diff --git a/Makefile.am b/Makefile.am index ee4840986..6ced499eb 100644 --- a/Makefile.am +++ b/Makefile.am @@ -5,7 +5,6 @@ SUBDIRS = include/ircd SUBDIRS += ircd SUBDIRS += modules SUBDIRS += construct -SUBDIRS += tools SUBDIRS += doc .PHONY: subdirs $(SUBDIRS) diff --git a/configure.ac b/configure.ac index 57b3964ff..5f2a8037b 100644 --- a/configure.ac +++ b/configure.ac @@ -44,7 +44,6 @@ AC_CONFIG_FILES(\ ircd/Makefile \ doc/Makefile \ modules/Makefile \ - tools/Makefile \ ) AM_INIT_AUTOMAKE([subdir-objects]) diff --git a/tools/Makefile.am b/tools/Makefile.am deleted file mode 100644 index 00d35dcd3..000000000 --- a/tools/Makefile.am +++ /dev/null @@ -1,30 +0,0 @@ -AM_CPPFLAGS = \ - -I$(top_srcdir)/include \ - @BOOST_CPPFLAGS@ - -AM_LDFLAGS = \ - @BOOST_LDFLAGS@ \ - -L$(top_srcdir)/ircd - - -#bin_PROGRAMS = charybdis-mkpasswd - -#charybdis_mkpasswd_LDADD = \ -# @BOOST_LIBS@ - -#charybdis_mkpasswd_SOURCES = \ -# mkpasswd.cc - - -#bin_PROGRAMS += charybdis-mkfingerprint - -#charybdis_mkfingerprint_LDADD = \ -# -lircd \ -# @BOOST_LIBS@ - -#charybdis_mkfingerprint_SOURCES = \ -# mkfingerprint.cc - - -mrproper-local: - rm -f genssl diff --git a/tools/README.mkpasswd b/tools/README.mkpasswd deleted file mode 100644 index 2bae860c1..000000000 --- a/tools/README.mkpasswd +++ /dev/null @@ -1,38 +0,0 @@ -mkpasswd.c documentation - -This is documentation for the updated mkpasswd.c included with a number -of ircd, irc services, and non-IRC related programs - -This version of mkpasswd can create Blowfish, MD5, SHA256, and SHA512 crypted -passwords, with either randomly generated or user provided salts. - -Options: --x Generate a SHA256 password --y Generate a SHA512 password --m Generate an MD5 password --b Generate a Blowfish password --l Specify a length for a random MD5 or Blowfish salt --r Specify a number of rounds for a Blowfish password - Default 4, no more than 6 recommended --s Specify a salt, up to 16 for MD5, SHA256, and SHA512 - up to 22 for Blowfish --p Specify a plaintext password to use --? Get brief help --h Get extended help - -Without the presence of any parameters, it'll generate a SHA512 hash with a -randomly generated salt and prompting for the password (without echo). - -An MD5, SHA256, and SHA512 salt consists of up to 16 alphanumeric characters -(plus '.' and '/'), such as 'tGd' or 'J6d4dfG'. - -A Blowfish salt consists of up to 22 alphanumeric characters (plus '.' and -'/'). Blowfish also specifies a number of rounds*, by default 4. - -Blowfish may not always be available, but MD5, SHA256, and SHA512 are -guaranteed to be. - -This program should work anywhere Charybdis does; if you find otherwise, file -a bug. - - * Blowfish's rounds parameter is a logarithm, not an integer value diff --git a/tools/genssl.in b/tools/genssl.in deleted file mode 100755 index fa810e053..000000000 --- a/tools/genssl.in +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh -prefix="@prefix@" -exec_prefix="@exec_prefix@" -sysconfdir="@sysconfdir@" - -echo "Generating private key and CSR... " -openssl req -new -newkey rsa:4096 -nodes -sha512 -out "${sysconfdir}"/ssl.csr -keyout "${sysconfdir}"/ssl.key - -echo "Self-signing certificate..." -openssl x509 -req -sha512 -days 365 -in "${sysconfdir}"/ssl.csr -signkey "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.pem - -echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. " -openssl dhparam -out "${sysconfdir}"/dh.pem 2048 - -# If sysconfdir is relative to prefix, make the path