diff --git a/CHANGELOG b/CHANGELOG index 70dd54b..84cee6c 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -7,6 +7,10 @@ iodine - IP over DNS is now easy CHANGES: +xxxx-xx-xx: 0.3.5 + - Added authentication (password entered as argument or on stdin) + - Changed directory structure + 2006-11-08: 0.3.4 - Fixed handshake() buffer overflow (Found by poplix, Secunia: SA22674 / FrSIRT/ADV-2006-4333) diff --git a/README b/README index 0803fc1..5bf6dd7 100644 --- a/README +++ b/README @@ -118,3 +118,7 @@ INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + +MD5 implementation by L. Peter Deutsch (license and source in src/login.[ch]) +Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved. diff --git a/TODO b/TODO index 31467fd..09195c5 100644 --- a/TODO +++ b/TODO @@ -9,8 +9,6 @@ STUFF TO DO: - Handle multiple concurrent users on one server -- Some kind of authentication? - - Detect if EDNS0 can be used, probe MTU size - Port to more platforms (Solaris? Windows?) diff --git a/src/Makefile b/src/Makefile index 003b84e..efe0f3d 100644 --- a/src/Makefile +++ b/src/Makefile @@ -1,8 +1,8 @@ CC = gcc CLIENT = ../bin/iodine -CLIENTOBJS = iodine.o tun.o dns.o read.o encoding.o +CLIENTOBJS = iodine.o tun.o dns.o read.o encoding.o login.o SERVER = ../bin/iodined -SERVEROBJS = iodined.o tun.o dns.o read.o encoding.o +SERVEROBJS = iodined.o tun.o dns.o read.o encoding.o login.o OS = `uname | tr "a-z" "A-Z"` diff --git a/src/dns.c b/src/dns.c index ade40de..eb8796e 100644 --- a/src/dns.c +++ b/src/dns.c @@ -172,13 +172,27 @@ dns_ping(int dns_fd) dns_write(dns_fd, ++pingid, data, 2, 'P'); } -void -dns_handshake(int dns_fd) +void +dns_login(int dns_fd, char *login, int len) { - char data[2]; - data[0] = (pingid & 0xFF00) >> 8; - data[1] = (pingid & 0xFF); - dns_write(dns_fd, ++pingid, data, 2, 'H'); + char data[18]; + memcpy(data, login, MIN(len, 16)); + data[16] = (pingid & 0xFF00) >> 8; + data[17] = (pingid & 0xFF); + dns_write(dns_fd, ++pingid, data, 18, 'L'); +} + +void +dns_send_version(int dns_fd, int version) +{ + char data[6]; + int v; + + v = htonl(version); + memcpy(data, &v, 4); + data[4] = (pingid & 0xFF00) >> 8; + data[5] = (pingid & 0xFF); + dns_write(dns_fd, ++pingid, data, 6, 'V'); } static void diff --git a/src/dns.h b/src/dns.h index f8da628..756d7c8 100644 --- a/src/dns.h +++ b/src/dns.h @@ -24,7 +24,8 @@ void close_dns(int); int dns_sending(); void dns_handle_tun(int, char *, int); void dns_ping(int); -void dns_handshake(int); +void dns_send_version(int, int); +void dns_login(int, char *, int); int dns_read(int, char *, int); int dns_encode_hostname(const char *, char *, int); diff --git a/src/iodine.c b/src/iodine.c index 98b9dcb..fc735d7 100644 --- a/src/iodine.c +++ b/src/iodine.c @@ -33,12 +33,15 @@ #include "tun.h" #include "structs.h" #include "dns.h" +#include "version.h" +#include "login.h" #ifndef MAX #define MAX(a,b) ((a)>(b)?