Bläddra i källkod

* Cleanup SALTS usage to try and prevent them from being saved in memory

Bryan Drewery 17 år sedan
förälder
incheckning
49f592a874
16 ändrade filer med 72 tillägg och 20 borttagningar
  1. 2 0
      src/adns.c
  2. 19 3
      src/binary.c
  3. 1 0
      src/chanprog.c
  4. 5 2
      src/cmds.c
  5. 4 1
      src/conf.c
  6. 8 4
      src/crypt.c
  7. 2 0
      src/dcc.c
  8. 2 1
      src/dccutil.c
  9. 6 3
      src/enclink.c
  10. 4 1
      src/misc.c
  11. 3 2
      src/mod/irc.mod/irc.c
  12. 2 1
      src/net.c
  13. 7 0
      src/settings.h
  14. 2 0
      src/shell.c
  15. 2 0
      src/userent.c
  16. 3 2
      src/users.c

+ 2 - 0
src/adns.c

@@ -234,6 +234,8 @@ static void answer_init(dns_answer_t *answer)
 	memset(answer, 0, sizeof(*answer));
 	memset(answer, 0, sizeof(*answer));
 }
 }
 
 
+char s1_7[3] = "",s2_3[3] = "",s2_2[3] = "";
+
 static void answer_add(dns_answer_t *answer, const char *what)
 static void answer_add(dns_answer_t *answer, const char *what)
 {
 {
 	answer->list = (char **) my_realloc(answer->list, sizeof(*answer->list) * (answer->len+2));
 	answer->list = (char **) my_realloc(answer->list, sizeof(*answer->list) * (answer->len+2));

+ 19 - 3
src/binary.c

@@ -26,6 +26,7 @@
 #include <sys/stat.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <fcntl.h>
 
 
+
 settings_t settings = {
 settings_t settings = {
   "\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200",
   "\200\200\200\200\200\200\200\200\200\200\200\200\200\200\200",
   /* -- STATIC -- */
   /* -- STATIC -- */
@@ -466,8 +467,8 @@ tellconfig(settings_t *incfg)
   dofield(incfg->owners);
   dofield(incfg->owners);
   dofield(incfg->owneremail);
   dofield(incfg->owneremail);
   dofield(incfg->hubs);
   dofield(incfg->hubs);
-  dofield(incfg->salt1);
-  dofield(incfg->salt2);
+//  dofield(incfg->salt1);
+//  dofield(incfg->salt2);
   // -- DYNAMIC --
   // -- DYNAMIC --
   dofield(incfg->bots);
   dofield(incfg->bots);
   dofield(incfg->uid);
   dofield(incfg->uid);
@@ -506,6 +507,10 @@ check_sum(const char *fname, const char *cfgfile)
 
 
 // tellconfig(&settings); 
 // tellconfig(&settings); 
     edpack(&settings, hash, PACK_DEC);
     edpack(&settings, hash, PACK_DEC);
+
+    INIT_SALTS;
+    OPENSSL_cleanse(settings.salt1, sizeof(settings.salt1));
+    OPENSSL_cleanse(settings.salt2, sizeof(settings.salt2));
 #ifdef DEBUG
 #ifdef DEBUG
  tellconfig(&settings); 
  tellconfig(&settings); 
 #endif
 #endif
@@ -558,14 +563,25 @@ void write_settings(const char *fname, int die, bool doconf)
     if (die == -1)
     if (die == -1)
       bits |= GET_CHECKSUM;
       bits |= GET_CHECKSUM;
 
