mirror of
https://github.com/matrix-construct/construct
synced 2024-12-26 23:44:01 +01:00
tools: Remove old tools.
This commit is contained in:
parent
7f43da8a07
commit
755cfbffb0
8 changed files with 0 additions and 714 deletions
|
@ -5,7 +5,6 @@ SUBDIRS = include/ircd
|
||||||
SUBDIRS += ircd
|
SUBDIRS += ircd
|
||||||
SUBDIRS += modules
|
SUBDIRS += modules
|
||||||
SUBDIRS += construct
|
SUBDIRS += construct
|
||||||
SUBDIRS += tools
|
|
||||||
SUBDIRS += doc
|
SUBDIRS += doc
|
||||||
|
|
||||||
.PHONY: subdirs $(SUBDIRS)
|
.PHONY: subdirs $(SUBDIRS)
|
||||||
|
|
|
@ -44,7 +44,6 @@ AC_CONFIG_FILES(\
|
||||||
ircd/Makefile \
|
ircd/Makefile \
|
||||||
doc/Makefile \
|
doc/Makefile \
|
||||||
modules/Makefile \
|
modules/Makefile \
|
||||||
tools/Makefile \
|
|
||||||
)
|
)
|
||||||
|
|
||||||
AM_INIT_AUTOMAKE([subdir-objects])
|
AM_INIT_AUTOMAKE([subdir-objects])
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
AM_CPPFLAGS = \
|
|
||||||
-I$(top_srcdir)/include \
|
|
||||||
@BOOST_CPPFLAGS@
|
|
||||||
|
|
||||||
AM_LDFLAGS = \
|
|
||||||
@BOOST_LDFLAGS@ \
|
|
||||||
-L$(top_srcdir)/ircd
|
|
||||||
|
|
||||||
|
|
||||||
#bin_PROGRAMS = charybdis-mkpasswd
|
|
||||||
|
|
||||||
#charybdis_mkpasswd_LDADD = \
|
|
||||||
# @BOOST_LIBS@
|
|
||||||
|
|
||||||
#charybdis_mkpasswd_SOURCES = \
|
|
||||||
# mkpasswd.cc
|
|
||||||
|
|
||||||
|
|
||||||
#bin_PROGRAMS += charybdis-mkfingerprint
|
|
||||||
|
|
||||||
#charybdis_mkfingerprint_LDADD = \
|
|
||||||
# -lircd \
|
|
||||||
# @BOOST_LIBS@
|
|
||||||
|
|
||||||
#charybdis_mkfingerprint_SOURCES = \
|
|
||||||
# mkfingerprint.cc
|
|
||||||
|
|
||||||
|
|
||||||
mrproper-local:
|
|
||||||
rm -f genssl
|
|
|
@ -1,38 +0,0 @@
|
||||||
mkpasswd.c documentation
|
|
||||||
|
|
||||||
This is documentation for the updated mkpasswd.c included with a number
|
|
||||||
of ircd, irc services, and non-IRC related programs
|
|
||||||
|
|
||||||
This version of mkpasswd can create Blowfish, MD5, SHA256, and SHA512 crypted
|
|
||||||
passwords, with either randomly generated or user provided salts.
|
|
||||||
|
|
||||||
Options:
|
|
||||||
-x Generate a SHA256 password
|
|
||||||
-y Generate a SHA512 password
|
|
||||||
-m Generate an MD5 password
|
|
||||||
-b Generate a Blowfish password
|
|
||||||
-l Specify a length for a random MD5 or Blowfish salt
|
|
||||||
-r Specify a number of rounds for a Blowfish password
|
|
||||||
Default 4, no more than 6 recommended
|
|
||||||
-s Specify a salt, up to 16 for MD5, SHA256, and SHA512
|
|
||||||
up to 22 for Blowfish
|
|
||||||
-p Specify a plaintext password to use
|
|
||||||
-? Get brief help
|
|
||||||
-h Get extended help
|
|
||||||
|
|
||||||
Without the presence of any parameters, it'll generate a SHA512 hash with a
|
|
||||||
randomly generated salt and prompting for the password (without echo).
