2007-01-25 07:40:21 +01:00
|
|
|
/*
|
2011-01-06 07:41:57 +01:00
|
|
|
* m_mkpasswd.c: Encrypts a password online.
|
2007-01-25 07:40:21 +01:00
|
|
|
*
|
2011-01-06 07:41:57 +01:00
|
|
|
* Based on mkpasswd.c, originally by Nelson Minar (minar@reed.edu)
|
|
|
|
* You can use this code in any way as long as these names remain.
|
2007-01-25 07:40:21 +01:00
|
|
|
*/
|
|
|
|
|
2016-08-13 05:05:54 +02:00
|
|
|
using namespace ircd;
|
|
|
|
|
2016-03-09 08:29:41 +01:00
|
|
|
const char mkpasswd_desc[] = "Hash a password for use in ircd.conf";
|
|
|
|
|
2016-03-09 08:37:03 +01:00
|
|
|
static void m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p,
|
2007-01-25 07:40:21 +01:00
|
|
|
int parc, const char *parv[]);
|
2016-03-09 08:37:03 +01:00
|
|
|
static void mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p,
|
2007-01-25 07:40:21 +01:00
|
|
|
int parc, const char *parv[]);
|
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
static char *make_md5_salt(int);
|
|
|
|
static char *make_sha256_salt(int);
|
|
|
|
static char *make_sha512_salt(int);
|
|
|
|
static char *generate_random_salt(char *, int);
|
|
|
|
static char *generate_poor_salt(char *, int);
|
2007-01-25 07:40:21 +01:00
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
|
|
|
/* 0 .. 63, ascii - 64 */
|
2007-01-25 07:40:21 +01:00
|
|
|
|
|
|
|
struct Message mkpasswd_msgtab = {
|
2016-02-19 23:42:40 +01:00
|
|
|
"MKPASSWD", 0, 0, 0, 0,
|
2007-01-25 07:40:21 +01:00
|
|
|
{mg_unreg, {m_mkpasswd, 2}, mg_ignore, mg_ignore, mg_ignore, {mo_mkpasswd, 2}}
|
|
|
|
};
|
|
|
|
|
|
|
|
mapi_clist_av1 mkpasswd_clist[] = { &mkpasswd_msgtab, NULL };
|
|
|
|
|
2016-03-07 10:40:51 +01:00
|
|
|
DECLARE_MODULE_AV2(mkpasswd, NULL, NULL, mkpasswd_clist, NULL, NULL, NULL, NULL, mkpasswd_desc);
|
2007-01-25 07:40:21 +01:00
|
|
|
|
|
|
|
|
2013-04-27 11:59:57 +02:00
|
|
|
/* m_mkpasswd - mkpasswd message handler
|
2011-01-06 07:41:57 +01:00
|
|
|
* parv[1] = password
|
|
|
|
* parv[2] = type
|
|
|
|
*/
|
2016-03-09 08:37:03 +01:00
|
|
|
static void
|
2016-02-11 03:14:22 +01:00
|
|
|
m_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
|
|
|
static time_t last_used = 0;
|
2011-01-06 07:41:57 +01:00
|
|
|
char *salt;
|
2013-02-02 00:54:32 +01:00
|
|
|
const char *crypted;
|
2011-01-06 07:41:57 +01:00
|
|
|
const char *hashtype;
|
|
|
|
const char hashdefault[] = "SHA512";
|
|
|
|
|
|
|
|
if(EmptyString(parv[1]))
|
|
|
|
{
|
|
|
|
sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
|
2016-03-09 08:37:03 +01:00
|
|
|
return;
|
2011-01-06 07:41:57 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if(parc < 3)
|
|
|
|
hashtype = hashdefault;
|
|
|
|
else
|
|
|
|
hashtype = parv[2];
|
2007-01-25 07:40:21 +01:00
|
|
|
|
2008-04-02 02:35:13 +02:00
|
|
|
if((last_used + ConfigFileEntry.pace_wait) > rb_current_time())
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
