mirror of
https://github.com/3proxy/3proxy.git
synced 2026-05-13 13:30:12 +08:00
3proxy_crypt cleanup
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
This commit is contained in:
Vladimir Dubrovin
parent
0d7f05b05b
commit
45c3b89484
@ -51,6 +51,8 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
|||||||
unsigned int len=sizeof(szUnicodePass);
|
unsigned int len=sizeof(szUnicodePass);
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
|
|
||||||
|
if(md4 == NULL) return NULL;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* NT passwords are unicode. Convert plain text password
|
* NT passwords are unicode. Convert plain text password
|
||||||
* to unicode by inserting a zero every other byte
|
* to unicode by inserting a zero every other byte
|
||||||
@ -64,8 +66,10 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
|||||||
|
|
||||||
/* Encrypt Unicode password to a 16-byte MD4 hash */
|
/* Encrypt Unicode password to a 16-byte MD4 hash */
|
||||||
ctx = EVP_MD_CTX_new();
|
ctx = EVP_MD_CTX_new();
|
||||||
|
if(!ctx) return NULL;
|
||||||
if(!EVP_DigestInit_ex(ctx, md4, NULL)){
|
if(!EVP_DigestInit_ex(ctx, md4, NULL)){
|
||||||
fprintf(stderr, "Failed to init MD4 digest\n");
|
EVP_MD_CTX_free(ctx);
|
||||||
|
return NULL;
|
||||||
}
|
}
|
||||||
EVP_DigestUpdate(ctx, szUnicodePass, (nPasswordLen<<1));
|
EVP_DigestUpdate(ctx, szUnicodePass, (nPasswordLen<<1));
|
||||||
EVP_DigestFinal_ex(ctx, szUnicodePass, &len);
|
EVP_DigestFinal_ex(ctx, szUnicodePass, &len);
|
||||||
@ -74,6 +78,7 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
|||||||
tohex(szUnicodePass, szHash, 16);
|
tohex(szUnicodePass, szHash, 16);
|
||||||
}
|
}
|
||||||
else memcpy(szHash, szUnicodePass, 16);
|
else memcpy(szHash, szUnicodePass, 16);
|
||||||
|
memset(szUnicodePass, 0, sizeof szUnicodePass);
|
||||||
return szHash;
|
return szHash;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@ -85,7 +90,7 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
|||||||
unsigned char *magic;
|
unsigned char *magic;
|
||||||
unsigned char *p;
|
unsigned char *p;
|
||||||
const unsigned char *sp;
|
const unsigned char *sp;
|
||||||
unsigned char final[MD5_SIZE];
|
unsigned char final[MD5_SIZE] = {0};
|
||||||
int sl;
|
int sl;
|
||||||
unsigned long l;
|
unsigned long l;
|
||||||
|
|
||||||
@ -95,11 +100,20 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
|||||||
unsigned int len;
|
unsigned int len;
|
||||||
int pl, i;
|
int pl, i;
|
||||||
|
|
||||||
|
if(md5 == NULL) {
|
||||||
|
*passwd = 0;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
sp = salt +3;
|
sp = salt +3;
|
||||||
sl = (int)(ep - sp);
|
sl = (int)(ep - sp);
|
||||||
magic = (unsigned char *)"$1$";
|
magic = (unsigned char *)"$1$";
|
||||||
|
|
||||||
ctx = EVP_MD_CTX_new();
|
ctx = EVP_MD_CTX_new();
|
||||||
|
if(!ctx) {
|
||||||
|
*passwd = 0;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
EVP_DigestInit_ex(ctx, md5, NULL);
|
EVP_DigestInit_ex(ctx, md5, NULL);
|
||||||
|
|
||||||
/* The password first, since that is what is most unknown */
|
/* The password first, since that is what is most unknown */
|
||||||
@ -113,6 +127,11 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