|
|
||||||
|
|
||||||
An MD5, SHA256, and SHA512 salt consists of up to 16 alphanumeric characters
|
|
||||||
(plus '.' and '/'), such as 'tGd' or 'J6d4dfG'.
|
|
||||||
|
|
||||||
A Blowfish salt consists of up to 22 alphanumeric characters (plus '.' and
|
|
||||||
'/'). Blowfish also specifies a number of rounds*, by default 4.
|
|
||||||
|
|
||||||
Blowfish may not always be available, but MD5, SHA256, and SHA512 are
|
|
||||||
guaranteed to be.
|
|
||||||
|
|
||||||
This program should work anywhere Charybdis does; if you find otherwise, file
|
|
||||||
a bug.
|
|
||||||
|
|
||||||
* Blowfish's rounds parameter is a logarithm, not an integer value
|
|
|
@ -1,37 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
prefix="@prefix@"
|
|
||||||
exec_prefix="@exec_prefix@"
|
|
||||||
sysconfdir="@sysconfdir@"
|
|
||||||
|
|
||||||
echo "Generating private key and CSR... "
|
|
||||||
openssl req -new -newkey rsa:4096 -nodes -sha512 -out "${sysconfdir}"/ssl.csr -keyout "${sysconfdir}"/ssl.key
|
|
||||||
|
|
||||||
echo "Self-signing certificate..."
|
|
||||||
openssl x509 -req -sha512 -days 365 -in "${sysconfdir}"/ssl.csr -signkey "${sysconfdir}"/ssl.key -out "${sysconfdir}"/ssl.pem
|
|
||||||
|
|
||||||
echo "Generating Diffie-Hellman file for secure SSL/TLS negotiation .. "
|
|
||||||
openssl dhparam -out "${sysconfdir}"/dh.pem 2048
|
|
||||||
|
|
||||||
# If sysconfdir is relative to prefix, make the path relative. I.e.,
|
|
||||||
# prefix=/usr and sysconfdir=/etc -> relative_sysconfdir=/etc,
|
|
||||||
# prefix=/home/binki/chary and sysconfdir=/home/binki/chary/etc ->
|
|
||||||
# relative_sysconfdir=etc
|
|
||||||
relative_sysconfdir="${sysconfdir#${prefix%/}/}"
|
|
||||||
relative_sysconfdir="${relative_sysconfdir%/}"
|
|
||||||
|
|
||||||
cat <<EOF
|
|
||||||
|
|
||||||
|
|
||||||
Now change these lines in the IRCd config file:
|
|
||||||
|
|
||||||
ssl_private_key = "${relative_sysconfdir}/ssl.key";
|
|
||||||
ssl_cert = "${relative_sysconfdir}/ssl.pem";
|
|
||||||
ssl_dh_params = "${relative_sysconfdir}/dh.pem";
|
|
||||||
|
|
||||||
If you want to get your certificate signed by a certificate authority,
|
|
||||||
submit the ssl.csr file to your CA, then replace ssl.pem with the
|
|
||||||
certificate returned to you. You may need to include your CA's
|
|
||||||
intermediate certificates in signing order.
|
|
||||||
|
|
||||||
Enjoy using ssl.
|
|
||||||
EOF
|
|
|
@ -1,83 +0,0 @@
|
||||||
/*
|
|
||||||
* mkfingerprint.c: Create certificate fingerprints using librb
|
|
||||||
* Copyright 2016 simon Arlott
|
|
||||||
*
|
|
||||||
* This program is free software; you can redistribute it and/or modify
|
|
||||||
* it under the terms of the GNU General Public License as published by
|
|
||||||
* the Free Software Foundation; either version 2 of the License, or
|
|
||||||
* (at your option) any later version.
|
|
||||||
*
|
|
||||||
* This program is distributed in the hope that it will be useful,
|
|
||||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
||||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
||||||
* GNU General Public License for more details.
