/[svn]/ircd-hybrid-7.2/tools/respond.c
ViewVC logotype

Annotation of /ircd-hybrid-7.2/tools/respond.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 921 - (hide annotations)
Mon Nov 12 16:24:53 2007 UTC (12 years, 4 months ago) by michael
File MIME type: text/x-chdr
File size: 3888 byte(s)
- Made tools/ compile

1 michael 921 /*
2     * tools/rsa_respond/respond.c
3     * A simple RSA authentification challenge response generator for the
4     * ircd-hybrid CHALLENGE command.
5     * This code is Copyright(C)2001 by the past and present ircd-hybrid
6     * developers.
7     * This program is free software; you can redistribute it and/or modify
8     * it under the terms of the GNU General Public License as published by
9     * the Free Software Foundation; either version 2 of the License, or
10     * (at your option) any later version.
11     *
12     * This program is distributed in the hope that it will be useful,
13     * but WITHOUT ANY WARRANTY; without even the implied warranty of
14     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15     * GNU General Public License for more details.
16     *
17     * You should have received a copy of the GNU General Public License
18     * along with this program; if not, write to the Free Software
19     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
20     * $Id: respond.c 33 2005-10-02 20:50:00Z knight $
21     */
22     #include <stdio.h>
23     #include <string.h>
24     #include <openssl/err.h>
25     #include <openssl/rsa.h>
26     #include <openssl/pem.h>
27     #include <openssl/md5.h>
28     #include <unistd.h>
29    
30     static int insecure_mode = 0;
31     static char *pass_param = NULL;
32    
33     static int pass_cb(char *buf, int size, int rwflag, void *u)
34     {
35     int len;
36     char *tmp;
37    
38     if (insecure_mode != 0)
39     {
40     if (pass_param == NULL)
41     return 0;
42     len = strlen(pass_param);
43     if (len <= 0) /* This SHOULDN'T happen */
44     return 0;
45     if (len > size)
46     len = size;
47     memcpy(buf, pass_param, len);
48     return len;
49     }
50    
51     tmp = getpass("Enter passphrase for challenge: ");
52     if (!tmp)
53     {
54     puts("Couldn't read passphrase from stdin!");
55     exit(-1);
56     }
57     len = strlen(tmp);
58     if (len <= 0)
59     return 0;
60     if (len > size)
61     len = size;
62     memcpy(buf, tmp, len);
63     return len;
64     }
65    
66     static void
67     binary_to_hex( unsigned char * bin, char * hex, int length )
68     {
69     char * trans = "0123456789ABCDEF";
70     int i;
71    
72     for( i = 0; i < length; i++ )
73     {
74     hex[i<<1] = trans[bin[i] >> 4];
75     hex[(i<<1)+1] = trans[bin[i] & 0xf];
76     }
77     hex[i<<1] = '\0';
78     }
79    
80     static int
81     hex_to_binary(const char *from, char *to, int len)
82     {
83     char a, b=1;
84     int p=0;
85     const char *ptr = from;
86     while (-1)
87     {
88     a = *ptr++;
89     if (!a)
90     break;
91     b = *ptr++;
92    
93     /* If this happens, we got bad input. */
94     if (!b)
95     break;
96     if (p >= len)
97     break;
98     if (!((a >= '0' && a <= '9') || (a >= 'A' && a <= 'F')))
99     break;
100     if (!((b >= '0' && b <= '9') || (b >= 'A' && b <= 'F')))
101     break;
102     to[p++] = ((a <= '9') ? (a - '0') : (a - 'A' + 0xA))<<4 |
103     ((b <= '9') ? (b - '0') : (b - 'A' + 0xA));
104     }
105     return p;
106     }
107    
108     int
109     main(int argc, char **argv)
110     {
111     FILE *kfile;
112     RSA *rsa = NULL;
113     char ndata[257], ddata[257];
114     /* respond privatefile challenge */
115     if (argc < 3)
116     {
117     puts("Usage: respond privatefile challenge [passphrase]");
118     return 0;
119     }
120    
121     if (argc == 4)
122     {
123     /* This is TOTALLY insecure and not recommended, but for
124     ** interfacing with irc client scripts, it's either this
125     ** or don't use a passphrase.
126     **
127     ** The likelihood of a passphrase leaking isn't TOO great,
128     ** only ps auxww will show it, and even then, only at the
129     ** precise moment this is called.
130     */
131     insecure_mode = 1;
132     pass_param = argv[3];
133     }
134    
135     if (!(kfile = fopen(argv[1], "r")))
136     {
137     puts("Could not open the private keyfile.");
138     return 0;
139     }
140    
141     SSLeay_add_all_ciphers();
142     rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
143    
144     if(!rsa)
145     {
146     puts("Unable to read your private key, is the passphrase wrong?");
147     return 0;
148     }
149    
150     fclose(kfile);
151     if (hex_to_binary(argv[2], ndata, 128) != 128)
152     {
153     puts("Bad challenge.");
154     return -1;
155     }
156    
157     if (RSA_private_decrypt(128, (unsigned char*)ndata,
158     (unsigned char*)ddata, rsa, RSA_PKCS1_PADDING) == -1)
159     {
160     puts("Decryption error.");
161     return -1;
162     }
163     binary_to_hex((unsigned char*)ddata, ndata, 32);
164     puts(ndata);
165     return 0;
166     }

Properties

Name Value
svn:eol-style native

svnadmin@ircd-hybrid.org
ViewVC Help
Powered by ViewVC 1.1.26