diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/configreader.h | 10 | ||||
-rw-r--r-- | include/inspircd.h | 7 | ||||
-rw-r--r-- | include/modules.h | 26 | ||||
-rw-r--r-- | include/users.h | 24 |
4 files changed, 42 insertions, 25 deletions
diff --git a/include/configreader.h b/include/configreader.h index d9171d0fa..fb187048b 100644 --- a/include/configreader.h +++ b/include/configreader.h @@ -187,11 +187,11 @@ struct MultiConfig /** Tag name */ const char* tag; /** One or more items within tag */ - char* items[17]; + char* items[18]; /** One or more defaults for items within tags */ - char* items_default[17]; + char* items_default[18]; /** One or more data types */ - int datatype[17]; + int datatype[18]; /** Initialization function */ MultiNotify init_function; /** Validation function */ @@ -326,6 +326,10 @@ class CoreExport ServerConfig : public Extensible */ char restartpass[MAXBUF]; + /** The hash method for *BOTH* the die and restart passwords. + */ + char powerhash[MAXBUF]; + /** The pathname and filename of the message of the * day file, as defined by the administrator. */ diff --git a/include/inspircd.h b/include/inspircd.h index 325b4c8fe..fb6b313a2 100644 --- a/include/inspircd.h +++ b/include/inspircd.h @@ -779,15 +779,16 @@ class CoreExport InspIRCd : public classbase */ long Duration(const std::string &str); - /** Attempt to compare an oper password to a string from the config file. + /** Attempt to compare a password to a string from the config file. * This will be passed to handling modules which will compare the data * against possible hashed equivalents in the input string. + * @param ex The object (user, server, whatever) causing the comparison. * @param data The data from the config file * @param input The data input by the oper - * @param tagnum the tag number of the oper's tag in the config file + * @param hashtype The hash from the config file * @return 0 if the strings match, 1 or -1 if they do not */ - int OperPassCompare(const char* data,const char* input, int tagnum); + int PassCompare(Extensible* ex, const char* data,const char* input, const char* hashtype); /** Check if a given server is a uline. * An empty string returns true, this is by design. diff --git a/include/modules.h b/include/modules.h index 5fc4ac4bc..1cb3d36c5 100644 --- a/include/modules.h +++ b/include/modules.h @@ -397,11 +397,11 @@ enum Implementation I_OnDelLine, I_OnExpireLine, I_OnCleanup, I_OnUserPostNick, I_OnAccessCheck, I_On005Numeric, I_OnKill, I_OnRemoteKill, I_OnLoadModule, I_OnUnloadModule, I_OnBackgroundTimer, I_OnPreCommand, I_OnCheckReady, I_OnCheckInvite, I_OnRawMode, I_OnCheckKey, I_OnCheckLimit, I_OnCheckBan, I_OnStats, I_OnChangeLocalUserHost, I_OnChangeLocalUserGecos, I_OnLocalTopicChange, - I_OnPostLocalTopicChange, I_OnEvent, I_OnRequest, I_OnOperCompre, I_OnGlobalOper, I_OnPostConnect, I_OnAddBan, I_OnDelBan, + I_OnPostLocalTopicChange, I_OnEvent, I_OnRequest, I_OnGlobalOper, I_OnPostConnect, I_OnAddBan, I_OnDelBan, I_OnRawSocketAccept, I_OnRawSocketClose, I_OnRawSocketWrite, I_OnRawSocketRead, I_OnChangeLocalUserGECOS, I_OnUserRegister, - I_OnOperCompare, I_OnChannelPreDelete, I_OnChannelDelete, I_OnPostOper, I_OnSyncOtherMetaData, I_OnSetAway, I_OnCancelAway, I_OnUserList, + I_OnChannelPreDelete, I_OnChannelDelete, I_OnPostOper, I_OnSyncOtherMetaData, I_OnSetAway, I_OnCancelAway, I_OnUserList, I_OnPostCommand, I_OnPostJoin, I_OnWhoisLine, I_OnBuildExemptList, I_OnRawSocketConnect, I_OnGarbageCollect, I_OnBufferFlushed, - I_OnText, I_OnReadConfig, I_OnDownloadFile, + I_OnText, I_OnReadConfig, I_OnDownloadFile, I_OnPassCompare, I_END }; @@ -1195,17 +1195,17 @@ class CoreExport Module : public Extensible */ virtual char* OnRequest(Request* request); - /** Called whenever an oper password is to be compared to what a user has input. + /** Called whenever a password check is to be made. Replaces the old OldOperCompare API. * The password field (from the config file) is in 'password' and is to be compared against - * 'input'. This method allows for encryption of oper passwords and much more besides. - * You should return a nonzero value if you want to allow the comparison or zero if you wish - * to do nothing. - * @param password The oper's password - * @param input The password entered - * @param tagnumber The tag number (from the configuration file) of this oper's tag - * @return 1 to match the passwords, 0 to do nothing. -1 to not match, and not continue. - */ - virtual int OnOperCompare(const std::string &password, const std::string &input, int tagnumber); + * 'input'. This method allows for encryption of passwords (oper, connect:allow, die/restart, etc). + * You should return a nonzero value to override the normal comparison, or