simon987/ngx_http_js_challenge_module
1
0
Fork 0
mirror of https://github.com/simon987/ngx_http_js_challenge_module.git synced 2025-04-04 06:52:58 +00:00
Code Issues Projects Releases Wiki Activity

Embed SHA1 (for real this time)

Browse Source
This commit is contained in:
simon987 2020-05-07 20:15:06 -04:00
parent 0858f1b7c1
commit 8f7fb98e20
2 changed files with 52 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
build.sh
View File

@ -14,5 +14,7 @@ echo $CONFIG_ARGS
cd ${NGINX_PATH} || exit cd ${NGINX_PATH} || exit
bash -c "./configure ${CONFIG_ARGS}" bash -c "./configure ${CONFIG_ARGS}"
make modules -j "$(nproc)" make modules -j "$(nproc)"
) ) || exit
echo "Load the dynamic module ${NGINX_PATH}/objs/ngx_http_js_challenge_module.so and restart nginx to install"

117
ngx_http_js_challenge.c
View File

@ -1,4 +1,7 @@
#include <stdio.h> #include <stdio.h>
#include <stdint.h>
#include <string.h>
#include "ngx_http.c" #include "ngx_http.c"
#define DEFAULT_SECRET "changeme" #define DEFAULT_SECRET "changeme"
@ -42,6 +45,7 @@ static char *ngx_http_js_challenge_merge_loc_conf(ngx_conf_t *cf, void *parent,
static ngx_int_t ngx_http_js_challenge_handler(ngx_http_request_t *r); static ngx_int_t ngx_http_js_challenge_handler(ngx_http_request_t *r);
unsigned char *__sha1(const unsigned char *d, size_t n, unsigned char *md);
static ngx_command_t ngx_http_js_challenge_commands[] = { static ngx_command_t ngx_http_js_challenge_commands[] = {
@ -88,36 +92,35 @@ static ngx_command_t ngx_http_js_challenge_commands[] = {
ngx_null_command ngx_null_command
}; };
/** /*
* Module context * Module context
*/ */
static ngx_http_module_t ngx_http_js_challenge_module_ctx = { static ngx_http_module_t ngx_http_js_challenge_module_ctx = {
NULL, /* preconfiguration */ NULL, /* preconfiguration */
ngx_http_js_challenge, /* postconfiguration */ ngx_http_js_challenge, /* postconfiguration */
NULL, /* create main configuration */ NULL,
NULL, /* init main configuration */ NULL,
NULL, /* create server configuration */ NULL,
NULL, /* merge server configuration */ NULL,
ngx_http_js_challenge_create_loc_conf, ngx_http_js_challenge_create_loc_conf,
ngx_http_js_challenge_merge_loc_conf ngx_http_js_challenge_merge_loc_conf
}; };
/* Module definition. */
ngx_module_t ngx_http_js_challenge_module = { ngx_module_t ngx_http_js_challenge_module = {
NGX_MODULE_V1, NGX_MODULE_V1,
&ngx_http_js_challenge_module_ctx, /* module context */ &ngx_http_js_challenge_module_ctx,
ngx_http_js_challenge_commands, /* module directives */ ngx_http_js_challenge_commands,
NGX_HTTP_MODULE, /* module type */ NGX_HTTP_MODULE,
NULL, /* init master */ NULL,
NULL, /* init module */ NULL,
NULL, /* init process */ NULL,
NULL, /* init thread */ NULL,
NULL, /* exit thread */ NULL,
NULL, /* exit process */ NULL,
NULL, /* exit master */ NULL,
NGX_MODULE_V1_PADDING NGX_MODULE_V1_PADDING
}; };
@ -235,7 +238,6 @@ int serve_challenge(ngx_http_request_t *r, const char *challenge, const char *ht
return ngx_http_output_filter(r, &out); return ngx_http_output_filter(r, &out);
} }
unsigned char *_sha1(const unsigned char *d, size_t n, unsigned char *md);
/** /**
* @param out 40 bytes long string! * @param out 40 bytes long string!
