src/modules/m_spanningtree/hmac.cpp

   1 /*       +------------------------------------+
   2  *       | Inspire Internet Relay Chat Daemon |
   3  *       +------------------------------------+
   4  *
   5  *  InspIRCd: (C) 2002-2010 InspIRCd Development Team
   6  * See: http://wiki.inspircd.org/Credits
   7  *
   8  * This program is free but copyrighted software; see
   9  *            the file COPYING for details.
  10  *
  11  * ---------------------------------------------------
  12  */
  13
  14 #include "inspircd.h"
  15 #include "socket.h"
  16 #include "xline.h"
  17 #include "../m_hash.h"
  18 #include "../ssl.h"
  19 #include "socketengine.h"
  20
  21 #include "main.h"
  22 #include "utils.h"
  23 #include "treeserver.h"
  24 #include "link.h"
  25 #include "treesocket.h"
  26 #include "resolvers.h"
  27
  28 /* $ModDep: m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h m_hash.h */
  29
  30 const std::string& TreeSocket::GetOurChallenge()
  31 {
  32         return capab->ourchallenge;
  33 }
  34
  35 void TreeSocket::SetOurChallenge(const std::string &c)
  36 {
  37         capab->ourchallenge = c;
  38 }
  39
  40 const std::string& TreeSocket::GetTheirChallenge()
  41 {
  42         return capab->theirchallenge;
  43 }
  44
  45 void TreeSocket::SetTheirChallenge(const std::string &c)
  46 {
  47         capab->theirchallenge = c;
  48 }
  49
  50 std::string TreeSocket::MakePass(const std::string &password, const std::string &challenge)
  51 {
  52         /* This is a simple (maybe a bit hacky?) HMAC algorithm, thanks to jilles for
  53          * suggesting the use of HMAC to secure the password against various attacks.
  54          *
  55          * Note: If m_sha256.so is not loaded, we MUST fall back to plaintext with no
  56          *       HMAC challenge/response.
  57          */
  58         HashProvider* sha256 = ServerInstance->Modules->FindDataService<HashProvider>("hash/sha256");
  59         if (Utils->ChallengeResponse && sha256 && !challenge.empty())
  60         {
  61                 /* This is how HMAC is supposed to be done:
  62                  *
  63                  * sha256( (pass xor 0x5c) + sha256((pass xor 0x36) + m) )
  64                  *
  65                  * 5c and 36 were chosen as part of the HMAC standard, because they
  66                  * flip the bits in a way likely to strengthen the function.
  67                  */
  68                 std::string hmac1, hmac2;
  69
  70                 for (size_t n = 0; n < password.length(); n++)
  71                 {
  72                         hmac1.push_back(static_cast<char>(password[n] ^ 0x5C));
  73                         hmac2.push_back(static_cast<char>(password[n] ^ 0x36));
  74                 }
  75
  76                 if (proto_version >= 1202)
  77                 {
  78                         hmac2.append(challenge);
  79                         std::string hmac = sha256->hexsum(hmac1 + sha256->sum(hmac2));
  80
  81                         return "AUTH:" + hmac;
  82                 }
  83                 else
  84                 {
  85                         // version 1.2 used a weaker HMAC, using hex output in the intermediate step
  86                         hmac2.append(challenge);
  87                         hmac2 = sha256->hexsum(hmac2);
  88
  89                         std::string hmac = hmac1 + hmac2;
  90                         hmac = sha256->hexsum(hmac);
  91
  92                         return "HMAC-SHA256:"+ hmac;
  93                 }
  94         }
  95         else if (!challenge.empty() && !sha256)
  96                 ServerInstance->Logs->Log("m_spanningtree",DEFAULT,"Not authenticating to server using SHA256/HMAC because we don't have m_sha256 loaded!");
  97
  98         return password;
  99 }
 100
 101 std::string TreeSocket::RandString(unsigned int ilength)
 102 {
 103         char* randombuf = new char[ilength+1];
 104         std::string out;
 105 #ifndef WINDOWS
 106         int f = open("/dev/urandom", O_RDONLY, 0);
 107
 108         if (f >= 0)
 109         {
 110                 if (read(f, randombuf, ilength) < (int)ilength)
 111                         ServerInstance->Logs->Log("m_spanningtree", DEFAULT, "Entropy source has gone predictable (did not return enough data)");
 112                 close(f);
 113         }
 114         else
 115 #endif
 116         {
 117                 for (unsigned int i = 0; i < ilength; i++)
 118                         randombuf[i] = rand();
 119         }
 120
 121         for (unsigned int i = 0; i < ilength; i++)
 122         {
 123                 char randchar = static_cast<char>(0x3F + (randombuf[i] & 0x3F));
 124                 out += randchar;
 125         }
 126
 127         delete[] randombuf;
 128         return out;
 129 }
 130
 131 bool TreeSocket::ComparePass(const Link& link, const std::string &theirs)
 132 {
 133         capab->auth_fingerprint = !link.Fingerprint.empty();
 134         capab->auth_challenge = !capab->ourchallenge.empty() && !capab->theirchallenge.empty();
 135
 136         std::string fp;
 137         if (GetIOHook())
 138         {
 139                 SocketCertificateRequest req(this, Utils->Creator, GetIOHook());
 140                 if (req.cert)
 141                 {
 142                         fp = req.cert->GetFingerprint();
 143                 }
 144         }
 145
 146         if (capab->auth_challenge)
 147         {
 148                 std::string our_hmac = MakePass(link.RecvPass, capab->ourchallenge);
 149
 150                 /* Straight string compare of hashes */
 151                 if (our_hmac != theirs)
 152                         return false;
 153         }
 154         else
 155         {
 156                 /* Straight string compare of plaintext */
 157                 if (link.RecvPass != theirs)
 158                         return false;
 159         }
 160
 161         if (capab->auth_fingerprint)
 162         {
 163                 /* Require fingerprint to exist and match */
 164                 if (link.Fingerprint != fp)
 165                 {
 166                         ServerInstance->SNO->WriteToSnoMask('l',"Invalid SSL fingerprint on link %s: need '%s' got '%s'",
 167                                 link.Name.c_str(), link.Fingerprint.c_str(), fp.c_str());
 168                         SendError("Provided invalid SSL fingerprint " + fp + " - expected " + link.Fingerprint);
 169                         return false;
 170                 }
 171         }
 172         else if (!fp.empty())
 173         {
 174                 ServerInstance->SNO->WriteToSnoMask('l', "SSL fingerprint for link %s is %s", link.Name.c_str(), fp.c_str());
 175         }
 176         return true;
 177 }