void sql_verify_passwd(sqlite3_context* context, int argc, sqlite3_value** values) {
char* passwd = (char*)sqlite3_value_text(values[0]);
if (argc != 1 || passwd == 0) {
fprintf(stderr,"SQL function VERIFY_PASSWD called with invalid arguments");
return;
}
sqlite3_result_int(context,verify_passwd(passwd));
}
int main (int argc, char **argv)
{
const char *passwd;
int salt_size, ret;
int optct;
const char* fpasswd, *fpasswd_conf;
const char* username;
#ifndef _WIN32
struct passwd *pwd;
#endif
set_program_name (argv[0]);
if ((ret = gnutls_global_init ()) < 0)
{
fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
exit (1);
}
umask (066);
optct = optionProcess( &srptoolOptions, argc, argv);
argc -= optct;
argv += optct;
gnutls_global_set_log_function (tls_log_func);
gnutls_global_set_log_level (OPT_VALUE_DEBUG);
if (HAVE_OPT(CREATE_CONF))
{
return generate_create_conf (OPT_ARG(CREATE_CONF));
}
if (HAVE_OPT(PASSWD))
fpasswd = OPT_ARG(PASSWD);
else
fpasswd = (char *) KPASSWD;
if (HAVE_OPT(PASSWD_CONF))
fpasswd_conf = OPT_ARG(PASSWD_CONF);
else
fpasswd_conf = (char *) KPASSWD_CONF;
if (HAVE_OPT(USERNAME))
username = OPT_ARG(USERNAME);
else
{
#ifndef _WIN32
pwd = getpwuid (getuid ());
if (pwd == NULL)
{
fprintf (stderr, "No such user\n");
return -1;
}
username = pwd->pw_name;
#else
fprintf (stderr, "Please specify a user\n");
return -1;
#endif
}
salt_size = 16;
passwd = getpass ("Enter password: "******"Please specify a password\n");
return -1;
}
/* not ready yet */
if (HAVE_OPT(VERIFY))
{
return verify_passwd (fpasswd_conf, fpasswd,
username, passwd);
}
return crypt_int (username, passwd, salt_size,
fpasswd_conf, fpasswd, VALUE_OPT_INDEX);
}
int main (int argc, char **argv)
{
gaainfo info;
const char *passwd;
int salt_size, ret;
#ifndef _WIN32
struct passwd *pwd;
#endif
set_program_name (argv[0]);
if ((ret = gnutls_global_init ()) < 0)
{
fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
exit (1);
}
umask (066);
if (gaa (argc, argv, &info) != -1)
{
fprintf (stderr, "Error in the arguments.\n");
return -1;
}
gnutls_global_set_log_function (tls_log_func);
gnutls_global_set_log_level (info.debug);
if (info.create_conf != NULL)
{
return generate_create_conf (info.create_conf);
}
if (info.passwd == NULL)
info.passwd = (char *) KPASSWD;
if (info.passwd_conf == NULL)
info.passwd_conf = (char *) KPASSWD_CONF;
if (info.username == NULL)
{
#ifndef _WIN32
pwd = getpwuid (getuid ());
if (pwd == NULL)
{
fprintf (stderr, "No such user\n");
return -1;
}
info.username = pwd->pw_name;
#else
fprintf (stderr, "Please specify a user\n");
return -1;
#endif
}
salt_size = 16;
passwd = getpass ("Enter password: "******"Please specify a password\n");
return -1;
}
/* not ready yet */
if (info.verify != 0)
{
return verify_passwd (info.passwd_conf, info.passwd,
info.username, passwd);
}
return crypt_int (info.username, passwd, salt_size,
info.passwd_conf, info.passwd, info.index);
}
int import_ascii(sqlite3* db, const char* mode, const char* filename) {