|
|
||||||
*
|
|
||||||
* You should have received a copy of the GNU General Public License
|
|
||||||
* along with this program; if not, write to the Free Software
|
|
||||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
|
|
||||||
* USA
|
|
||||||
*/
|
|
||||||
#include <rb/rb.h>
|
|
||||||
#include <rb/ssl.h>
|
|
||||||
#include <ircd/certfp.h>
|
|
||||||
|
|
||||||
int main(int argc, char *argv[])
|
|
||||||
{
|
|
||||||
uint8_t certfp[RB_SSL_CERTFP_LEN+1] = { 0 };
|
|
||||||
const char *method_str;
|
|
||||||
const char *filename;
|
|
||||||
int method;
|
|
||||||
const char *prefix;
|
|
||||||
int ret;
|
|
||||||
int i;
|
|
||||||
|
|
||||||
if (argc != 3) {
|
|
||||||
printf("mkfingerprint <method> <filename>\n");
|
|
||||||
printf(" Valid methods: "
|
|
||||||
CERTFP_NAME_CERT_SHA1 ", "
|
|
||||||
CERTFP_NAME_CERT_SHA256 ", "
|
|
||||||
CERTFP_NAME_CERT_SHA512 ", "
|
|
||||||
CERTFP_NAME_SPKI_SHA256 ", "
|
|
||||||
CERTFP_NAME_SPKI_SHA512 "\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
method_str = argv[1];
|
|
||||||
filename = argv[2];
|
|
||||||
|
|
||||||
if (!strcmp(method_str, CERTFP_NAME_CERT_SHA1)) {
|
|
||||||
method = RB_SSL_CERTFP_METH_CERT_SHA1;
|
|
||||||
prefix = CERTFP_PREFIX_CERT_SHA1;
|
|
||||||
} else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA256)) {
|
|
||||||
method = RB_SSL_CERTFP_METH_CERT_SHA256;
|
|
||||||
prefix = CERTFP_PREFIX_CERT_SHA256;
|
|
||||||
} else if (!strcmp(method_str, CERTFP_NAME_CERT_SHA512)) {
|
|
||||||
method = RB_SSL_CERTFP_METH_CERT_SHA512;
|
|
||||||
prefix = CERTFP_PREFIX_CERT_SHA512;
|
|
||||||
} else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA256)) {
|
|
||||||
method = RB_SSL_CERTFP_METH_SPKI_SHA256;
|
|
||||||
prefix = CERTFP_PREFIX_SPKI_SHA256;
|
|
||||||
} else if (!strcmp(method_str, CERTFP_NAME_SPKI_SHA512)) {
|
|
||||||
method = RB_SSL_CERTFP_METH_SPKI_SHA512;
|
|
||||||
prefix = CERTFP_PREFIX_SPKI_SHA512;
|
|
||||||
} else {
|
|
||||||
printf("Unknown method: %s\n", method_str);
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
ret = rb_get_ssl_certfp_file(filename, certfp, method);
|
|
||||||
if (ret < 0) {
|
|
||||||
perror(filename);
|
|
||||||
return 1;
|
|
||||||
} else if (ret == 0) {
|
|
||||||
fprintf(stderr, "Unknown error\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
printf("%s", prefix);
|
|
||||||
for (i = 0; i < ret; i++) {
|
|
||||||
printf("%02x", certfp[i]);
|
|
||||||
}
|
|
||||||
printf("\n");
|
|
||||||
return 0;
|
|
||||||
}
|
|
|
@ -1,422 +0,0 @@
|
||||||
/* simple password generator by Nelson Minar (minar@reed.edu)
|
|
||||||
* copyright 1991, all rights reserved.
|
|
||||||
* You can use this code as long as my name stays with it.
