1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd: (C) 2002-2008 InspIRCd Development Team
6 * See: http://www.inspircd.org/wiki/index.php/Credits
8 * This program is free but copyrighted software; see
9 * the file COPYING for details.
11 * ---------------------------------------------------
17 #include <sys/socket.h>
18 #include <netinet/in.h>
19 #include <arpa/inet.h>
22 /* $ModDesc: Change user's hosts connecting from known CGI:IRC hosts */
24 enum CGItype { INVALID, PASS, IDENT, PASSFIRST, IDENTFIRST, WEBIRC };
27 /** Holds a CGI site's details
29 class CGIhost : public classbase
36 CGIhost(const std::string &mask = "", CGItype t = IDENTFIRST, const std::string &spassword ="")
37 : hostmask(mask), type(t), password(spassword)
41 typedef std::vector<CGIhost> CGIHostlist;
45 * This is used for the webirc method of CGIIRC auth, and is (really) the best way to do these things.
46 * Syntax: WEBIRC password client hostname ip
47 * Where password is a shared key, client is the name of the "client" and version (e.g. cgiirc), hostname
48 * is the resolved host of the client issuing the command and IP is the real IP of the client.
51 * To tie in with the rest of cgiirc module, and to avoid race conditions, /webirc is only processed locally
52 * and simply sets metadata on the user, which is later decoded on full connect to give something meaningful.
54 class CommandWebirc : public Command
59 CommandWebirc(InspIRCd* Instance, CGIHostlist &cHosts, bool bnotify) : Command(Instance, "WEBIRC", 0, 4, true), Hosts(cHosts), notify(bnotify)
61 this->source = "m_cgiirc.so";
62 this->syntax = "password client hostname ip";
64 CmdResult Handle(const char* const* parameters, int pcnt, User *user)
66 if(user->registered == REG_ALL)
69 for(CGIHostlist::iterator iter = Hosts.begin(); iter != Hosts.end(); iter++)
71 if(ServerInstance->MatchText(user->host, iter->hostmask) || ServerInstance->MatchText(user->GetIPString(), iter->hostmask))
73 if(iter->type == WEBIRC && parameters[0] == iter->password)
75 user->Extend("cgiirc_realhost", new std::string(user->host));
76 user->Extend("cgiirc_realip", new std::string(user->GetIPString()));
78 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), changing real host to %s from %s", user->nick, user->host, parameters[2], user->host);
79 user->Extend("cgiirc_webirc_hostname", new std::string(parameters[2]));
80 user->Extend("cgiirc_webirc_ip", new std::string(parameters[3]));
90 /** Resolver for CGI:IRC hostnames encoded in ident/GECOS
92 class CGIResolver : public Resolver
99 CGIResolver(Module* me, InspIRCd* Instance, bool NotifyOpers, const std::string &source, bool forward, User* u, int userfd, const std::string &type, bool &cached)
100 : Resolver(Instance, source, forward ? DNS_QUERY_A : DNS_QUERY_PTR4, cached, me), typ(type), theirfd(userfd), them(u), notify(NotifyOpers) { }
102 virtual void OnLookupComplete(const std::string &result, unsigned int ttl, bool cached, int resultnum = 0)
107 /* Check the user still exists */
108 if ((them) && (them == ServerInstance->SE->GetRef(theirfd)))
111 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), changing real host to %s from %s", them->nick, them->host, result.c_str(), typ.c_str());
113 strlcpy(them->host, result.c_str(), 63);
114 strlcpy(them->dhost, result.c_str(), 63);
115 strlcpy(them->ident, "~cgiirc", 8);
116 them->InvalidateCache();
120 virtual void OnError(ResolverError e, const std::string &errormessage)
122 if ((them) && (them == ServerInstance->SE->GetRef(theirfd)))
125 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), but their host can't be resolved from their %s!", them->nick, them->host,typ.c_str());
129 virtual ~CGIResolver()
134 class ModuleCgiIRC : public Module
136 CommandWebirc* mycommand;
140 ModuleCgiIRC(InspIRCd* Me) : Module(Me)
144 mycommand = new CommandWebirc(Me, Hosts, NotifyOpers);
145 ServerInstance->AddCommand(mycommand);
147 Implementation eventlist[] = { I_OnRehash, I_OnUserRegister, I_OnCleanup, I_OnSyncUserMetaData, I_OnDecodeMetaData, I_OnUserDisconnect, I_OnUserConnect };
148 ServerInstance->Modules->Attach(eventlist, this, 7);
152 virtual void Prioritize()
154 ServerInstance->Modules->SetPriority(this, I_OnUserConnect, PRIO_FIRST);
157 virtual void OnRehash(User* user, const std::string ¶meter)
159 ConfigReader Conf(ServerInstance);
162 NotifyOpers = Conf.ReadFlag("cgiirc", "opernotice", 0); // If we send an oper notice when a CGI:IRC has their host changed.