FILE *f = NULL;
sqlite3_stmt *stmt;
char buffer[63+1];
int imported=0;
int ignored=0;
int imode=0;
if (strcasecmp(mode,IMPORT_ESSID) == 0) {
imode = 0;
} else if (strcasecmp(mode,IMPORT_PASSWD) == 0) {
imode = 1;
} else {
printf("Specify either 'essid' or 'passwd' as import mode.\n");
return 0;
}
if (strcmp(filename,"-") == 0) {
f = stdin;
} else {
f = fopen(filename, "r");
}
if (f == NULL) {
printf("Could not open file/stream for reading.\n");
return 0;
}
char* sql = sqlite3_mprintf("INSERT OR IGNORE INTO %q (%q) VALUES (@v);",mode,mode);
sql_prepare(db,sql,&stmt,-1);
sqlite3_free(sql);
sql_exec(db, "BEGIN;");
printf("Reading file...\n");
while (fgets(buffer, sizeof(buffer), f) != 0) {
int i = strlen(buffer);
if (buffer[i-1] == '\n') buffer[--i] = '\0';
if (buffer[i-1] == '\r') buffer[--i] = '\0';
imported++;
if ((imode == 0 && verify_essid(buffer)==0) || (imode == 1 && verify_passwd(buffer)==0)) {
sqlite3_bind_text(stmt,1,buffer, strlen(buffer),SQLITE_TRANSIENT);
if (sql_step(stmt,-1) == SQLITE_DONE) {
sqlite3_reset(stmt);
} else {
printf("Error while inserting record into database.\n");
sql_exec(db, "ROLLBACK;");
sqlite3_finalize(stmt);
fclose(f);
return 1;
}
} else {
ignored++;
}
if (imported % 1000 == 0) {
fprintf(stdout,"%i lines read, %i invalid lines ignored.\r",imported,ignored);
fflush(stdout);
}
}
sqlite3_finalize(stmt);
if (!feof(f)) {
printf("Error while reading file.\n");
sql_exec(db,"ROLLBACK;");
fclose(f);
return 1;
}
fclose(f);
printf("Writing...\n");
sql_exec(db,"COMMIT;");
printf("Done.\n");
return 1;
}
// import a cowpatty file
int import_cowpatty(sqlite3* db, char* filename) {
struct hashdb_head filehead;
struct hashdb_rec rec;
FILE *f = NULL;
int rc;
sqlite3_stmt *stmt;
char* sql;
int essid_id;
int wordlength;
char passwd[63+1];
if (strcmp(filename,"-") == 0) {
f = stdin;
} else {
f = fopen(filename, "r");
}
if (f == NULL || fread(&filehead, sizeof(filehead),1,f) != 1) {
printf("Couldn't open the import file for reading.\n");
return 0;
} else if (filehead.magic != GENPMKMAGIC) {
printf("File doesn't seem to be a cowpatty file.\n");
fclose(f);
return 0;
} else if (verify_essid((char *)filehead.ssid) != 0) {
printf("The file's ESSID is invalid.\n");
fclose(f);
return 0;
}
printf("Reading header...\n");
//We need protection so concurrent transactions can't smash the ID-references
sql_exec(db,"BEGIN;");
sql = sqlite3_mprintf("INSERT OR IGNORE INTO essid (essid) VALUES ('%q');",filehead.ssid);
sql_exec(db,sql);
sqlite3_free(sql);
//since there is only one essid per file, we can determine it's ID now
sql = sqlite3_mprintf("SELECT essid_id FROM essid WHERE essid = '%q'", filehead.ssid);
essid_id = query_int(db,sql);
sqlite3_free(sql);
if (essid_id == 0) {
fclose(f);
sql_exec(db,"ROLLBACK;");
printf("ESSID couldn't be inserted. I've given up.\n");
return 0;
}
sql = sqlite3_mprintf("CREATE TEMPORARY TABLE import (passwd text, pmk blob);", essid_id);