|
|
||||||
*
|
|
||||||
* md5 patch by W. Campbell <wcampbel@botbay.net>
|
|
||||||
* Modernization, getopt, etc for the Hybrid IRCD team
|
|
||||||
* by W. Campbell
|
|
||||||
*
|
|
||||||
* /dev/random for salt generation added by
|
|
||||||
* Aaron Sethman <androsyn@ratbox.org>
|
|
||||||
*/
|
|
||||||
#include <rb/rb.h>
|
|
||||||
#include <rb/ssl.h>
|
|
||||||
#ifndef __MINGW32__
|
|
||||||
#include <pwd.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define FLAG_MD5 0x00000001
|
|
||||||
#define FLAG_SALT 0x00000002
|
|
||||||
#define FLAG_PASS 0x00000004
|
|
||||||
#define FLAG_LENGTH 0x00000008
|
|
||||||
#define FLAG_BLOWFISH 0x00000010
|
|
||||||
#define FLAG_ROUNDS 0x00000020
|
|
||||||
#define FLAG_SHA256 0x00000040
|
|
||||||
#define FLAG_SHA512 0x00000080
|
|
||||||
|
|
||||||
|
|
||||||
static char *make_md5_salt(int);
|
|
||||||
static char *make_md5_salt_para(char *);
|
|
||||||
static char *make_sha256_salt(int);
|
|
||||||
static char *make_sha256_salt_para(char *);
|
|
||||||
static char *make_sha512_salt(int);
|
|
||||||
static char *make_sha512_salt_para(char *);
|
|
||||||
static char *make_bf_salt(int, int);
|
|
||||||
static char *make_bf_salt_para(int, char *);
|
|
||||||
static char *generate_random_salt(char *, int);
|
|
||||||
static char *generate_poor_salt(char *, int);
|
|
||||||
|
|
||||||
static void full_usage(void) __attribute__((noreturn));
|
|
||||||
static void brief_usage(void) __attribute__((noreturn));
|
|
||||||
|
|
||||||
static char saltChars[] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
|
||||||
/* 0 .. 63, ascii - 64 */
|
|
||||||
|
|
||||||
#ifdef __MINGW32__
|
|
||||||
#include <conio.h>
|
|
||||||
#ifdef PASS_MAX
|
|
||||||
#undef PASS_MAX
|
|
||||||
#endif
|
|
||||||
#define PASS_MAX 256
|
|
||||||
static char getpassbuf[PASS_MAX + 1];
|
|
||||||
|
|
||||||
static char *
|
|
||||||
getpass(const char *prompt)
|
|
||||||
{
|
|
||||||
int c;
|
|
||||||
int i = 0;
|
|
||||||
|
|
||||||
memset(getpassbuf, 0, sizeof(getpassbuf));
|
|
||||||
fputs(prompt, stderr);
|
|
||||||
for(;;)
|
|
||||||
{
|
|
||||||
c = _getch();
|
|
||||||
if(c == '\r')
|
|
||||||
{
|
|
||||||
getpassbuf[i] = '\0';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
else if(i < PASS_MAX)
|
|
||||||
{
|
|
||||||
getpassbuf[i++] = c;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
fputs("\r\n", stderr);
|
|
||||||
|
|
||||||
return getpassbuf;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
int
|
|
||||||
main(int argc, char *argv[])
|
|
||||||
{
|
|
||||||
char *plaintext = NULL;
|
|
||||||
int c;
|
|
||||||
char *saltpara = NULL;
|
|
||||||
char *salt;
|
|
||||||
char *hashed;
|
|
||||||
int flag = 0;
|
|
||||||
int length = 0; /* Not Set */
|
|
||||||
int rounds = 0; /* Not set, since blowfish needs 4 by default, a side effect
|
|
||||||
* of this being the encryption type parameter must be
|
|
||||||
* specified before the rounds parameter.
