-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: urcd action: commit revision: path_from: revision_from: 80ab7f7bede8e6e28b7720869cf9c1b178bf53ae: path_to: revision_to:
commit 80ab7f7bede8e6e28b7720869cf9c1b178bf53ae
Author: root <root@administrator.(none)>
Date: Mon Feb 10 22:54:06 2014 +0000
[URC] URCCRYPTOBOX now supports different keypairs for different destinations
diff --git a/README b/README
--- a/README
+++ b/README
@@ -7,10 +7,9 @@ depends:
python-dev(>=2.6), daemontools, sh, gcc
recommends:
- cython(>=0.18.0), nacltaia-otr
+ cython(>=0.18.0)
todo:
- implement multikey encrypted PM
implement pfs for encrypted PM
quick install (not recommended):
@@ -115,9 +114,8 @@ interface:
no censorship:
URC networks are censorship resistant. i
- recommend URCSIGN and/or nacltaia-otr to
- ignore spam and trolls (alternative OTR may
- also be used).
+ recommend URCSIGN and/or URCCRYPTOBOX to
+ ignore spam and trolls
irssi ("ban/except"):
/ignore *!*@* ALL
@@ -169,6 +167,16 @@ URCCRYPTOBOX:
echo $pubkey > urccryptoboxdir/$nick
chmod 600 urccryptoboxdir/
+ # use a specific seckey for a destination, or override global
+ mkdir -p urccryptoboxseckeydir/
+ echo urccryptoboxseckeydir > env/URCCRYPTOBOXSECKEYDIR
+ echo $seckey > urccryptoboxseckeydir/$nick
+ chmod 600 urccryptoboxseckeydir/
+
+ # urcd will replace the user field with VERIFIED for valid
+ # authentication and replace all other user fields with URCD.
+ # see "no censorship" above.
+
URCSECRETBOX:
# urcd can provide secret and encrypted channels
# using a 64 byte hexadecimal key
diff --git a/src/urcd.pyx b/src/urcd.pyx
--- a/src/urcd.pyx
+++ b/src/urcd.pyx
@@ -65,6 +65,7 @@ URCSECRETBOXDIR = open('env/URCSECRETBOXDIR','rb').read().split('\n')[0] if os.p
URCSIGNSECKEYDIR = open('env/URCSIGNSECKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCSIGNSECKEYDIR') else str()
URCSIGNPUBKEYDIR = open('env/URCSIGNPUBKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCSIGNPUBKEYDIR') else str()
URCSIGNSECKEY = open('env/URCSIGNSECKEY','rb').read().split('\n')[0].decode('hex') if os.path.exists('env/URCSIGNSECKEY') else str()
+URCCRYPTOBOXSECKEYDIR = open('env/URCCRYPTOBOXSECKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCCRYPTOBOXSECKEYDIR') else str()
URCCRYPTOBOXSECKEY = open('env/URCCRYPTOBOXSECKEY','rb').read().split('\n')[0].decode('hex') if os.path.exists('env/URCCRYPTOBOXSECKEY') else str()
nick = str()
@@ -91,7 +92,7 @@ if URCDB:
except: channel_struct = dict()
while len(channel_struct) > CHANLIMIT: del channel_struct[channel_struct.keys()[0]]
-if URCCRYPTOBOXSECKEY or URCCRYPTOBOXDIR or URCSECRETBOXDIR or URCSIGNDB or URCSIGNSECKEY or URCSIGNSECKEYDIR or URCSIGNPUBKEYDIR:
+if URCCRYPTOBOXSECKEY or URCCRYPTOBOXDIR or URCCRYPTOBOXSECKEYDIR or URCSECRETBOXDIR or URCSIGNDB or URCSIGNSECKEY or URCSIGNSECKEYDIR or URCSIGNPUBKEYDIR:
from nacltaia import *
### NaCl's crypto_sign / crypto_sign_open API sucks ###
@@ -110,10 +111,16 @@ if URCSECRETBOXDIR:
urccryptoboxdb = dict()
if URCCRYPTOBOXDIR:
for dst in os.listdir(URCCRYPTOBOXDIR):
- urccryptoboxdb[dst.lower()] = crypto_box_beforenm(
- open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'),
- URCCRYPTOBOXSECKEY
- )
+ if URCCRYPTOBOXSECKEYDIR and dst in os.listdir(URCCRYPTOBOXSECKEYDIR):
+ urccryptoboxdb[dst.lower()] = crypto_box_beforenm(
+ open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'),
+ open(URCCRYPTOBOXSECKEYDIR+'/'+dst,'rb').read(64).decode('hex')
+ )
+ elif URCCRYPTOBOXSECKEY:
+ urccryptoboxdb[dst.lower()] = crypto_box_beforenm(
+ open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'),
+ URCCRYPTOBOXSECKEY
+ )
if URCSIGNPUBKEYDIR:
urcsignpubkeydb = dict()
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 16:28:04 2024