From 0171967e1843193f8ddcaf03ff5772668870ff65 Mon Sep 17 00:00:00 2001 From: codemastr Date: Mon, 10 Dec 2001 22:02:47 +0000 Subject: [PATCH] Moved the mkpasswd program into the ./unreal script --- Changes | 1 + autoconf/configure.in | 4 +-- configure | 6 ++-- crypt/Makefile.in | 40 ---------------------- crypt/README | 63 ----------------------------------- crypt/crypter | 77 ------------------------------------------- crypt/mkpasswd.c | 43 ------------------------ src/ircd.c | 20 +++++++++++ unreal.in | 4 ++- 9 files changed, 29 insertions(+), 229 deletions(-) delete mode 100644 crypt/Makefile.in delete mode 100644 crypt/README delete mode 100644 crypt/crypter delete mode 100644 crypt/mkpasswd.c diff --git a/Changes b/Changes index 56d796fac..326242341 100644 --- a/Changes +++ b/Changes @@ -975,3 +975,4 @@ seen. gmtime warning still there - Fixed a ton of module v3 problems (cause: Stskeeps is an idiot) - Yes, even more module v3 bugfixes - Module v3 bugfixes. cause: codemastr lack find n replace skill +- Moved the mkpasswd program into ./unreal mkpasswd diff --git a/autoconf/configure.in b/autoconf/configure.in index 09809340e..2ffe20db3 100644 --- a/autoconf/configure.in +++ b/autoconf/configure.in @@ -1,5 +1,5 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT(crypt/mkpasswd.c) +AC_INIT(src/ircd.c) AC_CONFIG_HEADER(include/setup.h) AC_PROG_CC if test "$ac_cv_prog_gcc" = "yes"; then @@ -348,5 +348,5 @@ CFLAGS="$CFLAGS -D_AMIGA -m68040" CFLAGS="$CFLAGS -D_AMIGA -m68060" ;; esac -AC_OUTPUT(Makefile crypt/Makefile src/modules/Makefile unreal) +AC_OUTPUT(Makefile src/modules/Makefile unreal) chmod 0700 unreal diff --git a/configure b/configure index 5b7d99e1e..721fb7ede 100755 --- a/configure +++ b/configure @@ -482,7 +482,7 @@ echo > confdefs.h # A filename unique to this package, relative to the directory that # configure is in, which we can look for to find out if srcdir is correct. -ac_unique_file=crypt/mkpasswd.c +ac_unique_file=src/ircd.c # Find the source files, if location was not specified. if test -z "$srcdir"; then @@ -5172,7 +5172,7 @@ done ac_given_srcdir=$srcdir -trap 'rm -fr `echo "Makefile crypt/Makefile src/modules/Makefile unreal include/setup.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 +trap 'rm -fr `echo "Makefile src/modules/Makefile unreal include/setup.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 EOF cat >> $CONFIG_STATUS <> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then diff --git a/crypt/Makefile.in b/crypt/Makefile.in deleted file mode 100644 index 7e832d5b0..000000000 --- a/crypt/Makefile.in +++ /dev/null @@ -1,40 +0,0 @@ -#************************************************************************ -#* IRC - Internet Relay Chat, ircd/crypt/Makefile -#* Copyright (C) 1991 Darren Reed -#* -#* This program is free software; you can redistribute it and/or modify -#* it under the terms of the GNU General Public License as published by -#* the Free Software Foundation; either version 1, or (at your option) -#* any later version. -#* -#* This program is distributed in the hope that it will be useful, -#* but WITHOUT ANY WARRANTY; without even the implied warranty of -#* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -#* GNU General Public License for more details. -#* -#* You should have received a copy of the GNU General Public License -#* along with this program; if not, write to the Free Software -#* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -#* -#* $Id$ -#*/ -# -# Change this to the path of your local ircd.conf file -# - -IRCDCONF = ../ircd.conf -LIBS=@MKPASSWDLIBS@ - -all: mkpasswd -crypt: install - -mkpasswd: mkpasswd.c - cc ${LIBS} -O mkpasswd.c -o mkpasswd - -install: - chmod 700 crypter - ./crypter ${IRCDCONF} - @echo 'done.' - -clean: - /bin/rm -f mkpasswd diff --git a/crypt/README b/crypt/README deleted file mode 100644 index 817cc208b..000000000 --- a/crypt/README +++ /dev/null @@ -1,63 +0,0 @@ -/************************************************************************ - * IRC - Internet Relay Chat, ircd/crypt/README - * Copyright (C) 1991 Nelson Minar - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 1, or (at your option) - * any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - * $Id$ - */ - -The change implemented here is that the operator password in irc.conf -is no longer stored in plaintext form, but is encrypted the same way -that user passwords are encrypted on normal UNIX systems. Ie, instead -of having - - O:*:goodboy:Nelson - -in your ircd.conf file, you have - - O:*:sCnvYRmbFJ7oI:Nelson - -You still type "/oper Nelson goodboy" to become operator. However, if -someone gets ahold of your irc.conf file, they can no longer figure -out what the password is from reading it. There are still other -security holes, namely server-server passwords, but this closes one -obvious problem. - -So how do you generate these icky looking strings for passwords? -There's a simple program called mkpasswd to do that for you. Just run -mkpasswd, and at the prompt type in your plaintext password. It will -spit out the encrypted password, which you should then just copy into -the irc.conf file. This should be done only when adding new passwords -to your irc.conf file. To change over your irc.conf file to use -encrypted passwords, define CRYPT_OPER_PASSWORD in config.h. You will -need to recompile your server if you already compiled it with this -feature disabled. Once compiled, edit the Makefile in this directory -and chang "IRCDCONF" to your irc.conf file. Then "make install" in this -directory to replace all the operator passwords in your irc.conf file -with the encrypted format. - -Choose your passwords carefully. Do not choose something in a -dictionary, make sure its at least 5 characters. Anything past 8 -characters is ignored. - -One thing to note about crypt() passwords - for every plaintext, there -are 4096 different passwords. Some valid encryptions of "goodboy" -include t1Ub2RhRQHd4g sCnvYRmbFJ7oI and Xr4Z.Kg5tcdy6. The first -two characters (the "salt") determine which of the 4096 passwords -you will get. mkpasswd chooses the salt randomly, or alternately -will let you specify one on the command line. - -see also - crypt(3) diff --git a/crypt/crypter b/crypt/crypter deleted file mode 100644 index 8db19c8be..000000000 --- a/crypt/crypter +++ /dev/null @@ -1,77 +0,0 @@ -#!/usr/local/bin/perl -#************************************************************************ -#* IRC - Internet Relay Chat, ircd/crypt/crypter -#* Copyright (C) 1991 Sean Batt -#* -#* This program is free software; you can redistribute it and/or modify -#* it under the terms of the GNU General Public License as published by -#* the Free Software Foundation; either version 1, or (at your option) -#* any later version. -#* -#* This program is distributed in the hope that it will be useful, -#* but WITHOUT ANY WARRANTY; without even the implied warranty of -#* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -#* GNU General Public License for more details. -#* -#* You should have received a copy of the GNU General Public License -#* along with this program; if not, write to the Free Software -#* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -#* -#* $Id$ -#* -#*/ - -#From Sean Batt sean@coombs.anu.edu.au -# -#Temporary output file -# -$tmpfile = "/tmp/ircd.conf.tmp"; - -# -#Original ircd.conf file -# -$ircdconf = @ARGV[0]; - -$ircdout = "IRCDOUT"; - -print "crypting ",$ircdconf,"\n"; -@saltset = ('a' .. 