cel
/
sbotc
mirror of https://git.scuttlebot.io/%25133ulDgs%2FoC1DXjoK04vDFy6DgVBB%2FZok15YJmuhD5Q%3D.sha256
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add -n noauth mode

Browse Source
main
cel 7 years ago
parent 999198a8aa
commit f1d756582e
3 changed files with 37 additions and 4 deletions
Show Stats Download Patch File Download Diff File

2
README.md
Unescape View File

@ -16,7 +16,7 @@ sudo make install
## Usage ## Usage
```sh ```sh
sbotc [-j] [-T] [-c <cap>] [-s <host>] [-p <port>] [-k <key>] [-K <keypair_seed>] sbotc [-j] [-T] [-n] [-c <cap>] [-s <host>] [-p <port>] [-k <key>] [-K <keypair_seed>]
[-t <type>] <method> [<argument>...] [-t <type>] <method> [<argument>...]
``` ```

9
sbotc.1
Unescape View File

@ -9,6 +9,7 @@
.Nm .Nm
.Op Fl j .Op Fl j
.Op Fl T .Op Fl T
.Op Fl n
.Op Fl c Ar cap .Op Fl c Ar cap
.Op Fl s Ar host .Op Fl s Ar host
.Op Fl p Ar port .Op Fl p Ar port
@ -28,6 +29,14 @@ Send stdin data as JSON.
Test using shs1-testsuite protocol. Instead of connecting to a server and running Test using shs1-testsuite protocol. Instead of connecting to a server and running
a command, connect to stdio. On successful handshake, output concatenation of a command, connect to stdio. On successful handshake, output concatenation of
the encryption key, encryption nonce, decryption key and decryption nonce. the encryption key, encryption nonce, decryption key and decryption nonce.
.It Fl n
Noauth mode. Skip secret-handshake authentication and box-stream encryption.
This option makes the
.Fl k ,
.Fl K ,
and
.Fl c
options have no effect and output a warning if used.
.It Fl c Ar cap .It Fl c Ar cap
Capability key for secret-handshake. Default is SSB's capability key, Capability key for secret-handshake. Default is SSB's capability key,
.Li 1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s= . .Li 1KHLiKZvAvjbY1ziZEHMXawbCEIM6qwjCDm3VYRan/s= .

