X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_oper_cert.cpp;h=3d0e819289a469f1e44bf5c0d220e5632f3a81a0;hb=2b68243097f98ace4a53b21520718874b0ed7db5;hp=23314ec5797ac83143f19ca4a1d7ef44db31d3b0;hpb=4b0f6c610f755e0cb93843d5a2a6c70336eafe39;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_ssl_oper_cert.cpp b/src/modules/extra/m_ssl_oper_cert.cpp index 23314ec57..3d0e81928 100644 --- a/src/modules/extra/m_ssl_oper_cert.cpp +++ b/src/modules/extra/m_ssl_oper_cert.cpp @@ -2,12 +2,9 @@ * | Inspire Internet Relay Chat Daemon | * +------------------------------------+ * - * InspIRCd is copyright (C) 2002-2006 ChatSpike-Dev. - * E-mail: - * - * - * - * Written by Craig Edwards, Craig McLure, and others. + * InspIRCd: (C) 2002-2007 InspIRCd Development Team + * See: http://www.inspircd.org/wiki/index.php/Credits + * * This program is free but copyrighted software; see * the file COPYING for details. * @@ -15,32 +12,30 @@ */ /* $ModDesc: Allows for MD5 encrypted oper passwords */ +/* $ModDep: transport.h */ -using namespace std; - -#include +#include "inspircd.h" #include "inspircd_config.h" #include "users.h" #include "channels.h" #include "modules.h" -#include "inspircd.h" -#include "ssl_cert.h" +#include "transport.h" #include "wildcard.h" /** Handle /FINGERPRINT */ -class cmd_fingerprint : public command_t +class cmd_fingerprint : public Command { public: - cmd_fingerprint (InspIRCd* Instance) : command_t(Instance,"FINGERPRINT", 0, 1) + cmd_fingerprint (InspIRCd* Instance) : Command(Instance,"FINGERPRINT", 0, 1) { this->source = "m_ssl_oper_cert.so"; syntax = ""; } - CmdResult Handle (const char** parameters, int pcnt, userrec *user) + CmdResult Handle (const char** parameters, int pcnt, User *user) { - userrec* target = ServerInstance->FindNick(parameters[0]); + User* target = ServerInstance->FindNick(parameters[0]); if (target) { ssl_cert* cert; @@ -78,25 +73,32 @@ class ModuleOperSSLCert : public Module ssl_cert* cert; bool HasCert; cmd_fingerprint* mycommand; + ConfigReader* cf; public: ModuleOperSSLCert(InspIRCd* Me) - : Module::Module(Me) + : Module(Me) { - mycommand = new cmd_fingerprint(ServerInstance); ServerInstance->AddCommand(mycommand); + cf = new ConfigReader(ServerInstance); } - + virtual ~ModuleOperSSLCert() { + delete cf; } void Implements(char* List) { - List[I_OnPreCommand] = 1; + List[I_OnPreCommand] = List[I_OnRehash] = 1; } + virtual void OnRehash(User* user, const std::string ¶meter) + { + delete cf; + cf = new ConfigReader(ServerInstance); + } bool OneOfMatches(const char* host, const char* ip, const char* hostlist) { @@ -113,39 +115,48 @@ class ModuleOperSSLCert : public Module } - virtual int OnPreCommand(const std::string &command, const char** parameters, int pcnt, userrec *user, bool validated, const std::string &original_line) + virtual int OnPreCommand(const std::string &command, const char** parameters, int pcnt, User *user, bool validated, const std::string &original_line) { irc::string cmd = command.c_str(); if ((cmd == "OPER") && (validated)) { - char LoginName[MAXBUF]; - char Password[MAXBUF]; - char OperType[MAXBUF]; - char HostName[MAXBUF]; char TheHost[MAXBUF]; char TheIP[MAXBUF]; - char FingerPrint[MAXBUF]; + std::string LoginName; + std::string Password; + std::string OperType; + std::string HostName; + std::string FingerPrint; + bool SSLOnly; + char* dummy; snprintf(TheHost,MAXBUF,"%s@%s",user->ident,user->host); snprintf(TheIP, MAXBUF,"%s@%s",user->ident,user->GetIPString()); HasCert = user->GetExt("ssl_cert",cert); - ServerInstance->Log(DEBUG,"HasCert=%d",HasCert); - for (int i = 0; i < ServerInstance->Config->ConfValueEnum(ServerInstance->Config->config_data, "oper"); i++) + + for (int i = 0; i < cf->Enumerate("oper"); i++) { - ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "name", i, LoginName, MAXBUF); - ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "password", i, Password, MAXBUF); - ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "type", i, OperType, MAXBUF); - ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "host", i, HostName, MAXBUF); - ServerInstance->Config->ConfValue(ServerInstance->Config->config_data, "oper", "fingerprint", i, FingerPrint, MAXBUF); - - if (*FingerPrint) + LoginName = cf->ReadValue("oper", "name", i); + Password = cf->ReadValue("oper", "password", i); + OperType = cf->ReadValue("oper", "type", i); + HostName = cf->ReadValue("oper", "host", i); + FingerPrint = cf->ReadValue("oper", "fingerprint", i); + SSLOnly = cf->ReadFlag("oper", "sslonly", i); + + if (SSLOnly || !FingerPrint.empty()) { - if ((!strcmp(LoginName,parameters[0])) && (!ServerInstance->OperPassCompare(Password,parameters[1])) && (OneOfMatches(TheHost,TheIP,HostName))) + if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->OperPassCompare(Password.c_str(),parameters[1],i)) && (OneOfMatches(TheHost,TheIP,HostName.c_str()))) { + if (SSLOnly && !user->GetExt("ssl", dummy)) + { + user->WriteServ("491 %s :This oper login name requires an SSL connection.", user->nick); + return 1; + } + /* This oper would match */ - if (cert->GetFingerprint() != FingerPrint) + if ((!cert) || (cert->GetFingerprint() != FingerPrint)) { user->WriteServ("491 %s :This oper login name requires a matching key fingerprint.",user->nick); ServerInstance->SNO->WriteToSnoMask('o',"'%s' cannot oper, does not match fingerprint", user->nick); @@ -165,26 +176,5 @@ class ModuleOperSSLCert : public Module } }; -class ModuleOperSSLCertFactory : public ModuleFactory -{ - public: - ModuleOperSSLCertFactory() - { - } - - ~ModuleOperSSLCertFactory() - { - } - - virtual Module * CreateModule(InspIRCd* Me) - { - return new ModuleOperSSLCert(Me); - } - -}; - +MODULE_INIT(ModuleOperSSLCert); -extern "C" void * init_module( void ) -{ - return new ModuleOperSSLCertFactory; -}