From 4a8335d9ce69341216bea7fa8027043368c50870 Mon Sep 17 00:00:00 2001 From: brain Date: Mon, 4 Dec 2006 21:09:57 +0000 Subject: Make m_cloaking use m_md5. Fix m_md5. TODO: Document m_md5. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5851 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/m_cloaking.cpp | 301 +++++++-------------------------------------- 1 file changed, 47 insertions(+), 254 deletions(-) (limited to 'src/modules/m_cloaking.cpp') diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp index fb7ac134f..243b79ac2 100644 --- a/src/modules/m_cloaking.cpp +++ b/src/modules/m_cloaking.cpp @@ -15,41 +15,17 @@ */ #include "inspircd_config.h" -#ifdef HAS_STDINT -#include -#endif #include "configreader.h" #include "inspircd.h" #include "users.h" #include "channels.h" #include "modules.h" -/* $ModDesc: Provides masking of user hostnames */ - -/* The four core functions - F1 is optimized somewhat */ +#include "m_md5.h" -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) -#define MD5STEP(f,w,x,y,z,in,s) (w += f(x,y,z) + in, w = (w<>(32-s)) + x) - -#ifndef HAS_STDINT -typedef unsigned int uint32_t; -#endif +/* $ModDesc: Provides masking of user hostnames */ -typedef uint32_t word32; /* NOT unsigned long. We don't support 16 bit platforms, anyway. */ -typedef unsigned char byte; - -/** An MD5 context, used by m_cloaking - */ -class xMD5Context : public classbase -{ - public: - word32 buf[4]; - word32 bytes[2]; - word32 in[16]; -}; +static const char* xtab[] = {"F92E45D871BCA630", "A1B9D80C72E653F4", "1ABC078934DEF562", "ABCDEF5678901234"}; /** Handles user mode +x */ @@ -57,218 +33,18 @@ class CloakUser : public ModeHandler { std::string prefix; - word32 key1; - word32 key2; - word32 key3; - word32 key4; - - void byteSwap(word32 *buf, unsigned words) - { - byte *p = (byte *)buf; + unsigned int key1; + unsigned int key2; + unsigned int key3; + unsigned int key4; + Module* Sender; + Module* MD5Provider; - do - { - *buf++ = (word32)((unsigned)p[3] << 8 | p[2]) << 16 | - ((unsigned)p[1] << 8 | p[0]); - p += 4; - } while (--words); - } - - void xMD5Init(struct xMD5Context *ctx) - { - ctx->buf[0] = key1; - ctx->buf[1] = key2; - ctx->buf[2] = key3; - ctx->buf[3] = key4; - - ctx->bytes[0] = 0; - ctx->bytes[1] = 0; - } - - void xMD5Update(struct xMD5Context *ctx, byte const *buf, int len) - { - word32 t; - - /* Update byte count */ - - t = ctx->bytes[0]; - if ((ctx->bytes[0] = t + len) < t) - ctx->bytes[1]++; /* Carry from low to high */ - - t = 64 - (t & 0x3f); /* Space available in ctx->in (at least 1) */ - if ((unsigned)t > (unsigned)len) - { - memcpy((byte *)ctx->in + 64 - (unsigned)t, buf, len); - return; - } - /* First chunk is an odd size */ - memcpy((byte *)ctx->in + 64 - (unsigned)t, buf, (unsigned)t); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - buf += (unsigned)t; - len -= (unsigned)t; - - /* Process data in 64-byte chunks */ - while (len >= 64) - { - memcpy(ctx->in, buf, 64); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - buf += 64; - len -= 64; - } - - /* Handle any remaining bytes of data. */ - memcpy(ctx->in, buf, len); - } - - void xMD5Final(byte digest[16], struct xMD5Context *ctx) - { - int count = (int)(ctx->bytes[0] & 0x3f); /* Bytes in ctx->in */ - byte *p = (byte *)ctx->in + count; /* First unused byte */ - - /* Set the first char of padding to 0x80. There is always room. */ - *p++ = 0x80; - - /* Bytes of padding needed to make 56 bytes (-8..55) */ - count = 56 - 1 - count; - - if (count < 0) - { /* Padding forces an extra block */ - memset(p, 0, count+8); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - p = (byte *)ctx->in; - count = 56; - } - memset(p, 0, count+8); - byteSwap(ctx->in, 14); - - /* Append length in bits and transform */ - ctx->in[14] = ctx->bytes[0] << 3; - ctx->in[15] = ctx->bytes[1] << 3 | ctx->bytes[0] >> 29; - xMD5Transform(ctx->buf, ctx->in); - - byteSwap(ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(ctx)); - } - - void xMD5Transform(word32 buf[4], word32 const in[16]) - { - register word32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; - } - - - void MyMD5(void *dest, const void *orig, int len) + public: + CloakUser(InspIRCd* Instance, Module* Source, Module* MD5) : ModeHandler(Instance, 'x', 0, 0, false, MODETYPE_USER, false), Sender(Source), MD5Provider(MD5) { - struct xMD5Context context; - - xMD5Init(&context); - xMD5Update(&context, (const unsigned char*)orig, len); - xMD5Final((unsigned char*)dest, &context); } - - void