto_algorithm *algorithm = &rijndael128_algorithm; struct lsh_string *key = simple_decode_hex("00010203050607080A0B0C0D0F101112") ; struct lsh_string *plain = simple_decode_hex("506812A45F08C889B97F5980038B8359") ; struct lsh_string *cipher = simple_decode_hex("D8F532538289EF7D06B506A4FD5BE9C9") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-128 1 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-128 1 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael128_algorithm; struct lsh_string *key = simple_decode_hex("14151617191A1B1C1E1F202123242526") ; struct lsh_string *plain = simple_decode_hex("5C6D71CA30DE8B8B00549984D2EC7D4B") ; struct lsh_string *cipher = simple_decode_hex("59AB30F4D4EE6E4FF9907EF65B1FB68C") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-128 2 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-128 2 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael128_algorithm; struct lsh_string *key = simple_decode_hex("28292A2B2D2E2F30323334353738393A") ; struct lsh_string *plain = simple_decode_hex("53F3F4C64F8616E4E7C56199F48F21F6") ; struct lsh_string *cipher = simple_decode_hex("BF1ED2FCB2AF3FD41443B56D85025CB1") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-128 3 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-128 3 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } /* Skipped lots of tests */ { struct crypto_algorithm *algorithm = &rijndael128_algorithm; struct lsh_string *key = simple_decode_hex("A0A1A2A3A5A6A7A8AAABACADAFB0B1B2") ; struct lsh_string *plain = simple_decode_hex("F5F4F7F684878689A6A7A0A1D2CDCCCF") ; struct lsh_string *cipher = simple_decode_hex("CE52AF650D088CA559425223F4D32694") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-128 128 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-128 128 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael192_algorithm; struct lsh_string *key = simple_decode_hex("00010203050607080A0B0C0D0F10111214151617191A1B1C") ; struct lsh_string *plain = simple_decode_hex("2D33EEF2C0430A8A9EBF45E809C40BB6") ; struct lsh_string *cipher = simple_decode_hex("DFF4945E0336DF4C1C56BC700EFF837F") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-192 1 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-192 1 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael192_algorithm; struct lsh_string *key = simple_decode_hex("1E1F20212324252628292A2B2D2E2F30323334353738393A") ; struct lsh_string *plain = simple_decode_hex("6AA375D1FA155A61FB72353E0A5A8756") ; struct lsh_string *cipher = simple_decode_hex("B6FDDEF4752765E347D5D2DC196D1252") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-192 2 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-192 2 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael192_algorithm; struct lsh_string *key = simple_decode_hex("3C3D3E3F41424344464748494B4C4D4E5051525355565758") ; struct lsh_string *plain = simple_decode_hex("BC3736518B9490DCB8ED60EB26758ED4") ; struct lsh_string *cipher = simple_decode_hex("D23684E3D963B3AFCF1A114ACA90CBD6") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-192 3 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-192 3 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } /* Skipped lots of tests */ { struct crypto_algorithm *algorithm = &rijndael192_algorithm; struct lsh_string *key = simple_decode_hex("868788898B8C8D8E90919293959697989A9B9C9D9FA0A1A2") ; struct lsh_string *plain = simple_decode_hex("D3D2DDDCAAADACAF9C9D9E9FE8EBEAE5") ; struct lsh_string *cipher = simple_decode_hex("9ADB3D4CCA559BB98C3E2ED73DBF1154") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-192 128 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-192 128 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael256_algorithm; struct lsh_string *key = simple_decode_hex("00010203050607080A0B0C0D0F10111214151617191A1B1C1E1F202123242526") ; struct lsh_string *plain = simple_decode_hex("834EADFCCAC7E1B30664B1ABA44815AB") ; struct lsh_string *cipher = simple_decode_hex("1946DABF6A03A2A2C3D0B05080AED6FC") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-256 1 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-256 1 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael256_algorithm; struct lsh_string *key = simple_decode_hex("28292A2B2D2E2F30323334353738393A3C3D3E3F41424344464748494B4C4D4E") ; struct lsh_string *plain = simple_decode_hex("D9DC4DBA3021B05D67C0518F72B62BF1") ; struct lsh_string *cipher = simple_decode_hex("5ED301D747D3CC715445EBDEC62F2FB4") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-256 2 