zero to pass it on. + * @param ex The object that's causing the authentication (User* for <oper> <connect:allow> etc, Server* for <link>). + * @param password The password from the configuration file (the password="" value). + * @param input The password entered by the user or whoever. + * @param hashtype The hash value from the config + * @return 0 to do nothing (pass on to next module/default), 1 == password is OK, -1 == password is not OK + */ + virtual int OnPassCompare(Extensible* ex, const std::string &password, const std::string &input, const std::string& hashtype); /** Called whenever a user is given usermode +o, anywhere on the network. * You cannot override this and prevent it from happening as it is already happened and diff --git a/include/users.h b/include/users.h index d9330d427..3d98f9632 100644 --- a/include/users.h +++ b/include/users.h @@ -145,6 +145,10 @@ class CoreExport ConnectClass : public classbase */ std::string pass; + /** (Optional) Hash Method for this line + */ + std::string hash; + /** Threshold value for flood disconnect */ unsigned int threshold; @@ -179,7 +183,7 @@ public: */ ConnectClass(const ConnectClass* source) : classbase(), type(source->type), name(source->name), registration_timeout(source->registration_timeout), flood(source->flood), host(source->host), - pingtime(source->pingtime), pass(source->pass), threshold(source->threshold), sendqmax(source->sendqmax), + pingtime(source->pingtime), pass(source->pass), hash(source->hash), threshold(source->threshold), sendqmax(source->sendqmax), recvqmax(source->recvqmax), maxlocal(source->maxlocal), maxglobal(source->maxglobal), maxchans(source->maxchans), port(source->port), RefCount(0), disabled(false), limit(0) { @@ -187,7 +191,7 @@ public: /** Create a new connect class with no settings. */ - ConnectClass() : type(CC_DENY), name("unnamed"), registration_timeout(0), flood(0), host(""), pingtime(0), pass(""), + ConnectClass() : type(CC_DENY), name("unnamed"), registration_timeout(0), flood(0), host(""), pingtime(0), pass(""), hash(""), threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), RefCount(0), disabled(false), limit(0) { } @@ -199,6 +203,7 @@ public: * @param hst The IP mask to allow * @param ping The ping frequency * @param pas The password to be used + * @param hsh The hash to be used * @param thres The flooding threshold * @param sendq The maximum sendq value * @param recvq The maximum recvq value @@ -206,9 +211,9 @@ public: * @param maxg The maximum global sessions */ ConnectClass(const std::string &thename, unsigned int timeout, unsigned int fld, const std::string &hst, unsigned int ping, - const std::string &pas, unsigned int thres, unsigned long sendq, unsigned long recvq, + const std::string &pas, const std::string &hsh, unsigned int thres, unsigned long sendq, unsigned long recvq, unsigned long maxl, unsigned long maxg, unsigned int maxc, int p = 0) : - type(CC_ALLOW), name(thename), registration_timeout(timeout), flood(fld), host(hst), pingtime(ping), pass(pas), + type(CC_ALLOW), name(thename), registration_timeout(timeout), flood(fld), host(hst), pingtime(ping), pass(pas), hash(hsh), threshold(thres), sendqmax(sendq), recvqmax(recvq), maxlocal(maxl), maxglobal(maxg), maxchans(maxc), port(p), RefCount(0), disabled(false), limit(0) { } /** Create a new connect class to DENY connections @@ -216,7 +221,7 @@ public: * @param hst The IP mask to deny */ ConnectClass(const std::string &thename, const std::string &hst) : type(CC_DENY), name(thename), registration_timeout(0), - flood(0), host(hst), pingtime(0), pass(""), threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), RefCount(0), disabled(false), limit(0) + flood(0), host(hst), pingtime(0), pass(""), hash(""), threshold(0), sendqmax(0), recvqmax(0), maxlocal(0), maxglobal(0), maxchans(0), port(0), RefCount(0), disabled(false), limit(0) { } @@ -226,7 +231,7 @@ public: */ ConnectClass(const std::string &thename, const ConnectClass* source) : type(source->type), name(thename), registration_timeout(source->registration_timeout), flood(source->flood), host(source->host), - pingtime(source->pingtime), pass(source->pass), threshold(source->threshold), sendqmax(source->sendqmax), + pingtime(source->pingtime), pass(source->pass), hash(source->hash), threshold(source->threshold), sendqmax(source->sendqmax), recvqmax(source->recvqmax), maxlocal(source->maxlocal), maxglobal(source->maxglobal), maxchans(source->maxchans), port(source->port), RefCount(0), disabled(false), limit(0) { @@ -356,6 +361,13 @@ public: return pass; } + /** Returns the hash or an empty string + */ + const std::string& GetHash() + { + return hash; + } + /** Returns the flood threshold value */ unsigned int GetThreshold() |