|
|
||||||
*/
|
|
||||||
|
|
||||||
while((c = getopt(argc, argv, "xymbr:h?l:s:p:")) != -1)
|
|
||||||
{
|
|
||||||
switch (c)
|
|
||||||
{
|
|
||||||
case 'm':
|
|
||||||
flag |= FLAG_MD5;
|
|
||||||
break;
|
|
||||||
case 'b':
|
|
||||||
flag |= FLAG_BLOWFISH;
|
|
||||||
rounds = 4;
|
|
||||||
break;
|
|
||||||
case 'l':
|
|
||||||
flag |= FLAG_LENGTH;
|
|
||||||
length = atoi(optarg);
|
|
||||||
break;
|
|
||||||
case 'r':
|
|
||||||
flag |= FLAG_ROUNDS;
|
|
||||||
rounds = atoi(optarg);
|
|
||||||
break;
|
|
||||||
case 's':
|
|
||||||
flag |= FLAG_SALT;
|
|
||||||
saltpara = optarg;
|
|
||||||
break;
|
|
||||||
case 'p':
|
|
||||||
flag |= FLAG_PASS;
|
|
||||||
plaintext = optarg;
|
|
||||||
break;
|
|
||||||
case 'x':
|
|
||||||
flag |= FLAG_SHA256;
|
|
||||||
break;
|
|
||||||
case 'y':
|
|
||||||
flag |= FLAG_SHA512;
|
|
||||||
break;
|
|
||||||
case 'h':
|
|
||||||
full_usage();
|
|
||||||
/* NOT REACHED */
|
|
||||||
break;
|
|
||||||
case '?':
|
|
||||||
brief_usage();
|
|
||||||
/* NOT REACHED */
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
printf("Invalid Option: -%c\n", c);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if(flag & FLAG_MD5)
|
|
||||||
{
|
|
||||||
if(length == 0)
|
|
||||||
length = 8;
|
|
||||||
if(flag & FLAG_SALT)
|
|
||||||
salt = make_md5_salt_para(saltpara);
|
|
||||||
else
|
|
||||||
salt = make_md5_salt(length);
|
|
||||||
}
|
|
||||||
else if(flag & FLAG_BLOWFISH)
|
|
||||||
{
|
|
||||||
if(length == 0)
|
|
||||||
length = 22;
|
|
||||||
if(flag & FLAG_SALT)
|
|
||||||
salt = make_bf_salt_para(rounds, saltpara);
|
|
||||||
else
|
|
||||||
salt = make_bf_salt(rounds, length);
|
|
||||||
}
|
|
||||||
else if(flag & FLAG_SHA256)
|
|
||||||
{
|
|
||||||
if(length == 0)
|
|
||||||
length = 16;
|
|
||||||
if(flag & FLAG_SALT)
|
|
||||||
salt = make_sha256_salt_para(saltpara);
|
|
||||||
else
|
|
||||||
salt = make_sha256_salt(length);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
if(length == 0)
|
|
||||||
length = 16;
|
|
||||||
if(flag & FLAG_SALT)
|
|
||||||
salt = make_sha512_salt_para(saltpara);
|
|
||||||
else
|
|
||||||
salt = make_sha512_salt(length);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(flag & FLAG_PASS)
|
|
||||||
{
|
|
||||||
if(!plaintext)
|
|
||||||
{
|
|
||||||
fprintf(stderr, "Please enter a valid password\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
hashed = rb_crypt(plaintext, salt);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
hashed = strdup(rb_crypt(getpass("plaintext: "), salt));
|
|
||||||
plaintext = getpass("again: ");
|
|
||||||
|
|
||||||
if (strcmp(rb_crypt(plaintext, salt), hashed) != 0)
|
|
||||||
{
|
|
||||||
fprintf(stderr, "Passwords do not match\n");
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
printf("%s\n", hashed);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_md5_salt_para(char *saltpara)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(saltpara && (strlen(saltpara) <= 16))
|
|
||||||
{
|
|
||||||
/* sprintf used because of portability requirements, the length
|
|
||||||
** is checked above, so it should not be too much of a concern
|
|
||||||
*/
|
|
||||||
sprintf(salt, "$1$%s$", saltpara);
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
|
|
||||||
exit(1);
|
|
||||||
|
|
||||||
/* NOT REACHED */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_md5_salt(int length)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(length > 16)