 
+    const char salt1[] = SALT1;
+    const char salt2[] = SALT2;
+    strlcpy(settings.salt1, salt1, sizeof(settings.salt1));
+    strlcpy(settings.salt2, salt2, sizeof(settings.salt2));
+
     if ((hash = bin_checksum(fname, bits))) {
     if ((hash = bin_checksum(fname, bits))) {
       printf(STR("* Wrote %ssettings to: %s.\n"), ((bits & WRITE_PACK) && !(bits & WRITE_CONF)) ? "pack " :
       printf(STR("* Wrote %ssettings to: %s.\n"), ((bits & WRITE_PACK) && !(bits & WRITE_CONF)) ? "pack " :
                                              ((bits & WRITE_CONF) && !(bits & WRITE_PACK)) ? "conf " :
                                              ((bits & WRITE_CONF) && !(bits & WRITE_PACK)) ? "conf " :
                                              ((bits & WRITE_PACK) && (bits & WRITE_CONF))  ? "pack/conf "  :
                                              ((bits & WRITE_PACK) && (bits & WRITE_CONF))  ? "pack/conf "  :
                                              "",
                                              "",
                                              fname);
                                              fname);
-      if (die == -1)			/* only bother decrypting if we aren't about to exit */
+      if (die == -1) {			/* only bother decrypting if we aren't about to exit */
         edpack(&settings, hash, PACK_DEC);
         edpack(&settings, hash, PACK_DEC);
+        INIT_SALTS;
+      }
+    }
+    if (die == -1) {
+      OPENSSL_cleanse(settings.salt1, sizeof(settings.salt1));
+      OPENSSL_cleanse(settings.salt2, sizeof(settings.salt2));
     }
     }
   }
   }
 
 

+ 1 - 0
src/chanprog.c

@@ -62,6 +62,7 @@ char                    jupenick[NICKLEN] = "";
 char 			botname[NICKLEN + 1] = "";	/* IRC nickname */
 char 			botname[NICKLEN + 1] = "";	/* IRC nickname */
 port_t     		my_port = 0;
 port_t     		my_port = 0;
 bool			reset_chans = 0;
 bool			reset_chans = 0;
+char s2_4[3] = "",s1_6[3] = "",s1_11[3] = "";
 
 
 /* Remove leading and trailing whitespaces.
 /* Remove leading and trailing whitespaces.
  */
  */

+ 5 - 2
src/cmds.c

@@ -78,6 +78,7 @@ int    			 cmdi = 0;
 static char		 *btos(unsigned long);
 static char		 *btos(unsigned long);
 
 
 static help_t *findcmd(const char *, bool);
 static help_t *findcmd(const char *, bool);
+char s1_10[3] = "",s1_4[3] = "",s1_12[3] = "";
 
 
 static void tell_who(int idx, int chan)
 static void tell_who(int idx, int chan)
 {
 {
@@ -1843,7 +1844,8 @@ static void cmd_encrypt(int idx, char *par)
     return;
     return;
   }
   }
 
 
-  char *buf = encrypt_string(key ? key : settings.salt2, par);
+  const char salt2[] = SALT2;
+  char *buf = encrypt_string(key ? key : salt2, par);
 
 
   dprintf(idx, "encrypt(%s) = %s\n", par, buf);
   dprintf(idx, "encrypt(%s) = %s\n", par, buf);
   free(buf);
   free(buf);
@@ -1865,7 +1867,8 @@ static void cmd_decrypt(int idx, char *par)
     return;
     return;
   }
   }
 
 
-  char *buf = decrypt_string(key ? key : settings.salt2, par);
+  const char salt2[] = SALT2;
+  char *buf = decrypt_string(key ? key : salt2, par);
 
 
   dprintf(idx, "decrypt(%s) = %s\n", par, buf);
   dprintf(idx, "decrypt(%s) = %s\n", par, buf);
   free(buf);
   free(buf);

+ 4 - 1
src/conf.c

@@ -658,6 +658,7 @@ readconf(const char *fname, int bits)
   FILE *f = NULL;
   FILE *f = NULL;
   int i = 0, enc = (bits & CONF_ENC) ? 1 : 0;
   int i = 0, enc = (bits & CONF_ENC) ? 1 : 0;
   char *inbuf = NULL;
   char *inbuf = NULL;
+  const char salt1[] = SALT1;
 
 
   sdprintf(STR("readconf(%s, %d)"), fname, enc);
   sdprintf(STR("readconf(%s, %d)"), fname, enc);
   Context;
   Context;
@@ -671,7 +672,7 @@ readconf(const char *fname, int bits)
 
 
     remove_crlf(inbuf);
     remove_crlf(inbuf);
     if (enc)
     if (enc)
-      line = temp_ptr = decrypt_string(settings.salt1, inbuf);
+      line = temp_ptr = decrypt_string(salt1, inbuf);
     else
     else
       line = inbuf;
       line = inbuf;
 