(a):(b)) #endif int running = 1; +char password[33]; static void sighandler(int sig) { @@ -114,21 +117,21 @@ handshake(int dns_fd) struct timeval tv; char server[65]; char client[65]; + char login[16]; char in[4096]; - int timeout; fd_set fds; int read; int mtu; + int seed; + int version; int i; int r; - timeout = 1; - for (i=0; running && i<5 ;i++) { - tv.tv_sec = timeout++; + tv.tv_sec = i + 1; tv.tv_usec = 0; - dns_handshake(dns_fd); + dns_send_version(dns_fd, VERSION); FD_ZERO(&fds); FD_SET(dns_fd, &fds); @@ -144,14 +147,60 @@ handshake(int dns_fd) } if (read > 0) { - if (sscanf(in, "%64[^-]-%64[^-]-%d", + if (strncmp("VACK", in, 4) == 0) { + if (read >= 8) { + memcpy(&seed, in + 4, 4); + seed = ntohl(seed); + printf("Version ok, both running 0x%08x\n", VERSION); + break; + } else { + printf("Version ok but did not receive proper login challenge\n"); + } + } else { + memcpy(&version, in + 4, 4); + version = ntohl(version); + printf("You run 0x%08x, server runs 0x%08x. Giving up\n", VERSION, version); + return 1; + } + } + } + + if (i == 4) + return 1; + printf("Retrying version check...\n"); + } + + login_calculate(login, 16, password, seed); + for (i=0; running && i<5 ;i++) { + tv.tv_sec = i + 1; + tv.tv_usec = 0; + + dns_login(dns_fd, login, 16); + + FD_ZERO(&fds); + FD_SET(dns_fd, &fds); + + r = select(dns_fd + 1, &fds, NULL, NULL, &tv); + + if(r > 0) { + read = dns_read(dns_fd, in, sizeof(in)); + + if(read <= 0) { + perror("read"); + continue; + } + + if (read > 0) { + if (strncmp("LNAK", in, 4) == 0) { + printf("Bad password\n"); + return 1; + } else if (sscanf(in, "%64[^-]-%64[^-]-%d", server, client, &mtu) == 3) { server[64] = 0; client[64] = 0; if (tun_setip(client) == 0 && tun_setmtu(mtu) == 0) { - return 0; } else { warn("Received handshake with bad data"); @@ -162,7 +211,7 @@ handshake(int dns_fd) } } - printf("Retrying...\n"); + printf("Retrying login...\n"); } return 1; @@ -216,11 +265,12 @@ main(int argc, char **argv) int dns_fd; username = NULL; + memset(password, 0, 33); foreground = 0; newroot = NULL; device = NULL; - while ((choice = getopt(argc, argv, "vfhu:t:d:")) != -1) { + while ((choice = getopt(argc, argv, "vfhu:t:d:P:")) != -1) { switch(choice) { case 'v': version(); @@ -240,6 +290,10 @@ main(int argc, char **argv) case 'd': device = optarg; break; + case 'P': + strncpy(password, optarg, 32); + password[32] = 0; + break; default: usage(); break; @@ -264,6 +318,12 @@ main(int argc, char **argv) usage(); } } + + if (strlen(password) == 0) { + printf("Enter password on stdin:\n"); + scanf("%32s", password); + password[32] = 0; + } if ((tun_fd = open_tun(device)) == -1) goto cleanup1; @@ -272,13 +332,13 @@ main(int argc, char **argv) if (dns_settarget(argv[0]) == -1) goto cleanup2; - printf("Sending queries for %s to %s\n", argv[1], argv[0]); - signal(SIGINT, sighandler); signal(SIGTERM, sighandler); if(handshake(dns_fd)) goto cleanup2; + + printf("Sending queries for %s to %s\n", argv[1], argv[0]); if (newroot) { if (chroot(newroot) != 0 || chdir("/") != 0) diff --git a/src/iodined.c b/src/iodined.c index 941c81c..41ce399 100644 --- a/src/iodined.c +++ b/src/iodined.c @@ -34,6 +34,8 @@ #include "tun.h" #include "structs.h" #include "dns.h" +#include "login.h" +#include "version.h" #ifndef MAX #define MAX(a,b) ((a)>(b)?