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-256 2 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } { struct crypto_algorithm *algorithm = &rijndael256_algorithm; struct lsh_string *key = simple_decode_hex("50515253555657585A5B5C5D5F60616264656667696A6B6C6E6F707173747576") ; struct lsh_string *plain = simple_decode_hex("A291D86301A4A739F7392173AA3C604C") ; struct lsh_string *cipher = simple_decode_hex("6585C8F43D13A6BEAB6419FC5935B9D0") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-256 3 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-256 3 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } /* Skipped lots of tests */ { struct crypto_algorithm *algorithm = &rijndael256_algorithm; struct lsh_string *key = simple_decode_hex("50515253555657585A5B5C5D5F60616264656667696A6B6C6E6F707173747576") ; struct lsh_string *plain = simple_decode_hex("050407067477767956575051221D1C1F") ; struct lsh_string *cipher = simple_decode_hex("7444527095838FE080FC2BCDD30847EB") ; struct crypto_instance *c; assert(key->length == algorithm->key_size); assert(!algorithm->iv_size); c = MAKE_ENCRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Encrypting with rijndael-256 128 ... ", stderr); a = crypt_string(c, plain, 0); b = lsh_string_dup(cipher); if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); c = MAKE_DECRYPT(algorithm, key->data, NULL); { struct lsh_string *a, *b; fputs("Decrypting with rijndael-256 128 ... ", stderr); a = crypt_string(c, cipher, 0); b = plain; if (!lsh_string_eq(a, b)) { fputs("failed.\n", stderr);; exit(1); } fputs("ok.\n", stderr); lsh_string_free(a); lsh_string_free(b); } KILL(c); lsh_string_free(key); lsh_string_free(cipher); } return 0; }
static void ns_cmd_sendpass(sourceinfo_t *si, int parc, char *parv[]) { myuser_t *mu; char *name = parv[0]; char *key; enum specialoperation op = op_none; bool ismarked = false; if (!name) { command_fail(si, fault_needmoreparams, STR_INSUFFICIENT_PARAMS, "SENDPASS"); command_fail(si, fault_needmoreparams, _("Syntax: SENDPASS <account>")); return; } if (parc > 1) { if (!has_priv(si, PRIV_USER_SENDPASS)) { command_fail(si, fault_noprivs, _("You are not authorized to perform this operation.")); return; } if (!strcasecmp(parv[1], "FORCE")) op = op_force; else if (!strcasecmp(parv[1], "CLEAR")) op = op_clear; else { command_fail(si, fault_badparams, STR_INVALID_PARAMS, "SENDPASS"); command_fail(si, fault_badparams, _("Syntax: SENDPASS <account> [FORCE|CLEAR]")); return; } } if (!(mu = myuser_find_by_nick(name))) { command_fail(si, fault_nosuch_target, _("\2%s\2 is not registered."), name); return; } if (mu->flags & MU_WAITAUTH) { command_fail(si, fault_badparams, _("\2%s\2 is not verified."), entity(mu)->name); return; } if (metadata_find(mu, "private:mark:setter")) { ismarked = true; /* don't want to disclose this, so just go ahead... */ } if (op == op_clear) { if (metadata_find(mu, "private:setpass:key")) { metadata_delete(mu, "private:setpass:key"); logcommand(si, CMDLOG_ADMIN, "SENDPASS:CLEAR: \2%s\2", entity(mu)->name); command_success_nodata(si, _("The password change key for \2%s\2 has been cleared."), entity(mu)->name); } else command_fail(si, fault_nochange, _("\2%s\2 did not have a password change key outstanding."), entity(mu)->name); return; } if (MOWGLI_LIST_LENGTH(&mu->logins) > 0) { command_fail(si, fault_noprivs, _("This operation cannot be performed on %s, because someone is logged in to it."), entity(mu)->name); return; } if (metadata_find(mu, "private:freeze:freezer")) { command_success_nodata(si, _("%s has been frozen by the %s administration."), entity(mu)->name, me.netname); return; } if (metadata_find(mu, "private:setpass:key")) { command_fail(si, fault_alreadyexists, _("\2%s\2 already has a password change key outstanding."), entity(mu)->name); if (has_priv(si, PRIV_USER_SENDPASS)) command_fail(si, fault_alreadyexists, _("Use SENDPASS %s CLEAR to clear it so that a new one can be sent."), entity(mu)->name); return; } key = random_string(12); if (sendemail(si->su != NULL ? si->su : si->service->me, EMAIL_SETPASS, mu, key)) { metadata_add(mu, "private:setpass:key", crypt_string(key, gen_salt())); logcommand(si, CMDLOG_ADMIN, "SENDPASS: \2%s\2 (change key)", name); command_success_nodata(si, _("The password change key for \2%s\2 has been sent to the corresponding email address."), entity(mu)->name); if (ismarked) wallops("%s sent the password for the \2MARKED\2 account %s.", get_oper_name(si), entity(mu)->name); } else command_fail(si, fault_emailfail, _("Email send failed.")); free(key); }