relative. I.e., -# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc, -# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc -> -# relative_sysconfdir=etc -relative_sysconfdir="${sysconfdir#${prefix%/}/}" -relative_sysconfdir="${relative_sysconfdir%/}" - -cat < -#include -#include - -int main(int argc, char *argv[]) -{ - uint8_t certfp[RB_SSL_CERTFP_LEN+1] = { 0 }; - const char *method_str; - const char *filename; - int method; - const char *prefix; - int ret; - int i; - - if (argc != 3) { - printf("mkfingerprint \n"); - printf(" Valid methods: " - CERTFP_NAME_CERT_SHA1 ", " - CERTFP_NAME_CERT_SHA256 ", " - CERTFP_NAME_CERT_SHA512 ", " - CERTFP_NAME_SPKI_SHA256 ", " - CERTFP_NAME_SPKI_SHA512 "\n"); - return 1; - } - - method_str = argv[1]; - filename = argv[2]; - - if (!strcmp(method_str, CERTFP_NAME_CERT_SHA1)) { - method = RB_SSL_CERTFP_METH_CERT_SHA1; - prefix = CERTFP_PREFIX_CERT_SHA1; - } else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA256)) { - method = RB_SSL_CERTFP_METH_CERT_SHA256; - prefix = CERTFP_PREFIX_CERT_SHA256; - } else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA512)) { - method = RB_SSL_CERTFP_METH_CERT_SHA512; - prefix = CERTFP_PREFIX_CERT_SHA512; - } else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA256)) { - method = RB_SSL_CERTFP_METH_SPKI_SHA256; - prefix = CERTFP_PREFIX_SPKI_SHA256; - } else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA512)) { - method = RB_SSL_CERTFP_METH_SPKI_SHA512; - prefix = CERTFP_PREFIX_SPKI_SHA512; - } else { - printf("Unknown method: %s\n", method_str); - return 1; - } - - ret = rb_get_ssl_certfp_file(filename, certfp, method); - if (ret < 0) { - perror(filename); - return 1; - } else if (ret == 0) { - fprintf(stderr, "Unknown error\n"); - return 1; - } - - printf("%s", prefix); - for (i = 0; i < ret; i++) { - printf("%02x", certfp[i]); - } - printf("\n"); - return 0; -} diff --git a/tools/mkpasswd.cc b/tools/mkpasswd.cc deleted file mode 100644 index 71f723e43..000000000 --- a/tools/mkpasswd.cc +++ /dev/null @@ -1,422 +0,0 @@ -/* simple password generator by Nelson Minar (minar@reed.edu) - * copyright 1991, all rights reserved. - * You can use this code as long as my name stays with it. - * - * md5 patch by W. Campbell - * Modernization, getopt, etc for the Hybrid IRCD team - * by W. Campbell - * - * /dev/random for salt generation added by - * Aaron Sethman - */ -#include -#include -#ifndef __MINGW32__ -#include -#endif - -#define FLAG_MD5 0x00000001 -#define FLAG_SALT 0x00000002 -#define FLAG_PASS 0x00000004 -#define FLAG_LENGTH 0x00000008 -#define FLAG_BLOWFISH 0x00000010 -#define FLAG_ROUNDS 0x00000020 -#define FLAG_SHA256 0x00000040 -#define FLAG_SHA512 0x00000080 - - -static char *make_md5_salt(int); -static char *make_md5_salt_para(char *); -static char *make_sha256_salt(int); -static char *make_sha256_salt_para(char *); -static char *make_sha512_salt(int); -static char *make_sha512_salt_para(char *); -static char *make_bf_salt(int, int); -static char *make_bf_salt_para(int, char *); -static char *generate_random_salt(char *, int); -static char *generate_poor_salt(char *, int); - -static void full_usage(void) __attribute__((noreturn)); -static void brief_usage(void) __attribute__((noreturn)); - -static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - /* 0 .. 