(a):(b)) @@ -47,6 +49,9 @@ int outid; struct query q; +struct user u; +char password[33]; + int my_mtu; in_addr_t my_ip; @@ -64,10 +69,14 @@ tunnel(int tun_fd, int dns_fd) char out[64*1024]; char in[64*1024]; char *tmp[2]; + char logindata[16]; long outlen; fd_set fds; int read; int code; + int version; + int seed; + int nseed; int i; while (running) { @@ -114,21 +123,54 @@ tunnel(int tun_fd, int dns_fd) if (read <= 0) continue; - if(in[0] == 'H' || in[0] == 'h') { - myip.s_addr = my_ip; - clientip.s_addr = my_ip + inet_addr("0.0.0.1"); + if(in[0] == 'V' || in[0] == 'v') { + // Version greeting, compare and send ack/nak + if (read >= 5) { // Received V + 32bits version + memcpy(&version, in + 1, 4); + version = ntohl(version); + if (version == VERSION) { + seed = rand(); + nseed = htonl(seed); + strcpy(out, "VACK"); + memcpy(out+4, &nseed, 4); + dnsd_send(dns_fd, &q, out, 8); - tmp[0] = strdup(inet_ntoa(myip)); - tmp[1] = strdup(inet_ntoa(clientip)); - - read = snprintf(out, sizeof(out), "%s-%s-%d", - tmp[0], tmp[1], my_mtu); + memcpy(&(u.host), &(q.from), q.fromlen); + u.addrlen = q.fromlen; + } else { + version = htonl(VERSION); + strcpy(out, "VNAK"); + memcpy(out+4, &version, 4); + dnsd_send(dns_fd, &q, out, 8); + } + } else { + version = htonl(VERSION); + strcpy(out, "VNAK"); + memcpy(out+4, &version, 4); + dnsd_send(dns_fd, &q, out, 8); + } + } else if(in[0] == 'L' || in[0] == 'l') { + // Login phase, handle auth + login_calculate(logindata, 16, password, seed); + if (read >= 17 && (memcmp(logindata, in+1, 16) == 0)) { + // Login ok, send ip/mtu info + myip.s_addr = my_ip; + clientip.s_addr = my_ip + inet_addr("0.0.0.1"); - dnsd_send(dns_fd, &q, out, read); - q.id = 0; + tmp[0] = strdup(inet_ntoa(myip)); + tmp[1] = strdup(inet_ntoa(clientip)); + + read = snprintf(out, sizeof(out), "%s-%s-%d", + tmp[0], tmp[1], my_mtu); - free(tmp[1]); - free(tmp[0]); + dnsd_send(dns_fd, &q, out, read); + q.id = 0; + + free(tmp[1]); + free(tmp[0]); + } else { + dnsd_send(dns_fd, &q, "LNAK", 4); + } } else if((in[0] >= '0' && in[0] <= '9') || (in[0] >= 'a' && in[0] <= 'f') || (in[0] >= 'A' && in[0] <= 'F')) { @@ -168,8 +210,9 @@ static void usage() { extern char *__progname; - printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] [-l ip address to listen on] [-p port]" - " tunnel_ip topdomain\n", __progname); + printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] " + "[-l ip address to listen on] [-p port] [-P password]" + " tunnel_ip topdomain\n", __progname); exit(2); } @@ -178,8 +221,9 @@ help() { extern char *__progname; printf("iodine IP over DNS tunneling server\n"); - printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] [-l ip address to listen on] [-p port]" - " tunnel_ip topdomain\n", __progname); + printf("Usage: %s [-v] [-h] [-f] [-u user] [-t chrootdir] [-d device] [-m mtu] " + "[-l ip address to listen on] [-p port] [-P password]" + " tunnel_ip topdomain\n", __progname); printf(" -v to print version info and exit\n"); printf(" -h to print this help and exit\n"); printf(" -f to keep running in foreground\n"); @@ -189,6 +233,7 @@ help() { printf(" -m mtu to set tunnel device mtu\n"); printf(" -l ip address to listen on for incoming dns traffic (default 0.0.0.0)\n"); printf(" -p port to listen on for incoming dns traffic (default 53)\n"); + printf(" -P password used for authentication (max 32 chars will be used)\n"); printf("tunnel_ip is the IP number of the local tunnel interface.