164 if(Conf.GetError() == CONF_VALUE_NOT_FOUND)
167 for(int i = 0; i < Conf.Enumerate("cgihost"); i++)
169 std::string hostmask = Conf.ReadValue("cgihost", "mask", i); // An allowed CGI:IRC host
170 std::string type = Conf.ReadValue("cgihost", "type", i); // What type of user-munging we do on this host.
171 std::string password = Conf.ReadValue("cgihost", "password", i);
173 if(hostmask.length())
175 if (type == "webirc" && !password.length()) {
176 ServerInstance->Logs->Log("CONFIG",DEFAULT, "m_cgiirc: Missing password in config: %s", hostmask.c_str());
180 CGItype cgitype = INVALID;
183 else if (type == "ident")
185 else if (type == "passfirst")
187 else if (type == "webirc")
192 if (cgitype == INVALID)
195 Hosts.push_back(CGIhost(hostmask,cgitype, password.length() ? password : "" ));
200 ServerInstance->Logs->Log("CONFIG",DEFAULT, "m_cgiirc.so: Invalid <cgihost:mask> value in config: %s", hostmask.c_str());
206 virtual void OnCleanup(int target_type, void* item)
208 if(target_type == TYPE_USER)
210 User* user = (User*)item;
211 std::string* realhost;
214 if(user->GetExt("cgiirc_realhost", realhost))
217 user->Shrink("cgiirc_realhost");
220 if(user->GetExt("cgiirc_realip", realip))
223 user->Shrink("cgiirc_realip");
228 virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
230 if((extname == "cgiirc_realhost") || (extname == "cgiirc_realip"))
234 if(user->GetExt(extname, data))
236 proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, *data);
241 virtual void OnDecodeMetaData(int target_type, void* target, const std::string &extname, const std::string &extdata)
243 if(target_type == TYPE_USER)
245 User* dest = (User*)target;
247 if(((extname == "cgiirc_realhost") || (extname == "cgiirc_realip")) && (!dest->GetExt(extname, bleh)))
249 dest->Extend(extname, new std::string(extdata));
254 virtual void OnUserDisconnect(User* user)
256 OnCleanup(TYPE_USER, user);
260 virtual int OnUserRegister(User* user)
262 for(CGIHostlist::iterator iter = Hosts.begin(); iter != Hosts.end(); iter++)
264 if(ServerInstance->MatchText(user->host, iter->hostmask) || ServerInstance->MatchText(user->GetIPString(), iter->hostmask))
267 if(iter->type == PASS)
269 CheckPass(user); // We do nothing if it fails so...
271 else if(iter->type == PASSFIRST && !CheckPass(user))
273 // If the password lookup failed, try the ident
274 CheckIdent(user); // If this fails too, do nothing
276 else if(iter->type == IDENT)
278 CheckIdent(user); // Nothing on failure.
280 else if(iter->type == IDENTFIRST && !CheckIdent(user))
282 // If the ident lookup fails, try the password.