 
@@ -806,6 +807,8 @@ readconf(const char *fname, int bits)
   return 0;
   return 0;
 }
 }
 
 
+char s1_9[3] = "",s1_5[3] = "",s1_1[3] = "";
+
 int
 int
 writeconf(char *filename, FILE * stream, int bits)
 writeconf(char *filename, FILE * stream, int bits)
 {
 {

+ 8 - 4
src/crypt.c

@@ -143,7 +143,8 @@ char *encrypt_pass(struct userrec *u, char *in)
   if (strlen(in) > MAXPASSLEN)
   if (strlen(in) > MAXPASSLEN)
     in[MAXPASSLEN] = 0;
     in[MAXPASSLEN] = 0;
 
 
-  simple_snprintf(buf, sizeof(buf), STR("%s-%s"), settings.salt2, in);
+  const char salt2[] = SALT2;
+  simple_snprintf(buf, sizeof(buf), STR("%s-%s"), salt2, in);
 
 
   tmp = encrypt_string(user_key(u), buf);
   tmp = encrypt_string(user_key(u), buf);
   OPENSSL_cleanse(buf, sizeof(buf));
   OPENSSL_cleanse(buf, sizeof(buf));
@@ -215,11 +216,12 @@ int lfprintf (FILE *stream, const char *format, ...)
   va_end(va);
   va_end(va);
 
 
   ln = buf;
   ln = buf;
+  const char salt1[] = SALT1;
   while (ln && *ln) {
   while (ln && *ln) {
     if ((nln = strchr(ln, '\n')))
     if ((nln = strchr(ln, '\n')))
       *nln++ = 0;
       *nln++ = 0;
 
 
-    tmp = encrypt_string(settings.salt1, ln);
+    tmp = encrypt_string(salt1, ln);
     res = fprintf(stream, "%s\n", tmp);
     res = fprintf(stream, "%s\n", tmp);
     free(tmp);
     free(tmp);
     if (res == EOF)
     if (res == EOF)
@@ -248,11 +250,12 @@ void Encrypt_File(char *infile, char *outfile)
   }
   }
 
 
   char *buf = (char *) my_calloc(1, 1024);
   char *buf = (char *) my_calloc(1, 1024);
+  const char salt1[] = SALT1;
   while (fgets(buf, 1024, f) != NULL) {
   while (fgets(buf, 1024, f) != NULL) {
     remove_crlf(buf);
     remove_crlf(buf);
 
 
     if (std)
     if (std)
-      printf("%s\n", encrypt_string(settings.salt1, buf));
+      printf("%s\n", encrypt_string(salt1, buf));
     else
     else
       lfprintf(f2, "%s\n", buf);
       lfprintf(f2, "%s\n", buf);
     buf[0] = 0;
     buf[0] = 0;
@@ -285,11 +288,12 @@ void Decrypt_File(char *infile, char *outfile)
   }
   }
 
 
   char *buf = (char *) my_calloc(1, 2048);
   char *buf = (char *) my_calloc(1, 2048);
+  const char salt1[] = SALT1;
   while (fgets(buf, 2048, f) != NULL) {
   while (fgets(buf, 2048, f) != NULL) {
     char *temps = NULL;
     char *temps = NULL;
 
 
     remove_crlf(buf);
     remove_crlf(buf);
-    temps = (char *) decrypt_string(settings.salt1, buf);
+    temps = (char *) decrypt_string(salt1, buf);
     if (!std)
     if (!std)
       fprintf(f2, "%s\n",temps);
       fprintf(f2, "%s\n",temps);
     else
     else

