alpha code -- first commit

addtoken

@@ -0,0 +1 @@
+magic_run

createdb

@@ -0,0 +1 @@
+magic_run

deletedb

@@ -0,0 +1 @@
+addtoken

door/addtoken.lua

@@ -0,0 +1,37 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'helper'
+require 'config'
+require 'token'
+
+print "* adding token ..."
+
+env = luasql.postgres()
+con = env:connect(config.db)
+
+print "current users:"
+for name in rows(con,"select name from users;") do print(name) end
+
+io.stdout:write("enter name: ")
+name = io.stdin:read()
+
+if name == "" then
+    print "* action canceled"
+  else
+    cur = con:execute("insert into users (name, ntc) values ('"..name.."', 1);")
+    if cur == 1 then
+        print("* add user " .. name)
+      else
+        assert(con:execute("update users set ntc=ntc+1 where name='"..name.."';"))
+    end
+    token = generate_token()
+    print "* generate token"
+    ttl = os.time() + config.ttl 
+    assert(con:execute("insert into tokens (pid, valid, token, ttl) values (NULL, true, '"..token.."', "..ttl..");"))
+    print "* add token:"
+    print(token)
+end
+
+con:close()
+env:close()

door/base64.lua

@@ -0,0 +1,77 @@
+-- working lua base64 codec (c) 2006-2008 by Alex Kloss
+-- compatible with lua 5.0
+-- http://www.it-rfc.de
+-- licensed under the terms of the LGPL2
+
+-- bitshift functions (<<, >> equivalent)
+-- shift left
+local function lsh(value,shift)
+	return math.mod((value*(2^shift)), 256)
+end
+
+-- shift right
+local function rsh(value,shift)
+	return math.mod(math.floor(value/2^shift), 256)
+end
+
+-- return single bit (for OR)
+local function bit(x,b)
+	return (math.mod(x, 2^b) - math.mod(x, 2^(b-1)) > 0)
+end
+
+-- logic OR for number values
+local function lor(x,y)
+	result = 0
+	for p=1,8 do result = result + (((bit(x,p) or bit(y,p)) == true) and 2^(p-1) or 0) end
+	return result
+end
+
+-- encryption table
+local base64chars = {[0]='A',[1]='B',[2]='C',[3]='D',[4]='E',[5]='F',[6]='G',[7]='H',[8]='I',[9]='J',[10]='K',[11]='L',[12]='M',[13]='N',[14]='O',[15]='P',[16]='Q',[17]='R',[18]='S',[19]='T',[20]='U',[21]='V',[22]='W',[23]='X',[24]='Y',[25]='Z',[26]='a',[27]='b',[28]='c',[29]='d',[30]='e',[31]='f',[32]='g',[33]='h',[34]='i',[35]='j',[36]='k',[37]='l',[38]='m',[39]='n',[40]='o',[41]='p',[42]='q',[43]='r',[44]='s',[45]='t',[46]='u',[47]='v',[48]='w',[49]='x',[50]='y',[51]='z',[52]='0',[53]='1',[54]='2',[55]='3',[56]='4',[57]='5',[58]='6',[59]='7',[60]='8',[61]='9',[62]='-',[63]='_'}
+
+-- function encode
+-- encodes input string to base64.
+function enc(data)
+	local bytes = {}
+	local result = ""
+	for spos=0,string.len(data)-1,3 do
+		for byte=1,3 do bytes[byte] = string.byte(string.sub(data,(spos+byte))) or 0 end
+		result = string.format('%s%s%s%s%s',
+			result,
+			base64chars[rsh(bytes[1],2)],
+			base64chars[lor(lsh((math.mod(bytes[1], 4)),4), rsh(bytes[2],4))] or "=",
+			((string.len(data)-spos) > 1) and base64chars[lor(lsh(
+				math.mod(bytes[2], 16)
+			,2), rsh(bytes[3],6))] or "=",
+			((string.len(data)-spos) > 2) and base64chars[(math.mod(bytes[3], 64))] or "="
+		)
+	end
+	return result
+end
+
+-- decryption table
+local base64bytes = {['A']=0,['B']=1,['C']=2,['D']=3,['E']=4,['F']=5,['G']=6,['H']=7,['I']=8,['J']=9,['K']=10,['L']=11,['M']=12,['N']=13,['O']=14,['P']=15,['Q']=16,['R']=17,['S']=18,['T']=19,['U']=20,['V']=21,['W']=22,['X']=23,['Y']=24,['Z']=25,['a']=26,['b']=27,['c']=28,['d']=29,['e']=30,['f']=31,['g']=32,['h']=33,['i']=34,['j']=35,['k']=36,['l']=37,['m']=38,['n']=39,['o']=40,['p']=41,['q']=42,['r']=43,['s']=44,['t']=45,['u']=46,['v']=47,['w']=48,['x']=49,['y']=50,['z']=51,['0']=52,['1']=53,['2']=54,['3']=55,['4']=56,['5']=57,['6']=58,['7']=59,['8']=60,['9']=61,['-']=62,['_']=63,['=']=nil}
+
+function is_b64_char(c)
+	return base64bytes[c] ~= nil
+end
+
+-- function decode
+-- decode base64 input to string
+function dec(data)
+	local chars = {}
+	local result=""
+	for dpos=0,string.len(data)-1,4 do
+		for char=1,4 do chars[char] = base64bytes[(string.sub(data,(dpos+char),(dpos+char)) or "=")] end
+		result = string.format('%s%s%s%s',
+			result,
+			string.char(lor(lsh(chars[1],2), rsh(chars[2],4))),
+			(chars[3] ~= nil) and string.char(lor(lsh(chars[2],4), rsh(chars[3],2))) or "",
+			(chars[4] ~= nil) and string.char(lor(math.mod(lsh(chars[3],6), 192), (chars[4]))) or ""
+		)
+	end
+	return result
+end
+
+module('base64',package.seeall)
+

