|
version 1.1.1.1, 2021/03/17 00:36:46
|
version 1.1.1.2, 2023/09/27 11:14:54
|
|
Line 35
|
Line 35
|
| #define _WITH_GETLINE |
#define _WITH_GETLINE |
| #include <stdio.h> |
#include <stdio.h> |
| #include <termios.h> |
#include <termios.h> |
| |
#include <inttypes.h> |
| |
#include <stdint.h> |
| |
|
| #if defined(HAVE_SSL) |
#if defined(HAVE_SSL) |
| |
|
|
Line 45
|
Line 47
|
| #include <openssl/buffer.h> |
#include <openssl/buffer.h> |
| #include <openssl/err.h> |
#include <openssl/err.h> |
| |
|
| const char *auth_text_format = "user: %s\npwd: %s\nts: %ld"; | const char *auth_text_format = "user: %s\npwd: %s\nts: %"PRId64; |
| |
|
| void sha256(const char *string, char outputBuffer[65]) |
void sha256(const char *string, char outputBuffer[65]) |
| { |
{ |
|
Line 62 void sha256(const char *string, char outputBuffer[65])
|
Line 64 void sha256(const char *string, char outputBuffer[65])
|
| outputBuffer[64] = 0; |
outputBuffer[64] = 0; |
| } |
} |
| |
|
| int check_authentication(const char *username, const char *password, const time_t ts, const char *filename){ | int check_authentication(const char *username, const char *password, const time_t ts, const char *filename, int skew_threshold){ |
| time_t t = time(NULL); |
time_t t = time(NULL); |
| time_t utc_seconds = mktime(localtime(&t)); |
time_t utc_seconds = mktime(localtime(&t)); |
| if ( (utc_seconds - ts) > 10 || (utc_seconds - ts) < -10 ) { | if ( (utc_seconds - ts) > skew_threshold || (utc_seconds - ts) < -skew_threshold ) { |
| return 1; |
return 1; |
| } |
} |
| |
|
|
Line 160 EVP_PKEY *load_pubkey_from_file(const char *file) {
|
Line 162 EVP_PKEY *load_pubkey_from_file(const char *file) {
|
| |
|
| if (file) { |
if (file) { |
| key = BIO_new_file(file, "r"); |
key = BIO_new_file(file, "r"); |
| pkey = PEM_read_bio_PUBKEY(key, NULL, NULL, NULL); | if (key != NULL) { |
| | pkey = PEM_read_bio_PUBKEY(key, NULL, NULL, NULL); |
| BIO_free(key); | BIO_free(key); |
| | } |
| } |
} |
| return (pkey); |
return (pkey); |
| } | } |
| |
|
| EVP_PKEY *load_pubkey_from_base64(const char *buffer) { |
EVP_PKEY *load_pubkey_from_base64(const char *buffer) { |
| unsigned char *key = NULL; |
unsigned char *key = NULL; |
|
Line 186 EVP_PKEY *load_privkey_from_file(const char *file) {
|
Line 189 EVP_PKEY *load_privkey_from_file(const char *file) {
|
| |
|
| if (file) { |
if (file) { |
| key = BIO_new_file(file, "r"); |
key = BIO_new_file(file, "r"); |
| pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, NULL); | if (key != NULL) { |
| pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, NULL); |
| BIO_free(key); | BIO_free(key); |
| | } |
| } |
} |
| return (pkey); |
return (pkey); |
| } |
} |
|
Line 244 int encrypt_rsa_message(const char *plaintext, EVP_PKE
|
Line 248 int encrypt_rsa_message(const char *plaintext, EVP_PKE
|
| BIO_free(bioBuff); |
BIO_free(bioBuff); |
| |
|
| if (encryptedtext_len < 0) { |
if (encryptedtext_len < 0) { |
| /* We probably shoudln't be printing stuff like this */ | /* We probably shouldn't be printing stuff like this */ |
| fprintf(stderr, "%s\n", ERR_error_string(ERR_get_error(), NULL)); |
fprintf(stderr, "%s\n", ERR_error_string(ERR_get_error(), NULL)); |
| } |
} |
| |
|
| return encryptedtext_len; | return encryptedtext_len; |
| } |
} |
| |
|
| int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext) { |
int decrypt_rsa_message(const unsigned char *encryptedtext, const int encryptedtext_len, EVP_PKEY *private_key, unsigned char **plaintext) { |
