mirror of
https://github.com/yarrick/iodine.git
synced 2024-12-22 21:33:33 +02:00
Fixed password authentication
This commit is contained in:
parent
8b81909b5b
commit
1c7f63e97a
11 changed files with 689 additions and 39 deletions
|
@ -7,6 +7,10 @@ iodine - IP over DNS is now easy
|
|||
|
||||
CHANGES:
|
||||
|
||||
xxxx-xx-xx: 0.3.5
|
||||
- Added authentication (password entered as argument or on stdin)
|
||||
- Changed directory structure
|
||||
|
||||
2006-11-08: 0.3.4
|
||||
- Fixed handshake() buffer overflow
|
||||
(Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333)
|
||||
|
|
4
README
4
README
|
@ -118,3 +118,7 @@ INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
|||
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
|
||||
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
|
||||
MD5 implementation by L. Peter Deutsch (license and source in src/login.[ch])
|
||||
Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved.
|
||||
|
|
2
TODO
2
TODO
|
@ -9,8 +9,6 @@ STUFF TO DO:
|
|||
|
||||
- Handle multiple concurrent users on one server
|
||||
|
||||
- Some kind of authentication?
|
||||
|
||||
- Detect if EDNS0 can be used, probe MTU size
|
||||
|
||||
- Port to more platforms (Solaris? Windows?)
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
CC = gcc
|
||||
CLIENT = ../bin/iodine
|
||||
CLIENTOBJS = iodine.o tun.o dns.o read.o encoding.o
|
||||
CLIENTOBJS = iodine.o tun.o dns.o read.o encoding.o login.o
|
||||
SERVER = ../bin/iodined
|
||||
SERVEROBJS = iodined.o tun.o dns.o read.o encoding.o
|
||||
SERVEROBJS = iodined.o tun.o dns.o read.o encoding.o login.o
|
||||
|
||||
OS = `uname | tr "a-z" "A-Z"`
|
||||
|
||||
|
|
26
src/dns.c
26
src/dns.c
|
@ -172,13 +172,27 @@ dns_ping(int dns_fd)
|
|||
dns_write(dns_fd, ++pingid, data, 2, 'P');
|
||||
}
|
||||
|
||||
void
|
||||
dns_handshake(int dns_fd)
|
||||
void
|
||||
dns_login(int dns_fd, char *login, int len)
|
||||
{
|
||||
char data[2];
|
||||
data[0] = (pingid & 0xFF00) >> 8;
|
||||
data[1] = (pingid & 0xFF);
|
||||
dns_write(dns_fd, ++pingid, data, 2, 'H');
|
||||
char data[18];
|
||||
memcpy(data, login, MIN(len, 16));
|
||||
data[16] = (pingid & 0xFF00) >> 8;
|
||||
data[17] = (pingid & 0xFF);
|
||||
dns_write(dns_fd, ++pingid, data, 18, 'L');
|
||||
}
|
||||
|
||||
void
|
||||
dns_send_version(int dns_fd, int version)
|
||||
{
|
||||
char data[6];
|
||||
int v;
|
||||
|
||||
v = htonl(version);
|
||||
memcpy(data, &v, 4);
|
||||
data[4] = (pingid & 0xFF00) >> 8;
|
||||
data[5] = (pingid & 0xFF);
|
||||
dns_write(dns_fd, ++pingid, data, 6, 'V');
|
||||
}
|
||||
|
||||
static void
|
||||
|
|
|
@ -24,7 +24,8 @@ void close_dns(int);
|
|||
int dns_sending();
|
||||
void dns_handle_tun(int, char *, int);
|
||||
void dns_ping(int);
|
||||
void dns_handshake(int);
|
||||
void dns_send_version(int, int);
|
||||
void dns_login(int, char *, int);
|
||||
int dns_read(int, char *, int);
|
||||
int dns_encode_hostname(const char *, char *, int);
|
||||
|
||||
|
|
82
src/iodine.c
82
src/iodine.c
|
@ -33,12 +33,15 @@
|
|||
#include "tun.h"
|
||||
#include "structs.h"
|
||||
#include "dns.h"
|
||||
#include "version.h"
|
||||
#include "login.h"
|
||||
|
||||
#ifndef MAX
|
||||
#define MAX(a,b) ((a)>(b)?(a):(b))
|
||||
#endif
|
||||
|
||||
int running = 1;
|
||||
char password[33];
|
||||
|
||||
static void
|
||||
sighandler(int sig) {
|
||||
|
@ -114,21 +117,21 @@ handshake(int dns_fd)
|
|||
struct timeval tv;
|
||||
char server[65];
|
||||
char client[65];
|
||||
char login[16];
|
||||
char in[4096];
|
||||
int timeout;
|
||||
fd_set fds;
|
||||
int read;
|
||||
int mtu;
|
||||
int seed;
|
||||
int version;
|
||||
int i;
|
||||
int r;
|
||||
|
||||
timeout = 1;
|
||||
|
||||
for (i=0; running && i<5 ;i++) {
|
||||
tv.tv_sec = timeout++;
|
||||
tv.tv_sec = i + 1;
|
||||
tv.tv_usec = 0;
|
||||
|
||||
dns_handshake(dns_fd);
|
||||
dns_send_version(dns_fd, VERSION);
|
||||
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(dns_fd, &fds);
|
||||
|
@ -144,14 +147,60 @@ handshake(int dns_fd)
|
|||
}
|
||||
|
||||
if (read > 0) {
|
||||
if (sscanf(in, "%64[^-]-%64[^-]-%d",
|
||||
if (strncmp("VACK", in, 4) == 0) {
|
||||
if (read >= 8) {
|
||||
memcpy(&seed, in + 4, 4);
|
||||
seed = ntohl(seed);
|
||||
printf("Version ok, both running 0x%08x\n", VERSION);
|