\n"); printf("topdomain is the FQDN that is delegated to this server.\n"); exit(0); @@ -229,8 +274,9 @@ main(int argc, char **argv) packetbuf.offset = 0; outpacket.len = 0; q.id = 0; + memset(password, 0, 33); - while ((choice = getopt(argc, argv, "vfhu:t:d:m:l:p:")) != -1) { + while ((choice = getopt(argc, argv, "vfhu:t:d:m:l:p:P:")) != -1) { switch(choice) { case 'v': version(); @@ -263,6 +309,10 @@ main(int argc, char **argv) printf("You must manually forward port 53 to port %d for things to work.\n", port); } break; + case 'P': + strncpy(password, optarg, 32); + password[32] = 0; + break; default: usage(); break; @@ -298,6 +348,12 @@ main(int argc, char **argv) usage(); } + if (strlen(password) == 0) { + printf("Enter password on stdin:\n"); + scanf("%32s", password); + password[32] = 0; + } + if ((tun_fd = open_tun(device)) == -1) goto cleanup0; if (tun_setip(argv[0]) != 0 || tun_setmtu(mtu) != 0) diff --git a/src/login.c b/src/login.c new file mode 100644 index 0000000..09d130c --- /dev/null +++ b/src/login.c @@ -0,0 +1,409 @@ +/* + Copyright (C) 1999, 2000, 2002 Aladdin Enterprises. All rights reserved. + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + L. Peter Deutsch + ghost@aladdin.com + + */ +/* $Id: md5.c,v 1.6 2002/04/13 19:20:28 lpd Exp $ */ +/* + Independent implementation of MD5 (RFC 1321). + + This code implements the MD5 Algorithm defined in RFC 1321, whose + text is available at + http://www.ietf.org/rfc/rfc1321.txt + The code is derived from the text of the RFC, including the test suite + (section A.5) but excluding the rest of Appendix A. It does not include + any code or documentation that is identified in the RFC as being + copyrighted. + + The original and principal author of md5.c is L. Peter Deutsch + . Other authors are noted in the change history + that follows (in reverse chronological order): + + 2002-04-13 lpd Clarified derivation from RFC 1321; now handles byte order + either statically or dynamically; added missing #include + in library. + 2002-03-11 lpd Corrected argument list for main(), and added int return + type, in test program and T value program. + 2002-02-21 lpd Added missing #include in test program. + 2000-07-03 lpd Patched to eliminate warnings about "constant is + unsigned in ANSI C, signed in traditional"; made test program + self-checking. + 1999-11-04 lpd Edited comments slightly for automatic TOC extraction. + 1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5). + 1999-05-03 lpd Original version. + */ + +#include "login.h" +#include + +#undef BYTE_ORDER /* 1 = big-endian, -1 = little-endian, 0 = unknown */ +#ifdef ARCH_IS_BIG_ENDIAN +# define BYTE_ORDER (ARCH_IS_BIG_ENDIAN ? 