X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_password_hash.cpp;h=6c4145c4edd3bcd02c4255fe5fb4c25cb2a6bfd7;hb=f2cdf27dd9c45f91f4184b81ea3b9be7c5d88173;hp=f064e9cf0cafc0540542752606094229c9846858;hpb=54fb0cd5aa7d090d5c3da5ab54988c86ba8a2e8e;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp
index f064e9cf0..6c4145c4e 100644
--- a/src/modules/m_password_hash.cpp
+++ b/src/modules/m_password_hash.cpp
@@ -1,20 +1,27 @@
-/*       +------------------------------------+
- *       | Inspire Internet Relay Chat Daemon |
- *       +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
  *
- *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
- * See: http://wiki.inspircd.org/Credits
+ *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ *   Copyright (C) 2008 Thomas Stagner <aquanight@inspircd.org>
  *
- * This program is free but copyrighted software; see
- *            the file COPYING for details.
+ * This file is part of InspIRCd.  InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
  *
- * ---------------------------------------------------
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+
 /* $ModDesc: Allows for hashed oper passwords */
 
 #include "inspircd.h"
-#include "m_hash.h"
+#include "modules/hash.h"
 
 /* Handle /MKPASSWD
  */
@@ -29,17 +36,32 @@ class CommandMkpasswd : public Command
 
 	void MakeHash(User* user, const std::string& algo, const std::string& stuff)
 	{
+		if (algo.substr(0,5) == "hmac-")
+		{
+			std::string type = algo.substr(5);
+			HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+			if (!hp)
+			{
+				user->WriteNotice("Unknown hash type");
+				return;
+			}
+			std::string salt = ServerInstance->GenRandomStr(6, false);
+			std::string target = hp->hmac(salt, stuff);
+			std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0);
+
+			user->WriteNotice(algo + " hashed password for " + stuff + " is " + str);
+			return;
+		}
 		HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + algo);
 		if (hp)
 		{
 			/* Now attempt to generate a hash */
-			user->WriteServ("NOTICE %s :%s hashed password for %s is %s",
-				user->nick.c_str(), algo.c_str(), stuff.c_str(), hp->hexsum(stuff).c_str());
+			std::string hexsum = hp->hexsum(stuff);
+			user->WriteNotice(algo + " hashed password for " + stuff + " is " + hexsum);
 		}
 		else
 		{
-			/* I dont do flying, bob. */
-			user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
+			user->WriteNotice("Unknown hash type");
 		}
 	}
 
@@ -57,17 +79,40 @@ class ModuleOperHash : public Module
  public:
 
 	ModuleOperHash() : cmd(this)
+	{
+	}
+
+	void init() CXX11_OVERRIDE
 	{
 		/* Read the config file first */
 		OnRehash(NULL);
 
-		ServerInstance->AddCommand(&cmd);
+		ServerInstance->Modules->AddService(cmd);
 		Implementation eventlist[] = { I_OnPassCompare };
-		ServerInstance->Modules->Attach(eventlist, this, 1);
+		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 	}
 
-	virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
+	ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) CXX11_OVERRIDE
 	{
+		if (hashtype.substr(0,5) == "hmac-")
+		{
+			std::string type = hashtype.substr(5);
+			HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+			if (!hp)
+				return MOD_RES_PASSTHRU;
+			// this is a valid hash, from here on we either accept or deny
+			std::string::size_type sep = data.find('$');
+			if (sep == std::string::npos)
+				return MOD_RES_DENY;
+			std::string salt = Base64ToBin(data.substr(0, sep));
+			std::string target = Base64ToBin(data.substr(sep + 1));
+
+			if (target == hp->hmac(salt, input))
+				return MOD_RES_ALLOW;
+			else
+				return MOD_RES_DENY;
+		}
+
 		HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
 
 		/* Is this a valid hash name? */
@@ -85,7 +130,7 @@ class ModuleOperHash : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
-	virtual Version GetVersion()
+	Version GetVersion() CXX11_OVERRIDE
 	{
 		return Version("Allows for hashed oper passwords",VF_VENDOR);
 	}