|
|
||||||
{
|
|
||||||
printf("MD5 salt length too long\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
||||||
salt[0] = '$';
|
|
||||||
salt[1] = '1';
|
|
||||||
salt[2] = '$';
|
|
||||||
generate_random_salt(&salt[3], length);
|
|
||||||
salt[length + 3] = '$';
|
|
||||||
salt[length + 4] = '\0';
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_sha256_salt_para(char *saltpara)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(saltpara && (strlen(saltpara) <= 16))
|
|
||||||
{
|
|
||||||
/* sprintf used because of portability requirements, the length
|
|
||||||
** is checked above, so it should not be too much of a concern
|
|
||||||
*/
|
|
||||||
sprintf(salt, "$5$%s$", saltpara);
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
|
|
||||||
exit(1);
|
|
||||||
|
|
||||||
/* NOT REACHED */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_sha512_salt_para(char *saltpara)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(saltpara && (strlen(saltpara) <= 16))
|
|
||||||
{
|
|
||||||
/* sprintf used because of portability requirements, the length
|
|
||||||
** is checked above, so it should not be too much of a concern
|
|
||||||
*/
|
|
||||||
sprintf(salt, "$6$%s$", saltpara);
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
printf("Invalid Salt, please use up to 16 random alphanumeric characters\n");
|
|
||||||
exit(1);
|
|
||||||
|
|
||||||
/* NOT REACHED */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_sha256_salt(int length)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(length > 16)
|
|
||||||
{
|
|
||||||
printf("SHA256 salt length too long\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
||||||
salt[0] = '$';
|
|
||||||
salt[1] = '5';
|
|
||||||
salt[2] = '$';
|
|
||||||
generate_random_salt(&salt[3], length);
|
|
||||||
salt[length + 3] = '$';
|
|
||||||
salt[length + 4] = '\0';
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_sha512_salt(int length)
|
|
||||||
{
|
|
||||||
static char salt[21];
|
|
||||||
if(length > 16)
|
|
||||||
{
|
|
||||||
printf("SHA512 salt length too long\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
||||||
salt[0] = '$';
|
|
||||||
salt[1] = '6';
|
|
||||||
salt[2] = '$';
|
|
||||||
generate_random_salt(&salt[3], length);
|
|
||||||
salt[length + 3] = '$';
|
|
||||||
salt[length + 4] = '\0';
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_bf_salt_para(int rounds, char *saltpara)
|
|
||||||
{
|
|
||||||
static char salt[31];
|
|
||||||
char tbuf[3];
|
|
||||||
if(saltpara && (strlen(saltpara) <= 22))
|
|
||||||
{
|
|
||||||
/* sprintf used because of portability requirements, the length
|
|
||||||
** is checked above, so it should not be too much of a concern
|
|
||||||
*/
|
|
||||||
sprintf(tbuf, "%02d", rounds);
|
|
||||||
sprintf(salt, "$2a$%s$%s$", tbuf, saltpara);
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
printf("Invalid Salt, please use up to 22 random alphanumeric characters\n");
|
|
||||||
exit(1);
|
|
||||||
|
|
||||||
/* NOT REACHED */
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
make_bf_salt(int rounds, int length)
|
|
||||||
{
|
|
||||||
static char salt[31];
|
|
||||||
char tbuf[3];
|
|
||||||
if(length > 22)
|
|
||||||
{
|
|
||||||
printf("Blowfish salt length too long\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