||||
break;
|
||||
} else {
|
||||
printf("Version ok but did not receive proper login challenge\n");
|
||||
}
|
||||
} else {
|
||||
memcpy(&version, in + 4, 4);
|
||||
version = ntohl(version);
|
||||
printf("You run 0x%08x, server runs 0x%08x. Giving up\n", VERSION, version);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (i == 4)
|
||||
return 1;
|
||||
printf("Retrying version check...\n");
|
||||
}
|
||||
|
||||
login_calculate(login, 16, password, seed);
|
||||
for (i=0; running && i<5 ;i++) {
|
||||
tv.tv_sec = i + 1;
|
||||
tv.tv_usec = 0;
|
||||
|
||||
dns_login(dns_fd, login, 16);
|
||||
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(dns_fd, &fds);
|
||||
|
||||
r = select(dns_fd + 1, &fds, NULL, NULL, &tv);
|
||||
|
||||
if(r > 0) {
|
||||
read = dns_read(dns_fd, in, sizeof(in));
|
||||
|
||||
if(read <= 0) {
|
||||
perror("read");
|
||||
continue;
|
||||
}
|
||||
|
||||
if (read > 0) {
|
||||
if (strncmp("LNAK", in, 4) == 0) {
|
||||
printf("Bad password\n");
|
||||
return 1;
|
||||
} else if (sscanf(in, "%64[^-]-%64[^-]-%d",
|
||||
server, client, &mtu) == 3) {
|
||||
|
||||
server[64] = 0;
|
||||
client[64] = 0;
|
||||
if (tun_setip(client) == 0 &&
|
||||
tun_setmtu(mtu) == 0) {
|
||||
|
||||
return 0;
|
||||
} else {
|
||||
warn("Received handshake with bad data");
|
||||
|
@ -162,7 +211,7 @@ handshake(int dns_fd)
|
|||
}
|
||||
}
|
||||
|
||||
printf("Retrying...\n");
|
||||
printf("Retrying login...\n");
|
||||
}
|
||||
|
||||
return 1;
|
||||
|
@ -216,11 +265,12 @@ main(int argc, char **argv)
|
|||
int dns_fd;
|
||||
|
||||
username = NULL;
|
||||
memset(password, 0, 33);
|
||||
foreground = 0;
|
||||
newroot = NULL;
|
||||
device = NULL;
|
||||
|
||||
while ((choice = getopt(argc, argv, "vfhu:t:d:")) != -1) {
|
||||
while ((choice = getopt(argc, argv, "vfhu:t:d:P:")) != -1) {
|
||||
switch(choice) {
|
||||
case 'v':
|
||||
version();
|
||||
|
@ -240,6 +290,10 @@ main(int argc, char **argv)
|
|||
case 'd':
|
||||
device = optarg;
|
||||
break;
|
||||
case 'P':
|
||||
strncpy(password, optarg, 32);
|
||||
password[32] = 0;
|
||||
break;
|
||||
default:
|
||||
usage();
|
||||
break;
|
||||
|
@ -264,6 +318,12 @@ main(int argc, char **argv)
|
|||
usage();
|
||||
}
|
||||
}
|
||||
|
||||
if (strlen(password) == 0) {
|
||||
printf("Enter password on stdin:\n");
|
||||
scanf("%32s", password);
|
||||
password[32] = 0;
|
||||
}
|
||||
|
||||
if ((tun_fd = open_tun(device)) == -1)
|
||||
goto cleanup1;
|
||||
|
@ -272,13 +332,13 @@ main(int argc, char **argv)
|
|||
if (dns_settarget(argv[0]) == -1)
|
||||
goto cleanup2;
|
||||
|
||||
printf("Sending queries for %s to %s\n", argv[1], argv[0]);
|
||||
|
||||
signal(SIGINT, sighandler);
|
||||
signal(SIGTERM, sighandler);
|
||||
|
||||
if(handshake(dns_fd))
|
||||
goto cleanup2;
|
||||
|
||||
printf("Sending queries for %s to %s\n", argv[1], argv[0]);
|
||||
|
||||
if (newroot) {
|
||||
if (chroot(newroot) != 0 || chdir("/") != 0)
|
||||
|
|
|
@ -34,6 +34,8 @@
|
|||
#include "tun.h"
|
||||
#include "structs.h"
|
||||
#include "dns.h"
|
||||
#include "login.h"
|
||||
#include "version.h"
|
||||
|
||||
#ifndef MAX
|
||||
#define MAX(a,b) ((a)>(b)?(a):(b))
|
||||
|
@ -47,6 +49,9 @@ int outid;
|
|||
|
||||
struct query q;
|
||||
|
||||
struct user u;
|
||||
char password[33];
|
||||
|
||||
int my_mtu;
|
||||
in_addr_t my_ip;
|
||||
|
||||
|
@ -64,10 +69,14 @@ tunnel(int tun_fd, int dns_fd)
|
|||
char out[64*1024];
|
||||
char in[64*1024];
|
||||
char *tmp[2];
|
||||
char logindata[16];
|
||||
long outlen;
|
||||
fd_set fds;
|
||||
int read;
|
||||
int code;
|
||||
int version;
|
||||
int seed;
|
||||
int nseed;
|
||||
int i;
|
||||
|
||||
while (running) {
|
||||
|
@ -114,21 +123,54 @@ tunnel(int tun_fd, int dns_fd)
|
|||
if (read <= 0)
|
||||
continue;
|
||||
|
||||
if(in[0] == 'H' || in[0] == 'h') {
|
||||
myip.s_addr = my_ip;
|
||||
clientip.s_addr = my_ip + inet_addr("0.0.0.1");
|
||||
if(in[0] == 'V' || in[0] == 'v') {
|
||||
// Version greeting, compare and send ack/nak
|
||||
if (read >= 5) { // Received V + 32bits version
|
||||
memcpy(&version, in + 1, 4);
|
||||
version = ntohl(version);
|
||||
if (version == VERSION) {
|
||||
seed = rand();
|
||||
nseed = htonl(seed);
|
||||
strcpy(out, "VACK");
|
||||
memcpy(out+4, &nseed, 4);
|
||||
dnsd_send(dns_fd, &q, out, 8);