door/config.lua

@@ -0,0 +1,11 @@
+#!/usr/bin/env lua
+
+config = {
+  ['db'] = "cricket",
+  ['open_cmd'] = "ssh root@fe80::218:84ff:fe1d:3fbc%eth0 door",
+  ['key_len'] = 164,				-- key_len/8*6 must be an integer!!!1!
+  ['ttl'] = 60 * 60 * 24 * 7 * 8,	-- s m h d w factor Time To Life (while alive)
+  ['ttrd'] = 60 * 60 * 24 * 365,	-- s m h d y Time To Real Death (while in graveyard)
+  ['ruttl'] = 60 * 60 * 24 * 7,		-- s m h d   Random Used Time To Life (after used) (will be randomized)
+}
+

door/createdb.lua

@@ -0,0 +1,17 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'config'
+
+print("* creating db ...")
+
+len = config.key_len
+env = luasql.postgres()
+con = env:connect(config.db)
+
+assert(con:execute("create table tokens ( id serial primary key, pid int, valid bool not null, token char("..len..") unique not null, ttl int );")) -- ttl - time to live
+assert(con:execute("create table graveyard ( token char("..len..") unique not null, ttrd int );")) -- ttrd - time to real death
+assert(con:execute("create table users ( name text primary key, ntc int );")) -- ntc - new token count
+
+con:close()
+env:close()

door/deletedb.lua

@@ -0,0 +1,31 @@
+#!/usr/bin/env lua
+
+require "luasql.postgres"
+require "config"
+
+print "* reset db ..."
+io.stdout:write("do you want to delete all tokens? [yes|no] ")
+first = io.stdin:read()
+if first == "yes" then
+  io.stdout:write("how should everybody feel about you? [hate|love] ")
+  second = io.stdin:read()
+  if second == "hate" then
+    io.stdout:write("really? [sure|no] ")
+    third = io.stdin:read()
+    if third == "sure" then
+      
+        env = luasql.postgres()
+        con = env:connect(config.db)
+        con:execute("drop table if exists graveyard;")
+        con:execute("drop table if exists tokens;")
+        con:execute("drop table if exists users;")
+        con:close()
+        env:close()
+
+        print "everybody hates you now 'cause all tokens are gone."
+
+      elseif third == "no" then
+        print "well done young padawan."
+    end
+  end
+end

door/door.lua

@@ -0,0 +1,9 @@
+#!/usr/bin/env lua
+
+function open_door()
+  require 'config'
+  os.execute(config.open_cmd)
+end
+
+open_door()
+

door/helper.lua

@@ -0,0 +1,19 @@
+
+function kill_stdio()
+  io.stdout:close()
+  io.stderr:close()
+  io.stdin:close()
+end
+
+function qspawn(program) -- quit  spawn
+  kill_stdio()
+  os.execute(program .. " &")
+end
+
+function rows(con, stmt)
+  local cur = assert (con:execute(stmt))
+  return function ()
+    return cur:fetch()
+  end
+end
+

door/listusers.lua

@@ -0,0 +1,16 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'helper'
+require 'config'
+
+env = luasql.postgres()
+con = env:connect(config.db)
+
+print "* current users:"
+print "-ntc-|-username----------------"
+for name, ntc in rows(con,"select * from users;") do print(string.format("%5s| %s",ntc,name)) end
+print "(ntc - new token count)"
+
+con:close()
+env:close()

door/open.lua

@@ -0,0 +1,37 @@
+#!/usr/bin/env lua
+
+require 'helper'
+require 'token'
+require 'config'
+
+function fail(msg)
+    print "Status: 423 Locked"
+    print ""
+    print("Error: " .. msg)
+end
+
+print "Content-Type: text/plain"
+
+token = os.getenv("QUERY_STRING")
+
+if token == nil or token == "" then
+    fail("No token given")
+  else
+    if token:sub(1, 2) == "t=" then
+      token = token:sub(3)
+    end
+
+    if token:len() == config.key_len then
+        print ""
+        id = check_token(token)
+        token = generate_token()
+        if id ~= false then
+          add_token(id, token)
+          qspawn("door")
+        end
+        print(token)
+      else
+        fail("Invalid token")
+    end
+
+end

