Browse Source

* Remove blowfish
* Implemented AES-256 (OpenSSL)
* Removed netpass
All file encryption uses SALT1 now
All botlink encryption uses SALT2 now
* Fixed a sharebug while loading users


svn: 305

Bryan Drewery 22 năm trước cách đây
mục cha
commit
1cc4f3d45a
20 tập tin đã thay đổi với 244 bổ sung324 xóa
  1. 0 3
      pack/pack.cfg.sample
  2. 2 2
      src/chanprog.c
  3. 5 4
      src/cmds.c
  4. 140 125
      src/crypt.c
  5. 3 3
      src/dcc.c
  6. 7 18
      src/main.c
  7. 1 0
      src/main.h
  8. 50 89
      src/makesalt.c
  9. 5 15
      src/makesettings.c
  10. 8 1
      src/mem.c
  11. 1 1
      src/misc.c
  12. 1 2
      src/mod/irc.mod/irc.c
  13. 1 1
      src/mod/irc.mod/mode.c
  14. 5 15
      src/mod/module.h
  15. 0 3
      src/mod/modvals.h
  16. 4 28
      src/modules.c
  17. 0 1
      src/net.c
  18. 3 3
      src/proto.h
  19. 1 2
      src/tcl.c
  20. 7 8
      src/users.c

+ 0 - 3
pack/pack.cfg.sample

@@ -3,9 +3,6 @@
 /* PACKNAME: name of the pack */
 PACKNAME <name>
 
-/* NETPASS: 15 random characters used for botlink encryption */
-NETPASS <15charstring>
-
 /* SHELLHASH: 33 char md5 hash used for binary password */
 SHELLHASH <md5hash>
 

+ 2 - 2
src/chanprog.c

@@ -26,7 +26,7 @@ extern Tcl_Interp	*interp;
 extern char		 ver[], botnetnick[], firewall[], myip[], 
 			 motdfile[], userfile[], tempdir[],
 			 notify_new[], owner[], 
-                         *netpass, botuser[], *owners, *hubs;
+                         botuser[], *owners, *hubs;
 
 extern time_t		 now, online_since;
 extern int		 backgrd, term_z, con_chan, cache_hit, cache_miss,
@@ -494,7 +494,7 @@ void load_internal_users()
           bi->uplink = user_malloc(1);
           bi->uplink[0] = 0;
 	  set_user(&USERENTRY_BOTADDR, get_user_by_handle(userlist, hand), bi);
-	  set_user(&USERENTRY_PASS, get_user_by_handle(userlist, hand), netpass);
+	  /* set_user(&USERENTRY_PASS, get_user_by_handle(userlist, hand), SALT2); */
 	}
       default:
 //	ln = userids for hostlist, add them all 

+ 5 - 4
src/cmds.c

@@ -37,9 +37,9 @@ extern unsigned long	 otraffic_irc, otraffic_irc_today,
 			 itraffic_unknown, itraffic_unknown_today;
 extern Tcl_Interp	*interp;
 extern char		 botnetnick[], origbotname[], ver[], network[],
-			 owner[], quit_msg[], dcc_prefix[], *netpass,
+			 owner[], quit_msg[], dcc_prefix[], 
                          botname[], *binname, egg_version[];
-extern time_t		 now, online_since;
+extern time_t		 now, online_since, buildts;
 extern module_entry	*module_list;
 extern struct cfg_entry CFG_MOTD;
 extern struct cfg_entry **cfg;
@@ -588,7 +588,8 @@ static void cmd_motd(struct userrec *u, int idx, char *par)
 static void cmd_about(struct userrec *u, int idx, char *par)
 {
   putlog(LOG_CMDS, "*", STR("#%s# about"), dcc[idx].nick);
-  dprintf(idx, STR("Wraith (%s) botpack by bryan, with credits and thanks to the following:\n"), egg_version);
+  dprintf(idx, STR("Wraith (%s) botpack by bryan, CVS date %lu"), buildts);
+  dprintf(idx, STR("..with credits and thanks to the following:\n"), egg_version);
   dprintf(idx, STR("(written from a base of Eggdrop 1.6.12)\n\n"));
   dprintf(idx, STR("Eggdrop team for developing such a great bot to code off of.\n"));
   dprintf(idx, STR("Einride and ievil for taking eggdrop1.4.3 and making their very effecient botpack Ghost.\n"));
@@ -2953,7 +2954,7 @@ static void cmd_newleaf(struct userrec *u, int idx, char *par)
         addhost_by_handle(handle, host);
         host = newsplit(&par);
       }
-      set_user(&USERENTRY_PASS, u1, netpass);
+      /* set_user(&USERENTRY_PASS, u1, SALT2); */
       dprintf(idx, STR("Added new leaf: %s\n"), handle);
     }
   }

+ 140 - 125
src/crypt.c

@@ -7,146 +7,162 @@
 
 
 #include "main.h"
-#include "salt.h"
 
-unsigned char *hashdot(unsigned int r);
-unsigned int unhashdot(unsigned char *hash);
+int expmem_crypt()
+{
+  return 0;
+}
 
-char crybu[8000];
+#define CRYPT_BLOCKSIZE AES_BLOCK_SIZE
+#define CRYPT_KEYSIZE 256
 
