stay open leaving key unlocked for multiple challenges
This commit is contained in:
parent
971b19fb99
commit
3a9803bc32
5 changed files with 36 additions and 299 deletions
|
@ -3,9 +3,9 @@
|
||||||
# Copyright (C) 2005 ircd-ratbox development team
|
# Copyright (C) 2005 ircd-ratbox development team
|
||||||
# This code is in the public domain.
|
# This code is in the public domain.
|
||||||
|
|
||||||
prefix = @prefix@
|
prefix ?= @prefix@
|
||||||
exec_prefix = @exec_prefix@
|
exec_prefix ?= @exec_prefix@
|
||||||
bindir = @bindir@
|
bindir ?= @bindir@
|
||||||
|
|
||||||
CFLAGS = @CFLAGS@
|
CFLAGS = @CFLAGS@
|
||||||
CPPFLAGS = @CPPFLAGS@
|
CPPFLAGS = @CPPFLAGS@
|
||||||
|
@ -22,6 +22,9 @@ all: build
|
||||||
build: ratbox-respond.c
|
build: ratbox-respond.c
|
||||||
${CC} ${CFLAGS} ${CPPFLAGS} ${SSL_INCLUDES} -o ratbox-respond ratbox-respond.c ${LDFLAGS} ${LIBS} ${SSL_LIBS}
|
${CC} ${CFLAGS} ${CPPFLAGS} ${SSL_INCLUDES} -o ratbox-respond ratbox-respond.c ${LDFLAGS} ${LIBS} ${SSL_LIBS}
|
||||||
|
|
||||||
|
install: ratbox-respond
|
||||||
|
install ratbox-respond ${bindir}
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
${RM} -f ratbox-respond *~
|
${RM} -f ratbox-respond *~
|
||||||
|
|
||||||
|
|
22
configure
vendored
22
configure
vendored
|
@ -273,7 +273,6 @@ PACKAGE_VERSION='stable'
|
||||||
PACKAGE_STRING='ratbox-respond stable'
|
PACKAGE_STRING='ratbox-respond stable'
|
||||||
PACKAGE_BUGREPORT=''
|
PACKAGE_BUGREPORT=''
|
||||||
|
|
||||||
ac_default_prefix=.
|
|
||||||
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA RM CP MV TOUCH CPP EGREP SSL_SRCS_ENABLE SSL_INCLUDES SSL_LIBS LIBOBJS LTLIBOBJS'
|
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA RM CP MV TOUCH CPP EGREP SSL_SRCS_ENABLE SSL_INCLUDES SSL_LIBS LIBOBJS LTLIBOBJS'
|
||||||
ac_subst_files=''
|
ac_subst_files=''
|
||||||
|
|
||||||
|
@ -2203,27 +2202,6 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
|
||||||
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
|
ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
|
||||||
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
ac_compiler_gnu=$ac_cv_c_compiler_gnu
|
||||||
|
|
||||||
ac_aux_dir=
|
|
||||||
for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
|
|
||||||
if test -f $ac_dir/install-sh; then
|
|
||||||
ac_aux_dir=$ac_dir
|
|
||||||
ac_install_sh="$ac_aux_dir/install-sh -c"
|
|
||||||
break
|
|
||||||
elif test -f $ac_dir/install.sh; then
|
|
||||||
ac_aux_dir=$ac_dir
|
|
||||||
ac_install_sh="$ac_aux_dir/install.sh -c"
|
|
||||||
break
|
|
||||||
elif test -f $ac_dir/shtool; then
|
|
||||||
ac_aux_dir=$ac_dir
|
|
||||||
ac_install_sh="$ac_aux_dir/shtool install -c"
|
|
||||||
break
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
if test -z "$ac_aux_dir"; then
|
|
||||||
{ { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&5
|
|
||||||
echo "$as_me: error: cannot find install-sh or install.sh in $srcdir $srcdir/.. $srcdir/../.." >&2;}
|
|
||||||
{ (exit 1); exit 1; }; }
|
|
||||||
fi
|
|
||||||
ac_config_guess="$SHELL $ac_aux_dir/config.guess"
|
ac_config_guess="$SHELL $ac_aux_dir/config.guess"
|
||||||
ac_config_sub="$SHELL $ac_aux_dir/config.sub"
|
ac_config_sub="$SHELL $ac_aux_dir/config.sub"
|
||||||
ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
|
ac_configure="$SHELL $ac_aux_dir/configure" # This should be Cygnus configure.
