]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_password_hash.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
SVSNICK should not translate nicks to UIDs
[user/henk/code/inspircd.git] / src / modules / m_password_hash.cpp
diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp
index f064e9cf0cafc0540542752606094229c9846858..44e02eeda8b07368eb15c40ea017d94e476e374c 100644 (file)
--- a/src/modules/m_password_hash.cpp
+++ b/src/modules/m_password_hash.cpp
@@ -2,7 +2,7 @@
  *       | Inspire Internet Relay Chat Daemon |
  *       +------------------------------------+
  *
- *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
+ *  InspIRCd: (C) 2002-2010 InspIRCd Development Team
  * See: http://wiki.inspircd.org/Credits
  *
  * This program is free but copyrighted software; see
@@ -14,7 +14,7 @@
 /* $ModDesc: Allows for hashed oper passwords */
 
 #include "inspircd.h"
-#include "m_hash.h"
+#include "hash.h"
 
 /* Handle /MKPASSWD
  */
@@ -29,6 +29,23 @@ class CommandMkpasswd : public Command
 
        void MakeHash(User* user, const std::string& algo, const std::string& stuff)
        {
+               if (algo.substr(0,5) == "hmac-")
+               {
+                       std::string type = algo.substr(5);
+                       HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+                       if (!hp)
+                       {
+                               user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
+                               return;
+                       }
+                       std::string salt = ServerInstance->GenRandomStr(6, false);
+                       std::string target = hp->hmac(salt, stuff);
+                       std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0);
+
+                       user->WriteServ("NOTICE %s :%s hashed password for %s is %s",
+                               user->nick.c_str(), algo.c_str(), stuff.c_str(), str.c_str());
+                       return;
+               }
                HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + algo);
                if (hp)
                {
@@ -38,7 +55,6 @@ class CommandMkpasswd : public Command
                }
                else
                {
-                       /* I dont do flying, bob. */
                        user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
                }
        }
@@ -68,6 +84,25 @@ class ModuleOperHash : public Module
 
        virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
        {
+               if (hashtype.substr(0,5) == "hmac-")
+               {
+                       std::string type = hashtype.substr(5);
+                       HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+                       if (!hp)
+                               return MOD_RES_PASSTHRU;
+                       // this is a valid hash, from here on we either accept or deny
+                       std::string::size_type sep = data.find('$');
+                       if (sep == std::string::npos)
+                               return MOD_RES_DENY;
+                       std::string salt = Base64ToBin(data.substr(0, sep));
+                       std::string target = Base64ToBin(data.substr(sep + 1));
+
+                       if (target == hp->hmac(salt, input))
+                               return MOD_RES_ALLOW;
+                       else
+                               return MOD_RES_DENY;
+               }
+
                HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
 
                /* Is this a valid hash name? */