|
||||
|
||||
tmp[0] = strdup(inet_ntoa(myip));
|
||||
tmp[1] = strdup(inet_ntoa(clientip));
|
||||
|
||||
read = snprintf(out, sizeof(out), "%s-%s-%d",
|
||||
tmp[0], tmp[1], my_mtu);
|
||||
memcpy(&(u.host), &(q.from), q.fromlen);
|
||||
u.addrlen = q.fromlen;
|
||||
} else {
|
||||
version = htonl(VERSION);
|
||||
strcpy(out, "VNAK");
|
||||
memcpy(out+4, &version, 4);
|
||||
dnsd_send(dns_fd, &q, out, 8);
|
||||
}
|
||||
} else {
|
||||
version = htonl(VERSION);
|
||||
strcpy(out, "VNAK");
|
||||
memcpy(out+4, &version, 4);
|
||||
dnsd_send(dns_fd, &q, out, 8);
|
||||
}
|
||||
} else if(in[0] == 'L' || in[0] == 'l') {
|
||||
// Login phase, handle auth
|
||||
login_calculate(logindata, 16, password, seed);
|
||||
if (read >= 17 && (memcmp(logindata, in+1, 16) == 0)) {
|
||||
// Login ok, send ip/mtu info
|
||||
myip.s_addr = my_ip;
|
||||
clientip.s_addr = my_ip + inet_addr("0.0.0.1");
|
||||
|
||||
dnsd_send(dns_fd, &q, out, read);
|
||||
q.id = 0;
|
||||
tmp[0] = strdup(inet_ntoa(myip));
|
||||
tmp[1] = strdup(inet_ntoa(clientip));
|
||||
|
||||
read = snprintf(out, sizeof(out), "%s-%s-%d",
|
||||
tmp[0], tmp[1], my_mtu);
|
||||
|
||||
free(tmp[1]);
|
||||
free(tmp[0]);
|
||||
dnsd_send(dns_fd, &q, out, read);
|
||||
q.id = 0;
|
||||
|
||||
free(tmp[1]);
|
||||
free(tmp[0]);
|
||||
} else {
|
||||
dnsd_send(dns_fd, &q, "LNAK", 4);
|
||||
}
|
||||
} else if((in[0] >= '0' && in[0] <= '9')
|
||||
|| (in[0] >= 'a' && in[0] <= 'f')
|
||||
|| (in[0] >= 'A' && in[0] <= 'F')) {
|
||||
|
@ -168,8 +210,9 @@ static void
|
|||
usage() {
|
||||
extern char *__progname;
|
||||
|
||||
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] [-l ip address to listen on] [-p port]"
|
||||
" tunnel_ip topdomain\n", __progname);
|
||||
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] "
|
||||
"[-l ip address to listen on] [-p port] [-P password]"
|
||||
" tunnel_ip topdomain\n", __progname);
|
||||
exit(2);
|
||||
}
|
||||
|
||||
|
@ -178,8 +221,9 @@ help() {
|
|||
extern char *__progname;
|
||||
|
||||
printf("iodine IP over DNS tunneling server\n");
|
||||
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] [-l ip address to listen on] [-p port]"
|
||||
" tunnel_ip topdomain\n", __progname);
|
||||
printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] "
|
||||
"[-l ip address to listen on] [-p port] [-P password]"
|
||||
" tunnel_ip topdomain\n", __progname);
|
||||
printf(" -v to print version info and exit\n");
|
||||
printf(" -h to print this help and exit\n");
|
||||
printf(" -f to keep running in foreground\n");
|
||||
|
@ -189,6 +233,7 @@ help() {
|
|||
printf(" -m mtu to set tunnel device mtu\n");
|
||||
printf(" -l ip address to listen on for incoming dns traffic (default 0.0.0.0)\n");
|
||||
printf(" -p port to listen on for incoming dns traffic (default 53)\n");
|
||||
printf(" -P password used for authentication (max 32 chars will be used)\n");
|
||||
printf("tunnel_ip is the IP number of the local tunnel interface.\n");
|
||||
printf("topdomain is the FQDN that is delegated to this server.\n");
|
||||
exit(0);
|
||||
|
@ -229,8 +274,9 @@ main(int argc, char **argv)
|
|||
packetbuf.offset = 0;
|
||||
outpacket.len = 0;
|
||||
q.id = 0;
|
||||
memset(password, 0, 33);
|
||||
|
||||
while ((choice = getopt(argc, argv, "vfhu:t:d:m:l:p:")) != -1) {
|
||||
while ((choice = getopt(argc, argv, "vfhu:t:d:m:l:p:P:")) != -1) {
|
||||
switch(choice) {
|
||||
case 'v':
|
||||
version();
|
||||
|
@ -263,6 +309,10 @@ main(int argc, char **argv)
|
|||
printf("You must manually forward port 53 to port %d for things to work.\n", port);
|
||||
}
|
||||
break;
|
||||
case 'P':
|
||||
strncpy(password, optarg, 32);
|
||||
password[32] = 0;
|
||||
break;
|
||||
default:
|
||||
usage();
|
||||
break;
|
||||
|
@ -298,6 +348,12 @@ main(int argc, char **argv)
|
|||
usage();
|
||||
}
|
||||
|
||||
if (strlen(password) == 0) {
|
||||
printf("Enter password on stdin:\n");
|
||||
scanf("%32s", password);
|
||||
password[32] = 0;
|
||||
}
|
||||
|
||||
if ((tun_fd = open_tun(device)) == -1)
|
||||
goto cleanup0;
|
||||
if (tun_setip(argv[0]) != 0 || tun_setmtu(mtu) != 0)
|
||||
|
|
409
src/login.c
Normal file
409
src/login.c
Normal file
|
@ -0,0 +1,409 @@
|
|||
/*
|
||||
Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved.