-char *psycrypt(char *st)
+AES_KEY e_key, d_key;
+
+char *encrypt_binary(const char *keydata, unsigned char *data, int *datalen)
 {
-    char *pte;
-    char *ptt;
-    char *pts1,*pts2;
-    char *pt;
-    char *hpt;
-    char hbuf[3];
-    int res;
-    int slen=0;
-    unsigned int tslt1 = CODE1;
-    unsigned int tslt2 = CODE2;
-    int p1,p2,p3,p4,p5;
-    int erg;
-    int de=0;
-    memset(crybu,0x0,sizeof(crybu));
-    pt = crybu;
-    pte = pt;
-    ptt = st;
-    if (*ptt=='+') {
-       ptt++;
-       de=1;
-    } else {
-       *pte++='+';
-    }
-    pts1 = slt1 +SA1;
-    pts2 = slt2 +SA2;
-    while(*ptt!=0)
-    {
-       if (slen>7990) break;
-        if (tslt1>255 || tslt1 <0) tslt1=CODE1;
-        if (tslt2>255 || tslt2 <0) tslt2=CODE2;
-       if (*pts1==0) pts1=slt1;
-       if (*pts2==0) pts2=slt2;
-       res=0;
-       if (de) {
-          hbuf[0]=*ptt++;
-          hbuf[1]=*ptt;
-          hbuf[2]=0;
-         p1=unhashdot(hbuf);
-          p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
-          erg=p1-p2-p3+p4-p5;
-          *pte=erg;
-          res=erg;
-       } else {
-          p1=*ptt;p2=*pts1;p3=tslt1;p4=*pts2;p5=tslt2;
-          res=p1;
-          erg=p1+p2+p3-p4+p5;
-          hpt=hashdot(erg);
-          *pte++=hpt[0];slen++;
-          *pte=hpt[1];
-       }
-       tslt1--;
-       res=res/10;
-       tslt2=tslt2+res;
-       pte++;ptt++;pts1++;pts2++;slen=slen+1;
+  int newdatalen = *datalen;
+  int blockcount = 0, blockndx = 0;
+  unsigned char *newdata = NULL;
+
+/* First pad indata to CRYPT_BLOCKSIZE multiplum */
+  if (newdatalen % CRYPT_BLOCKSIZE)             /* more than 1 block? */
+    newdatalen += (CRYPT_BLOCKSIZE - (newdatalen % CRYPT_BLOCKSIZE));
+
+  newdata = (unsigned char *) nmalloc(newdatalen);
+  egg_memcpy(newdata, data, *datalen);
+  if (newdatalen != *datalen)
+    egg_bzero((void *) &newdata[*datalen], (newdatalen - *datalen));
+  *datalen = newdatalen;
+
+  if ((!keydata) || (!keydata[0])) {
+    /* No key, no encryption */
+    egg_memcpy(newdata, data, newdatalen);
+  } else {
+    /* Init/fetch key */
+    AES_set_encrypt_key(keydata, CRYPT_KEYSIZE, &e_key);
+
+    /* Now loop through the blocks and crypt them */
+    blockcount = newdatalen / CRYPT_BLOCKSIZE;
+    for (blockndx = blockcount - 1; blockndx >= 0; blockndx--) {
+      AES_encrypt((void *) &newdata[blockndx * CRYPT_BLOCKSIZE], (void *) &newdata[blockndx * CRYPT_BLOCKSIZE], &e_key);
     }
-    *pte=0;
-    return pt;
+  }
+  return newdata;
 }
 
-char *cryptit(char *tocipher)
+char *decrypt_binary(const char *keydata, unsigned char *data, int datalen)
 {
-    if (*tocipher=='+')
-       return tocipher;
-    else
-       return psycrypt(tocipher);
-}
+  int blockcount = 0, blockndx = 0;
+  unsigned char *newdata = NULL;
 
-char *decryptit(char *todecipher)
-{
-    if (todecipher[0]=='+')
-       return psycrypt(todecipher);
-    else
-       return todecipher;
-}
+  datalen -= datalen % CRYPT_BLOCKSIZE;
+  newdata = (unsigned char *) nmalloc(datalen);
+  egg_memcpy(newdata, data, datalen);
 
-/* hashing routines for string driven systems */
+  if ((!keydata) || (!keydata[0])) {
+    /* No key, no decryption */
+  } else {
+    /* Init/fetch key */
+    AES_set_decrypt_key(keydata, CRYPT_KEYSIZE, &d_key);
 
-unsigned char base[] = "'`0123456789abcdefghijklmnopqrstuvxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@$=&*-#";
 
-int baselen=67;
+    /* Now loop through the blocks and crypt them */
+    blockcount = datalen / CRYPT_BLOCKSIZE;
 
-unsigned char xres[3];
+    for (blockndx = blockcount - 1; blockndx >= 0; blockndx--) {
+      AES_decrypt(&newdata[blockndx * CRYPT_BLOCKSIZE], &newdata[blockndx * CRYPT_BLOCKSIZE], &d_key);
+    }
 
-unsigned char *hashdot(unsigned int r)
+  }
+
+  return newdata;
+}
+
+const char base64[64] = ".\\0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
+const char base64r[256] = {
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 0, 0, 0, 0, 0, 0,
+  0, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26,
+  27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 0, 1, 0, 0, 0,
+  0, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52,
+  53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+};
+
+char *encrypt_string(const char *keydata, char *data)
 {
-    unsigned int cnt;
-    unsigned int hh=0;
-    unsigned int hl=0;
-    cnt=r;
-    for(;cnt>0;cnt--)
-    {
-       hl++;
-       if (hl==baselen) {hl=0;hh++;}
+  int l, i, t;
+  unsigned char *bdata;
+  char *res;
+  l = strlen(data) + 1;
+  bdata = encrypt_binary(keydata, data, &l);
+  if ((keydata) && (keydata[0])) {
+    res = nmalloc((l * 4) / 3 + 5);
+#define DB(x) ((unsigned char) (x+i<l ? bdata[x+i] : 0))
+    for (i = 0, t = 0; i < l; i += 3, t += 4) {
+      res[t] = base64[DB(0) >> 2];
+      res[t + 1] = base64[((DB(0) & 3) << 4) | (DB(1) >> 4)];
+      res[t + 2] = base64[((DB(1) & 0x0F) << 2) | (DB(2) >> 6)];
+      res[t + 3] = base64[(DB(2) & 0x3F)];
     }
-    xres[0]=base[hh];
-    xres[1]=base[hl];
-    xres[2]=0;
-    return xres;
+#undef DB
+    res[t] = 0;
+    nfree(bdata);
+    return res;
+  } else {
+    return bdata;
+  }
 }
 
