/* $ModDesc: Allows for hashed oper passwords */
#include "inspircd.h"
-#include "m_hash.h"
+#include "hash.h"
/* Handle /MKPASSWD
*/
void MakeHash(User* user, const std::string& algo, const std::string& stuff)
{
+ if (algo.substr(0,5) == "hmac-")
+ {
+ std::string type = algo.substr(5);
+ HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+ if (!hp)
+ {
+ user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
+ return;
+ }
+ std::string salt = ServerInstance->GenRandomStr(6, false);
+ std::string target = hp->hmac(salt, stuff);
+ std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0);
+
+ user->WriteServ("NOTICE %s :%s hashed password for %s is %s",
+ user->nick.c_str(), algo.c_str(), stuff.c_str(), str.c_str());
+ return;
+ }
HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + algo);
if (hp)
{
}
else
{
- /* I dont do flying, bob. */
user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
}
}
virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
{
+ if (hashtype.substr(0,5) == "hmac-")
+ {
+ std::string type = hashtype.substr(5);
+ HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+ if (!hp)
+ return MOD_RES_PASSTHRU;
+ // this is a valid hash, from here on we either accept or deny
+ std::string::size_type sep = data.find('$');
+ if (sep == std::string::npos)
+ return MOD_RES_DENY;
+ std::string salt = Base64ToBin(data.substr(0, sep));
+ std::string target = Base64ToBin(data.substr(sep + 1));
+
+ if (target == hp->hmac(salt, input))
+ return MOD_RES_ALLOW;
+ else
+ return MOD_RES_DENY;
+ }
+
HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
/* Is this a valid hash name? */