Change this a LOT.

<oper blah.... hash="md5|sha256" pass="blah..."> It will now only check pass if you put the hash= in, people have been bugging for this for a while. note the m_oper_hash module will try and detect both m_sha256 and m_md5 now, and will provide /mkpasswd that can do either. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5862 e03df62e-2008-0410-955e-edbf42e46eb7
author: brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> 2006-12-05 19:36:26 +0000
committer: brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> 2006-12-05 19:36:26 +0000
commit: 2ade6284f9044792177664214e7097e23eccd280 (patch)
tree: f5b02542bce71336dcec381ec2385889c638c201 /src
parent: 3944671df30348225e5a93bd5e43449a84ee2011 (diff)
4 files changed, 75 insertions, 58 deletions
diff --git a/src/cmd_oper.cpp b/src/cmd_oper.cpp
index f7975a2e4..f7dd29920 100644
--- a/src/cmd_oper.cpp
+++ b/src/cmd_oper.cpp
@@ -69,7 +69,7 @@ CmdResult cmd_oper::Handle (const char** parameters, int pcnt, userrec *user)
 		ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "host", i, HostName, MAXBUF);
 
 		match_login = !strcmp(LoginName,parameters[0]);
-		match_pass = !ServerInstance->OperPassCompare(Password,parameters[1]);
+		match_pass = !ServerInstance->OperPassCompare(Password,parameters[1], i);
 		match_hosts = OneOfMatches(TheHost,TheIP,HostName);
 
 		if (match_login && match_pass && match_hosts)
diff --git a/src/command_parse.cpp b/src/command_parse.cpp
index d2b40806d..8d1955e7e 100644
--- a/src/command_parse.cpp
+++ b/src/command_parse.cpp
@@ -37,10 +37,10 @@ bool InspIRCd::ULine(const char* server)
 	return (find(Config->ulines.begin(),Config->ulines.end(),server) != Config->ulines.end());
 }
 
-int InspIRCd::OperPassCompare(const char* data,const char* input)
+int InspIRCd::OperPassCompare(const char* data,const char* input, int tagnumber)
 {
 	int MOD_RESULT = 0;
-	FOREACH_RESULT_I(this,I_OnOperCompare,OnOperCompare(data,input))
+	FOREACH_RESULT_I(this,I_OnOperCompare,OnOperCompare(data, input, tagnumber))
 	Log(DEBUG,"OperPassCompare: %d",MOD_RESULT);
 	if (MOD_RESULT == 1)
 		return 0;
diff --git a/src/modules.cpp b/src/modules.cpp
index 1e33eb26c..68859b627 100644
--- a/src/modules.cpp
+++ b/src/modules.cpp
@@ -148,7 +148,7 @@ int		Module::OnChangeLocalUserGECOS(userrec* user, const std::string &newhost) {
 int		Module::OnLocalTopicChange(userrec* user, chanrec* chan, const std::string &topic) { return 0; };
 void		Module::OnEvent(Event* event) { return; };
 char*		Module::OnRequest(Request* request) { return NULL; };
-int		Module::OnOperCompare(const std::string &password, const std::string &input) { return 0; };
+int		Module::OnOperCompare(const std::string &password, const std::string &input, int tagnumber) { return 0; };
 void		Module::OnGlobalOper(userrec* user) { };
 void		Module::OnPostConnect(userrec* user) { };
 int		Module::OnAddBan(userrec* source, chanrec* channel,const std::string &banmask) { return 0; };
diff --git a/src/modules/m_oper_hash.cpp b/src/modules/m_oper_hash.cpp
index 812228ca5..e38aee57a 100644
--- a/src/modules/m_oper_hash.cpp
+++ b/src/modules/m_oper_hash.cpp
@@ -28,40 +28,64 @@ using namespace std;
 #include "m_md5.h"
 #include "m_sha256.h"
 
-enum ProviderType
+enum ProviderTypes
 {
-	PROV_MD5,
-	PROV_SHA
+	PROV_MD5 = 1,
+	PROV_SHA = 2
 };
 
 /* Handle /MKPASSWD
  */
 class cmd_mkpasswd : public command_t
 {
-	Module* Provider;
+	Module* MD5Provider;
+	Module* SHAProvider;
 	Module* Sender;
-	ProviderType Prov;
+	int Prov;
  public:
-	cmd_mkpasswd (InspIRCd* Instance, Module* Sender, Module* Hasher, ProviderType P) : command_t(Instance,"MKPASSWD", 'o', 1), Provider(Hasher), Prov(P)
+	cmd_mkpasswd (InspIRCd* Instance, Module* Sender, Module* MD5Hasher, Module* SHAHasher, int P)
+		: command_t(Instance,"MKPASSWD", 'o', 2), MD5Provider(MD5Hasher), SHAProvider(SHAHasher), Prov(P)
 	{
 		this->source = "m_oper_hash.so";
-		syntax = "<any-text>";
+		syntax = "<hashtype> <any-text>";
 	}
 