-int wrong=0;
+char *decrypt_string(const char *keydata, char *data)
+{
+  int i, l, t;
+  char *buf, *res;
+  l = strlen(data);
+  if ((keydata) && (keydata[0])) {
+    buf = nmalloc((l * 3) / 4 + 6);
+#define DB(x) ((unsigned char) (x+i<l ? base64r[(unsigned char) data[x+i]] : 0))
+    for (i = 0, t = 0; i < l; i += 4, t += 3) {
+      buf[t] = (DB(0) << 2) + (DB(1) >> 4);
+      buf[t + 1] = ((DB(1) & 0x0F) << 4) + (DB(2) >> 2);
+      buf[t + 2] = ((DB(2) & 3) << 6) + DB(3);
+    };
+#undef DB
+    t += 3;
+    t -= (t % 4);
+    res = decrypt_binary(keydata, buf, t);
+    nfree(buf);
+    return res;
+  } else {
+    res = nmalloc(l + 1);
+    strcpy(res, data);
+    return res;
+  }
+}
 
-unsigned int unhashdot(unsigned char *hash)
+void encrypt_pass(char *s1, char *s2)
 {
-    unsigned int lf=baselen;
-/*    unsigned char *pt; */
-    unsigned int erg=0;
-    unsigned long ln=0;
-    wrong=0;
-    while (ln<baselen && base[ln] != hash[0]) {
-       ln++;
-    }
-    if (ln!=baselen) {
-       erg=ln * lf;
-    } else {
-       wrong=1;
-    }
-    ln=0;
-    while (ln<baselen && base[ln] != hash[1]) {
-       ln++;
-    }
-    if (ln!=baselen) {
-       erg=erg+ln;
-    } else {
-       wrong=1;
-    }
-    return erg;
+  /* fix this, standard eggs don't allow this long password hashes */
+  char *tmp;
+
+  if (strlen(s1) > 16)
+    s1[16] = 0;
+  tmp = encrypt_string(s1, s1);
+  strcpy(s2, "+");
+  strncat(s2, tmp, 16);
+  s2[16] = 0;
+  nfree(tmp);
 }
 
-/* end pcrypt */
-extern char *netpass;
 
 int lfprintf(FILE *f, char *fmt, ...) {
   va_list va;
@@ -161,8 +177,8 @@ int lfprintf(FILE *f, char *fmt, ...) {
   if(strchr(outbuf, '\n')) {
     while( (tptr = strchr(outbuf, '\n')) ) {
       *tptr = 0;
-      temps1 = (char *) encrypt_string(netpass, tptr2);
-      if (fprintf(f, "%s\n", cryptit(temps1)) == EOF) {
+      temps1 = (char *) encrypt_string(SALT1, tptr2);
+      if (fprintf(f, "%s\n", temps1) == EOF) {
         nfree(temps1);
         return -1;
       }
@@ -172,8 +188,8 @@ int lfprintf(FILE *f, char *fmt, ...) {
       tptr2 = tptr;
     }
   } else {
-    temps2 = (char *) encrypt_string(netpass, outbuf);
-    fprintf(f, "%s", cryptit(temps2));
+    temps2 = (char *) encrypt_string(SALT1, outbuf);
+    fprintf(f, "%s", temps2);
     nfree(temps2);
     return -1;
   }
@@ -202,7 +218,7 @@ void EncryptFile(char *infile, char *outfile)
 
   while (fscanf(f,"%[^\n]\n",buf) != EOF) {
     if (std)
-      printf("%s\n", cryptit(encrypt_string(netpass, buf)));
+      printf("%s\n", encrypt_string(SALT1, buf));
     else
       lfprintf(f2, "%s\n", buf);
   }
@@ -234,7 +250,7 @@ void DecryptFile(char *infile, char *outfile)
   }
 
   while (fscanf(f,"%[^\n]\n",buf) != EOF) {
-    temps = (char *) decrypt_string(netpass, decryptit(buf));
+    temps = (char *) decrypt_string(SALT1, buf);
     if (!std)
       fprintf(f2, "%s\n",temps);
     else
@@ -248,4 +264,3 @@ void DecryptFile(char *infile, char *outfile)
   if (f2)
     fclose(f2);
 }
-

+ 3 - 3
src/dcc.c

@@ -29,7 +29,7 @@ extern time_t		 now;
 extern int		 egg_numver, connect_timeout, conmask, backgrd,
 			 max_dcc, default_flags, debug_output,
 			 ignore_time;
-extern char		 botnetnick[], ver[], origbotname[], notify_new[], bdhash[], *netpass;
+extern char		 botnetnick[], ver[], origbotname[], notify_new[], bdhash[];
 
 
 extern sock_list *socklist;
@@ -407,7 +407,7 @@ static void dcc_bot_new(int idx, char *buf, int x)
        *p;
 
       p = newsplit(&buf);
-      tmp = decrypt_string(netpass, p);
+      tmp = decrypt_string(SALT2, p);
       strncpy0(socklist[snum].okey, tmp, 17);
       strcpy(socklist[snum].ikey, socklist[snum].okey);
       nfree(tmp);
@@ -1633,7 +1633,7 @@ static void dcc_telnet_pass(int idx, int atr)
       socklist[snum].oseed = rand();
       socklist[snum].iseed = socklist[snum].oseed;
       initkey[16] = 0;
-      tmp2 = encrypt_string(netpass, initkey);
+      tmp2 = encrypt_string(SALT2, initkey);
       putlog(LOG_BOTS, "*", "Sending encrypted link handshake to %s...", dcc[idx].nick);
       socklist[snum].encstatus = 1;
       socklist[snum].gz = 1;

