Просмотр исходного кода

* Convert cmdpasses to the salted-sha1 format

Bryan Drewery 17 лет назад
Родитель
Сommit
29c1fc9222
6 измененных файлов с 36 добавлено и 21 удалено
  1. 6 2
      src/cmds.c
  2. 1 1
      src/cmds.h
  3. 1 1
      src/core_binds.c
  4. 0 13
      src/crypt.c
  5. 0 1
      src/crypt.h
  6. 28 3
      src/dccutil.c

+ 6 - 2
src/cmds.c

@@ -296,6 +296,9 @@ static void cmd_cmdpass(int idx, char *par)
     return;
   }
 
+  if (strlen(pass) > MAXPASSLEN)
+    pass[MAXPASSLEN] = 0;
+
   if (has_pass) {
     if (!check_cmd_pass(cmd, pass)) {
       putlog(LOG_WARN, "*", "%s attempted to modify command password for %s - invalid password specified", dcc[idx].nick, cmd);
@@ -310,10 +313,11 @@ static void cmd_cmdpass(int idx, char *par)
     }
   }
 
-  char epass[36] = "", tmp[256] = "";
+  char *epass = NULL, tmp[256] = "";
 
-  encrypt_cmd_pass(par[0] ? par : pass, epass);
+  epass = salted_sha1(par[0] ? par : pass);
   simple_snprintf(tmp, sizeof tmp, "%s %s", cmd, epass);
+  free(epass);
   if (has_pass)
     dprintf(idx, "Changed command password for %s\n", cmd);
   else

+ 1 - 1
src/cmds.h

@@ -37,7 +37,7 @@ const botcmd_t *search_botcmd_t(const botcmd_t *table, const char* key, size_t e
 typedef struct cmd_pass {
   struct cmd_pass *next;
   char *name;
-  char pass[25];
+  char pass[SHA1_SALTED_LEN + 1];
 } cmd_pass_t;
 
 extern mycmds 		cmdlist[]; 

+ 1 - 1
src/core_binds.c

@@ -187,7 +187,7 @@ void real_check_bind_dcc(const char *cmd, int idx, const char *text, Auth *auth)
       if (!egg_strncasecmp(cmd, entry->mask, cmdlen)) {
         if (has_cmd_pass(entry->mask)) {
           if (flagrec_ok(&entry->user_flags, &fr)) {
-            char *p = NULL, work[1024] = "", pass[128] = "";
+            char *p = NULL, work[1024] = "", pass[MAXPASSLEN + 1] = "";
 
             p = strchr(args, ' ');
             if (p)

+ 0 - 13
src/crypt.c

@@ -120,19 +120,6 @@ char *decrypt_string(const char *keydata, char *in)
   }
 }
 
-void encrypt_cmd_pass(char *in, char *out)
-{
-  char *tmp = NULL;
-
-  if (strlen(in) > MAXPASSLEN)
-    in[MAXPASSLEN] = 0;
-  tmp = encrypt_string(in, in);
-  strlcpy(out, "+", 2);
-  strlcat(out, tmp, MAXPASSLEN + 1);
-  out[MAXPASSLEN] = 0;
-  free(tmp);
-}
-
 char *salted_sha1(const char *in, const char* saltin)
 {
   char *tmp = NULL, buf[101] = "", *ret = NULL;

+ 0 - 1
src/crypt.h

@@ -27,7 +27,6 @@ unsigned char *encrypt_binary(const char *, unsigned char *, size_t *);
 unsigned char *decrypt_binary(const char *, unsigned char *, size_t *);
 char *encrypt_string(const char *, char *);
 char *decrypt_string(const char *, char *);
-void encrypt_cmd_pass(char *, char *);
 char *salted_sha1(const char *, const char* = NULL);
 char *cryptit (char *);
 char *decryptit (char *);

+ 28 - 3
src/dccutil.c

@@ -1071,11 +1071,36 @@ int check_cmd_pass(const char *cmd, char *pass)
 
   for (cp = cmdpass; cp; cp = cp->next)
     if (!egg_strcasecmp(cmd, cp->name)) {
-      char tmp[32] = "";
+      char *epass = NULL;
+
+      /* Does the old pass need to be converted? */
+      if (strlen(cp->pass) < SHA1_SALTED_LEN) {
+        char out[MAXPASSLEN + 1] = "", *tmp = encrypt_string(pass, pass);
+        strlcpy(out, "+", 2);
+        strlcat(out, tmp, MAXPASSLEN + 1);
+        out[MAXPASSLEN] = 0;
+        free(tmp);
+
+        /* No match */
+        if (strcmp(out, cp->pass))
+          return 0;
+
+        /* Successful match on the old version, convert it and save it */
+        char ctmp[256] = "";
+        epass = salted_sha1(pass);
+
+        simple_snprintf(ctmp, sizeof(ctmp), "%s %s", cmd, epass);
+        free(epass);
+        set_cmd_pass(tmp, 1);
+        return 1;
+      }
 
-      encrypt_cmd_pass(pass, tmp);
-      if (!strcmp(tmp, cp->pass))
+      epass = salted_sha1(pass, &(cp->pass)[1]);
+      if (!strcmp(epass, cp->pass)) {
+        free(epass);
         return 1;
+      }
+      free(epass);
       return 0;
     }
   return 0;