|
|
|
/* safe enough to give this on a local connect only */
|
2009-01-17 01:18:19 +01:00
|
|
|
sendto_one(source_p, form_str(RPL_LOAD2HI), me.name, source_p->name, "MKPASSWD");
|
2016-03-09 08:37:03 +01:00
|
|
|
return;
|
2007-01-25 07:40:21 +01:00
|
|
|
}
|
|
|
|
else
|
2008-04-02 02:35:13 +02:00
|
|
|
last_used = rb_current_time();
|
2007-01-25 07:40:21 +01:00
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
if(!irccmp(hashtype, "SHA256"))
|
|
|
|
salt = make_sha256_salt(16);
|
|
|
|
else if(!irccmp(hashtype, "SHA512"))
|
|
|
|
salt = make_sha512_salt(16);
|
|
|
|
else if(!irccmp(hashtype, "MD5"))
|
|
|
|
salt = make_md5_salt(8);
|
|
|
|
else
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
2011-01-06 07:41:57 +01:00
|
|
|
sendto_one_notice(source_p,
|
|
|
|
":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]");
|
2016-03-09 08:37:03 +01:00
|
|
|
return;
|
2007-01-25 07:40:21 +01:00
|
|
|
}
|
|
|
|
|
2013-02-02 00:54:32 +01:00
|
|
|
crypted = rb_crypt(parv[1], salt);
|
|
|
|
sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
|
2007-01-25 07:40:21 +01:00
|
|
|
}
|
|
|
|
|
2013-04-27 11:59:57 +02:00
|
|
|
/* mo_mkpasswd - mkpasswd message handler
|
2011-01-06 07:41:57 +01:00
|
|
|
* parv[1] = password
|
|
|
|
* parv[2] = type
|
|
|
|
*/
|
2016-03-09 08:37:03 +01:00
|
|
|
static void
|
2016-02-11 03:14:22 +01:00
|
|
|
mo_mkpasswd(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
2011-01-06 07:41:57 +01:00
|
|
|
char *salt;
|
2013-02-02 00:54:32 +01:00
|
|
|
const char *crypted;
|
2011-01-06 07:41:57 +01:00
|
|
|
const char *hashtype;
|
|
|
|
const char hashdefault[] = "SHA512";
|
2007-01-25 07:40:21 +01:00
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
if(EmptyString(parv[1]))
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
2011-01-06 07:41:57 +01:00
|
|
|
sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MKPASSWD");
|
2016-03-09 08:37:03 +01:00
|
|
|
return;
|
2007-01-25 07:40:21 +01:00
|
|
|
}
|
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
if(parc < 3)
|
|
|
|
hashtype = hashdefault;
|
|
|
|
else
|
|
|
|
hashtype = parv[2];
|
|
|
|
|
|
|
|
if(!irccmp(hashtype, "SHA256"))
|
|
|
|
salt = make_sha256_salt(16);
|
|
|
|
else if(!irccmp(hashtype, "SHA512"))
|
|
|
|
salt = make_sha512_salt(16);
|
|
|
|
else if(!irccmp(hashtype, "MD5"))
|
|
|
|
salt = make_md5_salt(8);
|
2007-01-25 07:40:21 +01:00
|
|
|
else
|
2011-01-06 07:41:57 +01:00
|
|
|
{
|
|
|
|
sendto_one_notice(source_p,
|
|
|
|
":MKPASSWD syntax error: MKPASSWD pass [SHA256|SHA512|MD5]");
|
2016-03-09 08:37:03 +01:00
|
|
|
return;
|
2011-01-06 07:41:57 +01:00
|
|
|
}
|
2007-01-25 07:40:21 +01:00
|
|
|
|
2013-02-02 00:54:32 +01:00
|
|
|
crypted = rb_crypt(parv[1], salt);
|
|
|
|
sendto_one_notice(source_p, ":Hash [%s] for %s: %s", hashtype, parv[1], crypted ? crypted : "???");
|
