From 20bea3078d67a090ebcca64bf3cdbd7e6ab6adb6 Mon Sep 17 00:00:00 2001 From: aquanight Date: Sun, 27 Jan 2008 00:12:11 +0000 Subject: Change API OnOperCompare to OnPassCompare, password hashing is now available for , , (m_customtitle.so), <vhost> (m_vhost.so), this works the same was as for <oper>: load m_password_hash.so (after all hasher modules, of course), and add hash="md5/sha256/whatever" to the relevant tag. Also fix m_callerid.cpp crashing on unload. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@8755 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/extra/m_ssl_oper_cert.cpp | 5 +- src/modules/m_callerid.cpp | 14 ++- src/modules/m_customtitle.cpp | 3 +- src/modules/m_oper_hash.cpp | 158 ---------------------------------- src/modules/m_password_hash.cpp | 157 +++++++++++++++++++++++++++++++++ src/modules/m_vhost.cpp | 3 +- 6 files changed, 175 insertions(+), 165 deletions(-) delete mode 100644 src/modules/m_oper_hash.cpp create mode 100644 src/modules/m_password_hash.cpp (limited to 'src/modules') diff --git a/src/modules/extra/m_ssl_oper_cert.cpp b/src/modules/extra/m_ssl_oper_cert.cpp index 074a75713..f82537c95 100644 --- a/src/modules/extra/m_ssl_oper_cert.cpp +++ b/src/modules/extra/m_ssl_oper_cert.cpp @@ -112,7 +112,6 @@ class ModuleOperSSLCert : public Module return false; } - virtual int OnPreCommand(const std::string &command, const char** parameters, int pcnt, User *user, bool validated, const std::string &original_line) { irc::string cmd = command.c_str(); @@ -125,6 +124,7 @@ class ModuleOperSSLCert : public Module std::string Password; std::string OperType; std::string HostName; + std::string HashType; std::string FingerPrint; bool SSLOnly; char* dummy; @@ -140,12 +140,13 @@ class ModuleOperSSLCert : public Module Password = cf->ReadValue("oper", "password", i); OperType = cf->ReadValue("oper", "type", i); HostName = cf->ReadValue("oper", "host", i); + HashType = cf->ReadValue("oper", "hash", i); FingerPrint = cf->ReadValue("oper", "fingerprint", i); SSLOnly = cf->ReadFlag("oper", "sslonly", i); if (SSLOnly || !FingerPrint.empty()) { - if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->OperPassCompare(Password.c_str(),parameters[1],i)) && (OneOfMatches(TheHost,TheIP,HostName.c_str()))) + if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->PassCompare(user, Password.c_str(),parameters[1], HashType.c_str())) && (OneOfMatches(TheHost,TheIP,HostName.c_str()))) { if (SSLOnly && !user->GetExt("ssl", dummy)) { diff --git a/src/modules/m_callerid.cpp b/src/modules/m_callerid.cpp index 6d7d8413f..d3df1948b 100644 --- a/src/modules/m_callerid.cpp +++ b/src/modules/m_callerid.cpp @@ -222,13 +222,13 @@ public: delete myumode; throw new ModuleException("Could not add usermode and command!"); } - Implementation eventlist[] = { I_OnRehash, I_OnUserPreNick, I_OnUserQuit, I_On005Numeric, I_OnUserPreNotice, I_OnUserPreMessage }; - ServerInstance->Modules->Attach(eventlist, this, 6); + Implementation eventlist[] = { I_OnRehash, I_OnUserPreNick, I_OnUserQuit, I_On005Numeric, I_OnUserPreNotice, I_OnUserPreMessage, I_OnCleanup }; + ServerInstance->Modules->Attach(eventlist, this, 7); } ~ModuleCallerID() { - delete mycommand; + delete myumode; } Version GetVersion() @@ -279,6 +279,14 @@ public: return 0; } + void OnCleanup(int type, void* item) + { + if (type != TYPE_USER) return; + User* u = (User*)item; + /* Cleanup only happens on unload (before dtor), so keep this O(n) instead of O(n^2) which deferring to OnUserQuit would do. */ + RemoveData(u); + } + int OnUserPreNick(User* user, const std::string& newnick) { if (!tracknick) diff --git a/src/modules/m_customtitle.cpp b/src/modules/m_customtitle.cpp index e3d84e10f..0caa2d6f5 