From a7753f712c9c29d0b2e4c8d739454fd26b7559d5 Mon Sep 17 00:00:00 2001 From: Neale Pickett Date: Sat, 9 Jun 2012 16:11:23 -0600 Subject: [PATCH] Start at p2 server package --- packages/00admin/00admin.mk | 11 +- packages/00admin/src/Makefile | 3 + packages/{mcp => 00admin}/src/tea.c | 0 packages/mcp/src/Makefile | 5 +- packages/mcp/src/arc4.c | 230 ---------------------------- packages/p2/service/httpd/finish | 3 + packages/p2/service/httpd/ip.txt | 1 + packages/p2/service/httpd/run | 25 +++ packages/p2/service/pointsd/log/run | 3 + packages/p2/service/pointsd/pointsd | 31 ++++ packages/p2/service/pointsd/run | 44 ++++++ packages/p2/www/bkup.png | Bin 0 -> 247 bytes 12 files changed, 120 insertions(+), 236 deletions(-) create mode 100644 packages/00admin/src/Makefile rename packages/{mcp => 00admin}/src/tea.c (100%) delete mode 100644 packages/mcp/src/arc4.c create mode 100755 packages/p2/service/httpd/finish create mode 100644 packages/p2/service/httpd/ip.txt create mode 100755 packages/p2/service/httpd/run create mode 100755 packages/p2/service/pointsd/log/run create mode 100755 packages/p2/service/pointsd/pointsd create mode 100755 packages/p2/service/pointsd/run create mode 100644 packages/p2/www/bkup.png diff --git a/packages/00admin/00admin.mk b/packages/00admin/00admin.mk index 6c77dc0..0e2b83c 100644 --- a/packages/00admin/00admin.mk +++ b/packages/00admin/00admin.mk @@ -1,13 +1,20 @@ 00ADMIN_PKGDIR = $(TARGET)/00admin +00ADMIN_BUILDDIR = $(BUILD)/00admin ifndef PASSWORD $(error PASSWORD not defined) endif -00admin-install: +00admin-build: $(00ADMIN_BUILDDIR)/build +$(00ADMIN_BUILDDIR)/build: + $(MAKE) -C packages/00admin/src + touch $< + +00admin-install: $(00ADMIN_BUILDDIR)/build $(call COPYTREE, packages/00admin/service, $(00ADMIN_PKGDIR)/service) echo "$(PASSWORD)" > $(00ADMIN_PKGDIR)/password mkdir -p $(00ADMIN_PKGDIR)/sbin - cp packages/00admin/sbin/* $(00ADMIN_PKGDIR)/sbin + cp packages/00admin/bin/* $(00ADMIN_PKGDIR)/bin + cp packages/00admin/src/tea $(00ADMIN_PKGDIR)/bin PACKAGES += 00admin diff --git a/packages/00admin/src/Makefile b/packages/00admin/src/Makefile new file mode 100644 index 0000000..67107b5 --- /dev/null +++ b/packages/00admin/src/Makefile @@ -0,0 +1,3 @@ +all: tea +clean: + rm -f tea diff --git a/packages/mcp/src/tea.c b/packages/00admin/src/tea.c similarity index 100% rename from packages/mcp/src/tea.c rename to packages/00admin/src/tea.c diff --git a/packages/mcp/src/Makefile b/packages/mcp/src/Makefile index 7a67dd0..134ec7c 100644 --- a/packages/mcp/src/Makefile +++ b/packages/mcp/src/Makefile @@ -1,14 +1,11 @@ CFLAGS = -Wall -Werror TARGETS = claim.cgi puzzler.cgi puzzles.cgi -TARGETS += pointscli arc4 tea +TARGETS += pointscli all: build build: $(TARGETS) -arc4: CFLAGS += -DARC4_MAIN -arc4: arc4.o - pointscli: pointscli.o common.o puzzles.cgi: puzzles.cgi.o common.o diff --git a/packages/mcp/src/arc4.c b/packages/mcp/src/arc4.c deleted file mode 100644 index 01e3b27..0000000 --- a/packages/mcp/src/arc4.c +++ /dev/null @@ -1,230 +0,0 @@ -#include -#include -#include -#include -#include "arc4.h" - -#define swap(a, b) do {uint8_t _swap=a; a=b, b=_swap;} while (0) - -void -arc4_init(struct arc4_ctx *ctx, uint8_t const *key, size_t keylen) -{ - int i; - int j = 0; - - for (i = 0; i < 256; i += 1) { - ctx->S[i] = i; - } - - for (i = 0; i < 256; i += 1) { - j = (j + ctx->S[i] + key[i % keylen]) % 