]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * m_mkpasswd.c: Encrypts a password online. | |
3 | * | |
4 | * Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu) | |
5 | * You can use this code in any way as long as these names remain. | |
6 | */ | |
7 | ||
8 | #include "stdinc.h" | |
9 | #include "client.h" | |
10 | #include "numeric.h" | |
11 | #include "s_conf.h" | |
12 | #include "modules.h" | |
13 | #include "messages.h" | |
14 | #include "send.h" | |
15 | ||
16 | #include <string.h> | |
17 | ||
18 | static int m_mkpasswd(struct Client *client_p, struct Client *source_p, | |
19 | int parc, const char *parv[]); | |
20 | static int mo_mkpasswd(struct Client *client_p, struct Client *source_p, | |
21 | int parc, const char *parv[]); | |
22 | ||
23 | static char *make_md5_salt(int); | |
24 | static char *make_sha256_salt(int); | |
25 | static char *make_sha512_salt(int); | |
26 | static char *generate_random_salt(char *, int); | |
27 | static char *generate_poor_salt(char *, int); | |
28 | ||
29 | static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; | |
30 | /* 0 .. 63, ascii - 64 */ | |
31 | ||
32 | struct Message mkpasswd_msgtab = { | |
33 | "MKPASSWD", 0, 0, 0, MFLG_SLOW, | |
34 | {mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}} | |
35 | }; | |
36 | ||
37 | mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL }; | |
38 | ||
39 | DECLARE_MODULE_AV1(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, "$Revision$"); | |
40 | ||
41 | ||
42 | /* m_mkpasswd - mkpasswd message handler | |
43 | * parv[1] = password | |
44 | * parv[2] = type | |
45 | */ | |
46 | static int | |
47 | m_mkpasswd(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) | |
48 | { | |
49 | static time_t last_used = 0; | |
50 | char *salt; | |
51 | const char *crypted; | |
52 | const char *hashtype; | |
53 | const char hashdefault[] = "SHA512"; | |
54 | ||
55 | if(EmptyString(parv[1])) | |
56 | { | |
57 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); | |
58 | return 0; | |
59 | } | |
60 | ||
61 | if(parc < 3) | |
62 | hashtype = hashdefault; | |
63 | else | |
64 | hashtype = parv[2]; | |
65 | ||
66 | if((last_used + ConfigFileEntry.pace_wait) > rb_current_time()) | |
67 | { | |
68 | /* safe enough to give this on a local connect only */ | |
69 | sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD"); | |
70 | return 0; | |
71 | } | |
72 | else | |
73 | last_used = rb_current_time(); | |
74 | ||
75 | if(!irccmp(hashtype, "SHA256")) | |
76 | salt = make_sha256_salt(16); | |
77 | else if(!irccmp(hashtype, "SHA512")) | |
78 | salt = make_sha512_salt(16); | |
79 | else if(!irccmp(hashtype, "MD5")) | |
80 | salt = make_md5_salt(8); | |
81 | else | |
82 | { | |
83 | sendto_one_notice(source_p, | |
84 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
85 | return 0; | |
86 | } | |
87 | ||
88 | crypted = rb_crypt(parv[1], salt); | |
89 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???"); | |
90 | return 0; | |
91 | } | |
92 | ||
93 | /* mo_mkpasswd - mkpasswd message handler | |
94 | * parv[1] = password | |
95 | * parv[2] = type | |
96 | */ | |
97 | static int | |
98 | mo_mkpasswd(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) | |
99 | { | |
100 | char *salt; | |
101 | const char *crypted; | |
102 | const char *hashtype; | |
103 | const char hashdefault[] = "SHA512"; | |
104 | ||
105 | if(EmptyString(parv[1])) | |
106 | { | |
107 | sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD"); | |
108 | return 0; | |
109 | } | |
110 | ||
111 | if(parc < 3) | |
112 | hashtype = hashdefault; | |
113 | else | |
114 | hashtype = parv[2]; | |
115 | ||
116 | if(!irccmp(hashtype, "SHA256")) | |
117 | salt = make_sha256_salt(16); | |
118 | else if(!irccmp(hashtype, "SHA512")) | |
119 | salt = make_sha512_salt(16); | |
120 | else if(!irccmp(hashtype, "MD5")) | |
121 | salt = make_md5_salt(8); | |
122 | else | |
123 | { | |
124 | sendto_one_notice(source_p, | |
125 | ":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]"); | |
126 | return 0; | |
127 | } | |
128 | ||
129 | crypted = rb_crypt(parv[1], salt); | |
130 | sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???"); | |
131 | return 0; | |
132 | } | |
133 | ||
134 | char * | |
135 | make_md5_salt(int length) | |
136 | { | |
137 | static char salt[21]; | |
138 | if(length > 16) | |
139 | { | |
140 | printf("MD5 salt length too long\n"); | |
141 | exit(0); | |
142 | } | |
143 | salt[0] = '$'; | |
144 | salt[1] = '1'; | |
145 | salt[2] = '$'; | |
146 | generate_random_salt(&salt[3], length); | |
147 | salt[length + 3] = '$'; | |
148 | salt[length + 4] = '\0'; | |
149 | return salt; | |
150 | } | |
151 | ||
152 | char * | |
153 | make_sha256_salt(int length) | |
154 | { | |
155 | static char salt[21]; | |
156 | if(length > 16) | |
157 | { | |
158 | printf("SHA256 salt length too long\n"); | |
159 | exit(0); | |
160 | } | |
161 | salt[0] = '$'; | |
162 | salt[1] = '5'; | |
163 | salt[2] = '$'; | |
164 | generate_random_salt(&salt[3], length); | |
165 | salt[length + 3] = '$'; | |
166 | salt[length + 4] = '\0'; | |
167 | return salt; | |
168 | } | |
169 | ||
170 | char * | |
171 | make_sha512_salt(int length) | |
172 | { | |
173 | static char salt[21]; | |
174 | if(length > 16) | |
175 | { | |
176 | printf("SHA512 salt length too long\n"); | |
177 | exit(0); | |
178 | } | |
179 | salt[0] = '$'; | |
180 | salt[1] = '6'; | |
181 | salt[2] = '$'; | |
182 | generate_random_salt(&salt[3], length); | |
183 | salt[length + 3] = '$'; | |
184 | salt[length + 4] = '\0'; | |
185 | return salt; | |
186 | } | |
187 | ||
188 | char * | |
189 | generate_poor_salt(char *salt, int length) | |
190 | { | |
191 | int i; | |
192 | srand(time(NULL)); | |
193 | for(i = 0; i < length; i++) | |
194 | { | |
195 | salt[i] = saltChars[rand() % 64]; | |
196 | } | |
197 | return (salt); | |
198 | } | |
199 | ||
200 | char * | |
201 | generate_random_salt(char *salt, int length) | |
202 | { | |
203 | char *buf; | |
204 | int fd, i; | |
205 | if((fd = open("/dev/random", O_RDONLY)) < 0) | |
206 | { | |
207 | return (generate_poor_salt(salt, length)); | |
208 | } | |
209 | buf = calloc(1, length); | |
210 | if(read(fd, buf, length) != length) | |
211 | { | |
212 | free(buf); | |
213 | close(fd); | |
214 | return (generate_poor_salt(salt, length)); | |
215 | } | |
216 | ||
217 | for(i = 0; i < length; i++) | |
218 | { | |
219 | salt[i] = saltChars[abs(buf[i]) % 64]; | |
220 | } | |
221 | free(buf); | |
222 | close(fd); | |
223 | return (salt); | |
224 | } |