/[imapfilter]/imapfilter/passwd.c
ViewVC logotype

Diff of /imapfilter/passwd.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.2 by lefcha, Mon Jan 14 18:12:38 2002 UTC revision 1.3 by lefcha, Tue Jan 29 21:23:42 2002 UTC
# Line 15  Line 15 
15  extern account_t *accounts;  extern account_t *accounts;
16    
17  #ifdef ENCRYPTED_PASSWORDS  #ifdef ENCRYPTED_PASSWORDS
18  extern char passphr[PASSPHRASE_LEN];  extern char *passphr;
19  #endif  #endif
20    
21  /*  /*
# Line 25  void get_password(char *passwd, size_t p Line 25  void get_password(char *passwd, size_t p
25  {  {
26      char *c;      char *c;
27    
     tty_store();  
28      tty_disable_echo();      tty_disable_echo();
29    
30      if (fgets(passwd, pwlen, stdin))      if (fgets(passwd, pwlen, stdin))
# Line 48  int encrypt_passwords(FILE *fd, account_ Line 47  int encrypt_passwords(FILE *fd, account_
47      int i;          int i;    
48      char *c;      char *c;
49      unsigned char iv[EVP_MAX_IV_LENGTH];      unsigned char iv[EVP_MAX_IV_LENGTH];
50      unsigned char key[EVP_MAX_KEY_LENGTH];      unsigned char *key;
51      unsigned char buf[ENCRYPTION_BUF];      unsigned char buf[ENCRYPTION_BUF];
52      unsigned char ebuf[ENCRYPTION_BUF];      unsigned char ebuf[ENCRYPTION_BUF];
53      unsigned char bbuf[ENCRYPTION_BUF];      unsigned char bbuf[ENCRYPTION_BUF];
# Line 57  int encrypt_passwords(FILE *fd, account_ Line 56  int encrypt_passwords(FILE *fd, account_
56      EVP_CIPHER_CTX ctx;      EVP_CIPHER_CTX ctx;
57      EVP_MD_CTX mdctx;      EVP_MD_CTX mdctx;
58      EVP_ENCODE_CTX bctx;      EVP_ENCODE_CTX bctx;
59        
60        key = (unsigned char *) smalloc(EVP_MAX_KEY_LENGTH);
61    
62      srandom(time(NULL));      srandom(time(NULL));
63    
# Line 110  int encrypt_passwords(FILE *fd, account_ Line 111  int encrypt_passwords(FILE *fd, account_
111    
112    
113  /*  /*
114   * Decode (Base64) and decrypt passwords and verify the MD5 checksum.   * Decode (Base64) passwords, decrypt them and verify the MD5 checksum.
115   */   */
116  int decrypt_passwords(unsigned char *buf, FILE *fd)  int decrypt_passwords(unsigned char **buf, FILE *fd)
117  {  {
118      int i, j = 1;      int i, j = 1;
119      unsigned char iv[EVP_MAX_IV_LENGTH];      unsigned char iv[EVP_MAX_IV_LENGTH];
120      unsigned char key[EVP_MAX_KEY_LENGTH];      unsigned char *key;
121      unsigned char *c = buf;      unsigned char *c;
122      unsigned char ebuf[LINE_MAX];      unsigned char ebuf[LINE_MAX];
123      unsigned char bbuf[LINE_MAX];      unsigned char bbuf[LINE_MAX];
124      unsigned char mdv[EVP_MAX_MD_SIZE];      unsigned char mdv[EVP_MAX_MD_SIZE];
125      unsigned char mdc[EVP_MAX_MD_SIZE * 2 + 1];      unsigned char mdc[EVP_MAX_MD_SIZE * 2 + 1];
126      int mdl, bufl, ebufl;      int mdl, bufl, ebufl;
127      EVP_CIPHER_CTX ctx;      EVP_CIPHER_CTX *ctx;
128      EVP_MD_CTX mdctx;      EVP_MD_CTX mdctx;
129      EVP_ENCODE_CTX bctx;      EVP_ENCODE_CTX bctx;
130    
131        c = *buf = (unsigned char *) smalloc(DECRYPTION_BUF * sizeof(char));    
132        key = (unsigned char *) smalloc(EVP_MAX_KEY_LENGTH);
133        ctx = (EVP_CIPHER_CTX *) smalloc(sizeof(EVP_CIPHER_CTX));
134            
135      fgets(bbuf, LINE_MAX, fd);      fgets(bbuf, LINE_MAX, fd);
136    
137      memcpy(iv, bbuf, EVP_MAX_IV_LENGTH);      memcpy(iv, bbuf, EVP_MAX_IV_LENGTH);
138            
139      EVP_CIPHER_CTX_init(&ctx);      EVP_CIPHER_CTX_init(ctx);
140    
141      EVP_BytesToKey(EVP_bf_cbc(), EVP_md5(), NULL, passphr, strlen(passphr),      EVP_BytesToKey(EVP_bf_cbc(), EVP_md5(), NULL, passphr, strlen(passphr),
142                     1, key, NULL);                     1, key, NULL);
143    
144      EVP_DecryptInit(&ctx, EVP_bf_cbc(), key, iv);      EVP_DecryptInit(ctx, EVP_bf_cbc(), key, iv);
145      EVP_DecodeInit(&bctx);      EVP_DecodeInit(&bctx);
146    
147      while (fgets(bbuf, LINE_MAX, fd)) {      while (fgets(bbuf, LINE_MAX, fd)) {
148          EVP_DecodeUpdate(&bctx, ebuf, &ebufl, bbuf, strlen(bbuf));          EVP_DecodeUpdate(&bctx, ebuf, &ebufl, bbuf, strlen(bbuf));