|
||||
|
||||
This software is provided 'as-is', without any express or implied
|
||||
warranty. In no event will the authors be held liable for any damages
|
||||
arising from the use of this software.
|
||||
|
||||
Permission is granted to anyone to use this software for any purpose,
|
||||
including commercial applications, and to alter it and redistribute it
|
||||
freely, subject to the following restrictions:
|
||||
|
||||
1. The origin of this software must not be misrepresented; you must not
|
||||
claim that you wrote the original software. If you use this software
|
||||
in a product, an acknowledgment in the product documentation would be
|
||||
appreciated but is not required.
|
||||
2. Altered source versions must be plainly marked as such, and must not be
|
||||
misrepresented as being the original software.
|
||||
3. This notice may not be removed or altered from any source distribution.
|
||||
|
||||
L. Peter Deutsch
|
||||
ghost@aladdin.com
|
||||
|
||||
*/
|
||||
/* $Id: md5.c,v 1.6 2002/04/13 19:20:28 lpd Exp $ */
|
||||
/*
|
||||
Independent implementation of MD5 (RFC 1321).
|
||||
|
||||
This code implements the MD5 Algorithm defined in RFC 1321, whose
|
||||
text is available at
|
||||
http://www.ietf.org/rfc/rfc1321.txt
|
||||
The code is derived from the text of the RFC, including the test suite
|
||||
(section A.5) but excluding the rest of Appendix A. It does not include
|
||||
any code or documentation that is identified in the RFC as being
|
||||
copyrighted.
|
||||
|
||||
The original and principal author of md5.c is L. Peter Deutsch
|
||||
<ghost@aladdin.com>. Other authors are noted in the change history
|
||||
that follows (in reverse chronological order):
|
||||
|
||||
2002-04-13 lpd Clarified derivation from RFC 1321; now handles byte order
|
||||
either statically or dynamically; added missing #include <string.h>
|
||||
in library.
|
||||
2002-03-11 lpd Corrected argument list for main(), and added int return
|
||||
type, in test program and T value program.
|
||||
2002-02-21 lpd Added missing #include <stdio.h> in test program.
|
||||
2000-07-03 lpd Patched to eliminate warnings about "constant is
|
||||
unsigned in ANSI C, signed in traditional"; made test program
|
||||
self-checking.
|
||||
1999-11-04 lpd Edited comments slightly for automatic TOC extraction.
|
||||
1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5).
|
||||
1999-05-03 lpd Original version.
|
||||
*/
|
||||
|
||||
#include "login.h"
|
||||
#include <string.h>
|
||||
|
||||
#undef BYTE_ORDER /* 1 = big-endian, -1 = little-endian, 0 = unknown */
|
||||
#ifdef ARCH_IS_BIG_ENDIAN
|
||||
# define BYTE_ORDER (ARCH_IS_BIG_ENDIAN ? 1 : -1)
|
||||
#else
|
||||
# define BYTE_ORDER 0
|
||||
#endif
|
||||
|
||||
#define T_MASK ((md5_word_t)~0)
|
||||
#define T1 /* 0xd76aa478 */ (T_MASK ^ 0x28955b87)
|
||||
#define T2 /* 0xe8c7b756 */ (T_MASK ^ 0x173848a9)
|
||||
#define T3 0x242070db
|
||||
#define T4 /* 0xc1bdceee */ (T_MASK ^ 0x3e423111)
|
||||
#define T5 /* 0xf57c0faf */ (T_MASK ^ 0x0a83f050)
|
||||
#define T6 0x4787c62a
|
||||
#define T7 /* 0xa8304613 */ (T_MASK ^ 0x57cfb9ec)
|
||||
#define T8 /* 0xfd469501 */ (T_MASK ^ 0x02b96afe)
|
||||
#define T9 0x698098d8
|
||||
#define T10 /* 0x8b44f7af */ (T_MASK ^ 0x74bb0850)
|
||||
#define T11 /* 0xffff5bb1 */ (T_MASK ^ 0x0000a44e)
|
||||
#define T12 /* 0x895cd7be */ (T_MASK ^ 0x76a32841)
|
||||
#define T13 0x6b901122
|
||||
#define T14 /* 0xfd987193 */ (T_MASK ^ 0x02678e6c)
