1
0
forked from bip/bip

minor update of flood control

enabled more secure prompting for the highly critical "bipmkpw" util
This commit is contained in:
guillot 2005-07-12 19:31:59 +00:00
parent 5722685126
commit 7f5750b3b4
2 changed files with 53 additions and 16 deletions

View File

@ -1,6 +1,11 @@
#include "config.h"
#include <unistd.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <termios.h>
#include <fcntl.h>
#include <errno.h>
#include "util.h"
#include "md5.h"
@ -8,27 +13,59 @@ int conf_log_level;
FILE *conf_global_log_file;
int conf_log;
int main(int argc, char **argv)
void readpass(char *buffer, int buflen)
{
int ttyfd = open("/dev/tty", O_RDWR);
if (ttyfd == -1) {
fprintf(stderr, "Unable to open tty: %s\n", strerror(errno));
exit(1);
}
struct termios tt, ttback;
memset(&ttback, 0, sizeof(ttback));
if (tcgetattr(ttyfd, &ttback) < 0) {
printf("tcgetattr failed: %s\n", strerror(errno));
exit(1);
}
memcpy(&tt, &ttback, sizeof(ttback));
tt.c_lflag &= ~(ICANON|ECHO);
if (tcsetattr(ttyfd, TCSANOW, &tt) < 0) {
printf("tcsetattr failed: %s\n", strerror(errno));
exit(1);
}
write(ttyfd, "Password: ", 10);
int idx = 0;
while (idx < buflen) {
read(ttyfd, buffer+idx, 1);
if (buffer[idx] == '\n') {
buffer[idx] = 0;
break;
}
idx++;
}
write(ttyfd, "\n", 1);
tcsetattr(ttyfd, TCSANOW, &ttback);
close(ttyfd);
}
int main(int argc __attribute__((unused)), char **argv __attribute__((unused)))
{
int i;
char *ret;
char str[256];
static char str[256];
unsigned char *md5;
unsigned int seed;
srand(time(NULL));
printf("Enter password:\n");
ret = fgets(str, 256, stdin);
srand(time(NULL));
if (!ret)
return 1;
for (i = 0; i < 256 && str[i] != '\n'; i++)
;
if (i >= 256)
return 2;
str[i] = 0;
readpass(str, 256);
// the time used to type the pass is entropy
srand(time(NULL));
seed = rand();
md5 = chash_double(str, seed);
for (i = 0; i < 20; i++)
printf("%02x", md5[i]);

View File

@ -682,12 +682,12 @@ int cn_want_write(connection_t *cn)
cn->token = 1;
cn->lasttoken = now;
} else if (now > cn->lasttoken + TOKEN_INTERVAL) {
/* there may be an overflow here
* but the impact is insignificant */
cn->token += (now - cn->lasttoken) /
TOKEN_INTERVAL;
if (cn->token > TOKEN_MAX)
cn->token = TOKEN_MAX;
if (!cn->token)
cn->token = 1;
cn->lasttoken = now;
}
} else