danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Drop v2 onion support

Browse Source
This commit is contained in:
Daniel Winzen
2023-08-24 23:05:12 +02:00
parent 3c30c5b370
commit aca4e19980
4 changed files with 8 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
var/www/common.php
View File

@ -5,7 +5,7 @@ const DBUSER='hosting'; // Database user
const DBPASS='MY_PASSWORD'; // Database password const DBPASS='MY_PASSWORD'; // Database password
const DBNAME='hosting'; // Database const DBNAME='hosting'; // Database
const PERSISTENT=true; // Use persistent database conection true/false const PERSISTENT=true; // Use persistent database conection true/false
const DBVERSION=20; //database layout version const DBVERSION=21; //database layout version
const CAPTCHA=1; // Captcha difficulty (0=off, 1=simple, 2=moderate, 3=extreme) const CAPTCHA=1; // Captcha difficulty (0=off, 1=simple, 2=moderate, 3=extreme)
const ADDRESS='dhosting4xxoydyaivckq7tsmtgi4wfs3flpeyitekkmqwu4v4r46syd.onion'; // our own address const ADDRESS='dhosting4xxoydyaivckq7tsmtgi4wfs3flpeyitekkmqwu4v4r46syd.onion'; // our own address
const CANONICAL_URL='https://hosting.danwin1210.me'; // our preferred domain for search engines const CANONICAL_URL='https://hosting.danwin1210.me'; // our preferred domain for search engines
@ -139,14 +139,6 @@ bindtextdomain('hosting', __DIR__.'/locale');
bind_textdomain_codeset('hosting', 'UTF-8'); bind_textdomain_codeset('hosting', 'UTF-8');
textdomain('hosting'); textdomain('hosting');
function get_onion_v2($pkey) : string {
$keyData = openssl_pkey_get_details($pkey);
$pk = base64_decode(substr($keyData['key'], 27, -26));
$skipped_first_22 = substr($pk, 22);
$first_80_bits_of_sha1 = hex2bin(substr(sha1($skipped_first_22), 0, 20));
return base32_encode($first_80_bits_of_sha1);
}
function get_onion_v3(string $sk) : string { function get_onion_v3(string $sk) : string {
if(PHP_INT_SIZE === 4){ if(PHP_INT_SIZE === 4){
$pk = ParagonIE_Sodium_Core32_Ed25519::sk_to_pk($sk); $pk = ParagonIE_Sodium_Core32_Ed25519::sk_to_pk($sk);
@ -420,47 +412,7 @@ function private_key_to_onion(string $priv_key) : array {
$onion = ''; $onion = '';
$priv_key = trim($priv_key); $priv_key = trim($priv_key);
$version = 0; $version = 0;
if(($pkey = openssl_pkey_get_private($priv_key)) !== false){ if(($priv = base64_decode($priv_key, true)) !== false){
$version = 2;
$details = openssl_pkey_get_details($pkey);
if($details['type'] === OPENSSL_KEYTYPE_RSA){
$p = gmp_init(bin2hex($details['rsa']['p']), 16);
$q = gmp_init(bin2hex($details['rsa']['q']), 16);
$n = gmp_init(bin2hex($details['rsa']['n']), 16);
$d = gmp_init(bin2hex($details['rsa']['d']), 16);
$dmp1 = gmp_init(bin2hex($details['rsa']['dmp1']), 16);
$dmq1 = gmp_init(bin2hex($details['rsa']['dmq1']), 16);
$iqmp = gmp_init(bin2hex($details['rsa']['iqmp']), 16);
}
if($details['type'] !== OPENSSL_KEYTYPE_RSA){
$message = 'Error: private key is not an RSA key.';
$ok = false;
}elseif($details['bits'] !== 1024){
$message = 'Error: private key not of bitsize 1024.';
$ok = false;
}elseif(gmp_prob_prime($p) === 0){
$message = 'Error: p is not a prime';
$ok = false;
}elseif(gmp_prob_prime($q) === 0){
$message = 'Error: q is not a prime';
$ok = false;
}elseif(gmp_cmp($n, gmp_mul($p, $q) ) !== 0){
$message = 'Error: n does not equal p q';
$ok = false;
}elseif(gmp_cmp($dmp1, gmp_mod($d, gmp_sub($p, 1) ) ) !==0 ){
$message = 'Error: dmp1 invalid';
$ok = false;
}elseif(gmp_cmp($dmq1, gmp_mod($d, gmp_sub($q, 1) ) ) !== 0){
$message = 'Error: dmq1 invalid';
$ok = false;
}elseif(gmp_cmp($iqmp, gmp_invert($q, $p) ) !==0 ){
$message = 'Error: iqmp not inverse of q';
$ok = false;
}else{
$onion = get_onion_v2($pkey);
}
return ['ok' => $ok, 'message' => $message, 'onion' => $onion, 'version' => $version];
} elseif(($priv = base64_decode($priv_key, true)) !== false){
$version = 3; $version = 3;
if( ! str_starts_with( $priv, '== ed25519v1-secret: type0 ==' . hex2bin( '000000' ) ) || strlen($priv) !== 96){ if( ! str_starts_with( $priv, '== ed25519v1-secret: type0 ==' . hex2bin( '000000' ) ) || strlen($priv) !== 96){
$message = 'Error: v3 secret key invalid.'; $message = 'Error: v3 secret key invalid.';
@ -478,11 +430,7 @@ function private_key_to_onion(string $priv_key) : array {
function generate_new_onion(int $version = 3) : array { function generate_new_onion(int $version = 3) : array {
$priv_key = ''; $priv_key = '';
$onion = ''; $onion = '';
if($version === 2){ if($version === 3){
$pkey = openssl_pkey_new(['private_key_bits' => 1024, 'private_key_type' => OPENSSL_KEYTYPE_RSA]);
openssl_pkey_export($pkey, $priv_key);
$onion = get_onion_v2($pkey);
} else {
$seed = random_bytes(32); $seed = random_bytes(32);
$sk = ed25519_seckey_expand($seed); $sk = ed25519_seckey_expand($seed);
$priv_key = base64_encode('== ed25519v1-secret: type0 ==' . hex2bin('000000') . $sk); $priv_key = base64_encode('== ed25519v1-secret: type0 ==' . hex2bin('000000') . $sk);