sql_exec(db,sql);
sqlite3_free(sql);
sql_prepare(db,"INSERT INTO import (passwd,pmk) VALUES (@pw,@pmk)",&stmt,-1);
printf("Reading...\n");
while ((rc = fread(&rec.rec_size, sizeof(rec.rec_size), 1, f)) == 1) {
wordlength = abs(rec.rec_size) - (sizeof(rec.pmk) + sizeof(rec.rec_size));
//prevent out of bounds writing (sigsegv guaranteed) but don't skip the whole file if wordlength < 8
if (wordlength > 0 && wordlength < (int) sizeof(passwd)) {
passwd[wordlength] = 0;
rc += fread(passwd, wordlength, 1, f);
if (rc == 2) rc += fread(&rec.pmk, sizeof(rec.pmk), 1, f);
}
if (rc != 3) {
fprintf(stdout,"Error while reading record (%i).\n",rc);
sqlite3_finalize(stmt);
if (db == NULL) {
printf("omg");
fflush(stdout);
}
sql_exec(db, "ROLLBACK;");
fclose(f);
return 1;
}
if (verify_passwd(passwd) == 0) {
sqlite3_bind_text(stmt,1,passwd, strlen(passwd),SQLITE_TRANSIENT);
sqlite3_bind_blob(stmt,2,&rec.pmk, sizeof(rec.pmk),SQLITE_TRANSIENT);
if (sql_step(stmt,-1) == SQLITE_DONE) {
sqlite3_reset(stmt);
} else {
printf("Error while inserting record into database.\n");
sqlite3_finalize(stmt);
sql_exec(db, "ROLLBACK;");
fclose(f);
return 1;
}
} else {
fprintf(stdout,"Invalid password %s will not be imported.\n",passwd);
}
}
sqlite3_finalize(stmt);
if (!feof(f)) {
printf("Error while reading file.\n");
sql_exec(db,"ROLLBACK;");
fclose(f);
return 1;
}
printf("Updating references...\n");
sql_exec(db, "INSERT OR IGNORE INTO passwd (passwd) SELECT passwd FROM import;");
//TODO Give the user a choice to either INSERT OR UPDATE or INSERT OR IGNORE
printf("Writing...\n");
sql = sqlite3_mprintf("INSERT OR IGNORE INTO pmk (essid_id,passwd_id,pmk) SELECT %i,passwd.passwd_id,import.pmk FROM import INNER JOIN passwd ON passwd.passwd = import.passwd;",essid_id);
sql_exec(db,sql);
sqlite3_free(sql);
sql_exec(db,"COMMIT;");
fclose(f);
return 1;
}
int
main (int argc, char **argv)
{
gaainfo info;
const char *passwd;
int salt, ret;
struct passwd *pwd;
if ((ret = gnutls_global_init ()) < 0)
{
fprintf (stderr, "global_init: %s\n", gnutls_strerror (ret));
exit (1);
}
#ifdef HAVE_UMASK
umask (066);
#endif
if (gaa (argc, argv, &info) != -1)
{
fprintf (stderr, "Error in the arguments.\n");
return -1;
}
salt = info.salt;
if (info.create_conf != NULL)
{
return generate_create_conf (info.create_conf);
}
if (info.passwd == NULL)
info.passwd = KPASSWD;
if (info.passwd_conf == NULL)
info.passwd_conf = KPASSWD_CONF;
if (info.username == NULL)
{
#ifndef _WIN32
pwd = getpwuid (getuid ());
if (pwd == NULL)
{
fprintf (stderr, "No such user\n");
return -1;
}
info.username = pwd->pw_name;
#else
fprintf (stderr, "Please specify a user\n");
return -1;
#endif
}
salt = 16;
passwd = getpass ("Enter password: "******"Please specify a password\n");
return -1;
}
/* not ready yet */
if (info.verify != 0)
{
return verify_passwd (info.passwd_conf, info.passwd,
info.username, passwd);
}
return crypt_int (info.username, passwd, salt,
info.passwd_conf, info.passwd, info.index);
}
