This file is indexed.

/usr/share/irssi/scripts/challenge.pl is in irssi-scripts 20131030.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
# Run a challenge response oper thingie
#
# (C) 2006 by Joerg Jaspert <joerg@debian.org>
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; version 2 of the License.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this script; if not, write to the Free Software
#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA


# This script needs "rsa_respond" out of the hybrid ircd to actually work.
# svn for that is http://svn.oftc.net/svn/oftc-hybrid
# And you need to have an rsa keypair in your oper block. Create one with
# openssl genrsa -des3 1024 > oper-whatever.key
# openssl rsa -pubout < oper-whatever.key > oper-whatever.pub
# and send the .pub to your noc :)

# The key length shouldn't be longer than 1024 to ensure that the entire
# challenge will fit inside the limits of the ircd message (510+\r\n)

# You have two settings to change after loading this script, just type
# /set challenge to see them. Then you can use it in the future to oper by
# typing /cr YOUROPERNICK


use strict;
use Irssi;

use vars qw($VERSION %IRSSI);


$VERSION = '0.0.0.0.1.alpha.0.2';
%IRSSI = (
    authors     => 'Joerg Jaspert',
    contact     => 'joerg@debian.org',
    name  => 'challenge',
    description => 'Performs challenge-response oper auth',
    license     => 'GPL v2 (and no later)',
);


# Gets called from user, $arg should only contain the oper name
sub challenge_oper {
  my ($arg, $server, $window) = @_;

  if (length($arg) < 2) { # a one char oper name? not here
	print CLIENTCRAP "%B>>%n call it like /cr YOUROPERNICK";
	return;
  } else {
    $server->redirect_event('challenge', 1, "", -1, undef,
			    {
			     "" => "redir challenge received",
			    });
	$server->send_raw("challenge $arg");
  }
}


# This event now actually handles the challenge, the rest was just setup
sub event_challenge_received{
  my ($server, $data) = @_;
  # Data contains "nick :challenge"
  my (undef, $challenge) = split(/:/, $data);

  my $key = Irssi::settings_get_str('challenge_oper_key');
  my $respond = Irssi::settings_get_str('challenge_rsa_path');

  my $pid = open(RSA, "$respond $key $challenge |") or die "Damn, couldnt run $respond";
  my $response = <RSA>;
  close (RSA);
  $server->send_raw("challenge +$response");
  my $window = Irssi::active_win();
  $window->command("redraw");
}


# ---------- Do the startup tasks ----------

Irssi::command_bind('cr', 'challenge_oper');

# Add the settings
Irssi::settings_add_str("challenge.pl", "challenge_oper_key", "$ENV{HOME}/.irssi/oper-$ENV{USER}.key");
Irssi::settings_add_str("challenge.pl", "challenge_rsa_path", "respond");

# Ok, setup the redirect event, so we can later handle the challenge thing.
Irssi::Irc::Server::redirect_register("challenge",
									  0, # not a remote one
									  5, # wait at max 5 seconds for a reply
									  undef, # no start event
									  {
									   "event 386" => -1, # act on the 386, the rsa challenge
									  },
									  undef, # no optional event
									 );
Irssi::signal_add({'redir challenge received' => \&event_challenge_received,});