summaryrefslogtreecommitdiff
path: root/src/modules/extra
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/extra')
-rw-r--r--src/modules/extra/README3
-rw-r--r--src/modules/extra/m_ldapauth.cpp21
2 files changed, 22 insertions, 2 deletions
diff --git a/src/modules/extra/README b/src/modules/extra/README
index 6dc9bb18a..2478b57cf 100644
--- a/src/modules/extra/README
+++ b/src/modules/extra/README
@@ -3,8 +3,7 @@ For example, m_filter_pcre requires the PCRE libraries.
To compile any of these modules first ensure you have the required dependencies
(read the online documentation at http://wiki.inspircd.org/) and then symlink
-the .cpp file from this directory into the parent directory (src/modules/) and
-re-configure your inspircd with ./configure -modupdate to detect the new module.
+the .cpp file from this directory into the parent directory (src/modules/).
Alternatively, use the command: ./configure --enable-extras=m_extra.cpp, which will
automatically take care of symlinking the module of that name and any headers it needs
diff --git a/src/modules/extra/m_ldapauth.cpp b/src/modules/extra/m_ldapauth.cpp
index 4fae7a2e7..a3d80b8f3 100644
--- a/src/modules/extra/m_ldapauth.cpp
+++ b/src/modules/extra/m_ldapauth.cpp
@@ -46,6 +46,7 @@ class ModuleLDAPAuth : public Module
std::string killreason;
std::string username;
std::string password;
+ std::vector<std::string> whitelistedcidrs;
int searchscope;
bool verbose;
bool useusername;
@@ -73,6 +74,7 @@ public:
void OnRehash(User* user)
{
ConfigReader Conf;
+ whitelistedcidrs.clear();
base = Conf.ReadValue("ldapauth", "baserdn", 0);
attribute = Conf.ReadValue("ldapauth", "attribute", 0);
@@ -85,6 +87,16 @@ public:
verbose = Conf.ReadFlag("ldapauth", "verbose", 0); /* Set to true if failed connects should be reported to operators */
useusername = Conf.ReadFlag("ldapauth", "userfield", 0);
+ ConfigTagList whitelisttags = ServerInstance->Config->ConfTags("ldapwhitelist");
+
+ for (ConfigIter i = whitelisttags.first; i != whitelisttags.second; ++i)
+ {
+ std::string cidr = i->second->getString("cidr");
+ if (!cidr.empty()) {
+ whitelistedcidrs.push_back(cidr);
+ }
+ }
+
if (scope == "base")
searchscope = LDAP_SCOPE_BASE;
else if (scope == "onelevel")
@@ -128,6 +140,15 @@ public:
return MOD_RES_PASSTHRU;
}
+ for (std::vector<std::string>::iterator i = whitelistedcidrs.begin(); i != whitelistedcidrs.end(); i++)
+ {
+ if (InspIRCd::MatchCIDR(user->GetIPString(), *i, ascii_case_insensitive_map))
+ {
+ ldapAuthed.set(user,1);
+ return MOD_RES_PASSTHRU;
+ }
+ }
+
if (!CheckCredentials(user))
{
ServerInstance->Users->QuitUser(user, killreason);