src/commands/cmd_oper.cpp

   1 /*       +------------------------------------+
   2  *       | Inspire Internet Relay Chat Daemon |
   3  *       +------------------------------------+
   4  *
   5  *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
   6  * See: http://wiki.inspircd.org/Credits
   7  *
   8  * This program is free but copyrighted software; see
   9  *            the file COPYING for details.
  10  *
  11  * ---------------------------------------------------
  12  */
  13
  14 #include "inspircd.h"
  15 #include "commands/cmd_oper.h"
  16 #include "hashcomp.h"
  17
  18 bool OneOfMatches(const char* host, const char* ip, const char* hostlist)
  19 {
  20         std::stringstream hl(hostlist);
  21         std::string xhost;
  22         while (hl >> xhost)
  23         {
  24                 if (InspIRCd::Match(host, xhost, ascii_case_insensitive_map) || InspIRCd::MatchCIDR(ip, xhost, ascii_case_insensitive_map))
  25                 {
  26                         return true;
  27                 }
  28         }
  29         return false;
  30 }
  31
  32 extern "C" DllExport Command* init_command(InspIRCd* Instance)
  33 {
  34         return new CommandOper(Instance);
  35 }
  36
  37 CmdResult CommandOper::Handle (const std::vector<std::string>& parameters, User *user)
  38 {
  39         char LoginName[MAXBUF];
  40         char Password[MAXBUF];
  41         char OperType[MAXBUF];
  42         char TypeName[MAXBUF];
  43         char HostName[MAXBUF];
  44         char ClassName[MAXBUF];
  45         char TheHost[MAXBUF];
  46         char TheIP[MAXBUF];
  47         char HashType[MAXBUF];
  48         int j;
  49         bool found = false;
  50         bool type_invalid = false;
  51
  52         bool match_login = false;
  53         bool match_pass = false;
  54         bool match_hosts = false;
  55
  56         snprintf(TheHost,MAXBUF,"%s@%s",user->ident.c_str(),user->host.c_str());
  57         snprintf(TheIP, MAXBUF,"%s@%s",user->ident.c_str(),user->GetIPString());
  58
  59         for (int i = 0; i < ServerInstance->Config->ConfValueEnum("oper"); i++)
  60         {
  61                 ServerInstance->Config->ConfValue("oper", "name", i, LoginName, MAXBUF);
  62                 ServerInstance->Config->ConfValue("oper", "password", i, Password, MAXBUF);
  63                 ServerInstance->Config->ConfValue("oper", "type", i, OperType, MAXBUF);
  64                 ServerInstance->Config->ConfValue("oper", "host", i, HostName, MAXBUF);
  65                 ServerInstance->Config->ConfValue("oper", "hash", i, HashType, MAXBUF);
  66
  67                 match_login = (LoginName == parameters[0]);
  68                 match_pass = !ServerInstance->PassCompare(user, Password, parameters[1], HashType);
  69                 match_hosts = OneOfMatches(TheHost,TheIP,HostName);
  70
  71                 if (match_login && match_pass && match_hosts)
  72                 {
  73                         type_invalid = true;
  74                         for (j =0; j < ServerInstance->Config->ConfValueEnum("type"); j++)
  75                         {
  76                                 ServerInstance->Config->ConfValue("type", "name", j, TypeName, MAXBUF);
  77                                 ServerInstance->Config->ConfValue("type", "class", j, ClassName, MAXBUF);
  78
  79                                 if (!strcmp(TypeName,OperType))
  80                                 {
  81                                         /* found this oper's opertype */
  82                                         if (!ServerInstance->IsNick(TypeName, ServerInstance->Config->Limits.NickMax))
  83                                         {
  84                                                 user->WriteNumeric(491, "%s :Invalid oper type (oper types must follow the same syntax as nicknames)",user->nick.c_str());
  85                                                 ServerInstance->SNO->WriteToSnoMask('o',"CONFIGURATION ERROR! Oper type '%s' contains invalid characters",OperType);
  86                                                 ServerInstance->Logs->Log("OPER",DEFAULT,"OPER: Failed oper attempt by %s!%s@%s: credentials valid, but oper type erroneous.", user->nick.c_str(), user->ident.c_str(), user->host.c_str());
  87                                                 return CMD_FAILURE;
  88                                         }
  89                                         ServerInstance->Config->ConfValue("type","host", j, HostName, MAXBUF);
  90                                         if (*HostName)
  91                                                 user->ChangeDisplayedHost(HostName);
  92                                         if (*ClassName)
  93                                         {
  94                                                 user->SetClass(ClassName);
  95                                                 user->CheckClass();
  96                                         }
  97                                         found = true;
  98                                         type_invalid = false;
  99                                         break;
 100                                 }
 101                         }
 102                 }
 103                 if (match_login || found)
 104                         break;
 105         }
 106         if (found)
 107         {
 108                 /* correct oper credentials */
 109                 user->Oper(OperType, LoginName);
 110         }
 111         else
 112         {
 113                 char broadcast[MAXBUF];
 114
 115                 if (!type_invalid)
 116                 {
 117                         std::string fields;
 118                         if (!match_login)
 119                                 fields.append("login ");
 120                         else
 121                         {
 122                                 if (!match_pass)
 123                                         fields.append("password ");
 124                                 if (!match_hosts)
 125                                         fields.append("hosts");
 126                         }
 127
 128                         // tell them they suck, and lag them up to help prevent brute-force attacks
 129                         user->WriteNumeric(491, "%s :Invalid oper credentials",user->nick.c_str());
 130                         user->IncreasePenalty(10);
 131
 132                         snprintf(broadcast, MAXBUF, "WARNING! Failed oper attempt by %s!%s@%s using login '%s': The following fields do not match: %s", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), parameters[0].c_str(), fields.c_str());
 133                         ServerInstance->SNO->WriteToSnoMask('o',std::string(broadcast));
 134                         ServerInstance->PI->SendSNONotice("o", std::string("OPER: ") + broadcast);
 135
 136                         ServerInstance->Logs->Log("OPER",DEFAULT,"OPER: Failed oper attempt by %s!%s@%s using login '%s': The following fields did not match: %s", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), parameters[0].c_str(), fields.c_str());
 137                         return CMD_FAILURE;
 138                 }
 139                 else
 140                 {
 141                         user->WriteNumeric(491, "%s :Your oper block does not have a valid opertype associated with it",user->nick.c_str());
 142
 143                         snprintf(broadcast, MAXBUF, "CONFIGURATION ERROR! Oper block '%s': missing OperType %s",parameters[0].c_str(),OperType);
 144
 145                         ServerInstance->SNO->WriteToSnoMask('o', std::string(broadcast));
 146
 147                         ServerInstance->Logs->Log("OPER",DEFAULT,"OPER: Failed oper attempt by %s!%s@%s using login '%s': credentials valid, but oper type nonexistent.", user->nick.c_str(), user->ident.c_str(), user->host.c_str(), parameters[0].c_str());
 148                         return CMD_FAILURE;
 149                 }
 150         }
 151         return CMD_SUCCESS;
 152 }