256; - swap(ctx->S[i], ctx->S[j]); - } - ctx->i = 0; - ctx->j = 0; -} - -uint8_t -arc4_out(struct arc4_ctx *ctx) -{ - ctx->i = (ctx->i + 1) % 256; - ctx->j = (ctx->j + ctx->S[ctx->i]) % 256; - swap(ctx->S[ctx->i], ctx->S[ctx->j]); - return ctx->S[(ctx->S[ctx->i] + ctx->S[ctx->j]) % 256]; -} - -void -arc4_crypt(struct arc4_ctx *ctx, - uint8_t *obuf, const uint8_t *ibuf, size_t buflen) -{ - size_t k; - - for (k = 0; k < buflen; k += 1) { - obuf[k] = ibuf[k] ^ arc4_out(ctx); - } -} - -/* Create a nonce as an arc4 stream with key=seed */ -void -arc4_nonce(uint8_t *nonce, size_t noncelen, - void *seed, size_t seedlen) -{ - struct arc4_ctx ctx; - int i; - - arc4_init(&ctx, seed, seedlen); - for (i = 0; i < noncelen; i += 1) { - nonce[i] = arc4_out(&ctx); - } -} - - -/*************************************************** - * - * Psuedo Random Number Generation - * - */ -static struct arc4_ctx prng_ctx; -static int prng_initialized = 0; - -void -arc4_rand_seed(const uint8_t *seed, size_t seedlen) -{ - arc4_init(&prng_ctx, seed, seedlen); - prng_initialized = 1; -} - -static void -arc4_rand_autoseed() -{ - if (! prng_initialized) { - uint8_t key[ARC4_KEYLEN]; - FILE *urandom; - - /* Open /dev/urandom or die trying */ - urandom = fopen("/dev/urandom", "r"); - if (! urandom) { - perror("Opening /dev/urandom"); - abort(); - } - setbuf(urandom, NULL); - fread(&key, sizeof(key), 1, urandom); - fclose(urandom); - - arc4_rand_seed(key, sizeof(key)); - } -} - -uint8_t -arc4_rand8() -{ - arc4_rand_autoseed(); - return arc4_out(&prng_ctx); -} - -uint32_t -arc4_rand32() -{ - arc4_rand_autoseed(); - return ((arc4_out(&prng_ctx) << 0) | - (arc4_out(&prng_ctx) << 8) | - (arc4_out(&prng_ctx) << 16) | - (arc4_out(&prng_ctx) << 24)); -} - -/***************************************** - * - * Stream operations - * - */ - -ssize_t -arc4_encrypt_stream(FILE *out, FILE *in, - const uint8_t *key, size_t keylen) -{ - struct arc4_ctx ctx; - uint32_t seed = arc4_rand32(); - uint8_t nonce[ARC4_KEYLEN]; - ssize_t written = 0; - int i; - - fwrite("arc4", 4, 1, out); - fwrite(&seed, sizeof(seed), 1, out); - - arc4_nonce(nonce, sizeof(nonce), &seed, sizeof(seed)); - for (i = 0; i < keylen; i += 1) { - nonce[i] ^= key[i]; - } - arc4_init(&ctx, nonce, sizeof(nonce)); - - while (1) { - int c = fgetc(in); - - if (EOF == c) break; - fputc((uint8_t)c ^ arc4_out(&ctx), out); - written += 1; - } - - return written; -} - -ssize_t -arc4_decrypt_stream(FILE *out, FILE *in, - const uint8_t *key, size_t keylen) -{ - struct arc4_ctx ctx; - uint32_t seed; - uint8_t nonce[ARC4_KEYLEN]; - ssize_t written = 0; - char sig[4]; - int i; - - fread(&sig, sizeof(sig), 1, in); - if (memcmp(sig, "arc4", 4)) { - return -1; - } - fread(&seed, sizeof(seed), 1, in); - - arc4_nonce(nonce, sizeof(nonce), &seed, sizeof(seed)); - for (i = 0; i < keylen; i += 1) { - nonce[i] ^= key[i]; - } - arc4_init(&ctx, nonce, sizeof(nonce)); - - while (1) { - int c = fgetc(in); - - if (EOF == c) break; - fputc((uint8_t)c ^ arc4_out(&ctx), out); - written += 1; - } - - return written; -} - - -#ifdef ARC4_MAIN - -#include -#include - -int -main(int argc, char *argv[]) -{ - uint8_t key[ARC4_KEYLEN] = {0}; - size_t keylen; - - /* Read key and initialize context */ - { - char *ekey = getenv("KEY"); - - if (ekey) { - keylen = strlen(ekey); - memcpy(key, ekey, keylen); - } else { - keylen = read(3, key, sizeof(key)); - if (-1 == keylen) { - fprintf(stderr, "error: must specify key.