|
||||
#define T15 /* 0xa679438e */ (T_MASK ^ 0x5986bc71)
|
||||
#define T16 0x49b40821
|
||||
#define T17 /* 0xf61e2562 */ (T_MASK ^ 0x09e1da9d)
|
||||
#define T18 /* 0xc040b340 */ (T_MASK ^ 0x3fbf4cbf)
|
||||
#define T19 0x265e5a51
|
||||
#define T20 /* 0xe9b6c7aa */ (T_MASK ^ 0x16493855)
|
||||
#define T21 /* 0xd62f105d */ (T_MASK ^ 0x29d0efa2)
|
||||
#define T22 0x02441453
|
||||
#define T23 /* 0xd8a1e681 */ (T_MASK ^ 0x275e197e)
|
||||
#define T24 /* 0xe7d3fbc8 */ (T_MASK ^ 0x182c0437)
|
||||
#define T25 0x21e1cde6
|
||||
#define T26 /* 0xc33707d6 */ (T_MASK ^ 0x3cc8f829)
|
||||
#define T27 /* 0xf4d50d87 */ (T_MASK ^ 0x0b2af278)
|
||||
#define T28 0x455a14ed
|
||||
#define T29 /* 0xa9e3e905 */ (T_MASK ^ 0x561c16fa)
|
||||
#define T30 /* 0xfcefa3f8 */ (T_MASK ^ 0x03105c07)
|
||||
#define T31 0x676f02d9
|
||||
#define T32 /* 0x8d2a4c8a */ (T_MASK ^ 0x72d5b375)
|
||||
#define T33 /* 0xfffa3942 */ (T_MASK ^ 0x0005c6bd)
|
||||
#define T34 /* 0x8771f681 */ (T_MASK ^ 0x788e097e)
|
||||
#define T35 0x6d9d6122
|
||||
#define T36 /* 0xfde5380c */ (T_MASK ^ 0x021ac7f3)
|
||||
#define T37 /* 0xa4beea44 */ (T_MASK ^ 0x5b4115bb)
|
||||
#define T38 0x4bdecfa9
|
||||
#define T39 /* 0xf6bb4b60 */ (T_MASK ^ 0x0944b49f)
|
||||
#define T40 /* 0xbebfbc70 */ (T_MASK ^ 0x4140438f)
|
||||
#define T41 0x289b7ec6
|
||||
#define T42 /* 0xeaa127fa */ (T_MASK ^ 0x155ed805)
|
||||
#define T43 /* 0xd4ef3085 */ (T_MASK ^ 0x2b10cf7a)
|
||||
#define T44 0x04881d05
|
||||
#define T45 /* 0xd9d4d039 */ (T_MASK ^ 0x262b2fc6)
|
||||
#define T46 /* 0xe6db99e5 */ (T_MASK ^ 0x1924661a)
|
||||
#define T47 0x1fa27cf8
|
||||
#define T48 /* 0xc4ac5665 */ (T_MASK ^ 0x3b53a99a)
|
||||
#define T49 /* 0xf4292244 */ (T_MASK ^ 0x0bd6ddbb)
|
||||
#define T50 0x432aff97
|
||||
#define T51 /* 0xab9423a7 */ (T_MASK ^ 0x546bdc58)
|
||||
#define T52 /* 0xfc93a039 */ (T_MASK ^ 0x036c5fc6)
|
||||
#define T53 0x655b59c3
|
||||
#define T54 /* 0x8f0ccc92 */ (T_MASK ^ 0x70f3336d)
|
||||
#define T55 /* 0xffeff47d */ (T_MASK ^ 0x00100b82)
|
||||
#define T56 /* 0x85845dd1 */ (T_MASK ^ 0x7a7ba22e)
|
||||
#define T57 0x6fa87e4f
|
||||
#define T58 /* 0xfe2ce6e0 */ (T_MASK ^ 0x01d3191f)
|
||||
#define T59 /* 0xa3014314 */ (T_MASK ^ 0x5cfebceb)
|
||||
#define T60 0x4e0811a1
|
||||
#define T61 /* 0xf7537e82 */ (T_MASK ^ 0x08ac817d)
|
||||
#define T62 /* 0xbd3af235 */ (T_MASK ^ 0x42c50dca)
|
||||
#define T63 0x2ad7d2bb
|
||||
#define T64 /* 0xeb86d391 */ (T_MASK ^ 0x14792c6e)
|
||||
|
||||
|
||||
static void
|
||||
md5_process(md5_state_t *pms, const md5_byte_t *data /*[64]*/)
|
||||
{
|
||||
md5_word_t
|
||||
a = pms->abcd[0], b = pms->abcd[1],
|
||||
c = pms->abcd[2], d = pms->abcd[3];
|
||||
md5_word_t t;
|
||||
#if BYTE_ORDER > 0
|
||||
/* Define storage only for big-endian CPUs. */
|
||||
md5_word_t X[16];
|
||||
#else
|
||||
/* Define storage for little-endian or both types of CPUs. */
|
||||
md5_word_t xbuf[16];
|
||||
const md5_word_t *X;
|
||||
#endif
|
||||
|
||||
{
|
||||
#if BYTE_ORDER == 0
|
||||
/*
|
||||
* Determine dynamically whether this is a big-endian or
|
||||
* little-endian machine, since we can use a more efficient
|
||||
* algorithm on the latter.
|
||||
*/
|
||||
static const int w = 1;
|
||||
|
||||
if (*((const md5_byte_t *)&w)) /* dynamic little-endian */
|
||||
#endif
|
||||
#if BYTE_ORDER <= 0 /* little-endian */
|
||||
{
|
||||
/*
|
||||
* On little-endian machines, we can process properly aligned
|
||||
* data without copying it.
|
||||
*/
|
||||
if (!((data - (const md5_byte_t *)0) & 3)) {
|
||||
/* data are properly aligned */
|
||||
X = (const md5_word_t *)data;
|
||||
} else {
|
||||
/* not aligned */
|
||||
memcpy(xbuf, data, 64);
|
||||
X = xbuf;
|
||||
}
|
||||
}
|
||||
#endif
|
||||
#if BYTE_ORDER == 0
|
||||
else /* dynamic big-endian */
|
||||
#endif
|
||||
#if BYTE_ORDER >= 0 /* big-endian */
|
||||
{
|
||||
/*
|
||||
* On big-endian machines, we must arrange the bytes in the
|
||||
* right order.
|
||||
*/
|
||||
const md5_byte_t *xp = data;
|
||||
int i;
|
||||
|
||||
# if BYTE_ORDER == 0
|
||||
X = xbuf; /* (dynamic only) */
|
||||
# else
|
||||
# define xbuf X /* (static only) */
|
||||
# endif
|
||||
for (i = 0; i < 16; ++i, xp += 4)
|
||||
xbuf[i] = xp[0] + (xp[1] << 8) + (xp[2] << 16) + (xp[3] << 24);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n))))
|
||||
|
||||
/* Round 1. */
|
||||
/* Let [abcd k s i] denote the operation
|
||||
a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */
|
||||
#define F(x, y, z) (((x) & (y)) | (~(x) & (z)))
|
||||
#define SET(a, b, c, d, k, s, Ti)\
|
||||
t = a + F(b,c,d) + X[k] + Ti;\
|
||||
a = ROTATE_LEFT(t, s) + b
|
||||
/* Do the following 16 operations. */
|
||||
SET(a, b, c, d, 0, 7, T1);
|
||||
SET(d, a, b, c, 1, 12, T2);
|
||||
SET(c, d, a, b, 2, 17, T3);
|
||||
SET(b, c, d, a, 3, 22, T4);
|
||||
SET(a, b, c, d, 4, 7, T5);
|
||||
SET(d, a, b, c, 5, 12, T6);
|
||||
SET(c, d, a, b, 6, 17, T7);
|
||||
SET(b, c, d, a, 7, 22, T8);
|
||||
SET(a, b, c, d, 8, 7, T9);
|
||||
SET(d, a, b, c, 9, 12, T10);
|
||||
SET(c, d, a, b, 10, 17, T11);
|
||||
SET(b, c, d, a, 11, 22, T12);
|
||||
SET(a, b, c, d, 12, 7, T13);
|
||||
SET(d, a, b, c, 13, 12, T14);
|
||||
SET(c, d, a, b, 14, 17, T15);
|
||||
SET(b, c, d, a, 15, 22, T16);
|
||||
#undef SET
|
||||
|
||||
/* Round 2. */
|
||||
/* Let [abcd k s i] denote the operation
|
||||
a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */
|
||||
#define G(x, y, z) (((x) & (z)) | ((y) & ~(z)))
|
||||
#define SET(a, b, c, d, k, s, Ti)\
|
||||
t = a + G(b,c,d) + X[k] + Ti;\
|
||||
a = ROTATE_LEFT(t, s) + b
|
||||
/* Do the following 16 operations. */
|
||||
SET(a, b, c, d, 1, 5, T17);
|
||||
SET(d, a, b, c, 6, 9, T18);
|
||||
SET(c, d, a, b, 11, 14, T19);
|
||||
SET(b, c, d, a, 0, 20, T20);
|
||||
SET(a, b, c, d, 5, 5, T21);
|
||||
SET(d, a, b, c, 10, 9, T22);
|
||||
SET(c, d, a, b, 15, 14, T23);
|
||||
SET(b, c, d, a, 4, 20, T24);
|
||||
SET(a, b, c, d, 9, 5, T25);
|
||||
SET(d, a, b, c, 14, 9, T26);
|
||||
SET(c, d, a, b, 3, 14, T27);
|
||||
SET(b, c, d, a, 8, 20, T28);
|
||||
SET(a, b, c, d, 13, 5, T29);
|
||||
SET(d, a, b, c, 2, 9, T30);
|
||||
SET(c, d, a, b, 7, 14, T31);
|
||||
SET(b, c, d, a, 12, 20, T32);
|
||||
#undef SET
|
||||
|
||||
/* Round 3. */
|
||||
/* Let [abcd k s t] denote the operation
|
||||
a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */
|
||||
#define H(x, y, z) ((x) ^ (y) ^ (z))
|
||||
#define SET(a, b, c, d, k, s, Ti)\
|
||||
t = a + H(b,c,d) + X[k] + Ti;\
|
||||
a = ROTATE_LEFT(t, s) + b
|
||||
/* Do the following 16 operations. */
|
||||
SET(a, b, c, d, 5, 4, T33);
|
||||
SET(d, a, b, c, 8, 11, T34);
|
||||
SET(c, d, a, b, 11, 16, T35);
|
||||
SET(b, c, d, a, 14, 23, T36);
|
||||
SET(a, b, c, d, 1, 4, T37);
|
||||
SET(d, a, b, c, 4, 11, T38);
|
||||
SET(c, d, a, b, 7, 16, T39);
|
||||
SET(b, c, d, a, 10, 23, T40);
|
||||
SET(a, b, c, d, 13, 4, T41);
|
||||
SET(d, a, b, c, 0, 11, T42);
|
||||
SET(c, d, a, b, 3, 16, T43);
|
||||
SET(b, c, d, a, 6, 23, T44);
|
||||
SET(a, b, c, d, 9, 4, T45);
|
||||
SET(d, a, b, c, 12, 11, T46);
|
||||
SET(c, d, a, b, 15, 16, T47);
|
||||
SET(b, c, d, a, 2, 23, T48);
|
||||
#undef SET
|
||||
|
||||
/* Round 4. */
|
||||
/* Let [abcd k s t] denote the operation
|
||||
a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */
|
||||
#define I(x, y, z) ((y) ^ ((x) | ~(z)))
|
||||
#define SET(a, b, c, d, k, s, Ti)\
|
||||
t = a + I(b,c,d) + X[k] + Ti;\
|
||||
a = ROTATE_LEFT(t, s) + b
|
||||
/* Do the following 16 operations. */
|
||||
SET(a, b, c, d, 0, 6, T49);
|
||||
SET(d, a, b, c, 7, 10, T50);
|
||||
SET(c, d, a, b, 14, 15, T51);
|
||||
SET(b, c, d, a, 5, 21, T52);
|
||||
SET(a, b, c, d, 12, 6, T53);
|
||||
SET(d, a, b, c, 3, 10, T54);
|
||||
SET(c, d, a, b, 10, 15, T55);
|
||||
SET(b, c, d, a, 1, 21, T56);
|
||||
SET(a, b, c, d, 8, 6, T57);
|
||||
SET(d, a, b, c, 15, 10, T58);
|
||||
SET(c, d, a, b, 6, 15, T59);
|
||||
SET(b, c, d, a, 13, 21, T60);
|
||||
SET(a, b, c, d, 4, 6, T61);
|
||||
SET(d, a, b, c, 11, 10, T62);
|
||||
SET(c, d, a, b, 2, 15, T63);
|
||||
SET(b, c, d, a, 9, 21, T64);
|
||||
#undef SET
|
||||
|
||||
/* Then perform the following additions. (That is increment each
|
||||
of the four registers by the value it had before this block
|
||||
was started.) */
|
||||
pms->abcd[0] += a;
|
||||
pms->abcd[1] += b;
|
||||
pms->abcd[2] += c;
|
||||
pms->abcd[3] += d;
|
||||
}
|
||||
|
||||
void
|
||||
md5_init(md5_state_t *pms)
|
||||
{
|
||||
pms->count[0] = pms->count[1] = 0;
|
||||
pms->abcd[0] = 0x67452301;
|
||||
pms->abcd[1] = /*0xefcdab89*/ T_MASK ^ 0x10325476;
|
||||
pms->abcd[2] = /*0x98badcfe*/ T_MASK ^ 0x67452301;
|
||||
pms->abcd[3] = 0x10325476;
|
||||
}
|
||||
|
||||
void
|
||||
md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes)
|
||||
{
|
||||
const md5_byte_t *p = data;
|
||||
int left = nbytes;
|
||||
int offset = (pms->count[0] >> 3) & 63;
|
||||
md5_word_t nbits = (md5_word_t)(nbytes << 3);
|
||||
|
||||
if (nbytes <= 0)
|
||||
return;
|
||||
|
||||
/* Update the message length. */
|
||||
pms->count[1] += nbytes >> 29;
|
||||
pms->count[0] += nbits;
|
||||
if (pms->count[0] < nbits)
|
||||
pms->count[1]++;
|
||||
|
||||
/* Process an initial partial block. */
|
||||
if (offset) {
|
||||
int copy = (offset + nbytes > 64 ? 64 - offset : nbytes);
|
||||
|
||||
memcpy(pms->buf + offset, p, copy);
|
||||
if (offset + copy < 64)
|
||||
return;
|
||||
p += copy;
|
||||
left -= copy;
|
||||
md5_process(pms, pms->buf);
|
||||
}
|
||||
|
||||
/* Process full blocks. */
|
||||
for (; left >= 64; p += 64, left -= 64)
|
||||
md5_process(pms, p);
|
||||
|
||||
/* Process a final partial block. */
|
||||
if (left)
|
||||
memcpy(pms->buf, p, left);
|
||||
}
|
||||
|
||||
void
|
||||
md5_finish(md5_state_t *pms, md5_byte_t digest[16])
|
||||
{
|
||||
static const md5_byte_t pad[64] = {
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
md5_byte_t data[8];
|
||||
int i;
|
||||
|
||||
/* Save the length before padding. */
|
||||
for (i = 0; i < 8; ++i)
|
||||
data[i] = (md5_byte_t)(pms->count[i >> 2] >> ((i & 3) << 3));
|
||||
/* Pad to 56 bytes mod 64. */
|
||||
md5_append(pms, pad, ((55 - (pms->count[0] >> 3)) & 63) + 1);
|
||||
/* Append the length. */
|
||||
md5_append(pms, data, 8);
|
||||
for (i = 0; i < 16; ++i)
|
||||
digest[i] = (md5_byte_t)(pms->abcd[i >> 2] >> ((i & 3) << 3));
|
||||
}
|
||||
|
||||
|
||||
|
||||
/***********************************************************/
|
||||
/********** end of md5 code - login functions below ********/
|
||||
/***********************************************************/
|
||||
|
||||
// Needs a 16byte array for output, and 32 bytes password
|
||||
void login_calculate(char *out, int len, char *pass, int seed) {
|
||||
char temp[32];
|
||||
md5_state_t ctx;
|
||||
int i;
|
||||
int *ix;
|
||||
|
||||
if (len < 16) {
|
||||
return;
|
||||
}
|
||||
|
||||
memcpy(temp, pass, 32);
|
||||
ix = (int *) temp;
|
||||
for (i = 0; i < 8; i++) {
|
||||
*ix++ ^= seed;
|
||||
}
|
||||
md5_init(&ctx);
|
||||
md5_append(&ctx, temp, 32);
|
||||
md5_finish(&ctx, out);
|
||||
}
|
||||
|
98
src/login.h
Normal file
98
src/login.h
Normal file
|
@ -0,0 +1,98 @@
|
|||
/*
|
||||
Copyright (C) 1999, 2002 Aladdin Enterprises. All rights reserved.
|
||||
|
||||
This software is provided 'as-is', without any express or implied
|
||||
warranty. In no event will the authors be held liable for any damages
|
||||
arising from the use of this software.
|
||||
|
||||
Permission is granted to anyone to use this software for any purpose,
|
||||
including commercial applications, and to alter it and redistribute it
|
||||
freely, subject to the following restrictions:
|
||||
|
||||
1. The origin of this software must not be misrepresented; you must not
|
||||
claim that you wrote the original software. If you use this software
|
||||
in a product, an acknowledgment in the product documentation would be
|
||||
appreciated but is not required.
|
||||
2. Altered source versions must be plainly marked as such, and must not be
|
||||
misrepresented as being the original software.
|
||||
3. This notice may not be removed or altered from any source distribution.
|
||||
|
||||
L. Peter Deutsch
|
||||
ghost@aladdin.com
|
||||
|
||||
*/
|
||||
/* $Id: md5.h,v 1.4 2002/04/13 19:20:28 lpd Exp $ */
|
||||
/*
|
||||
Independent implementation of MD5 (RFC 1321).
|
||||
|
||||
This code implements the MD5 Algorithm defined in RFC 1321, whose
|
||||
text is available at
|
||||
http://www.ietf.org/rfc/rfc1321.txt
|
||||
The code is derived from the text of the RFC, including the test suite
|
||||
(section A.5) but excluding the rest of Appendix A. It does not include
|
||||
any code or documentation that is identified in the RFC as being
|
||||
copyrighted.
|
||||
|
||||
The original and principal author of md5.h is L. Peter Deutsch
|
||||
<ghost@aladdin.com>. Other authors are noted in the change history
|
||||
that follows (in reverse chronological order):
|
||||
|
||||
2002-04-13 lpd Removed support for non-ANSI compilers; removed
|
||||
references to Ghostscript; clarified derivation from RFC 1321;
|
||||
now handles byte order either statically or dynamically.
|
||||
1999-11-04 lpd Edited comments slightly for automatic TOC extraction.
|
||||
1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5);
|
||||
added conditionalization for C++ compilation from Martin
|
||||
Purschke <purschke@bnl.gov>.
|
||||
1999-05-03 lpd Original version.
|
||||
*/
|
||||
|
||||
#ifndef md5_INCLUDED
|
||||
# define md5_INCLUDED
|
||||
|
||||
/*
|
||||
* This package supports both compile-time and run-time determination of CPU
|
||||
* byte order. If ARCH_IS_BIG_ENDIAN is defined as 0, the code will be
|
||||
* compiled to run only on little-endian CPUs; if ARCH_IS_BIG_ENDIAN is
|
||||
* defined as non-zero, the code will be compiled to run only on big-endian
|
||||
* CPUs; if ARCH_IS_BIG_ENDIAN is not defined, the code will be compiled to
|
||||
* run on either big- or little-endian CPUs, but will run slightly less
|
||||
* efficiently on either one than if ARCH_IS_BIG_ENDIAN is defined.
|
||||
*/
|
||||
|
||||
typedef unsigned char md5_byte_t; /* 8-bit byte */
|
||||
typedef unsigned int md5_word_t; /* 32-bit word */
|
||||
|
||||
/* Define the state of the MD5 Algorithm. */
|
||||
typedef struct md5_state_s {
|
||||
md5_word_t count[2]; /* message length in bits, lsw first */
|
||||
md5_word_t abcd[4]; /* digest buffer */
|
||||
md5_byte_t buf[64]; /* accumulate block */
|
||||
} md5_state_t;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C"
|
||||
{
|
||||
#endif
|
||||
|
||||
/* Initialize the algorithm. */
|
||||
void md5_init(md5_state_t *pms);
|
||||
|
||||
/* Append a string to the message. */
|
||||
void md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes);
|
||||
|
||||
/* Finish the message and return the digest. */
|
||||
void md5_finish(md5_state_t *pms, md5_byte_t digest[16]);
|
||||
|
||||
#ifdef __cplusplus
|
||||
} /* end extern "C" */
|
||||
#endif
|
||||
|
||||
|
||||
/***********************************************************/
|
||||
/********** end of md5 code - login functions below ********/
|
||||
/***********************************************************/
|
||||
|
||||
void login_calculate(char *, int, char *, int);
|
||||
|
||||
#endif /* md5_INCLUDED */
|
|
@ -32,4 +32,10 @@ struct query {
|
|||
int fromlen;
|
||||
};
|
||||
|
||||
struct user {
|
||||
int id;
|
||||
struct sockaddr host;
|
||||
int addrlen;
|
||||
};
|
||||
|
||||
#endif /* _STRUCTS_H_ */
|
||||
|
|
Loading…
Reference in a new issue