src/modules/m_sqloper.cpp

   1 /*
   2  * InspIRCd -- Internet Relay Chat Daemon
   3  *
   4  *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
   5  *
   6  * This file is part of InspIRCd.  InspIRCd is free software: you can
   7  * redistribute it and/or modify it under the terms of the GNU General Public
   8  * License as published by the Free Software Foundation, version 2.
   9  *
  10  * This program is distributed in the hope that it will be useful, but WITHOUT
  11  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
  12  * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
  13  * details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17  */
  18
  19
  20 #include "inspircd.h"
  21 #include "modules/sql.h"
  22 #include "modules/hash.h"
  23
  24 /* $ModDesc: Allows storage of oper credentials in an SQL table */
  25
  26 class OpMeQuery : public SQLQuery
  27 {
  28  public:
  29         const std::string uid, username, password;
  30         OpMeQuery(Module* me, const std::string& u, const std::string& un, const std::string& pw)
  31                 : SQLQuery(me), uid(u), username(un), password(pw)
  32         {
  33         }
  34
  35         void OnResult(SQLResult& res) CXX11_OVERRIDE
  36         {
  37                 ServerInstance->Logs->Log("m_sqloper", LOG_DEBUG, "SQLOPER: result for %s", uid.c_str());
  38                 User* user = ServerInstance->FindNick(uid);
  39                 if (!user)
  40                         return;
  41
  42                 // multiple rows may exist
  43                 SQLEntries row;
  44                 while (res.GetRow(row))
  45                 {
  46                         if (OperUser(user, row[0], row[1]))
  47                                 return;
  48                 }
  49                 ServerInstance->Logs->Log("m_sqloper", LOG_DEBUG, "SQLOPER: no matches for %s (checked %d rows)", uid.c_str(), res.Rows());
  50                 // nobody succeeded... fall back to OPER
  51                 fallback();
  52         }
  53
  54         void OnError(SQLerror& error) CXX11_OVERRIDE
  55         {
  56                 ServerInstance->Logs->Log("m_sqloper", LOG_DEFAULT, "SQLOPER: query failed (%s)", error.Str());
  57                 fallback();
  58         }
  59
  60         void fallback()
  61         {
  62                 User* user = ServerInstance->FindNick(uid);
  63                 if (!user)
  64                         return;
  65
  66                 Command* oper_command = ServerInstance->Parser->GetHandler("OPER");
  67
  68                 if (oper_command)
  69                 {
  70                         std::vector<std::string> params;
  71                         params.push_back(username);
  72                         params.push_back(password);
  73                         oper_command->Handle(params, user);
  74                 }
  75                 else
  76                 {
  77                         ServerInstance->Logs->Log("m_sqloper", LOG_SPARSE, "BUG: WHAT?! Why do we have no OPER command?!");
  78                 }
  79         }
  80
  81         bool OperUser(User* user, const std::string &pattern, const std::string &type)
  82         {
  83                 OperIndex::iterator iter = ServerInstance->Config->oper_blocks.find(" " + type);
  84                 if (iter == ServerInstance->Config->oper_blocks.end())
  85                 {
  86                         ServerInstance->Logs->Log("m_sqloper", LOG_DEFAULT, "SQLOPER: bad type '%s' in returned row for oper %s", type.c_str(), username.c_str());
  87                         return false;
  88                 }
  89                 OperInfo* ifo = iter->second;
  90
  91                 std::string hostname(user->ident);
  92
  93                 hostname.append("@").append(user->host);
  94
  95                 if (InspIRCd::MatchMask(pattern, hostname, user->GetIPString()))
  96                 {
  97                         /* Opertype and host match, looks like this is it. */
  98
  99                         user->Oper(ifo);
 100                         return true;
 101                 }
 102
 103                 return false;
 104         }
 105 };
 106
 107 class ModuleSQLOper : public Module
 108 {
 109         std::string query;
 110         std::string hashtype;
 111         dynamic_reference<SQLProvider> SQL;
 112
 113 public:
 114         ModuleSQLOper() : SQL(this, "SQL") {}
 115
 116         void init() CXX11_OVERRIDE
 117         {
 118                 OnRehash(NULL);
 119
 120                 Implementation eventlist[] = { I_OnRehash, I_OnPreCommand };
 121                 ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 122         }
 123
 124         void OnRehash(User* user) CXX11_OVERRIDE
 125         {
 126                 ConfigTag* tag = ServerInstance->Config->ConfValue("sqloper");
 127
 128                 std::string dbid = tag->getString("dbid");
 129                 if (dbid.empty())
 130                         SQL.SetProvider("SQL");
 131                 else
 132                         SQL.SetProvider("SQL/" + dbid);
 133
 134                 hashtype = tag->getString("hash");
 135                 query = tag->getString("query", "SELECT hostname as host, type FROM ircd_opers WHERE username='$username' AND password='$password'");
 136         }
 137
 138         ModResult OnPreCommand(std::string &command, std::vector<std::string> &parameters, LocalUser *user, bool validated, const std::string &original_line) CXX11_OVERRIDE
 139         {
 140                 if (validated && command == "OPER" && parameters.size() >= 2)
 141                 {
 142                         if (SQL)
 143                         {
 144                                 LookupOper(user, parameters[0], parameters[1]);
 145                                 /* Query is in progress, it will re-invoke OPER if needed */
 146                                 return MOD_RES_DENY;
 147                         }
 148                         ServerInstance->Logs->Log("m_sqloper", LOG_DEFAULT, "SQLOPER: database not present");
 149                 }
 150                 return MOD_RES_PASSTHRU;
 151         }
 152
 153         void LookupOper(User* user, const std::string &username, const std::string &password)
 154         {
 155                 HashProvider* hash = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
 156
 157                 ParamM userinfo;
 158                 SQL->PopulateUserInfo(user, userinfo);
 159                 userinfo["username"] = username;
 160                 userinfo["password"] = hash ? hash->hexsum(password) : password;
 161
 162                 SQL->submit(new OpMeQuery(this, user->uuid, username, password), query, userinfo);
 163         }
 164
 165         Version GetVersion() CXX11_OVERRIDE
 166         {
 167                 return Version("Allows storage of oper credentials in an SQL table", VF_VENDOR);
 168         }
 169 };
 170
 171 MODULE_INIT(ModuleSQLOper)