MirrorHub/construct
0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-05-17 10:23:46 +02:00
Code Issues Releases Wiki Activity

tools: Remove old tools.

Browse source
This commit is contained in:
Jason Volk 2018-09-04 04:44:46 -07:00
parent 7f43da8a07
commit 755cfbffb0
8 changed files with 0 additions and 714 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Makefile.am
View file

@ -5,7 +5,6 @@ SUBDIRS = include/ircd
SUBDIRS += ircd
SUBDIRS += modules
SUBDIRS += construct
SUBDIRS += tools
SUBDIRS += doc
.PHONY: subdirs $(SUBDIRS)

1
configure.ac
View file

@ -44,7 +44,6 @@ AC_CONFIG_FILES(\
ircd/Makefile \
doc/Makefile \
modules/Makefile \
tools/Makefile \
)
AM_INIT_AUTOMAKE([subdir-objects])

30
tools/Makefile.am
View file

@ -1,30 +0,0 @@
AM_CPPFLAGS = \
-I$(top_srcdir)/include \
@BOOST_CPPFLAGS@
AM_LDFLAGS = \
@BOOST_LDFLAGS@ \
-L$(top_srcdir)/ircd
#bin_PROGRAMS = charybdis-mkpasswd
#charybdis_mkpasswd_LDADD = \
# @BOOST_LIBS@
#charybdis_mkpasswd_SOURCES = \
# mkpasswd.cc
#bin_PROGRAMS += charybdis-mkfingerprint
#charybdis_mkfingerprint_LDADD = \
# -lircd \
# @BOOST_LIBS@
#charybdis_mkfingerprint_SOURCES = \
# mkfingerprint.cc
mrproper-local:
rm -f genssl

38
tools/README.mkpasswd
View file

@ -1,38 +0,0 @@
mkpasswd.c documentation
This is documentation for the updated mkpasswd.c included with a number
of ircd, irc services, and non-IRC related programs
This version of mkpasswd can create Blowfish, MD5, SHA256, and SHA512 crypted
passwords, with either randomly generated or user provided salts.
Options:
-x Generate a SHA256 password
-y Generate a SHA512 password
-m Generate an MD5 password
-b Generate a Blowfish password
-l Specify a length for a random MD5 or Blowfish salt
-r Specify a number of rounds for a Blowfish password
Default 4, no more than 6 recommended
-s Specify a salt, up to 16 for MD5, SHA256, and SHA512
up to 22 for Blowfish
-p Specify a plaintext password to use
-? Get brief help
-h Get extended help
Without the presence of any parameters, it'll generate a SHA512 hash with a
randomly generated salt and prompting for the password (without echo).
An MD5, SHA256, and SHA512 salt consists of up to 16 alphanumeric characters
(plus '.' and '/'), such as 'tGd' or 'J6d4dfG'.
A Blowfish salt consists of up to 22 alphanumeric characters (plus '.' and
'/'). Blowfish also specifies a number of rounds*, by default 4.
Blowfish may not always be available, but MD5, SHA256, and SHA512 are
guaranteed to be.
This program should work anywhere Charybdis does; if you find otherwise, file
a bug.
* Blowfish's rounds parameter is a logarithm, not an integer value

37
tools/genssl.in
View file

@ -1,37 +0,0 @@
#!/bin/sh
prefix="@prefix@"
exec_prefix="@exec_prefix@"
sysconfdir="@sysconfdir@"
echo "Generating private key and CSR... "
openssl req -new -newkey rsa:4096 -nodes -sha512 -out "${sysconfdir}"/ssl.csr -keyout "${sysconfdir}"/ssl.key
echo "Self-signing certificate..."
openssl x509 -req -sha512 -days 365 -in "${sysconfdir}"/ssl.csr -signkey "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.pem
echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. "
openssl dhparam -out "${sysconfdir}"/dh.pem 2048
# If sysconfdir is relative to prefix, make the path relative. I.e.,
# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc,
# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc ->
# relative_sysconfdir=etc
relative_sysconfdir="${sysconfdir#${prefix%/}/}"
relative_sysconfdir="${relative_sysconfdir%/}"
cat <<EOF
Now change these lines in the IRCd config file:
ssl_private_key = "${relative_sysconfdir}/ssl.key";
ssl_cert = "${relative_sysconfdir}/ssl.pem";
ssl_dh_params = "${relative_sysconfdir}/dh.pem";
If you want to get your certificate signed by a certificate authority,
submit the ssl.csr file to your CA, then replace ssl.pem with the
certificate returned to you. You may need to include your CA's
intermediate certificates in signing order.
Enjoy using ssl.
EOF