||||||
sprintf(tbuf, "%02d", rounds);
|
|
||||||
sprintf(salt, "$2a$%s$", tbuf);
|
|
||||||
generate_random_salt(&salt[7], length);
|
|
||||||
salt[length + 7] = '$';
|
|
||||||
salt[length + 8] = '\0';
|
|
||||||
return salt;
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
generate_poor_salt(char *salt, int length)
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
srand(time(NULL));
|
|
||||||
for(i = 0; i < length; i++)
|
|
||||||
{
|
|
||||||
salt[i] = saltChars[rand() % 64];
|
|
||||||
}
|
|
||||||
return (salt);
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
generate_random_salt(char *salt, int length)
|
|
||||||
{
|
|
||||||
char *buf;
|
|
||||||
int fd, i;
|
|
||||||
if((fd = open("/dev/random", O_RDONLY)) < 0)
|
|
||||||
{
|
|
||||||
return (generate_poor_salt(salt, length));
|
|
||||||
}
|
|
||||||
buf = (char *)calloc(1, length);
|
|
||||||
if(read(fd, buf, length) != length)
|
|
||||||
{
|
|
||||||
free(buf);
|
|
||||||
return (generate_poor_salt(salt, length));
|
|
||||||
}
|
|
||||||
|
|
||||||
for(i = 0; i < length; i++)
|
|
||||||
{
|
|
||||||
salt[i] = saltChars[int(abs(buf[i])) % 64];
|
|
||||||
}
|
|
||||||
free(buf);
|
|
||||||
return (salt);
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
full_usage()
|
|
||||||
{
|
|
||||||
printf("mkpasswd [-m|-b|-x|-y] [-l saltlength] [-r rounds] [-s salt] [-p plaintext]\n");
|
|
||||||
printf("-x Generate a SHA256 password\n");
|
|
||||||
printf("-y Generate a SHA512 password\n");
|
|
||||||
printf("-m Generate an MD5 password\n");
|
|
||||||
printf("-b Generate a Blowfish password\n");
|
|
||||||
printf("-l Specify a length for a random MD5 or Blowfish salt\n");
|
|
||||||
printf("-r Specify a number of rounds for a Blowfish password\n");
|
|
||||||
printf(" Default 4, no more than 6 recommended\n");
|
|
||||||
printf("-s Specify a salt, up to 16 for MD5, SHA256, and SHA512\n");
|
|
||||||
printf(" up to 22 for Blowfish\n");
|
|
||||||
printf("-p Specify a plaintext password to use\n");
|
|
||||||
printf("Example: mkpasswd -m -s 3dr -p test\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
||||||
|
|
||||||
void
|
|
||||||
brief_usage()
|
|
||||||
{
|
|
||||||
printf("mkpasswd - password hash generator\n");
|
|
||||||
printf(" SHA512: mkpasswd [-y] [-l saltlength] [-s salt] [-p plaintext]\n");
|
|
||||||
printf(" SHA256: mkpasswd -x [-l saltlength] [-s salt] [-p plaintext]\n");
|
|
||||||
printf(" MD5: mkpasswd -m [-l saltlength] [-s salt] [-p plaintext]\n");
|
|
||||||
printf("Blowfish: mkpasswd -b [-r rounds] [-l saltlength] [-s salt]\n");
|
|
||||||
printf(" [-p plaintext]\n");
|
|
||||||
printf("Use -h for full usage\n");
|
|
||||||
exit(0);
|
|
||||||
}
|
|
|
@ -1,102 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
# Simple test that compiles and runs ircd, verifying that certain aspects of
|
|
||||||
# PRIVMSG work.
|
|
||||||
|
|
||||||
case $# in
|
|
||||||
1) ;;
|
|
||||||
*) printf 'Usage: %s tarball\n' "$0" >&2; exit 64 ;;
|
|
||||||
esac
|
|
||||||
cr=$(printf '\r')
|
|
||||||
rc=0 ircdpid= tarball=${1:?}
|
|
||||||
case $tarball in
|
|
||||||
/*) ;;
|
|
||||||
*) tarball=$PWD/$tarball ;;
|
|
||||||
esac
|
|
||||||
dir=$(mktemp -d "${TMPDIR:-/tmp}/ircdtest.XXXXXXXXXX") || exit 2
|
|
||||||
trap '[ -z "$ircdpid" ] || kill $ircdpid; rm -rf "$dir"' 0
|
|
||||||
cd "$dir" || exit 2
|
|
||||||
tar xjf "$tarball" || exit 2
