/*
* InspIRCd -- Internet Relay Chat Daemon
*
- * Copyright (C) 2013 Adam <Adam@anope.org>
- * Copyright (C) 2009 Robin Burchell <robin+git@viroteck.net>
- * Copyright (C) 2008 Pippijn van Steenhoven <pip88nl@gmail.com>
- * Copyright (C) 2008 Craig Edwards <craigedwards@brainbox.cc>
- * Copyright (C) 2007 Carsten Valdemar Munk <carsten.munk+inspircd@gmail.com>
+ * Copyright (C) 2020 Christos Triantafyllidis <ctria@users.noreply.github.com>
+ * Copyright (C) 2018-2020 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2014, 2018 Attila Molnar <attilamolnar@hush.com>
+ * Copyright (C) 2013-2014 Adam <Adam@anope.org>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
* redistribute it and/or modify it under the terms of the GNU General Public
if (!user)
return;
- Command* oper_command = ServerInstance->Parser->GetHandler("OPER");
+ Command* oper_command = ServerInstance->Parser.GetHandler("OPER");
if (!oper_command)
return;
- std::vector<std::string> params;
+ CommandBase::Params params;
params.push_back(opername);
params.push_back(password);
- oper_command->Handle(params, user);
+ ClientProtocol::TagMap tags;
+ oper_command->Handle(user, CommandBase::Params(params, tags));
}
void Fallback()
void OnResult(const LDAPResult& r) CXX11_OVERRIDE
{
User* user = ServerInstance->FindUUID(uid);
- OperIndex::iterator iter = ServerInstance->Config->oper_blocks.find(opername);
+ ServerConfig::OperIndex::const_iterator iter = ServerInstance->Config->oper_blocks.find(opername);
if (!user || iter == ServerInstance->Config->oper_blocks.end())
{
}
public:
- SearchInterface(Module* mod, const std::string& prov, User* user, const std::string& oper, const std::string& pass)
- : LDAPOperBase(mod, user->uuid, oper, pass)
+ SearchInterface(Module* mod, const std::string& prov, const std::string &uuid, const std::string& oper, const std::string& pass)
+ : LDAPOperBase(mod, uuid, oper, pass)
, provider(prov)
{
}
}
};
-class ModuleLDAPAuth : public Module
+class AdminBindInterface : public LDAPInterface
+{
+ const std::string provider;
+ const std::string user;
+ const std::string opername;
+ const std::string password;
+ const std::string base;
+ const std::string what;
+
+ public:
+ AdminBindInterface(Module* c, const std::string& p, const std::string& u, const std::string& o, const std::string& pa, const std::string& b, const std::string& w)
+ : LDAPInterface(c)
+ , provider(p)
+ , user(u)
+ , opername(o)
+ , password(pa)
+ , base(b)
+ , what(w)
+ {
+ }
+
+ void OnResult(const LDAPResult& r) CXX11_OVERRIDE
+ {
+ dynamic_reference<LDAPProvider> LDAP(me, provider);
+ if (LDAP)
+ {
+ try
+ {
+ LDAP->Search(new SearchInterface(this->creator, provider, user, opername, password), base, what);
+ }
+ catch (LDAPException& ex)
+ {
+ ServerInstance->SNO->WriteToSnoMask('a', "Error searching LDAP server: " + ex.GetReason());
+ }
+ }
+ delete this;
+ }
+
+ void OnError(const LDAPResult& err) CXX11_OVERRIDE
+ {
+ ServerInstance->SNO->WriteToSnoMask('a', "Error binding as manager to LDAP server: " + err.getError());
+ delete this;
+ }
+};
+
+class ModuleLDAPOper : public Module
{
dynamic_reference<LDAPProvider> LDAP;
std::string base;
std::string attribute;
public:
- ModuleLDAPAuth()
+ ModuleLDAPOper()
: LDAP(this, "LDAP")
{
me = this;
attribute = tag->getString("attribute");
}
- ModResult OnPreCommand(std::string& command, std::vector<std::string>& parameters, LocalUser* user, bool validated, const std::string& original_line) CXX11_OVERRIDE
+ ModResult OnPreCommand(std::string& command, CommandBase::Params& parameters, LocalUser* user, bool validated) CXX11_OVERRIDE
{
if (validated && command == "OPER" && parameters.size() >= 2)
{
const std::string& opername = parameters[0];
const std::string& password = parameters[1];
- OperIndex::iterator it = ServerInstance->Config->oper_blocks.find(opername);
+ ServerConfig::OperIndex::const_iterator it = ServerInstance->Config->oper_blocks.find(opername);
if (it == ServerInstance->Config->oper_blocks.end())
return MOD_RES_PASSTHRU;
return MOD_RES_PASSTHRU;
std::string acceptedhosts = tag->getString("host");
- std::string hostname = user->ident + "@" + user->host;
- if (!InspIRCd::MatchMask(acceptedhosts, hostname, user->GetIPString()))
+ if (!InspIRCd::MatchMask(acceptedhosts, user->MakeHost(), user->MakeHostIP()))
return MOD_RES_PASSTHRU;
if (!LDAP)
try
{
- // First, bind as the manager so the following search will go through
- LDAP->BindAsManager(NULL);
-
- // Fire off the search
std::string what = attribute + "=" + opername;
- LDAP->Search(new SearchInterface(this, LDAP.GetProvider(), user, opername, password), base, what);
+ LDAP->BindAsManager(new AdminBindInterface(this, LDAP.GetProvider(), user->uuid, opername, password, base, what));
return MOD_RES_DENY;
}
catch (LDAPException& ex)
Version GetVersion() CXX11_OVERRIDE
{
- return Version("Adds the ability to authenticate opers via LDAP", VF_VENDOR);
+ return Version("Allows server operators to be authenticated against an LDAP database.", VF_VENDOR);
}
};
-MODULE_INIT(ModuleLDAPAuth)
+MODULE_INIT(ModuleLDAPOper)