285 else if(iter->type == WEBIRC)
287 // We don't need to do anything here
295 virtual void OnUserConnect(User* user)
297 std::string *webirc_hostname, *webirc_ip;
298 if(user->GetExt("cgiirc_webirc_hostname", webirc_hostname))
300 strlcpy(user->host,webirc_hostname->c_str(),63);
301 strlcpy(user->dhost,webirc_hostname->c_str(),63);
302 delete webirc_hostname;
303 user->InvalidateCache();
304 user->Shrink("cgiirc_webirc_hostname");
306 if(user->GetExt("cgiirc_webirc_ip", webirc_ip))
309 ServerInstance->Users->RemoveCloneCounts(user);
311 valid = (inet_pton(AF_INET6, webirc_ip->c_str(), &((sockaddr_in6*)user->ip)->sin6_addr) > 0);
314 valid = (inet_aton(webirc_ip->c_str(), &((sockaddr_in*)user->ip)->sin_addr));
316 if (inet_aton(webirc_ip->c_str(), &((sockaddr_in*)user->ip)->sin_addr))
321 user->InvalidateCache();
322 user->Shrink("cgiirc_webirc_ip");
323 ServerInstance->Users->AddLocalClone(user);
324 ServerInstance->Users->AddGlobalClone(user);
329 bool CheckPass(User* user)
331 if(IsValidHost(user->password))
333 user->Extend("cgiirc_realhost", new std::string(user->host));
334 user->Extend("cgiirc_realip", new std::string(user->GetIPString()));
335 strlcpy(user->host, user->password, 64);
336 strlcpy(user->dhost, user->password, 64);
337 user->InvalidateCache();
340 ServerInstance->Users->RemoveCloneCounts(user);
342 if (user->GetProtocolFamily() == AF_INET6)
343 valid = (inet_pton(AF_INET6, user->password, &((sockaddr_in6*)user->ip)->sin6_addr) > 0);
345 valid = (inet_aton(user->password, &((sockaddr_in*)user->ip)->sin_addr));
347 if (inet_aton(user->password, &((sockaddr_in*)user->ip)->sin_addr))
350 ServerInstance->Users->AddLocalClone(user);
351 ServerInstance->Users->AddGlobalClone(user);
356 /* We were given a IP in the password, we don't do DNS so they get this is as their host as well. */
358 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), changing real host to %s from PASS", user->nick, user->host, user->password);
362 /* We got as resolved hostname in the password. */
367 CGIResolver* r = new CGIResolver(this, ServerInstance, NotifyOpers, user->password, false, user, user->GetFd(), "PASS", cached);
368 ServerInstance->AddResolver(r, cached);
373 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), but i could not resolve their hostname!", user->nick, user->host);
380 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), changing real host to %s from PASS", user->nick, user->host, user->password);*/
388 bool CheckIdent(User* user)
393 int len = strlen(user->ident);
397 else if(len == 9 && *user->ident == '~')
398 ident = user->ident+1;
402 for(int i = 0; i < 4; i++)
403 if(!HexToInt(ip[i], ident + i*2))
406 snprintf(newip, 16, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
408 user->Extend("cgiirc_realhost", new std::string(user->host));
409 user->Extend("cgiirc_realip", new std::string(user->GetIPString()));
410 ServerInstance->Users->RemoveCloneCounts(user);
412 if (user->GetProtocolFamily() == AF_INET6)
413 inet_pton(AF_INET6, newip, &((sockaddr_in6*)user->ip)->sin6_addr);
416 inet_aton(newip, &((sockaddr_in*)user->ip)->sin_addr);
417 ServerInstance->Users->AddLocalClone(user);
418 ServerInstance->Users->AddGlobalClone(user);
422 strlcpy(user->host, newip, 16);
423 strlcpy(user->dhost, newip, 16);
424 strlcpy(user->ident, "~cgiirc", 8);
427 CGIResolver* r = new CGIResolver(this, ServerInstance, NotifyOpers, newip, false, user, user->GetFd(), "IDENT", cached);
428 ServerInstance->AddResolver(r, cached);
432 strlcpy(user->host, newip, 16);
433 strlcpy(user->dhost, newip, 16);
434 strlcpy(user->ident, "~cgiirc", 8);
435 user->InvalidateCache();
438 ServerInstance->SNO->WriteToSnoMask('A', "Connecting user %s detected as using CGI:IRC (%s), but i could not resolve their hostname!", user->nick, user->host);
440 /*strlcpy(user->host, newip, 16);
441 strlcpy(user->dhost, newip, 16);
442 strlcpy(user->ident, "~cgiirc", 8);*/
447 bool IsValidHost(const std::string &host)
452 for(unsigned int i = 0; i < host.size(); i++)
454 if( ((host[i] >= '0') && (host[i] <= '9')) ||
455 ((host[i] >= 'A') && (host[i] <= 'Z')) ||
456 ((host[i] >= 'a') && (host[i] <= 'z')) ||
457 ((host[i] == '-') && (i > 0) && (i+1 < host.size()) && (host[i-1] != '.') && (host[i+1] != '.')) ||
458 ((host[i] == '.') && (i > 0) && (i+1 < host.size())) )
468 bool IsValidIP(const std::string &ip)
470 if(ip.size() < 7 || ip.size() > 15)
476 for(unsigned int i = 0; i < ip.size(); i++)
478 if((dots <= 3) && (sincedot <= 3))
480 if((ip[i] >= '0') && (ip[i] <= '9'))
484 else if(ip[i] == '.')
503 bool HexToInt(int &out, const char* in)
509 out = strtol(ip, NULL, 16);
511 if(out > 255 || out < 0)
517 virtual ~ModuleCgiIRC()
521 virtual Version GetVersion()
523 return Version(1,2,0,0,VF_VENDOR,API_VERSION);
528 MODULE_INIT(ModuleCgiIRC)
projects / user / henk / code / inspircd.git / blob