summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/configreader.h10
-rw-r--r--include/inspircd.h7
-rw-r--r--include/modules.h26
-rw-r--r--include/users.h24
4 files changed, 42 insertions, 25 deletions
diff --git a/include/configreader.h b/include/configreader.h
index d9171d0fa..fb187048b 100644
--- a/include/configreader.h
+++ b/include/configreader.h
@@ -187,11 +187,11 @@ struct MultiConfig
/** Tag name */
const char* tag;
/** One or more items within tag */
- char* items[17];
+ char* items[18];
/** One or more defaults for items within tags */
- char* items_default[17];
+ char* items_default[18];
/** One or more data types */
- int datatype[17];
+ int datatype[18];
/** Initialization function */
MultiNotify init_function;
/** Validation function */
@@ -326,6 +326,10 @@ class CoreExport ServerConfig : public Extensible
*/
char restartpass[MAXBUF];
+ /** The hash method for *BOTH* the die and restart passwords.
+ */
+ char powerhash[MAXBUF];
+
/** The pathname and filename of the message of the
* day file, as defined by the administrator.
*/
diff --git a/include/inspircd.h b/include/inspircd.h
index 325b4c8fe..fb6b313a2 100644
--- a/include/inspircd.h
+++ b/include/inspircd.h
@@ -779,15 +779,16 @@ class CoreExport InspIRCd : public classbase
*/
long Duration(const std::string &str);
- /** Attempt to compare an oper password to a string from the config file.
+ /** Attempt to compare a password to a string from the config file.
* This will be passed to handling modules which will compare the data
* against possible hashed equivalents in the input string.
+ * @param ex The object (user, server, whatever) causing the comparison.
* @param data The data from the config file
* @param input The data input by the oper
- * @param tagnum the tag number of the oper's tag in the config file
+ * @param hashtype The hash from the config file
* @return 0 if the strings match, 1 or -1 if they do not
*/
- int OperPassCompare(const char* data,const char* input, int tagnum);
+ int PassCompare(Extensible* ex, const char* data,const char* input, const char* hashtype);
/** Check if a given server is a uline.
* An empty string returns true, this is by design.
diff --git a/include/modules.h b/include/modules.h
index 5fc4ac4bc..1cb3d36c5 100644
--- a/include/modules.h
+++ b/include/modules.h
@@ -397,11 +397,11 @@ enum Implementation
I_OnDelLine, I_OnExpireLine, I_OnCleanup, I_OnUserPostNick, I_OnAccessCheck, I_On005Numeric, I_OnKill, I_OnRemoteKill, I_OnLoadModule, I_OnUnloadModule,
I_OnBackgroundTimer, I_OnPreCommand, I_OnCheckReady, I_OnCheckInvite, I_OnRawMode,
I_OnCheckKey, I_OnCheckLimit, I_OnCheckBan, I_OnStats, I_OnChangeLocalUserHost, I_OnChangeLocalUserGecos, I_OnLocalTopicChange,
- I_OnPostLocalTopicChange, I_OnEvent, I_OnRequest, I_OnOperCompre, I_OnGlobalOper, I_OnPostConnect, I_OnAddBan, I_OnDelBan,
+ I_OnPostLocalTopicChange, I_OnEvent, I_OnRequest, I_OnGlobalOper, I_OnPostConnect, I_OnAddBan, I_OnDelBan,
I_OnRawSocketAccept, I_OnRawSocketClose, I_OnRawSocketWrite, I_OnRawSocketRead, I_OnChangeLocalUserGECOS, I_OnUserRegister,
- I_OnOperCompare, I_OnChannelPreDelete, I_OnChannelDelete, I_OnPostOper, I_OnSyncOtherMetaData, I_OnSetAway, I_OnCancelAway, I_OnUserList,
+ I_OnChannelPreDelete, I_OnChannelDelete, I_OnPostOper, I_OnSyncOtherMetaData, I_OnSetAway, I_OnCancelAway, I_OnUserList,
I_OnPostCommand, I_OnPostJoin, I_OnWhoisLine, I_OnBuildExemptList, I_OnRawSocketConnect, I_OnGarbageCollect, I_OnBufferFlushed,
- I_OnText, I_OnReadConfig, I_OnDownloadFile,
+ I_OnText, I_OnReadConfig, I_OnDownloadFile, I_OnPassCompare,
I_END
};
@@ -1195,17 +1195,17 @@ class CoreExport Module : public Extensible
*/
virtual char* OnRequest(Request* request);
- /** Called whenever an oper password is to be compared to what a user has input.
+ /** Called whenever a password check is to be made. Replaces the old OldOperCompare API.
* The password field (from the config file) is in 'password' and is to be compared against
- * 'input'. This method allows for encryption of oper passwords and much more besides.
- * You should return a nonzero value if you want to allow the comparison or zero if you wish
- * to do nothing.
- * @param password The oper's password
- * @param input The password entered
- * @param tagnumber The tag number (from the configuration file) of this oper's tag
- * @return 1 to match the passwords, 0 to do nothing. -1 to not match, and not continue.