GenHash(const char* src, char* dest, int xtable = 0) - { - // purposefully lossy md5 - only gives them the most significant 4 bits - // of every md5 output byte. - int i = 0; - unsigned char bytes[16]; - char hash[MAXBUF]; - *hash = 0; - MyMD5(bytes, src, strlen(src)); - for (i = 0; i < 16; i++) - { - const char* xtab[] = {"F92E45D871BCA630", "A1B9D80C72E653F4", "1ABC078934DEF562", "ABCDEF5678901234"}; - char hx[2] = { xtab[xtable][bytes[i] / 16], 0}; - strlcat(hash,hx,MAXBUF); - } - strlcpy(dest,hash,MAXBUF); - } - - public: - CloakUser(InspIRCd* Instance) : ModeHandler(Instance, 'x', 0, 0, false, MODETYPE_USER, false) { } - ModeAction OnModeChange(userrec* source, userrec* dest, chanrec* channel, std::string ¶meter, bool adding) { /* Only opers can change other users modes */ @@ -307,12 +83,10 @@ class CloakUser : public ModeHandler n = strstr(dest->host,":"); std::string a = n; - - char ra[64]; - this->GenHash(dest->host,ra); + std::string b; insp_inaddr testaddr; - std::string hostcloak = prefix + "-" + ra + a; + std::string hostcloak = prefix + "-" + MD5SumRequest(Sender, MD5Provider, dest->host).Send() + a; /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes * according to the DNS RFC) then tough titty, they get cloaked as an IP. @@ -355,8 +129,9 @@ class CloakUser : public ModeHandler std::string Cloak4(const char* ip) { + unsigned int iv[] = { key1, key2, key3, key4 }; irc::sepstream seps(ip, '.'); - char ra1[64], ra2[64], ra3[64], ra4[64]; + std::string ra1, ra2, ra3, ra4; int i1, i2, i3, i4; std::string octet1 = seps.GetToken(); std::string octet2 = seps.GetToken(); @@ -369,39 +144,52 @@ class CloakUser : public ModeHandler octet4 = octet1 + "." + octet2 + "." + octet3 + "." + octet4; octet3 = octet1 + "." + octet2 + "." + octet3; octet2 = octet1 + "." + octet2; - this->GenHash(octet1.c_str(),ra1, (key1+i1) % 4); - this->GenHash(octet2.c_str(),ra2, (key2+i2) % 4); - this->GenHash(octet3.c_str(),ra3, (key3+i3) % 4); - this->GenHash(octet4.c_str(),ra4, (key4+i4) % 4); + + MD5ResetRequest(Sender, MD5Provider).Send(); + MD5KeyRequest(Sender, MD5Provider, iv).Send(); + + MD5HexRequest(Sender, MD5Provider, xtab[(key1+i1) % 4]).Send(); + ra1 = std::string(MD5SumRequest(Sender, MD5Provider, octet1).Send()).substr(0,6); + + MD5HexRequest(Sender, MD5Provider, xtab[(key2+i2) % 4]).Send(); + ra2 = std::string(MD5SumRequest(Sender, MD5Provider, octet2).Send()).substr(0,6); + + MD5HexRequest(Sender, MD5Provider, xtab[(key3+i3) % 4]).Send(); + ra3 = std::string(MD5SumRequest(Sender, MD5Provider, octet3).Send()).substr(0,6); + + MD5HexRequest(Sender, MD5Provider, xtab[(key4+i4) % 4]).Send(); + ra4 = std::string(MD5SumRequest(Sender, MD5Provider, octet4).Send()).substr(0,6); + /* This is safe as we know the length generated by our genhash is always 16 */ - ra1[8] = ra2[8] = ra3[8] = ra4[8] = 0; return std::string().append(ra1).append(".").append(ra2).append(".").append(ra3).append(".").append(ra4); } std::string Cloak6(const char* ip) { + unsigned int iv[] = { key1, key2, key3, key4 }; std::vector hashies; std::string item = ""; int rounds = 0; + + MD5ResetRequest(Sender, MD5Provider).Send(); + MD5KeyRequest(Sender, MD5Provider, iv).Send(); + for (const char* input = ip; *input; input++) { item += *input; if (item.length() > 5) { - char ra[64]; - this->GenHash(item.c_str(), ra, (key1+rounds) % 4); - ra[9] = 0; - hashies.push_back(ra); + MD5HexRequest(Sender, MD5Provider, xtab[(key1+rounds) % 4]).Send(); + hashies.push_back(std::string(MD5SumRequest(Sender, MD5Provider, item).Send()).substr(0,10)); item = ""; } rounds++; } if (!item.empty()) { - char ra[64]; - this->GenHash(item.c_str(), ra, (key1+rounds) % 4); - ra[9] = 0; - hashies.push_back(ra); + MD5HexRequest(Sender, MD5Provider, xtab[(key1+rounds) % 4]).Send(); + hashies.push_back(std::string(MD5SumRequest(Sender, MD5Provider, item).Send()).substr(0,10)); + item = ""; } return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined(); } @@ -460,13 +248,18 @@ class ModuleCloaking : public Module private: CloakUser* cu; + Module* MD5Module; public: ModuleCloaking(InspIRCd* Me) : Module::Module(Me) { + MD5Module = ServerInstance->FindModule("m_md5.so"); + if (!MD5Module) + throw ModuleException("Can't find m_md5.so. Please load m_md5.so before m_cloaking.so."); + /* Create new mode handler object */ - cu = new CloakUser(ServerInstance); + cu = new CloakUser(ServerInstance, this, MD5Module); /* Register it with the core */ ServerInstance->AddMode(cu, 'x'); -- cgit v1.2.3