[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: VPN Patch for botnow
[Thread Prev] | [Thread Next]
[Date Prev] | [Date Next]
- Subject: Re: VPN Patch for botnow
- From: jrmu <jrmu@xxxxxxxxxx>
- Date: Fri, 28 Jul 2023 21:29:38 -0700
- To: miniontoby@xxxxxxxxxx
- Cc: codeforce@xxxxxxxxxx
Greetings, Thanks Miniontoby. I have applied the following patches: http://got.ircnow.org/cgi-bin/gotweb/gotweb?path=botnow&action=diff&commit=177e2ac30d11b85641abf065dc23621b8e7d43e0 http://got.ircnow.org/cgi-bin/gotweb/gotweb?path=botnow&action=diff&commit=71d1e25001b7351b471a19c15a0a1633938f7f4d [madeonirc1] repos / botnow / diff Commit Diff Diff: 0b43d183bcae91d4cb5255c82b8c7cbc253373d8 177e2ac30d11b85641abf065dc23621b8e7d43e0 Commit: 177e2ac30d11b85641abf065dc23621b8e7d43e0 Tree: 4b606da12d5f6ff7ae1ff5af5c6648c32cef8c42 Author: jrmu <jrmu@xxxxxxxxxx> Committer: jrmu <jrmu@xxxxxxxxxx> Date: Sat Jul 29 04:20:34 2023 UTC Message: Added Miniontoby's suggested patch for VPNs blob - 1d5af6d5879fc9494712adb399e02c47fe2dcd9c blob + 922c5d3ab0fcb632c7562c93dca8fc2b9fd94563 --- VPN.pm +++ VPN.pm @@ -6,9 +6,129 @@ use strict; use warnings; use OpenBSD::Pledge; use OpenBSD::Unveil; +require "DNS.pm"; +require "SQLite.pm"; +my %conf = %main::conf; +my $chans = $conf{chans}; +my $teamchans = $conf{teamchans}; +my @teamchans = split /[,\s]+/m, $teamchans; +my $staff = $conf{staff}; +my $expires = $conf{expires}; +my $ikedconf = $conf{ikedconf} || "/etc/iked.conf"; +# File containing IRC networks +my $netpath = "networks"; +my @networks; + +main::cbind("pub", "-", "vpn", \&vpn); +main::cbind("msg", "-", "vpn", \&vpn); + sub init { +# unveil("/usr/bin/rcctl", "rx") or die "Unable to unveil $!"; + unveil($ikedconf, "crx") or die "Unable to unveil $!"; } + +sub vpn { + my ($bot, $nick, $host, $hand, @args) = @_; + my ($chan, $text); + if (@args == 2) { + ($chan, $text) = ($args[0], $args[1]); + } else { $text = $args[0]; } + my $hostmask = "$nick!$host"; + if (defined($chan) && $chans =~ /$chan/) { + main::putserv($bot, "PRIVMSG $chan :$nick: Please check private message"); + } + if ($text =~ /^$/) { + main::putserv($bot, "PRIVMSG $nick :Type !help for new instructions"); + foreach my $chan (@teamchans) { + main::putservlocalnet($bot, "PRIVMSG $chan :$staff: Help *$nick* on network".$bot->{name}); + } + return; + } + my @rows = SQLite::selectrows("irc", "nick", $nick); + foreach my $row (@rows) { + my $password = SQLite::get("vpn", "ircid", $row->{id}, "password"); + if (defined($password)) { + main::putserv($bot, "PRIVMSG $nick :Sorry, only one account per person. Please contact staff if you need help."); + return; + } + } + if ($text =~ /^captcha\s+([[:alnum:]]+)/) { + my $text = $1; + my $ircid = SQLite::id("irc", "nick", $nick, $expires); + if (!defined($ircid)) { die "undefined ircid"; } + my $captcha = SQLite::get("vpn", "ircid", $ircid, "captcha"); + if ($text ne $captcha) { + main::putserv($bot, "PRIVMSG $nick :Wrong captcha. To get a new captcha, type !vpn <username> <email>"); + return; + } + my $pass = Hash::newpass(); + chomp(my $encrypted = `encrypt $pass`); + my $username = SQLite::get("vpn", "ircid", $ircid, "username"); + my $email = SQLite::get("vpn", "ircid", $ircid, "email"); + my $version = SQLite::get("vpn", "ircid", $ircid, "version"); + SQLite::set("vpn", "ircid", $ircid, "password", $encrypted); + + createvpn($username, $pass); + foreach my $chan (@teamchans) { + main::putservlocalnet($bot, "PRIVMSG $chan :$staff: vpn created for $username"); + } + my $msg = <<"EOF"; +Your vpn account has been created! Username: $username with password: $pass +Our official support channel is #vpn. To connect, please follow these instructions: +https://wiki.ircnow.org/Vpn/Vpn +EOF + main::putserv($bot, "PRIVMSG $nick :$msg"); + } elsif ($text =~ /^([[:alnum:]]+)\s+([[:ascii:]]+)/) { + my ($username, $email) = ($1, $2); + if ($staff !