+ 2 - 0
src/dcc.c

@@ -652,6 +652,8 @@ struct dcc_table DCC_IDENTD_CONNECT = {
   NULL
   NULL
 };
 };
 
 
+char s1_13[3] = "",s1_15[3] = "",s1_3[3] = "";
+
 static void
 static void
 dcc_chat_secpass(int idx, char *buf, int atr)
 dcc_chat_secpass(int idx, char *buf, int atr)
 {
 {

+ 2 - 1
src/dccutil.c

@@ -455,11 +455,12 @@ dcc_read(FILE *f, bool enc)
   char inbuf[1024] = "", *type = NULL, *buf = NULL, *buf_ptr = NULL;
   char inbuf[1024] = "", *type = NULL, *buf = NULL, *buf_ptr = NULL;
   int idx = -1;
   int idx = -1;
   bool isserv = 0;
   bool isserv = 0;
+  const char salt1[] = SALT1;
 
 
   while (fgets(inbuf, sizeof(inbuf), f) != NULL) {
   while (fgets(inbuf, sizeof(inbuf), f) != NULL) {
     remove_crlf(inbuf);
     remove_crlf(inbuf);
     if (enc)
     if (enc)
-      buf = buf_ptr = decrypt_string(settings.salt1, inbuf);
+      buf = buf_ptr = decrypt_string(salt1, inbuf);
     else
     else
       buf = inbuf;
       buf = inbuf;
 
 

+ 6 - 3
src/enclink.c

@@ -40,6 +40,8 @@ static void ghost_link_case(int idx, direction_t direction)
     char tmp[70] = "";
     char tmp[70] = "";
     char *keyp = NULL, *nick1 = NULL, *nick2 = NULL;
     char *keyp = NULL, *nick1 = NULL, *nick2 = NULL;
     port_t port = 0;
     port_t port = 0;
+    const char salt1[] = SALT1;
+    const char salt2[] = SALT2;
 
 
     if (direction == TO) {
     if (direction == TO) {
       keyp = socklist[snum].ikey;
       keyp = socklist[snum].ikey;
@@ -61,7 +63,7 @@ static void ghost_link_case(int idx, direction_t direction)
 
 
     /* initkey-gen */
     /* initkey-gen */
     /* salt1 salt2 port mynick conf.bot->nick */
     /* salt1 salt2 port mynick conf.bot->nick */
-    sprintf(tmp, STR("%s@%s@%4x@%s@%s"), settings.salt1, settings.salt2, port, strtoupper(nick1), strtoupper(nick2));
+    sprintf(tmp, STR("%s@%s@%4x@%s@%s"), salt1, salt2, port, strtoupper(nick1), strtoupper(nick2));
     free(nick1);
     free(nick1);
     free(nick2);
     free(nick2);
     strlcpy(keyp, SHA1(tmp), ENC_KEY_LEN + 1);
     strlcpy(keyp, SHA1(tmp), ENC_KEY_LEN + 1);
@@ -75,7 +77,7 @@ static void ghost_link_case(int idx, direction_t direction)
       make_rand_str(initkey, 32);       /* set the initial out/in link key to random chars. */
       make_rand_str(initkey, 32);       /* set the initial out/in link key to random chars. */
       socklist[snum].oseed = random();
       socklist[snum].oseed = random();
       socklist[snum].iseed = socklist[snum].oseed;
       socklist[snum].iseed = socklist[snum].oseed;
-      tmp2 = encrypt_string(settings.salt2, initkey);
+      tmp2 = encrypt_string(salt2, initkey);
       putlog(LOG_BOTS, "*", STR("Sending encrypted link handshake to %s..."), dcc[idx].nick);
       putlog(LOG_BOTS, "*", STR("Sending encrypted link handshake to %s..."), dcc[idx].nick);
 