83
tools/mkfingerprint.cc
View file

@ -1,83 +0,0 @@
/*
* mkfingerprint.c: Create certificate fingerprints using librb
* Copyright 2016 simon Arlott
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
*/
#include <rb/rb.h>
#include <rb/ssl.h>
#include <ircd/certfp.h>
int main(int argc, char *argv[])
{
uint8_t certfp[RB_SSL_CERTFP_LEN+1] = { 0 };
const char *method_str;
const char *filename;
int method;
const char *prefix;
int ret;
int i;
if (argc != 3) {
printf("mkfingerprint <method> <filename>\n");
printf(" Valid methods: "
CERTFP_NAME_CERT_SHA1 ", "
CERTFP_NAME_CERT_SHA256 ", "
CERTFP_NAME_CERT_SHA512 ", "
CERTFP_NAME_SPKI_SHA256 ", "
CERTFP_NAME_SPKI_SHA512 "\n");
return 1;
}
method_str = argv[1];
filename = argv[2];
if (!strcmp(method_str, CERTFP_NAME_CERT_SHA1)) {
method = RB_SSL_CERTFP_METH_CERT_SHA1;
prefix = CERTFP_PREFIX_CERT_SHA1;
} else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA256)) {
method = RB_SSL_CERTFP_METH_CERT_SHA256;
prefix = CERTFP_PREFIX_CERT_SHA256;
} else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA512)) {
method = RB_SSL_CERTFP_METH_CERT_SHA512;
prefix = CERTFP_PREFIX_CERT_SHA512;
} else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA256)) {
method = RB_SSL_CERTFP_METH_SPKI_SHA256;
prefix = CERTFP_PREFIX_SPKI_SHA256;
} else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA512)) {
method = RB_SSL_CERTFP_METH_SPKI_SHA512;
prefix = CERTFP_PREFIX_SPKI_SHA512;
} else {
printf("Unknown method: %s\n", method_str);
return 1;
}
ret = rb_get_ssl_certfp_file(filename, certfp, method);
if (ret < 0) {
perror(filename);
return 1;
} else if (ret == 0) {
fprintf(stderr, "Unknown error\n");
return 1;
}
printf("%s", prefix);
for (i = 0; i < ret; i++) {
printf("%02x", certfp[i]);
}
printf("\n");
return 0;
}

