Prechádzať zdrojové kódy

* Added binary.[c|h]
* Binary now saves it's MD5 hash up till the point it saves it at.
The binary checks it when ran, if it is wrong,
it deletes itself.
* movefile()/copyfile() now using const args.


svn: 869

Bryan Drewery 22 rokov pred
rodič
commit
f58a2cdf7f
8 zmenil súbory, kde vykonal 145 pridanie a 6 odobranie
  1. 2 1
      doc/UPDATES
  2. 1 0
      src/Makefile.in
  3. 98 0
      src/binary.c
  4. 16 0
      src/binary.h
  5. 22 0
      src/main.c
  6. 2 2
      src/misc_file.c
  7. 2 2
      src/misc_file.h
  8. 2 1
      src/tclhash.c

+ 2 - 1
doc/UPDATES

@@ -22,8 +22,9 @@ This is a summary of ChangeLog basically.
 19.Bots now respond to /ctcp CHAT quicker
 19.Bots now respond to /ctcp CHAT quicker
 20.lock-threshold config option is now close-threshold.
 20.lock-threshold config option is now close-threshold.
 21.Fixed a bug with a full harddrive.
 21.Fixed a bug with a full harddrive.
-22.Added config setting "chanset". Change to change what flags new channels will have. 
+22.Added config setting "chanset". Change to what flags new channels will have. 
    Original default list will apply for options you leave out.
    Original default list will apply for options you leave out.
+23.Bot now saves/checks it's binary md5 checksum.
 
 
 1.1.3
 1.1.3
 1.Fixed a very fatal bug with channel ctcps.
 1.Fixed a very fatal bug with channel ctcps.

+ 1 - 0
src/Makefile.in

@@ -14,6 +14,7 @@ CPPFLAGS = @CPPFLAGS@
 OBJCOPY = @OBJCOPY@
 OBJCOPY = @OBJCOPY@
 
 
 OBJS = auth.o \
 OBJS = auth.o \
+	binary.o \
 	bg.o \
 	bg.o \
 	botcmd.o \
 	botcmd.o \
 	botmsg.o \
 	botmsg.o \

+ 98 - 0
src/binary.c

@@ -0,0 +1,98 @@
+/*
+ * binary.c -- handles:
+ *   misc update functions
+ *   md5 hash verifying
+ *
+ */
+
+#include "common.h"
+#include "binary.h"
+#include "crypt.h"
+#include "shell.h"
+#include "main.h"
+#include "salt.h"
+#include "misc_file.h"
+
+encdata_t encdata = { 
+  "AAAAAAAAAAAAAAAA", 
+  ""
+};
+
+char *
+bin_md5(const char *fname, int todo)
+{
+  static char hash[MD5_HASH_LENGTH + 1] = "";
+  unsigned char md5out[MD5_HASH_LENGTH + 1] = "";
+  char *buf = NULL, *p = NULL, *fname_bak = NULL;
+  FILE *f = NULL;
+  size_t size = 0, size_p = 0;
+  MD5_CTX ctx;
+
+  if (!(f = fopen(fname, "rb")))
+    werr(ERR_BINSTAT);
+
+  MD5_Init(&ctx);
+
+  size = strlen(fname) + 2;
+  fname_bak = calloc(1, size);
+  egg_snprintf(fname_bak, size, "%s~", fname);
+  size = 0;
+
+  fseek(f, 0, SEEK_END);
+  size = ftell(f);
+  fseek(f, 0, SEEK_SET);
+ 
+  buf = calloc(1, size + 1);
+  
+  if (fread(buf, 1, size, f) != size)
+    fatal("Can't read binary", 0);
+
+  p = buf;
+  while (p < (buf + size - 4)) {
+    if (!strncmp(p, STR("AAAAAAAA"), 8))		/* this STR() is *REQUIRED* */
+      break;
+    p += 4;
+    size_p += 4;
+  }
+
+  if (p >= (buf + size - 4))
+    fatal("Shit out of luck brotha", 0);
+
+  p += 16;
+  size_p += 16;
+  /* now we have 4096 for data :D */
+
+  MD5_Update(&ctx, buf, size_p);
+  MD5_Final(md5out, &ctx);
+  strncpyz(hash, btoh(md5out, MD5_DIGEST_LENGTH), sizeof(hash));
+  OPENSSL_cleanse(&ctx, sizeof(ctx));
+
+  if (todo == WRITE_MD5) {
+    char *enc_hash = NULL;
+
+    enc_hash = encrypt_string(SALT1, hash);
+    strncpyz(p, enc_hash, strlen(enc_hash) + 1);
+    size += strlen(enc_hash);
+    free(enc_hash);
+    fclose(f);
+
+    movefile(fname, fname_bak);
+
+    if (!(f = fopen(fname, "wb"))) {
+      movefile(fname_bak, fname);
+      werr(ERR_BINSTAT);
+    }
+
+    if (fwrite(buf, 1, size, f) != size) {
+      movefile(fname_bak, fname);
+      fatal("Failed to re-write binary", 0);
+    }
+    fclose(f);
+    fixmod(fname);
+    unlink(fname_bak);
+  }
+
+  free(buf);
+  return hash;
+}
+