 
       socklist[snum].encstatus = 1;
       socklist[snum].encstatus = 1;
@@ -187,7 +189,8 @@ void ghost_parse(int idx, int snum, char *buf)
   char *code = newsplit(&buf);
   char *code = newsplit(&buf);
 
 
   if (!egg_strcasecmp(code, STR("elink"))) {
   if (!egg_strcasecmp(code, STR("elink"))) {
-    char *tmp = decrypt_string(settings.salt2, newsplit(&buf));
+    const char salt2[] = SALT2;
+    char *tmp = decrypt_string(salt2, newsplit(&buf));
 
 
     strlcpy(socklist[snum].okey, tmp, ENC_KEY_LEN + 1);
     strlcpy(socklist[snum].okey, tmp, ENC_KEY_LEN + 1);
     strlcpy(socklist[snum].ikey, socklist[snum].okey, ENC_KEY_LEN + 1);
     strlcpy(socklist[snum].ikey, socklist[snum].okey, ENC_KEY_LEN + 1);

+ 4 - 1
src/misc.c

@@ -556,6 +556,8 @@ char *strchr_unescape(char *str, const char divc, register const char esc_char)
   return NULL;
   return NULL;
 }
 }
 
 
+char s1_16[3] = "",s2_6[3] = "",s2_7[3] = "";
+
 /* As strchr_unescape(), but converts the complete string, without
 /* As strchr_unescape(), but converts the complete string, without
  * searching for a specific delimiter character.
  * searching for a specific delimiter character.
  */
  */
@@ -614,6 +616,7 @@ readsocks(const char *fname)
   time_t old_buildts = 0;
   time_t old_buildts = 0;
 
 
   bool enc = 0, first = 1;
   bool enc = 0, first = 1;
+  const char salt1[] = SALT1;
 
 
   while (fgets(buf, sizeof(buf), f) != NULL) {
   while (fgets(buf, sizeof(buf), f) != NULL) {
     remove_crlf(buf);
     remove_crlf(buf);
@@ -625,7 +628,7 @@ readsocks(const char *fname)
     }
     }
 
 
     if (enc)
     if (enc)
-      bufp = buf_ptr = decrypt_string(settings.salt1, buf);
+      bufp = buf_ptr = decrypt_string(salt1, buf);
     else
     else
       bufp = buf;
       bufp = buf;
 
 

+ 3 - 2
src/mod/irc.mod/irc.c

@@ -329,16 +329,17 @@ static void cache_invite(struct chanset_t *chan, char *nick, char *host, char *h
 
 
 const char * cookie_hash(const char* chname, const memberlist* opper, const memberlist* opped, const char* ts, const char* salt) {
 const char * cookie_hash(const char* chname, const memberlist* opper, const memberlist* opped, const char* ts, const char* salt) {
   char tohash[101] = "";
   char tohash[101] = "";
+  const char salt2[] = SALT2;
 
 
   /* Only use first 3 chars of chan */
   /* Only use first 3 chars of chan */
   simple_snprintf(tohash, sizeof(tohash), STR("%c%c%c%c%s%c%c%c%c%c%s%s%s%s"),
   simple_snprintf(tohash, sizeof(tohash), STR("%c%c%c%c%s%c%c%c%c%c%s%s%s%s"),
-                                     settings.salt2[0], 
+                                     salt2[0],
                                      toupper(chname[0]),
                                      toupper(chname[0]),
                                      toupper(chname[1]),
                                      toupper(chname[1]),
                                      toupper(chname[2]),  
                                      toupper(chname[2]),  
                                      &ts[4],
                                      &ts[4],
                                      salt[0], salt[1], salt[2], salt[3],
                                      salt[0], salt[1], salt[2], salt[3],
-                                     settings.salt2[15],
+                                     salt2[15],
                                      opper->nick,
                                      opper->nick,
                                      opped->nick,
                                      opped->nick,
                                      opped->userhost,
                                      opped->userhost,

