mirror
/
oragono
mirror of https://github.com/oragono/oragono
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 70 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
415 Commits
21 Branches
Tree: 144ebe08e3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '144ebe08e3'
${ noResults }
oragono/oragono.go

oragono.go 4.2KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. // Copyright (c) 2012-2014 Jeremy Latt

  2. // Copyright (c) 2014-2015 Edmund Huber

  3. // Copyright (c) 2016- Daniel Oaks <daniel@danieloaks.net>

  4. // released under the MIT license

  5. 

  6. package main

  7. 

  8. import (

  9. 	"crypto/ecdsa"

  10. 	"crypto/elliptic"

  11. 	"crypto/rand"

  12. 	"crypto/x509"

  13. 	"crypto/x509/pkix"

  14. 	"encoding/pem"

  15. 	"fmt"

  16. 	"log"

  17. 	"math/big"

  18. 	"net"

  19. 	"os"

  20. 	"syscall"

  21. 	"time"

  22. 

  23. 	"github.com/DanielOaks/oragono/irc"

  24. 	"github.com/docopt/docopt-go"

  25. 	"golang.org/x/crypto/ssh/terminal"

  26. )

  27. 

  28. func main() {

  29. 	version := irc.SEM_VER

  30. 	usage := `oragono.

  31. Usage:

  32. 	oragono initdb [--conf <filename>]

  33. 	oragono upgradedb [--conf <filename>]

  34. 	oragono genpasswd [--conf <filename>]

  35. 	oragono createcerts [--conf <filename>]

  36. 	oragono run [--conf <filename>]

  37. 	oragono -h | --help

  38. 	oragono --version

  39. Options:

  40. 	--conf <filename>  Configuration file to use [default: ircd.yaml].

  41. 	-h --help          Show this screen.

  42. 	--version          Show version.`

  43. 

  44. 	arguments, _ := docopt.Parse(usage, nil, true, version, false)

  45. 

  46. 	configfile := arguments["--conf"].(string)

  47. 	config, err := irc.LoadConfig(configfile)

  48. 	if err != nil {

  49. 		log.Fatal("Config file did not load successfully:", err.Error())

  50. 	}

  51. 

  52. 	if arguments["genpasswd"].(bool) {

  53. 		fmt.Print("Enter Password: ")

  54. 		bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))

  55. 		if err != nil {

  56. 			log.Fatal("Error reading password:", err.Error())

  57. 		}

  58. 		password := string(bytePassword)

  59. 		encoded, err := irc.GenerateEncodedPassword(password)

  60. 		if err != nil {

  61. 			log.Fatalln("encoding error:", err)

  62. 		}

  63. 		fmt.Print("\n")

  64. 		fmt.Println(encoded)

  65. 	} else if arguments["initdb"].(bool) {

  66. 		irc.InitDB(config.Server.Database)

  67. 		log.Println("database initialized: ", config.Server.Database)

  68. 	} else if arguments["upgradedb"].(bool) {

  69. 		irc.UpgradeDB(config.Server.Database)

  70. 		log.Println("database upgraded: ", config.Server.Database)

  71. 	} else if arguments["createcerts"].(bool) {

  72. 		log.Println("creating self-signed certificates")

  73. 

  74. 		for name, conf := range config.Server.TLSListeners {

  75. 			log.Printf(" creating cert for %s listener\n", name)

  76. 			host := config.Server.Name

  77. 			validFrom := time.Now()

  78. 			validFor := 365 * 24 * time.Hour

  79. 			notAfter := validFrom.Add(validFor)

  80. 

  81. 			priv, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)

  82. 

  83. 			serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)

  84. 			serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)

  85. 			if err != nil {

  86. 				log.Fatalf("failed to generate serial number: %s", err)

  87. 			}

  88. 

  89. 			template := x509.Certificate{

  90. 				SerialNumber: serialNumber,

  91. 				Subject: pkix.Name{

  92. 					Organization: []string{"Oragono"},

  93. 				},

  94. 				NotBefore: validFrom,

  95. 				NotAfter:  notAfter,

  96. 

  97. 				KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,

  98. 				ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},

  99. 				BasicConstraintsValid: true,

  100. 			}

  101. 

  102. 			// TODO: allow explicitly listing allowed addresses/names

  103. 			template.IPAddresses = append(template.IPAddresses, net.ParseIP("127.0.0.1"))

  104. 			template.IPAddresses = append(template.IPAddresses, net.ParseIP("::1"))

  105. 			template.DNSNames = append(template.DNSNames, host)

  106. 			template.DNSNames = append(template.DNSNames, "localhost")

  107. 

  108. 			derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)

  109. 			if err != nil {

  110. 				log.Fatalf("Failed to create certificate: %s", err)

  111. 			}

  112. 

  113. 			certOut, err := os.Create(conf.Cert)

  114. 			if err != nil {

  115. 				log.Fatalf("failed to open %s for writing: %s", conf.Cert, err)

  116. 			}

  117. 			pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes})

  118. 			certOut.Close()

  119. 			log.Printf("  wrote %s\n", conf.Cert)

  120. 

  121. 			keyOut, err := os.OpenFile(conf.Key, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)

  122. 			if err != nil {

  123. 				log.Print("failed to open %s for writing:", conf.Key, err)

  124. 				return

  125. 			}

  126. 			b, err := x509.MarshalECPrivateKey(priv)

  127. 			if err != nil {

  128. 				fmt.Fprintf(os.Stderr, "Unable to marshal ECDSA private key: %v", err)

  129. 				os.Exit(2)

  130. 			}

  131. 			pemBlock := pem.Block{Type: "EC PRIVATE KEY", Bytes: b}

  132. 			pem.Encode(keyOut, &pemBlock)

  133. 			keyOut.Close()

  134. 			log.Printf("  wrote %s\n", conf.Key)

  135. 		}

  136. 	} else if arguments["run"].(bool) {

  137. 		irc.Log.SetLevel(config.Server.Log)

  138. 		server := irc.NewServer(config)

  139. 		log.Println(irc.SEM_VER, "running")

  140. 		defer log.Println(irc.SEM_VER, "exiting")

  141. 		server.Run()

  142. 	}

  143. }