-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: urcd action: commit revision: path_from: revision_from: 80ab7f7bede8e6e28b7720869cf9c1b178bf53ae: path_to: revision_to:
commit 80ab7f7bede8e6e28b7720869cf9c1b178bf53ae Author: root <root@administrator.(none)> Date: Mon Feb 10 22:54:06 2014 +0000 [URC] URCCRYPTOBOX now supports different keypairs for different destinations diff --git a/README b/README
--- a/README +++ b/README @@ -7,10 +7,9 @@ depends: python-dev(>=2.6), daemontools, sh, gcc recommends: - cython(>=0.18.0), nacltaia-otr + cython(>=0.18.0) todo: - implement multikey encrypted PM implement pfs for encrypted PM quick install (not recommended): @@ -115,9 +114,8 @@ interface: no censorship: URC networks are censorship resistant. i - recommend URCSIGN and/or nacltaia-otr to - ignore spam and trolls (alternative OTR may - also be used). + recommend URCSIGN and/or URCCRYPTOBOX to + ignore spam and trolls irssi ("ban/except"): /ignore *!*@* ALL @@ -169,6 +167,16 @@ URCCRYPTOBOX: echo $pubkey > urccryptoboxdir/$nick chmod 600 urccryptoboxdir/ + # use a specific seckey for a destination, or override global + mkdir -p urccryptoboxseckeydir/ + echo urccryptoboxseckeydir > env/URCCRYPTOBOXSECKEYDIR + echo $seckey > urccryptoboxseckeydir/$nick + chmod 600 urccryptoboxseckeydir/ + + # urcd will replace the user field with VERIFIED for valid + # authentication and replace all other user fields with URCD. + # see "no censorship" above. + URCSECRETBOX: # urcd can provide secret and encrypted channels # using a 64 byte hexadecimal key diff --git a/src/urcd.pyx b/src/urcd.pyx
--- a/src/urcd.pyx +++ b/src/urcd.pyx @@ -65,6 +65,7 @@ URCSECRETBOXDIR = open('env/URCSECRETBOXDIR','rb').read().split('\n')[0] if os.p URCSIGNSECKEYDIR = open('env/URCSIGNSECKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCSIGNSECKEYDIR') else str() URCSIGNPUBKEYDIR = open('env/URCSIGNPUBKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCSIGNPUBKEYDIR') else str() URCSIGNSECKEY = open('env/URCSIGNSECKEY','rb').read().split('\n')[0].decode('hex') if os.path.exists('env/URCSIGNSECKEY') else str() +URCCRYPTOBOXSECKEYDIR = open('env/URCCRYPTOBOXSECKEYDIR','rb').read().split('\n')[0] if os.path.exists('env/URCCRYPTOBOXSECKEYDIR') else str() URCCRYPTOBOXSECKEY = open('env/URCCRYPTOBOXSECKEY','rb').read().split('\n')[0].decode('hex') if os.path.exists('env/URCCRYPTOBOXSECKEY') else str() nick = str() @@ -91,7 +92,7 @@ if URCDB: except: channel_struct = dict() while len(channel_struct) > CHANLIMIT: del channel_struct[channel_struct.keys()[0]] -if URCCRYPTOBOXSECKEY or URCCRYPTOBOXDIR or URCSECRETBOXDIR or URCSIGNDB or URCSIGNSECKEY or URCSIGNSECKEYDIR or URCSIGNPUBKEYDIR: +if URCCRYPTOBOXSECKEY or URCCRYPTOBOXDIR or URCCRYPTOBOXSECKEYDIR or URCSECRETBOXDIR or URCSIGNDB or URCSIGNSECKEY or URCSIGNSECKEYDIR or URCSIGNPUBKEYDIR: from nacltaia import * ### NaCl's crypto_sign / crypto_sign_open API sucks ### @@ -110,10 +111,16 @@ if URCSECRETBOXDIR: urccryptoboxdb = dict() if URCCRYPTOBOXDIR: for dst in os.listdir(URCCRYPTOBOXDIR): - urccryptoboxdb[dst.lower()] = crypto_box_beforenm( - open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'), - URCCRYPTOBOXSECKEY - ) + if URCCRYPTOBOXSECKEYDIR and dst in os.listdir(URCCRYPTOBOXSECKEYDIR): + urccryptoboxdb[dst.lower()] = crypto_box_beforenm( + open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'), + open(URCCRYPTOBOXSECKEYDIR+'/'+dst,'rb').read(64).decode('hex') + ) + elif URCCRYPTOBOXSECKEY: + urccryptoboxdb[dst.lower()] = crypto_box_beforenm( + open(URCCRYPTOBOXDIR+'/'+dst,'rb').read(64).decode('hex'), + URCCRYPTOBOXSECKEY + ) if URCSIGNPUBKEYDIR: urcsignpubkeydb = dict()
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 16:28:04 2024