| RSA *rsa = NULL; |
RSA *rsa = NULL; |
| unsigned char *rsa_buffer = NULL, pad = RSA_PKCS1_PADDING; |
unsigned char *rsa_buffer = NULL, pad = RSA_PKCS1_PADDING; |
| int plaintext_len, rsa_buffer_len, keysize; |
int plaintext_len, rsa_buffer_len, keysize; |
| | |
| rsa = EVP_PKEY_get1_RSA(private_key); |
rsa = EVP_PKEY_get1_RSA(private_key); |
| |
|
| keysize = RSA_size(rsa); |
keysize = RSA_size(rsa); |
|
Line 271 int decrypt_rsa_message(const unsigned char *encrypted
|
Line 275 int decrypt_rsa_message(const unsigned char *encrypted
|
| BIO_free(bioBuff); |
BIO_free(bioBuff); |
| |
|
| if (plaintext_len < 0) { |
if (plaintext_len < 0) { |
| /* We probably shoudln't be printing stuff like this */ | /* We probably shouldn't be printing stuff like this */ |
| fprintf(stderr, "%s\n", ERR_error_string(ERR_get_error(), NULL)); |
fprintf(stderr, "%s\n", ERR_error_string(ERR_get_error(), NULL)); |
| } |
} |
| |
|
|
Line 291 int encode_auth_setting(const char *username, const ch
|
Line 295 int encode_auth_setting(const char *username, const ch
|
| if (text == NULL) { |
if (text == NULL) { |
| return -1; |
return -1; |
| } |
} |
| snprintf(text, text_len, auth_text_format, username, password, utc_seconds); | snprintf(text, text_len, auth_text_format, username, password, (int64_t)utc_seconds); |
| |
|
| unsigned char *encrypted = NULL; |
unsigned char *encrypted = NULL; |
| int encrypted_len; |
int encrypted_len; |
|
Line 309 int encode_auth_setting(const char *username, const ch
|
Line 313 int encode_auth_setting(const char *username, const ch
|
| int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts){ |
int decode_auth_setting(int enable_debug, const char *authtoken, EVP_PKEY *private_key, char **username, char **password, time_t *ts){ |
| unsigned char *encrypted_b64 = NULL; |
unsigned char *encrypted_b64 = NULL; |
| size_t encrypted_len_b64; |
size_t encrypted_len_b64; |
| Base64Decode(authtoken, &encrypted_b64, &encrypted_len_b64); | int64_t utc_seconds; |
| | Base64Decode(authtoken, &encrypted_b64, &encrypted_len_b64); |
| |
|
| unsigned char *plaintext = NULL; |
unsigned char *plaintext = NULL; |
| int plaintext_len; |
int plaintext_len; |
|
Line 331 int decode_auth_setting(int enable_debug, const char *
|
Line 336 int decode_auth_setting(int enable_debug, const char *
|
| return -1; |
return -1; |
| } |
} |
| |
|
| int rc = sscanf((char *) plaintext, auth_text_format, s_username, s_password, ts); | int rc = sscanf((char *) plaintext, auth_text_format, s_username, s_password, &utc_seconds); |
| if (rc != 3) { |
if (rc != 3) { |
| free(s_password); |
free(s_password); |
| free(s_username); |
free(s_username); |
|
Line 344 int decode_auth_setting(int enable_debug, const char *
|
Line 349 int decode_auth_setting(int enable_debug, const char *
|
| } |
} |
| *username = s_username; |
*username = s_username; |
| *password = s_password; |
*password = s_password; |
| |
*ts = (time_t)utc_seconds; |
| OPENSSL_free(plaintext); |
OPENSSL_free(plaintext); |
| return (0); |
return (0); |
| } |
} |
|
Line 381 ssize_t iperf_getpass (char **lineptr, size_t *n, FILE
|
Line 387 ssize_t iperf_getpass (char **lineptr, size_t *n, FILE
|
| |
|
| return nread; |
return nread; |
| } |
} |
| |
|
| |
|
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to iperf_auth.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / iperf / src