@ -252,11 +254,7 @@ void get_challenge_string(int32_t bucket, ngx_str_t addr, ngx_str_t secret, char
memcpy((buf + sizeof(int32_t)), addr.data, addr.len); memcpy((buf + sizeof(int32_t)), addr.data, addr.len);
memcpy((buf + sizeof(int32_t) + addr.len), secret.data, secret.len); memcpy((buf + sizeof(int32_t) + addr.len), secret.data, secret.len);
#ifndef HEADER_SHA_H __sha1((unsigned char *) buf, (size_t) (sizeof(int32_t) + addr.len + secret.len), md);
_sha1((unsigned char *) buf, (size_t) (sizeof(int32_t) + addr.len + secret.len), md);
#else
SHA1((unsigned char *) buf, (size_t) (sizeof(int32_t) + addr.len + secret.len), md);
#endif
buf2hex(md, SHA1_MD_LEN, out); buf2hex(md, SHA1_MD_LEN, out);
} }
@ -380,16 +378,7 @@ static ngx_int_t ngx_http_js_challenge(ngx_conf_t *cf) {
* By Steve Reid <sreid@sea-to-sky.net> * By Steve Reid <sreid@sea-to-sky.net>
* 100% Public Domain * 100% Public Domain
*/ */
#ifndef HEADER_SHA_H void __SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]);
#define SHA1HANDSOFF (1)
#include <stdint.h>
#include <stdio.h>
#include <string.h>
void SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]);
#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
@ -427,7 +416,7 @@ void SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]);
/* Hash a single 512-bit block. This is the core of the algorithm. */ /* Hash a single 512-bit block. This is the core of the algorithm. */
void SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]) { void __SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]) {
uint32_t a, b, c, d, e; uint32_t a, b, c, d, e;
typedef union { typedef union {
uint8_t c[64]; uint8_t c[64];
@ -435,13 +424,9 @@ void SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]) {
} CHAR64LONG16; } CHAR64LONG16;
CHAR64LONG16 *block; CHAR64LONG16 *block;
#ifdef SHA1HANDSOFF
CHAR64LONG16 workspace; CHAR64LONG16 workspace;
block = &workspace; block = &workspace;
memcpy(block, buffer, 64); memcpy(block, buffer, 64);
#else
block = (CHAR64LONG16*)buffer;
#endif
/* Copy context->state[] to working vars */ /* Copy context->state[] to working vars */
a = state[0]; a = state[0];
@ -543,24 +528,25 @@ void SHA1_Transform(uint32_t state[5], const uint8_t buffer[64]) {
a = b = c = d = e = 0; a = b = c = d = e = 0;
} }
/** SHA-1 Context */
typedef struct { typedef struct {
uint32_t state[5]; uint32_t state[5];
/**< Context state */
uint32_t count[2]; uint32_t count[2];
/**< Counter */ uint8_t buffer[64];
uint8_t buffer[64]; /**< SHA-1 buffer */ } __SHA1_CTX;
} SHA1_CTX;
/** SHA-1 Digest size in bytes */ void __SHA1_Update(__SHA1_CTX *context, const void *p, size_t len);
#define SHA1_DIGEST_SIZE 20
void SHA1_Init(SHA1_CTX *context); void __SHA1_Final(uint8_t digest[SHA1_MD_LEN], __SHA1_CTX *context);
void SHA1_Update(SHA1_CTX *context, const void *p, size_t len);
void SHA1_Final(uint8_t digest[SHA1_DIGEST_SIZE], SHA1_CTX *context);
void __SHA1_Init(__SHA1_CTX *c)
{
memset(c, 0, sizeof(*c));
c->state[0] = 0x67452301UL;
c->state[1] = 0xefcdab89UL;
c->state[2] = 0x98badcfeUL;
c->state[3] = 0x10325476UL;
c->state[4] = 0xc3d2e1f0UL;
}
/** /**
* Run your data through this * Run your data through this
