Ejemplo n.º 1
0
static int crypt_main( int argc, char *argv[] )
{
	int pass_len;
	unsigned char *pass_cr, *pass_cl;
	
	if( argc < 4 || ( strcmp( argv[2], "hash" ) != 0 &&
	                  strcmp( argv[2], "unhash" ) != 0 && argc < 5 ) )
	{
		printf( "Supported:\n"
		        "  %s -x enc <key> <cleartext password>\n"
		        "  %s -x dec <key> <encrypted password>\n"
		        "  %s -x hash <cleartext password>\n"
		        "  %s -x unhash <hashed password>\n"
		        "  %s -x chkhash <hashed password> <cleartext password>\n",
		        argv[0], argv[0], argv[0], argv[0], argv[0] );
	}
	else if( strcmp( argv[2], "enc" ) == 0 )
	{
		pass_len = arc_encode( argv[4], strlen( argv[4] ), (unsigned char**) &pass_cr, argv[3], 12 );
		printf( "%s\n", base64_encode( pass_cr, pass_len ) );
	}
	else if( strcmp( argv[2], "dec" ) == 0 )
	{
		pass_len = base64_decode( argv[4], (unsigned char**) &pass_cr );
		arc_decode( pass_cr, pass_len, (char**) &pass_cl, argv[3] );
		printf( "%s\n", pass_cl );
	}
	else if( strcmp( argv[2], "hash" ) == 0 )
	{
		md5_byte_t pass_md5[21];
		md5_state_t md5_state;
		
		random_bytes( pass_md5 + 16, 5 );
		md5_init( &md5_state );
		md5_append( &md5_state, (md5_byte_t*) argv[3], strlen( argv[3] ) );
		md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
		md5_finish( &md5_state, pass_md5 );
		
		printf( "%s\n", base64_encode( pass_md5, 21 ) );
	}
	else if( strcmp( argv[2], "unhash" ) == 0 )
	{
		printf( "Hash %s submitted to a massive Beowulf cluster of\n"
		        "overclocked 486s. Expect your answer next year somewhere around this time. :-)\n", argv[3] );
	}
	else if( strcmp( argv[2], "chkhash" ) == 0 )
	{
		char *hash = strncmp( argv[3], "md5:", 4 ) == 0 ? argv[3] + 4 : argv[3];
		int st = md5_verify_password( argv[4], hash );
		
		printf( "Hash %s given password.\n", st == 0 ? "matches" : "does not match" );
		
		return st;
	}
	
	return 0;
}
Ejemplo n.º 2
0
static storage_status_t xml_save( irc_t *irc, int overwrite )
{
	char path[512], *path2, *pass_buf = NULL;
	set_t *set;
	account_t *acc;
	int fd;
	md5_byte_t pass_md5[21];
	md5_state_t md5_state;
	GSList *l;
	
	path2 = g_strdup( irc->user->nick );
	nick_lc( path2 );
	g_snprintf( path, sizeof( path ) - 2, "%s%s%s", global.conf->configdir, path2, ".xml" );
	g_free( path2 );
	
	if( !overwrite && g_access( path, F_OK ) == 0 )
		return STORAGE_ALREADY_EXISTS;
	
	strcat( path, ".XXXXXX" );
	if( ( fd = mkstemp( path ) ) < 0 )
	{
		irc_rootmsg( irc, "Error while opening configuration file." );
		return STORAGE_OTHER_ERROR;
	}
	
	/* Generate a salted md5sum of the password. Use 5 bytes for the salt
	   (to prevent dictionary lookups of passwords) to end up with a 21-
	   byte password hash, more convenient for base64 encoding. */
	random_bytes( pass_md5 + 16, 5 );
	md5_init( &md5_state );
	md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) );
	md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
	md5_finish( &md5_state, pass_md5 );
	/* Save the hash in base64-encoded form. */
	pass_buf = base64_encode( pass_md5, 21 );
	
	if( !xml_printf( fd, 0, "<user nick=\"%s\" password=\"%s\" version=\"%d\">\n", irc->user->nick, pass_buf, XML_FORMAT_VERSION ) )
		goto write_error;
	
	g_free( pass_buf );
	
	for( set = irc->b->set; set; set = set->next )
		if( set->value && !( set->flags & SET_NOSAVE ) )
			if( !xml_printf( fd, 1, "<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
				goto write_error;
	
	for( acc = irc->b->accounts; acc; acc = acc->next )
	{
		unsigned char *pass_cr;
		char *pass_b64;
		int pass_len;
		
		pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 );
		pass_b64 = base64_encode( pass_cr, pass_len );
		g_free( pass_cr );
		
		if( !xml_printf( fd, 1, "<account protocol=\"%s\" handle=\"%s\" password=\"%s\" "
		                        "autoconnect=\"%d\" tag=\"%s\"", acc->prpl->name, acc->user,
		                        pass_b64, acc->auto_connect, acc->tag ) )
		{
			g_free( pass_b64 );
			goto write_error;
		}
		g_free( pass_b64 );
		
		if( acc->server && acc->server[0] && !xml_printf( fd, 0, " server=\"%s\"", acc->server ) )
			goto write_error;
		if( !xml_printf( fd, 0, ">\n" ) )
			goto write_error;
		
		for( set = acc->set; set; set = set->next )
			if( set->value && !( set->flags & ACC_SET_NOSAVE ) )
				if( !xml_printf( fd, 2, "<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
					goto write_error;
		
