html/gpgvalidator.pl
1 # _ _ _ _
2 # __ _ _ __ __ ___ ____ _| (_) __| | __ _| |_ ___ _ __
3 # / _` | '_ \ / _` \ \ / / _` | | |/ _` |/ _` | __/ _ \| '__|
4 # | (_| | |_) | (_| |\ V / (_| | | | (_| | (_| | || (_) | |
5 # \__, | .__/ \__, | \_/ \__,_|_|_|\__,_|\__,_|\__\___/|_|
6 # |___/|_| |___/
7 #
8 # for irssi - VERSION 0.1.2
9 #
10 # this is a nice irssi's script coded by pallotron
11 # based on a lovely implementation writed by valvoline for xchat client
12 #
13 # valv`0 (valvoline@vrlteam.org / valvoline@freaknet.org)
14 # pallotron (pallotron@freaknet.org)
15 #
16 # original idea & implementation by: valv'0
17 #
18 # valv`0 thanx goes to:
19 # asbesto, pallotron, quest, iron - for the development support
20 # hellbreak, cmcsynth, hio, mircalla - for the moral support
21 #
22 # it allows you to do gpg trusting of your friends using gnupg and irc
23 # capabilities. in order to use it, you have to load the script into irssi
24 # (read man pages or go to irssi.org do know how do this). others users must
25 # have loaded this script or another compatible script.
26 #
27 # FAKE--
28 # PARANOIA!++ o/
29 #
30 # This program is free software; you can redistribute it and/or modify
31 # it under the terms of the GNU General Public License as published by
32 # the Free Software Foundation; either version 2 of the License, or
33 # (at your option) any later version.
34 #
35 # This program is distributed in the hope that it will be useful,
36 # but WITHOUT ANY WARRANTY; without even the implied warranty of
37 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38 # GNU General Public License for more details.
39 #
40 # You should have received a copy of the GNU General Public License
41 # along with this program; if not, write to the Free Software
42 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
43 #
44 # USAGE:
45 # If you want to trust a your friend you must do this:
46 # 1) simply type /validate <your_friend_nick>
47 # 2) accept DCC Send (a chunck file containing gpg sign)
48 # 3) type /verify <your_friend_nick>:)
49 #
50 # To permit your trusting by other users you must do:
51 # 1) type /setpass <your_gpg_passphrase>
52 # 2) enjoy!
53 # Now your irssi is listening for ctcp messages
54 #
55 # WARING!!!!!!!
56 # this isn't a *FULL SECURE* script, better improvements must follow *SOON*!
57 #
58 # pallotron 23/09/2002 - pallotron@freaknet.org - www.freaknet.org
59
60 use Irssi;
61 use Irssi qw(command_bind active_server);
62
63 use strict;
64
65 use vars qw($VERSION %IRSSI);
66
67 my $PASS = "NULL";
68 my $VALIDATEDIR = "~/";
69
70 $VERSION = "0.1.2";
71 %IRSSI = (
72 authors=> 'original idea by valvoline, irssi porting by pallotron',
73 contact=> 'pallotron@freaknet.org',
74 name=> 'gpgvalidator v. 0.1.2',
75 description=> 'Have gpg-based trusting features in your irssi client!',
76 license=> 'GPL v2',
77 url=> 'http://www.freaknet.org/~pallotron',
78 );
79
80 Irssi::print("Loading irssi pallotron's porting of valvoline gpgvalidator 0.1.2");
81
82 # create a new irssi command called /PASSPHRASE
83 # USAGE:
84 # /PASSPHRASE <your_GPG_pass>
85 Irssi::command_bind('setpass','setpass');
86
87 # create a new irssi command called /VERIFY
88 # no particolare USAGE FORMAT
89 # just call it with /VERIFY
90 # it will verify the last <NICK>.asc file
91 # download by the latest ctcp VALIDATE request
92 Irssi::command_bind('verify','sub_verify');
93
94 # send a ctcp VALIDATE request to a friend we want to trust
95 #
96 # USAGE: /validate <nick>
97 Irssi::command_bind('validate','send_ctcp_request');
98
99 # hook sub_validate function to signal 'ctcp msg'.
