]> git.netwichtig.de Git - user/henk/code/inspircd.git/blob - src/modules/m_sasl.cpp
projects / user / henk / code / inspircd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Remove InspIRCd* parameters and fields
[user/henk/code/inspircd.git] / src / modules / m_sasl.cpp
1 /*       +------------------------------------+
2  *       | Inspire Internet Relay Chat Daemon |
3  *       +------------------------------------+
4  *
5  *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
6  * See: http://wiki.inspircd.org/Credits
7  *
8  * This program is free but copyrighted software; see
9  *          the file COPYING for details.
10  *
11  * ---------------------------------------------------
12  */
13
14 #include "inspircd.h"
15 #include "m_cap.h"
16 #include "account.h"
17
18 /* $ModDesc: Provides support for IRC Authentication Layer (aka: atheme SASL) via AUTHENTICATE. */
19
20 enum SaslState { SASL_INIT, SASL_COMM, SASL_DONE };
21 enum SaslResult { SASL_OK, SASL_FAIL, SASL_ABORT };
22
23 /**
24  * Tracks SASL authentication state like charybdis does. --nenolod
25  */
26 class SaslAuthenticator : public classbase
27 {
28  private:
29         InspIRCd *ServerInstance;
30         std::string agent;
31         User *user;
32         SaslState state;
33         SaslResult result;
34         bool state_announced;
35
36  public:
37         SaslAuthenticator(User *user_, std::string method, Module *ctor)
38                 : user(user_), state(SASL_INIT), state_announced(false)
39         {
40                 parameterlist params;
41                 params.push_back("*");
42                 params.push_back("SASL");
43                 params.push_back(user->uuid);
44                 params.push_back("*");
45                 params.push_back("S");
46                 params.push_back(method);
47
48                 ServerInstance->PI->SendEncapsulatedData(params);
49         }
50
51         SaslResult GetSaslResult(const std::string &result_)
52         {
53                 if (result_ == "F")
54                         return SASL_FAIL;
55
56                 if (result_ == "A")
57                         return SASL_ABORT;
58
59                 return SASL_OK;
60         }
61
62         /* checks for and deals with a state change. */
63         SaslState ProcessInboundMessage(const std::vector<std::string> &msg)
64         {
65                 switch (this->state)
66                 {
67                  case SASL_INIT:
68                         this->agent = msg[0];
69                         this->user->Write("AUTHENTICATE %s", msg[3].c_str());
70                         this->state = SASL_COMM;
71                         break;
72                  case SASL_COMM:
73                         if (msg[0] != this->agent)
74                                 return this->state;
75
76                         if (msg[2] != "D")
77                                 this->user->Write("AUTHENTICATE %s", msg[3].c_str());
78                         else
79                         {
80                                 this->state = SASL_DONE;
81                                 this->result = this->GetSaslResult(msg[3]);
82                         }
83
84                         break;
85                  case SASL_DONE:
86                         break;
87                  default:
88                         ServerInstance->Logs->Log("m_sasl", DEFAULT, "WTF: SaslState is not a known state (%d)", this->state);
89                         break;
90                 }
91
92                 return this->state;
93         }
94
95         void Abort(void)
96         {
97                 this->state = SASL_DONE;
98                 this->result = SASL_ABORT;
99         }
100
101         bool SendClientMessage(const std::vector<std::string>& parameters)
102         {
103                 if (this->state != SASL_COMM)
104                         return true;
105
106                 parameterlist params;
107                 params.push_back("*");
108                 params.push_back("SASL");
109                 params.push_back(this->user->uuid);
110                 params.push_back(this->agent);
111                 params.push_back("C");
112
113                 params.insert(params.end(), parameters.begin(), parameters.end());
114
115                 ServerInstance->PI->SendEncapsulatedData(params);
116
117                 if (parameters[0][0] == '*')
118                 {
119                         this->Abort();
120                         return false;
121                 }
122
123                 return true;
124         }
125
126         void AnnounceState(void)
127         {
128                 if (this->state_announced)
129                         return;
130
131                 switch (this->result)
132                 {
133                  case SASL_OK:
134                         this->user->WriteNumeric(903, "%s :SASL authentication successful", this->user->nick.c_str());
135                         break;
136                  case SASL_ABORT:
137                         this->user->WriteNumeric(906, "%s :SASL authentication aborted", this->user->nick.c_str());
