diff options
| author | Thiago Crepaldi <thiago@thiagocrepaldi.com> | 2014-02-05 18:41:30 -0200 |
|---|---|---|
| committer | Attila Molnar <attilamolnar@hush.com> | 2014-02-07 18:10:20 +0100 |
| commit | 4ed0292914ca78aa419aab3add5b113c26b81a12 (patch) | |
| tree | 567f16d8c3f26b652b4b9d4313f4091dafce1aa8 | |
| parent | 9dd4108273d95204edbc366618da6500571267df (diff) | |
m_ldapauth.cpp: Allow multiple patterns for users to bypass LDAP auth
| -rw-r--r-- | docs/conf/modules.conf.example | 9 | ||||
| -rw-r--r-- | src/modules/m_ldapauth.cpp | 19 |
2 files changed, 19 insertions, 9 deletions
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index 9078771e5..2849cd1a8 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -980,7 +980,7 @@ # <ldapauth dbid="ldapdb" # # baserdn="ou=People,dc=brainbox,dc=cc" # # attribute="uid" # -# allowpattern="Guest*" # +# allowpattern="Guest* Bot*" # # killreason="Access denied" # # verbose="yes" # # host="$uid.$ou.inspircd.org"> # @@ -995,9 +995,10 @@ # The attribute value indicates the attribute which is used to locate # # a user account by name. On POSIX systems this is usually 'uid'. # # # -# The allowpattern value allows you to specify a wildcard mask which # -# will always be allowed to connect regardless of if they have an # -# account, for example guest users. # +# The allowpattern value allows you to specify a space separated list # +# of wildcard masks which will always be allowed to connect # +# regardless of if they have an account, for example guest and bot # +# users. # # # # Killreason indicates the QUIT reason to give to users if they fail # # to authenticate. # diff --git a/src/modules/m_ldapauth.cpp b/src/modules/m_ldapauth.cpp index 6b7c9d219..179fe6fca 100644 --- a/src/modules/m_ldapauth.cpp +++ b/src/modules/m_ldapauth.cpp @@ -264,7 +264,7 @@ class ModuleLDAPAuth : public Module LocalStringExt ldapVhost; std::string base; std::string attribute; - std::string allowpattern; + std::vector<std::string> allowpatterns; std::vector<std::string> whitelistedcidrs; bool useusername; @@ -287,7 +287,6 @@ public: base = tag->getString("baserdn"); attribute = tag->getString("attribute"); - allowpattern = tag->getString("allowpattern"); killreason = tag->getString("killreason"); vhost = tag->getString("host"); // Set to true if failed connects should be reported to operators @@ -316,6 +315,13 @@ public: if (!attr.empty() && !val.empty()) requiredattributes.push_back(make_pair(attr, val)); } + + std::string allowpattern = tag->getString("allowpattern"); + irc::spacesepstream ss(allowpattern); + for (std::string more; ss.GetToken(more); ) + { + allowpatterns.push_back(more); + } } void OnUserConnect(LocalUser *user) CXX11_OVERRIDE @@ -330,10 +336,13 @@ public: ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE { - if ((!allowpattern.empty()) && (InspIRCd::Match(user->nick,allowpattern))) + for (std::vector<std::string>::const_iterator i = allowpatterns.begin(); i != allowpatterns.end(); ++i) { - ldapAuthed.set(user,1); - return MOD_RES_PASSTHRU; + if (InspIRCd::Match(user->nick, *i)) + { + ldapAuthed.set(user,1); + return MOD_RES_PASSTHRU; + } } for (std::vector<std::string>::iterator i = whitelistedcidrs.begin(); i != whitelistedcidrs.end(); i++) |