100644 --- a/src/modules/m_customtitle.cpp +++ b/src/modules/m_customtitle.cpp @@ -59,11 +59,12 @@ bool OneOfMatches(const char* host, const char* ip, const char* hostlist) { std::string name = Conf.ReadValue("title", "name", "", i); std::string pass = Conf.ReadValue("title", "password", "", i); + std::string hash = Conf.ReadValue("title", "hash", "", i); std::string host = Conf.ReadValue("title", "host", "*@*", i); std::string title = Conf.ReadValue("title", "title", "", i); std::string vhost = Conf.ReadValue("title", "vhost", "", i); - if (!strcmp(name.c_str(),parameters[0]) && !strcmp(pass.c_str(),parameters[1]) && OneOfMatches(TheHost,TheIP,host.c_str()) && !title.empty()) + if (!strcmp(name.c_str(),parameters[0]) && !ServerInstance->PassCompare(user, pass.c_str(), parameters[1], hash.c_str()) && OneOfMatches(TheHost,TheIP,host.c_str()) && !title.empty()) { std::string* text; user->GetExt("ctitle", text); diff --git a/src/modules/m_oper_hash.cpp b/src/modules/m_oper_hash.cpp deleted file mode 100644 index e0ea8246a..000000000 --- a/src/modules/m_oper_hash.cpp +++ /dev/null @@ -1,158 +0,0 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ - * - * InspIRCd: (C) 2002-2008 InspIRCd Development Team - * See: http://www.inspircd.org/wiki/index.php/Credits - * - * This program is free but copyrighted software; see - * the file COPYING for details. - * - * --------------------------------------------------- - */ - -/* $ModDesc: Allows for hashed oper passwords */ -/* $ModDep: m_hash.h */ - -#include "inspircd.h" -#include "m_hash.h" - -typedef std::map<irc::string, Module*> hashymodules; - -/* Handle /MKPASSWD - */ -class CommandMkpasswd : public Command -{ - Module* Sender; - hashymodules &hashers; - std::deque<std::string> &names; - public: - CommandMkpasswd (InspIRCd* Instance, Module* S, hashymodules &h, std::deque<std::string> &n) - : Command(Instance,"MKPASSWD", 'o', 2), Sender(S), hashers(h), names(n) - { - this->source = "m_oper_hash.so"; - syntax = "<hashtype> <any-text>"; - } - - void MakeHash(User* user, const char* algo, const char* stuff) - { - /* Lets see if they gave us an algorithm which has been implemented */ - hashymodules::iterator x = hashers.find(algo); - if (x != hashers.end()) - { - /* Yup, reset it first (Always ALWAYS do this) */ - HashResetRequest(Sender, x->second).Send(); - /* Now attempt to generate a hash */ - user->WriteServ("NOTICE %s :%s hashed password for %s is %s",user->nick, algo, stuff, HashSumRequest(Sender, x->second, stuff).Send() ); - } - else - { - /* I dont do flying, bob. */ - user->WriteServ("NOTICE %s :Unknown hash type, valid hash types are: %s", user->nick, irc::stringjoiner(", ", names, 0, names.size() - 1).GetJoined().c_str() ); - } - } - - CmdResult Handle (const char** parameters, int pcnt, User *user) - { - MakeHash(user, parameters[0], parameters[1]); - /* NOTE: Don't propagate this across the network! - * We dont want plaintext passes going all over the place... - * To make sure it goes nowhere, return CMD_FAILURE! - */ - return CMD_FAILURE; - } -}; - -class ModuleOperHash : public Module -{ - - CommandMkpasswd* mycommand; - ConfigReader* Conf; - hashymodules hashers; /* List of modules which implement HashRequest */ - std::deque<std::string> names; /* Module names which implement HashRequest */ - - public: - - ModuleOperHash(InspIRCd* Me) - : Module(Me) - { - - /* Read the config file first */ - Conf = NULL; - OnRehash(NULL,""); - - /* Find all modules which implement the interface 'HashRequest' */ - modulelist* ml = ServerInstance->Modules->FindInterface("HashRequest"); - - /* Did we find any modules? */ - if (ml) - { - /* Yes, enumerate them all to find out the hashing algorithm