src/modules/m_sqloper.cpp

   1 /*
   2  * InspIRCd -- Internet Relay Chat Daemon
   3  *
   4  *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
   5  *
   6  * This file is part of InspIRCd.  InspIRCd is free software: you can
   7  * redistribute it and/or modify it under the terms of the GNU General Public
   8  * License as published by the Free Software Foundation, version 2.
   9  *
  10  * This program is distributed in the hope that it will be useful, but WITHOUT
  11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  12  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  13  * details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17  */
  18
  19
  20 #include "inspircd.h"
  21 #include "sql.h"
  22 #include "hash.h"
  23
  24 /* $ModDesc: Allows storage of oper credentials in an SQL table */
  25
  26 static bool OneOfMatches(const char* host, const char* ip, const std::string& hostlist)
  27 {
  28         std::stringstream hl(hostlist);
  29         std::string xhost;
  30         while (hl >> xhost)
  31         {
  32                 if (InspIRCd::Match(host, xhost, ascii_case_insensitive_map) || InspIRCd::MatchCIDR(ip, xhost, ascii_case_insensitive_map))
  33                 {
  34                         return true;
  35                 }
  36         }
  37         return false;
  38 }
  39
  40 class OpMeQuery : public SQLQuery
  41 {
  42  public:
  43         const std::string uid, username, password;
  44         OpMeQuery(Module* me, const std::string& u, const std::string& un, const std::string& pw)
  45                 : SQLQuery(me), uid(u), username(un), password(pw)
  46         {
  47         }
  48
  49         void OnResult(SQLResult& res)
  50         {
  51                 ServerInstance->Logs->Log("m_sqloper",DEBUG, "SQLOPER: result for %s", uid.c_str());
  52                 User* user = ServerInstance->FindNick(uid);
  53                 if (!user)
  54                         return;
  55
  56                 // multiple rows may exist
  57                 SQLEntries row;
  58                 while (res.GetRow(row))
  59                 {
  60 #if 0
  61                         parameterlist cols;
  62                         res.GetCols(cols);
  63
  64                         std::vector<KeyVal>* items;
  65                         reference<ConfigTag> tag = ConfigTag::create("oper", "<m_sqloper>", 0, items);
  66                         for(unsigned int i=0; i < cols.size(); i++)
  67                         {
  68                                 if (!row[i].nul)
  69                                         items->insert(std::make_pair(cols[i], row[i]));
  70                         }
  71 #else
  72                         if (OperUser(user, row[0], row[1]))
  73                                 return;
  74 #endif
  75                 }
  76                 ServerInstance->Logs->Log("m_sqloper",DEBUG, "SQLOPER: no matches for %s (checked %d rows)", uid.c_str(), res.Rows());
  77                 // nobody succeeded... fall back to OPER
  78                 fallback();
  79         }
  80
  81         void OnError(SQLerror& error)
  82         {
  83                 ServerInstance->Logs->Log("m_sqloper",DEFAULT, "SQLOPER: query failed (%s)", error.Str());
  84                 fallback();
  85         }
  86
  87         void fallback()
  88         {
  89                 User* user = ServerInstance->FindNick(uid);
  90                 if (!user)
  91                         return;
  92
  93                 Command* oper_command = ServerInstance->Parser->GetHandler("OPER");
  94
  95                 if (oper_command)
  96                 {
  97                         std::vector<std::string> params;
  98                         params.push_back(username);
  99                         params.push_back(password);
 100                         oper_command->Handle(params, user);
 101                 }
 102                 else
 103                 {
 104                         ServerInstance->Logs->Log("m_sqloper",SPARSE, "BUG: WHAT?! Why do we have no OPER command?!");
 105                 }
 106         }
 107
 108         bool OperUser(User* user, const std::string &pattern, const std::string &type)
 109         {
 110                 OperIndex::iterator iter = ServerInstance->Config->oper_blocks.find(" " + type);
 111                 if (iter == ServerInstance->Config->oper_blocks.end())
 112                 {
 113                         ServerInstance->Logs->Log("m_sqloper",DEFAULT, "SQLOPER: bad type '%s' in returned row for oper %s", type.c_str(), username.c_str());
 114                         return false;
 115                 }
 116                 OperInfo* ifo = iter->second;
 117
 118                 std::string hostname(user->ident);
 119
 120                 hostname.append("@").append(user->host);
 121
 122                 if (OneOfMatches(hostname.c_str(), user->GetIPString(), pattern.c_str()))
 123                 {
 124                         /* Opertype and host match, looks like this is it. */
 125
 126                         user->Oper(ifo);
 127                         return true;
 128                 }
 129
 130                 return false;
 131         }
 132 };
 133
 134 class ModuleSQLOper : public Module
 135 {
 136         std::string query;
 137         std::string hashtype;
 138         dynamic_reference<SQLProvider> SQL;
 139
 140 public:
 141         ModuleSQLOper() : SQL(this, "SQL") {}
 142
 143         void init()
 144         {
 145                 OnRehash(NULL);
 146
 147                 Implementation eventlist[] = { I_OnRehash, I_OnPreCommand };
 148                 ServerInstance->Modules->Attach(eventlist, this, 2);
 149         }
 150
 151         void OnRehash(User* user)
 152         {
 153                 ConfigTag* tag = ServerInstance->Config->ConfValue("sqloper");
 154
 155                 std::string dbid = tag->getString("dbid");
 156                 if (dbid.empty())
 157                         SQL.SetProvider("SQL");
 158                 else
 159                         SQL.SetProvider("SQL/" + dbid);
 160
 161                 hashtype = tag->getString("hash");
 162                 query = tag->getString("query", "SELECT hostname as host, type FROM ircd_opers WHERE username='$username' AND password='$password'");
 163         }
 164
 165         ModResult OnPreCommand(std::string &command, std::vector<std::string> &parameters, LocalUser *user, bool validated, const std::string &original_line)
 166         {
 167                 if (validated && command == "OPER" && parameters.size() >= 2)
 168                 {
 169                         if (SQL)
 170                         {
 171                                 LookupOper(user, parameters[0], parameters[1]);
 172                                 /* Query is in progress, it will re-invoke OPER if needed */
 173                                 return MOD_RES_DENY;
 174                         }
 175                         ServerInstance->Logs->Log("m_sqloper",DEFAULT, "SQLOPER: database not present");
 176                 }
 177                 return MOD_RES_PASSTHRU;
 178         }
 179
 180         void LookupOper(User* user, const std::string &username, const std::string &password)
 181         {
 182                 HashProvider* hash = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
 183
 184                 ParamM userinfo;
 185                 SQL->PopulateUserInfo(user, userinfo);
 186                 userinfo["username"] = username;
 187                 userinfo["password"] = hash ? hash->hexsum(password) : password;
 188
 189                 SQL->submit(new OpMeQuery(this, user->uuid, username, password), query, userinfo);
 190         }
 191
 192         Version GetVersion()
 193         {
 194                 return Version("Allows storage of oper credentials in an SQL table", VF_VENDOR);
 195         }
 196
 197 };
 198
 199 MODULE_INIT(ModuleSQLOper)