psyc-mirrors
/
psyced
mirror of git://git.psyced.org/git/psyced
1
0
Fork 0
Code Issues 2 Releases Wiki Activity

are you human? do you care about privacy?

This commit is contained in:
psyc://psyced.org/~lynX 2015-01-30 15:05:52 +01:00
parent 5cf911c6ae
commit b8506361f6
9 changed files with 97 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bin/psyconf
View File

@ -511,10 +511,10 @@ then
git stash save 'changes stashed automatically by psyced -m'
git merge -s resolve origin
# restore local changes?
# git stash apply
# git stash pop
echo ""
echo "If you had local changes to your files you can now restore them using"
echo "${hi}git stash apply${lo}"
echo "${hi}git stash pop${lo}"
exit
fi

3
world/default/de/plain.textdb
View File

@ -4,6 +4,9 @@
_warning_server_shutdown_temporary
|Serverneustart: [_reason]
_warning_missing_circuit_encryption
|Deine Verbindung ist nicht verschlüsselt. Du gefährdest die Privatsphäre anderer Personen!
_status_circuit_encryption_cipher
|Gratuliere! Deine Verbindung ist mit forward secrecy verschlüsselt ([_circuit_encryption_cipher]).

3
world/default/en/plain.textdb
View File

@ -1,6 +1,9 @@
<PSYC:TEXTDB> ## vim:syntax=mail
## Check utf-8: Praise Atatürk!
_warning_missing_circuit_encryption
|Your connection is not encrypted. You are putting other people's privacy at risk!
_status_circuit_encryption_cipher
|Congratulations. Your connection is encrypted with forward secrecy.

3
world/default/it/plain.textdb
View File

@ -1,6 +1,9 @@
<PSYC:TEXTDB> ## vim:syntax=mail
## tradotto al 30% ... cerca /TODO/ per continuare
_warning_missing_circuit_encryption
|La tua connessione non è crittata. Stai mettendo a rischio la privacy di altre persone!
_status_circuit_encryption_cipher
|Muy bueno! La tua connessione è crittata con forward secrecy.

5
world/net/include/net.h
View File

@ -276,4 +276,9 @@
# endif
#endif
#define PRIVACY_SURVEILLED 0
#define PRIVACY_UNKNOWN -1
#define PRIVACY_MITMX509 23
#define PRIVACY_REASONABLE 44
#endif

30
world/net/include/place.gen
View File

@ -487,8 +487,9 @@ enter(source, mc, data, vars) {
}
# endif
# if defined(SECURE)
// let people in who are either connected via a SSL/TLS
// protocol or are coming from the localhost (probably SSH users).
// let people in who are either connected via an MITM-prone TLS
// protocol or are coming from the reasonably safe localhost
// (either SSH or Tor users).
//
// both cases are no absolute guarantee for safety.. it is still
// in the hands of each user in the room to safeguard true secrecy
@ -497,27 +498,14 @@ enter(source, mc, data, vars) {
// or belong to a certain group, so you have to use the respective
// #defines to also ensure that, if that's what you want.
//
// -lynX 2004
if (!((objectp(source) &&
// should use trustworthy level 9 instead? if so.. how?
(query_ip_number(source) == "127.0.0.1"
# ifdef SECURE_IP_NUMBER
|| SECURE_IP_NUMBER(query_ip_number(source))
# endif
|| query_ip_number(source) == __HOST_IP_NUMBER__ ))
# if __EFUN_DEFINED__(tls_query_connection_state)
// -lynX 2004, updated 2015
//
int intimacy = probably_private(source);
// psyc client.. may also one day be a psyc server, in that
// case we have to hope the rest of the link is secured, too
|| (objectp(vars["_INTERNAL_origin"])
&& interactive(vars["_INTERNAL_origin"])
&& tls_query_connection_state(vars["_INTERNAL_origin"]))
// tls connection, be it telnet irc jabber or https
// shouldn't this check happen before "_INTERNAL_origin"? -lynX
|| (objectp(source) && interactive(source)
&& tls_query_connection_state(source))
# endif
)) {
if (intimacy == PRIVACY_UNKNOWN)
intimacy = probably_private(vars["_INTERNAL_origin"]);
if (intimacy <= PRIVACY_SURVEILLED) {
sendmsg(source, "_error_place_enter_necessary_encryption",
"[_nick_place] may only be accessed by clients with enabled encryption.",
([ "_nick_place" : qName() ]) );