|
|
||||||
srcdir=${tarball##*/}
|
|
||||||
srcdir=${srcdir%.tbz2}
|
|
||||||
srcdir=${srcdir%.tgz}
|
|
||||||
srcdir=${srcdir%.tar.*}
|
|
||||||
srcdir=${srcdir%.tar}
|
|
||||||
cd "$srcdir" || exit 2
|
|
||||||
prefix=$dir/prefix
|
|
||||||
./configure --prefix="$prefix" >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
|
|
||||||
make -j2 >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
|
|
||||||
make install >"$dir/out" 2>&1 || { cat "$dir/out"; exit 2; }
|
|
||||||
cd "$prefix" || exit 2
|
|
||||||
servername=smoke$(date +%Y%m%d%H%M%S).test
|
|
||||||
port=$(date +50%S)
|
|
||||||
sed -e '/^serverinfo/,/^}/s/name = ".*";/name = "'"$servername"'";/' \
|
|
||||||
-e '/^listen/,/^}/s/port = .*;/port = '"$port"';/' \
|
|
||||||
-e '/^blacklist/,/^}/s/^/#/' \
|
|
||||||
etc/ircd.conf.example >etc/ircd.conf || exit 2
|
|
||||||
bin/ircd || exit 2
|
|
||||||
ircdpid=$(cat etc/ircd.pid) || exit 2
|
|
||||||
cd "$dir" || exit 2
|
|
||||||
echo "Will use servername $servername port $port, pid is $ircdpid"
|
|
||||||
{
|
|
||||||
echo 'USER testu . . :Test user'
|
|
||||||
echo 'NICK test1'
|
|
||||||
sleep 1
|
|
||||||
echo 'JOIN #test'
|
|
||||||
sleep 2
|
|
||||||
echo "PRIVMSG #test :channel message via $servername"
|
|
||||||
echo "PRIVMSG @#test :chanops 1 via $servername"
|
|
||||||
echo "MODE #test +o test2"
|
|
||||||
echo "PRIVMSG @#test :chanops 2 via $servername"
|
|
||||||
sleep 1
|
|
||||||
echo "QUIT"
|
|
||||||
} | nc 127.0.0.1 "$port" >out1 &
|
|
||||||
{
|
|
||||||
echo 'NICK test2'
|
|
||||||
echo 'USER testu2 . . :Test user'
|
|
||||||
sleep 2
|
|
||||||
echo 'JOIN #test'
|
|
||||||
echo "PRIVMSG test1 :private message via $servername"
|
|
||||||
sleep 2
|
|
||||||
echo "QUIT :Bye"
|
|
||||||
} | nc 127.0.0.1 "$port" >out2 &
|
|
||||||
wait
|
|
||||||
if ! grep -q "^:$servername 001 test1 :" out1; then
|
|
||||||
echo "FAIL: Missing 001 in out1 or wrong server"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:$servername 001 test2 :" out2; then
|
|
||||||
echo "FAIL: Missing 001 in out2 or wrong server"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:test2!.*@.* PRIVMSG test1 :private message via $servername$cr\$" out1; then
|
|
||||||
echo "FAIL: Missing private message in out1"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:test1!.*@.* PRIVMSG #test :channel message via $servername$cr\$" out2; then
|
|
||||||
echo "FAIL: Missing channel message in out2"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if grep -q "chanops 1 via" out2; then
|
|
||||||
echo "FAIL: Wrong chanops message in out2"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out1; then
|
|
||||||
echo "FAIL: Missing mode in out1"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:test1!.* MODE #test +o test2[[:space:]]*$cr\$" out2; then
|
|
||||||
echo "FAIL: Missing mode in out2"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if ! grep -q "^:test1!.* PRIVMSG @#test :chanops 2 via $servername$cr\$" out2; then
|
|
||||||
echo "FAIL: Missing chanops message in out2"
|
|
||||||
rc=1
|
|
||||||
fi
|
|
||||||
if [ "$rc" -ne 0 ] && [ -t 0 ] && [ -t 1 ] && [ -t 2 ]; then
|
|
||||||
echo 'Starting shell for investigation...'
|
|
||||||
PS1='ircd-smoketest$ ' sh -i
|
|
||||||
fi
|
|
||||||
if [ "$rc" -eq 0 ]; then
|
|
||||||
echo 'PASS'
|
|
||||||
fi
|
|
||||||
exit $rc
|
|
Loading…
Reference in a new issue