src/modules/m_sqlauth.cpp

   1 /*
   2  * InspIRCd -- Internet Relay Chat Daemon
   3  *
   4  *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
   5  *
   6  * This file is part of InspIRCd.  InspIRCd is free software: you can
   7  * redistribute it and/or modify it under the terms of the GNU General Public
   8  * License as published by the Free Software Foundation, version 2.
   9  *
  10  * This program is distributed in the hope that it will be useful, but WITHOUT
  11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  12  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  13  * details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17  */
  18
  19
  20 #include "inspircd.h"
  21 #include "modules/sql.h"
  22 #include "modules/hash.h"
  23
  24 enum AuthState {
  25         AUTH_STATE_NONE = 0,
  26         AUTH_STATE_BUSY = 1,
  27         AUTH_STATE_FAIL = 2
  28 };
  29
  30 class AuthQuery : public SQLQuery
  31 {
  32  public:
  33         const std::string uid;
  34         LocalIntExt& pendingExt;
  35         bool verbose;
  36         AuthQuery(Module* me, const std::string& u, LocalIntExt& e, bool v)
  37                 : SQLQuery(me), uid(u), pendingExt(e), verbose(v)
  38         {
  39         }
  40
  41         void OnResult(SQLResult& res) CXX11_OVERRIDE
  42         {
  43                 User* user = ServerInstance->FindNick(uid);
  44                 if (!user)
  45                         return;
  46                 if (res.Rows())
  47                 {
  48                         pendingExt.set(user, AUTH_STATE_NONE);
  49                 }
  50                 else
  51                 {
  52                         if (verbose)
  53                                 ServerInstance->SNO->WriteGlobalSno('a', "Forbidden connection from %s (SQL query returned no matches)", user->GetFullRealHost().c_str());
  54                         pendingExt.set(user, AUTH_STATE_FAIL);
  55                 }
  56         }
  57
  58         void OnError(SQLerror& error) CXX11_OVERRIDE
  59         {
  60                 User* user = ServerInstance->FindNick(uid);
  61                 if (!user)
  62                         return;
  63                 pendingExt.set(user, AUTH_STATE_FAIL);
  64                 if (verbose)
  65                         ServerInstance->SNO->WriteGlobalSno('a', "Forbidden connection from %s (SQL query failed: %s)", user->GetFullRealHost().c_str(), error.Str());
  66         }
  67 };
  68
  69 class ModuleSQLAuth : public Module
  70 {
  71         LocalIntExt pendingExt;
  72         dynamic_reference<SQLProvider> SQL;
  73
  74         std::string freeformquery;
  75         std::string killreason;
  76         std::string allowpattern;
  77         bool verbose;
  78
  79  public:
  80         ModuleSQLAuth() : pendingExt("sqlauth-wait", this), SQL(this, "SQL")
  81         {
  82         }
  83
  84         void init() CXX11_OVERRIDE
  85         {
  86                 ServerInstance->Modules->AddService(pendingExt);
  87                 OnRehash(NULL);
  88                 Implementation eventlist[] = { I_OnCheckReady, I_OnRehash, I_OnUserRegister };
  89                 ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
  90         }
  91
  92         void OnRehash(User* user) CXX11_OVERRIDE
  93         {
  94                 ConfigTag* conf = ServerInstance->Config->ConfValue("sqlauth");
  95                 std::string dbid = conf->getString("dbid");
  96                 if (dbid.empty())
  97                         SQL.SetProvider("SQL");
  98                 else
  99                         SQL.SetProvider("SQL/" + dbid);
 100                 freeformquery = conf->getString("query");
 101                 killreason = conf->getString("killreason");
 102                 allowpattern = conf->getString("allowpattern");
 103                 verbose = conf->getBool("verbose");
 104         }
 105
 106         ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE
 107         {
 108                 // Note this is their initial (unresolved) connect block
 109                 ConfigTag* tag = user->MyClass->config;
 110                 if (!tag->getBool("usesqlauth", true))
 111                         return MOD_RES_PASSTHRU;
 112
 113                 if (!allowpattern.empty() && InspIRCd::Match(user->nick,allowpattern))
 114                         return MOD_RES_PASSTHRU;
 115
 116                 if (pendingExt.get(user))
 117                         return MOD_RES_PASSTHRU;
 118
 119                 if (!SQL)
 120                 {
 121                         ServerInstance->SNO->WriteGlobalSno('a', "Forbiding connection from %s (SQL database not present)", user->GetFullRealHost().c_str());
 122                         ServerInstance->Users->QuitUser(user, killreason);
 123                         return MOD_RES_PASSTHRU;
 124                 }
 125
 126                 pendingExt.set(user, AUTH_STATE_BUSY);
 127
 128                 ParamM userinfo;
 129                 SQL->PopulateUserInfo(user, userinfo);
 130                 userinfo["pass"] = user->password;
 131
 132                 HashProvider* md5 = ServerInstance->Modules->FindDataService<HashProvider>("hash/md5");
 133                 if (md5)
 134                         userinfo["md5pass"] = md5->hexsum(user->password);
 135
 136                 HashProvider* sha256 = ServerInstance->Modules->FindDataService<HashProvider>("hash/sha256");
 137                 if (sha256)
 138                         userinfo["sha256pass"] = sha256->hexsum(user->password);
 139
 140                 SQL->submit(new AuthQuery(this, user->uuid, pendingExt, verbose), freeformquery, userinfo);
 141
 142                 return MOD_RES_PASSTHRU;
 143         }
 144
 145         ModResult OnCheckReady(LocalUser* user) CXX11_OVERRIDE
 146         {
 147                 switch (pendingExt.get(user))
 148                 {
 149                         case AUTH_STATE_NONE:
 150                                 return MOD_RES_PASSTHRU;
 151                         case AUTH_STATE_BUSY:
 152                                 return MOD_RES_DENY;
 153                         case AUTH_STATE_FAIL:
 154                                 ServerInstance->Users->QuitUser(user, killreason);
 155                                 return MOD_RES_DENY;
 156                 }
 157                 return MOD_RES_PASSTHRU;
 158         }
 159
 160         Version GetVersion() CXX11_OVERRIDE
 161         {
 162                 return Version("Allow/Deny connections based upon an arbitrary SQL table", VF_VENDOR);
 163         }
 164 };
 165
 166 MODULE_INIT(ModuleSQLAuth)