u_int16_t getrandom16() { u_int16_t val; val = getrandom8(rs) << 8; val |= getrandom8(rs); return val; }
/** * Get the random numbers 32 byte deep * @return char */ uint32_t getrandom32() { uint32_t val = getrandom8() << 24; val |= getrandom8() << 16; val |= getrandom8() << 8; val |= getrandom8(); return val; }
u_int32_t getrandom32() { u_int32_t val; val = getrandom8(rs) << 24; val |= getrandom8(rs) << 16; val |= getrandom8(rs) << 8; val |= getrandom8(rs); return val; }
static char *mkpass_ripemd160(char *para) { static char buf[128]; char result1[20+REALSALTLEN]; char result2[20]; char saltstr[REALSALTLEN]; /* b64 encoded printable string*/ char saltraw[RAWSALTLEN]; /* raw binary */ char xresult[64]; RIPEMD160_CTX hash; int i; if (!para) return NULL; /* generate a random salt... */ for (i=0; i < RAWSALTLEN; i++) saltraw[i] = getrandom8(); i = b64_encode(saltraw, RAWSALTLEN, saltstr, REALSALTLEN); if (!i) return NULL; /* b64(RIPEMD160(RIPEMD160(<pass>)+salt)) * ^^^^^^^^^^^ * step 1 * ^^^^^^^^^^^^^^^^^^^^^ * step 2 * ^^^^^^^^^^^^^^^^^^^^^^^^^^ * step 3 */ /* STEP 1 */ RIPEMD160_Init(&hash); RIPEMD160_Update(&hash, para, strlen(para)); RIPEMD160_Final(result1, &hash); /* STEP 2 */ /* add salt to result */ memcpy(result1+20, saltraw, RAWSALTLEN); /* Then hash it all together */ RIPEMD160_Init(&hash); RIPEMD160_Update(&hash, result1, RAWSALTLEN+20); RIPEMD160_Final(result2, &hash); /* STEP 3 */ /* Then base64 encode it all together.. */ i = b64_encode(result2, sizeof(result2), xresult, sizeof(xresult)); if (!i) return NULL; /* Good.. now create the whole string: * $<saltb64d>$<totalhashb64d> */ ircsprintf(buf, "$%s$%s", saltstr, xresult); return buf; }
static char *mkpass_md5(char *para) { static char buf[128]; char result1[16+REALSALTLEN]; char result2[16]; char saltstr[REALSALTLEN]; /* b64 encoded printable string*/ char saltraw[RAWSALTLEN]; /* raw binary */ char xresult[64]; int i; if (!para) return NULL; /* generate a random salt... */ for (i=0; i < RAWSALTLEN; i++) saltraw[i] = getrandom8(); i = b64_encode(saltraw, RAWSALTLEN, saltstr, REALSALTLEN); if (!i) return NULL; /* b64(MD5(MD5(<pass>)+salt)) * ^^^^^^^^^^^ * step 1 * ^^^^^^^^^^^^^^^^^^^^^ * step 2 * ^^^^^^^^^^^^^^^^^^^^^^^^^^ * step 3 */ /* STEP 1 */ DoMD5(result1, para, strlen(para)); /* STEP 2 */ /* add salt to result */ memcpy(result1+16, saltraw, RAWSALTLEN); /* Then hash it all together */ DoMD5(result2, result1, RAWSALTLEN+16); /* STEP 3 */ /* Then base64 encode it all together.. */ i = b64_encode(result2, sizeof(result2), xresult, sizeof(xresult)); if (!i) return NULL; /* Good.. now create the whole string: * $<saltb64d>$<totalhashb64d> */ ircsprintf(buf, "$%s$%s", saltstr, xresult); return buf; }
char *Auth_Make(short type, char *para) { #ifdef AUTHENABLE_UNIXCRYPT char salt[3]; extern char *crypt(); #endif switch (type) { case AUTHTYPE_PLAINTEXT: return (para); break; #ifdef AUTHENABLE_UNIXCRYPT case AUTHTYPE_UNIXCRYPT: if (!para) return NULL; /* If our data is like 1 or none, we just let em through .. */ if (!(para[0] && para[1])) return NULL; sprintf(salt, "%02X", (unsigned int)getrandom8()); return(crypt(para, salt)); break; #endif case AUTHTYPE_MD5: return mkpass_md5(para); #ifdef AUTHENABLE_SHA1 case AUTHTYPE_SHA1: return mkpass_sha1(para); #endif #ifdef AUTHENABLE_RIPEMD160 case AUTHTYPE_RIPEMD160: return mkpass_ripemd160(para); #endif default: return (NULL); } }
/** * Get the random numbers 16 byte deep * @return char */ uint16_t getrandom16() { uint16_t val = getrandom8() << 8; val |= getrandom8(); return val; }