door/revoke.lua

@@ -0,0 +1,15 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'helper'
+require 'config'
+
+print "* revoking token ..."
+
+env = luasql.postgres()
+con = env:connect(config.db)
+
+print "¡! not yet implemented"
+
+con:close()
+env:close()

door/statistic.lua

@@ -0,0 +1,18 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'helper'
+require 'config'
+
+env = luasql.postgres()
+con = env:connect(config.db)
+
+print "* statistic:"
+
+print("unvalid tokens: "..con:execute("select count(*) from tokens where valid=false;"):fetch())
+print("valid tokens: "..con:execute("select count(*) from tokens where valid=true;"):fetch())
+print("dead tokens: "..con:execute("select count(*) from graveyard;"):fetch())
+print("users: "..con:execute("select count(*) from users;"):fetch())
+
+con:close()
+env:close()

door/token.lua

@@ -0,0 +1,45 @@
+#!/usr/bin/env lua
+
+require 'luasql.postgres'
+require 'config'
+require 'base64'
+local base64 = enc
+
+function generate_token() -- generates a new token (the next)
+  local len = config.key_len / 8 * 6
+  local f = io.open("/dev/urandom","r")
+  local r = f:read(len)
+  return base64(r)
+end
+
+function add_token(id, token) -- add token to the database
+  local env = luasql.postgres()
+  local con = env:connect(config.db)
+
+  local now = os.time()
+  math.randomseed(now)
+  local ttl = now + config.ttl + math.floor(math.random() * config.ruttl)
+  local ttrd = config.ttrd  + math.floor(math.random() * config.ruttl) 
+  local ruttl = math.floor((math.random()+0.5) * config.ruttl)
+  local update = "update tokens set ttl=ttl+"..ruttl..", valid=false where id="..id..";"
+  local insert = "insert into tokens (pid, valid, token, ttl) values ("..id..", true, '"..token.."', "..ttl..");"
+  local gravedigger = "insert into graveyard (token, ttrd) select token, ttl+"..ttrd.." from tokens where ttl<"..now.." and valid=true;"
+  local clean = "delete from tokens where ttl<"..now..";"
+  local dig = "delete from graveyard where ttrd<"..now..";"
+  assert(con:execute(update .. insert .. gravedigger .. clean .. dig))
+
+  con:close()
+  env:close()
+end
+
+function check_token(token) -- checks if the token is valid
+  for c in token:gmatch(".") do if not is_b64_char(c) then return false end end
+  local env = luasql.postgres()
+  local con = env:connect(config.db)
+  result = con:execute("select id from tokens where token='"..token.."' and valid=true;"):fetch() 
+  if result == nil then result = false end
+  con:close()
+  env:close()
+  return result
+end
+

listusers

@@ -0,0 +1 @@
+magic_run

magic_run

@@ -0,0 +1,6 @@
+#!/bin/sh
+
+f=`basename $0`
+cd /home/cricket/door/
+lua $f.lua
+

open

@@ -0,0 +1 @@
+magic_run

revoke

@@ -0,0 +1 @@
+magic_run

statistic

@@ -0,0 +1 @@
+magic_run

www/index.html

@@ -0,0 +1,12 @@
+<html>
+	<head>
+	<link rel="stylesheet" type="text/css" href="./mole.css">
+	</head>
+	<body>
+		<img width="500" height="120" src="./moleflap.png" alt="MoleFlap" border="0"/><br/>
+		<form action="open" method="get"><textarea name="t" cols="41" rows="4" wrap="soft"></textarea><br/>
+		<input type="submit" value="Open Door Please!"></form><br/>
+		<small>Or use the <a href="opendoor">script</a>!</small><br/><br/>
+		<small>Powered by<br/><img width="80" height="121" src="./mole_people.jpg" alt="Mole People" border="0"/>
+	</body>
+</html>

www/mole.css

@@ -0,0 +1,8 @@
+body {
+  width: 80%;
+  padding: 5%;
+  margin: 0%;
+  text-align: center;
+  font-size: 10px;
+  font-family: monospace;
+}

www/open

@@ -0,0 +1 @@
+/home/cricket/open

www/opendoor

@@ -0,0 +1,24 @@
+#!/bin/sh
+echo "* try to open tronlab's moleflap"
+
+HOST='moleflap'
+STORE=~/.moletoken.c3d2
+
+if [ -e $STORE ]
+then
+	token=`cat $STORE`
+else
+	echo "Please enter your valid token:"
+	read token
+fi
+
+newtoken=`wget -qO - http://$HOST/open?$token`
+
+if [ "$?" -eq "0" ]
+then
+	echo "* check door ..."
+	echo "$newtoken" > $STORE
+else
+	echo "* moleflap unreachable"
+fi
+