|
||||||
|
|
270
install-sh
270
install-sh
|
@ -1,270 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
# $Id: install-sh 21587 2006-01-06 18:12:17Z leeh $
|
|
||||||
#
|
|
||||||
# install - install a program, script, or datafile
|
|
||||||
#
|
|
||||||
# This originates from X11R5 (mit/util/scripts/install.sh), which was
|
|
||||||
# later released in X11R6 (xc/config/util/install.sh) with the
|
|
||||||
# following copyright and license.
|
|
||||||
#
|
|
||||||
# Copyright (C) 1994 X Consortium
|
|
||||||
#
|
|
||||||
# Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
||||||
# of this software and associated documentation files (the "Software"), to
|
|
||||||
# deal in the Software without restriction, including without limitation the
|
|
||||||
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
|
||||||
# sell copies of the Software, and to permit persons to whom the Software is
|
|
||||||
# furnished to do so, subject to the following conditions:
|
|
||||||
#
|
|
||||||
# The above copyright notice and this permission notice shall be included in
|
|
||||||
# all copies or substantial portions of the Software.
|
|
||||||
#
|
|
||||||
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
||||||
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
||||||
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
||||||
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
|
|
||||||
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
|
|
||||||
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
||||||
#
|
|
||||||
# Except as contained in this notice, the name of the X Consortium shall not
|
|
||||||
# be used in advertising or otherwise to promote the sale, use or other deal-
|
|
||||||
# ings in this Software without prior written authorization from the X Consor-
|
|
||||||
# tium.
|
|
||||||
#
|
|
||||||
#
|
|
||||||
# FSF changes to this file are in the public domain.
|
|
||||||
#
|
|
||||||
# Calling this script install-sh is preferred over install.sh, to prevent
|
|
||||||
# `make' implicit rules from creating a file called install from it
|
|
||||||
# when there is no Makefile.
|
|
||||||
#
|
|
||||||
# This script is compatible with the BSD install script, but was written
|
|
||||||
# from scratch. It can only install one file at a time, a restriction
|
|
||||||
# shared with many OS's install programs.
|
|
||||||
|
|
||||||
|
|
||||||
# set DOITPROG to echo to test this script
|
|
||||||
|
|
||||||
# Don't use :- since 4.3BSD and earlier shells don't like it.
|
|
||||||
doit="${DOITPROG-}"
|
|
||||||
|
|
||||||
|
|
||||||
# put in absolute paths if you don't have them in your path; or use env. vars.
|
|
||||||
|
|
||||||
mvprog="${MVPROG-mv}"
|
|
||||||
cpprog="${CPPROG-cp}"
|
|
||||||
chmodprog="${CHMODPROG-chmod}"
|
|
||||||
chownprog="${CHOWNPROG-chown}"
|
|
||||||
chgrpprog="${CHGRPPROG-chgrp}"
|
|
||||||
stripprog="${STRIPPROG-strip}"
|
|
||||||
rmprog="${RMPROG-rm}"
|
|
||||||
mkdirprog="${MKDIRPROG-mkdir}"
|
|
||||||
|
|
||||||
transformbasename=""
|
|
||||||
transform_arg=""
|
|
||||||
instcmd="$mvprog"
|
|
||||||
chmodcmd="$chmodprog 0755"
|
|
||||||
chowncmd=""
|
|
||||||
chgrpcmd=""
|
|
||||||
stripcmd=""
|
|
||||||
rmcmd="$rmprog -f"
|
|
||||||
mvcmd="$mvprog"
|
|
||||||
src=""
|
|
||||||
dst=""
|
|
||||||
dir_arg=""
|
|
||||||
|
|
||||||
while [ x"$1" != x ]; do
|
|
||||||
case $1 in
|
|
||||||
-c) instcmd="$cpprog"
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-d) dir_arg=true
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-m) chmodcmd="$chmodprog $2"
|
|
||||||
shift
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-o) chowncmd="$chownprog $2"
|
|
||||||
shift
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-g) chgrpcmd="$chgrpprog $2"
|
|
||||||
shift
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-s) stripcmd="$stripprog"
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-t=*) transformarg=`echo $1 | sed 's/-t=//'`
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
|
|
||||||
*) if [ x"$src" = x ]
|
|
||||||
then
|
|
||||||
src=$1
|
|
||||||
else
|
|
||||||
# this colon is to work around a 386BSD /bin/sh bug
|
|
||||||
:
|
|
||||||
dst=$1
|
|
||||||
fi
|
|
||||||
shift
|
|
||||||
continue;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
if [ x"$src" = x ]
|
|
||||||
then
|
|
||||||
echo "install: no input file specified"
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
true
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ x"$dir_arg" != x ]; then
|
|
||||||
dst=$src
|
|
||||||
src=""
|
|
||||||
|
|
||||||
if [ -d $dst ]; then
|
|
||||||
instcmd=:
|
|
||||||
chmodcmd=""
