1# _ _ _ _ 2# __ _ _ __ __ ___ ____ _| (_) __| | __ _| |_ ___ _ __ 3# / _` | '_ \ / _` \ \ / / _` | | |/ _` |/ _` | __/ _ \| '__| 4# | (_| | |_) | (_| |\ V / (_| | | | (_| | (_| | || (_) | | 5# \__, | .__/ \__, | \_/ \__,_|_|_|\__,_|\__,_|\__\___/|_| 6# |___/|_| |___/ 7# 8# for irssi - VERSION 0.1.2 9# 10# this is a nice irssi's script coded by pallotron 11# based on a lovely implementation writed by valvoline for xchat client 12# 13# valv`0 (valvoline@vrlteam.org / valvoline@freaknet.org) 14# pallotron (pallotron@freaknet.org) 15# 16# original idea & implementation by: valv'0 17# 18# valv`0 thanx goes to: 19# asbesto, pallotron, quest, iron - for the development support 20# hellbreak, cmcsynth, hio, mircalla - for the moral support 21# 22# it allows you to do gpg trusting of your friends using gnupg and irc 23# capabilities. in order to use it, you have to load the script into irssi 24# (read man pages or go to irssi.org do know how do this). others users must 25# have loaded this script or another compatible script. 26# 27# FAKE-- 28# PARANOIA!++ o/ 29# 30# This program is free software; you can redistribute it and/or modify 31# it under the terms of the GNU General Public License as published by 32# the Free Software Foundation; either version 2 of the License, or 33# (at your option) any later version. 34# 35# This program is distributed in the hope that it will be useful, 36# but WITHOUT ANY WARRANTY; without even the implied warranty of 37# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 38# GNU General Public License for more details. 39# 40# You should have received a copy of the GNU General Public License 41# along with this program; if not, write to the Free Software 42# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 43# 44# USAGE: 45# If you want to trust a your friend you must do this: 46# 1) simply type /validate <your_friend_nick> 47# 2) accept DCC Send (a chunck file containing gpg sign) 48# 3) type /verify <your_friend_nick>:) 49# 50# To permit your trusting by other users you must do: 51# 1) type /setpass <your_gpg_passphrase> 52# 2) enjoy! 53# Now your irssi is listening for ctcp messages 54# 55# WARING!!!!!!! 56# this isn't a *FULL SECURE* script, better improvements must follow *SOON*! 57# 58# pallotron 23/09/2002 - pallotron@freaknet.org - www.freaknet.org 59 60use Irssi; 61use Irssi qw(command_bind active_server); 62 63use strict; 64 65use vars qw($VERSION %IRSSI); 66 67my $PASS = "NULL"; 68my $VALIDATEDIR = "~/"; 69 70$VERSION = "0.1.2"; 71%IRSSI = ( 72 authors=> 'original idea by valvoline, irssi porting by pallotron', 73 contact=> 'pallotron@freaknet.org', 74 name=> 'gpgvalidator v. 0.1.2', 75 description=> 'Have gpg-based trusting features in your irssi client!', 76 license=> 'GPL v2', 77 url=> 'http://www.freaknet.org/~pallotron', 78); 79 80Irssi::print("Loading irssi pallotron's porting of valvoline gpgvalidator 0.1.2"); 81 82# create a new irssi command called /PASSPHRASE 83# USAGE: 84# /PASSPHRASE <your_GPG_pass> 85Irssi::command_bind('setpass','setpass'); 86 87# create a new irssi command called /VERIFY 88# no particolare USAGE FORMAT 89# just call it with /VERIFY 90# it will verify the last <NICK>.asc file 91# download by the latest ctcp VALIDATE request 92Irssi::command_bind('verify','sub_verify'); 93 94# send a ctcp VALIDATE request to a friend we want to trust 95# 96# USAGE: /validate <nick> 97Irssi::command_bind('validate','send_ctcp_request'); 98 99# hook sub_validate function to signal 'ctcp msg'. 100# when your client receives /ctcp msg <your_nick> VALIDATE 101# it will performs some controls and then send, via DCC, a randomic 102# generated chunck file (yournick.asc) containing your gpg signature 103# to $nick (the user who had request validating) 104Irssi::signal_add('ctcp msg','ctcp_send_chunck_file'); 105 106Irssi::command_bind('about','about'); 107Irssi::command_bind('greets','greets'); 108Irssi::command_bind('manual','manual'); 109Irssi::command_bind('erasepass','erasepass'); 110 111sub send_ctcp_request { 112 my $line = shift; 113 if(!