+ 7 - 18
src/main.c

@@ -47,8 +47,6 @@
 #include <windows.h>
 #endif
 
-#define ENCMOD "blowfish"
-
 #ifndef _POSIX_SOURCE
 /* Solaris needs this */
 #define _POSIX_SOURCE 1
@@ -65,7 +63,7 @@ int leaf = 1;
 int localhub = 1; //we set this to 0 if we have -c, later.
 
 extern char		 origbotname[], userfile[], botnetnick[], packname[],
-                         *netpass, shellhash[], myip6[], myip[], hostname[],
+                         shellhash[], myip6[], myip[], hostname[],
                          hostname6[], natip[];
 extern int		 dcc_total, conmask, cache_hit, cache_miss,
 			 fork_interval, 
@@ -90,7 +88,6 @@ time_t lastfork=0;
 int my_port;
 #endif
 
-char enetpass[16] = ""; /* cheap fucking hack */
 char	notify_new[121] = "";	/* Person to send a note to for new users */
 int	default_flags = 0;	/* Default user flags and */
 int	default_uflags = 0;	/* Default userdefinied flags for people
@@ -397,7 +394,7 @@ static void got_abort(int z)
 #endif
   fatal(STR("GOT SIGABRT -- CRASHING!"), 1);
 #ifdef SA_RESETHAND
-  kill(getpid(), SIGABRT);
+  kill(getpid(), SIGSEGV);
 #else
   bg_send_quit(BG_ABORT);
   exit(1);
@@ -673,7 +670,7 @@ static void dtx_arg(int argc, char *argv[])
         got_ed("d", p, p2);
         break; /* this should never be reached */
       case 'v':
-	printf("Wraith %s\nBuild Date: %s\n", egg_version, ctime(&buildts));
+	printf("Wraith %s\nBuild Date: (%lu) %s\n", egg_version, buildts, ctime(&buildts));
 	bg_send_quit(BG_ABORT);
 	exit(0);
         break; /* this should never be reached */
@@ -1110,7 +1107,7 @@ static void gotspawn(char *filename)
 
   while(fscanf(fp,"%[^\n]\n",templine) != EOF) {
     void *my_ptr;
-    temps = my_ptr = (char *) decrypt_string(netpass, decryptit(templine));
+    temps = my_ptr = decrypt_string(SALT1, templine);
 
 #ifdef S_PSCLOAK
     sdprintf(STR("GOTSPAWN: %s"), temps);
@@ -1470,7 +1467,6 @@ int main(int argc, char **argv)
 
   /* just load everything now, won't matter if it's loaded if the bot has to suicide on startup */
   init_settings();
-  egg_snprintf(enetpass, sizeof enetpass, netpass);
   init_dcc_max();
   init_userent();
   init_misc();
@@ -1484,7 +1480,6 @@ int main(int argc, char **argv)
     bg_prepare_split();
   init_botcmd();
   link_statics();
-  module_load(ENCMOD);
 
   if (!can_stat(binname))
    werr(ERR_BINSTAT);
@@ -1599,19 +1594,13 @@ if (1) {		/* config shit */
       char *nick = NULL, *host = NULL, *ip = NULL, *ipsix = NULL, *temps, c[1024];
       void *temp_ptr;
       int skip = 0;
-      if (templine[0] != '+') {
-        printf(STR("%d: "), i);
-        werr(ERR_CONFBADENC);
-      }
 
-      temps = temp_ptr = (char *) decrypt_string(netpass, decryptit(templine));
-      sdprintf("malloc`d %d bytes", strlen(temps)+1);
+      temps = temp_ptr = decrypt_string(SALT1, templine);
       if (!strchr(STR("*#-+!abcdefghijklmnopqrstuvwxyzABDEFGHIJKLMNOPWRSTUVWXYZ"), temps[0])) {
-        printf(STR("%d: "), i);
+        sdprintf(STR("line %d, char %c "), i, temps[0]);
         werr(ERR_CONFBADENC);
       }
-
-      snprintf(c, sizeof c, "%s",temps);
+      snprintf(c, sizeof c, "%s", temps);
 
       if (c[0] == '*')
         skip = 1;

+ 1 - 0
src/main.h

@@ -13,6 +13,7 @@
 #endif
 
 #include "pack/conf.h"
+#include "pack/salt.h"
 
 #include "lush.h" /* We seem to need this everywhere... */
 

+ 50 - 89
src/makesalt.c

@@ -4,104 +4,65 @@
  *
  */
 
-/************************************************************************
- *   psybnc2.2.2, tools/makesalt.c
- *   Copyright (C) 2001 the most psychoid  and
- *                      the cool lam3rz IRC Group, IRCnet
- *			http://www.psychoid.lam3rz.de
- *
- *   This program is free software; you can redistribute it and/or modify
- *   it under the terms of the GNU General Public License as published by
- *   the Free Software Foundation; either version 1, or (at your option)
- *   any later version.
- *
- *   This program is distributed in the hope that it will be useful,
- *   but WITHOUT ANY WARRANTY; without even the implied warranty of
- *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *   GNU General Public License for more details.
- *
- *   You should have received a copy of the GNU General Public License
- *   along with this program; if not, write to the Free Software
- *   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- */
-
 #include <stdio.h>
 #include <stdlib.h>
 #include <strings.h>
 #include <time.h>
+#include <sys/types.h>
+#include <unistd.h>
 
