1
0
Эх сурвалжийг харах

* auth/enclink/dcc hash strings are now cleared from memory after being hashed.

svn: 1662
Bryan Drewery 21 жил өмнө
parent
commit
50372107ab
5 өөрчлөгдсөн 18 нэмэгдсэн , 8 устгасан
  1. 12 5
      src/auth.c
  2. 1 1
      src/auth.h
  3. 2 1
      src/dcc.c
  4. 1 0
      src/enclink.c
  5. 2 1
      src/mod/irc.mod/msgcmds.c

+ 12 - 5
src/auth.c

@@ -71,22 +71,29 @@ init_auth()
   timer_create_secs(60, "expire_auths", (Function) expire_auths);
 }
 
-char *
-makehash(struct userrec *u, char *randstring)
+void makehash(int idx, int authi, char *randstring)
 {
   char hash[256] = "", *secpass = NULL;
+  struct userrec *u = NULL;
+
+  if (idx != -1)
+    u = dcc[idx].user;
+  else if (authi != -1)
+    u = auth[authi].user;
 
   if (get_user(&USERENTRY_SECPASS, u)) {
     secpass = strdup((char *) get_user(&USERENTRY_SECPASS, u));
     secpass[strlen(secpass)] = 0;
   }
   egg_snprintf(hash, sizeof hash, "%s%s%s", randstring, (secpass && secpass[0]) ? secpass : "", authkey);
-
-  sdprintf("hash: %s", hash);
   if (secpass)
     free(secpass);
+  if (idx != -1) 
+    strncpyz(dcc[idx].hash, hash, sizeof dcc[idx].hash);
+  else if (authi != -1)
+    strncpyz(auth[authi].hash, hash, sizeof auth[authi].hash);
 
-  return MD5(hash);
+  egg_bzero(hash, sizeof(hash));
 }
 
 char *

+ 1 - 1
src/auth.h

@@ -22,7 +22,7 @@ int new_auth();
 int findauth(char *);
 void removeauth(int);
 char *makebdhash(char *);
-char *makehash(struct userrec *, char *);
+void makehash(int, int, char *);
 
 
 extern int auth_total;

+ 2 - 1
src/dcc.c

@@ -977,7 +977,8 @@ dcc_chat_pass(int idx, char *buf, int atr)
       char randstr[51] = "";
 
       make_rand_str(randstr, 50);
-      strncpyz(dcc[idx].hash, makehash(dcc[idx].user, randstr), sizeof dcc[idx].hash);
+      makehash(idx, -1, randstr);
+
       dcc[idx].type = &DCC_CHAT_SECPASS;
       dcc[idx].timeval = now;
       dprintf(idx, "-Auth %s %s\n", randstr, conf.bot->nick);

+ 1 - 0
src/enclink.c

@@ -251,6 +251,7 @@ void link_hash(int idx, char *rand)
 
   egg_snprintf(hash, sizeof(hash), "%s.%s.%s", settings.packname, settings.salt1, rand);
   strncpyz(dcc[idx].shahash, SHA1(hash), sizeof(dcc[idx].shahash));
+  egg_bzero(hash, sizeof(hash));
   return;
 }
 

+ 2 - 1
src/mod/irc.mod/msgcmds.c

@@ -298,7 +298,8 @@ static int msg_auth(char *nick, char *host, struct userrec *u, char *par)
 
       auth[i].authing = 2;      
       make_rand_str(auth[i].rand, 50);
-      strncpyz(auth[i].hash, makehash(u, auth[i].rand), sizeof auth[i].hash);
+      makehash(-1, i, auth[i].rand);
+
       dprintf(DP_HELP, "PRIVMSG %s :-Auth %s %s\n", nick, auth[i].rand, conf.bot->nick);
     } else {
       /* no authkey and/or no SECPASS for the user, don't require a hash auth */