28
sbotc.c
Unescape View File

@ -51,6 +51,7 @@ struct boxs {
unsigned char rx_buf[BOXS_MAXLEN]; unsigned char rx_buf[BOXS_MAXLEN];
size_t rx_buf_pos; size_t rx_buf_pos;
size_t rx_buf_len; size_t rx_buf_len;
bool noauth;
}; };
enum pkt_type { enum pkt_type {
@ -95,7 +96,7 @@ static const unsigned char ssb_cap[] = {
}; };
static void usage() { static void usage() {
fputs("usage: sbotc [-j] [-T] [-c <cap>] [-s <host>] [-p <port>] [-k <key>] [-K <keypair_seed>] \n" fputs("usage: sbotc [-j] [-T] [-n] [-c <cap>] [-s <host>] [-p <port>] [-k <key>] [-K <keypair_seed>] \n"
" [-t <type>] <method> [<argument>...]\n", stderr); " [-t <type>] <method> [<argument>...]\n", stderr);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@ -284,6 +285,7 @@ static void shs_connect(int sfd, int infd, int outfd, const unsigned char pubkey
bs->rx_buf_pos = 0; bs->rx_buf_pos = 0;
bs->rx_buf_len = 0; bs->rx_buf_len = 0;
bs->s = sfd; bs->s = sfd;
bs->noauth = false;
} }
static int pubkey_decode(const char *key_str, unsigned char key[32]) { static int pubkey_decode(const char *key_str, unsigned char key[32]) {
@ -459,6 +461,11 @@ static int bs_read_packet(struct boxs *bs, void *buf, size_t *lenp) {
} }
static int bs_read(struct boxs *bs, char *buf, size_t len) { static int bs_read(struct boxs *bs, char *buf, size_t len) {
if (bs->noauth) {
int rc = read_all(bs->s, buf, len);
if (rc < 0) err(1, "failed to read packet data");
return 0;
}
size_t remaining; size_t remaining;
while (len > 0) { while (len > 0) {
remaining = bs->rx_buf_len > len ? len : bs->rx_buf_len; remaining = bs->rx_buf_len > len ? len : bs->rx_buf_len;
@ -508,6 +515,11 @@ static int bs_read_error(struct boxs *bs, int errfd, enum pkt_flags flags, size_
} }
static void bs_write(struct boxs *bs, const unsigned char *buf, size_t len) { static void bs_write(struct boxs *bs, const unsigned char *buf, size_t len) {
if (bs->noauth) {
int rc = write_all(bs->s, buf, len);
if (rc < 0) err(1, "failed to write packet");
return;
}
while (len > 0) { while (len > 0) {
size_t l = len > BOXS_MAXLEN ? BOXS_MAXLEN : len; size_t l = len > BOXS_MAXLEN ? BOXS_MAXLEN : len;
bs_write_packet(bs, buf, l); bs_write_packet(bs, buf, l);
@ -817,6 +829,8 @@ int main(int argc, char *argv[]) {
char app_dir[_POSIX_PATH_MAX]; char app_dir[_POSIX_PATH_MAX];
ssize_t len; ssize_t len;
bool test = false; bool test = false;
bool noauth = false;
bool shs_cap_key_str_arg = false;
get_app_dir(app_dir, sizeof(app_dir)); get_app_dir(app_dir, sizeof(app_dir));
@ -837,7 +851,7 @@ int main(int argc, char *argv[]) {
for (i = 1; i < argc && (argv[i][0] == '-'); i++) { for (i = 1; i < argc && (argv[i][0] == '-'); i++) {
switch (argv[i][1]) { switch (argv[i][1]) {
case 'c': shs_cap_key_str = argv[++i]; break; case 'c': shs_cap_key_str = argv[++i]; shs_cap_key_str_arg = true; break;
case 'j': ptype = pkt_type_json; break; case 'j': ptype = pkt_type_json; break;
case 'T': test = true; break; case 'T': test = true; break;
case 's': host = argv[++i]; break; case 's': host = argv[++i]; break;
@ -845,6 +859,7 @@ int main(int argc, char *argv[]) {
case 'K': keypair_seed_str = argv[++i]; break; case 'K': keypair_seed_str = argv[++i]; break;
case 'p': port = argv[++i]; break; case 'p': port = argv[++i]; break;
case 't': typestr = argv[++i]; break; case 't': typestr = argv[++i]; break;
case 'n': noauth = true; break;
default: usage(); default: usage();
} }
} }
@ -920,7 +935,16 @@ int main(int argc, char *argv[]) {
} }
struct boxs bs; struct boxs bs;
if (noauth) {
bs.s = s;
bs.noauth = true;
if (key) errx(1, "-k keypair_seed conflicts with -n (noauth)");
if (keypair_seed_str) errx(1, "-K keypair_seed conflicts with -n (noauth)");
if (shs_cap_key_str_arg) errx(1, "-c cap_key conflicts with -n (noauth)");
if (test) errx(1, "-n (noauth) conflicts with -T (test shs)");
} else {
shs_connect(s, infd, outfd, public_key, private_key, shs_cap_key, remote_key, &bs); shs_connect(s, infd, outfd, public_key, private_key, shs_cap_key, remote_key, &bs);
}
if (test) { if (test) {
rc = write_all(outfd, bs.encrypt_key, sizeof(bs.encrypt_key)); rc = write_all(outfd, bs.encrypt_key, sizeof(bs.encrypt_key));

Write Preview
Loading…
Cancel
Save