-char rbuf[100];
-
-const char *randstring(int length)
+/* Create a string with random letters and digits
+ */
+char *randstring(int len)
 {
-    char *po;
-    int i;
-    po=rbuf;
-    if (length>100) length=100;
-    for(i=0;i<length;i++) {*po=(char)(0x61+(rand()&15)); po++;}
-    *po=0;
-    po=rbuf;
-    return po;
+  int j, r = 0;
+  static char s[100];
+
+  for (j = 0; j < len; j++) {
+    r = random();
+    if (r % 4 == 0)
+      s[j] = '0' + (random() % 10);
+    else if (r % 4 == 1)
+      s[j] = 'a' + (random() % 26);
+    else if (r % 4 == 2)
+      s[j] = 'A' + (random() % 26);
+    else
+      s[j] = '!' + (random() % 15);
+
+    if (s[j] == 33 || s[j] == 37 || s[j] == 34 || s[j] == 40 || s[j] == 41 || s[j] == 38 || s[j] == 36) //no % ( ) &
+      s[j] = 35;
+  }
+  s[len] = '\0';
+  return s;
 }
 
 int main(void)
 {
+  FILE *saltfd;
+  int saltlen1;
+  int saltlen2;
+  time_t now = time(NULL);
+  srandom(now % (getpid() + getppid()));
+  saltlen1 = 32;
+  saltlen2 = 32;
 
-    FILE* salt;
-    int saltlen1;
-    int saltlen2;
-    int foo;
-    srand(time(NULL));
-    saltlen1=(rand()&20)+5;
-    saltlen2=(rand()&20)+5;
-    if ( (salt=fopen("pack/salt.h","r"))!=NULL) {
-	fclose(salt);
-	printf("Using existent Salt-File\n");
-	exit(0x0);
-    }
-    printf("Creating Salt File\n");
-    if ( (salt=fopen("pack/salt.h","w"))==NULL) {
-	printf("Cannot created Salt-File.. aborting\n");
-	exit(0x1);
-    }
-    fprintf(salt,"/* The 1. Salt -> string containing anything, %d chars */\n",saltlen1);
-    fprintf(salt,"#define SALT1 %c%s%c\n",34,randstring(saltlen1),34);
-    fprintf(salt,"\n");
-    fprintf(salt,"/* The 2. Salt -> string containing anything, %d chars */\n",saltlen2);
-    fprintf(salt,"#define SALT2 %c%s%c\n",34,randstring(saltlen2),34);
-    fprintf(salt,"\n");
-    fprintf(salt,"/* the 1. Code -> a one byte startup code */\n");
-    fprintf(salt,"#define CODE1 %d\n",64+(rand()&15));
-    fprintf(salt,"\n");
-    fprintf(salt,"/* the 2. Code -> a one byte startup code */\n");
-    fprintf(salt,"#define CODE2 %d\n",64+(rand()&15));
-    fprintf(salt,"\n");
-    fprintf(salt,"/* the 1. Salt Offset -> value from 0-%d */\n",saltlen1-1);
-    fprintf(salt,"#define SA1 %d\n",rand()&(saltlen1-1));
-    fprintf(salt,"\n");
-    fprintf(salt,"/* the 2. Salt Offset -> value from 0-%d */\n",saltlen2-1);
-    fprintf(salt,"#define SA2 %d\n",rand()&(saltlen2-1));
-    fprintf(salt,"\n");
-    fprintf(salt,"/* the make salt routine */\n");
-    fprintf(salt,"/* dont wonder about the redundance, its needed to somehow hide the fully salts */\n");
-    fprintf(salt,"\n");
-    fprintf(salt,"/* salt buffers */\n");
-    fprintf(salt,"\n");
-    fprintf(salt,"unsigned char slt1[%d];\n",saltlen1+1);
-    fprintf(salt,"unsigned char slt2[%d];\n",saltlen2+1);
-    fprintf(salt,"\n");
-    fprintf(salt,"int makesalt(void)\n");
-    fprintf(salt,"{\n");
-    for (foo=0;foo<saltlen1;foo++) 
-        fprintf(salt,"    slt1[%d]=SALT1[%d];\n",foo,foo);
-    fprintf(salt,"    slt1[%d]=0;\n",saltlen1);
-    for (foo=0;foo<saltlen2;foo++) 
-        fprintf(salt,"    slt2[%d]=SALT2[%d];\n",foo,foo);
-    fprintf(salt,"    slt2[%d]=0;\n",saltlen2);
-    fprintf(salt,"return 0;\n");
-    fprintf(salt,"}");
-    fprintf(salt,"\n");
-    fclose(salt);
-    printf("Salt File created.\n");
-    exit (0x0);
+  if ((saltfd = fopen("pack/salt.h", "r"))!= NULL) {
+    fclose(saltfd);
+    printf("Using existent Salt-File\n"); 
+    exit(0);
+  }
+  printf("Creating Salt File\n");
+  if ((saltfd = fopen("pack/salt.h", "w")) == NULL) {
+    printf("Cannot created Salt-File.. aborting\n");
+    exit(1);
+  }
+  fprintf(saltfd,"/* SALT1 is for local files */\n",saltlen1);
+  fprintf(saltfd,"#define SALT1 %c%s%c\n",34,randstring(saltlen1),34);
+  fprintf(saltfd,"\n");
+  fprintf(saltfd,"/* SALT2 is for botlink  */\n",saltlen2);
+  fprintf(saltfd,"#define SALT2 %c%s%c\n",34,randstring(saltlen2),34);
+  fprintf(saltfd,"\n");
+  fclose(saltfd);
+  printf("Salt File created.\n");
+  exit (0);
 }