2007-01-25 07:40:21 +01:00
|
|
|
}
|
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
char *
|
|
|
|
make_md5_salt(int length)
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
2011-01-06 07:41:57 +01:00
|
|
|
static char salt[21];
|
|
|
|
if(length > 16)
|
|
|
|
{
|
|
|
|
printf("MD5 salt length too long\n");
|
|
|
|
exit(0);
|
|
|
|
}
|
|
|
|
salt[0] = '$';
|
|
|
|
salt[1] = '1';
|
|
|
|
salt[2] = '$';
|
|
|
|
generate_random_salt(&salt[3], length);
|
|
|
|
salt[length + 3] = '$';
|
|
|
|
salt[length + 4] = '\0';
|
2007-01-25 07:40:21 +01:00
|
|
|
return salt;
|
|
|
|
}
|
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
char *
|
|
|
|
make_sha256_salt(int length)
|
2007-01-25 07:40:21 +01:00
|
|
|
{
|
2011-01-06 07:41:57 +01:00
|
|
|
static char salt[21];
|
|
|
|
if(length > 16)
|
|
|
|
{
|
|
|
|
printf("SHA256 salt length too long\n");
|
|
|
|
exit(0);
|
|
|
|
}
|
2007-01-25 07:40:21 +01:00
|
|
|
salt[0] = '$';
|
2011-01-06 07:41:57 +01:00
|
|
|
salt[1] = '5';
|
2007-01-25 07:40:21 +01:00
|
|
|
salt[2] = '$';
|
2011-01-06 07:41:57 +01:00
|
|
|
generate_random_salt(&salt[3], length);
|
|
|
|
salt[length + 3] = '$';
|
|
|
|
salt[length + 4] = '\0';
|
2007-01-25 07:40:21 +01:00
|
|
|
return salt;
|
|
|
|
}
|
2011-01-06 07:41:57 +01:00
|
|
|
|
|
|
|
char *
|
|
|
|
make_sha512_salt(int length)
|
|
|
|
{
|
|
|
|
static char salt[21];
|
|
|
|
if(length > 16)
|
|
|
|
{
|
|
|
|
printf("SHA512 salt length too long\n");
|
|
|
|
exit(0);
|
|
|
|
}
|
|
|
|
salt[0] = '$';
|
|
|
|
salt[1] = '6';
|
|
|
|
salt[2] = '$';
|
|
|
|
generate_random_salt(&salt[3], length);
|
|
|
|
salt[length + 3] = '$';
|
|
|
|
salt[length + 4] = '\0';
|
|
|
|
return salt;
|
|
|
|
}
|
|
|
|
|
|
|
|
char *
|
|
|
|
generate_poor_salt(char *salt, int length)
|
|
|
|
{
|
|
|
|
int i;
|
2016-08-15 11:55:03 +02:00
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
srand(time(NULL));
|
|
|
|
for(i = 0; i < length; i++)
|
|
|
|
salt[i] = saltChars[rand() % 64];
|
2016-08-15 11:55:03 +02:00
|
|
|
|
2011-01-06 07:41:57 +01:00
|
|
|
return (salt);
|
|
|
|
}
|
|
|
|
|
|
|
|
char *
|
|
|
|
generate_random_salt(char *salt, int length)
|
|
|
|
{
|
|
|
|
int fd, i;
|
2016-08-15 11:55:03 +02:00
|
|
|
|
|
|
|
if((fd = open("/dev/urandom", O_RDONLY)) < 0)
|
2011-01-06 07:41:57 +01:00
|
|
|
return (generate_poor_salt(salt, length));
|
2016-08-15 11:55:03 +02:00
|
|
|
|
|
|
|
if(read(fd, salt, (size_t)length) != length)
|
2011-01-06 07:41:57 +01:00
|
|
|
{
|
2014-02-23 22:18:44 +01:00
|
|
|
close(fd);
|
2011-01-06 07:41:57 +01:00
|
|
|
return (generate_poor_salt(salt, length));
|
|
|
|
}
|
|
|
|
|
|
|
|
for(i = 0; i < length; i++)
|
2016-08-15 09:22:20 +02:00
|
|
|
salt[i] = saltChars[int(abs(salt[i])) % 64];
|
2016-08-15 11:55:03 +02:00
|
|
|
|
2014-02-23 22:18:44 +01:00
|
|
|
close(fd);
|
2011-01-06 07:41:57 +01:00
|
|
|
return (salt);
|
|
|
|
}
|