/*
* InspIRCd -- Internet Relay Chat Daemon
*
- * Copyright (C) 2014 Daniel Vassdal <shutter@canternet.org>
+ * Copyright (C) 2018, 2020 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2018 linuxdaemon <linuxdaemon.irc@gmail.com>
+ * Copyright (C) 2014, 2020 Daniel Vassdal <shutter@canternet.org>
+ * Copyright (C) 2014, 2016 Attila Molnar <attilamolnar@hush.com>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
* redistribute it and/or modify it under the terms of the GNU General Public
std::string tok;
ss.GetToken(tok);
- this->iterations = ConvToInt(tok);
+ this->iterations = ConvToNum<unsigned int>(tok);
ss.GetToken(tok);
this->hash = Base64ToBin(tok);
return false;
std::string cmp = PBKDF2(input, hs.salt, hs.iterations, hs.length);
- return (cmp == hs.hash);
+ return InspIRCd::TimingSafeCompare(cmp, hs.hash);
}
std::string ToPrintable(const std::string& raw) CXX11_OVERRIDE
}
};
+struct ProviderConfig
+{
+ unsigned long dkey_length;
+ unsigned long iterations;
+};
+
+typedef std::map<std::string, ProviderConfig> ProviderConfigMap;
+
class ModulePBKDF2 : public Module
{
std::vector<PBKDF2Provider*> providers;
+ ProviderConfig globalconfig;
+ ProviderConfigMap providerconfigs;
- void GetConfig()
+ ProviderConfig GetConfigForProvider(const std::string& name) const
+ {
+ ProviderConfigMap::const_iterator it = providerconfigs.find(name);
+ if (it == providerconfigs.end())
+ return globalconfig;
+
+ return it->second;
+ }
+
+ void ConfigureProviders()
{
- // First set the common values
- ConfigTag* tag = ServerInstance->Config->ConfValue("pbkdf2");
- unsigned int global_iterations = tag->getUInt("iterations", 12288, 1);
- unsigned int global_dkey_length = tag->getUInt("length", 32, 1, 1024);
for (std::vector<PBKDF2Provider*>::iterator i = providers.begin(); i != providers.end(); ++i)
{
PBKDF2Provider* pi = *i;
- pi->iterations = global_iterations;
- pi->dkey_length = global_dkey_length;
+ ProviderConfig config = GetConfigForProvider(pi->name);
+ pi->iterations = config.iterations;
+ pi->dkey_length = config.dkey_length;
}
+ }
+
+ void GetConfig()
+ {
+ // First set the common values
+ ConfigTag* tag = ServerInstance->Config->ConfValue("pbkdf2");
+ ProviderConfig newglobal;
+ newglobal.iterations = tag->getUInt("iterations", 12288, 1);
+ newglobal.dkey_length = tag->getUInt("length", 32, 1, 1024);
// Then the specific values
+ ProviderConfigMap newconfigs;
ConfigTagList tags = ServerInstance->Config->ConfTags("pbkdf2prov");
for (ConfigIter i = tags.first; i != tags.second; ++i)
{
tag = i->second;
std::string hash_name = "hash/" + tag->getString("hash");
- for (std::vector<PBKDF2Provider*>::iterator j = providers.begin(); j != providers.end(); ++j)
- {
- PBKDF2Provider* pi = *j;
- if (pi->provider->name != hash_name)
- continue;
+ ProviderConfig& config = newconfigs[hash_name];
- pi->iterations = tag->getUInt("iterations", global_iterations, 1);
- pi->dkey_length = tag->getUInt("length", global_dkey_length, 1, 1024);
- }
+ config.iterations = tag->getUInt("iterations", newglobal.iterations, 1);
+ config.dkey_length = tag->getUInt("length", newglobal.dkey_length, 1, 1024);
}
+
+ // Config is valid, apply it
+ providerconfigs.swap(newconfigs);
+ std::swap(globalconfig, newglobal);
+ ConfigureProviders();
}
public:
stdalgo::delete_all(providers);
}
+ void init() CXX11_OVERRIDE
+ {
+ // Let ourself know about any existing services.
+ const ModuleManager::DataProviderMap& dataproviders = ServerInstance->Modules->DataProviders;
+ for (ModuleManager::DataProviderMap::const_iterator it = dataproviders.begin(); it != dataproviders.end(); ++it)
+ OnServiceAdd(*it->second);
+ }
+
void OnServiceAdd(ServiceProvider& provider) CXX11_OVERRIDE
{
// Check if it's a hash provider
providers.push_back(prov);
ServerInstance->Modules.AddService(*prov);
- GetConfig();
+ ConfigureProviders();
}
void OnServiceDel(ServiceProvider& prov) CXX11_OVERRIDE
Version GetVersion() CXX11_OVERRIDE
{
- return Version("Implements PBKDF2 hashing", VF_VENDOR);
+ return Version("Allows other modules to generate PBKDF2 hashes.", VF_VENDOR);
}
};