[solanum.git] / extensions / m_mkpasswd.c

/*
 * m_mkpasswd.c: Encrypts a password online.
 *
 * Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu)
 * You can use this code in any way as long as these names remain.
 */

#include "stdinc.h"
#include "client.h"
#include "numeric.h"
#include "s_conf.h"
#include "modules.h"
#include "messages.h"
#include "send.h"

#include <string.h>

const char mkpasswd_desc[] = "Hash a password for use in ircd.conf";

static void m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p,
		      int parc, const char *parv[]);
static void mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p,
		       int parc, const char *parv[]);

static char *make_md5_salt(int);
static char *make_sha256_salt(int);
static char *make_sha512_salt(int);
static char *generate_random_salt(char *, int);
static char *generate_poor_salt(char *, int);

static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
	/* 0 .. 63, ascii - 64 */

struct Message mkpasswd_msgtab = {
	"MKPASSWD", 0, 0, 0, 0,
	{mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}}
};

mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL };

DECLARE_MODULE_AV2(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, NULL, NULL, mkpasswd_desc);


/* m_mkpasswd - mkpasswd message handler
 *	parv[1] = password
 *	parv[2] = type
 */
static void
m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
{
	static time_t last_used = 0;
	char *salt;
	const char *crypted;
	const char *hashtype;
	const char hashdefault[] = "SHA512";

	if(EmptyString(parv[1]))
	{
		sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
		return;
	}

	if(parc < 3)
		hashtype = hashdefault;
	else
		hashtype = parv[2];

	if((last_used + ConfigFileEntry.pace_wait) > rb_current_time())
	{
		/* safe enough to give this on a local connect only */
		sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD");
		return;
	}
	else
		last_used = rb_current_time();

	if(!irccmp(hashtype, "SHA256"))
		salt = make_sha256_salt(16);
	else if(!irccmp(hashtype, "SHA512"))
		salt = make_sha512_salt(16);
	else if(!irccmp(hashtype, "MD5"))
		salt = make_md5_salt(8);
	else
	{
		sendto_one_notice(source_p,
				  ":MKPASSWD syntax error:  MKPASSWD pass [SHA256|SHA512|MD5]");
		return;
	}

	crypted = rb_crypt(parv[1], salt);
	sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
}

/* mo_mkpasswd - mkpasswd message handler
 *	parv[1] = password
 *	parv[2] = type
 */
static void
mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
{
	char *salt;
	const char *crypted;
	const char *hashtype;
	const char hashdefault[] = "SHA512";

	if(EmptyString(parv[1]))
	{
		sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
		return;
	}

	if(parc < 3)
		hashtype = hashdefault;
	else
		hashtype = parv[2];

	if(!irccmp(hashtype, "SHA256"))
		salt = make_sha256_salt(16);
	else if(!irccmp(hashtype, "SHA512"))
		salt = make_sha512_salt(16);
	else if(!irccmp(hashtype, "MD5"))
		salt = make_md5_salt(8);
	else
	{
		sendto_one_notice(source_p,
				  ":MKPASSWD syntax error:  MKPASSWD pass [SHA256|SHA512|MD5]");
		return;
	}

	crypted = rb_crypt(parv[1], salt);
	sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
}

char *
make_md5_salt(int length)
{
	static char salt[21];
	if(length > 16)
	{
		printf("MD5 salt length too long\n");
		exit(0);
	}
	salt[0] = '$';
	salt[1] = '1';
	salt[2] = '$';
	generate_random_salt(&salt[3], length);
	salt[length + 3] = '$';
	salt[length + 4] = '\0';
	return salt;
}

char *
make_sha256_salt(int length)
{
	static char salt[21];
	if(length > 16)
	{
		printf("SHA256 salt length too long\n");
		exit(0);
	}
	salt[0] = '$';
	salt[1] = '5';
	salt[2] = '$';
	generate_random_salt(&salt[3], length);
	salt[length + 3] = '$';
	salt[length + 4] = '\0';
	return salt;
}

char *
make_sha512_salt(int length)
{
	static char salt[21];
	if(length > 16)
	{
		printf("SHA512 salt length too long\n");
		exit(0);
	}
	salt[0] = '$';
	salt[1] = '6';
	salt[2] = '$';
	generate_random_salt(&salt[3], length);
	salt[length + 3] = '$';
	salt[length + 4] = '\0';
	return salt;
}

char *
generate_poor_salt(char *salt, int length)
{
	int i;

	srand(time(NULL));
	for(i = 0; i < length; i++)
		salt[i] = saltChars[rand() % 64];

	return (salt);
}

char *
generate_random_salt(char *salt, int length)
{
	int fd, i;