149          if (!EVP_DecryptUpdate(&ctx, c, &bufl, ebuf, ebufl)) {          if (!EVP_DecryptUpdate(ctx, c, &bufl, ebuf, ebufl)) {
150              error("Wrong master passphrase.\n");              error("Wrong master passphrase.\n");
151                sfree(*buf);
152                sfree(key);
153                sfree(ctx);
154              return 1;              return 1;
155          }          }
156                    
157          c += bufl;          c += bufl;
158          *c = 0;          *c = 0;
159                    
160          if (c - buf < DECRYPTION_BUF * j - 64)          if (c - *buf < DECRYPTION_BUF * j - 64)
161              buf = (char *) xrealloc(buf, DECRYPTION_BUF * ++j);              *buf = (char *) srealloc(*buf, DECRYPTION_BUF * ++j);
162      }      }
163    
164      EVP_DecodeFinal(&bctx, ebuf, &ebufl);      EVP_DecodeFinal(&bctx, ebuf, &ebufl);
165      if (!EVP_DecryptFinal(&ctx, c, &bufl)) {      if (!EVP_DecryptFinal(ctx, c, &bufl)) {
166          fprintf(stderr, "Wrong master passphrase.\n");          fprintf(stderr, "Wrong master passphrase.\n");
167            sfree(*buf);
168            sfree(key);
169            sfree(ctx);
170          return 1;          return 1;
171      }      }
172            
173      c += bufl;      c += bufl;
174      *c = 0;      *c = 0;
175            
176      if ((c = strstr(buf, "\n.\n"))) {      if ((c = strstr(*buf, "\n.\n"))) {
177          EVP_DigestInit(&mdctx, EVP_md5());          EVP_DigestInit(&mdctx, EVP_md5());
178          EVP_DigestUpdate(&mdctx, buf, c - buf + 1);          EVP_DigestUpdate(&mdctx, *buf, c - *buf + 1);
179          EVP_DigestFinal(&mdctx, mdv, &mdl);          EVP_DigestFinal(&mdctx, mdv, &mdl);
180                    
181          for (i = 0; i < mdl; i++)          for (i = 0; i < mdl; i++)
# Line 172  int decrypt_passwords(unsigned char *buf Line 183  int decrypt_passwords(unsigned char *buf
183          putchar('\n');          putchar('\n');
184                    
185          *c = 0;          *c = 0;
186      } else      } else {
187            sfree(*buf);
188            sfree(key);
189            sfree(ctx);
190          return 1;          return 1;
191        }
192    
193      EVP_CIPHER_CTX_cleanup(&ctx);      EVP_CIPHER_CTX_cleanup(ctx);
194        
195        sfree(key);
196        sfree(ctx);
197            
198      return 0;      return 0;
199  }  }
# Line 189  void password_editor(void) Line 207  void password_editor(void)
207      int i, q, n;      int i, q, n;
208      char buf[LINE_MAX];      char buf[LINE_MAX];
209      char *c;      char *c;
210      char p[2][PASSPHRASE_LEN];      char *p[2];
211      account_t *a, *accts[EDITOR_PASSWORDS_MAX];      account_t *a, *accts[EDITOR_PASSWORDS_MAX];
212        
213      q = 0;      q = 0;
214        
215        memset(accts, 0, EDITOR_PASSWORDS_MAX);
216    
217      for (i = 0; i < EDITOR_PASSWORDS_MAX; i++)      for (i = 0, a = accounts; i < EDITOR_PASSWORDS_MAX - 1 && a; a = a->next) {
         accts[i] = NULL;  
   
     for (i = 0, a = accounts; i < EDITOR_PASSWORDS_MAX && a; a = a->next) {  
218          if (a->passwdattr == PASSWORD_NONE ||          if (a->passwdattr == PASSWORD_NONE ||
219              a->passwdattr == PASSWORD_ENCRYPTED)              a->passwdattr == PASSWORD_ENCRYPTED)
220              accts[i++] = a;              accts[i++] = a;
# Line 239  void password_editor(void) Line 256  void password_editor(void)
256                      break;                      break;
257                  accts[n - 1]->password[0] = 0;                  accts[n - 1]->password[0] = 0;
258              } else if (*c == 'p') {              } else if (*c == 'p') {
259                    p[0] = (char *) smalloc(PASSPHRASE_LEN);
260                    p[1] = (char *) smalloc(PASSPHRASE_LEN);
261                  do {                  do {
262                      for (i = 0; i < 2; i++) {                      for (i = 0; i < 2; i++) {
263                          printf("Enter %snew master password: ",                          printf("Enter %snew master password: ",

Legend:
Removed from v.1.2  
changed lines
  Added in v.1.3

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26