422
tools/mkpasswd.cc
View file

@ -1,422 +0,0 @@
/* simple password generator by Nelson Minar (minar@reed.edu)
* copyright 1991, all rights reserved.
* You can use this code as long as my name stays with it.
*
* md5 patch by W. Campbell <wcampbel@botbay.net>
* Modernization, getopt, etc for the Hybrid IRCD team
* by W. Campbell
*
* /dev/random for salt generation added by
* Aaron Sethman <androsyn@ratbox.org>
*/
#include <rb/rb.h>
#include <rb/ssl.h>
#ifndef __MINGW32__
#include <pwd.h>
#endif
#define FLAG_MD5 0x00000001
#define FLAG_SALT 0x00000002
#define FLAG_PASS 0x00000004
#define FLAG_LENGTH 0x00000008
#define FLAG_BLOWFISH 0x00000010
#define FLAG_ROUNDS 0x00000020
#define FLAG_SHA256 0x00000040
#define FLAG_SHA512 0x00000080
static char *make_md5_salt(int);
static char *make_md5_salt_para(char *);
static char *make_sha256_salt(int);
static char *make_sha256_salt_para(char *);
static char *make_sha512_salt(int);
static char *make_sha512_salt_para(char *);
static char *make_bf_salt(int, int);
static char *make_bf_salt_para(int, char *);
static char *generate_random_salt(char *, int);
static char *generate_poor_salt(char *, int);
static void full_usage(void) __attribute__((noreturn));
static void brief_usage(void) __attribute__((noreturn));
static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
/* 0 .. 63, ascii - 64 */
#ifdef __MINGW32__
#include <conio.h>
#ifdef PASS_MAX
#undef PASS_MAX
#endif
#define PASS_MAX 256
static char getpassbuf[PASS_MAX + 1];
static char *
getpass(const char *prompt)
{
int c;
int i = 0;
memset(getpassbuf, 0, sizeof(getpassbuf));
fputs(prompt, stderr);
for(;;)
{
c = _getch();
if(c == '\r')
{
getpassbuf[i] = '\0';
break;
}
else if(i < PASS_MAX)
{
getpassbuf[i++] = c;
}
}
fputs("\r\n", stderr);
return getpassbuf;
}
#endif
int
main(int argc, char *argv[])
{
char *plaintext = NULL;
int c;
char *saltpara = NULL;
char *salt;
char *hashed;
int flag = 0;
int length = 0; /* Not Set */
int rounds = 0; /* Not set, since blowfish needs 4 by default, a side effect
* of this being the encryption type parameter must be
* specified before the rounds parameter.
*/
while((c = getopt(argc, argv, "xymbr:h?l:s:p:")) != -1)
{
switch (c)
{
case 'm':
flag |= FLAG_MD5;
break;
case 'b':
flag |= FLAG_BLOWFISH;
rounds = 4;
break;
case 'l':
flag |= FLAG_LENGTH;
length = atoi(optarg);
break;
case 'r':
flag |= FLAG_ROUNDS;
rounds = atoi(optarg);
break;
case 's':
flag |= FLAG_SALT;
saltpara = optarg;
break;
case 'p':
flag |= FLAG_PASS;
plaintext = optarg;
break;
case 'x':
flag |= FLAG_SHA256;
break;
case 'y':
flag |= FLAG_SHA512;
break;
case 'h':
full_usage();
/* NOT REACHED */
break;
case '?':
brief_usage();
/* NOT REACHED */
break;
default:
printf("Invalid Option: -%c\n", c);
break;
}
}
if(flag & FLAG_MD5)
{
if(length == 0)
length = 8;
if(flag & FLAG_SALT)
salt = make_md5_salt_para(saltpara);
else
salt = make_md5_salt(length);
}
else if(flag & FLAG_BLOWFISH)
{
if(length == 0)
length = 22;
if(flag & FLAG_SALT)
salt = make_bf_salt_para(rounds, saltpara);
else
salt = make_bf_salt(rounds, length);
}
else if(flag & FLAG_SHA256)
{
if(length == 0)
length = 16;
if(flag & FLAG_SALT)
salt = make_sha256_salt_para(saltpara);
else
salt = make_sha256_salt(length);
}
else
{
if(length == 0)
length = 16;
if(flag & FLAG_SALT)
salt = make_sha512_salt_para(saltpara);
else
salt = make_sha512_salt(length);
}
if(flag & FLAG_PASS)
{
if(!plaintext)
{
fprintf(stderr, "Please enter a valid password\n");
return 1;
}
hashed = rb_crypt(plaintext, salt);
}
else
{
hashed = strdup(rb_crypt(getpass("plaintext: "), salt));
plaintext = getpass("again: ");
if (strcmp(rb_crypt(plaintext, salt), hashed) != 0)
{
fprintf(stderr, "Passwords do not match\n");
return 1;
}
}
printf("%s\n", hashed);
return 0;
}
char *
make_md5_salt_para(char *saltpara)
{
static char salt[21];
if(saltpara && (strlen(saltpara) <= 16))
{
/* sprintf used because of portability requirements, the length
** is checked above, so it should not be too much of a concern
*/
sprintf(salt, "$1$%s$", saltpara);
return salt;
}
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