* *
@ -568,7 +554,7 @@ void SHA1_Final(uint8_t digest[SHA1_DIGEST_SIZE], SHA1_CTX *context);
* @param p Buffer to run SHA1 on * @param p Buffer to run SHA1 on
* @param len Number of bytes * @param len Number of bytes
*/ */
void SHA1_Update(SHA1_CTX *context, const void *p, size_t len) { void __SHA1_Update(__SHA1_CTX *context, const void *p, size_t len) {
const uint8_t *data = p; const uint8_t *data = p;
size_t i, j; size_t i, j;
@ -579,9 +565,9 @@ void SHA1_Update(SHA1_CTX *context, const void *p, size_t len) {
context->count[1] += (uint32_t) (len >> 29); context->count[1] += (uint32_t) (len >> 29);
if ((j + len) > 63) { if ((j + len) > 63) {
memcpy(&context->buffer[j], data, (i = 64 - j)); memcpy(&context->buffer[j], data, (i = 64 - j));
SHA1_Transform(context->state, context->buffer); __SHA1_Transform(context->state, context->buffer);
for (; i + 63 < len; i += 64) { for (; i + 63 < len; i += 64) {
SHA1_Transform(context->state, data + i); __SHA1_Transform(context->state, data + i);
} }
j = 0; j = 0;
} else i = 0; } else i = 0;
@ -595,7 +581,7 @@ void SHA1_Update(SHA1_CTX *context, const void *p, size_t len) {
* @param digest Generated message digest * @param digest Generated message digest
* @param context SHA1-Context * @param context SHA1-Context
*/ */
void SHA1_Final(uint8_t digest[SHA1_DIGEST_SIZE], SHA1_CTX *context) { void __SHA1_Final(uint8_t digest[SHA1_MD_LEN], __SHA1_CTX *context) {
uint32_t i; uint32_t i;
uint8_t finalcount[8]; uint8_t finalcount[8];
@ -603,12 +589,12 @@ void SHA1_Final(uint8_t digest[SHA1_DIGEST_SIZE], SHA1_CTX *context) {
finalcount[i] = (uint8_t) ((context->count[(i >= 4 ? 0 : 1)] finalcount[i] = (uint8_t) ((context->count[(i >= 4 ? 0 : 1)]
>> ((3 - (i & 3)) * 8)) & 255); >> ((3 - (i & 3)) * 8)) & 255);
} }
SHA1_Update(context, (uint8_t *) "\200", 1); __SHA1_Update(context, (uint8_t *) "\200", 1);
while ((context->count[0] & 504) != 448) { while ((context->count[0] & 504) != 448) {
SHA1_Update(context, (uint8_t *) "\0", 1); __SHA1_Update(context, (uint8_t *) "\0", 1);
} }
SHA1_Update(context, finalcount, 8); /* Should cause SHA1_Transform */ __SHA1_Update(context, finalcount, 8); /* Should cause SHA1_Transform */
for (i = 0; i < SHA1_DIGEST_SIZE; i++) { for (i = 0; i < SHA1_MD_LEN; i++) {
digest[i] = (uint8_t) digest[i] = (uint8_t)
((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255); ((context->state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);
} }
@ -620,18 +606,13 @@ void SHA1_Final(uint8_t digest[SHA1_DIGEST_SIZE], SHA1_CTX *context) {
memset(context->count, 0, 8); memset(context->count, 0, 8);
memset(finalcount, 0, 8); /* SWR */ memset(finalcount, 0, 8); /* SWR */
#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite its own static vars */ __SHA1_Transform(context->state, context->buffer);
SHA1_Transform(context->state, context->buffer);
#endif
} }
unsigned char *_sha1(const unsigned char *d, size_t n, unsigned char *md) { unsigned char *__sha1(const unsigned char *d, size_t n, unsigned char *md) {
SHA1_CTX c; __SHA1_CTX c;
SHA1_Init(&c); __SHA1_Init(&c);
SHA1_Update(&c, d, n); __SHA1_Update(&c, d, n);
SHA1_Final(md, &c); __SHA1_Final(md, &c);
return md; return md;
} }
#endif