1 : -1) +#else +# define BYTE_ORDER 0 +#endif + +#define T_MASK ((md5_word_t)~0) +#define T1 /* 0xd76aa478 */ (T_MASK ^ 0x28955b87) +#define T2 /* 0xe8c7b756 */ (T_MASK ^ 0x173848a9) +#define T3 0x242070db +#define T4 /* 0xc1bdceee */ (T_MASK ^ 0x3e423111) +#define T5 /* 0xf57c0faf */ (T_MASK ^ 0x0a83f050) +#define T6 0x4787c62a +#define T7 /* 0xa8304613 */ (T_MASK ^ 0x57cfb9ec) +#define T8 /* 0xfd469501 */ (T_MASK ^ 0x02b96afe) +#define T9 0x698098d8 +#define T10 /* 0x8b44f7af */ (T_MASK ^ 0x74bb0850) +#define T11 /* 0xffff5bb1 */ (T_MASK ^ 0x0000a44e) +#define T12 /* 0x895cd7be */ (T_MASK ^ 0x76a32841) +#define T13 0x6b901122 +#define T14 /* 0xfd987193 */ (T_MASK ^ 0x02678e6c) +#define T15 /* 0xa679438e */ (T_MASK ^ 0x5986bc71) +#define T16 0x49b40821 +#define T17 /* 0xf61e2562 */ (T_MASK ^ 0x09e1da9d) +#define T18 /* 0xc040b340 */ (T_MASK ^ 0x3fbf4cbf) +#define T19 0x265e5a51 +#define T20 /* 0xe9b6c7aa */ (T_MASK ^ 0x16493855) +#define T21 /* 0xd62f105d */ (T_MASK ^ 0x29d0efa2) +#define T22 0x02441453 +#define T23 /* 0xd8a1e681 */ (T_MASK ^ 0x275e197e) +#define T24 /* 0xe7d3fbc8 */ (T_MASK ^ 0x182c0437) +#define T25 0x21e1cde6 +#define T26 /* 0xc33707d6 */ (T_MASK ^ 0x3cc8f829) +#define T27 /* 0xf4d50d87 */ (T_MASK ^ 0x0b2af278) +#define T28 0x455a14ed +#define T29 /* 0xa9e3e905 */ (T_MASK ^ 0x561c16fa) +#define T30 /* 0xfcefa3f8 */ (T_MASK ^ 0x03105c07) +#define T31 0x676f02d9 +#define T32 /* 0x8d2a4c8a */ (T_MASK ^ 0x72d5b375) +#define T33 /* 0xfffa3942 */ (T_MASK ^ 0x0005c6bd) +#define T34 /* 0x8771f681 */ (T_MASK ^ 0x788e097e) +#define T35 0x6d9d6122 +#define T36 /* 0xfde5380c */ (T_MASK ^ 0x021ac7f3) +#define T37 /* 0xa4beea44 */ (T_MASK ^ 0x5b4115bb) +#define T38 0x4bdecfa9 +#define T39 /* 0xf6bb4b60 */ (T_MASK ^ 0x0944b49f) +#define T40 /* 0xbebfbc70 */ (T_MASK ^ 0x4140438f) +#define T41 0x289b7ec6 +#define T42 /* 0xeaa127fa */ (T_MASK ^ 0x155ed805) +#define T43 /* 0xd4ef3085 */ (T_MASK ^ 0x2b10cf7a) +#define T44 0x04881d05 +#define T45 /* 0xd9d4d039 */ (T_MASK ^ 0x262b2fc6) +#define T46 /* 0xe6db99e5 */ (T_MASK ^ 0x1924661a) +#define T47 0x1fa27cf8 +#define T48 /* 0xc4ac5665 */ (T_MASK ^ 0x3b53a99a) +#define T49 /* 0xf4292244 */ (T_MASK ^ 0x0bd6ddbb) +#define T50 0x432aff97 +#define T51 /* 0xab9423a7 */ (T_MASK ^ 0x546bdc58) +#define T52 /* 0xfc93a039 */ (T_MASK ^ 0x036c5fc6) +#define T53 0x655b59c3 +#define T54 /* 0x8f0ccc92 */ (T_MASK ^ 0x70f3336d) +#define T55 /* 0xffeff47d */ (T_MASK ^ 0x00100b82) +#define T56 /* 0x85845dd1 */ (T_MASK ^ 0x7a7ba22e) +#define T57 0x6fa87e4f +#define T58 /* 0xfe2ce6e0 */ (T_MASK ^ 0x01d3191f) +#define T59 /* 0xa3014314 */ (T_MASK ^ 0x5cfebceb) +#define T60 0x4e0811a1 +#define T61 /* 0xf7537e82 */ (T_MASK ^ 0x08ac817d) +#define T62 /* 0xbd3af235 */ (T_MASK ^ 0x42c50dca) +#define T63 0x2ad7d2bb +#define T64 /* 0xeb86d391 */ (T_MASK ^ 0x14792c6e) + + +static void +md5_process(md5_state_t *pms, const md5_byte_t *data /*[64]*/) +{ + md5_word_t + a = pms->abcd[0], b = pms->abcd[1], + c = pms->abcd[2], d = pms->abcd[3]; + md5_word_t t; +#if BYTE_ORDER > 0 + /* Define storage only for big-endian CPUs. */ + md5_word_t X[16]; +#else + /* Define storage for little-endian or both types of CPUs. */ + md5_word_t xbuf[16]; + const md5_word_t *X; +#endif + + { +#if BYTE_ORDER == 0 + /* + * Determine dynamically whether this is a big-endian or + * little-endian machine, since we can use a more efficient + * algorithm on the latter. + */ + static const int w = 1; + + if (*((const md5_byte_t *)&w)) /* dynamic little-endian */ +#endif +#if BYTE_ORDER <= 0 /* little-endian */ + { + /* + * On little-endian machines, we can process properly aligned + * data without copying it. + */ + if (!