|||||||
|
|
||||||
/* Then just as many unsigned characters of the MD5(pw,salt,pw) */
|
/* Then just as many unsigned characters of the MD5(pw,salt,pw) */
|
||||||
ctx1 = EVP_MD_CTX_new();
|
ctx1 = EVP_MD_CTX_new();
|
||||||
|
if(!ctx1) {
|
||||||
|
EVP_MD_CTX_free(ctx);
|
||||||
|
*passwd = 0;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
EVP_DigestInit_ex(ctx1, EVP_md5(), NULL);
|
EVP_DigestInit_ex(ctx1, EVP_md5(), NULL);
|
||||||
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
|
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
|
||||||
EVP_DigestUpdate(ctx1,sp,sl);
|
EVP_DigestUpdate(ctx1,sp,sl);
|
||||||
@ -170,10 +189,13 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
|||||||
magic = (unsigned char *)"$3$";
|
magic = (unsigned char *)"$3$";
|
||||||
{
|
{
|
||||||
blake2b_state S;
|
blake2b_state S;
|
||||||
blake2b_init(&S, MD5_SIZE);
|
if(blake2b_init(&S, MD5_SIZE) != 0 ||
|
||||||
blake2b_update(&S, pw, strlen((char *)pw) + 1);
|
blake2b_update(&S, pw, strlen((char *)pw) + 1) != 0 ||
|
||||||
blake2b_update(&S, sp, sl);
|
blake2b_update(&S, sp, sl) != 0 ||
|
||||||
blake2b_final(&S, final, MD5_SIZE);
|
blake2b_final(&S, final, MD5_SIZE) != 0) {
|
||||||
|
*passwd = 0;
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
@ -248,16 +270,19 @@ int main(int argc, char* argv[]){
|
|||||||
#endif
|
#endif
|
||||||
if(argc == 2) {
|
if(argc == 2) {
|
||||||
#ifdef WITH_SSL
|
#ifdef WITH_SSL
|
||||||
printf("NT:%s\n", ntpwdhash(buf, (unsigned char *)argv[1], 1));
|
{ unsigned char *nt = ntpwdhash(buf, (unsigned char *)argv[1], 1);
|
||||||
|
if(nt) printf("NT:%s\n", nt); }
|
||||||
#else
|
#else
|
||||||
fprintf(stderr, "NT crypt not available (compiled without OpenSSL)\n");
|
fprintf(stderr, "NT crypt not available (compiled without OpenSSL)\n");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
unsigned char *cr;
|
||||||
i = (int)strlen((char *)argv[1]);
|
i = (int)strlen((char *)argv[1]);
|
||||||
if (i > 64) argv[1][64] = 0;
|
if (i > 64) argv[1][64] = 0;
|
||||||
sprintf((char *)buf, "$3$%s$", argv[1]);
|
sprintf((char *)buf, "$3$%s$", argv[1]);
|
||||||
printf("CR:%s\n", mycrypt((unsigned char *)argv[2], buf, buf+256));
|
cr = mycrypt((unsigned char *)argv[2], buf, buf+256);
|
||||||
|
if(cr) printf("CR:%s\n", cr);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -242,13 +242,13 @@ int strongauth(struct clientparam * param){
|
|||||||
return 6;
|
return 6;
|
||||||
}
|
}
|
||||||
case CR:
|
case CR:
|
||||||
if (!strcmp(pass + 1, (char *)mycrypt(param->password, (unsigned char *)pass, buf)))
|
if (mycrypt(param->password, (unsigned char *)pass, buf) &&
|
||||||
|
!strcmp(pass + 1, (char *)buf))
|
||||||
return 0;
|
return 0;
|
||||||
else return 7;
|
else return 7;
|
||||||
#ifdef WITH_SSL
|
#ifdef WITH_SSL
|
||||||
case NT:
|
case NT:
|
||||||
ntpwdhash(buf, param->password, 1);
|
if(ntpwdhash(buf, param->password, 1) && !strcmp(pass + 1, (char *)buf)) return 0;
|
||||||
if(!strcmp(pass + 1, (char *)buf)) return 0;
|
|
||||||
else return 8;
|
else return 8;
|
||||||
#endif
|
#endif
|
||||||
default:
|
default:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user