\n"); - return 1; - } - } - } - - if (! argv[1]) { - if (-1 == arc4_decrypt_stream(stdout, stdin, key, keylen)) { - fprintf(stderr, "error: not an arc4 stream.\n"); - return 1; - } - } else if (0 == strcmp(argv[1], "-e")) { - arc4_encrypt_stream(stdout, stdin, key, keylen); - } else { - fprintf(stderr, "Usage: %s [-e] &1 + +IP=$(/opt/00admin/bin/fire-ip add) + +addgroup -g 65534 nogroup || true +adduser -D -g nogroup -u 65534 -h /tmp -H nobody || true + +hostname p2 + +# Link in puzzles and web pages +install -d /var/www +for d in /opt/*; do + w=/var/www/$(basename $d) + if [ -d $d/puzzles ] && ! [ -d $w ]; then + ln -sf $d/puzzles $w + fi + if [ -d $d/www ]; then + ln -sf $d/www/* /var/www/ + fi +done + +ln -sf /var/www default +exec tcpsvd -u nobody ${IP%/*} 80 /opt/p2/bin/eris -c diff --git a/packages/p2/service/pointsd/log/run b/packages/p2/service/pointsd/log/run new file mode 100755 index 0000000..1e7bd9d --- /dev/null +++ b/packages/p2/service/pointsd/log/run @@ -0,0 +1,3 @@ +#! /bin/sh + +exec svlogd -tt $PWD diff --git a/packages/p2/service/pointsd/pointsd b/packages/p2/service/pointsd/pointsd new file mode 100755 index 0000000..1b0c987 --- /dev/null +++ b/packages/p2/service/pointsd/pointsd @@ -0,0 +1,31 @@ +#! /bin/sh -e + +fn=$2/$3 + +WWW=${CTF_BASE:-/var/www} +BASE=${CTF_BASE:-/var/lib/ctf} +OPT=${CTF_BASE:-/opt} + +POINTS=$BASE/points.log +BACKUP=$WWW/backup.png +SCOREBOARD=$WWW/scoreboard.html + +# Only do this if this score hasn't yet been recorded +if [ -z "$(sort -k2 $POINTS $fn | uniq -f1 -d)" ]; then + cat $fn >> $POINTS + rm $fn +fi + +if [ $POINTS -nt $SCOREBOARD ]; then + # Generate new backup + ( + cat bkup.png; + tar cvf - $BASE | gzip -c | $OPT/00admin/bin/tea 3< $OPT/00admin/password + ) > $BACKUP.new + mv $BACKUP.new $BACKUP + + # Render scoreboard + /opt/p2/bin/scoreboard < $POINTS > $SCOREBOARD.new + mv $SCOREBOARD.new $SCOREBOARD +fi + diff --git a/packages/p2/service/pointsd/run b/packages/p2/service/pointsd/run new file mode 100755 index 0000000..f393539 --- /dev/null +++ b/packages/p2/service/pointsd/run @@ -0,0 +1,44 @@ +#! /bin/sh -e + +exec 2>&1 + +install -d /var/lib/ctf + +# Create CTF and nobody users +touch /etc/group /etc/passwd +addgroup -g 65534 nogroup || true +adduser -D -S -h /var/lib/ctf -H ctf || true +adduser -D -g nogroup -u 65534 -h /tmp -H nobody || true + +# Set up base directories +NEWDIR=/var/lib/ctf/points.new +install -d /var/www +install -d /var/lib/ctf +install -o ctf -m 0755 -d $NEWDIR +install -o ctf -m 0755 -d /var/lib/ctf/points.tmp + +# Create some files +CLAIM=/var/lib/ctf/claim.db +touch $CLAIM +chown ctf $CLAIM +touch /var/lib/ctf/points.log + +# Generate preliminary scoreboard +if ! [ -f /var/www/scoreboard.html ]; then + /opt/mcp/bin/scoreboard < /dev/null > /var/www/scoreboard.html +fi + + +if [ -x /sbin/inotifyd ]; then + exec /sbin/inotifyd ./pointsd $NEWDIR:y +fi + +# Simulate inotifyd +cd $NEWDIR +while true; do + for fn in *; do + [ -f "$fn" ] || continue + ./pointsd m $NEWDIR $fn + done + sleep 7 +done diff --git a/packages/p2/www/bkup.png b/packages/p2/www/bkup.png new file mode 100644 index 0000000000000000000000000000000000000000..aea14245355d30c1075f63870990aec2a5647af5 GIT binary patch literal 247 zcmeAS@N?(olHy`uVBq!ia0vp^%s|Y}!3HGH?)<(INUlBZdeGzF0Tp00i_>zopr0FeJirvLx| literal 0 HcmV?d00001