1 files changed, 0 insertions, 121 deletions
diff --git a/server/blackace/scireserver.py b/server/blackace/scireserver.py
deleted file mode 100755
index 3b920d0..0000000
--- a/server/blackace/scireserver.py
+++ /dev/null
@@ -1,121 +0,0 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-
-# $Id: scireserver.py,v 0.2 2006/05/18 06:23:40 wolfwood Exp $
-#
-# ScireServer 0.2 - Server side communication component of Scire.
-# http://www.gentoo.org/proj/en/scire/
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
-#
-
-import sys, time, syslog, re, pprint
-from pyCrypto import pyCrypto
-from pySecureServer import pySecureServer
-from Crypto.Hash import SHA, MD5
-
-def log(priority, message):
-  priorities = {
-    'emerg': syslog.LOG_EMERG,
-    'alert': syslog.LOG_ALERT,
-    'crit': syslog.LOG_CRIT,
-    'err': syslog.LOG_ERR,
-    'warn': syslog.LOG_WARNING,
-    'notice': syslog.LOG_NOTICE,
-    'info': syslog.LOG_INFO,
-    'debug': syslog.LOG_DEBUG
-  }
-  name = re.compile('^(?:[^/]*/)?(.*?)(?:\.py)?$').sub('\\1', sys.argv[0])
-  syslog.openlog(name, syslog.LOG_PID, syslog.LOG_DAEMON)
-  syslog.syslog(priorities[priority], message)
-  syslog.closelog()
-
-def handler(socket, request):
-  crypto = socket.server.crypto
-  clients = socket.server.clients
-  if request['command'] == 'helo':
-    pubkey = crypto.packKey(crypto.key.publickey()).rstrip('\n').split(' ')[1]
-    socket.sendclear(MD5.new(pubkey).hexdigest() + ' ' + pubkey)
-    return 'OK: Hello ' + socket.client_address[0]
-  elif request['command'] == 'auth':
-    data = crypto.decrypt(request['data'])
-    digest = data[:32]
-    data = data[33:]
-    if MD5.new(data).hexdigest() != digest:
-      return '!ERR: digest verification failed.'
-    if len(request['args']) == 1 and len(request['args'][0]) == 32:
-      # Response
-      clientkeyhash = request['args'][0]
-      if clients.has_key(clientkeyhash):
-        if int(time.time()) > clients[clientkeyhash]['expiration']:
-          del(clients[clientkeyhash])
-          return '!ERR: challenge expired.'
-        else:
-          if MD5.new(clients[clientkeyhash]['challenge']).hexdigest() == data:
-            clients[clientkeyhash]['auth'] = True
-            clients[clientkeyhash]['expiration'] = int(time.time()) + socket.timeout
-            return 'OK: authenticated.'
-          else:
-            # UPDATE `clients` SET `status` = 'disabled' WHERE `keyhash` = 'clientkeyhash';
-            return '!ERR: invalid response.'
-      else:
-        return '!ERR: invalid challenge.'
-    else:
-      # Challenge
-      clientkeyhash = MD5.new(data).hexdigest()
-      clientkey = crypto.unpackKey(data)
-      # if len(mysql_rows(SELECT `hostname` FROM `clients` WHERE `keyhash` = 'clientkeyhash';)) > 0:
-      #   we initiate the handshake and return True
-      challenge = MD5.new(crypto.getRandom(32)).hexdigest()
-      clients[clientkeyhash] = {'auth': False, 'key': clientkey, 'challenge': challenge, 'expiration': int(time.time()) + socket.timeout}
-      socket.send(MD5.new(challenge).hexdigest() + ' ' + challenge, clientkey)
-      return True
-      # elif len(mysql_rows(SELECT `timestamp` FROM `pending_clients` WHERE `key` = 'clientkey';)) > 0:
-      #   return 'ERR: auth already pending.'
-      # else:
-      #   stuff their clientkey into the pending_clients table and return '!OK: auth request queued.'
-  else:
-    if len(request['args']) >= 1 and len(request['args'][0]) == 32:
-      clientkeyhash = request['args'][0]
-      if clients.has_key(clientkeyhash):
-        if int(time.time()) > clients[clientkeyhash]['expiration']:
-          del(clients[clientkeyhash])
-          return '!ERR: session expired.'
-        elif not clients[clientkeyhash]['auth']:
-          return '!ERR: not authenticated.'
-        else:
-          socket.sendclear('You sent: ' + pprint.pformat(request))
-          socket.send('This should be encrypted!')
-          return True
-      else:
-        return '!ERR: not authenticated.'
-    else:
-      return '!ERR: not authenticated.'
-
-if __name__ == '__main__':
-  crypto = pyCrypto(1024, 'RSA', 'SHA', 'file://~/.ssh/id_rsa')
-  server = pySecureServer(crypto, handler, 10, 7000)
-#  print crypto.packKey(crypto.key.publickey()).rstrip('\n').split(' ')[1]
-#  pubkey = crypto.getKey('file://~/.ssh/id_rsa.pub')
-#  print crypto.packKey(pubkey)
-#  encrypted = crypto.encrypt('Client to Server Connection Procedure\n=====================================\nClient connects to the Server.\n\nServer sends it\'s public key to the Client.\n\nClient encrypts it\'s public key using the Server\'s public\nkey and sends it to the Server.\n\nServer decrypts the Client\'s public key using it\'s own\nprivate key, and checks the clients table for a match.\n\nIf the Client\'s public key cannot be found in the clients\ntable, the Server stores the Client\'s public key in the\npending_clients table, sends a confirmation to the Client,\nand disconnects.\n\nIf the Client\'s public key was found in the clients table,\nimplying an Administrators trust, the Server generates a\nrandom challenge, encrypts it with the Client\'s public key,\nand sends it to the Client.\n\nThe Client decrypts the challenge, generates an MD5 hash of\nit, re-encrypts it with the Server\'s public key, and sends\nit back to the Server.\n\nThe Server decrypts the response using it\'s own private key\nand compares it to an MD5 hash of the challenge.\n\nIf the MD5 of the original challenge matches the response,\nthe Client and the Server have completed a handshake,\nverifying each other\'s identity, and can now either begin\nencrypted communication using the keys they have already\nexchanged, or they can exchange new connection-specific\nprivate keys and use symmetric encryption for the rest of\nthe session.\n\nIf the MD5 of the original challenge does not match the\nresponse, the Server should disable the Client in the\nclients table, flagging it for review by an Administrator,\nand then disconnect.\n', pubkey)
-#  print 'Encrypted:\n', encrypted
-#  decrypted = crypto.decrypt(encrypted)
-#  print 'Decrypted:\n', decrypted
-  try:
-    server.start()
-  except KeyboardInterrupt:
-    log('info', 'keyboard interrupt')
-    sys.exit(0)