	if((fd = open("/dev/urandom", O_RDONLY)) < 0)
		return (generate_poor_salt(salt, length));

	if(read(fd, salt, (size_t)length) != length)
	{
		close(fd);
		return (generate_poor_salt(salt, length));
	}

	for(i = 0; i < length; i++)
		salt[i] = saltChars[abs(salt[i]) % 64];

	close(fd);
	return (salt);
}
Commit	Line	Data
212380e3	1	/*
f924ea40	2	* m_mkpasswd.c: Encrypts a password online.
212380e3	3	*
f924ea40 EM	4	* Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu)
f924ea40 EM	5	* You can use this code in any way as long as these names remain.
212380e3 AC	6	*/
212380e3 AC	7
212380e3 AC	8	#include "stdinc.h"
212380e3 AC	9	#include "client.h"
212380e3	10	#include "numeric.h"
212380e3	11	#include "s_conf.h"
212380e3	12	#include "modules.h"
bd0d352f	13	#include "messages.h"
77d3d2db	14	#include "send.h"
212380e3 AC	15
	16	#include <string.h>
	17
eeabf33a EM	18	const char mkpasswd_desc[] = "Hash a password for use in ircd.conf";
eeabf33a EM	19
3c7d6fcc	20	static void m_mkpasswd(struct MsgBuf msgbuf_p, struct Client client_p, struct Client *source_p,
212380e3	21	int parc, const char *parv[]);
3c7d6fcc	22	static void mo_mkpasswd(struct MsgBuf msgbuf_p, struct Client client_p, struct Client *source_p,
212380e3	23	int parc, const char *parv[]);
212380e3	24
f924ea40 EM	25	static char *make_md5_salt(int);
	26	static char *make_sha256_salt(int);
	27	static char *make_sha512_salt(int);
	28	static char generate_random_salt(char , int);
	29	static char generate_poor_salt(char , int);
212380e3	30
f924ea40 EM	31	static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
f924ea40 EM	32	/* 0 .. 63, ascii - 64 */
212380e3 AC	33
212380e3 AC	34	struct Message mkpasswd_msgtab = {
7baa37a9	35	"MKPASSWD", 0, 0, 0, 0,
212380e3 AC	36	{mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}}
	37	};
	38
	39	mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL };
	40
02369fa7	41	DECLARE_MODULE_AV2(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, NULL, NULL, mkpasswd_desc);
212380e3 AC	42
212380e3 AC	43
06c3a319	44	/* m_mkpasswd - mkpasswd message handler
f924ea40 EM	45	* parv[1] = password
	46	* parv[2] = type
	47	*/
3c7d6fcc	48	static void
760bafda	49	m_mkpasswd(struct MsgBuf msgbuf_p, struct Client client_p, struct Client source_p, int parc, const char parv[])
212380e3 AC	50	{
212380e3 AC	51	static time_t last_used = 0;
f924ea40	52	char *salt;
e69375f3	53	const char *crypted;
f924ea40 EM	54	const char *hashtype;
	55	const char hashdefault[] = "SHA512";
	56
	57	if(EmptyString(parv[1]))
	58	{
	59	sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
3c7d6fcc	60	return;
f924ea40 EM	61	}
	62
	63	if(parc < 3)
	64	hashtype = hashdefault;
	65	else
	66	hashtype = parv[2];
212380e3	67
954012d3	68	if((last_used + ConfigFileEntry.pace_wait) > rb_current_time())
212380e3 AC	69	{
212380e3 AC	70	/* safe enough to give this on a local connect only */
3dfaa671	71	sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD");
3c7d6fcc	72	return;
212380e3 AC	73	}
212380e3 AC	74	else
954012d3	75	last_used = rb_current_time();
212380e3	76
f924ea40 EM	77	if(!irccmp(hashtype, "SHA256"))
	78	salt = make_sha256_salt(16);
	79	else if(!irccmp(hashtype, "SHA512"))
	80	salt = make_sha512_salt(16);
	81	else if(!irccmp(hashtype, "MD5"))
	82	salt = make_md5_salt(8);
	83	else
212380e3	84	{
f924ea40 EM	85	sendto_one_notice(source_p,
f924ea40 EM	86	":MKPASSWD syntax error: MKPASSWD pass [SHA256\|SHA512\|MD5]");
3c7d6fcc	87	return;
212380e3 AC	88	}
212380e3 AC	89
e69375f3 JT	90	crypted = rb_crypt(parv[1], salt);