41
world/net/library/tls.c
View File

@ -186,3 +186,44 @@ string tls_bad_cipher(object sock, string scheme) {
return 0;
}
// Do not use server technologies like psyced for strong
// privacy or anonymity requirements. Get started using
// distributed technologies instead. Check out:
// http://youbroketheinternet.org
// http://secushare.org
// But if you're happy with half-baked security, here you
// have it:
// -lynX 2015
//
int probably_private(object source) {
// object has no TCP to it. you have to ask its circuit.
unless (objectp(source) && interactive(source))
return PRIVACY_UNKNOWN;
// should use trustworthy level 9 instead? if so.. how?
if (query_ip_number(source) == "127.0.0.1"
// query_ip_number() efun is faster than a local
// LPC variable, so it is fine we call it often
|| query_ip_number(source) == __HOST_IP_NUMBER__
# ifdef SECURE_IP_NUMBER
|| SECURE_IP_NUMBER(query_ip_number(source))
# endif
// People coming from localhost have either made it
// through SSH's reasonable certificate pinning or
// Tor's public-key based addressing.. both provide
// reasonable protection from men in the middle, if
// only the server itself could be considered secure.
//
) return PRIVACY_REASONABLE;
# if __EFUN_DEFINED__(tls_query_connection_state)
// Alas, this person is using a TLS/SSL-enhanced
// access protocol which, unless the client implements
// certificate pinning, is susceptible to man in the
// middle attacks. Find out more on this topic on
// http://patrol.psyced.org
//
if (tls_query_connection_state(source))
return PRIVACY_MITMX509;
# endif
return PRIVACY_SURVEILLED;
}

30
world/net/tn/server.c
View File

@ -8,18 +8,27 @@
qScheme() { return "tn"; }
logon() {
// first check limits and authlocal, then show banner
if (::logon()) {
// unless (nick) {
cat(TELNET_PATH "clear.vt");
cat("/local/banner.txt");
// }
human(x) {
x = lower_case(x);
unless (abbrev(x, "yes") || abbrev(x, "ja") || abbrev(x, "si") || abbrev(x, "zes")) {
emit("\nSorry, no other species welcome currently.\n\n");
}
// now check limits
else if (::logon()) {
// takes a little tweaking to use T() here
emit("Name: ");
}
}
logon() {
if (nick) return ::logon(); // authlocal
cat(TELNET_PATH "clear.vt");
cat("/local/banner.txt");
input_to(#'human, INPUT_IGNORE_BANG);
// takes a little tweaking to use T() here
emit("Are you human? ");
}
password(a) {
// send IAC + WONT + ECHO to go to echo-mode again
#ifdef OLD_HACKS_WE_PROBABLY_NO_LONGER_NEED
@ -67,7 +76,7 @@ hello(ni) {
//
// only the PROMUVE will need this, as the freemuve isn't accepting "." and
// ":" in nicknames anyways (PROMUVE converts those to "_").
#ifdef PRO_PATH
#if 0 //def PRO_PATH
# if 0
{ int i1, i2, i3, i4, i5;
if (strstr(ni, "://") > 0 ||
@ -83,7 +92,8 @@ hello(ni) {
return 1;
}
# else
if (abbrev("GET ", ni) || abbrev("POST ", ni)
// we could simply disallow space in the name here...
if (abbrev("GET ", ni) || abbrev("POST ", ni) || abbrev("OPTIONS ", ni)
|| abbrev("CONNECT ", ni)) {
// hehe.. we could htredirect proxyscanners to our www port ;)
emit("Dumbhead.\n<h1>Don't you have a telnet client?</h1>\n");
@ -95,7 +105,7 @@ hello(ni) {
return ::hello(ni);
}
#ifdef BRAIN
#if 0 //def BRAIN
morph() {
if (user->isNewbie())
emit("\nSorry, no unregistered users currently.\n\n");

13
world/net/user.c
View File

@ -1572,13 +1572,22 @@ logon() {
string evil;
if (tls_query_connection_state(ME) == 1) {
if (evil = tls_bad_cipher(ME, t)) {
// i bet jabber users will love this
// evil TLS ciphers are no problem if the connection is being
// tunneled through SSH or Tor, so we shut up in that case.
if (probably_private(ME) < PRIVACY_REASONABLE &&
(evil = tls_bad_cipher(ME, t))) {
// Seems to affect only pidgin for linux prior to 2015
w("_warning_circuit_encryption_cipher", 0, ([ "_circuit_encryption_cipher": evil ]));
//return remove_interactive(ME);
} else {
unless (beQuiet) w("_status_circuit_encryption_cipher");
}
} else if (!probably_private(ME)) {
w("_warning_missing_circuit_encryption"
# ifdef _warning_missing_circuit_encryption
, _warning_missing_circuit_encryption
# endif
);
}
#endif
// cannot if (greeting) here this since jabber:iq:auth depends on this