|
|
||||||
else
|
|
||||||
instcmd=mkdir
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
|
|
||||||
# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
|
|
||||||
# might cause directories to be created, which would be especially bad
|
|
||||||
# if $src (and thus $dsttmp) contains '*'.
|
|
||||||
|
|
||||||
if [ -f $src -o -d $src ]
|
|
||||||
then
|
|
||||||
true
|
|
||||||
else
|
|
||||||
echo "install: $src does not exist"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ x"$dst" = x ]
|
|
||||||
then
|
|
||||||
echo "install: no destination specified"
|
|
||||||
exit 1
|
|
||||||
else
|
|
||||||
true
|
|
||||||
fi
|
|
||||||
|
|
||||||
# If destination is a directory, append the input filename; if your system
|
|
||||||
# does not like double slashes in filenames, you may need to add some logic
|
|
||||||
|
|
||||||
if [ -d $dst ]
|
|
||||||
then
|
|
||||||
dst="$dst"/`basename $src`
|
|
||||||
else
|
|
||||||
true
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
## this sed command emulates the dirname command
|
|
||||||
dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
|
|
||||||
|
|
||||||
# Make sure that the destination directory exists.
|
|
||||||
# this part is taken from Noah Friedman's mkinstalldirs script
|
|
||||||
|
|
||||||
# Skip lots of stat calls in the usual case.
|
|
||||||
if [ ! -d "$dstdir" ]; then
|
|
||||||
defaultIFS='
|
|
||||||
'
|
|
||||||
IFS="${IFS-${defaultIFS}}"
|
|
||||||
|
|
||||||
oIFS="${IFS}"
|
|
||||||
# Some sh's can't handle IFS=/ for some reason.
|
|
||||||
IFS='%'
|
|
||||||
set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
|
|
||||||
IFS="${oIFS}"
|
|
||||||
|
|
||||||
pathcomp=''
|
|
||||||
|
|
||||||
while [ $# -ne 0 ] ; do
|
|
||||||
pathcomp="${pathcomp}${1}"
|
|
||||||
shift
|
|
||||||
|
|
||||||
if [ ! -d "${pathcomp}" ] ;
|
|
||||||
then
|
|
||||||
$mkdirprog "${pathcomp}"
|
|
||||||
else
|
|
||||||
true
|
|
||||||
fi
|
|
||||||
|
|
||||||
pathcomp="${pathcomp}/"
|
|
||||||
done
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ x"$dir_arg" != x ]
|
|
||||||
then
|
|
||||||
$doit $instcmd $dst &&
|
|
||||||
|
|
||||||
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
|
|
||||||
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
|
|
||||||
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
|
|
||||||
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
|
|
||||||
else
|
|
||||||
|
|
||||||
# If we're going to rename the final executable, determine the name now.
|
|
||||||
|
|
||||||
if [ x"$transformarg" = x ]
|
|
||||||
then
|
|
||||||
dstfile=`basename $dst`
|
|
||||||
else
|
|
||||||
dstfile=`basename $dst $transformbasename |
|
|
||||||
sed $transformarg`$transformbasename
|
|
||||||
fi
|
|
||||||
|
|
||||||
# don't allow the sed command to completely eliminate the filename
|
|
||||||
|
|
||||||
if [ x"$dstfile" = x ]
|
|
||||||
then
|
|
||||||
dstfile=`basename $dst`
|
|
||||||
else
|
|
||||||
true
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Make a temp file name in the proper directory.
