X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ldapoper.cpp;h=6bd834dc80541f13c3b6f12233628236f8f2020c;hb=44f42a13de52c8025942ddab42f51feb36821782;hp=9a2a5b131afb2f20003abba2ee0c53a3a4c6d616;hpb=d185decae97752368d5cf62311cbc0d1a52aa22c;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_ldapoper.cpp b/src/modules/extra/m_ldapoper.cpp
index 9a2a5b131..6bd834dc8 100644
--- a/src/modules/extra/m_ldapoper.cpp
+++ b/src/modules/extra/m_ldapoper.cpp
@@ -1,26 +1,25 @@
-/*       +------------------------------------+
- *       | Inspire Internet Relay Chat Daemon |
- *       +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
  *
- *  InspIRCd: (C) 2002-2008 InspIRCd Development Team
- * See: http://www.inspircd.org/wiki/index.php/Credits
+ *   Copyright (C) 2009 Robin Burchell <robin+git@viroteck.net>
+ *   Copyright (C) 2008 Pippijn van Steenhoven <pip88nl@gmail.com>
+ *   Copyright (C) 2008 Craig Edwards <craigedwards@brainbox.cc>
+ *   Copyright (C) 2007 Carsten Valdemar Munk <carsten.munk+inspircd@gmail.com>
  *
- * This program is free but copyrighted software; see
- *            the file COPYING for details.
+ * This file is part of InspIRCd.  InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
  *
- * ---------------------------------------------------
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
  *
- * Taken from the UnrealIRCd 4.0 SVN version, based on
- * InspIRCd 1.1.x.
- *
- * UnrealIRCd 4.0 (C) 2007 Carsten Valdemar Munk
- * This program is free but copyrighted software; see
- *	    the file COPYING for details.
- *
- * ---------------------------------------------------
- * Heavily based on SQLauth
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+
 #include "inspircd.h"
 #include "users.h"
 #include "channels.h"
@@ -28,6 +27,11 @@
 
 #include <ldap.h>
 
+#ifdef WINDOWS
+# pragma comment(lib, "ldap.lib")
+# pragma comment(lib, "lber.lib")
+#endif
+
 /* $ModDesc: Allow/Deny connections based upon answer from LDAP server */
 /* $LinkerFlags: -lldap */
 
@@ -41,13 +45,12 @@ class ModuleLDAPAuth : public Module
 	LDAP *conn;
 
 public:
-	ModuleLDAPAuth(InspIRCd* Me)
-	: Module::Module(Me)
-	{
+	ModuleLDAPAuth()
+		{
 		conn = NULL;
 		Implementation eventlist[] = { I_OnRehash, I_OnPassCompare };
 		ServerInstance->Modules->Attach(eventlist, this, 2);
-		OnRehash(NULL,"");
+		OnRehash(NULL);
 	}
 
 	virtual ~ModuleLDAPAuth()
@@ -56,9 +59,9 @@ public:
 			ldap_unbind_ext(conn, NULL, NULL);
 	}
 
-	virtual void OnRehash(User* user, const std::string &parameter)
+	virtual void OnRehash(User* user)
 	{
-		ConfigReader Conf(ServerInstance);
+		ConfigReader Conf;
 
 		base 			= Conf.ReadValue("ldapoper", "baserdn", 0);
 		ldapserver		= Conf.ReadValue("ldapoper", "server", 0);
@@ -97,22 +100,21 @@ public:
 		return true;
 	}
 
-	virtual int OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
+	virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
 	{
-		User* user = dynamic_cast<User*>(ex);
 		if (hashtype == "ldap")
 		{
-			if (LookupOper(user, data, input))
-			{
+			if (LookupOper(data, input))
 				/* This is an ldap oper and has been found, claim the OPER command */
-				return 1;
-			}
+				return MOD_RES_ALLOW;
+			else
+				return MOD_RES_DENY;
 		}
 		/* We don't know this oper! */
-		return 0;
+		return MOD_RES_PASSTHRU;
 	}
 
-	bool LookupOper(User* user, const std::string &what, const std::string &opassword)
+	bool LookupOper(const std::string &what, const std::string &opassword)
 	{
 		if (conn == NULL)
 			if (!Connect())
@@ -127,10 +129,21 @@ public:
 
 		if ((res = ldap_sasl_bind_s(conn, username.c_str(), LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL)) != LDAP_SUCCESS)
 		{
-			free(authpass);
-			ldap_unbind_ext(conn, NULL, NULL);
-			conn = NULL;
-			return false;
+			if (res == LDAP_SERVER_DOWN)
+			{
+				// Attempt to reconnect if the connection dropped
+				ServerInstance->SNO->WriteToSnoMask('a', "LDAP server has gone away - reconnecting...");
+				Connect();
+				res = ldap_sasl_bind_s(conn, username.c_str(), LDAP_SASL_SIMPLE, &cred, NULL, NULL, NULL);
+			}
+
+			if (res != LDAP_SUCCESS)
+			{
+				free(authpass);
+				ldap_unbind_ext(conn, NULL, NULL);
+				conn = NULL;
+				return false;
+			}
 		}
 		free(authpass);
 
@@ -168,7 +181,7 @@ public:
 
 	virtual Version GetVersion()
 	{
-		return Version(1,2,0,0,VF_VENDOR,API_VERSION);
+		return Version("Allow/Deny connections based upon answer from LDAP server", VF_VENDOR);
 	}
 
 };