- */
- virtual int OnOperCompare(const std::string &password, const std::string &input, int tagnumber);
+ * 'input'. This method allows for encryption of passwords (oper, connect:allow, die/restart, etc).
+ * You should return a nonzero value to override the normal comparison, or zero to pass it on.
+ * @param ex The object that's causing the authentication (User* for <oper> <connect:allow> etc, Server* for <link>).
+ * @param password The password from the configuration file (the password="" value).
+ * @param input The password entered by the user or whoever.
+ * @param hashtype The hash value from the config
+ * @return 0 to do nothing (pass on to next module/default), 1 == password is OK, -1 == password is not OK
+ */
+ virtual int OnPassCompare(Extensible* ex, const std::string &password, const std::string &input, const std::string& hashtype);
/** Called whenever a user is given usermode +o, anywhere on the network.
* You cannot override this and prevent it from happening as it is already happened and
diff --git a/include/users.h b/include/users.h
index d9330d427..3d98f9632 100644
--- a/include/users.h
+++ b/include/users.h
@@ -145,6 +145,10 @@ class CoreExport ConnectClass : public classbase
*/
std::string pass;
+ /** (Optional) Hash Method for this line
+ */
+ std::string hash;
+
/** Threshold value for flood disconnect
*/
unsigned int threshold;
@@ -179,7 +183,7 @@ public:
*/
ConnectClass(const ConnectClass* source) : classbase(), type(source->type), name(source->name),
registration_timeout(source->registration_timeout), flood(source->flood), host(source->host),
- pingtime(source->pingtime), pass(source->pass), threshold(source->threshold), sendqmax(source->sendqmax),
+ pingtime(source->pingtime), pass(source->pass), hash(source->hash), threshold(source->threshold), sendqmax(source->sendqmax),
recvqmax(source->recvqmax), maxlocal(source->maxlocal), maxglobal(source->maxglobal), maxchans(source->maxchans),
port(source->port), RefCount(0), disabled(false), limit(0)
{
@@ -187,7 +191,7 @@ public:
/** Create a new connect class with no settings.
*/
- ConnectClass() : type(CC_DENY), name("unnamed"), registration_timeout(0), flood(0), host(""), pingtime(0), pass(""),
+ ConnectClass() : type(CC_DENY), name("unnamed"), registration_timeout(0), flood(0), host(""), pingtime(0), pass(""), hash(""),
threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), RefCount(0), disabled(false), limit(0)
{
}
@@ -199,6 +203,7 @@ public:
* @param hst The IP mask to allow
* @param ping The ping frequency
* @param pas The password to be used
+ * @param hsh The hash to be used
* @param thres The flooding threshold
* @param sendq The maximum sendq value
* @param recvq The maximum recvq value
@@ -206,9 +211,9 @@ public:
* @param maxg The maximum global sessions
*/
ConnectClass(const std::string &thename, unsigned int timeout, unsigned int fld, const std::string &hst, unsigned int ping,
- const std::string &pas, unsigned int thres, unsigned long sendq, unsigned long recvq,
+ const std::string &pas, const std::string &hsh, unsigned int thres, unsigned long sendq, unsigned long recvq,
unsigned long maxl, unsigned long maxg, unsigned int maxc, int p = 0) :
- type(CC_ALLOW), name(thename), registration_timeout(timeout), flood(fld), host(hst), pingtime(ping), pass(pas),
+ type(CC_ALLOW), name(thename), registration_timeout(timeout), flood(fld), host(hst), pingtime(ping), pass(pas), hash(hsh),
threshold(thres), sendqmax(sendq), recvqmax(recvq), maxlocal(maxl), maxglobal(maxg), maxchans(maxc), port(p), RefCount(0), disabled(false), limit(0) { }
/** Create a new connect class to DENY connections
@@ -216,7 +221,7 @@ public:
* @param hst The IP mask to deny
*/
ConnectClass(const std::string &thename, const std::string &hst) : type(CC_DENY), name(thename), registration_timeout(0),
- flood(0), host(hst), pingtime(0), pass(""), threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), RefCount(0), disabled(false), limit(0)
+ flood(0), host(hst), pingtime(0), pass(""), hash(""), threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), RefCount(0), disabled(false), limit(0)
{
}
@@ -226,7 +231,7 @@ public:
*/
ConnectClass(const std::string &thename, const ConnectClass* source) : type(source->type), name(thename),
registration_timeout(source->registration_timeout), flood(source->flood), host(source->host),
- pingtime(source->pingtime), pass(source->pass), threshold(source->threshold), sendqmax(source->sendqmax),
+ pingtime(source->pingtime), pass(source->pass), hash(source->hash), threshold(source->threshold), sendqmax(source->sendqmax),
recvqmax(source->recvqmax), maxlocal(source->maxlocal), maxglobal(source->maxglobal), maxchans(source->maxchans),
port(source->port), RefCount(0), disabled(false), limit(0)
{
@@ -356,6 +361,13 @@ public:
return pass;
}
+ /** Returns the hash or an empty string
+ */
+ const std::string& GetHash()
+ {
+ return hash;
+ }
+
/** Returns the flood threshold value
*/
unsigned int GetThreshold()