X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_sqlauth.cpp;h=dcc62a0a2752b330e8ddc5b75c4ee281df735a1f;hb=b07868e77c0527642ed72bce84bf5895bf921e87;hp=4bc08dd7a3a85a63130b884882bb92b5417514f9;hpb=4b0f6c610f755e0cb93843d5a2a6c70336eafe39;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_sqlauth.cpp b/src/modules/extra/m_sqlauth.cpp index 4bc08dd7a..dcc62a0a2 100644 --- a/src/modules/extra/m_sqlauth.cpp +++ b/src/modules/extra/m_sqlauth.cpp @@ -2,40 +2,32 @@ * | Inspire Internet Relay Chat Daemon | * +------------------------------------+ * - * InspIRCd is copyright (C) 2002-2004 ChatSpike-Dev. - * E-mail: - * - * - * - * - * Written by Craig Edwards, Craig McLure, and others. + * InspIRCd: (C) 2002-2008 InspIRCd Development Team + * See: http://www.inspircd.org/wiki/index.php/Credits + * * This program is free but copyrighted software; see * the file COPYING for details. * * --------------------------------------------------- */ -#include - +#include "inspircd.h" #include "users.h" #include "channels.h" #include "modules.h" -#include "inspircd.h" - #include "m_sqlv2.h" #include "m_sqlutils.h" +#include "m_hash.h" /* $ModDesc: Allow/Deny connections based upon an arbitary SQL table */ +/* $ModDep: m_sqlv2.h m_sqlutils.h m_hash.h */ class ModuleSQLAuth : public Module { - InspIRCd* Srv; Module* SQLutils; + Module* SQLprovider; - std::string usertable; - std::string userfield; - std::string passfield; - std::string encryption; + std::string freeformquery; std::string killreason; std::string allowpattern; std::string databaseid; @@ -44,122 +36,137 @@ class ModuleSQLAuth : public Module public: ModuleSQLAuth(InspIRCd* Me) - : Module::Module(Me), Srv(Me) + : Module::Module(Me) { - SQLutils = Srv->FindFeature("SQLutils"); - - if(SQLutils) - { - ServerInstance->Log(DEBUG, "Successfully got SQLutils pointer"); - } - else - { - ServerInstance->Log(DEFAULT, "ERROR: This module requires a module offering the 'SQLutils' feature (usually m_sqlutils.so). Please load it and try again."); - throw ModuleException("This module requires a module offering the 'SQLutils' feature (usually m_sqlutils.so). Please load it and try again."); - } - - OnRehash(""); + ServerInstance->Modules->UseInterface("SQLutils"); + ServerInstance->Modules->UseInterface("SQL"); + + SQLutils = ServerInstance->Modules->Find("m_sqlutils.so"); + if (!SQLutils) + throw ModuleException("Can't find m_sqlutils.so. Please load m_sqlutils.so before m_sqlauth.so."); + + SQLprovider = ServerInstance->Modules->FindFeature("SQL"); + if (!SQLprovider) + throw ModuleException("Can't find an SQL provider module. Please load one before attempting to load m_sqlauth."); + + OnRehash(NULL,""); + Implementation eventlist[] = { I_OnUserDisconnect, I_OnCheckReady, I_OnRequest, I_OnRehash, I_OnUserRegister }; + ServerInstance->Modules->Attach(eventlist, this, 5); } - void Implements(char* List) + virtual ~ModuleSQLAuth() { - List[I_OnUserDisconnect] = List[I_OnCheckReady] = List[I_OnRequest] = List[I_OnRehash] = List[I_OnUserRegister] = 1; + ServerInstance->Modules->DoneWithInterface("SQL"); + ServerInstance->Modules->DoneWithInterface("SQLutils"); } - virtual void OnRehash(const std::string ¶meter) + + virtual void OnRehash(User* user, const std::string ¶meter) { - ConfigReader Conf(Srv); - - usertable = Conf.ReadValue("sqlauth", "usertable", 0); /* User table name */ + ConfigReader Conf(ServerInstance); + databaseid = Conf.ReadValue("sqlauth", "dbid", 0); /* Database ID, given to the SQL service provider */ - userfield = Conf.ReadValue("sqlauth", "userfield", 0); /* Field name where username can be found */ - passfield = Conf.ReadValue("sqlauth", "passfield", 0); /* Field name where password can be found */ + freeformquery = Conf.ReadValue("sqlauth", "query", 0); /* Field name where username can be found */ killreason = Conf.ReadValue("sqlauth", "killreason", 0); /* Reason to give when access is denied to a user (put your reg details here) */ - allowpattern= Conf.ReadValue("sqlauth", "allowpattern",0 ); /* Allow nicks matching this pattern without requiring auth */ - encryption = Conf.ReadValue("sqlauth", "encryption", 0); /* Name of sql function used to encrypt password, e.g. "md5" or "passwd". - * define, but leave blank if no encryption is to be used. - */ + allowpattern = Conf.ReadValue("sqlauth", "allowpattern",0 ); /* Allow nicks matching this pattern without requiring auth */ verbose = Conf.ReadFlag("sqlauth", "verbose", 0); /* Set to true if failed connects should be reported to operators */ - - if (encryption.find("(") == std::string::npos) - { - encryption.append("("); - } - } + } - virtual void OnUserRegister(userrec* user) + virtual int OnUserRegister(User* user) { - if ((allowpattern != "") && (Srv->MatchText(user->nick,allowpattern))) - return; + if ((!allowpattern.empty()) && (ServerInstance->MatchText(user->nick,allowpattern))) + { + user->Extend("sqlauthed"); + return 0; + } if (!CheckCredentials(user)) { - userrec::QuitUser(Srv,user,killreason); + User::QuitUser(ServerInstance,user,killreason); + return 1; } + return 0; } + void SearchAndReplace(std::string& newline, const std::string &find, const std::string &replace) + { + std::string::size_type x = newline.find(find); + while (x != std::string::npos) + { + newline.erase(x, find.length()); + if (!replace.empty()) + newline.insert(x, replace); + x = newline.find(find); + } + } + - bool CheckCredentials(userrec* user) + bool CheckCredentials(User* user) { - Module* target; + std::string thisquery = freeformquery; + std::string safepass = user->password; - target = Srv->FindFeature("SQL"); - - if(target) + /* Search and replace the escaped nick and escaped pass into the query */ + + SearchAndReplace(safepass, "\"", ""); + + SearchAndReplace(thisquery, "$nick", user->nick); + SearchAndReplace(thisquery, "$pass", safepass); + SearchAndReplace(thisquery, "$host", user->host); + SearchAndReplace(thisquery, "$ip", user->GetIPString()); + + Module* HashMod = ServerInstance->Modules->Find("m_md5.so"); + + if (HashMod) + { + HashResetRequest(this, HashMod).Send(); + SearchAndReplace(thisquery, "$md5pass", HashSumRequest(this, HashMod, user->password).Send()); + } + + HashMod = ServerInstance->Modules->Find("m_sha256.so"); + + if (HashMod) { - SQLrequest req = SQLreq(this, target, databaseid, "SELECT ? FROM ? WHERE ? = '?' AND ? = ?'?')", userfield, usertable, userfield, user->nick, passfield, encryption, user->password); + HashResetRequest(this, HashMod).Send(); + SearchAndReplace(thisquery, "$sha256pass", HashSumRequest(this, HashMod, user->password).Send()); + } + + /* Build the query */ + SQLrequest req = SQLrequest(this, SQLprovider, databaseid, SQLquery(thisquery)); - if(req.Send()) - { - /* When we get the query response from the service provider we will be given an ID to play with, - * just an ID number which is unique to this query. We need a way of associating that ID with a userrec - * so we insert it into a map mapping the IDs to users. - * Thankfully m_sqlutils provides this, it will associate a ID with a user or channel, and if the user quits it removes the - * association. This means that if the user quits during a query we will just get a failed lookup from m_sqlutils - telling - * us to discard the query. - */ - ServerInstance->Log(DEBUG, "Sent query, got given ID %lu", req.id); + if(req.Send()) + { + /* When we get the query response from the service provider we will be given an ID to play with, + * just an ID number which is unique to this query. We need a way of associating that ID with a User + * so we insert it into a map mapping the IDs to users. + * Thankfully m_sqlutils provides this, it will associate a ID with a user or channel, and if the user quits it removes the + * association. This means that if the user quits during a query we will just get a failed lookup from m_sqlutils - telling + * us to discard the query. + */ + AssociateUser(this, SQLutils, req.id, user).Send(); - AssociateUser(this, SQLutils, req.id, user).Send(); - - return true; - } - else - { - ServerInstance->Log(DEBUG, "SQLrequest failed: %s", req.error.Str()); - - if (verbose) - Srv->WriteOpers("Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick, user->ident, user->host, req.error.Str()); - - return false; - } + return true; } else { - ServerInstance->Log(SPARSE, "WARNING: Couldn't find SQL provider module. NOBODY will be allowed to connect until it comes back unless they match an exception"); + if (verbose) + ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick, user->ident, user->host, req.error.Str()); return false; } } - virtual char* OnRequest(Request* request) + virtual const char* OnRequest(Request* request) { if(strcmp(SQLRESID, request->GetId()) == 0) { - SQLresult* res; - - res = static_cast(request); - - ServerInstance->Log(DEBUG, "Got SQL result (%s) with ID %lu", res->GetId(), res->id); - - userrec* user = GetAssocUser(this, SQLutils, res->id).S().user; + SQLresult* res = static_cast(request); + + User* user = GetAssocUser(this, SQLutils, res->id).S().user; UnAssociate(this, SQLutils, res->id).S(); if(user) { if(res->error.Id() == NO_ERROR) - { - ServerInstance->Log(DEBUG, "Associated query ID %lu with user %s", res->id, user->nick); - ServerInstance->Log(DEBUG, "Got result with %d rows and %d columns", res->Rows(), res->Cols()); - + { if(res->Rows()) { /* We got a row in the result, this is enough really */ @@ -168,78 +175,46 @@ public: else if (verbose) { /* No rows in result, this means there was no record matching the user */ - Srv->WriteOpers("Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick, user->ident, user->host); + ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query returned no matches)", user->nick, user->ident, user->host); user->Extend("sqlauth_failed"); } } else if (verbose) { - ServerInstance->Log(DEBUG, "Query failed: %s", res->error.Str()); - Srv->WriteOpers("Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick, user->ident, user->host, res->error.Str()); + ServerInstance->SNO->WriteToSnoMask('A', "Forbidden connection from %s!%s@%s (SQL query failed: %s)", user->nick, user->ident, user->host, res->error.Str()); user->Extend("sqlauth_failed"); } } else { - ServerInstance->Log(DEBUG, "Got query with unknown ID, this probably means the user quit while the query was in progress"); + return NULL; + } + + if (!user->GetExt("sqlauthed")) + { + User::QuitUser(ServerInstance,user,killreason); } - return SQLSUCCESS; - } - - ServerInstance->Log(DEBUG, "Got unsupported API version string: %s", request->GetId()); - + } return NULL; } - virtual void OnUserDisconnect(userrec* user) + virtual void OnUserDisconnect(User* user) { user->Shrink("sqlauthed"); user->Shrink("sqlauth_failed"); } - virtual bool OnCheckReady(userrec* user) + virtual bool OnCheckReady(User* user) { - if(user->GetExt("sqlauth_failed")) - { - userrec::QuitUser(Srv,user,killreason); - return false; - } - return user->GetExt("sqlauthed"); } - virtual ~ModuleSQLAuth() - { - } - virtual Version GetVersion() { - return Version(1,0,1,0,VF_VENDOR,API_VERSION); + return Version(1,2,1,0,VF_VENDOR,API_VERSION); } }; -class ModuleSQLAuthFactory : public ModuleFactory -{ - public: - ModuleSQLAuthFactory() - { - } - - ~ModuleSQLAuthFactory() - { - } - - virtual Module * CreateModule(InspIRCd* Me) - { - return new ModuleSQLAuth(Me); - } - -}; - - -extern "C" void * init_module( void ) -{ - return new ModuleSQLAuthFactory; -} +MODULE_INIT(ModuleSQLAuth)