exit(1);
/* NOT REACHED */
return NULL;
}
char *
make_md5_salt(int length)
{
static char salt[21];
if(length > 16)
{
printf("MD5 salt length too long\n");
exit(0);
}
salt[0] = '$';
salt[1] = '1';
salt[2] = '$';
generate_random_salt(&salt[3], length);
salt[length + 3] = '$';
salt[length + 4] = '\0';
return salt;
}
char *
make_sha256_salt_para(char *saltpara)
{
static char salt[21];
if(saltpara && (strlen(saltpara) <= 16))
{
/* sprintf used because of portability requirements, the length
** is checked above, so it should not be too much of a concern
*/
sprintf(salt, "$5$%s$", saltpara);
return salt;
}
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
exit(1);
/* NOT REACHED */
return NULL;
}
char *
make_sha512_salt_para(char *saltpara)
{
static char salt[21];
if(saltpara && (strlen(saltpara) <= 16))
{
/* sprintf used because of portability requirements, the length
** is checked above, so it should not be too much of a concern
*/
sprintf(salt, "$6$%s$", saltpara);
return salt;
}
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
exit(1);
/* NOT REACHED */
return NULL;
}
char *
make_sha256_salt(int length)
{
static char salt[21];
if(length > 16)
{
printf("SHA256 salt length too long\n");
exit(0);
}
salt[0] = '$';
salt[1] = '5';
salt[2] = '$';
generate_random_salt(&salt[3], length);
salt[length + 3] = '$';
salt[length + 4] = '\0';
return salt;
}
char *
make_sha512_salt(int length)
{
static char salt[21];
if(length > 16)
{
printf("SHA512 salt length too long\n");
exit(0);
}
salt[0] = '$';
salt[1] = '6';
salt[2] = '$';
generate_random_salt(&salt[3], length);
salt[length + 3] = '$';
salt[length + 4] = '\0';
return salt;
}
char *
make_bf_salt_para(int rounds, char *saltpara)
{
static char salt[31];
char tbuf[3];
if(saltpara && (strlen(saltpara) <= 22))
{
/* sprintf used because of portability requirements, the length
** is checked above, so it should not be too much of a concern
*/
sprintf(tbuf, "%02d", rounds);
sprintf(salt, "$2a$%s$%s$", tbuf, saltpara);
return salt;
}
printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
exit(1);
/* NOT REACHED */
return NULL;
}
char *
make_bf_salt(int rounds, int length)
{
static char salt[31];
char tbuf[3];
if(length > 22)
{
printf("Blowfish salt length too long\n");
exit(0);
}
sprintf(tbuf, "%02d", rounds);
sprintf(salt, "$2a$%s$", tbuf);
generate_random_salt(&salt[7], length);
salt[length + 7] = '$';
salt[length + 8] = '\0';
return salt;
}
char *
generate_poor_salt(char *salt, int length)
{
int i;
srand(time(NULL));
for(i = 0; i < length; i++)
{
salt[i] = saltChars[rand() % 64];
}
return (salt);
}
char *
generate_random_salt(char *salt, int length)
{
char *buf;
int fd, i;
if((fd = open("/dev/random", O_RDONLY)) < 0)
{
return (generate_poor_salt(salt, length));
}
buf = (char *)calloc(1, length);
if(read(fd, buf, length) != length)
{
free(buf);
return (generate_poor_salt(salt, length));
}
for(i = 0; i < length; i++)
{
salt[i] = saltChars[int(abs(buf[i])) % 64];
}
free(buf);
return (salt);
}
void
full_usage()
{
printf("mkpasswd [-m|-b|-x|-y] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
printf("-x Generate a SHA256 password\n");
printf("-y Generate a SHA512 password\n");
printf("-m Generate an MD5 password\n");
printf("-b Generate a Blowfish password\n");
printf("-l Specify a length for a random MD5 or Blowfish salt\n");
printf("-r Specify a number of rounds for a Blowfish password\n");
printf(" Default 4, no more than 6 recommended\n");
printf("-s Specify a salt, up to 16 for MD5, SHA256, and SHA512\n");
printf(" up to 22 for Blowfish\n");
printf("-p Specify a plaintext password to use\n");
printf("Example: mkpasswd -m -s 3dr -p test\n");
exit(0);
}
void
brief_usage()
{
printf("mkpasswd - password hash generator\n");
printf(" SHA512: mkpasswd [-y] [-l saltlength] [-s salt] [-p plaintext]\n");
printf(" SHA256: mkpasswd -x [-l saltlength] [-s salt] [-p plaintext]\n");
printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
printf("Blowfish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
printf(" [-p plaintext]\n");
printf("Use -h for full usage\n");
exit(0);
}