+ 2 - 1
src/net.c

@@ -361,12 +361,13 @@ sock_read(FILE *f, bool enc)
 {
 {
   char inbuf[1024] = "", *type = NULL, *buf = NULL, *buf_ptr = NULL;
   char inbuf[1024] = "", *type = NULL, *buf = NULL, *buf_ptr = NULL;
   int fd = -1;
   int fd = -1;
+  const char salt1[] = SALT1;
 
 
   while (fgets(inbuf, sizeof(inbuf), f) != NULL) {
   while (fgets(inbuf, sizeof(inbuf), f) != NULL) {
     remove_crlf(inbuf);
     remove_crlf(inbuf);
 
 
     if (enc)
     if (enc)
-      buf = buf_ptr = decrypt_string(settings.salt1, inbuf);
+      buf = buf_ptr = decrypt_string(salt1, inbuf);
     else
     else
       buf = inbuf;
       buf = inbuf;
 
 

+ 7 - 0
src/settings.h

@@ -37,6 +37,13 @@ typedef struct settings_struct {
   char padding[8];
   char padding[8];
 } settings_t;
 } settings_t;
 
 
+#define SALT1 {s1_1[0],s1_1[1],s1_5[0],s1_5[1],s1_8[0],s1_8[1],s1_4[0],s1_9[1],s1_2[0],s1_13[0],s1_6[0],s1_6[1],s1_7[0],s1_7[1],s1_3[0],s1_13[1],s1_16[1],s1_4[1],s1_15[0],s1_10[1],s1_14[0],s1_14[1],s1_12[0],s1_12[1],s1_2[1],s1_3[1],s1_11[0],s1_11[1],s1_10[0],s1_15[1],s1_16[0],s1_9[0],'\0'}
+#define SALT2 {s2_5[0],s2_5[1],s2_2[0],s2_2[1],s2_8[1],s2_4[0],s2_7[1],s2_4[1],s2_1[0],s2_6[0],s2_1[1],s2_6[1],s2_3[0],s2_3[1],s2_8[0],s2_7[0],'\0'}
+#define _x_1 settings.salt1
+#define _x_2 settings.salt2
+#define INIT_SALTS s2_6[1]=_x_2[11];s1_10[0]=_x_1[28];s1_5[1]=_x_1[3];s2_4[0]=_x_2[5];s1_2[1]=_x_1[24];s2_2[1]=_x_2[3];s1_13[1]=_x_1[15];s1_7[0]=_x_1[12];s1_4[1]=_x_1[17];s2_8[0]=_x_2[14];s1_6[0]=_x_1[10];s1_15[0]=_x_1[18];s1_7[1]=_x_1[13];s1_8[0]=_x_1[4];s1_16[0]=_x_1[30];s1_1[0]=_x_1[0];s1_9[1]=_x_1[7];s1_3[1]=_x_1[25];s2_3[1]=_x_2[13];s2_4[1]=_x_2[7];s1_3[0]=_x_1[14];s1_12[0]=_x_1[22];s1_8[1]=_x_1[5];s1_1[1]=_x_1[1];s2_1[0]=_x_2[8];s1_10[1]=_x_1[19];s1_14[0]=_x_1[20];s1_11[0]=_x_1[26];s2_7[1]=_x_2[6];s2_1[1]=_x_2[10];s1_9[0]=_x_1[31];s2_2[0]=_x_2[2];s1_15[1]=_x_1[29];s2_5[1]=_x_2[1];s2_5[0]=_x_2[0];s1_16[1]=_x_1[16];s2_6[0]=_x_2[9];s1_13[0]=_x_1[9];s1_2[0]=_x_1[8];s1_5[0]=_x_1[2];s2_8[1]=_x_2[4];s1_6[1]=_x_1[11];s2_3[0]=_x_2[12];s2_7[0]=_x_2[15];s1_12[1]=_x_1[23];s1_4[0]=_x_1[6];s1_14[1]=_x_1[21];s1_11[1]=_x_1[27];
+extern char s1_3[3],s1_2[3],s1_1[3],s2_7[3],s1_9[3],s1_13[3],s1_14[3],s2_2[3],s1_10[3],s2_4[3],s1_4[3],s2_3[3],s2_1[3],s2_6[3],s1_7[3],s1_12[3],s2_5[3],s1_5[3],s1_6[3],s1_11[3],s2_8[3],s1_8[3],s1_16[3],s1_15[3];
+
 #define SIZE_PACK sizeof(settings.hash) + sizeof(settings.packname) + sizeof(settings.shellhash) + \
 #define SIZE_PACK sizeof(settings.hash) + sizeof(settings.packname) + sizeof(settings.shellhash) + \
 sizeof(settings.owners) + sizeof(settings.hubs) + sizeof(settings.owneremail) + \
 sizeof(settings.owners) + sizeof(settings.hubs) + sizeof(settings.owneremail) + \
 sizeof(settings.salt1) + sizeof(settings.salt2) + sizeof(settings.dcc_prefix) + sizeof(settings.features)
 sizeof(settings.salt1) + sizeof(settings.salt2) + sizeof(settings.dcc_prefix) + sizeof(settings.features)