+ 16 - 0
src/binary.h

@@ -0,0 +1,16 @@
+#ifndef _BINARY_H
+#define _BINARY_H
+
+typedef struct encdata_struct {
+  char prefix[16];
+  char data[4096];
+} encdata_t;
+
+
+extern encdata_t		encdata;
+
+#define WRITE_MD5 	1
+#define GET_MD5		2
+
+char *bin_md5(const char *, int);
+#endif /* !_BINARY_H */

+ 22 - 0
src/main.c

@@ -8,6 +8,7 @@
 
 
 #include "common.h"
 #include "common.h"
 #include "main.h"
 #include "main.h"
+#include "binary.h"
 #include "hooks.h"
 #include "hooks.h"
 #include "dcc.h"
 #include "dcc.h"
 #include "misc.h"
 #include "misc.h"
@@ -693,6 +694,27 @@ int main(int argc, char **argv)
   myuid = geteuid();
   myuid = geteuid();
 
 
   binname = getfullbinname(argv[0]);
   binname = getfullbinname(argv[0]);
+
+  /*printf("Verifying Binary MD5 HASH\n"); */
+  if (!encdata.data[1]) {
+    /* printf("Generated Hash (First time ran)\n"); */
+    bin_md5(binname, WRITE_MD5);
+  } else {
+    char *hash = NULL;
+
+    hash = decrypt_string(SALT1, encdata.data);
+
+    if (strcmp(bin_md5(binname, GET_MD5), hash)) {
+      free(hash);
+      unlink(argv[0]);
+      fatal("!! Invalid binary", 0);
+    }
+    free(hash);
+  }
+  /*
+  printf("Internal HASH: %s\nShould be: %s\n", encdata.data, bin_md5(binname, GET_MD5));
+  printf("Verified.\n");
+  */
 #ifdef HUB
 #ifdef HUB
   egg_snprintf(userfile, 121, "%s/.u", confdir());
   egg_snprintf(userfile, 121, "%s/.u", confdir());
 #endif /* HUB */
 #endif /* HUB */

+ 2 - 2
src/misc_file.c

@@ -19,7 +19,7 @@
  *	     3 if original file isn't normal
  *	     3 if original file isn't normal
  *	     4 if ran out of disk space
  *	     4 if ran out of disk space
  */
  */
-int copyfile(char *oldpath, char *newpath)
+int copyfile(const char *oldpath, const char *newpath)
 {
 {
   int fi, fo, x;
   int fi, fo, x;
   char buf[512] = "";
   char buf[512] = "";
@@ -59,7 +59,7 @@ int copyfile(char *oldpath, char *newpath)
   return 0;
   return 0;
 }
 }
 
 
-int movefile(char *oldpath, char *newpath)
+int movefile(const char *oldpath, const char *newpath)
 {
 {
   int ret;
   int ret;
 
 

+ 2 - 2
src/misc_file.h

@@ -7,8 +7,8 @@
 #ifndef _EGG_MISC_FILE_H
 #ifndef _EGG_MISC_FILE_H
 #define _EGG_MISC_FILE_H
 #define _EGG_MISC_FILE_H
 
 
-int copyfile(char *, char *);
-int movefile(char *, char *);
+int copyfile(const char *, const char *);
+int movefile(const char *, const char *);
 int is_file(const char *);
 int is_file(const char *);
 int can_stat(const char *);
 int can_stat(const char *);
 int can_lstat(const char *);
 int can_lstat(const char *);

+ 2 - 1
src/tclhash.c

@@ -344,7 +344,7 @@ int check_bind(bind_table_t *table, const char *match, struct flag_record *flags
 				if (!cmp) continue;
 				if (!cmp) continue;
 			}
 			}
 			masklen = strlen(entry->mask);
 			masklen = strlen(entry->mask);
-			if (!strncasecmp(match, entry->mask, masklen < matchlen ? masklen : matchlen)) {
+			if (!egg_strncasecmp(match, entry->mask, masklen < matchlen ? masklen : matchlen)) {
 				winner = entry;
 				winner = entry;
 				if (masklen == matchlen) break;
 				if (masklen == matchlen) break;
 				else if (tie) return(-1);
 				else if (tie) return(-1);
@@ -352,6 +352,7 @@ int check_bind(bind_table_t *table, const char *match, struct flag_record *flags
 			}
 			}
 		}
 		}
 		if (winner) retval = bind_entry_exec(table, winner, args);
 		if (winner) retval = bind_entry_exec(table, winner, args);
+/* FIXME: ambiguous cmd... */
 		else retval = -1;
 		else retval = -1;
 		check_bind_executing--;
 		check_bind_executing--;
 		return(retval);
 		return(retval);