		/* This probably looks pretty strange. g_hash_table_foreach
		   is quite a PITA already (but it can't get much better in
		   C without using #define, I'm afraid), and since it
		   doesn't seem to be possible to abort the foreach on write
		   errors, so instead let's use the _find function and
		   return TRUE on write errors. Which means, if we found
		   something, there was an error. :-) */
		if( g_hash_table_find( acc->nicks, xml_save_nick, & fd ) )
			goto write_error;
		
		if( !xml_printf( fd, 1, "</account>\n" ) )
			goto write_error;
	}
	
	for( l = irc->channels; l; l = l->next )
	{
		irc_channel_t *ic = l->data;
		
		if( ic->flags & IRC_CHANNEL_TEMP )
			continue;
		
		if( !xml_printf( fd, 1, "<channel name=\"%s\" type=\"%s\">\n",
		                 ic->name, set_getstr( &ic->set, "type" ) ) )
			goto write_error;
		
		for( set = ic->set; set; set = set->next )
			if( set->value && strcmp( set->key, "type" ) != 0 )
				if( !xml_printf( fd, 2, "<setting name=\"%s\">%s</setting>\n", set->key, set->value ) )
					goto write_error;
		
		if( !xml_printf( fd, 1, "</channel>\n" ) )
			goto write_error;
	}
	
	if( !xml_printf( fd, 0, "</user>\n" ) )
		goto write_error;
	
	fsync( fd );
	close( fd );
	
	path2 = g_strndup( path, strlen( path ) - 7 );
	if( rename( path, path2 ) != 0 )
	{
		irc_rootmsg( irc, "Error while renaming temporary configuration file." );
		
		g_free( path2 );
		unlink( path );
		
		return STORAGE_OTHER_ERROR;
	}
	
	g_free( path2 );
	
	return STORAGE_OK;

write_error:
	g_free( pass_buf );
	
	irc_rootmsg( irc, "Write error. Disk full?" );
	close( fd );
	
	return STORAGE_OTHER_ERROR;
}
Ejemplo n.º 3
0
struct xt_node *xml_generate( irc_t *irc )
{
	char *pass_buf = NULL;
	account_t *acc;
	md5_byte_t pass_md5[21];
	md5_state_t md5_state;
	GSList *l;
	struct xt_node *root, *cur;
	
	/* Generate a salted md5sum of the password. Use 5 bytes for the salt
	   (to prevent dictionary lookups of passwords) to end up with a 21-
	   byte password hash, more convenient for base64 encoding. */
	random_bytes( pass_md5 + 16, 5 );
	md5_init( &md5_state );
	md5_append( &md5_state, (md5_byte_t*) irc->password, strlen( irc->password ) );
	md5_append( &md5_state, pass_md5 + 16, 5 ); /* Add the salt. */
	md5_finish( &md5_state, pass_md5 );
	/* Save the hash in base64-encoded form. */
	pass_buf = base64_encode( pass_md5, 21 );
	
	root = cur = xt_new_node( "user", NULL, NULL );
	xt_add_attr( cur, "nick", irc->user->nick );
	xt_add_attr( cur, "password", pass_buf );
	xt_add_attr( cur, "version", XML_FORMAT_VERSION );
	
	g_free( pass_buf );
	
	xml_generate_settings( cur, &irc->b->set );
	
	for( acc = irc->b->accounts; acc; acc = acc->next )
	{
		unsigned char *pass_cr;
		char *pass_b64;
		int pass_len;
		
		pass_len = arc_encode( acc->pass, strlen( acc->pass ), (unsigned char**) &pass_cr, irc->password, 12 );
		pass_b64 = base64_encode( pass_cr, pass_len );
		g_free( pass_cr );
		
		cur = xt_new_node( "account", NULL, NULL );
		xt_add_attr( cur, "protocol", acc->prpl->name );
		xt_add_attr( cur, "handle", acc->user );
		xt_add_attr( cur, "password", pass_b64 );
		xt_add_attr( cur, "autoconnect", acc->auto_connect ? "true" : "false" );
		xt_add_attr( cur, "tag", acc->tag );
		if( acc->server && acc->server[0] )
			xt_add_attr( cur, "server", acc->server );
		
		g_free( pass_b64 );
		