+ 5 - 15
src/makesettings.c

@@ -10,12 +10,11 @@
 #define NICKMAX         32
 #define UHOSTMAX        160
 #define MAXPASSLEN      25
-#define NETKEYLEN       16
+#define NETKEYLEN       33
 #define PACKNAMELEN     40
 
 struct cfg_struct {
-  char packname[512];
-  char netpass[16];
+  char packname[PACKNAMELEN];
   char shellhash[33];
   char bdhash[33];
   char dccprefix[1];
@@ -201,9 +200,6 @@ int loadconfig(char **argv) {
         if (!strcmp(lcase(buffer), "packname")) {
           strncpy(cfg.packname, trim(p), sizeof cfg.packname - 1);
           printf(".");
-        } else if (!strcmp(lcase(buffer), "netpass")) {
-          strncpy(cfg.netpass, trim(p), sizeof cfg.netpass - 1);
-          printf(".");
         } else if (!strcmp(lcase(buffer), "shellhash")) {
           strncpy(cfg.shellhash, trim(p), sizeof cfg.shellhash - 1);
           printf(".");
@@ -261,7 +257,6 @@ int loadconfig(char **argv) {
 void tellconfig()
 {
   printf("packname: %s\n", cfg.packname);
-  printf("netpass: %s\n", cfg.netpass);
   printf("shellhash: %s\n", cfg.shellhash);
   printf("bdhash: %s\n", cfg.bdhash);
   printf("dccprefix: %s\n", cfg.dccprefix);
@@ -313,7 +308,7 @@ fprintf(f, " \
 #include <string.h> \n\
 #include \"main.h\"\n\
 \n\
-char *netpass, packname[512], shellhash[33], bdhash[33], dcc_prefix[1], *owners, *hubs, *owneremail;\n\n\
+char packname[512], shellhash[33], bdhash[33], dcc_prefix[1], *owners, *hubs, *owneremail;\n\n\
 char *progname() {\n\
 #ifdef S_PSCLOAK\n");
 fprintf(f," \
@@ -330,8 +325,7 @@ fprintf(f, " \
 
 
   fprintf(f, "#define _PACKNAME STR(\"%s\")\n", cfg.packname);
-  fprintf(f, "#define _NETPASS STR(\"%s\")\n", cfg.netpass);
-  fprintf(f, "#define _DCCPREFIX STR(\"%s\")\n", cfg.dccprefix);
+  fprintf(f, "#define _DCCPREFIX STR(\"%c\")\n", cfg.dccprefix[0]);
   fprintf(f, "#define _SHELLHASH STR(\"%s\")\n", cfg.shellhash);
   fprintf(f, "#define _BDHASH STR(\"%s\")\n", cfg.bdhash);
   fprintf(f, "#define _OWNERS STR(\"%s\")\n", cfg.owners);
@@ -344,20 +338,16 @@ int init_settings()\n\
   owners = my_malloc(strlen(_OWNERS) + 1);\n\
   hubs = my_malloc(strlen(_HUBS) + 1);\n\
   owneremail = my_malloc(strlen(_OWNEREMAIL) + 1);\n\
-  netpass = my_malloc(strlen(_NETPASS) + 1);\n\
 \n\
   sprintf(owners, _OWNERS);\n\
   sprintf(hubs, _HUBS);\n\
   sprintf(owneremail, _OWNEREMAIL);\n\
-  sprintf(netpass, _NETPASS);\n\
   egg_snprintf(packname, sizeof packname, _PACKNAME);\n\
-//  snprintf(netpass, sizeof netpass, NETPASS);\n\
-//printf(\"netpass: %%s sizeof: %%d NETPASS: %%s\\n\", netpass, sizeof netpass, NETPASS);\n\
   egg_snprintf(bdhash, sizeof bdhash, _BDHASH);\n\
   egg_snprintf(shellhash, sizeof shellhash, _SHELLHASH);\n\
   sprintf(dcc_prefix, _DCCPREFIX);\n\
   sdprintf(STR(\"owners: %%s\\nhubs: %%s\\nowneremail: %%s\"), owners, hubs, owneremail);\n\
-  sdprintf(STR(\"dcc_prefix: %%s \\nnetpass: %%s \\nbdhash: %%s \\nshellhash: %%s\"), dcc_prefix, netpass, bdhash, shellhash);\n\
+  sdprintf(STR(\"dcc_prefix: %%s \\nbdhash: %%s \\nshellhash: %%s\"), dcc_prefix, bdhash, shellhash);\n\
   return 1;\n\
 }\n");
 

+ 8 - 1
src/mem.c

@@ -50,6 +50,7 @@ int expmem_config();
 int expmem_auth();
 int expmem_tcldcc();
 int expmem_dns();
+int expmem_crypt();
 
 
 /* Initialize the memory structure
@@ -101,7 +102,7 @@ void tell_mem_status_dcc(int idx)
 void debug_mem_to_dcc(int idx)
 {
 #ifdef DEBUG_MEM
-#define MAX_MEM 14
+#define MAX_MEM 15
   unsigned long exp[MAX_MEM], use[MAX_MEM], l;
   int i, j;
   char fn[20], sofar[81];
@@ -122,6 +123,7 @@ void debug_mem_to_dcc(int idx)
   exp[11] = expmem_tcldcc();
   exp[12] = expmem_dns();
   exp[13] = expmem_config();
+  exp[14] = expmem_crypt();
   for (me = module_list; me; me = me->next)
     me->mem_work = 0;
   for (i = 0; i < MAX_MEM; i++)
@@ -165,6 +167,8 @@ void debug_mem_to_dcc(int idx)
       use[12] += l;
     else if (!strcmp(fn, "xconfig.c"))
       use[13] += l;
+    else if (!strcmp(fn, "xcrypt.c"))
+      use[14] += l;
     else if (p) {
       for (me = module_list; me; me = me->next)
 	if (!strcmp(fn, me->name))
@@ -216,6 +220,9 @@ void debug_mem_to_dcc(int idx)
     case 13:
       strcpy(fn, "xconfig.c");
       break;
+    case 14:
+      strcpy(fn, "xcrypt.c");
+      break;
     }
     if (use[i] == exp[i]) {
       dprintf(idx, STR("File '%-10s' accounted for %lu/%lu (ok)\n"), fn, exp[i],

+ 1 - 1
src/misc.c

@@ -44,7 +44,7 @@ extern tand_t *tandbot;
 extern char		 version[], origbotname[], botname[],
 			 admin[], network[], motdfile[], ver[], botnetnick[],
 			 bannerfile[], textdir[], userfile[],  
-                         *binname, pid_file[], *netpass, tempdir[];
+                         *binname, pid_file[], tempdir[];
 
 extern int		 backgrd, con_chan, term_z, use_stderr, dcc_total, timesync, sdebug, 
 #ifdef HUB

