mirror of
https://github.com/3proxy/3proxy.git
synced 2026-05-13 13:30:12 +08:00
3proxy_crypt cleanup
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Some checks are pending
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run
This commit is contained in:
Vladimir Dubrovin
parent
0d7f05b05b
commit
45c3b89484
@ -51,6 +51,8 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
||||
unsigned int len=sizeof(szUnicodePass);
|
||||
unsigned int i;
|
||||
|
||||
if(md4 == NULL) return NULL;
|
||||
|
||||
/*
|
||||
* NT passwords are unicode. Convert plain text password
|
||||
* to unicode by inserting a zero every other byte
|
||||
@ -64,8 +66,10 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
||||
|
||||
/* Encrypt Unicode password to a 16-byte MD4 hash */
|
||||
ctx = EVP_MD_CTX_new();
|
||||
if(!ctx) return NULL;
|
||||
if(!EVP_DigestInit_ex(ctx, md4, NULL)){
|
||||
fprintf(stderr, "Failed to init MD4 digest\n");
|
||||
EVP_MD_CTX_free(ctx);
|
||||
return NULL;
|
||||
}
|
||||
EVP_DigestUpdate(ctx, szUnicodePass, (nPasswordLen<<1));
|
||||
EVP_DigestFinal_ex(ctx, szUnicodePass, &len);
|
||||
@ -74,6 +78,7 @@ unsigned char * ntpwdhash (unsigned char *szHash, const unsigned char *szPasswor
|
||||
tohex(szUnicodePass, szHash, 16);
|
||||
}
|
||||
else memcpy(szHash, szUnicodePass, 16);
|
||||
memset(szUnicodePass, 0, sizeof szUnicodePass);
|
||||
return szHash;
|
||||
}
|
||||
#endif
|
||||
@ -85,7 +90,7 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
||||
unsigned char *magic;
|
||||
unsigned char *p;
|
||||
const unsigned char *sp;
|
||||
unsigned char final[MD5_SIZE];
|
||||
unsigned char final[MD5_SIZE] = {0};
|
||||
int sl;
|
||||
unsigned long l;
|
||||
|
||||
@ -95,11 +100,20 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
||||
unsigned int len;
|
||||
int pl, i;
|
||||
|
||||
if(md5 == NULL) {
|
||||
*passwd = 0;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
sp = salt +3;
|
||||
sl = (int)(ep - sp);
|
||||
magic = (unsigned char *)"$1$";
|
||||
|
||||
ctx = EVP_MD_CTX_new();
|
||||
if(!ctx) {
|
||||
*passwd = 0;
|
||||
return NULL;
|
||||
}
|
||||
EVP_DigestInit_ex(ctx, md5, NULL);
|
||||
|
||||
/* The password first, since that is what is most unknown */
|
||||
@ -113,6 +127,11 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
||||
|
||||
/* Then just as many unsigned characters of the MD5(pw,salt,pw) */
|
||||
ctx1 = EVP_MD_CTX_new();
|
||||
if(!ctx1) {
|
||||
EVP_MD_CTX_free(ctx);
|
||||
*passwd = 0;
|
||||
return NULL;
|
||||
}
|
||||
EVP_DigestInit_ex(ctx1, EVP_md5(), NULL);
|
||||
EVP_DigestUpdate(ctx1,pw,strlen((char *)pw));
|
||||
EVP_DigestUpdate(ctx1,sp,sl);
|
||||
@ -170,10 +189,13 @@ unsigned char * mycrypt(const unsigned char *pw, const unsigned char *salt, unsi
|
||||
magic = (unsigned char *)"$3$";
|
||||
{
|
||||
blake2b_state S;
|
||||
blake2b_init(&S, MD5_SIZE);
|
||||
blake2b_update(&S, pw, strlen((char *)pw) + 1);
|
||||
blake2b_update(&S, sp, sl);
|
||||
blake2b_final(&S, final, MD5_SIZE);
|
||||
if(blake2b_init(&S, MD5_SIZE) != 0 ||
|
||||
blake2b_update(&S, pw, strlen((char *)pw) + 1) != 0 ||
|
||||
blake2b_update(&S, sp, sl) != 0 ||
|
||||
blake2b_final(&S, final, MD5_SIZE) != 0) {
|
||||
*passwd = 0;
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
@ -248,16 +270,19 @@ int main(int argc, char* argv[]){
|
||||
#endif
|
||||
if(argc == 2) {
|
||||
#ifdef WITH_SSL
|
||||
printf("NT:%s\n", ntpwdhash(buf, (unsigned char *)argv[1], 1));
|
||||
{ unsigned char *nt = ntpwdhash(buf, (unsigned char *)argv[1], 1);
|
||||
if(nt) printf("NT:%s\n", nt); }
|
||||
#else
|
||||
fprintf(stderr, "NT crypt not available (compiled without OpenSSL)\n");
|
||||
#endif
|
||||
}
|
||||
else {
|
||||
unsigned char *cr;
|
||||
i = (int)strlen((char *)argv[1]);
|
||||
if (i > 64) argv[1][64] = 0;
|
||||
sprintf((char *)buf, "$3$%s$", argv[1]);
|
||||
printf("CR:%s\n", mycrypt((unsigned char *)argv[2], buf, buf+256));
|
||||
cr = mycrypt((unsigned char *)argv[2], buf, buf+256);
|
||||
if(cr) printf("CR:%s\n", cr);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -242,13 +242,13 @@ int strongauth(struct clientparam * param){
|
||||
return 6;
|
||||
}
|
||||
case CR:
|
||||
if (!strcmp(pass + 1, (char *)mycrypt(param->password, (unsigned char *)pass, buf)))
|
||||
if (mycrypt(param->password, (unsigned char *)pass, buf) &&
|
||||
!strcmp(pass + 1, (char *)buf))
|
||||
return 0;
|
||||
else return 7;
|
||||
#ifdef WITH_SSL
|
||||
case NT:
|
||||
ntpwdhash(buf, param->password, 1);
|
||||
if(!strcmp(pass + 1, (char *)buf)) return 0;
|
||||
if(ntpwdhash(buf, param->password, 1) && !strcmp(pass + 1, (char *)buf)) return 0;
|
||||
else return 8;
|
||||
#endif
|
||||
default:
|
||||
|
||||
Loading…
Reference in New Issue
Block a user