]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_ldapauth.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use CommandBase::Params instead of std::vector<std::string>.
[user/henk/code/inspircd.git] / src / modules / m_ldapauth.cpp
diff --git a/src/modules/m_ldapauth.cpp b/src/modules/m_ldapauth.cpp
index 179fe6fcaa24722a4cec3d88147b206395e7626d..fedf02b4dd107f1c7e1c5f694126fc408ee3b12d 100644 (file)
--- a/src/modules/m_ldapauth.cpp
+++ b/src/modules/m_ldapauth.cpp
@@ -64,7 +64,7 @@ class BindInterface : public LDAPInterface
                                while (i < text.length() - 1 && isalpha(text[i + 1]))
                                        ++i;
 
-                               std::string key = text.substr(start, (i - start) + 1);
+                               std::string key(text, start, (i - start) + 1);
                                result.append(replacements[key]);
                        }
                        else
@@ -90,8 +90,8 @@ class BindInterface : public LDAPInterface
                                if (pos == std::string::npos) // malformed
                                        continue;
 
-                               std::string key = dnPart.substr(0, pos);
-                               std::string value = dnPart.substr(pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself
+                               std::string key(dnPart, 0, pos);
+                               std::string value(dnPart, pos + 1, dnPart.length() - pos + 1); // +1s to skip the = itself
                                dnParts[key] = value;
                        }
 
@@ -232,8 +232,7 @@ class SearchInterface : public LDAPInterface
                        std::string bindDn = a.get("dn");
                        if (bindDn.empty())
                        {
-                               if (user)
-                                       ServerInstance->Users->QuitUser(user, killreason);
+                               ServerInstance->Users->QuitUser(user, killreason);
                                delete this;
                                return;
                        }
@@ -257,6 +256,43 @@ class SearchInterface : public LDAPInterface
        }
 };
 
+class AdminBindInterface : public LDAPInterface
+{
+       const std::string provider;
+       const std::string uuid;
+       const std::string base;
+       const std::string what;
+
+ public:
+       AdminBindInterface(Module* c, const std::string& p, const std::string& u, const std::string& b, const std::string& w)
+               : LDAPInterface(c), provider(p), uuid(u), base(b), what(w)
+       {
+       }
+
+       void OnResult(const LDAPResult& r) CXX11_OVERRIDE
+       {
+               dynamic_reference<LDAPProvider> LDAP(me, provider);
+               if (LDAP)
+               {
+                       try
+                       {
+                               LDAP->Search(new SearchInterface(this->creator, provider, uuid), base, what);
+                       }
+                       catch (LDAPException& ex)
+                       {
+                               ServerInstance->SNO->WriteToSnoMask('a', "Error searching LDAP server: " + ex.GetReason());
+                       }
+               }
+               delete this;
+       }
+
+       void OnError(const LDAPResult& err) CXX11_OVERRIDE
+       {
+               ServerInstance->SNO->WriteToSnoMask('a', "Error binding as manager to LDAP server: " + err.getError());
+               delete this;
+       }
+};
+
 class ModuleLDAPAuth : public Module
 {
        dynamic_reference<LDAPProvider> LDAP;
@@ -271,8 +307,8 @@ class ModuleLDAPAuth : public Module
 public:
        ModuleLDAPAuth()
                : LDAP(this, "LDAP")
-               , ldapAuthed("ldapauth", this)
-               , ldapVhost("ldapauth_vhost", this)
+               , ldapAuthed("ldapauth", ExtensionItem::EXT_USER, this)
+               , ldapVhost("ldapauth_vhost", ExtensionItem::EXT_USER, this)
        {
                me = this;
                authed = &ldapAuthed;
@@ -370,12 +406,23 @@ public:
                        return MOD_RES_DENY;
                }
 
-               try
+               std::string what;
+               std::string::size_type pos = user->password.find(':');
+               if (pos != std::string::npos)
+               {
+                       what = attribute + "=" + user->password.substr(0, pos);
+
+                       // Trim the user: prefix, leaving just 'pass' for later password check
+                       user->password = user->password.substr(pos + 1);
+               }
+               else
                {
-                       LDAP->BindAsManager(NULL);
+                       what = attribute + "=" + (useusername ? user->ident : user->nick);
+               }
 
-                       std::string what = attribute + "=" + (useusername ? user->ident : user->nick);
-                       LDAP->Search(new SearchInterface(this, LDAP.GetProvider(), user->uuid), base, what);
+               try
+               {
+                       LDAP->BindAsManager(new AdminBindInterface(this, LDAP.GetProvider(), user->uuid, base, what));
                }
                catch (LDAPException &ex)
                {