1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd: (C) 2002-2007 InspIRCd Development Team
6 * See: http://www.inspircd.org/wiki/index.php/Credits
8 * This program is free but copyrighted software; see
9 * the file COPYING for details.
11 * ---------------------------------------------------
14 /* $ModDesc: Allows for MD5 encrypted oper passwords */
15 /* $ModDep: transport.h */
18 #include "inspircd_config.h"
22 #include "transport.h"
25 /** Handle /FINGERPRINT
27 class cmd_fingerprint : public Command
30 cmd_fingerprint (InspIRCd* Instance) : Command(Instance,"FINGERPRINT", 0, 1)
32 this->source = "m_ssl_oper_cert.so";
33 syntax = "<nickname>";
36 CmdResult Handle (const char** parameters, int pcnt, userrec *user)
38 userrec* target = ServerInstance->FindNick(parameters[0]);
42 if (target->GetExt("ssl_cert",cert))
44 if (cert->GetFingerprint().length())
46 user->WriteServ("NOTICE %s :Certificate fingerprint for %s is %s",user->nick,target->nick,cert->GetFingerprint().c_str());
51 user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick,target->nick);
57 user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick, target->nick);
63 user->WriteServ("401 %s %s :No such nickname", user->nick, parameters[0]);
71 class ModuleOperSSLCert : public Module
75 cmd_fingerprint* mycommand;
79 ModuleOperSSLCert(InspIRCd* Me)
82 mycommand = new cmd_fingerprint(ServerInstance);
83 ServerInstance->AddCommand(mycommand);
84 cf = new ConfigReader(ServerInstance);
87 virtual ~ModuleOperSSLCert()
92 void Implements(char* List)
94 List[I_OnPreCommand] = List[I_OnRehash] = 1;
97 virtual void OnRehash(userrec* user, const std::string ¶meter)
100 cf = new ConfigReader(ServerInstance);
103 bool OneOfMatches(const char* host, const char* ip, const char* hostlist)
105 std::stringstream hl(hostlist);
109 if (match(host,xhost.c_str()) || match(ip,xhost.c_str(),true))
118 virtual int OnPreCommand(const std::string &command, const char** parameters, int pcnt, userrec *user, bool validated, const std::string &original_line)
120 irc::string cmd = command.c_str();
122 if ((cmd == "OPER") && (validated))
124 char TheHost[MAXBUF];
126 std::string LoginName;
127 std::string Password;
128 std::string OperType;
129 std::string HostName;
130 std::string FingerPrint;
134 snprintf(TheHost,MAXBUF,"%s@%s",user->ident,user->host);
135 snprintf(TheIP, MAXBUF,"%s@%s",user->ident,user->GetIPString());
137 HasCert = user->GetExt("ssl_cert",cert);
139 for (int i = 0; i < cf->Enumerate("oper"); i++)
141 LoginName = cf->ReadValue("oper", "name", i);
142 Password = cf->ReadValue("oper", "password", i);
143 OperType = cf->ReadValue("oper", "type", i);
144 HostName = cf->ReadValue("oper", "host", i);
145 FingerPrint = cf->ReadValue("oper", "fingerprint", i);
146 SSLOnly = cf->ReadFlag("oper", "sslonly", i);
148 if (SSLOnly || !FingerPrint.empty())
150 if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->OperPassCompare(Password.c_str(),parameters[1],i)) && (OneOfMatches(TheHost,TheIP,HostName.c_str())))
152 if (SSLOnly && !user->GetExt("ssl", dummy))
154 user->WriteServ("491 %s :This oper login name requires an SSL connection.", user->nick);
158 /* This oper would match */
159 if ((!cert) || (cert->GetFingerprint() != FingerPrint))
161 user->WriteServ("491 %s :This oper login name requires a matching key fingerprint.",user->nick);
162 ServerInstance->SNO->WriteToSnoMask('o',"'%s' cannot oper, does not match fingerprint", user->nick);
163 ServerInstance->Log(DEFAULT,"OPER: Failed oper attempt by %s!%s@%s: credentials valid, but wrong fingerprint.",user->nick,user->ident,user->host);
173 virtual Version GetVersion()
175 return Version(1,1,0,0,VF_VENDOR,API_VERSION);
179 MODULE_INIT(ModuleOperSSLCert);
projects / user / henk / code / inspircd.git / blob