($line)) { 114 Irssi::print("validate - wrong parameters:\nusage: validate <nick>"); 115 return 0; 116 } 117 active_server->command("/ctcp $line VALIDATE"); 118 return 0; 119} 120 121sub erasepass { 122 $PASS=""; 123 Irssi::print("gpgvalidator - pass forgotten"); 124 return 0; 125} 126 127sub ctcp_send_chunck_file { 128 my ( $infos, $cmd, $nick, $host, $target) = @_; 129 130 my $test = $target; 131 132 $test =~ tr/\W/_/; 133 $test =~ tr/`/_/; 134 $test =~ tr/{/_/; 135 $test =~ tr/}/_/; 136 $test =~ tr/|/_/; 137 $test =~ tr/\\/_/; 138 139 if ( $cmd =~ /^VALIDATE/) { 140 if ( $PASS =~ /NULL/i ) { 141 Irssi::print("requested GPG-VALIDATE from $nick, but no passphrase in cache!\nplz, set a passphrase with /passphrase <your_gpg_pass>"); 142 return 1; 143 } else { 144 Irssi::print("requested GPG-VALIDATE from $nick\n"); 145 my $result = `openssl rand -out $VALIDATEDIR/$test 1024`; 146 $result = `echo "$PASS" | gpg --batch --yes --status-fd 1 --passphrase-fd 0 --output $VALIDATEDIR/$test.asc --clearsign $VALIDATEDIR/$test | grep "[GNUPG:]"`; 147 if (( my $i = index($result,"GOOD_PASSPHRASE")) > -1) { 148 active_server->command("/DCC send $nick $VALIDATEDIR/$test.asc"); 149 $result = `echo "$result" | grep "SIG_CREATED"`; 150 Irssi::print("\n$result\n"); 151 } 152 if (( my $i = index($result,"BAD_PASSPHRASE")) > -1) { 153 $result = `echo "$result" | grep "BAS_PASSPHRASE"`; 154 Irssi::print("$result\nBAD passphrase - cannot unlock your secret keyring - please set a passprase with /passphrase <yourpass>\n"); 155 } 156 } 157 return 0; 158 } 159} 160 161# this take the passphrase 162# OH MY GOD! THESE ARE VERY STUPID ROWS... 163# expecially from security side... :) 164sub setpass { 165 my $line = shift; 166 if(!($line)) { 167 Irssi::print("setpass - wrong paramaters:\nusage: setpass <yourpass>"); 168 return 0; 169 } 170 $PASS = $line; 171 # can i do better of this? ;p 172 Irssi::print("gpgvalidator - pass set correctly"); 173 return 0; 174} 175 176# this verify che <nick>.asc signed file trusting if the user 177# is in your keyring 178# 179# usage /verify <nick> 180# 181sub sub_verify { 182 183 my $result = ""; 184 my $test = shift; 185 186 if(!($test)) { 187 Irssi::print("verify wrong parameters:\nusage: verifi <nick>"); 188 return 0; 189 } 190 191 $test =~ tr/\W/_/; 192 $test =~ tr/`/_/; 193 $test =~ tr/{/_/; 194 $test =~ tr/}/_/; 195 $test =~ tr/|/_/; 196 $test =~ tr/\\/_/; 197 198 $result = `gpg --batch --status-fd 1 --verify $VALIDATEDIR/$test.asc 2>/dev/null | grep "[GNUPG:]"`; 199 if (( my $i = index($result,"GOODSIG")) > -1) { 200 $result = `echo "$result" | grep "GOODSIG"`; 201 Irssi::print("good signature! - user trusted - $result\n"); 202 } 203 else { 204 Irssi::print("bad signature! - user UNtrusted\n$result\n"); 205 } 206 return 0; 207} 208 209sub about { 210 Irssi::print("\n-------------------------------------------------------\nGPG validator v0.1.2 for irssi coded in perl by pallotron\n-------------------------------------------------------\n(c) 2002 - valvoline / VRL Team - valvoline\@vrlteam.org\nported to irssi by pallotron\@freaknet.org\n-------------------------------------------------------\nthis's a simple script to validate users under irc, \nusing gpg. there're NO optimization, and the code was\nwritten in 10mins!. i'm not a perl-programmer, so...\n...fill free to make mods to the code, but, leave the\noriginal credits at the same place (=\n\ntype /greets to see greets!\n\ntype /manual to see user-manual\n"); 211 return 1; 212} 213 214sub greets { 215 Irssi::print("\n-------------------------------------------------------\ngreets fly out to the following:\nasbesto, pallotron, iron, quest - for beta testing support.\nhellbreak, cmcsynth, hio, mirc4ll4 - for moral and economic support (ehehe).\ns0ftpj staff - for the besta coding support ever made.\n\nall the other, that i've forgotten...sorry! :(\n\n-------------------------------------------------------\n"); 216 return 1; 217} 218 219sub manual { 220 Irssi::print("\n-------------------------------------------------------\n\nmanual\n\nsetpass <pass> - to cache your password for the current session.\nerasepass - to forgot current password.\nvalidate <nick> - to request a validator-chunck to nick.\nverify <nick> - to verify the received validator-chunck of nick.\n\nbe sure, to have the DCC workin' correctly\n\n-------------------------------------------------------\n"); 221 return 1; 222} 223 224 225