((data - (const md5_byte_t *)0) & 3)) { + /* data are properly aligned */ + X = (const md5_word_t *)data; + } else { + /* not aligned */ + memcpy(xbuf, data, 64); + X = xbuf; + } + } +#endif +#if BYTE_ORDER == 0 + else /* dynamic big-endian */ +#endif +#if BYTE_ORDER >= 0 /* big-endian */ + { + /* + * On big-endian machines, we must arrange the bytes in the + * right order. + */ + const md5_byte_t *xp = data; + int i; + +# if BYTE_ORDER == 0 + X = xbuf; /* (dynamic only) */ +# else +# define xbuf X /* (static only) */ +# endif + for (i = 0; i < 16; ++i, xp += 4) + xbuf[i] = xp[0] + (xp[1] << 8) + (xp[2] << 16) + (xp[3] << 24); + } +#endif + } + +#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32 - (n)))) + + /* Round 1. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + F(b,c,d) + X[k] + T[i]) <<< s). */ +#define F(x, y, z) (((x) & (y)) | (~(x) & (z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + F(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 0, 7, T1); + SET(d, a, b, c, 1, 12, T2); + SET(c, d, a, b, 2, 17, T3); + SET(b, c, d, a, 3, 22, T4); + SET(a, b, c, d, 4, 7, T5); + SET(d, a, b, c, 5, 12, T6); + SET(c, d, a, b, 6, 17, T7); + SET(b, c, d, a, 7, 22, T8); + SET(a, b, c, d, 8, 7, T9); + SET(d, a, b, c, 9, 12, T10); + SET(c, d, a, b, 10, 17, T11); + SET(b, c, d, a, 11, 22, T12); + SET(a, b, c, d, 12, 7, T13); + SET(d, a, b, c, 13, 12, T14); + SET(c, d, a, b, 14, 17, T15); + SET(b, c, d, a, 15, 22, T16); +#undef SET + + /* Round 2. */ + /* Let [abcd k s i] denote the operation + a = b + ((a + G(b,c,d) + X[k] + T[i]) <<< s). */ +#define G(x, y, z) (((x) & (z)) | ((y) & ~(z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + G(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 1, 5, T17); + SET(d, a, b, c, 6, 9, T18); + SET(c, d, a, b, 11, 14, T19); + SET(b, c, d, a, 0, 20, T20); + SET(a, b, c, d, 5, 5, T21); + SET(d, a, b, c, 10, 9, T22); + SET(c, d, a, b, 15, 14, T23); + SET(b, c, d, a, 4, 20, T24); + SET(a, b, c, d, 9, 5, T25); + SET(d, a, b, c, 14, 9, T26); + SET(c, d, a, b, 3, 14, T27); + SET(b, c, d, a, 8, 20, T28); + SET(a, b, c, d, 13, 5, T29); + SET(d, a, b, c, 2, 9, T30); + SET(c, d, a, b, 7, 14, T31); + SET(b, c, d, a, 12, 20, T32); +#undef SET + + /* Round 3. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + H(b,c,d) + X[k] + T[i]) <<< s). */ +#define H(x, y, z) ((x) ^ (y) ^ (z)) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + H(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 5, 4, T33); + SET(d, a, b, c, 8, 11, T34); + SET(c, d, a, b, 11, 16, T35); + SET(b, c, d, a, 14, 23, T36); + SET(a, b, c, d, 1, 4, T37); + SET(d, a, b, c, 4, 11, T38); + SET(c, d, a, b, 7, 16, T39); + SET(b, c, d, a, 10, 23, T40); + SET(a, b, c, d, 13, 4, T41); + SET(d, a, b, c, 0, 11, T42); + SET(c, d, a, b, 3, 16, T43); + SET(b, c, d, a, 6, 23, T44); + SET(a, b, c, d, 9, 4, T45); + SET(d, a, b, c, 12, 11, T46); + SET(c, d, a, b, 15, 16, T47); + SET(b, c, d, a, 2, 23, T48); +#undef SET + + /* Round 4. */ + /* Let [abcd k s t] denote the operation + a = b + ((a + I(b,c,d) + X[k] + T[i]) <<< s). */ +#define