		/* This probably looks pretty strange. g_hash_table_foreach
		   is quite a PITA already (but it can't get much better in
		   C without using #define, I'm afraid), and it
		   doesn't seem to be possible to abort the foreach on write
		   errors, so instead let's use the _find function and
		   return TRUE on write errors. Which means, if we found
		   something, there was an error. :-) */
		g_hash_table_find( acc->nicks, xml_generate_nick, cur );
		
		xml_generate_settings( cur, &acc->set );
		
		xt_add_child( root, cur );
	}
	
	for( l = irc->channels; l; l = l->next )
	{
		irc_channel_t *ic = l->data;
		
		if( ic->flags & IRC_CHANNEL_TEMP )
			continue;
		
		cur = xt_new_node( "channel", NULL, NULL );
		xt_add_attr( cur, "name", ic->name );
		xt_add_attr( cur, "type", set_getstr( &ic->set, "type" ) );
		
		xml_generate_settings( cur, &ic->set );
		
		xt_add_child( root, cur );
	}
	
	return root;
}
Ejemplo n.º 4
0
struct xt_node *xml_generate(irc_t *irc)
{
	char *pass_buf = NULL;
	account_t *acc;
	md5_byte_t pass_md5[21];
	md5_state_t md5_state;
	GSList *l;
	struct xt_node *root, *cur;

	root = cur = xt_new_node("user", NULL, NULL);
	if (irc->auth_backend) {
		xt_add_attr(cur, "auth_backend", irc->auth_backend);
	} else {
		/* Generate a salted md5sum of the password. Use 5 bytes for the salt
		   (to prevent dictionary lookups of passwords) to end up with a 21-
		   byte password hash, more convenient for base64 encoding. */
		random_bytes(pass_md5 + 16, 5);
		md5_init(&md5_state);
		md5_append(&md5_state, (md5_byte_t *) irc->password, strlen(irc->password));
		md5_append(&md5_state, pass_md5 + 16, 5);   /* Add the salt. */
		md5_finish(&md5_state, pass_md5);
		/* Save the hash in base64-encoded form. */
		pass_buf = base64_encode(pass_md5, 21);
		xt_add_attr(cur, "password", pass_buf);
		g_free(pass_buf);
	}

	xt_add_attr(cur, "nick", irc->user->nick);
	xt_add_attr(cur, "version", XML_FORMAT_VERSION);

	xml_generate_settings(cur, &irc->b->set);

	for (acc = irc->b->accounts; acc; acc = acc->next) {
		GHashTableIter iter;
		gpointer key, value;
		unsigned char *pass_cr;
		char *pass_b64;
		int pass_len;

		if(irc->auth_backend) {
			/* If we don't "own" the password, it may change without us
			 * knowing, so we cannot encrypt the data, as we then may not be
			 * able to decrypt it */
			pass_b64 = base64_encode((unsigned char *)acc->pass, strlen(acc->pass));
		} else {
			pass_len = arc_encode(acc->pass, strlen(acc->pass), (unsigned char **) &pass_cr, irc->password, 12);
			pass_b64 = base64_encode(pass_cr, pass_len);
			g_free(pass_cr);
		}

		cur = xt_new_node("account", NULL, NULL);
		xt_add_attr(cur, "protocol", acc->prpl->name);
		xt_add_attr(cur, "handle", acc->user);
		xt_add_attr(cur, "password", pass_b64);
		xt_add_attr(cur, "autoconnect", acc->auto_connect ? "true" : "false");
		xt_add_attr(cur, "tag", acc->tag);
		if (acc->server && acc->server[0]) {
			xt_add_attr(cur, "server", acc->server);
		}
		if (acc->flags & ACC_FLAG_LOCKED) {
			xt_add_attr(cur, "locked", "true");
		}

		g_free(pass_b64);

		g_hash_table_iter_init(&iter, acc->nicks);
		while (g_hash_table_iter_next(&iter, &key, &value)) {
			struct xt_node *node = xt_new_node("buddy", NULL, NULL);
			xt_add_attr(node, "handle", key);
			xt_add_attr(node, "nick", value);
			xt_add_child(cur, node);
		}

		xml_generate_settings(cur, &acc->set);

		xt_add_child(root, cur);
	}

	for (l = irc->channels; l; l = l->next) {
		irc_channel_t *ic = l->data;

		if (ic->flags & IRC_CHANNEL_TEMP) {
			continue;
		}

		cur = xt_new_node("channel", NULL, NULL);
		xt_add_attr(cur, "name", ic->name);
		xt_add_attr(cur, "type", set_getstr(&ic->set, "type"));

		xml_generate_settings(cur, &ic->set);

		xt_add_child(root, cur);
	}

	return root;
}