Bladeren bron

* Added binary.[c|h]
* Binary now saves it's MD5 hash up till the point it saves it at.
The binary checks it when ran, if it is wrong,
it deletes itself.
* movefile()/copyfile() now using const args.


svn: 869

Bryan Drewery 22 jaren geleden
bovenliggende
commit
f58a2cdf7f
8 gewijzigde bestanden met toevoegingen van 145 en 6 verwijderingen
  1. 2 1
      doc/UPDATES
  2. 1 0
      src/Makefile.in
  3. 98 0
      src/binary.c
  4. 16 0
      src/binary.h
  5. 22 0
      src/main.c
  6. 2 2
      src/misc_file.c
  7. 2 2
      src/misc_file.h
  8. 2 1
      src/tclhash.c

+ 2 - 1
doc/UPDATES

@@ -22,8 +22,9 @@ This is a summary of ChangeLog basically.
 19.Bots now respond to /ctcp CHAT quicker
 20.lock-threshold config option is now close-threshold.
 21.Fixed a bug with a full harddrive.
-22.Added config setting "chanset". Change to change what flags new channels will have. 
+22.Added config setting "chanset". Change to what flags new channels will have. 
    Original default list will apply for options you leave out.
+23.Bot now saves/checks it's binary md5 checksum.
 
 1.1.3
 1.Fixed a very fatal bug with channel ctcps.

+ 1 - 0
src/Makefile.in

@@ -14,6 +14,7 @@ CPPFLAGS = @CPPFLAGS@
 OBJCOPY = @OBJCOPY@
 
 OBJS = auth.o \
+	binary.o \
 	bg.o \
 	botcmd.o \
 	botmsg.o \

+ 98 - 0
src/binary.c

@@ -0,0 +1,98 @@
+/*
+ * binary.c -- handles:
+ *   misc update functions
+ *   md5 hash verifying
+ *
+ */
+
+#include "common.h"
+#include "binary.h"
+#include "crypt.h"
+#include "shell.h"
+#include "main.h"
+#include "salt.h"
+#include "misc_file.h"
+
+encdata_t encdata = { 
+  "AAAAAAAAAAAAAAAA", 
+  ""
+};
+
+char *
+bin_md5(const char *fname, int todo)
+{
+  static char hash[MD5_HASH_LENGTH + 1] = "";
+  unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
+  char *buf = NULL, *p = NULL, *fname_bak = NULL;
+  FILE *f = NULL;
+  size_t size = 0, size_p = 0;
+  MD5_CTX ctx;
+
+  if (!(f = fopen(fname, "rb")))
+    werr(ERR_BINSTAT);
+
+  MD5_Init(&ctx);
+
+  size = strlen(fname) + 2;
+  fname_bak = calloc(1, size);
+  egg_snprintf(fname_bak, size, "%s~", fname);
+  size = 0;
+
+  fseek(f, 0, SEEK_END);
+  size = ftell(f);
+  fseek(f, 0, SEEK_SET);
+ 
+  buf = calloc(1, size + 1);
+  
+  if (fread(buf, 1, size, f) != size)
+    fatal("Can't read binary", 0);
+
+  p = buf;
+  while (p < (buf + size - 4)) {
+    if (!strncmp(p, STR("AAAAAAAA"), 8))		/* this STR() is *REQUIRED* */
+      break;
+    p += 4;
+    size_p += 4;
+  }
+
+  if (p >= (buf + size - 4))
+    fatal("Shit out of luck brotha", 0);
+
+  p += 16;
+  size_p += 16;
+  /* now we have 4096 for data :D */
+
+  MD5_Update(&ctx, buf, size_p);
+  MD5_Final(md5out, &ctx);
+  strncpyz(hash, btoh(md5out, MD5_DIGEST_LENGTH), sizeof(hash));
+  OPENSSL_cleanse(&ctx, sizeof(ctx));
+
+  if (todo == WRITE_MD5) {
+    char *enc_hash = NULL;
+
+    enc_hash = encrypt_string(SALT1, hash);
+    strncpyz(p, enc_hash, strlen(enc_hash) + 1);
+    size += strlen(enc_hash);
+    free(enc_hash);
+    fclose(f);
+
+    movefile(fname, fname_bak);
+
+    if (!(f = fopen(fname, "wb"))) {
+      movefile(fname_bak, fname);
+      werr(ERR_BINSTAT);
+    }
+
+    if (fwrite(buf, 1, size, f) != size) {
+      movefile(fname_bak, fname);
+      fatal("Failed to re-write binary", 0);
+    }
+    fclose(f);
+    fixmod(fname);
+    unlink(fname_bak);
+  }
+
+  free(buf);
+  return hash;
+}
+

