+2003-03-02 [christoph] 0.8.10claws70
+
+ * configure.ac
+ * src/prefs_account.c
+ * src/prefs_gtk.[ch]
+ * src/common/.cvsignore
+ * src/common/Makefile.am
+ * src/common/passcrypt.c ** NEW **
+ * src/common/passcrypt.h.in ** NEW **
+ Implement password encryption in config files
+ using unix encrypt and setkey functions. The crypt
+ key can be set as a configure parameter. Old
+ passwords will be converted if they do not begin
+ with '!'
+
2003-03-02 [paul] 0.8.10claws69
* src/prefs_account.c
MICRO_VERSION=10
INTERFACE_AGE=0
BINARY_AGE=0
-EXTRA_VERSION=claws69
+EXTRA_VERSION=claws70
VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION
dnl set $target
dnl Check for OpenSSL
AM_PATH_OPENSSL
+dnl Key for password encryption
+AC_ARG_WITH(passcrypt-key, [ --with-passcrypt-key=KEY Key used to encode passwords (8 byte string)],
+ with_passcrypt_key="$withval", with_passcrypt_key="passkey0")
+AC_SUBST(PASSCRYPT_KEY, $with_passcrypt_key)
+
dnl ************************
dnl ** GTK user interface **
dnl ************************
src/common/version.h
src/Makefile
src/common/Makefile
+src/common/passcrypt.h
src/gtk/Makefile
src/plugins/Makefile
src/plugins/demo/Makefile
*.o
*.lo
*.la
+passcrypt.h
md5.c md5.h \
mgutils.c mgutils.h \
nntp.c nntp.h \
+ passcrypt.c passcrypt.h \
plugin.c plugin.h \
prefs.c prefs.h \
quoted-printable.c quoted-printable.h \
libsylpheedcommon_la_LIBADD = \
$(GLIB_LIBS) \
- $(OPENSSL_LIBS)
+ $(OPENSSL_LIBS) \
+ -lcrypt
EXTRA_DIST = \
version.h.in
--- /dev/null
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2003 Hiroyuki Yamamoto and the Sylpheed-Claws Team
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#include <sys/types.h>
+#include <stdio.h>
+#include <memory.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "crypt.h"
+
+#include <glib.h>
+
+#include "passcrypt.h"
+
+void crypt_cfb_buf(const char key[8], void *buf, unsigned len,
+ unsigned chunksize, int decrypt);
+static void crypt_cfb_shift(unsigned char *to,
+ const unsigned char *from, unsigned len);
+static void crypt_cfb_xor(unsigned char *to, const unsigned char *from,
+ unsigned len);
+static void crypt_unpack(unsigned char *a);
+
+void passcrypt_encrypt(gchar *password, guint len)
+{
+ crypt_cfb_buf(PASSCRYPT_KEY, password, len, 1, 0 );
+}
+
+void passcrypt_decrypt(gchar *password, guint len)
+{
+ crypt_cfb_buf(PASSCRYPT_KEY, password, len, 1, 1 );
+}
+
+/*
+* crypt_cfb_iv is the intermediate vector used for cypher feedback encryption
+*/
+unsigned char crypt_cfb_iv[64];
+int crypt_cfb_blocksize = 8; /* 8 for DES */
+
+void
+crypt_cfb_buf(const char key[8], void *buf, unsigned len,
+ unsigned chunksize, int decrypt)
+{
+ unsigned char temp[64];
+
+ memcpy(temp, key, 8);
+ crypt_unpack(temp);
+ setkey((const char *) temp);
+ memset(temp, 0, sizeof(temp));
+
+ memset(crypt_cfb_iv, 0, sizeof(crypt_cfb_iv));
+
+ if (chunksize > crypt_cfb_blocksize)
+ chunksize = crypt_cfb_blocksize;
+
+ while (len) {
+ memcpy(temp, crypt_cfb_iv, sizeof(temp));
+ encrypt((char *) temp, 0);
+ if (chunksize > len)
+ chunksize = len;
+ if (decrypt)
+ crypt_cfb_shift(crypt_cfb_iv,
+ (unsigned char *) buf, chunksize);
+ crypt_cfb_xor((unsigned char *) buf, temp, chunksize);
+ if (!decrypt)
+ crypt_cfb_shift(crypt_cfb_iv,
+ (unsigned char *) buf, chunksize);
+ len -= chunksize;
+ buf += chunksize;
+ }
+}
+
+/*
+* Shift len bytes from end of to buffer to beginning, then put len
+* bytes from from at the end. Caution: the to buffer is unpacked,
+* but the from buffer is not.
+*/
+static void
+crypt_cfb_shift(unsigned char *to, const unsigned char *from, unsigned len)
+{
+ unsigned i;
+ unsigned j;
+ unsigned k;
+
+ if (len < crypt_cfb_blocksize) {
+ i = len * 8;
+ j = crypt_cfb_blocksize * 8;
+ for (k = i; k < j; k++) {
+ to[0] = to[i];
+ ++to;
+ }
+ }
+
+ for (i = 0; i < len; i++) {
+ j = *from++;
+ for (k = 0x80; k; k >>= 1)
+ *to++ = ((j & k) != 0);
+ }
+}
+
+/*
+* XOR len bytes from from into the data at to. Caution: the from buffer
+* is unpacked, but the to buffer is not.