'z', 'A' .. 'Z', '0' .. '9', '.', '/'); - -umask(0077); -open ($ircdout, ">/tmp/ircd.conf.tmp") || die "open $!"; - -while ($text = <>) { -#if its not an "O" line we can ignore it -if ($text =~ /^o/i) { - chop($text); - @oline = split(':', $text); - $salt = $saltset[rand(time)%64].$saltset[(rand(time)>>6)%64]; - $oline[2] = crypt(@oline[2], $salt); - print ($ircdout join(':',@oline)."\n"); -} -elsif ($text =~ /^n/i) { - chop($text); - @nline = split(':', $text); - $salt = $saltset[rand(time)%64].$saltset[(rand(time)>>6)%64]; - $nline[2] = crypt(@nline[2], $salt); - print ($ircdout join(':',@nline)."\n"); -} -elsif ($text =~ /^x/i) { - chop($text); - @xline = split(':', $text); - $salt1 = $saltset[rand(time)%64].$saltset[(rand(time)>>6)%64]; - $salt2 = $saltset[rand(time)%64].$saltset[(rand(time)>>6)%64]; - $xline[1] = crypt(@xline[1], $salt1); - $xline[2] = crypt(@xline[2], $salt2); - print ($ircdout join(':',@xline)."\n"); -} -else { - print $ircdout "$text"; -} -} -close ($ircdout); -close ($ircdin); -print "/bin/cp ",$tmpfile," ",$ircdconf,"\n"; -(fork()==0) ? exec("/bin/cp", $tmpfile, $ircdconf) : wait; - -#unlink($tmpfile); diff --git a/crypt/mkpasswd.c b/crypt/mkpasswd.c deleted file mode 100644 index de72fb5ef..000000000 --- a/crypt/mkpasswd.c +++ /dev/null @@ -1,43 +0,0 @@ -/* simple password generator by Nelson Minar (minar@reed.edu) - * copyright 1991, all rights reserved. - * You can use this code as long as my name stays with it. - * - * $Id$ - * - */ - -#include -#include -#include - -extern char *getpass(); - -int main(argc, argv) -int argc; -char *argv[]; -{ - static char saltChars[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./"; - char salt[3]; - char * plaintext; - int i; - - if (argc < 2) { - srandom(time(0)); /* may not be the BEST salt, but its close */ - salt[0] = saltChars[random() % 64]; - salt[1] = saltChars[random() % 64]; - salt[2] = 0; - } - else { - salt[0] = argv[1][0]; - salt[1] = argv[1][1]; - salt[2] = '\0'; - if ((strchr(saltChars, salt[0]) == NULL) || (strchr(saltChars, salt[1]) == NULL)) - fprintf(stderr, "illegal salt %s\n", salt), exit(1); - } - - plaintext = getpass("Enter Password: "); - - printf("Encryption: %s\n", crypt(plaintext, salt)); - return 0; -} - diff --git a/src/ircd.c b/src/ircd.c index ee8d21064..c60dbe0c1 100644 --- a/src/ircd.c +++ b/src/ircd.c @@ -904,6 +904,26 @@ int InitwIRCD(argc, argv) unrealmanual(); exit(0); #endif +#ifndef _WIN32 + case 'P': { + short type; + char *result; + srandom(TStime()); + if ((type = Auth_FindType(p)) == -1) { + printf("No such auth type %s\n", p); + exit(0); + } + p = *++argv; + argc--; + if (!(result = Auth_Make(type, p))) { + printf("Authentication failed\n"); + exit(0); + } + printf("Encrypted password is: %s\n", result); + exit(0); + } +#endif + case 'p': if ((portarg = atoi(p)) > 0) portnum = portarg; diff --git a/unreal.in b/unreal.in index d0fb5a805..8042ec14e 100644 --- a/unreal.in +++ b/unreal.in @@ -14,6 +14,8 @@ elif [ "$1" = "rehash" ] ; then elif [ "$1" = "restart" ] ; then echo "Restarting UnrealIRCd" kill -2 `cat $PID_FILE` +elif [ "$1" = "mkpasswd" ] ; then + @BINDIR@ -P $2 $3 else - echo "Usage: unreal start|stop|rehash|restart" + echo "Usage: unreal start|stop|rehash|restart|mkpasswd" fi