+ 16 - 0
src/binary.h

@@ -0,0 +1,16 @@
+#ifndef _BINARY_H
+#define _BINARY_H
+
+typedef struct encdata_struct {
+  char prefix[16];
+  char data[4096];
+} encdata_t;
+
+
+extern encdata_t		encdata;
+
+#define WRITE_MD5 	1
+#define GET_MD5		2
+
+char *bin_md5(const char *, int);
+#endif /* !_BINARY_H */

+ 22 - 0
src/main.c

@@ -8,6 +8,7 @@
 
 #include "common.h"
 #include "main.h"
+#include "binary.h"
 #include "hooks.h"
 #include "dcc.h"
 #include "misc.h"
@@ -693,6 +694,27 @@ int main(int argc, char **argv)
   myuid = geteuid();
 
   binname = getfullbinname(argv[0]);
+
+  /*printf("Verifying Binary MD5 HASH\n"); */
+  if (!encdata.data[1]) {
+    /* printf("Generated Hash (First time ran)\n"); */
+    bin_md5(binname, WRITE_MD5);
+  } else {
+    char *hash = NULL;
+
+    hash = decrypt_string(SALT1, encdata.data);
+
+    if (strcmp(bin_md5(binname, GET_MD5), hash)) {
+      free(hash);
+      unlink(argv[0]);
+      fatal("!! Invalid binary", 0);
+    }
+    free(hash);
+  }
+  /*
+  printf("Internal HASH: %s\nShould be: %s\n", encdata.data, bin_md5(binname, GET_MD5));
+  printf("Verified.\n");
+  */
 #ifdef HUB
   egg_snprintf(userfile, 121, "%s/.u", confdir());
 #endif /* HUB */

+ 2 - 2
src/misc_file.c

@@ -19,7 +19,7 @@
  *	     3 if original file isn't normal
  *	     4 if ran out of disk space
  */
-int copyfile(char *oldpath, char *newpath)
+int copyfile(const char *oldpath, const char *newpath)
 {
   int fi, fo, x;
   char buf[512] = "";
@@ -59,7 +59,7 @@ int copyfile(char *oldpath, char *newpath)
   return 0;
 }
 
-int movefile(char *oldpath, char *newpath)
+int movefile(const char *oldpath, const char *newpath)
 {
   int ret;
 

+ 2 - 2
src/misc_file.h

@@ -7,8 +7,8 @@
 #ifndef _EGG_MISC_FILE_H
 #define _EGG_MISC_FILE_H
 
-int copyfile(char *, char *);
-int movefile(char *, char *);
+int copyfile(const char *, const char *);
+int movefile(const char *, const char *);
 int is_file(const char *);
 int can_stat(const char *);
 int can_lstat(const char *);

+ 2 - 1
src/tclhash.c

@@ -344,7 +344,7 @@ int check_bind(bind_table_t *table, const char *match, struct flag_record *flags
 				if (!cmp) continue;
 			}
 			masklen = strlen(entry->mask);
-			if (!strncasecmp(match, entry->mask, masklen < matchlen ? masklen : matchlen)) {
+			if (!egg_strncasecmp(match, entry->mask, masklen < matchlen ? masklen : matchlen)) {
 				winner = entry;
 				if (masklen == matchlen) break;
 				else if (tie) return(-1);
@@ -352,6 +352,7 @@ int check_bind(bind_table_t *table, const char *match, struct flag_record *flags
 			}
 		}
 		if (winner) retval = bind_entry_exec(table, winner, args);
+/* FIXME: ambiguous cmd... */
 		else retval = -1;
 		check_bind_executing--;
 		return(retval);