63, ascii - 64 */ - -#ifdef __MINGW32__ -#include -#ifdef PASS_MAX -#undef PASS_MAX -#endif -#define PASS_MAX 256 -static char getpassbuf[PASS_MAX + 1]; - -static char * -getpass(const char *prompt) -{ - int c; - int i = 0; - - memset(getpassbuf, 0, sizeof(getpassbuf)); - fputs(prompt, stderr); - for(;;) - { - c = _getch(); - if(c == '\r') - { - getpassbuf[i] = '\0'; - break; - } - else if(i < PASS_MAX) - { - getpassbuf[i++] = c; - } - } - fputs("\r\n", stderr); - - return getpassbuf; -} -#endif - - -int -main(int argc, char *argv[]) -{ - char *plaintext = NULL; - int c; - char *saltpara = NULL; - char *salt; - char *hashed; - int flag = 0; - int length = 0; /* Not Set */ - int rounds = 0; /* Not set, since blowfish needs 4 by default, a side effect - * of this being the encryption type parameter must be - * specified before the rounds parameter. - */ - - while((c = getopt(argc, argv, "xymbr:h?l:s:p:")) != -1) - { - switch (c) - { - case 'm': - flag |= FLAG_MD5; - break; - case 'b': - flag |= FLAG_BLOWFISH; - rounds = 4; - break; - case 'l': - flag |= FLAG_LENGTH; - length = atoi(optarg); - break; - case 'r': - flag |= FLAG_ROUNDS; - rounds = atoi(optarg); - break; - case 's': - flag |= FLAG_SALT; - saltpara = optarg; - break; - case 'p': - flag |= FLAG_PASS; - plaintext = optarg; - break; - case 'x': - flag |= FLAG_SHA256; - break; - case 'y': - flag |= FLAG_SHA512; - break; - case 'h': - full_usage(); - /* NOT REACHED */ - break; - case '?': - brief_usage(); - /* NOT REACHED */ - break; - default: - printf("Invalid Option: -%c\n", c); - break; - } - } - - if(flag & FLAG_MD5) - { - if(length == 0) - length = 8; - if(flag & FLAG_SALT) - salt = make_md5_salt_para(saltpara); - else - salt = make_md5_salt(length); - } - else if(flag & FLAG_BLOWFISH) - { - if(length == 0) - length = 22; - if(flag & FLAG_SALT) - salt = make_bf_salt_para(rounds, saltpara); - else - salt = make_bf_salt(rounds, length); - } - else if(flag & FLAG_SHA256) - { - if(length == 0) - length = 16; - if(flag & FLAG_SALT) - salt = make_sha256_salt_para(saltpara); - else - salt = make_sha256_salt(length); - } - else - { - if(length == 0) - length = 16; - if(flag & FLAG_SALT) - salt = make_sha512_salt_para(saltpara); - else - salt = make_sha512_salt(length); - } - - if(flag & FLAG_PASS) - { - if(!plaintext) - { - fprintf(stderr, "Please enter a valid password\n"); - return 1; - } - - hashed = rb_crypt(plaintext, salt); - } - else - { - hashed = strdup(rb_crypt(getpass("plaintext: "), salt)); - plaintext = getpass("again: "); - - if (strcmp(rb_crypt(plaintext, salt), hashed) != 0) - { - fprintf(stderr, "Passwords do not match\n"); - return 1; - } - } - - printf("%s\n", hashed); - return 0; -} - -char * -make_md5_salt_para(char *saltpara) -{ - static char salt[21]; - if(saltpara && (strlen(saltpara) <= 16)) - { - /* sprintf used because of portability requirements, the length - ** is checked above, so it should not be too much of a concern - */ - sprintf(salt, "$1$%s$", saltpara); - return salt; - } - printf("Invalid Salt, please use up to 16 random alphanumeric characters\n"); - exit(1); - - /* NOT REACHED */ - return NULL; -} - -char * -make_md5_salt(int length) -{ - static char salt[21]; - if(length > 16) - { - printf("MD5 salt length too long\n"); - exit(0); - } - salt[0] = '$'; - salt[1] = '1'; - salt[2] = '$'; - generate_random_salt(&salt[3], length); - salt[length + 3] = '$'; - salt[length + 4] = '\0'; - return salt; -} - -char * -make_sha256_salt_para(char *saltpara) -{ - static char salt[21]; - if(saltpara && (strlen(saltpara) <= 16)) - { - /* sprintf used because of portability requirements, the length - ** is checked above, so it should not be too much of a concern - */ - sprintf(salt, "$5$%s$", saltpara); - return salt; - } - printf("Invalid Salt, please