5
var/www/html/home.php
View File

@ -68,7 +68,7 @@ if(isset($_POST['action']) && $_POST['action']==='add_onion'){
} }
}else{ }else{
$onion_version = 3; $onion_version = 3;
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [2, 3])){ if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [3])){
$onion_version = $_REQUEST['onion_type']; $onion_version = $_REQUEST['onion_type'];
} }
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;'); $check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
@ -210,9 +210,6 @@ if($count_onions<MAX_NUM_USER_ONIONS){
echo '<label><input type="radio" name="onion_type" value="3"'; echo '<label><input type="radio" name="onion_type" value="3"';
echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : ''; echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : '';
echo '>'._('Random v3 Address').'</label>'; echo '>'._('Random v3 Address').'</label>';
echo '<label><input type="radio" name="onion_type" value="2"';
echo isset($_POST['onion_type']) && $_POST['onion_type']==2 ? ' checked' : '';
echo '>'._('Random v2 Address').'</label>';
echo '<label><input id="custom_onion" type="radio" name="onion_type" value="custom"'; echo '<label><input id="custom_onion" type="radio" name="onion_type" value="custom"';
echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : ''; echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : '';
echo '>'._('Custom private key'); echo '>'._('Custom private key');

3
var/www/html/register.php
View File

@ -74,7 +74,7 @@ if($_SERVER['REQUEST_METHOD']==='POST'){
} }
} }
}else{ }else{
if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [2, 3])){ if(isset($_REQUEST['onion_type']) && in_array($_REQUEST['onion_type'], [3])){
$onion_version = $_REQUEST['onion_type']; $onion_version = $_REQUEST['onion_type'];
} }
$check=$db->prepare('SELECT null FROM onions WHERE onion=?;'); $check=$db->prepare('SELECT null FROM onions WHERE onion=?;');
@ -148,7 +148,6 @@ foreach(PHP_VERSIONS as $key => $version){
<tr><td colspan=2><label><input type="checkbox" name="autoindex" value="1"<?php echo $autoindex; ?>><?php echo _('Enable autoindex (listing of files)'); ?></label></td></tr> <tr><td colspan=2><label><input type="checkbox" name="autoindex" value="1"<?php echo $autoindex; ?>><?php echo _('Enable autoindex (listing of files)'); ?></label></td></tr>
<tr><td colspan=2><?php echo _('Type of hidden service:'); ?><br> <tr><td colspan=2><?php echo _('Type of hidden service:'); ?><br>
<label><input type="radio" name="onion_type" value="3"<?php echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : ''; ?>><?php echo _('Random v3 Address'); ?></label> <label><input type="radio" name="onion_type" value="3"<?php echo (!isset($_POST['onion_type']) || $_POST['onion_type']==3) ? ' checked' : ''; ?>><?php echo _('Random v3 Address'); ?></label>
<label><input type="radio" name="onion_type" value="2"<?php echo isset($_POST['onion_type']) && $_POST['onion_type']==2 ? ' checked' : ''; ?>><?php echo _('Random v2 Address'); ?></label>
<label><input id="custom_onion" type="radio" name="onion_type" value="custom"<?php echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : ''; ?>><?php echo _('Custom private key'); ?> <label><input id="custom_onion" type="radio" name="onion_type" value="custom"<?php echo isset($_POST['onion_type']) && $_POST['onion_type']==='custom' ? ' checked' : ''; ?>><?php echo _('Custom private key'); ?>
<textarea id="private_key" name="private_key" rows="5" cols="28"> <textarea id="private_key" name="private_key" rows="5" cols="28">
<?php echo isset($_REQUEST['private_key']) ? htmlspecialchars($_REQUEST['private_key']) : ''; ?> <?php echo isset($_REQUEST['private_key']) ? htmlspecialchars($_REQUEST['private_key']) : ''; ?>

3
var/www/setup.php
View File

@ -156,6 +156,9 @@ if(!$version){
if($version<20){ if($version<20){
$db->exec("ALTER TABLE onions CHANGE max_streams max_streams tinyint(3) unsigned NOT NULL DEFAULT '6';"); $db->exec("ALTER TABLE onions CHANGE max_streams max_streams tinyint(3) unsigned NOT NULL DEFAULT '6';");
} }
if($version<21){
$db->exec('UPDATE onions SET enabled=-1 WHERE version = 2;');
}
$stmt=$db->prepare("UPDATE settings SET value=? WHERE setting='version';"); $stmt=$db->prepare("UPDATE settings SET value=? WHERE setting='version';");
$stmt->execute([DBVERSION]); $stmt->execute([DBVERSION]);
} }