102
tools/smoketest.sh
View file

@ -1,102 +0,0 @@
#!/bin/sh
# Simple test that compiles and runs ircd, verifying that certain aspects of
# PRIVMSG work.
case $# in
1) ;;
*) printf 'Usage: %s tarball\n' "$0" >&2; exit 64 ;;
esac
cr=$(printf '\r')
rc=0 ircdpid= tarball=${1:?}
case $tarball in
/*) ;;
*) tarball=$PWD/$tarball ;;
esac
dir=$(mktemp -d "${TMPDIR:-/tmp}/ircdtest.XXXXXXXXXX") || exit 2
trap '[ -z "$ircdpid" ] || kill $ircdpid; rm -rf "$dir"' 0
cd "$dir" || exit 2
tar xjf "$tarball" || exit 2
srcdir=${tarball##*/}
srcdir=${srcdir%.tbz2}
srcdir=${srcdir%.tgz}
srcdir=${srcdir%.tar.*}
srcdir=${srcdir%.tar}
cd "$srcdir" || exit 2
prefix=$dir/prefix
./configure --prefix="$prefix" >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
make -j2 >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
make install >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
cd "$prefix" || exit 2
servername=smoke$(date +%Y%m%d%H%M%S).test
port=$(date +50%S)
sed -e '/^serverinfo/,/^}/s/name = ".*";/name = "'"$servername"'";/' \
-e '/^listen/,/^}/s/port = .*;/port = '"$port"';/' \
-e '/^blacklist/,/^}/s/^/#/' \
etc/ircd.conf.example >etc/ircd.conf || exit 2
bin/ircd || exit 2
ircdpid=$(cat etc/ircd.pid) || exit 2
cd "$dir" || exit 2
echo "Will use servername $servername port $port, pid is $ircdpid"
{
echo 'USER testu . . :Test user'
echo 'NICK test1'
sleep 1
echo 'JOIN #test'
sleep 2
echo "PRIVMSG #test :channel message via $servername"
echo "PRIVMSG @#test :chanops 1 via $servername"
echo "MODE #test +o test2"
echo "PRIVMSG @#test :chanops 2 via $servername"
sleep 1
echo "QUIT"
} | nc 127.0.0.1 "$port" >out1 &
{
echo 'NICK test2'
echo 'USER testu2 . . :Test user'
sleep 2
echo 'JOIN #test'
echo "PRIVMSG test1 :private message via $servername"
sleep 2
echo "QUIT :Bye"
} | nc 127.0.0.1 "$port" >out2 &
wait
if ! grep -q "^:$servername 001 test1 :" out1; then
echo "FAIL: Missing 001 in out1 or wrong server"
rc=1
fi
if ! grep -q "^:$servername 001 test2 :" out2; then
echo "FAIL: Missing 001 in out2 or wrong server"
rc=1
fi
if ! grep -q "^:test2!.*@.* PRIVMSG test1 :private message via $servername$cr\$" out1; then
echo "FAIL: Missing private message in out1"
rc=1
fi
if ! grep -q "^:test1!.*@.* PRIVMSG #test :channel message via $servername$cr\$" out2; then
echo "FAIL: Missing channel message in out2"
rc=1
fi
if grep -q "chanops 1 via" out2; then
echo "FAIL: Wrong chanops message in out2"
rc=1
fi
if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out1; then
echo "FAIL: Missing mode in out1"
rc=1
fi
if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out2; then
echo "FAIL: Missing mode in out2"
rc=1
fi
if ! grep -q "^:test1!.* PRIVMSG @#test :chanops 2 via $servername$cr\$" out2; then
echo "FAIL: Missing chanops message in out2"
rc=1
fi
if [ "$rc" -ne 0 ] && [ -t 0 ] && [ -t 1 ] && [ -t 2 ]; then
echo 'Starting shell for investigation...'
PS1='ircd-smoketest$ ' sh -i
fi
if [ "$rc" -eq 0 ]; then
echo 'PASS'
fi
exit $rc