 	CmdResult Handle (const char** parameters, int pcnt, userrec *user)
 	{
-		if (Prov == PROV_MD5)
+		if (!strcasecmp(parameters[0], "md5"))
 		{
-			MD5ResetRequest(Sender, Provider).Send();
-			user->WriteServ("NOTICE %s :MD5 hashed password for %s is %s",user->nick,parameters[0], MD5SumRequest(Sender, Provider, parameters[0]).Send() );
+			if ((Prov & PROV_MD5) > 0)
+			{
+				MD5ResetRequest(Sender, Provider).Send();
+				user->WriteServ("NOTICE %s :MD5 hashed password for %s is %s",user->nick, parameters[1], MD5SumRequest(Sender, Provider, parameters[1]).Send() );
+			}
+			else
+			{
+				user->WriteServ("NOTICE %s :MD5 hashing is not available (m_md5.so not loaded)");
+			}
+		}
+		else if (!strcasecmp(parameters[0], "sha256"))
+		{
+			if ((Prov & PROV_SHA) > 0)
+			{
+				SHA256ResetRequest(Sender, Provider).Send();
+				user->WriteServ("NOTICE %s :SHA256 hashed password for %s is %s",user->nick, parameters[1], SHA256SumRequest(Sender, Provider, parameters[1]).Send() );
+			}
+			else
+			{
+				user->WriteServ("NOTICE %s :SHA256 hashing is not available (m_sha256.so not loaded)");
+			}
 		}
 		else
 		{
-			SHA256ResetRequest(Sender, Provider).Send();
-			user->WriteServ("NOTICE %s :SHA256 hashed password for %s is %s",user->nick,parameters[0], SHA256SumRequest(Sender, Provider, parameters[0]).Send() );
+			user->WriteServ("NOTICE %s :Unknown hash type, valid hash types are 'sha256' and 'md5'");
 		}
 
-		return CMD_SUCCESS;
+		/* NOTE: Don't propogate this across the network!
+		 * We dont want plaintext passes going all over the place...
+		 * To make sure it goes nowhere, return CMD_FAILURE!
+		 */
+		return CMD_FAILURE;
 	}
 };
 
@@ -69,32 +93,28 @@ class ModuleOperHash : public Module
 {
 	
 	cmd_mkpasswd* mycommand;
-	Module* Provider;
+	Module* MD5Provider, SHAProvider;
 	std::string providername;
-	ProviderType ID;
+	int ID;
+	ConfigReader* Conf;
 
  public:
 
 	ModuleOperHash(InspIRCd* Me)
-		: Module::Module(Me)
+		: Module::Module(Me), Conf(NULL)
 	{
-		ConfigReader Conf(ServerInstance);
-		providername = Conf.ReadValue("operhash","algorithm",0);
-
-		if (providername.empty())
-			providername = "md5";
-
-		if (providername == "md5")
-			ID = PROV_MD5;
-		else
-			ID = PROV_SHA;
+		OnRehash("");
 
 		/* Try to find the md5 service provider, bail if it can't be found */
-		Provider = ServerInstance->FindModule(std::string("m_") + providername + ".so");
-		if (!Provider)
-			throw ModuleException(std::string("Can't find m_") + providername + ".so. Please load m_" + providername + ".so before m_oper_hash.so.");
+		MD5Provider = ServerInstance->FindModule("m_md5.so");
+		if (MD5Provider)
+			ID |= PROV_MD5;
+
+		SHAProvider = ServerInstance->FindModule("m_sha256.so");
+		if (SHAProvider)
+			ID |= PROV_SHA;
 
-		mycommand = new cmd_mkpasswd(ServerInstance, this, Provider, ID);
+		mycommand = new cmd_mkpasswd(ServerInstance, this, MD5Provider, SHAProvider, ID);
 		ServerInstance->AddCommand(mycommand);
 	}
 	
@@ -104,36 +124,33 @@ class ModuleOperHash : public Module
 
 	void Implements(char* List)
 	{
-		List[I_OnOperCompare] = 1;
+		List[I_OnRehash] = List[I_OnOperCompare] = 1;
 	}
 
-	virtual int OnOperCompare(const std::string &data, const std::string &input)
+	virtual void OnRehash(const std::string &parameter)
 	{
-		/* always always reset first */
-		if (ID == PROV_MD5)
+		if (Conf)
+			delete Conf;
+
+		Conf = new ConfigReader(ServerInstance);
+	}
+
+	virtual int OnOperCompare(const std::string &data, const std::string &input, int tagnumber)
+	{
+		std::string hashtype = Conf->ReadValue("oper", "hash", tagnumber);
+		if ((hashtype == "sha256") && (data.length() == SHA256_BLOCK_SIZE) && ((ID & PROV_SHA) > 0))
 		{
-			MD5ResetRequest(this, Provider).Send();
-			if (data.length() == 32) // if its 32 chars long, try it as an md5
-			{
-				/* Does it match the md5 sum? */
-				if (!strcasecmp(data.c_str(), MD5SumRequest(this, Provider, input.c_str()).Send()))
-				{
-					return 1;
-				}
-				else return 0;
-			}
+			SHA256ResetRequest(this, Provider).Send();
+			if (!strcasecmp(data.c_str(), SHA256SumRequest(this, Provider, input.c_str()).Send()))
+				return 1;
+			else return -1;
 		}
-		else
+		else if ((hashtype == "md5") && (data.length() == 32) && ((ID & PROV_MD5) > 0))
 		{
-			SHA256ResetRequest(this, Provider).Send();
-			if (data.length() == SHA256_BLOCK_SIZE)
-			{
-				if (!strcasecmp(data.c_str(), SHA256SumRequest(this, Provider, input.c_str()).Send()))
-				{
-					return 1;
-				}
-				else return 0;
-			}
+			MD5ResetRequest(this, Provider).Send();
+			if (!strcasecmp(data.c_str(), MD5SumRequest(this, Provider, input.c_str()).Send()))
+				return 1;
+			else return -1;
 		}
 		return 0;
 	}
author	brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>	2006-12-05 19:36:26 +0000
committer	brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>	2006-12-05 19:36:26 +0000
commit	2ade6284f9044792177664214e7097e23eccd280 (patch)
tree	f5b02542bce71336dcec381ec2385889c638c201 /src
parent	3944671df30348225e5a93bd5e43449a84ee2011 (diff)