SVNからのミラー

CHANGELOG.md

@@ -0,0 +1,2 @@
+# 1.0.0
+* 最初リリース

LICENSE.txt

@@ -0,0 +1,14 @@
+Copyright © 2004-2011 by Internet Systems Consortium, Inc. ("ISC")
+Copyright © 2018-2024 by 076.moe
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH REGARD
+TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
+CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE,
+DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+SOFTWARE.

Makefile

@@ -0,0 +1,36 @@
+NAME != cat main.go | grep "var sofname" | awk '{print $$4}' | sed "s/\"//g"
+VERSION != cat main.go | grep "var version" | awk '{print $$4}' | sed "s/\"//g"
+PREFIX = /usr/local
+
+CC = CGO_ENABLED=0 go build
+RELEASE = -ldflags="-s -w" -buildvcs=false
+
+all:
+	${CC} ${RELEASE} -o ${NAME}
+
+release:
+	mkdir -p release/bin/${VERSION}/openbsd/amd64
+	env GOOS=openbsd GOARCH=amd64 ${CC} ${RELEASE} -o\
+		release/bin/${VERSION}/openbsd/amd64/${NAME}
+
+clean:
+	rm -f ${NAME}
+
+dist:
+	mkdir -p ${NAME}-${VERSION} release/src
+	cp -R LICENSE.txt Makefile README.md CHANGELOG.md\
+		main.go ${NAME}.rc src go.mod go.sum ${NAME}-${VERSION}
+	tar zcfv release/src/${NAME}-${VERSION}.tar.gz ${NAME}-${VERSION}
+	rm -rf ${NAME}-${VERSION}
+
+install:
+	mkdir -p ${DESTDIR}${PREFIX}/bin ${DESTDIR}/etc/rc.d
+	cp -f ${NAME} ${DESTDIR}${PREFIX}/bin
+	chmod 755 ${DESTDIR}${PREFIX}/bin/${NAME}
+	cp -f ${NAME}.rc ${DESTDIR}/etc/rc.d/${NAME}
+	chmod +x ${DESTDIR}/etc/rc.d/${NAME}
+
+uninstall:
+	rm -f ${DESTDIR}${PREFIX}/bin/${NAME}
+
+.PHONY: all release clean dist install uninstall

README.md

@@ -0,0 +1,11 @@
+# pwnd
+パスワードが漏洩したかどうかを確認するサーバーデーモン\
+**OpenBSDのみ**
+
+## インストールする方法
+```sh
+make
+doas make install
+doas rcctl enable pwnd
+doas rcctl start pwnd
+```

go.mod

@@ -0,0 +1,3 @@
+module pwned
+
+go 1.22.1

main.c

@@ -0,0 +1,71 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <arpa/inet.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+#include <netinet/in.h>
+
+int main() {
+  int sock;
+  struct sockaddr_in srv;
+  struct addrinfo hints, *addr;
+
+  char pas[256];
+  char res[10];
+  int reslen = 0;
+
+  memset(&hints, 0, sizeof(hints));
+  hints.ai_family = AF_INET; // IPv4
+  hints.ai_socktype = SOCK_STREAM; // TCP
+
+  int status = getaddrinfo("076.moe", NULL, &hints, &addr);
+  if (status != 0) {
+    fprintf(stderr, "getaddrinfo: %s\n", gai_strerror(status));
+    exit(1);
+  }
+
+  sock = socket(AF_INET, SOCK_STREAM, 0);
+  if (sock == -1) {
+    perror("ソケットを作成に失敗");
+    exit(1);
+  }
+
+  srv.sin_addr = ((struct sockaddr_in *)(addr->ai_addr))->sin_addr;
+  srv.sin_family = AF_INET;
+  srv.sin_port = htons(9951);
+
+  freeaddrinfo(addr);
+
+  if (connect(sock, (struct sockaddr *)&srv, sizeof(srv)) < 0) {
+    perror("接続に失敗");
+    close(sock);
+    exit(1);
+  }
+
+  printf("パスワード: ");
+  fgets(pas, sizeof(pas), stdin);
+  pas[strcspn(pas, "\n")] = 0;
+
+  if (send(sock, pas, strlen(pas), 0) < 0) {
+    perror("送信に失敗");
+    close(sock);
+    exit(1);
+  }
+
+  reslen = recv(sock, res, sizeof(res) -1, 0);
+  if (reslen < 0) {
+    perror("受取に失敗");
+    close(sock);
+    exit(1);
+  }
+
+  res[reslen] = '\0';
+
+  printf("Pwned: %s\n", res);
+
+  close(sock);
+  return 0;
+}

main.go

@@ -0,0 +1,86 @@
+package main
+
+import (
+  "bufio"
+  "crypto/sha1"
+  "encoding/hex"
+  "log"
+  "net"
+  "os"
+  "strings"
+)
+
+var sofname = "pwnd"
+var version = "0.0.0"
+var serverhost = "0.0.0.0"
+var serverport = "9951"
+var pwnroot = "/mnt/pwned/hashes/"
+
+func checkPwnedHash(hash string) string {
+  prefix := strings.ToUpper(hash[:4])
+  filePath := pwnroot + prefix + ".txt"
+
+  file, err := os.Open(filePath)
+  if err != nil {
+    log.Printf("ファイル「%s」を開けられません: %v\n", filePath, err)
+    return "-1"
+  }
+  defer file.Close()
+
+  scanner := bufio.NewScanner(file)
+  for scanner.Scan() {
+    line := scanner.Text()
+    parts := strings.Split(line, ":")
+    if len(parts) != 2 {
+      continue
+    }
+
+    if parts[0] == strings.ToUpper(hash) {
+      return parts[1]
+    }
+  }
+
+  if err := scanner.Err(); err != nil {
+    log.Printf("ファイル「%s]を読み込まれません: %v\n", filePath, err)
+  }
+
+  return "0"
+}
+
+func handleConnection(conn net.Conn) {
+  defer conn.Close()
+
+  buf := make([]byte, 256)
+  n, err := conn.Read(buf)
+  if err != nil {
+    log.Println("クライアントからのエラー:", err)
+    return
+  }
+  password := strings.TrimSpace(string(buf[:n]))
+
+  sha1Hash := sha1.New()
+  sha1Hash.Write([]byte(password))
+  hash := hex.EncodeToString(sha1Hash.Sum(nil))
+
+  res := checkPwnedHash(hash)
+  conn.Write([]byte(res))
+}
+
+func main() {
+  listener, err := net.Listen("tcp", serverhost + ":" + serverport)
+  if err != nil {
+    log.Fatal(err)
+  }
+  defer listener.Close()
+
+  log.Println("サーバーは " + serverhost + ":" + serverport + " で実行中・・・")
+
+  for {
+    conn, err := listener.Accept()
+    if err != nil {
+      log.Println("接続エラー:", err)
+      continue
+    }
+    go handleConnection(conn)
+  }
+}

pwnd.rc

@@ -0,0 +1,10 @@
+#!/bin/ksh
+
+daemon="/usr/local/bin/pwnd"
+
+. /etc/rc.d/rc.subr
+
+rc_bg=YES
+rc_reload=NO
+
+rc_cmd $1