138                         break;
139                  case SASL_FAIL:
140                         this->user->WriteNumeric(904, "%s :SASL authentication failed", this->user->nick.c_str());
141                         break;
142                  default:
143                         break;
144                 }
145
146                 this->state_announced = true;
147         }
148 };
149
150 class CommandAuthenticate : public Command
151 {
152  public:
153         SimpleExtItem<SaslAuthenticator>& authExt;
154         GenericCap& cap;
155         CommandAuthenticate(Module* Creator, SimpleExtItem<SaslAuthenticator>& ext, GenericCap& Cap)
156                 : Command(Creator, "AUTHENTICATE", 1), authExt(ext), cap(Cap)
157         {
158                 works_before_reg = true;
159         }
160
161         CmdResult Handle (const std::vector<std::string>& parameters, User *user)
162         {
163                 /* Only allow AUTHENTICATE on unregistered clients */
164                 if (user->registered != REG_ALL)
165                 {
166                         if (!cap.ext.get(user))
167                                 return CMD_FAILURE;
168
169                         SaslAuthenticator *sasl = authExt.get(user);
170                         if (!sasl)
171                                 authExt.set(user, new SaslAuthenticator(user, parameters[0], creator));
172                         else if (sasl->SendClientMessage(parameters) == false)  // IAL abort extension --nenolod
173                         {
174                                 sasl->AnnounceState();
175                                 authExt.unset(user);
176                         }
177                 }
178                 return CMD_FAILURE;
179         }
180 };
181
182 class CommandSASL : public Command
183 {
184  public:
185         SimpleExtItem<SaslAuthenticator>& authExt;
186         CommandSASL(Module* Creator, SimpleExtItem<SaslAuthenticator>& ext) : Command(Creator, "SASL", 2), authExt(ext)
187         {
188                 this->disabled = true; // should not be called by users
189         }
190
191         CmdResult Handle(const std::vector<std::string>& parameters, User *user)
192         {
193                 User* target = ServerInstance->FindNick(parameters[1]);
194                 if (!target)
195                 {
196                         ServerInstance->Logs->Log("m_sasl", DEBUG,"User not found in sasl ENCAP event: %s", parameters[1].c_str());
197                         return CMD_FAILURE;
198                 }
199
200                 SaslAuthenticator *sasl = authExt.get(target);
201                 if (!sasl)
202                         return CMD_FAILURE;
203
204                 SaslState state = sasl->ProcessInboundMessage(parameters);
205                 if (state == SASL_DONE)
206                 {
207                         sasl->AnnounceState();
208                         authExt.unset(target);
209                 }
210                 return CMD_SUCCESS;
211         }
212
213         RouteDescriptor GetRouting(User* user, const std::vector<std::string>& parameters)
214         {
215                 return ROUTE_BROADCAST;
216         }
217 };
218
219 class ModuleSASL : public Module
220 {
221         SimpleExtItem<SaslAuthenticator> authExt;
222         GenericCap cap;
223         CommandAuthenticate auth;
224         CommandSASL sasl;
225  public:
226         ModuleSASL()
227                 : authExt("sasl_auth", this), cap(this, "sasl"), auth(this, authExt, cap), sasl(this, authExt)
228         {
229                 Implementation eventlist[] = { I_OnEvent, I_OnUserRegister, I_OnPostConnect, I_OnUserDisconnect, I_OnCleanup };
230                 ServerInstance->Modules->Attach(eventlist, this, 5);
231
232                 ServerInstance->AddCommand(&auth);
233                 ServerInstance->AddCommand(&sasl);
234
235                 Extensible::Register(&authExt);
236                 if (!ServerInstance->Modules->Find("m_services_account.so") || !ServerInstance->Modules->Find("m_cap.so"))
237                         ServerInstance->Logs->Log("m_sasl", DEFAULT, "WARNING: m_services_account.so and m_cap.so are not loaded! m_sasl.so will NOT function correctly until these two modules are loaded!");
238         }
239
240         ModResult OnUserRegister(User *user)
241         {
242                 SaslAuthenticator *sasl_ = authExt.get(user);
243                 if (sasl_)
244                 {
245                         sasl_->Abort();
246                         authExt.unset(user);
247                 }
248
249                 return MOD_RES_PASSTHRU;
250         }
251
252         ~ModuleSASL()
253         {
254         }
255
256         Version GetVersion()
257         {
258                 return Version("Provides support for IRC Authentication Layer (aka: atheme SASL) via AUTHENTICATE.",VF_VENDOR,API_VERSION);
259         }
260
261         void OnEvent(Event *ev)
262         {
263                 cap.HandleEvent(ev);
264         }
265 };
266
267 MODULE_INIT(ModuleSASL)