100 # when your client receives /ctcp msg <your_nick> VALIDATE
101 # it will performs some controls and then send, via DCC, a randomic
102 # generated chunck file (yournick.asc) containing your gpg signature
103 # to $nick (the user who had request validating)
104 Irssi::signal_add('ctcp msg','ctcp_send_chunck_file');
105
106 Irssi::command_bind('about','about');
107 Irssi::command_bind('greets','greets');
108 Irssi::command_bind('manual','manual');
109 Irssi::command_bind('erasepass','erasepass');
110
111 sub send_ctcp_request {
112 my $line = shift;
113 if(!($line)) {
114 Irssi::print("validate - wrong parameters:\nusage: validate <nick>");
115 return 0;
116 }
117 active_server->command("/ctcp $line VALIDATE");
118 return 0;
119 }
120
121 sub erasepass {
122 $PASS="";
123 Irssi::print("gpgvalidator - pass forgotten");
124 return 0;
125 }
126
127 sub ctcp_send_chunck_file {
128 my ( $infos, $cmd, $nick, $host, $target) = @_;
129
130 my $test = $target;
131
132 $test =~ tr/\W/_/;
133 $test =~ tr/`/_/;
134 $test =~ tr/{/_/;
135 $test =~ tr/}/_/;
136 $test =~ tr/|/_/;
137 $test =~ tr/\\/_/;
138
139 if ( $cmd =~ /^VALIDATE/) {
140 if ( $PASS =~ /NULL/i ) {
141 Irssi::print("requested GPG-VALIDATE from $nick, but no passphrase in cache!\nplz, set a passphrase with /passphrase <your_gpg_pass>");
142 return 1;
143 } else {
144 Irssi::print("requested GPG-VALIDATE from $nick\n");
145 my $result = `openssl rand -out $VALIDATEDIR/$test 1024`;
146 $result = `echo "$PASS" | gpg --batch --yes --status-fd 1 --passphrase-fd 0 --output $VALIDATEDIR/$test.asc --clearsign $VALIDATEDIR/$test | grep "[GNUPG:]"`;
147 if (( my $i = index($result,"GOOD_PASSPHRASE")) > -1) {
148 active_server->command("/DCC send $nick $VALIDATEDIR/$test.asc");
149 $result = `echo "$result" | grep "SIG_CREATED"`;
150 Irssi::print("\n$result\n");
151 }
152 if (( my $i = index($result,"BAD_PASSPHRASE")) > -1) {
153 $result = `echo "$result" | grep "BAS_PASSPHRASE"`;
154 Irssi::print("$result\nBAD passphrase - cannot unlock your secret keyring - please set a passprase with /passphrase <yourpass>\n");
155 }
156 }
157 return 0;
158 }
159 }
160
161 # this take the passphrase
162 # OH MY GOD! THESE ARE VERY STUPID ROWS...
163 # expecially from security side... :)
164 sub setpass {
165 my $line = shift;
166 if(!($line)) {
167 Irssi::print("setpass - wrong paramaters:\nusage: setpass <yourpass>");
168 return 0;
169 }
170 $PASS = $line;
171 # can i do better of this? ;p
172 Irssi::print("gpgvalidator - pass set correctly");
173 return 0;
174 }
175
176 # this verify che <nick>.asc signed file trusting if the user
177 # is in your keyring
178 #
179 # usage /verify <nick>
180 #
181 sub sub_verify {
182
183 my $result = "";
184 my $test = shift;
185
186 if(!($test)) {
187 Irssi::print("verify wrong parameters:\nusage: verifi <nick>");
188 return 0;
189 }
190
191 $test =~ tr/\W/_/;
192 $test =~ tr/`/_/;
193 $test =~ tr/{/_/;
194 $test =~ tr/}/_/;
195 $test =~ tr/|/_/;
196 $test =~ tr/\\/_/;
197
198 $result = `gpg --batch --status-fd 1 --verify $VALIDATEDIR/$test.asc 2>/dev/null | grep "[GNUPG:]"`;
199 if (( my $i = index($result,"GOODSIG")) > -1) {
200 $result = `echo "$result" | grep "GOODSIG"`;
201 Irssi::print("good signature! - user trusted - $result\n");
202 }
203 else {
204 Irssi::print("bad signature! - user UNtrusted\n$result\n");
205 }
206 return 0;
207 }
208
209 sub about {
210 Irssi::print("\n-------------------------------------------------------\nGPG validator v0.1.2 for irssi coded in perl by pallotron\n-------------------------------------------------------\n(c) 2002 - valvoline / VRL Team - valvoline\@vrlteam.org\nported to irssi by pallotron\@freaknet.org\n-------------------------------------------------------\nthis's a simple script to validate users under irc, \nusing gpg. there're NO optimization, and the code was\nwritten in 10mins!. i'm not a perl-programmer, so...\n...fill free to make mods to the code, but, leave the\noriginal credits at the same place (=\n\ntype /greets to see greets!\n\ntype /manual to see user-manual\n");
211 return 1;
212 }
213
214 sub greets {
215 Irssi::print("\n-------------------------------------------------------\ngreets fly out to the following:\nasbesto, pallotron, iron, quest - for beta testing support.\nhellbreak, cmcsynth, hio, mirc4ll4 - for moral and economic support (ehehe).\ns0ftpj staff - for the besta coding support ever made.\n\nall the other, that i've forgotten...sorry! :(\n\n-------------------------------------------------------\n");
216 return 1;
217 }
218
219 sub manual {
220 Irssi::print("\n-------------------------------------------------------\n\nmanual\n\nsetpass <pass> - to cache your password for the current session.\nerasepass - to forgot current password.\nvalidate <nick> - to request a validator-chunck to nick.\nverify <nick> - to verify the received validator-chunck of nick.\n\nbe sure, to have the DCC workin' correctly\n\n-------------------------------------------------------\n");
221 return 1;
222 }
223
224