I(x, y, z) ((y) ^ ((x) | ~(z))) +#define SET(a, b, c, d, k, s, Ti)\ + t = a + I(b,c,d) + X[k] + Ti;\ + a = ROTATE_LEFT(t, s) + b + /* Do the following 16 operations. */ + SET(a, b, c, d, 0, 6, T49); + SET(d, a, b, c, 7, 10, T50); + SET(c, d, a, b, 14, 15, T51); + SET(b, c, d, a, 5, 21, T52); + SET(a, b, c, d, 12, 6, T53); + SET(d, a, b, c, 3, 10, T54); + SET(c, d, a, b, 10, 15, T55); + SET(b, c, d, a, 1, 21, T56); + SET(a, b, c, d, 8, 6, T57); + SET(d, a, b, c, 15, 10, T58); + SET(c, d, a, b, 6, 15, T59); + SET(b, c, d, a, 13, 21, T60); + SET(a, b, c, d, 4, 6, T61); + SET(d, a, b, c, 11, 10, T62); + SET(c, d, a, b, 2, 15, T63); + SET(b, c, d, a, 9, 21, T64); +#undef SET + + /* Then perform the following additions. (That is increment each + of the four registers by the value it had before this block + was started.) */ + pms->abcd[0] += a; + pms->abcd[1] += b; + pms->abcd[2] += c; + pms->abcd[3] += d; +} + +void +md5_init(md5_state_t *pms) +{ + pms->count[0] = pms->count[1] = 0; + pms->abcd[0] = 0x67452301; + pms->abcd[1] = /*0xefcdab89*/ T_MASK ^ 0x10325476; + pms->abcd[2] = /*0x98badcfe*/ T_MASK ^ 0x67452301; + pms->abcd[3] = 0x10325476; +} + +void +md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes) +{ + const md5_byte_t *p = data; + int left = nbytes; + int offset = (pms->count[0] >> 3) & 63; + md5_word_t nbits = (md5_word_t)(nbytes << 3); + + if (nbytes <= 0) + return; + + /* Update the message length. */ + pms->count[1] += nbytes >> 29; + pms->count[0] += nbits; + if (pms->count[0] < nbits) + pms->count[1]++; + + /* Process an initial partial block. */ + if (offset) { + int copy = (offset + nbytes > 64 ? 64 - offset : nbytes); + + memcpy(pms->buf + offset, p, copy); + if (offset + copy < 64) + return; + p += copy; + left -= copy; + md5_process(pms, pms->buf); + } + + /* Process full blocks. */ + for (; left >= 64; p += 64, left -= 64) + md5_process(pms, p); + + /* Process a final partial block. */ + if (left) + memcpy(pms->buf, p, left); +} + +void +md5_finish(md5_state_t *pms, md5_byte_t digest[16]) +{ + static const md5_byte_t pad[64] = { + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 + }; + md5_byte_t data[8]; + int i; + + /* Save the length before padding. */ + for (i = 0; i < 8; ++i) + data[i] = (md5_byte_t)(pms->count[i >> 2] >> ((i & 3) << 3)); + /* Pad to 56 bytes mod 64. */ + md5_append(pms, pad, ((55 - (pms->count[0] >> 3)) & 63) + 1); + /* Append the length. */ + md5_append(pms, data, 8); + for (i = 0; i < 16; ++i) + digest[i] = (md5_byte_t)(pms->abcd[i >> 2] >> ((i & 3) << 3)); +} + + + +/***********************************************************/ +/********** end of md5 code - login functions below ********/ +/***********************************************************/ + +// Needs a 16byte array for output, and 32 bytes password +void login_calculate(char *out, int len, char *pass, int seed) { + char temp[32]; + md5_state_t ctx; + int i; + int *ix; + + if (len < 16) { + return; + } + + memcpy(temp, pass, 32); + ix = (int *) temp; + for (i = 0; i < 8; i++) { + *ix++ ^= seed; + } + md5_init(&ctx); + md5_append(&ctx, temp, 32); + md5_finish(&ctx, out); +} + diff --git a/src/login.h b/src/login.h new file