use up to 16 random alphanumeric characters\n"); - exit(1); - - /* NOT REACHED */ - return NULL; -} - -char * -make_sha512_salt_para(char *saltpara) -{ - static char salt[21]; - if(saltpara && (strlen(saltpara) <= 16)) - { - /* sprintf used because of portability requirements, the length - ** is checked above, so it should not be too much of a concern - */ - sprintf(salt, "$6$%s$", saltpara); - return salt; - } - printf("Invalid Salt, please use up to 16 random alphanumeric characters\n"); - exit(1); - - /* NOT REACHED */ - return NULL; -} - - -char * -make_sha256_salt(int length) -{ - static char salt[21]; - if(length > 16) - { - printf("SHA256 salt length too long\n"); - exit(0); - } - salt[0] = '$'; - salt[1] = '5'; - salt[2] = '$'; - generate_random_salt(&salt[3], length); - salt[length + 3] = '$'; - salt[length + 4] = '\0'; - return salt; -} - -char * -make_sha512_salt(int length) -{ - static char salt[21]; - if(length > 16) - { - printf("SHA512 salt length too long\n"); - exit(0); - } - salt[0] = '$'; - salt[1] = '6'; - salt[2] = '$'; - generate_random_salt(&salt[3], length); - salt[length + 3] = '$'; - salt[length + 4] = '\0'; - return salt; -} - -char * -make_bf_salt_para(int rounds, char *saltpara) -{ - static char salt[31]; - char tbuf[3]; - if(saltpara && (strlen(saltpara) <= 22)) - { - /* sprintf used because of portability requirements, the length - ** is checked above, so it should not be too much of a concern - */ - sprintf(tbuf, "%02d", rounds); - sprintf(salt, "$2a$%s$%s$", tbuf, saltpara); - return salt; - } - printf("Invalid Salt, please use up to 22 random alphanumeric characters\n"); - exit(1); - - /* NOT REACHED */ - return NULL; -} - -char * -make_bf_salt(int rounds, int length) -{ - static char salt[31]; - char tbuf[3]; - if(length > 22) - { - printf("Blowfish salt length too long\n"); - exit(0); - } - sprintf(tbuf, "%02d", rounds); - sprintf(salt, "$2a$%s$", tbuf); - generate_random_salt(&salt[7], length); - salt[length + 7] = '$'; - salt[length + 8] = '\0'; - return salt; -} - -char * -generate_poor_salt(char *salt, int length) -{ - int i; - srand(time(NULL)); - for(i = 0; i < length; i++) - { - salt[i] = saltChars[rand() % 64]; - } - return (salt); -} - -char * -generate_random_salt(char *salt, int length) -{ - char *buf; - int fd, i; - if((fd = open("/dev/random", O_RDONLY)) < 0) - { - return (generate_poor_salt(salt, length)); - } - buf = (char *)calloc(1, length); - if(read(fd, buf, length) != length) - { - free(buf); - return (generate_poor_salt(salt, length)); - } - - for(i = 0; i < length; i++) - { - salt[i] = saltChars[int(abs(buf[i])) % 64]; - } - free(buf); - return (salt); -} - -void -full_usage() -{ - printf("mkpasswd [-m|-b|-x|-y] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n"); - printf("-x Generate a SHA256 password\n"); - printf("-y Generate a SHA512 password\n"); - printf("-m Generate an MD5 password\n"); - printf("-b Generate a Blowfish password\n"); - printf("-l Specify a length for a random MD5 or Blowfish salt\n"); - printf("-r Specify a number of rounds for a Blowfish password\n"); - printf(" Default 4, no more than 6 recommended\n"); - printf("-s Specify a salt, up to 16 for MD5, SHA256, and SHA512\n"); - printf(" up to 22 for Blowfish\n"); - printf("-p Specify a plaintext password to use\n"); - printf("Example: mkpasswd -m -s 3dr -p test\n"); - exit(0); -} - -void -brief_usage() -{ - printf("mkpasswd - password hash generator\n"); - printf(" SHA512: mkpasswd [-y] [-l saltlength] [-s salt] [-p plaintext]\n"); - printf(" SHA256: mkpasswd -x [-l saltlength] [-s salt] [-p plaintext]\n"); - printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n"); - printf("Blowfish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n"); - printf(" [-p plaintext]\n"); - printf("Use -h for full usage\n"); - exit(0); -} diff --git a/tools/smoketest.sh b/tools/smoketest.sh deleted file mode 100755 index f57b71d00..000000000 --- a/tools/smoketest.sh +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/sh -# Simple test that compiles and runs ircd, verifying that certain aspects of -# PRIVMSG work. - -case $# in -1) ;; -*) printf 'Usage: %s tarball\n' "$0" >&2; exit 64 ;; -esac -cr=$(printf '\r') -rc=0 ircdpid= tarball=${1:?} -case $tarball in -/*) ;; -*) tarball=$PWD/$tarball ;; -esac -dir=$(mktemp -d "${TMPDIR:-/tmp}/ircdtest.XXXXXXXXXX") || exit 2 -trap '[ -z "$ircdpid" ] || kill $ircdpid; rm -rf "$dir"' 0 -cd "$dir" || exit 2 -tar xjf "$tarball" || exit 2 -srcdir=${tarball##*/} -srcdir=${srcdir%.tbz2} -srcdir=${srcdir%.tgz} -srcdir=${srcdir%.tar.*} -srcdir=${srcdir%.tar} -cd "$srcdir" || exit 2 -prefix=$dir/prefix -./configure --prefix="$prefix" >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; } -make -j2 >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; } -make install >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; } -cd "$prefix" || exit 2 -servername=smoke$(date +%Y%m%d%H%M%S).test -port=$(date +50%S) -sed -e '/^serverinfo/,/^}/s/name = ".*";/name = "'"$servername"'";/' \ - -e '/^listen/,/^}/s/port = .*;/port = '"$port"';/' \ - -e '/^blacklist/,/^}/s/^/#/' \ - etc/ircd.conf.example >etc/ircd.conf || exit 2 -bin/ircd || exit 2 -ircdpid=$(cat etc/ircd.pid) || exit 2 -cd "$dir" || exit 2 -echo "Will use servername $servername port $port, pid is $ircdpid" -{ - echo 'USER testu . . :Test user' - echo 'NICK test1' - sleep 1 - echo 'JOIN #test' - sleep 2 - echo "PRIVMSG #test :channel message via $servername" - echo "PRIVMSG @#test :chanops 1 via $servername" - echo "MODE #test +o test2" - echo "PRIVMSG @#test :chanops 2 via $servername" - sleep 1 - echo "QUIT" -} | nc 127.0.0.1 "$port" >out1 & -{ - echo 'NICK test2' - echo 'USER testu2 . . :Test user' - sleep 2 - echo 'JOIN #test' - echo "PRIVMSG test1 :private message via $servername" - sleep 2 - echo "QUIT :Bye" -} | nc 127.0.0.1 "$port" >out2 & -wait -if ! grep -q "^:$servername 001 test1 :" out1; then - echo "FAIL: Missing 001 in out1 or wrong server" - rc=1 -fi -if ! grep -q "^:$servername 001 test2 :" out2; then - echo "FAIL: Missing 001 in out2 or wrong server" - rc=1 -fi -if ! grep -q "^:test2!.*@.* PRIVMSG test1 :private message via $servername$cr\$" out1; then - echo "FAIL: Missing private message in out1" - rc=1 -fi -if ! grep -q "^:test1!.*@.* PRIVMSG #test :channel message via $servername$cr\$" out2; then - echo "FAIL: Missing channel message in out2" - rc=1 -fi -if grep -q "chanops 1 via" out2; then - echo "FAIL: Wrong chanops message in out2" - rc=1 -fi -if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out1; then - echo "FAIL: Missing mode in out1" - rc=1 -fi -if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out2; then - echo "FAIL: Missing mode in out2" - rc=1 -fi -if ! grep -q "^:test1!.* PRIVMSG @#test :chanops 2 via $servername$cr\$" out2; then - echo "FAIL: Missing chanops message in out2" - rc=1 -fi -if [ "$rc" -ne 0 ] && [ -t 0 ] && [ -t 1 ] && [ -t 2 ]; then - echo 'Starting shell for investigation...' - PS1='ircd-smoketest$ ' sh -i -fi -if [ "$rc" -eq 0 ]; then - echo 'PASS' -fi -exit $rc