+*/
+static void
+crypt_cfb_xor(unsigned char *to, const unsigned char *from, unsigned len)
+{
+ unsigned i;
+ unsigned j;
+ unsigned char c;
+
+ for (i = 0; i < len; i++) {
+ c = 0;
+ for (j = 0; j < 8; j++)
+ c = (c << 1) | *from++;
+ *to++ ^= c;
+ }
+}
+
+/*
+* Take the 8-byte array at *a (must be able to hold 64 bytes!) and unpack
+* each bit into its own byte.
+*/
+static void crypt_unpack(unsigned char *a)
+{
+ int i, j;
+
+ for (i = 7; i >= 0; --i)
+ for (j = 7; j >= 0; --j)
+ a[(i << 3) + j] = (a[i] & (0x80 >> j)) != 0;
+}
--- /dev/null
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2003 Hiroyuki Yamamoto and the Sylpheed-Claws Team
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#define PASSCRYPT_KEY "@PASSCRYPT_KEY@"
+
+#include <glib.h>
+
+void passcrypt_encrypt(gchar *password, guint len);
+void passcrypt_decrypt(gchar *password, guint len);
{"user_id", "ENV_USER", &tmp_ac_prefs.userid, P_STRING,
&basic.uid_entry, prefs_set_data_from_entry, prefs_set_entry},
- {"password", NULL, &tmp_ac_prefs.passwd, P_STRING,
+ {"password", NULL, &tmp_ac_prefs.passwd, P_PASSWORD,
&basic.pass_entry, prefs_set_data_from_entry, prefs_set_entry},
{"inbox", "inbox", &tmp_ac_prefs.inbox, P_STRING,
{"smtp_user_id", NULL, &tmp_ac_prefs.smtp_userid, P_STRING,
&p_send.smtp_uid_entry, prefs_set_data_from_entry, prefs_set_entry},
- {"smtp_password", NULL, &tmp_ac_prefs.smtp_passwd, P_STRING,
+ {"smtp_password", NULL, &tmp_ac_prefs.smtp_passwd, P_PASSWORD,
&p_send.smtp_pass_entry, prefs_set_data_from_entry, prefs_set_entry},
{"pop_before_smtp", "FALSE", &tmp_ac_prefs.pop_before_smtp, P_BOOL,
#include "prefs_gtk.h"
#include "utils.h"
#include "gtkutils.h"
+#include "passcrypt.h"
+#include "base64.h"
#define CL(x) (((gulong) (x) >> (gulong) 8) & 0xFFUL)
#define RGB_FROM_GDK_COLOR(c) \
/* be compatible and accept ints */
*((gulong *)param[i].data) = strtoul(value, 0, 10);
break;
+ case P_PASSWORD:
+ g_free(*((gchar **)param[i].data));
+ if (value[0] == '!') {
+ gchar tmp[1024];
+ gint len;
+
+ len = base64_decode(tmp, &value[1], strlen(value) - 1);
+ passcrypt_decrypt(tmp, len);
+ tmp[len] = '\0';
+ *((gchar **)param[i].data) =
+ *tmp ? g_strdup(tmp) : NULL;
+ } else {
+ *((gchar **)param[i].data) =
+ *value ? g_strdup(value) : NULL;
+ }
+ break;
default:
break;
}
g_snprintf(buf, sizeof buf, "%s=#%6.6lx\n", param[i].name,
*((gulong *) param[i].data));
break;
+ case P_PASSWORD:
+ {
+ gchar *tmp = NULL, tmp2[1024] = {0};
+
+ tmp = *((gchar **)param[i].data);
+ if (tmp) {
+ gint len;
+
+ tmp = g_strdup(tmp);
+ len = strlen(tmp);
+ passcrypt_encrypt(tmp, len);
+ base64_encode(tmp2, tmp, len);
+ g_free(tmp);
+ tmp = tmp2;
+ }
+ g_snprintf(buf, sizeof(buf), "%s=!%s\n", param[i].name,
+ tmp ?
+ tmp : "");
+ }
+ break;
default:
buf[0] = '\0';
}
switch (param[i].type) {
case P_STRING:
+ case P_PASSWORD:
if (param[i].defval != NULL) {
if (!strncasecmp(param[i].defval, "ENV_", 4))
*((gchar **)param[i].data) =
switch (param[i].type) {
case P_STRING:
+ case P_PASSWORD:
g_free(*((gchar **)param[i].data));
break;
default:
switch (tmpparam.type) {
case P_STRING:
+ case P_PASSWORD:
if (tmpparam.defval) {
if (!strncasecmp(tmpparam.defval, "ENV_", 4)) {
str_data = g_strdup(g_getenv(param[i].defval + 4));
switch (pparam->type) {
case P_STRING:
+ case P_PASSWORD:
str = (gchar **)pparam->data;
g_free(*str);
*str = entry_str[0] ? g_strdup(entry_str) : NULL;
switch (pparam->type) {
case P_STRING:
+ case P_PASSWORD:
str = (gchar **)pparam->data;
gtk_entry_set_text(GTK_ENTRY(*pparam->widget),
*str ? *str : "");
switch (pparam->type) {
case P_STRING:
+ case P_PASSWORD:
str = (gchar **)pparam->data;
g_free(*str);
tp = text = gtk_editable_get_chars
switch (pparam->type) {
case P_STRING:
+ case P_PASSWORD:
str = (gchar **)pparam->data;
if (*str) {
bufp = buf = alloca(strlen(*str) + 1);
P_ENUM,
P_USHORT,
P_COLOR,
+ P_PASSWORD,
P_OTHER
} PrefType;