From 6ac1f11291b9d7226167226be63d390fc0e4821c Mon Sep 17 00:00:00 2001 From: Scott Duensing Date: Sun, 22 Jan 2023 21:13:19 -0600 Subject: [PATCH] Build server password now obfuscated in config file. Obfuscation is per-machine so passing the file to someone else won't reveal the password. --- {src => include}/http.h | 0 include/utils.h | 2 ++ src/project.c | 6 +++-- src/utils.c | 54 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 60 insertions(+), 2 deletions(-) rename {src => include}/http.h (100%) diff --git a/src/http.h b/include/http.h similarity index 100% rename from src/http.h rename to include/http.h diff --git a/include/utils.h b/include/utils.h index c7f8ab2..3fd4e4b 100644 --- a/include/utils.h +++ b/include/utils.h @@ -39,6 +39,7 @@ char *utilCreateString(char *format, ...); char *utilCreateStringVArgs(char *format, va_list args); +char *utilDeobfuscateASCII(char *obfuscated); void utilEnsureBufferSize(unsigned char **buffer, int *length, int wanted); gboolean utilFileExists(char *filename); gboolean utilFileOpen(WindowDataT *self, char *extension, char *what); @@ -46,6 +47,7 @@ gboolean utilFileSaveAs(WindowDataT *self, char *extension, char *what); WindowDataT *utilGetWindowData(GtkWidget *window); gboolean utilGetWidgetsFromMemory(char *resource, char *name[], GtkWidget **widgets[], gpointer userData); gboolean utilMkDirP(const char *dir, const mode_t mode); +char *utilObfuscateASCII(char *clearText); gboolean utilQuestionDialog(GtkWidget *parent, char *title, char *question); void utilSetDirty(WindowDataT *self, gboolean dirty); void utilWindowRegister(gpointer windowData); diff --git a/src/project.c b/src/project.c index 4fe5da5..524c745 100644 --- a/src/project.c +++ b/src/project.c @@ -185,7 +185,7 @@ static void loadConfig(ProjectDataT *self) { case 6: // Password DEL(self->buildPassword); - self->buildPassword = strdup(line); + self->buildPassword = utilDeobfuscateASCII(line); break; default: // Oops @@ -564,7 +564,9 @@ static void saveConfig(ProjectDataT *self) { fprintf(out, "%d\n", self->buildHTTPPort); fprintf(out, "%d\n", self->buildSSHPort); fprintf(out, "%s\n", self->buildUser); - fprintf(out, "%s\n", self->buildPassword); //***TODO*** This is hardly secure. + temp = utilObfuscateASCII(self->buildPassword); + fprintf(out, "%s\n", temp); + DEL(temp); fclose(out); } else { //***TODO*** Something bad happened. diff --git a/src/utils.c b/src/utils.c index e9995fe..e105cad 100644 --- a/src/utils.c +++ b/src/utils.c @@ -70,6 +70,33 @@ char *utilCreateStringVArgs(char *format, va_list args) { } +char *utilDeobfuscateASCII(char *obfuscated) { + char *deobfuscated = NULL; + char *hostname; + int i; + int j; + int c; + + // Valid ASCII 32 - 126 (94 chars) + + hostname = strdup(g_get_host_name()); + + // Decrypt. + j = 0; + deobfuscated = (char *)malloc((strlen(obfuscated) + 1) * sizeof(char)); + for (i=0; i= strlen(hostname)) j = 0; + } + deobfuscated[i] = 0; + + return deobfuscated; +} + + void utilEnsureBufferSize(unsigned char **buffer, int *length, int wanted) { unsigned char *temp = NULL; @@ -268,6 +295,33 @@ gboolean utilMkDirP(const char *dir, const mode_t mode) { } +char *utilObfuscateASCII(char *clearText) { + char *obfuscated = NULL; + char *hostname; + int i; + int j; + int c; + + // Valid ASCII 32 - 126 (94 chars) + + hostname = strdup(g_get_host_name()); + + // Obfuscate. + j = 0; + obfuscated = (char *)malloc((strlen(clearText) + 1) * sizeof(char)); + for (i=0; i 94) c -= 94; + obfuscated[i] = c + 32; + j++; + if (j >= strlen(hostname)) j = 0; + } + obfuscated[i] = 0; + + return obfuscated; +} + + gboolean utilQuestionDialog(GtkWidget *parent, char *title, char *question) { GtkWidget *dialog; int response;