|
|
||||||
|
|
||||||
dsttmp=$dstdir/#inst.$$#
|
|
||||||
|
|
||||||
# Move or copy the file name to the temp name
|
|
||||||
|
|
||||||
$doit $instcmd $src $dsttmp &&
|
|
||||||
|
|
||||||
trap "rm -f ${dsttmp}" 0 &&
|
|
||||||
|
|
||||||
# and set any options; do chmod last to preserve setuid bits
|
|
||||||
|
|
||||||
# If any of these fail, we abort the whole thing. If we want to
|
|
||||||
# ignore errors from any of these, just make sure not to ignore
|
|
||||||
# errors from the above "$doit $instcmd $src $dsttmp" command.
|
|
||||||
|
|
||||||
if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
|
|
||||||
if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
|
|
||||||
if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
|
|
||||||
if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
|
|
||||||
|
|
||||||
# Now rename the file to the real destination.
|
|
||||||
|
|
||||||
$doit $rmcmd -f $dstdir/$dstfile &&
|
|
||||||
$doit $mvcmd $dsttmp $dstdir/$dstfile
|
|
||||||
|
|
||||||
fi &&
|
|
||||||
|
|
||||||
|
|
||||||
exit 0
|
|
25
makekeypair
Executable file
25
makekeypair
Executable file
|
@ -0,0 +1,25 @@
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
# Copyright (C) 2006 ircd-ratbox development team
|
||||||
|
# This code is in the public domain.
|
||||||
|
|
||||||
|
openssl "no-aes256-cbc" >/dev/null
|
||||||
|
if [ $? != 1 ]; then
|
||||||
|
openssl "no-des3" >/dev/null
|
||||||
|
if [ $? != 1 ]; then
|
||||||
|
echo "Unable to find a suitable encryption for assigning a password to the key"
|
||||||
|
echo "If you wish to generate a key without a passphrase, run:"
|
||||||
|
echo " openssl genrsa -out private.key 2048"
|
||||||
|
echo " openssl rsa -in private.key -out public.key -pubout"
|
||||||
|
echo "Though this is NOT recommended for security reasons."
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
enc="-des3"
|
||||||
|
else
|
||||||
|
enc="-aes256"
|
||||||
|
fi
|
||||||
|
|
||||||
|
openssl genrsa -out private.key $enc 4096
|
||||||
|
|
||||||
|
echo "Generating RSA public key..."
|
||||||
|
openssl rsa -in private.key -out public.key -pubout
|
|
@ -235,7 +235,7 @@ main(int argc, char **argv)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
SSLeay_add_all_ciphers();
|
OpenSSL_add_all_ciphers();
|
||||||
rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
|
rsa = PEM_read_RSAPrivateKey(kfile, NULL,pass_cb, NULL);
|
||||||
|
|
||||||
if(!rsa)
|
if(!rsa)
|
||||||
|
@ -246,19 +246,19 @@ main(int argc, char **argv)
|
||||||
|
|
||||||
fclose(kfile);
|
fclose(kfile);
|
||||||
|
|
||||||
ptr = read_challenge(stdin);
|
while ((ptr = read_challenge(stdin))[0] != '\0') {
|
||||||
ndata = base64_decode(ptr, strlen((char *)ptr), &len);
|
ndata = base64_decode(ptr, strlen((char *)ptr), &len);
|
||||||
if (ndata == NULL)
|
if (ndata == NULL)
|
||||||
{
|
{
|
||||||
puts("Error: Bad challenge.");
|
puts("Error: Bad challenge.");
|
||||||
return -1;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((len = RSA_private_decrypt(len, (unsigned char*)ndata,
|
if ((len = RSA_private_decrypt(len, (unsigned char*)ndata,
|
||||||
(unsigned char*)ddata, rsa, RSA_PKCS1_OAEP_PADDING)) == -1)
|
(unsigned char*)ddata, rsa, RSA_PKCS1_OAEP_PADDING)) == -1)
|
||||||
{
|
{
|
||||||
puts("Error: Decryption error.");
|
puts("Error: Decryption error.");
|
||||||
return -1;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
SHA1_Init(&ctx);
|
SHA1_Init(&ctx);
|
||||||
|
@ -271,5 +271,6 @@ main(int argc, char **argv)
|
||||||
}
|
}
|
||||||
puts((char *)ndata);
|
puts((char *)ndata);
|
||||||
fflush(NULL);
|
fflush(NULL);
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue