9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
solanum-vs-hackint-and-char.../modules/m_challenge.c

390 lines
11 KiB
C
Raw Normal View History

[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
/*
* ircd-ratbox: A slightly useful ircd.
* m_challenge.c: Allows an IRC Operator to securely authenticate.
*
* Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
* Copyright (C) 1996-2002 Hybrid Development Team
* Copyright (C) 2002-2005 ircd-ratbox development team
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
*/
#include "stdinc.h"
#ifdef HAVE_LIBCRYPTO
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
# include <openssl/err.h>
# include <openssl/evp.h>
# include <openssl/pem.h>
# include <openssl/rsa.h>
# include <openssl/sha.h>
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
#endif
#include "client.h"
#include "ircd.h"
#include "modules.h"
#include "numeric.h"
#include "send.h"
#include "s_conf.h"
#include "msg.h"
#include "parse.h"
irc_string.h -> match.h, irc_string.h; includes changed
2008-04-20 05:47:38 +00:00
#include "match.h"
s_log.* -> logger.* (s_foo looks ugly, lets try to get rid of it)
2008-04-03 02:52:01 +00:00
#include "logger.h"
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
#include "s_user.h"
#include "cache.h"
#include "s_newconf.h"
#define CHALLENGE_WIDTH BUFSIZE - (NICKLEN + HOSTLEN + 12)
#define CHALLENGE_EXPIRES 180 /* 180 seconds should be more than long enough */
#define CHALLENGE_SECRET_LENGTH 128 /* how long our challenge secret should be */
#ifndef HAVE_LIBCRYPTO
Move module description headers to the top This is cleaner. Note this was broken out of a much larger piece of work I did, so if there's any problems, I apologise!
2016-03-09 07:29:41 +00:00
static const char challenge_desc[] = "Does nothing as OpenSSL was not enabled.";
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
/* Maybe this should be an error or something?-davidt */
/* now it is -larne */
Move module description headers to the top This is cleaner. Note this was broken out of a much larger piece of work I did, so if there's any problems, I apologise!
2016-03-09 07:29:41 +00:00
static int challenge_load(void)
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{
make more snotes L_NETWIDE
2020-11-08 19:30:41 +00:00
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
"Challenge module not loaded because OpenSSL is not available.");
ilog(L_MAIN, "Challenge module not loaded because OpenSSL is not available.");
return -1;
}
Add AV2 descriptions to all m_c* modules.
2016-03-07 07:52:16 +00:00
DECLARE_MODULE_AV2(challenge, challenge_load, NULL, NULL, NULL, NULL, NULL, NULL, challenge_desc);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
#else
Move module description headers to the top This is cleaner. Note this was broken out of a much larger piece of work I did, so if there's any problems, I apologise!
2016-03-09 07:29:41 +00:00
static const char challenge_desc[] =
"Provides the challenge-response facility used for becoming an IRC operator";
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
static void m_challenge(struct MsgBuf *, struct Client *, struct Client *, int, const char **);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
/* We have openssl support, so include /CHALLENGE */
struct Message challenge_msgtab = {
msg: remove last vestiges of the fakelag system. charybdis has never supported fakelag.
2016-02-19 22:42:40 +00:00
"CHALLENGE", 0, 0, 0, 0,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{mg_unreg, {m_challenge, 2}, mg_ignore, mg_ignore, mg_ignore, {m_challenge, 2}}
};
mapi_clist_av1 challenge_clist[] = { &challenge_msgtab, NULL };
Add AV2 descriptions to all m_c* modules.
2016-03-07 07:52:16 +00:00
DECLARE_MODULE_AV2(challenge, NULL, NULL, challenge_clist, NULL, NULL, NULL, NULL, challenge_desc);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
static bool generate_challenge(char **r_challenge, unsigned char **r_response, EVP_PKEY *key);
#else
static bool generate_challenge(char **r_challenge, unsigned char **r_response, RSA *key);
#endif
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
static void
cleanup_challenge(struct Client *target_p)
{
if(target_p->localClient == NULL)
return;
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
Argh, wrong replace caused by MS VS 2005 interface.
2008-04-01 22:47:17 +00:00
rb_free(target_p->localClient->challenge);
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
rb_free(target_p->user->opername);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
target_p->localClient->challenge = NULL;
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
target_p->user->opername = NULL;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
target_p->localClient->chal_time = 0;
}
/*
* m_challenge - generate RSA challenge for wouldbe oper
* parv[1] = operator to challenge for, or +response
*/
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
static void
modules: chase MsgBuf API change
2016-02-11 02:54:17 +00:00
m_challenge(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{
struct oper_conf *oper_p;
char *challenge = NULL; /* to placate gcc */
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
char chal_line[CHALLENGE_WIDTH];
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
unsigned char *b_response;
size_t cnt;
int len = 0;
add ConfigFileEntry.oper_secure_only, to require TLS to oper up (#76)
2020-11-18 14:29:08 +00:00
if (ConfigFileEntry.oper_secure_only && !IsSecureClient(source_p))
{
sendto_one_notice(source_p, ":You must be using a secure connection to /CHALLENGE on this server");
if (ConfigFileEntry.failed_oper_notice)
{
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Failed CHALLENGE attempt - missing secure connection by %s (%s@%s)",
source_p->name, source_p->username, source_p->host);
}
return;
}
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
/* if theyre an oper, reprint oper motd and ignore */
if(IsOper(source_p))
{
sendto_one(source_p, form_str(RPL_YOUREOPER), me.name, source_p->name);
send_oper_motd(source_p);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
if(*parv[1] == '+')
{
/* Ignore it if we aren't expecting this... -A1kmm */
if(!source_p->localClient->challenge)
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
CurrentTime -> rb_currenttime();
2008-04-01 23:53:20 +00:00
if((rb_current_time() - source_p->localClient->chal_time) > CHALLENGE_EXPIRES)
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{
sendto_one(source_p, form_str(ERR_PASSWDMISMATCH), me.name, source_p->name);
ilog(L_FOPER, "EXPIRED CHALLENGE (%s) by (%s!%s@%s) (%s)",
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername, source_p->name,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
source_p->username, source_p->host, source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Expired CHALLENGE attempt by %s (%s@%s)",
source_p->name, source_p->username,
source_p->host);
cleanup_challenge(source_p);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
m_challenge: fix use of undefined behaviour. GCC does what we expect, but other compilers could do just about anything.
2011-02-22 17:00:45 +00:00
parv[1]++;
b_response = rb_base64_decode((const unsigned char *)parv[1], strlen(parv[1]), &len);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
if(len != SHA_DIGEST_LENGTH ||
memcmp(source_p->localClient->challenge, b_response, SHA_DIGEST_LENGTH))
{
sendto_one(source_p, form_str(ERR_PASSWDMISMATCH), me.name, source_p->name);
ilog(L_FOPER, "FAILED CHALLENGE (%s) by (%s!%s@%s) (%s)",
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername, source_p->name,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
source_p->username, source_p->host, source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Failed CHALLENGE attempt by %s (%s@%s)",
source_p->name, source_p->username,
source_p->host);
Argh, wrong replace caused by MS VS 2005 interface.
2008-04-01 22:47:17 +00:00
rb_free(b_response);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
cleanup_challenge(source_p);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
Argh, wrong replace caused by MS VS 2005 interface.
2008-04-01 22:47:17 +00:00
rb_free(b_response);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
oper_p = find_oper_conf(source_p->username, source_p->orighost,
source_p->sockhost,
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
if(oper_p == NULL)
{
Clarify ERR_NOOPERHOST and convert it to use sendto_one_numeric().
2010-02-17 12:51:41 +00:00
sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST));
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s)",
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername, source_p->name,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
source_p->username, source_p->host,
source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Failed CHALLENGE attempt - host mismatch by %s (%s@%s)",
source_p->name, source_p->username,
source_p->host);
m_challenge: various fixes
2020-11-19 19:19:14 +00:00
cleanup_challenge(source_p);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
cleanup_challenge(source_p);
oper_up(source_p, oper_p);
ilog(L_OPERED, "OPER %s by %s!%s@%s (%s)",
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername, source_p->name,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
source_p->username, source_p->host, source_p->sockhost);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
cleanup_challenge(source_p);
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
oper_p = find_oper_conf(source_p->username, source_p->orighost,
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
source_p->sockhost, parv[1]);
if(oper_p == NULL)
{
Clarify ERR_NOOPERHOST and convert it to use sendto_one_numeric().
2010-02-17 12:51:41 +00:00
sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST));
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s)",
parv[1], source_p->name,
source_p->username, source_p->host, source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Failed CHALLENGE attempt - host mismatch by %s (%s@%s)",
source_p->name, source_p->username, source_p->host);
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
if(!oper_p->rsa_pubkey)
{
[svn] Backport from early 3.x: -- nenolod 2006/09/27 16:39:14 UTC (20060927-2178) Log: - remove "Processing connection to foobar.net" message Changes: Modified: +0 -3 trunk/src/s_auth.c (File Modified) nenolod 2006/09/27 16:34:26 UTC (20060927-2176) Log: - missed the processing connection one (actually, we can probably nuke this one) Changes: Modified: +1 -2 trunk/src/s_auth.c (File Modified) river 2006/09/27 16:33:05 UTC (20060927-2174) Log: get_client_name = stupid Changes: Modified: +10 -7 trunk/modules/core/m_kill.c (File Modified) nenolod 2006/09/27 16:32:37 UTC (20060927-2172) Log: - remove excessive arguments Changes: Modified: +1 -2 trunk/src/s_conf.c (File Modified) +1 -1 trunk/src/s_user.c (File Modified) nenolod 2006/09/27 16:30:59 UTC (20060927-2170) Log: - use sendto_one_notice() for on-connect notices too. Changes: Modified: +10 -10 trunk/src/s_auth.c (File Modified) nenolod 2006/09/27 16:27:01 UTC (20060927-2168) Log: - use sendto_one_notice() in the core, too. Changes: Modified: +2 -2 trunk/src/chmode.c (File Modified) +8 -15 trunk/src/modules.c (File Modified) +3 -5 trunk/src/s_conf.c (File Modified) +1 -2 trunk/src/s_newconf.c (File Modified) +20 -57 trunk/src/s_user.c (File Modified) river 2006/09/27 16:19:25 UTC (20060927-2166) Log: the KILL command will use get_client_name(, SHOW_IP) instead of target->name, and will show a more useful error for local opers Changes: Modified: +6 -4 trunk/modules/core/m_kill.c (File Modified) nenolod 2006/09/27 16:09:48 UTC (20060927-2164) Log: - fix bugs in sendto_one_notice()/sendto_one_numeric() where a client identifier won't be sent to unregistered clients Changes: Modified: +4 -2 trunk/src/send.c (File Modified) nenolod 2006/09/27 16:05:46 UTC (20060927-2161) Log: - back out r2159 Changes: Modified: +1 -1 trunk/include/client.h (File Modified) nenolod 2006/09/27 16:04:05 UTC (20060927-2159) Log: - get_id(): fall back to "*" if client has no known name Changes: Modified: +1 -1 trunk/include/client.h (File Modified) nenolod 2006/09/27 16:01:29 UTC (20060927-2157) Log: - convert to sendto_one_notice(). Changes: Modified: +2 -3 trunk/unsupported/m_clearchan.c (File Modified) +4 -6 trunk/unsupported/m_force.c (File Modified) nenolod 2006/09/27 15:57:11 UTC (20060927-2155) Log: - use sendto_one_notice() in many places instead of sendto_one(source_p, ":%s NOTICE %s :", ...); Changes: Modified: +10 -25 trunk/extensions/example_module.c (File Modified) +5 -14 trunk/extensions/hurt.c (File Modified) +1 -2 trunk/extensions/m_42.c (File Modified) +7 -12 trunk/extensions/m_mkpasswd.c (File Modified) +1 -2 trunk/extensions/m_ojoin.c (File Modified) +1 -2 trunk/extensions/m_opme.c (File Modified) +3 -3 trunk/extensions/spy_whois_notice.c (File Modified) +3 -3 trunk/extensions/spy_whois_notice_global.c (File Modified) +3 -7 trunk/modules/core/m_die.c (File Modified) +2 -4 trunk/modules/core/m_kill.c (File Modified) +2 -2 trunk/modules/core/m_squit.c (File Modified) +1 -2 trunk/modules/m_challenge.c (File Modified) +11 -15 trunk/modules/m_connect.c (File Modified) +20 -28 trunk/modules/m_dline.c (File Modified) +2 -2 trunk/modules/m_etrace.c (File Modified) +11 -21 trunk/modules/m_gline.c (File Modified) +2 -4 trunk/modules/m_kline.c (File Modified) +1 -2 trunk/modules/m_rehash.c (File Modified) +3 -7 trunk/modules/m_restart.c (File Modified) +31 -45 trunk/modules/m_set.c (File Modified) +2 -4 trunk/modules/m_testmask.c (File Modified) +5 -8 trunk/modules/m_unreject.c (File Modified) +2 -5 trunk/modules/m_xline.c (File Modified) --
2007-01-25 07:23:01 +00:00
sendto_one_notice(source_p, ":I'm sorry, PK authentication is not enabled for your oper{} block.");
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
Rename UMODE_SSLCLIENT, IsSSLClient
2020-10-28 21:55:26 +00:00
if(IsOperConfNeedSSL(oper_p) && !IsSecureClient(source_p))
Add need_ssl to auth{} and operator{}. Specifying need_ssl on auth{} denies the connection if it is not SSL/TLS, much like need_ident or need_sasl. Specifying need_ssl on operator{} refuses opering with ERR_NOOPERHOST if the connection is not SSL/TLS. from ircd-ratbox
2008-09-06 23:18:58 +00:00
{
Clarify ERR_NOOPERHOST and convert it to use sendto_one_numeric().
2010-02-17 12:51:41 +00:00
sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST));
Add need_ssl to auth{} and operator{}. Specifying need_ssl on auth{} denies the connection if it is not SSL/TLS, much like need_ident or need_sasl. Specifying need_ssl on operator{} refuses opering with ERR_NOOPERHOST if the connection is not SSL/TLS. from ircd-ratbox
2008-09-06 23:18:58 +00:00
ilog(L_FOPER, "FAILED CHALLENGE (%s) by (%s!%s@%s) (%s) -- requires SSL/TLS",
parv[1], source_p->name, source_p->username, source_p->host,
source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
{
make more snotes L_NETWIDE
2020-11-08 19:30:41 +00:00
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
Add need_ssl to auth{} and operator{}. Specifying need_ssl on auth{} denies the connection if it is not SSL/TLS, much like need_ident or need_sasl. Specifying need_ssl on operator{} refuses opering with ERR_NOOPERHOST if the connection is not SSL/TLS. from ircd-ratbox
2008-09-06 23:18:58 +00:00
"Failed CHALLENGE attempt - missing SSL/TLS by %s (%s@%s)",
source_p->name, source_p->username, source_p->host);
}
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
Add need_ssl to auth{} and operator{}. Specifying need_ssl on auth{} denies the connection if it is not SSL/TLS, much like need_ident or need_sasl. Specifying need_ssl on operator{} refuses opering with ERR_NOOPERHOST if the connection is not SSL/TLS. from ircd-ratbox
2008-09-06 23:18:58 +00:00
}
Add certfp check to challenge too.
2010-02-18 05:01:25 +00:00
if (oper_p->certfp != NULL)
{
Use rb_* versions of nonportable string functions
2016-04-05 10:39:59 +00:00
if (source_p->certfp == NULL || rb_strcasecmp(source_p->certfp, oper_p->certfp))
Add certfp check to challenge too.
2010-02-18 05:01:25 +00:00
{
sendto_one_numeric(source_p, ERR_NOOPERHOST, form_str(ERR_NOOPERHOST));
ilog(L_FOPER, "FAILED OPER (%s) by (%s!%s@%s) (%s) -- client certificate fingerprint mismatch",
challenge: Fix build.
2010-02-18 22:42:07 +00:00
parv[1], source_p->name,
Add certfp check to challenge too.
2010-02-18 05:01:25 +00:00
source_p->username, source_p->host, source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
{
make more snotes L_NETWIDE
2020-11-08 19:30:41 +00:00
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
Add certfp check to challenge too.
2010-02-18 05:01:25 +00:00
"Failed OPER attempt - client certificate fingerprint mismatch by %s (%s@%s)",
source_p->name, source_p->username, source_p->host);
}
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return;
Add certfp check to challenge too.
2010-02-18 05:01:25 +00:00
}
}
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
if(generate_challenge(&challenge, &(source_p->localClient->challenge), oper_p->rsa_pubkey))
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{
char *chal = challenge;
CurrentTime -> rb_currenttime();
2008-04-01 23:53:20 +00:00
source_p->localClient->chal_time = rb_current_time();
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
for(;;)
{
strlcpy -> rb_strlcpy
2008-04-20 04:40:40 +00:00
cnt = rb_strlcpy(chal_line, chal, CHALLENGE_WIDTH);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
sendto_one(source_p, form_str(RPL_RSACHALLENGE2), me.name, source_p->name, chal_line);
m_challenge: various fixes
2020-11-19 19:19:14 +00:00
if(cnt >= CHALLENGE_WIDTH)
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
chal += CHALLENGE_WIDTH - 1;
else
break;
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
Remove trailing whitespace from all .c and .h files. 3134 bytes were removed.
2014-03-03 04:25:47 +00:00
sendto_one(source_p, form_str(RPL_ENDOFRSACHALLENGE2),
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
me.name, source_p->name);
Argh, wrong replace caused by MS VS 2005 interface.
2008-04-01 22:47:17 +00:00
rb_free(challenge);
Propagate OPER Move opername and privset storage to struct User, so it can exist for remote opers. On /oper and when bursting opers, send: :foo OPER opername privset which sets foo's opername and privset. The contents of the privset on remote servers come from the remote server's config, so the potential for confusion exists if these do not match. If an oper's privset does not exist on a server that sees it, it will complain, but create a placeholder privset. If the privset is created by a rehash, this will be reflected properly. /privs is udpated to take an optional argument, the server to query, and is now local by default: /privs [[nick_or_server] nick]
2019-07-07 01:36:58 +00:00
source_p->user->opername = rb_strdup(oper_p->name);
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
else
sendto_one_notice(source_p, ":Failed to generate challenge.");
}
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
static bool
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
generate_challenge(char **r_challenge, unsigned char **r_response, EVP_PKEY *key)
#else
generate_challenge(char **r_challenge, unsigned char **r_response, RSA *key)
#endif
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
{
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
unsigned char secret[CHALLENGE_SECRET_LENGTH];
unsigned char *tmp = NULL;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
unsigned long e = 0;
unsigned long cnt = 0;
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
bool retval = false;
size_t length;
EVP_MD_CTX *mctx = NULL;
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
EVP_PKEY_CTX *pctx = NULL;
#endif
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
if(!rb_get_random(secret, sizeof secret))
return false;
if((*r_response = rb_malloc(SHA_DIGEST_LENGTH)) == NULL)
Message handlers should return void. Also fix up some return values and stuff to use bool (or void if nothing). I just did it whilst I was here. According to jilles, the return value used to signify whether or not the client had exited. This was error-prone and was fixed a long, long time ago, but the return value was left int for historical reasons. Since the return type is not used (and has no clear use case anyway), it's safe to just get rid of it.
2016-03-09 07:37:03 +00:00
return false;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
if((mctx = EVP_MD_CTX_new()) == NULL)
goto fail;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
if(EVP_DigestInit(mctx, EVP_sha1()) < 1)
goto fail;
get_randomness() removed from m_challenge.c - we use rb_get_random() now from libratbox
2008-04-20 04:30:41 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
if(EVP_DigestUpdate(mctx, secret, sizeof secret) < 1)
goto fail;
if(EVP_DigestFinal(mctx, *r_response, NULL) < 1)
goto fail;
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
if((length = (size_t) EVP_PKEY_get_size(key)) < 1)
goto fail;
if((tmp = rb_malloc(length)) == NULL)
goto fail;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
if((pctx = EVP_PKEY_CTX_new(key, NULL)) == NULL)
goto fail;
if(EVP_PKEY_encrypt_init(pctx) < 1)
goto fail;
if(EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_OAEP_PADDING) < 1)
goto fail;
if(EVP_PKEY_encrypt(pctx, tmp, &length, secret, sizeof secret) < 1)
goto fail;
#else
if((length = (size_t) RSA_size(key)) < 1)
goto fail;
if((tmp = rb_malloc(length)) == NULL)
goto fail;
if(RSA_public_encrypt(sizeof secret, secret, tmp, key, RSA_PKCS1_OAEP_PADDING) < 1)
goto fail;
#endif
if((*r_challenge = (char *) rb_base64_encode(tmp, (int) length)) == NULL)
goto fail;
retval = true;
goto done;
fail:
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
while ((cnt < 100) && (e = ERR_get_error()))
{
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
ilog(L_MAIN, "OpenSSL Error (CHALLENGE): %s", ERR_error_string(e, 0));
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
cnt++;
}
OpenSSL 3.0 compatibility Edited by @aaronmdjones: - Correct some data types and casts - Minor style fixups (e.g. we put * on the variable name not the type) - librb/src/openssl.c: - Defer call of BIO_free(3ssl) to the end of the conditional block to avoid having calls to it in multiple paths - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak This could fail if, for example, the user supplied DSA parameters in the DH parameters file instead. - ircd/newconf.c: - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse the given CHALLANGE public key as a valid RSA public key, and then check whether OSSL_DECODER_from_bio(3ssl) actually loads it successfully - ircd/s_newconf.c: - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY pointers; this will avoid inadvertent memory leaks if the EVP_PKEY structure contains any dynamically-allocated child members - modules/m_challenge.c: - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the random challenge; this API has been around for a very long time and is available in all supported versions of OpenSSL - Add lots of error checking to all steps of the process Tested against 1.1.1 and 3.0; both with missing and provided DH parameters (which works as you'd expect; the server will not negotiate a DHE cipher without them), and CHALLENGE, including missing keys or keys of the wrong type (e.g. when you supply an EdDSA key instead of an RSA key). This does break compatibility with OpenSSL 1.1.0 and below, which are now all end-of-life and unsupported anyway. Closes #357
2022-08-13 03:40:48 +00:00
rb_free(*r_response);
*r_response = NULL;
done:
EVP_MD_CTX_free(mctx);
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
EVP_PKEY_CTX_free(pctx);
#endif
rb_free(tmp);
return retval;
[svn] - the new plan: + branches/release-2.1 -> 2.2 base + 3.0 -> branches/cxxconversion + backport some immediate 3.0 functionality for 2.2 + other stuff
2007-01-25 06:40:21 +00:00
}
#endif /* HAVE_LIBCRYPTO */
Reference in a new issue Copy permalink