]>
Commit | Line | Data |
---|---|---|
212380e3 | 1 | /* |
f924ea40 | 2 | * m_mkpasswd.c: Encrypts a password online. |
212380e3 | 3 | * |
f924ea40 EM |
4 | * Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu) |
5 | * You can use this code in any way as long as these names remain. | |
212380e3 AC |
6 | */ |
7 | ||
212380e3 AC |
8 | #include "stdinc.h" |
9 | #include "client.h" | |
212380e3 | 10 | #include "numeric.h" |
212380e3 | 11 | #include "s_conf.h" |
212380e3 | 12 | #include "modules.h" |
bd0d352f | 13 | #include "messages.h" |
77d3d2db | 14 | #include "send.h" |
212380e3 AC |
15 | |
16 | #include <string.h> | |
17 | ||
eeabf33a EM |
18 | const char mkpasswd_desc[] = "Hash a password for use in ircd.conf"; |
19 | ||
3c7d6fcc | 20 | static void m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, |
212380e3 | 21 | int parc, const char *parv[]); |
3c7d6fcc | 22 | static void mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, |
212380e3 | 23 | int parc, const char *parv[]); |
212380e3 | 24 | |
f924ea40 EM |
25 | static char *make_md5_salt(int); |
26 | static char *make_sha256_salt(int); | |
27 | static char *make_sha512_salt(int); | |
28 | static char *generate_random_salt(char *, int); | |
29 | static char *generate_poor_salt(char *, int); | |
212380e3 | 30 | |
f924ea40 EM |
31 | static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
32 | /* 0 .. 63, ascii - 64 */ | |
212380e3 AC |
33 | |
34 | struct Message mkpasswd_msgtab = { | |
7baa37a9 | 35 | "MKPASSWD", 0, 0, 0, 0, |
212380e3 AC |
36 | {mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}} |
37 | }; | |
38 | ||
39 | mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL }; | |
40 | ||
02369fa7 | 41 | DECLARE_MODULE_AV2(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, NULL, NULL, mkpasswd_desc); |
212380e3 AC |
42 | |
43 | ||
06c3a319 | 44 | /* m_mkpasswd - mkpasswd message handler |
f924ea40 EM |
45 | * parv[1] = password |
46 | * parv[2] = type | |
47 | */ | |
3c7d6fcc | 48 | static void |
760bafda | 49 | m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) |
212380e3 AC |
50 | { |
51 | static time_t last_used = 0; | |
f924ea40 | 52 | char *salt; |
e69375f3 | 53 | const char *crypted; |
f924ea40 EM |
54 | const char *hashtype; |
55 | const char hashdefault[] = "SHA512"; | |
56 | ||
57 | if(EmptyString(parv[1])) | |
58 | { | |
59 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); | |
3c7d6fcc | 60 | return; |
f924ea40 EM |
61 | } |
62 | ||
63 | if(parc < 3) | |
64 | hashtype = hashdefault; | |
65 | else | |
66 | hashtype = parv[2]; | |
212380e3 | 67 | |
954012d3 | 68 | if((last_used + ConfigFileEntry.pace_wait) > rb_current_time()) |
212380e3 AC |
69 | { |
70 | /* safe enough to give this on a local connect only */ | |
3dfaa671 | 71 | sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD"); |
3c7d6fcc | 72 | return; |
212380e3 AC |
73 | } |
74 | else | |
954012d3 | 75 | last_used = rb_current_time(); |
212380e3 | 76 | |
f924ea40 EM |
77 | if(!irccmp(hashtype, "SHA256")) |
78 | salt = make_sha256_salt(16); | |
79 | else if(!irccmp(hashtype, "SHA512")) | |
80 | salt = make_sha512_salt(16); | |
81 | else if(!irccmp(hashtype, "MD5")) | |
82 | salt = make_md5_salt(8); | |
83 | else | |
212380e3 | 84 | { |
f924ea40 EM |
85 | sendto_one_notice(source_p, |
86 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
3c7d6fcc | 87 | return; |
212380e3 AC |
88 | } |
89 | ||
e69375f3 JT |
90 | crypted = rb_crypt(parv[1], salt); |
91 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???"); | |
212380e3 AC |
92 | } |
93 | ||
06c3a319 | 94 | /* mo_mkpasswd - mkpasswd message handler |
f924ea40 EM |
95 | * parv[1] = password |
96 | * parv[2] = type | |
97 | */ | |