e69375f3 JT	91	sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
212380e3 AC	92	}
212380e3 AC	93
06c3a319	94	/* mo_mkpasswd - mkpasswd message handler
f924ea40 EM	95	* parv[1] = password
	96	* parv[2] = type
	97	*/
3c7d6fcc	98	static void
760bafda	99	mo_mkpasswd(struct MsgBuf msgbuf_p, struct Client client_p, struct Client source_p, int parc, const char parv[])
212380e3	100	{
f924ea40	101	char *salt;
e69375f3	102	const char *crypted;
f924ea40 EM	103	const char *hashtype;
f924ea40 EM	104	const char hashdefault[] = "SHA512";
212380e3	105
f924ea40	106	if(EmptyString(parv[1]))
212380e3	107	{
f924ea40	108	sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
3c7d6fcc	109	return;
212380e3 AC	110	}
212380e3 AC	111
f924ea40 EM	112	if(parc < 3)
	113	hashtype = hashdefault;
	114	else
	115	hashtype = parv[2];
	116
	117	if(!irccmp(hashtype, "SHA256"))
	118	salt = make_sha256_salt(16);
	119	else if(!irccmp(hashtype, "SHA512"))
	120	salt = make_sha512_salt(16);
	121	else if(!irccmp(hashtype, "MD5"))
	122	salt = make_md5_salt(8);
212380e3	123	else
f924ea40 EM	124	{
	125	sendto_one_notice(source_p,
	126	":MKPASSWD syntax error: MKPASSWD pass [SHA256\|SHA512\|MD5]");
3c7d6fcc	127	return;
f924ea40	128	}
212380e3	129
e69375f3 JT	130	crypted = rb_crypt(parv[1], salt);
e69375f3 JT	131	sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
212380e3 AC	132	}
212380e3 AC	133
f924ea40 EM	134	char *
f924ea40 EM	135	make_md5_salt(int length)
212380e3	136	{
f924ea40 EM	137	static char salt[21];
	138	if(length > 16)
	139	{
	140	printf("MD5 salt length too long\n");
	141	exit(0);
	142	}
	143	salt[0] = '$';
	144	salt[1] = '1';
	145	salt[2] = '$';
	146	generate_random_salt(&salt[3], length);
	147	salt[length + 3] = '$';
	148	salt[length + 4] = '\0';
212380e3 AC	149	return salt;
	150	}
	151
f924ea40 EM	152	char *
f924ea40 EM	153	make_sha256_salt(int length)
212380e3	154	{
f924ea40 EM	155	static char salt[21];
	156	if(length > 16)
	157	{
	158	printf("SHA256 salt length too long\n");
	159	exit(0);
	160	}
212380e3	161	salt[0] = '$';
f924ea40	162	salt[1] = '5';
212380e3	163	salt[2] = '$';
f924ea40 EM	164	generate_random_salt(&salt[3], length);
	165	salt[length + 3] = '$';
	166	salt[length + 4] = '\0';
212380e3 AC	167	return salt;
212380e3 AC	168	}
f924ea40 EM	169
	170	char *
	171	make_sha512_salt(int length)
	172	{
	173	static char salt[21];
	174	if(length > 16)
	175	{
	176	printf("SHA512 salt length too long\n");
	177	exit(0);
	178	}
	179	salt[0] = '$';
	180	salt[1] = '6';
	181	salt[2] = '$';
	182	generate_random_salt(&salt[3], length);
	183	salt[length + 3] = '$';
	184	salt[length + 4] = '\0';
	185	return salt;
	186	}
	187
	188	char *
	189	generate_poor_salt(char *salt, int length)
	190	{
	191	int i;
ba1edd72	192
f924ea40 EM	193	srand(time(NULL));
f924ea40 EM	194	for(i = 0; i < length; i++)
f924ea40	195	salt[i] = saltChars[rand() % 64];
ba1edd72	196
f924ea40 EM	197	return (salt);
	198	}
	199
	200	char *
	201	generate_random_salt(char *salt, int length)
	202	{
f924ea40	203	int fd, i;
ba1edd72 AJ	204
ba1edd72 AJ	205	if((fd = open("/dev/urandom", O_RDONLY)) < 0)
f924ea40	206	return (generate_poor_salt(salt, length));
ba1edd72 AJ	207
ba1edd72 AJ	208	if(read(fd, salt, (size_t)length) != length)
f924ea40	209	{
f9960c02	210	close(fd);
f924ea40 EM	211	return (generate_poor_salt(salt, length));
	212	}
	213
	214	for(i = 0; i < length; i++)
ba1edd72 AJ	215	salt[i] = saltChars[abs(salt[i]) % 64];
ba1edd72 AJ	216
f9960c02	217	close(fd);
f924ea40 EM	218	return (salt);
f924ea40 EM	219	}