name */ - for (modulelist::iterator m = ml->begin(); m != ml->end(); m++) - { - /* Make a request to it for its name, its implementing - * HashRequest so we know its safe to do this - */ - std::string name = HashNameRequest(this, *m).Send(); - /* Build a map of them */ - hashers[name.c_str()] = *m; - names.push_back(name); - } - } - else - { - throw ModuleException("I can't find any modules loaded which implement the HashRequest interface! You probably forgot to load a hashing module such as m_md5.so or m_sha256.so."); - } - - ServerInstance->Modules->UseInterface("HashRequest"); - - mycommand = new CommandMkpasswd(ServerInstance, this, hashers, names); - ServerInstance->AddCommand(mycommand); - Implementation eventlist[] = { I_OnRehash, I_OnOperCompare }; - ServerInstance->Modules->Attach(eventlist, this, 2); - } - - virtual ~ModuleOperHash() - { - ServerInstance->Modules->DoneWithInterface("HashRequest"); - } - - - virtual void OnRehash(User* user, const std::string ¶meter) - { - /* Re-read configuration file */ - if (Conf) - delete Conf; - - Conf = new ConfigReader(ServerInstance); - } - - virtual int OnOperCompare(const std::string &data, const std::string &input, int tagnumber) - { - /* First, lets see what hash theyre using on this oper */ - std::string hashtype = Conf->ReadValue("oper", "hash", tagnumber); - hashymodules::iterator x = hashers.find(hashtype.c_str()); - - /* Is this a valid hash name? (case insensitive) */ - if (x != hashers.end()) - { - /* Reset the hashing module */ - HashResetRequest(this, x->second).Send(); - /* Compare the hash in the config to the generated hash */ - if (!strcasecmp(data.c_str(), HashSumRequest(this, x->second, input.c_str()).Send())) - return 1; - /* No match, and must be hashed, forbid */ - else return -1; - } - - /* Not a hash, fall through to strcmp in core */ - return 0; - } - - virtual Version GetVersion() - { - return Version(1,1,0,1,VF_VENDOR,API_VERSION); - } -}; - -MODULE_INIT(ModuleOperHash) diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp new file mode 100644 index 000000000..45f986be8 --- /dev/null +++ b/src/modules/m_password_hash.cpp @@ -0,0 +1,157 @@ +/* +------------------------------------+ + * | Inspire Internet Relay Chat Daemon | + * +------------------------------------+ + * + * InspIRCd: (C) 2002-2008 InspIRCd Development Team + * See: http://www.inspircd.org/wiki/index.php/Credits + * + * This program is free but copyrighted software; see + * the file COPYING for details. + * + * --------------------------------------------------- + */ + +/* $ModDesc: Allows for hashed oper passwords */ +/* $ModDep: m_hash.h */ + +#include "inspircd.h" +#include "m_hash.h" + +typedef std::map<irc::string, Module*> hashymodules; + +/* Handle /MKPASSWD + */ +class CommandMkpasswd : public Command +{ + Module* Sender; + hashymodules &hashers; + std::deque<std::string> &names; + public: + CommandMkpasswd (InspIRCd* Instance, Module* S, hashymodules &h, std::deque<std::string> &n) + : Command(Instance,"MKPASSWD", 'o', 2), Sender(S), hashers(h), names(n) + { + this->source = "m_oper_hash.so"; + syntax = "<hashtype> <any-text>"; + } + + void MakeHash(User* user, const char* algo, const char* stuff) + { + /* Lets see if they gave us an algorithm which has been implemented */ + hashymodules::iterator x = hashers.find(algo); + if (x != hashers.end()) + { + /* Yup, reset it first (Always ALWAYS do this) */ + HashResetRequest(Sender, x->second).Send(); + /* Now attempt to generate a hash */ + user->WriteServ("NOTICE %s :%s hashed password for %s is %s",user->nick, algo, stuff, HashSumRequest(Sender, x->second, stuff).Send() ); + } + else + { + /* I dont do flying, bob. */ + user->WriteServ("NOTICE %s :Unknown hash type, valid hash types are: %s", user->nick, irc::stringjoiner(", ", names, 0, names.size() - 1).GetJoined().c_str() ); + } + } + + CmdResult Handle (const char** parameters, int pcnt, User *user) + { + MakeHash(user, parameters[0], parameters[1]); + /* NOTE: Don't propagate this across the network! + * We dont want plaintext passes going all over the place... + * To make sure it goes nowhere, return CMD_FAILURE! + */ + return CMD_FAILURE; + } +}; + +class ModuleOperHash : public Module +{ + + CommandMkpasswd* mycommand; + ConfigReader* Conf; + hashymodules hashers; /* List of modules which implement HashRequest */ + std::deque<std::string> names; /* Module names which implement HashRequest */ + + public: + + ModuleOperHash(InspIRCd* Me) + : Module(Me) + { + + /* Read the config file first */ + Conf = NULL; + OnRehash(NULL,""); + + /* Find all modules which implement the interface 'HashRequest' */ + modulelist* ml = ServerInstance->Modules->FindInterface("HashRequest"); + + /* Did we find any modules? */ + if (ml) + { + /* Yes, enumerate them all to find out the hashing algorithm name */ + for (modulelist::iterator m = ml->begin(); m != ml->end(); m++) + { + /* Make a request to it for its name, its implementing + * HashRequest so we know its safe to do this + */ + std::string name = HashNameRequest(this, *m).Send(); + /* Build a map of them */ + hashers[name.c_str()] = *m; + names.push_back(name); + } + } + else + { + throw ModuleException("I can't find any modules loaded which implement the HashRequest interface! You probably forgot to load a hashing module such as m_md5.so or m_sha256.so."); + } + + ServerInstance->Modules->UseInterface("HashRequest"); + + mycommand = new CommandMkpasswd(ServerInstance, this, hashers, names); + ServerInstance->AddCommand(mycommand); + Implementation eventlist[] = { I_OnRehash, I_OnPassCompare }; + ServerInstance->Modules->Attach(eventlist, this, 2); + } + + virtual ~ModuleOperHash() + { + ServerInstance->Modules->DoneWithInterface("HashRequest"); + } + + + virtual void OnRehash(User* user, const std::string ¶meter) + { + /* Re-read configuration file */ + if (Conf) + delete Conf; + + Conf = new ConfigReader(ServerInstance); + } + + virtual int OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) + { + /* First, lets see what hash theyre using on this oper */ + hashymodules::iterator x = hashers.find(hashtype.c_str()); + + /* Is this a valid hash name? (case insensitive) */ + if (x != hashers.end()) + { + /* Reset the hashing module */ + HashResetRequest(this, x->second).Send(); + /* Compare the hash in the config to the generated hash */ + if (!strcasecmp(data.c_str(), HashSumRequest(this, x->second, input.c_str()).Send())) + return 1; + /* No match, and must be hashed, forbid */ + else return -1; + } + + /* Not a hash, fall through to strcmp in core */ + return 0; + } + + virtual Version GetVersion() + { + return Version(1,1,0,1,VF_VENDOR,API_VERSION); + } +}; + +MODULE_INIT(ModuleOperHash) diff --git a/src/modules/m_vhost.cpp b/src/modules/m_vhost.cpp index 130a8acc5..371f99dfa 100644 --- a/src/modules/m_vhost.cpp +++ b/src/modules/m_vhost.cpp @@ -35,8 +35,9 @@ class CommandVhost : public Command std::string mask = Conf->ReadValue("vhost","host",index); std::string username = Conf->ReadValue("vhost","user",index); std::string pass = Conf->ReadValue("vhost","pass",index); + std::string hash = Conf->ReadValue("vhost","hash",index); - if ((!strcmp(parameters[0],username.c_str())) && (!strcmp(parameters[1],pass.c_str()))) + if ((!strcmp(parameters[0],username.c_str())) && !ServerInstance->PassCompare(user, pass.c_str(), parameters[1], hash.c_str())) { if (!mask.empty()) { -- cgit v1.2.3