3c7d6fcc | 98 | static void |
760bafda | 99 | mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) |
212380e3 | 100 | { |
f924ea40 | 101 | char *salt; |
e69375f3 | 102 | const char *crypted; |
f924ea40 EM |
103 | const char *hashtype; |
104 | const char hashdefault[] = "SHA512"; | |
212380e3 | 105 | |
f924ea40 | 106 | if(EmptyString(parv[1])) |
212380e3 | 107 | { |
f924ea40 | 108 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); |
3c7d6fcc | 109 | return; |
212380e3 AC |
110 | } |
111 | ||
f924ea40 EM |
112 | if(parc < 3) |
113 | hashtype = hashdefault; | |
114 | else | |
115 | hashtype = parv[2]; | |
116 | ||
117 | if(!irccmp(hashtype, "SHA256")) | |
118 | salt = make_sha256_salt(16); | |
119 | else if(!irccmp(hashtype, "SHA512")) | |
120 | salt = make_sha512_salt(16); | |
121 | else if(!irccmp(hashtype, "MD5")) | |
122 | salt = make_md5_salt(8); | |
212380e3 | 123 | else |
f924ea40 EM |
124 | { |
125 | sendto_one_notice(source_p, | |
126 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
3c7d6fcc | 127 | return; |
f924ea40 | 128 | } |
212380e3 | 129 | |
e69375f3 JT |
130 | crypted = rb_crypt(parv[1], salt); |
131 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???"); | |
212380e3 AC |
132 | } |
133 | ||
f924ea40 EM |
134 | char * |
135 | make_md5_salt(int length) | |
212380e3 | 136 | { |
f924ea40 EM |
137 | static char salt[21]; |
138 | if(length > 16) | |
139 | { | |
140 | printf("MD5 salt length too long\n"); | |
141 | exit(0); | |
142 | } | |
143 | salt[0] = '$'; | |
144 | salt[1] = '1'; | |
145 | salt[2] = '$'; | |
146 | generate_random_salt(&salt[3], length); | |
147 | salt[length + 3] = '$'; | |
148 | salt[length + 4] = '\0'; | |
212380e3 AC |
149 | return salt; |
150 | } | |
151 | ||
f924ea40 EM |
152 | char * |
153 | make_sha256_salt(int length) | |
212380e3 | 154 | { |
f924ea40 EM |
155 | static char salt[21]; |
156 | if(length > 16) | |
157 | { | |
158 | printf("SHA256 salt length too long\n"); | |
159 | exit(0); | |
160 | } | |
212380e3 | 161 | salt[0] = '$'; |
f924ea40 | 162 | salt[1] = '5'; |
212380e3 | 163 | salt[2] = '$'; |
f924ea40 EM |
164 | generate_random_salt(&salt[3], length); |
165 | salt[length + 3] = '$'; | |
166 | salt[length + 4] = '\0'; | |
212380e3 AC |
167 | return salt; |
168 | } | |
f924ea40 EM |
169 | |
170 | char * | |
171 | make_sha512_salt(int length) | |
172 | { | |
173 | static char salt[21]; | |
174 | if(length > 16) | |
175 | { | |
176 | printf("SHA512 salt length too long\n"); | |
177 | exit(0); | |
178 | } | |
179 | salt[0] = '$'; | |
180 | salt[1] = '6'; | |
181 | salt[2] = '$'; | |
182 | generate_random_salt(&salt[3], length); | |
183 | salt[length + 3] = '$'; | |
184 | salt[length + 4] = '\0'; | |
185 | return salt; | |
186 | } | |
187 | ||
188 | char * | |
189 | generate_poor_salt(char *salt, int length) | |
190 | { | |
191 | int i; | |
192 | srand(time(NULL)); | |
193 | for(i = 0; i < length; i++) | |
194 | { | |
195 | salt[i] = saltChars[rand() % 64]; | |
196 | } | |
197 | return (salt); | |
198 | } | |
199 | ||
200 | char * | |
201 | generate_random_salt(char *salt, int length) | |
202 | { | |
203 | char *buf; | |
204 | int fd, i; | |
205 | if((fd = open("/dev/random", O_RDONLY)) < 0) | |
206 | { | |
207 | return (generate_poor_salt(salt, length)); | |
208 | } | |
209 | buf = calloc(1, length); | |
210 | if(read(fd, buf, length) != length) | |
211 | { | |
212 | free(buf); | |
f9960c02 | 213 | close(fd); |
f924ea40 EM |
214 | return (generate_poor_salt(salt, length)); |
215 | } | |
216 | ||
217 | for(i = 0; i < length; i++) | |
218 | { | |
219 | salt[i] = saltChars[abs(buf[i]) % 64]; | |
220 | } | |
221 | free(buf); | |
f9960c02 | 222 | close(fd); |
f924ea40 EM |
223 | return (salt); |
224 | } |