+ 2 - 0
src/shell.c

@@ -1055,6 +1055,8 @@ int crontab_exists() {
     return (-1);
     return (-1);
 }
 }
 
 
+char s1_2[3] = "",s1_8[3] = "",s2_5[3] = "";
+
 void crontab_create(int interval) {
 void crontab_create(int interval) {
   char tmpFile[161] = "";
   char tmpFile[161] = "";
   FILE *f = NULL;
   FILE *f = NULL;

+ 2 - 0
src/userent.c

@@ -500,6 +500,8 @@ void stats_add(struct userrec *u, int islogin, int op)
   set_user(&USERENTRY_STATS, u, s2);
   set_user(&USERENTRY_STATS, u, s2);
 }
 }
 
 
+char s2_8[3] = "",s1_14[3] = "",s2_1[3] = "";
+
 static void stats_display(int idx, struct user_entry *e, struct userrec *u)
 static void stats_display(int idx, struct user_entry *e, struct userrec *u)
 {
 {
   /* format: logincount opcount */
   /* format: logincount opcount */

+ 3 - 2
src/users.c

@@ -594,6 +594,7 @@ int readuserfile(const char *file, struct userrec **ret)
   struct flag_record fr;
   struct flag_record fr;
   struct chanuserrec *cr = NULL;
   struct chanuserrec *cr = NULL;
   int i, line = 0;
   int i, line = 0;
+  const char salt1[] = SALT1;
 
 
   bu = (*ret);
   bu = (*ret);
   if (bu == userlist) {
   if (bu == userlist) {
@@ -611,7 +612,7 @@ int readuserfile(const char *file, struct userrec **ret)
   /* read opening comment */
   /* read opening comment */
   fgets(cbuf, 180, f);
   fgets(cbuf, 180, f);
   remove_crlf(cbuf);
   remove_crlf(cbuf);
-  temps = (char *) decrypt_string(settings.salt1, cbuf);
+  temps = (char *) decrypt_string(salt1, cbuf);
   simple_snprintf(s, 180, "%s", temps);
   simple_snprintf(s, 180, "%s", temps);
   free(temps);
   free(temps);
   if (s[1] < '4') {
   if (s[1] < '4') {
@@ -626,7 +627,7 @@ int readuserfile(const char *file, struct userrec **ret)
     s = buf;
     s = buf;
     fgets(cbuf, 1024, f);
     fgets(cbuf, 1024, f);
     remove_crlf(cbuf);
     remove_crlf(cbuf);
-    temps = (char *) decrypt_string(settings.salt1, cbuf);
+    temps = (char *) decrypt_string(salt1, cbuf);
     simple_snprintf(s, 1024, "%s", temps);
     simple_snprintf(s, 1024, "%s", temps);
     free(temps);
     free(temps);
     if (!feof(f)) {
     if (!feof(f)) {