~ /$nick/) { + return; + } + my @users = col($ikedconf); + my @matches = grep(/^$username$/i, @users); + if (scalar(@matches) > 0) { + main::putserv($bot, "PRIVMSG $nick :Sorry, username taken. Please choose another username, or contact staff for help."); + return; + } + + my $captcha = int(rand(999)); + my $ircid = int(rand(2147483647)); + SQLite::set("irc", "id", $ircid, "localtime", time()); + SQLite::set("irc", "id", $ircid, "date", main::date()); + SQLite::set("irc", "id", $ircid, "hostmask", $hostmask); + SQLite::set("irc", "id", $ircid, "nick", $nick); + SQLite::set("vpn", "ircid", $ircid, "username", $username); + SQLite::set("vpn", "ircid", $ircid, "email", $email); + SQLite::set("vpn", "ircid", $ircid, "captcha", $captcha); + main::whois($bot->{sock}, $nick); + main::ctcp($bot->{sock}, $nick); + main::putserv($bot, "PRIVMSG $nick :".`figlet $captcha`); + # main::putserv($bot, "PRIVMSG $nick :$captchaURL".encode_base64 ($captcha)); + main::putserv($bot, "PRIVMSG $nick :Type !vpn captcha <text>"); + foreach my $chan (@teamchans) { + main::putservlocalnet($bot, "PRIVMSG $chan :$nick\'s captcha on $bot->{name} is $captcha"); + } + } +} +sub createvpn { + my ($username, $password) = @_; + `doas sh -c 'echo "user $username $password" >> /etc/iked.conf'`; + `doas rcctl reload iked`; +} +sub col { + my ($filename) = @_; + my @rows = main::readarray($filename); + my @results; + foreach my $row (@rows) { + if ($row =~ /^user (.*?) /) { + push(@results, $1); + } + } + return @results; +} + +#sub init { +#} # if ($reply =~ /^!vpn (.*) ([-_0-9a-zA-Z]+)$/i) { # my $ircnick = $1; # my $newnick = $2; Commit Diff Diff: 177e2ac30d11b85641abf065dc23621b8e7d43e0 71d1e25001b7351b471a19c15a0a1633938f7f4d Commit: 71d1e25001b7351b471a19c15a0a1633938f7f4d (main) Tree: e6a51b96a068828db3ac56c7fccc28adc26b803c Author: jrmu <jrmu@xxxxxxxxxx> Committer: jrmu <jrmu@xxxxxxxxxx> Date: Sat Jul 29 04:24:53 2023 UTC Message: Applied miniontoby's suggested patch blob - 76b3e340f80128afa2f2c7e1e756a7c9912b2c4a blob + d621897da2f830e65456a323ea14edc2e7d289c5 --- botnow.conf.example +++ botnow.conf.example @@ -59,7 +59,7 @@ mailfrom = support@xxxxxxxxxxx #mailname = example #Modules to load -modules = BNC DNS Mail Shell SQLite Hash Help +modules = BNC DNS Mail Shell VPN SQLite Hash Help #Uncomment to require admin approval for new accounts #approval = true @@ -90,8 +90,8 @@ die = You did not configure botnow.conf! #Network Interface Config File #hostnameif = /etc/hostname.vio0 +#Iked Config File +#ikedconf = /etc/iked.conf + #Verbosity: NONE, ERRORS, WARNINGS, ALL #verbose = ERRORS - -#New shell user login class -#loginclass = freeshell blob - 943e230ff1fb0936e28411c1a55dc581a7ebfbba blob + 3f18f6182f9b72994b517b93e6f824e2e84c1f42 --- install +++ install @@ -11,6 +11,7 @@ HTTPDCONF="/etc/httpd.conf" ACMECONF="/etc/acme-client.conf" MAILDIR="/etc/mail/" HOSTNAMEIF="/etc/hostname.vio0" +IKEDCONF="/etc/iked.conf" pkg_add figlet-2.2.5 p5-DBI p5-DBD-SQLite sqlite3 p5-Class-DBI-SQLite cc -o blowfish.o blowfish.c @@ -38,6 +39,8 @@ chown -R _nsd:daemon ${ZONES} chmod ug+rwx ${ZONES} chmod ug+rw ${ZONES}/* chmod -R g+rw ${HTTPDCONF} ${ACMECONF} ${MAILDIR} +chgrp wheel ${IKEDCONF} +chmod g+r ${IKEDCONF} echo "permit nopass ${USERNAME}" >> /etc/doas.conf usermod -G _dovecot botnow chmod g+rw ${HOSTNAMEIF} blob - d12207032804071768ac0dd95ce20073505207f9 blob + d1840b9feb2cce9213dd5c3b4f3b9433c5b97a7b --- table.sql +++ table.sql @@ -37,6 +37,19 @@ CREATE TABLE mail ( datetime VARCHAR(25) AS (datetime(localtime, 'unixepoch')), captcha INTEGER ); +CREATE TABLE vpn ( + id INTEGER PRIMARY KEY, + hashid VARCHAR(100), + ircid INTEGER, + wwwid INTEGER, + smtpid INTEGER, + username VARCHAR(32), + email VARCHAR(100), + password VARCHAR(100), + localtime INTEGER DEFAULT (unixepoch()), + datetime VARCHAR(25) AS (datetime(localtime, 'unixepoch')), + captcha INTEGER +); CREATE TABLE www ( id INTEGER PRIMARY KEY, hashid VARCHAR(100), -- jrmu IRCNow (https://ircnow.org)
Attachment:
signature.asc
Description: PGP signature