Ver código fonte

* Port [3405] to 1.2.14
* Fix SHA1() to use 5 rotating static buffers
* Use OPENSSL_cleanse() on hash buffers



svn: 3406

Bryan Drewery 19 anos atrás
pai
commit
e180e43b63
7 arquivos alterados com 26 adições e 11 exclusões
  1. 7 4
      src/auth.c
  2. 1 1
      src/auth.h
  3. 3 0
      src/binary.c
  4. 7 2
      src/crypt.c
  5. 4 2
      src/enclink.c
  6. 1 1
      src/mod/channels.mod/userchan.c
  7. 3 1
      src/mod/irc.mod/irc.c

+ 7 - 4
src/auth.c

@@ -280,18 +280,21 @@ void makehash(struct userrec *u, const char *randstring, char *out, size_t out_s
     free(secpass);
 
   strlcpy(out, MD5(hash), out_size);
-  egg_bzero(hash, sizeof(hash));
+  OPENSSL_cleanse(hash, sizeof(hash));
 }
 
-char *
+const char*
 makebdhash(char *randstring)
 {
-  char hash[256] = "";
+  char hash[70] = "";
   char *bdpass = "bdpass";
 
   simple_snprintf(hash, sizeof hash, "%s%s%s", randstring, bdpass, settings.packname);
   sdprintf("bdhash: %s", hash);
-  return MD5(hash);
+
+  const char* md5 = MD5(hash);
+  OPENSSL_cleanse(hash, sizeof(hash));
+  return md5;
 }
 
 void check_auth_dcc(Auth *auth, const char *cmd, const char *par)

+ 1 - 1
src/auth.h

@@ -49,7 +49,7 @@ class Auth {
   static hash_table_t *ht_handle;
 };
 
-char *makebdhash(char *);
+const char* makebdhash(char *);
 void makehash(struct userrec *u, const char *randstring, char *out, size_t out_size);
 
 void check_auth_dcc(Auth *, const char *, const char *);

+ 3 - 0
src/binary.c

@@ -389,6 +389,9 @@ static void edpack(settings_t *incfg, const char *in_hash, int what)
   dofield(incfg->binname);
   dofield(incfg->portmin);
   dofield(incfg->portmax);
+
+
+  OPENSSL_cleanse(nhash, sizeof(nhash));
 #undef dofield
 #undef dohash
 #undef update_hash

+ 7 - 2
src/crypt.c

@@ -350,15 +350,20 @@ MD5FILE(const char *bin)
 
 char *SHA1(const char *string)
 {
-  static char	  sha1string[SHA_HASH_LENGTH + 1] = "";
+  static int n = 0;
+  static char ret[5][SHA_HASH_LENGTH + 1];
+  char* sha1string = ret[n++];
   unsigned char   sha1out[SHA_HASH_LENGTH + 1] = "";
   SHA_CTX ctx;
 
   SHA1_Init(&ctx);
   SHA1_Update(&ctx, string, strlen(string));
   SHA1_Final(sha1out, &ctx);
-  strlcpy(sha1string, btoh(sha1out, SHA_DIGEST_LENGTH), sizeof(sha1string));
+  strlcpy(sha1string, btoh(sha1out, SHA_DIGEST_LENGTH), SHA_HASH_LENGTH + 1);
   OPENSSL_cleanse(&ctx, sizeof(ctx));
+
+  if (n == 5) n = 0;
+
   return sha1string;
 }
 

+ 4 - 2
src/enclink.c

@@ -17,7 +17,7 @@ static void ghost_link_case(int idx, direction_t direction)
 
   if (snum >= 0) {
     char initkey[33] = "", *tmp2 = NULL;
-    char tmp[256] = "";
+    char tmp[70] = "";
     char *keyp = NULL, *nick1 = NULL, *nick2 = NULL;
     size_t key_len = 0;
     port_t port = 0;
@@ -52,6 +52,8 @@ static void ghost_link_case(int idx, direction_t direction)
     putlog(LOG_DEBUG, "@", "Link hash for %s: %s", dcc[idx].nick, tmp);
     putlog(LOG_DEBUG, "@", "outkey (%d): %s", strlen(keyp), keyp);
 #endif
+    OPENSSL_cleanse(tmp, sizeof(tmp));
+
     if (direction == FROM) {
       make_rand_str(initkey, 32);       /* set the initial out/in link key to random chars. */
       socklist[snum].oseed = random();
@@ -325,7 +327,7 @@ void link_hash(int idx, char *rand)
   /* nothing fancy, just something simple that can stop people from playing */
   simple_snprintf(hash, sizeof(hash), "enclink%s", rand);
   strlcpy(dcc[idx].shahash, SHA1(hash), SHA_HASH_LENGTH + 1);
-  egg_bzero(hash, sizeof(hash));
+  OPENSSL_cleanse(hash, sizeof(hash));
   return;
 }
 

+ 1 - 1
src/mod/channels.mod/userchan.c

@@ -732,7 +732,7 @@ flood-chan %d:%lu flood-ctcp %d:%lu flood-join %d:%lu \
 flood-kick %d:%lu flood-deop %d:%lu flood-nick %d:%lu flood-mjoin %d:%lu \
 closed-ban %d closed-invite %d closed-private %d ban-time %lu \
 exempt-time %lu invite-time %lu voice-non-ident %d \
-flood-exempt %d flood-lock-time %d \
+flood-exempt %d flood-lock-time %lu \
 %cenforcebans %cdynamicbans %cuserbans %cbitch \
 %cprivate %ccycle %cinactive %cdynamicexempts %cuserexempts \
 %cdynamicinvites %cuserinvites %cnodesynch %cclosed %cvoice \

+ 3 - 1
src/mod/irc.mod/irc.c

@@ -327,7 +327,9 @@ const char * cookie_hash(const char* chname, const memberlist* opper, const memb
 sdprintf("chname: %s ts: %s salt: %c%c%c%c", chname, ts, salt[0], salt[1], salt[2], salt[3]);
 sdprintf("tohash: %s", tohash);
 #endif
-  return MD5(tohash);
+  const char* md5 = MD5(tohash);
+  OPENSSL_cleanse(tohash, sizeof(tohash));
+  return md5;
 }
 
 #define HASH_INDEX1(_x) (8 + (_x))