]>
Commit | Line | Data |
---|---|---|
212380e3 | 1 | /* |
f924ea40 | 2 | * m_mkpasswd.c: Encrypts a password online. |
212380e3 | 3 | * |
f924ea40 EM |
4 | * Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu) |
5 | * You can use this code in any way as long as these names remain. | |
212380e3 AC |
6 | */ |
7 | ||
212380e3 AC |
8 | #include "stdinc.h" |
9 | #include "client.h" | |
212380e3 | 10 | #include "numeric.h" |
212380e3 | 11 | #include "s_conf.h" |
212380e3 AC |
12 | #include "modules.h" |
13 | ||
14 | #include <string.h> | |
15 | ||
212380e3 AC |
16 | static int m_mkpasswd(struct Client *client_p, struct Client *source_p, |
17 | int parc, const char *parv[]); | |
18 | static int mo_mkpasswd(struct Client *client_p, struct Client *source_p, | |
19 | int parc, const char *parv[]); | |
212380e3 | 20 | |
f924ea40 EM |
21 | static char *make_md5_salt(int); |
22 | static char *make_sha256_salt(int); | |
23 | static char *make_sha512_salt(int); | |
24 | static char *generate_random_salt(char *, int); | |
25 | static char *generate_poor_salt(char *, int); | |
212380e3 | 26 | |
f924ea40 EM |
27 | static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
28 | /* 0 .. 63, ascii - 64 */ | |
212380e3 AC |
29 | |
30 | struct Message mkpasswd_msgtab = { | |
31 | "MKPASSWD", 0, 0, 0, MFLG_SLOW, | |
32 | {mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}} | |
33 | }; | |
34 | ||
35 | mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL }; | |
36 | ||
f924ea40 | 37 | DECLARE_MODULE_AV1(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, "$Revision$"); |
212380e3 AC |
38 | |
39 | ||
f924ea40 EM |
40 | /* m_mkpasswd - mkpasswd message handler |
41 | * parv[1] = password | |
42 | * parv[2] = type | |
43 | */ | |
212380e3 AC |
44 | static int |
45 | m_mkpasswd(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) | |
46 | { | |
47 | static time_t last_used = 0; | |
f924ea40 EM |
48 | char *salt; |
49 | const char *hashtype; | |
50 | const char hashdefault[] = "SHA512"; | |
51 | ||
52 | if(EmptyString(parv[1])) | |
53 | { | |
54 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); | |
55 | return 0; | |
56 | } | |
57 | ||
58 | if(parc < 3) | |
59 | hashtype = hashdefault; | |
60 | else | |
61 | hashtype = parv[2]; | |
212380e3 | 62 | |
954012d3 | 63 | if((last_used + ConfigFileEntry.pace_wait) > rb_current_time()) |
212380e3 AC |
64 | { |
65 | /* safe enough to give this on a local connect only */ | |
3dfaa671 | 66 | sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD"); |
212380e3 AC |
67 | return 0; |
68 | } | |
69 | else | |
954012d3 | 70 | last_used = rb_current_time(); |
212380e3 | 71 | |
f924ea40 EM |
72 | if(!irccmp(hashtype, "SHA256")) |
73 | salt = make_sha256_salt(16); | |
74 | else if(!irccmp(hashtype, "SHA512")) | |
75 | salt = make_sha512_salt(16); | |
76 | else if(!irccmp(hashtype, "MD5")) | |
77 | salt = make_md5_salt(8); | |
78 | else | |
212380e3 | 79 | { |
f924ea40 EM |
80 | sendto_one_notice(source_p, |
81 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
82 | return 0; | |
212380e3 AC |
83 | } |
84 | ||
f924ea40 | 85 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], rb_crypt(parv[1], salt)); |
212380e3 AC |
86 | return 0; |
87 | } | |
88 | ||
f924ea40 EM |
89 | /* mo_mkpasswd - mkpasswd message handler |
90 | * parv[1] = password | |
91 | * parv[2] = type | |
92 | */ | |
212380e3 AC |
93 | static int |
94 | mo_mkpasswd(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) | |