mode 100644 index 0000000..c01dd85 --- /dev/null +++ b/src/login.h @@ -0,0 +1,98 @@ +/* + Copyright (C) 1999, 2002 Aladdin Enterprises. All rights reserved. + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + L. Peter Deutsch + ghost@aladdin.com + + */ +/* $Id: md5.h,v 1.4 2002/04/13 19:20:28 lpd Exp $ */ +/* + Independent implementation of MD5 (RFC 1321). + + This code implements the MD5 Algorithm defined in RFC 1321, whose + text is available at + http://www.ietf.org/rfc/rfc1321.txt + The code is derived from the text of the RFC, including the test suite + (section A.5) but excluding the rest of Appendix A. It does not include + any code or documentation that is identified in the RFC as being + copyrighted. + + The original and principal author of md5.h is L. Peter Deutsch + . Other authors are noted in the change history + that follows (in reverse chronological order): + + 2002-04-13 lpd Removed support for non-ANSI compilers; removed + references to Ghostscript; clarified derivation from RFC 1321; + now handles byte order either statically or dynamically. + 1999-11-04 lpd Edited comments slightly for automatic TOC extraction. + 1999-10-18 lpd Fixed typo in header comment (ansi2knr rather than md5); + added conditionalization for C++ compilation from Martin + Purschke . + 1999-05-03 lpd Original version. + */ + +#ifndef md5_INCLUDED +# define md5_INCLUDED + +/* + * This package supports both compile-time and run-time determination of CPU + * byte order. If ARCH_IS_BIG_ENDIAN is defined as 0, the code will be + * compiled to run only on little-endian CPUs; if ARCH_IS_BIG_ENDIAN is + * defined as non-zero, the code will be compiled to run only on big-endian + * CPUs; if ARCH_IS_BIG_ENDIAN is not defined, the code will be compiled to + * run on either big- or little-endian CPUs, but will run slightly less + * efficiently on either one than if ARCH_IS_BIG_ENDIAN is defined. + */ + +typedef unsigned char md5_byte_t; /* 8-bit byte */ +typedef unsigned int md5_word_t; /* 32-bit word */ + +/* Define the state of the MD5 Algorithm. */ +typedef struct md5_state_s { + md5_word_t count[2]; /* message length in bits, lsw first */ + md5_word_t abcd[4]; /* digest buffer */ + md5_byte_t buf[64]; /* accumulate block */ +} md5_state_t; + +#ifdef __cplusplus +extern "C" +{ +#endif + +/* Initialize the algorithm. */ +void md5_init(md5_state_t *pms); + +/* Append a string to the message. */ +void md5_append(md5_state_t *pms, const md5_byte_t *data, int nbytes); + +/* Finish the message and return the digest. */ +void md5_finish(md5_state_t *pms, md5_byte_t digest[16]); + +#ifdef __cplusplus +} /* end extern "C" */ +#endif + + +/***********************************************************/ +/********** end of md5 code - login functions below ********/ +/***********************************************************/ + +void login_calculate(char *, int, char *, int); + +#endif /* md5_INCLUDED */ diff --git a/src/structs.h b/src/structs.h index 534f59c..61b92e6 100644 --- a/src/structs.h +++ b/src/structs.h @@ -32,4 +32,10 @@ struct query { int fromlen; }; +struct user { + int id; + struct sockaddr host; + int addrlen; +}; + #endif /* _STRUCTS_H_ */