+ 1 - 2
src/mod/irc.mod/irc.c

@@ -12,7 +12,6 @@
 #include "server.mod/server.h"
 #undef serv
 #include "channels.mod/channels.h"
-#include "blowfish.mod/blowfish.h"
 #ifdef HAVE_UNAME
 #include <sys/utsname.h>
 #endif
@@ -129,7 +128,7 @@ void makeopline(struct chanset_t *chan, char *nick, char *buf)
     strcpy(nck, nick);
   makeplaincookie(chan->dname, nck, plaincookie);
   strcpy(key, botname);
-  strcat(key, netpass);
+  strcat(key, SALT2);
 //  putlog(LOG_DEBUG, "*", "Encrypting opline for %s with cookie %s and key %s", nck, plaincookie, key);
   p = encrypt_string(key, plaincookie);
   strcpy(enccookie, p);

+ 1 - 1
src/mod/irc.mod/mode.c

@@ -1327,7 +1327,7 @@ static int gotmode(char *from, char *msg)
           }
 */
           strcpy(key, nfrom);
-          strcat(key, netpass);
+          strcat(key, SALT2);
 /* putlog(LOG_DEBUG, "*", "Decrypting cookie: %s with key %s", enccookie, key); */
           p = decrypt_string(key, enccookie);
 /* putlog(LOG_DEBUG, "*", "Decrypted cookie: %s", p); */

+ 5 - 15
src/mod/module.h

@@ -29,6 +29,7 @@
 #include "modvals.h"
 #include "src/tandem.h"
 
+
 /*
  * This file contains all the orrible stuff required to do the lookup
  * table for symbols, rather than getting the OS to do it, since most
@@ -288,8 +289,8 @@
 #define copyfile ((int (*) (char *, char *))global[147])
 /* 148 - 151 */
 #define do_tcl ((void (*)(char *, char *))global[148])
-/* 149 -- UNUSED */
-/* #define get_language ((char *(*)(int))global[150]) */
+#define encrypt_string ((char *(*)(const char *, char *))global[149])
+#define decrypt_string ((char *(*)(const char *, char *))global[150])
 #define def_get ((void *(*)(struct userrec *, struct user_entry *))global[151])
 /* 152 - 155 */
 #define makepass ((void (*) (char *))global[152])
@@ -498,7 +499,7 @@
 /* 297 - 300 */
 #define hostname6 ((char *)(global[297]))
 #define timesync (*(int*)global[298])
-#define netpass ((char *)(global[299]))
+/* UNUSED 299 */
 #define kickreason ((char *(*)(int))global[300])
 /* 301 - 304 */
 #define getting_users ((int (*)())global[301])
@@ -552,22 +553,11 @@
 /* 337 - 340 */
 #define checkchans ((void (*)(int))global[337])
 
-/* This is for blowfish module, couldnt be bothered making a whole new .h
- * file for it ;)
- */
-#ifndef MAKING_ENCRYPTION
-
-#  define encrypt_string(a, b)						\
-	(((char *(*)(char *,char*))encryption_funcs[4])(a,b))
-#  define decrypt_string(a, b)						\
-	(((char *(*)(char *,char*))encryption_funcs[5])(a,b))
-
-#endif
-
 extern int lfprintf(FILE *, char *, ...);
 extern void raise_limit(struct chanset_t *);
 extern int egg_numver;
 extern int cfg_count;
 extern struct cfg_entry **cfg;
 #define STR(x) x
+
 #endif				/* _EGG_MOD_MODULE_H */

+ 0 - 3
src/mod/modvals.h

@@ -48,15 +48,12 @@
 //#define HOOK_CHANFILE            17
 #define HOOK_SHAREOUT		105
 #define HOOK_SHAREIN		106
-#define HOOK_ENCRYPT_PASS	107
 #define HOOK_QSERV		108
 #define HOOK_ADD_MODE		109
 #define HOOK_MATCH_NOTEREJ	110
 #define HOOK_RFC_CASECMP	111
 #define HOOK_DNS_HOSTBYIP	112
 #define HOOK_DNS_IPBYHOST	113
-#define HOOK_ENCRYPT_STRING     114
-#define HOOK_DECRYPT_STRING     115
 #define HOOK_SHAREUPDATEIN	117
 
 /* These are FIXED once they are in a release they STAY

+ 4 - 28
src/modules.c

@@ -23,7 +23,7 @@ extern struct userrec	*userlist, *lastuser;
 extern char		 tempdir[], botnetnick[], botname[], natip[], cmdprefix[],
 			 hostname[], origbotname[], botuser[], admin[],
 			 userfile[], ver[], notify_new[], kickprefix[], bankickprefix[],
-			 version[], quit_msg[], hostname6[], bdhash[], dcc_prefix[], enetpass[],
+			 version[], quit_msg[], hostname6[], bdhash[], dcc_prefix[],
 #ifdef S_AUTH
                          authkey[], 
 #endif /* S_AUTH */
@@ -126,9 +126,6 @@ static void null_share(int idx, char *x)
     dprintf(idx, "s un Not sharing userfile.\n");
 }
 