95 | { | |
f924ea40 EM |
96 | char *salt; |
97 | const char *hashtype; | |
98 | const char hashdefault[] = "SHA512"; | |
212380e3 | 99 | |
f924ea40 | 100 | if(EmptyString(parv[1])) |
212380e3 | 101 | { |
f924ea40 EM |
102 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); |
103 | return 0; | |
212380e3 AC |
104 | } |
105 | ||
f924ea40 EM |
106 | if(parc < 3) |
107 | hashtype = hashdefault; | |
108 | else | |
109 | hashtype = parv[2]; | |
110 | ||
111 | if(!irccmp(hashtype, "SHA256")) | |
112 | salt = make_sha256_salt(16); | |
113 | else if(!irccmp(hashtype, "SHA512")) | |
114 | salt = make_sha512_salt(16); | |
115 | else if(!irccmp(hashtype, "MD5")) | |
116 | salt = make_md5_salt(8); | |
212380e3 | 117 | else |
f924ea40 EM |
118 | { |
119 | sendto_one_notice(source_p, | |
120 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
121 | return 0; | |
122 | } | |
212380e3 | 123 | |
f924ea40 | 124 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], rb_crypt(parv[1], salt)); |
212380e3 AC |
125 | return 0; |
126 | } | |
127 | ||
f924ea40 EM |
128 | char * |
129 | make_md5_salt(int length) | |
212380e3 | 130 | { |
f924ea40 EM |
131 | static char salt[21]; |
132 | if(length > 16) | |
133 | { | |
134 | printf("MD5 salt length too long\n"); | |
135 | exit(0); | |
136 | } | |
137 | salt[0] = '$'; | |
138 | salt[1] = '1'; | |
139 | salt[2] = '$'; | |
140 | generate_random_salt(&salt[3], length); | |
141 | salt[length + 3] = '$'; | |
142 | salt[length + 4] = '\0'; | |
212380e3 AC |
143 | return salt; |
144 | } | |
145 | ||
f924ea40 EM |
146 | char * |
147 | make_sha256_salt(int length) | |
212380e3 | 148 | { |
f924ea40 EM |
149 | static char salt[21]; |
150 | if(length > 16) | |
151 | { | |
152 | printf("SHA256 salt length too long\n"); | |
153 | exit(0); | |
154 | } | |
212380e3 | 155 | salt[0] = '$'; |
f924ea40 | 156 | salt[1] = '5'; |
212380e3 | 157 | salt[2] = '$'; |
f924ea40 EM |
158 | generate_random_salt(&salt[3], length); |
159 | salt[length + 3] = '$'; | |
160 | salt[length + 4] = '\0'; | |
212380e3 AC |
161 | return salt; |
162 | } | |
f924ea40 EM |
163 | |
164 | char * | |
165 | make_sha512_salt(int length) | |
166 | { | |
167 | static char salt[21]; | |
168 | if(length > 16) | |
169 | { | |
170 | printf("SHA512 salt length too long\n"); | |
171 | exit(0); | |
172 | } | |
173 | salt[0] = '$'; | |
174 | salt[1] = '6'; | |
175 | salt[2] = '$'; | |
176 | generate_random_salt(&salt[3], length); | |
177 | salt[length + 3] = '$'; | |
178 | salt[length + 4] = '\0'; | |
179 | return salt; | |
180 | } | |
181 | ||
182 | char * | |
183 | generate_poor_salt(char *salt, int length) | |
184 | { | |
185 | int i; | |
186 | srand(time(NULL)); | |
187 | for(i = 0; i < length; i++) | |
188 | { | |
189 | salt[i] = saltChars[rand() % 64]; | |
190 | } | |
191 | return (salt); | |
192 | } | |
193 | ||
194 | char * | |
195 | generate_random_salt(char *salt, int length) | |
196 | { | |
197 | char *buf; | |
198 | int fd, i; | |
199 | if((fd = open("/dev/random", O_RDONLY)) < 0) | |
200 | { | |
201 | return (generate_poor_salt(salt, length)); | |
202 | } | |
203 | buf = calloc(1, length); | |
204 | if(read(fd, buf, length) != length) | |
205 | { | |
206 | free(buf); | |
207 | return (generate_poor_salt(salt, length)); | |
208 | } | |
209 | ||
210 | for(i = 0; i < length; i++) | |
211 | { | |
212 | salt[i] = saltChars[abs(buf[i]) % 64]; | |
213 | } | |
214 | free(buf); | |
215 | return (salt); | |
216 | } |