annotate src/c/openssl.c @ 2071:739172204214
Introduce recv timeout controlled by '-T' option in http.c
This should prevent a DDoS attack where attacker and keeps the connection open
but send no data.
author |
Sergey Mironov <grrwlf@gmail.com> |
date |
Tue, 02 Sep 2014 17:42:10 +0000 |
parents |
b2bc8bcd546f |
children |
882556b3029d |
rev |
line source |
adamc@1268
|
1 #include "config.h"
|
adamc@1268
|
2
|
adam@1368
|
3 #include <stdlib.h>
|
adam@1368
|
4 #include <unistd.h>
|
adam@1368
|
5 #include <sys/types.h>
|
adam@1368
|
6 #include <sys/stat.h>
|
adamc@1145
|
7 #include <fcntl.h>
|
adam@1368
|
8 #include <stdio.h>
|
adam@1368
|
9 #include <string.h>
|
adamc@1104
|
10
|
adam@1368
|
11 #include <openssl/sha.h>
|
adam@1368
|
12
|
adamc@1104
|
13 #define PASSSIZE 4
|
adamc@1104
|
14
|
adam@1368
|
15 int uw_hash_blocksize = 32;
|
adamc@1104
|
16
|
adamc@1104
|
17 static int password[PASSSIZE];
|
adamc@1104
|
18
|
adamc@1145
|
19 char *uw_sig_file = NULL;
|
adamc@1145
|
20
|
adamc@1145
|
21 static void random_password() {
|
adamc@1145
|
22 int i;
|
adamc@1145
|
23
|
adamc@1145
|
24 for (i = 0; i < PASSSIZE; ++i)
|
adamc@1145
|
25 password[i] = rand();
|
adamc@1145
|
26 }
|
adamc@1145
|
27
|
adamc@1104
|
28 void uw_init_crypto() {
|
adamc@1145
|
29 if (uw_sig_file) {
|
adamc@1145
|
30 int fd;
|
adamc@1145
|
31
|
adamc@1155
|
32 if (access(uw_sig_file, F_OK)) {
|
adamc@1145
|
33 random_password();
|
adamc@1145
|
34
|
adamc@1145
|
35 if ((fd = open(uw_sig_file, O_WRONLY | O_CREAT, 0700)) < 0) {
|
adamc@1145
|
36 fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
|
adamc@1145
|
37 perror("open");
|
adamc@1145
|
38 exit(1);
|
adamc@1145
|
39 }
|
adamc@1145
|
40
|
adamc@1145
|
41 if (write(fd, &password, sizeof password) != sizeof password) {
|
adamc@1145
|
42 fprintf(stderr, "Error writing signature file\n");
|
adamc@1145
|
43 exit(1);
|
adamc@1145
|
44 }
|
adamc@1145
|
45
|
adamc@1145
|
46 close(fd);
|
adamc@1145
|
47 } else {
|
adamc@1145
|
48 if ((fd = open(uw_sig_file, O_RDONLY)) < 0) {
|
adamc@1145
|
49 fprintf(stderr, "Can't open signature file %s\n", uw_sig_file);
|
adamc@1145
|
50 perror("open");
|
adamc@1145
|
51 exit(1);
|
adamc@1145
|
52 }
|
adamc@1145
|
53
|
adamc@1145
|
54 if (read(fd, &password, sizeof password) != sizeof password) {
|
adamc@1145
|
55 fprintf(stderr, "Error reading signature file\n");
|
adamc@1145
|
56 exit(1);
|
adamc@1145
|
57 }
|
adamc@1145
|
58
|
adamc@1145
|
59 close(fd);
|
adamc@1145
|
60 }
|
adamc@1145
|
61 } else
|
adamc@1145
|
62 random_password();
|
adamc@1104
|
63 }
|
adamc@1104
|
64
|
adam@1368
|
65 void uw_sign(const char *in, unsigned char *out) {
|
adam@1368
|
66 SHA256_CTX c;
|
adamc@1104
|
67
|
adam@1368
|
68 SHA256_Init(&c);
|
adam@1368
|
69 SHA256_Update(&c, password, sizeof password);
|
adam@1368
|
70 SHA256_Update(&c, in, strlen(in));
|
adam@1368
|
71 SHA256_Final(out, &c);
|
adamc@1104
|
72 }
|