-void (*encrypt_pass) (char *, char *) = 0;
-char *(*encrypt_string) (char *, char *) = 0;
-char *(*decrypt_string) (char *, char *) = 0;
 void (*shareout) () = null_func;
 void (*sharein) (int, char *) = null_share;
 void (*shareupdatein) (int, char *) = null_share;
@@ -344,8 +341,8 @@ Function global_table[] =
   (Function) copyfile,
   /* 148 - 151 */
   (Function) do_tcl,
-  (Function) 0,
-  (Function) 0,
+  (Function) encrypt_string,
+  (Function) decrypt_string,
   (Function) def_get,
   /* 152 - 155 */
   (Function) makepass,
@@ -555,7 +552,7 @@ Function global_table[] =
   (Function) botunlink,
   (Function) hostname6,		 /* char *				*/
   (Function) & timesync, /* int					*/
-  (Function) enetpass,  	/* char *				*/
+  (Function) 0, 
   (Function) kickreason,
   (Function) getting_users,
   (Function) 0,
@@ -842,15 +839,6 @@ void add_hook(int hook_num, Function func)
     p->func = func;
   } else
     switch (hook_num) {
-    case HOOK_ENCRYPT_PASS:
-      encrypt_pass = (void (*)(char *, char *)) func;
-      break;
-    case HOOK_ENCRYPT_STRING:
-      encrypt_string = (char *(*)(char *, char *)) func;
-      break;
-    case HOOK_DECRYPT_STRING:
-      decrypt_string = (char *(*)(char *, char *)) func;
-      break; 
     case HOOK_SHAREOUT:
       shareout = (void (*)()) func;
       break;
@@ -916,18 +904,6 @@ void del_hook(int hook_num, Function func)
     }
   } else
     switch (hook_num) {
-    case HOOK_ENCRYPT_PASS:
-      if (encrypt_pass == (void (*)(char *, char *)) func)
-	encrypt_pass = (void (*)(char *, char *)) null_func;
-      break;
-    case HOOK_ENCRYPT_STRING:
-      if (encrypt_string == (char *(*)(char *, char *)) func)
-        encrypt_string = (char *(*)(char *, char *)) null_func;
-      break;
-    case HOOK_DECRYPT_STRING:
-      if (decrypt_string == (char *(*)(char *, char *)) func)
-        decrypt_string = (char *(*)(char *, char *)) null_func;
-      break;
     case HOOK_SHAREOUT:
       if (shareout == (void (*)()) func)
 	shareout = null_func;

+ 0 - 1
src/net.c

@@ -37,7 +37,6 @@
 #endif /* !HAVE_GETDTABLESIZE */
 
 extern struct dcc_t	*dcc;
-extern char *netpass;
 extern int		 backgrd, use_stderr, resolve_timeout, dcc_total;
 extern unsigned long	 otraffic_irc_today, otraffic_bn_today,
 			 otraffic_dcc_today, otraffic_filesys_today,

+ 3 - 3
src/proto.h

@@ -30,9 +30,6 @@ struct list_type;
 struct tand_t_struct;
 
 #if !defined(MAKING_MODS)
-extern void (*encrypt_pass) (char *, char *);
-extern char *(*encrypt_string) (char *, char *);
-extern char *(*decrypt_string) (char *, char *);
 
 //extern int lfprintf(FILE *, char *, ...);
 
@@ -126,6 +123,9 @@ void gotremotecmd(char * forbot, char * frombot, char * fromhand, char * fromidx
 void gotremotereply(char * frombot, char * tohand, char * toidx, char * ln);
 
 /* crypt.c */
+char *encrypt_string(const char *, char *);
+char *decrypt_string(const char *, char *);
+void encrypt_pass(char *, char *);
 char *cryptit (char *);
 char *decryptit (char *);
 int lfprintf(FILE *, char *, ...);

+ 1 - 2
src/tcl.c

@@ -41,8 +41,7 @@ extern char	origbotname[], botuser[], motdfile[], admin[], userfile[],
                 firewall[], notify_new[], hostname[], hostname6[], myip[], myip6[],
 		tempdir[], owner[], network[], botnetnick[],
 		bannerfile[], egg_version[], natip[], 
-		textdir[], pid_file[], dcc_prefix[], 
-		*netpass;
+		textdir[], pid_file[], dcc_prefix[];
 
 extern int	enable_simul, dcc_total, debug_output, identtimeout,
 		protect_telnet, dupwait_timeout, egg_numver, share_unlinks,

+ 7 - 8
src/users.c

@@ -25,7 +25,7 @@ extern struct dcc_t *dcc;
 extern struct userrec *userlist, *lastuser;
 extern struct chanset_t *chanset;
 extern int dcc_total, noshare, egg_numver;
-extern char botnetnick[], *netpass;
+extern char botnetnick[];
 extern Tcl_Interp *interp;
 extern time_t now;
 
@@ -663,7 +663,6 @@ void tell_users_match(int idx, char *mtch, int start, int limit,
 int readuserfile(char *file, struct userrec **ret)
 {
   char *p, buf[1024], lasthand[512], *attr, *pass, *code, s1[1024], *s, cbuf[1024], *temps;
-  char *horesak;
 
   FILE *f;
   struct userrec *bu, *u = NULL;
@@ -688,11 +687,11 @@ Context;
   f = fopen(file, "r");
   if (f == NULL)
     return 0;
+  noshare = 1;
   /* read opening comment */
   s = buf;
-  fscanf(f, "%s\n", cbuf);
-  horesak = decryptit(cbuf);
-  temps = (char *) decrypt_string(netpass, horesak);
+  fscanf(f, "%[^\n]\n", cbuf);
+  temps = (char *) decrypt_string(SALT1, cbuf);
   snprintf(s, 1024, temps);
   nfree(temps);
   if (s[1] < '4') {
@@ -702,9 +701,8 @@ Context;
     fatal(USERF_INVALID, 0);
   while (!feof(f)) {
     s = buf;
-    fscanf(f, "%s\n", cbuf);
-    horesak = decryptit(cbuf);
-    temps = (char *) decrypt_string(netpass, horesak);
+    fscanf(f, "%[^\n]\n", cbuf);
+    temps = (char *) decrypt_string(SALT1, cbuf);
     snprintf(s, 1024, temps);
     nfree(temps);
     if (!feof(f)) {
@@ -1015,6 +1013,7 @@ Context;
 #ifdef LEAF
   unlink(userfile);
 #endif /* LEAF */
+  noshare = 0;
   return 1;
 }