static char *mkpass_sha1(char *para) { static char buf[128]; char result1[20+REALSALTLEN]; char result2[20]; char saltstr[REALSALTLEN]; /* b64 encoded printable string*/ char saltraw[RAWSALTLEN]; /* raw binary */ char xresult[64]; #ifndef _WIN32 SHA_CTX hash; #else HCRYPTPROV hProv; HCRYPTHASH hHash; DWORD size = 20; #endif int i; if (!para) return NULL; /* generate a random salt... */ for (i=0; i < RAWSALTLEN; i++) saltraw[i] = getrandom8(); i = b64_encode(saltraw, RAWSALTLEN, saltstr, REALSALTLEN); if (!i) return NULL; #ifdef _WIN32 if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) return NULL; #endif /* b64(SHA1(SHA1(<pass>)+salt)) * ^^^^^^^^^^^ * step 1 * ^^^^^^^^^^^^^^^^^^^^^ * step 2 * ^^^^^^^^^^^^^^^^^^^^^^^^^^ * step 3 */ /* STEP 1 */ #ifndef _WIN32 SHA1_Init(&hash); SHA1_Update(&hash, para, strlen(para)); SHA1_Final(result1, &hash); #else if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) return NULL; if (!CryptHashData(hHash, para, strlen(para), 0)) return NULL; if (!CryptGetHashParam(hHash, HP_HASHVAL, result1, &size, 0)) return NULL; CryptDestroyHash(hHash); #endif /* STEP 2 */ /* add salt to result */ memcpy(result1+20, saltraw, RAWSALTLEN); /* Then hash it all together */ #ifndef _WIN32 SHA1_Init(&hash); SHA1_Update(&hash, result1, RAWSALTLEN+20); SHA1_Final(result2, &hash); #else if (!CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) return NULL; if (!CryptHashData(hHash, result1, RAWSALTLEN+20, 0)) return NULL; if (!CryptGetHashParam(hHash, HP_HASHVAL, result2, &size, 0)) return NULL; CryptDestroyHash(hHash); CryptReleaseContext(hProv, 0); #endif /* STEP 3 */ /* Then base64 encode it all together.. */ i = b64_encode(result2, sizeof(result2), xresult, sizeof(xresult)); if (!i) return NULL; /* Good.. now create the whole string: * $<saltb64d>$<totalhashb64d> */ ircsprintf(buf, "$%s$%s", saltstr, xresult); return buf; }
int crashreport_send(char *fname) { char buf[1024]; char header[512], footer[512]; char delimiter[41]; int filesize; int n; FILE *fd; SSL_CTX *ctx_client; BIO *socket = NULL; filesize = getfilesize(fname); if (filesize < 0) return 0; for (n = 0; n < sizeof(delimiter); n++) delimiter[n] = getrandom8()%26 + 'a'; delimiter[sizeof(delimiter)-1] = '\0'; snprintf(header, sizeof(header), "--%s\r\n" "Content-Disposition: form-data; name=\"upload\"; filename=\"crash.txt\"\r\n" "Content-Type: text/plain\r\n" "\r\n", delimiter); snprintf(footer, sizeof(footer), "\r\n--%s--\r\n", delimiter); ctx_client = crashreport_init_ssl(); if (!ctx_client) { printf("ERROR: SSL initalization failure (I)\n"); return 0; } socket = BIO_new_ssl_connect(ctx_client); if (!socket) { printf("ERROR: SSL initalization failure (II)\n"); return 0; } BIO_set_conn_hostname(socket, CRASH_REPORT_HOST ":443"); if (BIO_do_connect(socket) != 1) { printf("ERROR: Could not connect to %s\n", CRASH_REPORT_HOST); return 0; } if (BIO_do_handshake(socket) != 1) { printf("ERROR: Could not connect to %s (SSL handshake failed)\n", CRASH_REPORT_HOST); return 0; } snprintf(buf, sizeof(buf), "POST /crash.php HTTP/1.1\r\n" "User-Agent: UnrealIRCd %s\r\n" "Host: %s\r\n" "Accept: */*\r\n" "Content-Length: %d\r\n" "Expect: 100-continue\r\n" "Content-Type: multipart/form-data; boundary=%s\r\n" "\r\n", VERSIONONLY, CRASH_REPORT_HOST, (int)(filesize+strlen(header)+strlen(footer)), delimiter); BIO_puts(socket, buf); memset(buf, 0, sizeof(buf)); n = BIO_read(socket, buf, 255); if ((n < 0) || strncmp(buf, "HTTP/1.1 100", 12)) { printf("Error transmitting bug report (stage II, n=%d)\n", n); return 0; } fd = fopen(fname, "rb"); if (!fd) return 0; BIO_puts(socket, header); while ((fgets(buf, sizeof(buf), fd))) { BIO_puts(socket, buf); } fclose(fd); BIO_puts(socket, footer); do { } while(BIO_should_retry(socket)); /* make sure we are really finished (you never know with SSL) */ BIO_free_all(socket); SSL_CTX_free(ctx_client); return 1; }