1 files changed, 33 insertions, 37 deletions

diff --git a/src/modules/m_httpd_acl.cpp b/src/modules/m_httpd_acl.cpp
index c25cabc0a..3f67fffca 100644
--- a/src/modules/m_httpd_acl.cpp
+++ b/src/modules/m_httpd_acl.cpp
@@ -19,10 +19,7 @@
 
 
 #include "inspircd.h"
-#include "httpd.h"
-#include "protocol.h"
-
-/* $ModDesc: Provides access control lists (passwording of resources, ip restrictions etc) to m_httpd.so dependent modules */
+#include "modules/httpd.h"
 
 class HTTPACL
 {
@@ -37,19 +34,22 @@ class HTTPACL
 		const std::string &set_whitelist, const std::string &set_blacklist)
 		: path(set_path), username(set_username), password(set_password), whitelist(set_whitelist),
 		blacklist(set_blacklist) { }
-
-	~HTTPACL() { }
 };
 
-class ModuleHTTPAccessList : public Module
+class ModuleHTTPAccessList : public Module, public HTTPACLEventListener
 {
-
 	std::string stylesheet;
 	std::vector<HTTPACL> acl_list;
+	HTTPdAPI API;
 
  public:
+ 	ModuleHTTPAccessList()
+		: HTTPACLEventListener(this)
+		, API(this)
+	{
+	}
 
-	void OnRehash(User* user)
+	void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
 	{
 		acl_list.clear();
 		ConfigTagList acls = ServerInstance->Config->ConfTags("httpdacl");
@@ -86,38 +86,29 @@ class ModuleHTTPAccessList : public Module
 				}
 			}
 
-			ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Read ACL: path=%s pass=%s whitelist=%s blacklist=%s", path.c_str(),
+			ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Read ACL: path=%s pass=%s whitelist=%s blacklist=%s", path.c_str(),
 					password.c_str(), whitelist.c_str(), blacklist.c_str());
 
 			acl_list.push_back(HTTPACL(path, username, password, whitelist, blacklist));
 		}
 	}
 
-	void init()
-	{
-		OnRehash(NULL);
-		Implementation eventlist[] = { I_OnEvent, I_OnRehash };
-		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
-	}
-
-	void BlockAccess(HTTPRequest* http, int returnval, const std::string &extraheaderkey = "", const std::string &extraheaderval="")
+	void BlockAccess(HTTPRequest* http, unsigned int returnval, const std::string &extraheaderkey = "", const std::string &extraheaderval="")
 	{
-		ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "BlockAccess (%d)", returnval);
+		ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "BlockAccess (%u)", returnval);
 
 		std::stringstream data("Access to this resource is denied by an access control list. Please contact your IRC administrator.");
 		HTTPDocumentResponse response(this, *http, &data, returnval);
-		response.headers.SetHeader("X-Powered-By", "m_httpd_acl.so");
+		response.headers.SetHeader("X-Powered-By", MODNAME);
 		if (!extraheaderkey.empty())
 			response.headers.SetHeader(extraheaderkey, extraheaderval);
-		response.Send();
+		API->SendResponse(response);
 	}
 
-	void OnEvent(Event& event)
+	bool IsAccessAllowed(HTTPRequest* http)
 	{
-		if (event.id == "httpd_acl")
 		{
-			ServerInstance->Logs->Log("m_http_stats", DEBUG,"Handling httpd acl event");
-			HTTPRequest* http = (HTTPRequest*)&event;
+			ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Handling httpd acl event");
 
 			for (std::vector<HTTPACL>::const_iterator this_acl = acl_list.begin(); this_acl != acl_list.end(); ++this_acl)
 			{
@@ -133,10 +124,10 @@ class ModuleHTTPAccessList : public Module
 						{
 							if (InspIRCd::Match(http->GetIP(), entry, ascii_case_insensitive_map))
 							{
-								ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Denying access to blacklisted resource %s (matched by pattern %s) from ip %s (matched by entry %s)",
+								ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Denying access to blacklisted resource %s (matched by pattern %s) from ip %s (matched by entry %s)",
 										http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str(), entry.c_str());
 								BlockAccess(http, 403);
-								return;
+								return false;
 							}
 						}
 					}
@@ -155,16 +146,16 @@ class ModuleHTTPAccessList : public Module
 
 						if (!allow_access)
 						{
-							ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Denying access to whitelisted resource %s (matched by pattern %s) from ip %s (Not in whitelist)",
+							ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Denying access to whitelisted resource %s (matched by pattern %s) from ip %s (Not in whitelist)",
 									http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str());
 							BlockAccess(http, 403);
-							return;
+							return false;
 						}
 					}
 					if (!this_acl->password.empty() && !this_acl->username.empty())
 					{
 						/* Password auth, first look to see if we have a basic authentication header */
-						ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "Checking HTTP auth password for resource %s (matched by pattern %s) from ip %s, against username %s",
+						ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Checking HTTP auth password for resource %s (matched by pattern %s) from ip %s, against username %s",
 								http->GetURI().c_str(), this_acl->path.c_str(), http->GetIP().c_str(), this_acl->username.c_str());
 
 						if (http->headers->IsSet("Authorization"))
@@ -183,7 +174,7 @@ class ModuleHTTPAccessList : public Module
 
 								sep.GetToken(base64);
 								std::string userpass = Base64ToBin(base64);
-								ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "HTTP authorization: %s (%s)", userpass.c_str(), base64.c_str());
+								ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "HTTP authorization: %s (%s)", userpass.c_str(), base64.c_str());
 
 								irc::sepstream userpasspair(userpass, ':');
 								if (userpasspair.GetToken(user))
@@ -193,8 +184,8 @@ class ModuleHTTPAccessList : public Module
 									/* Access granted if username and password are correct */
 									if (user == this_acl->username && pass == this_acl->password)
 									{
-										ServerInstance->Logs->Log("m_httpd_acl", DEBUG, "HTTP authorization: password and username match");
-										return;
+										ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "HTTP authorization: password and username match");
+										return true;
 									}
 									else
 										/* Invalid password */
@@ -213,22 +204,27 @@ class ModuleHTTPAccessList : public Module
 							/* No password given at all, access denied */
 							BlockAccess(http, 401, "WWW-Authenticate", "Basic realm=\"Restricted Object\"");
 						}
+						return false;
 					}
 
 					/* A path may only match one ACL (the first it finds in the config file) */
-					return;
+					break;
 				}
 			}
 		}
+		return true;
 	}
 
-	virtual ~ModuleHTTPAccessList()
+	ModResult OnHTTPACLCheck(HTTPRequest& req) CXX11_OVERRIDE
 	{
+		if (IsAccessAllowed(&req))
+			return MOD_RES_PASSTHRU;
+		return MOD_RES_DENY;
 	}
 
-	virtual Version GetVersion()
+	Version GetVersion() CXX11_OVERRIDE
 	{
-		return Version("Provides access control lists (passwording of resources, ip restrictions etc) to m_httpd.so dependent modules", VF_VENDOR);
+		return Version("Provides access control lists (passwording of resources, ip restrictions etc) to m_httpd dependent modules", VF_VENDOR);
 	}
 };