X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_password_hash.cpp;h=98462780b09a7fda288759b029d0a9bd327ca845;hb=a5d110282a864fd2e91b51ce360a977cd0643657;hp=a9870c05773eab98de1a0811491c5dc8418eb766;hpb=cd712c40e1b352c05e7ae0f72e0a5e84cdf64323;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp
index a9870c057..98462780b 100644
--- a/src/modules/m_password_hash.cpp
+++ b/src/modules/m_password_hash.cpp
@@ -1,20 +1,27 @@
-/*       +------------------------------------+
- *       | Inspire Internet Relay Chat Daemon |
- *       +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
  *
- *  InspIRCd: (C) 2002-2010 InspIRCd Development Team
- * See: http://wiki.inspircd.org/Credits
+ *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ *   Copyright (C) 2008 Thomas Stagner <aquanight@inspircd.org>
  *
- * This program is free but copyrighted software; see
- *            the file COPYING for details.
+ * This file is part of InspIRCd.  InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
  *
- * ---------------------------------------------------
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+
 /* $ModDesc: Allows for hashed oper passwords */
 
 #include "inspircd.h"
-#include "m_hash.h"
+#include "hash.h"
 
 /* Handle /MKPASSWD
  */
@@ -29,16 +36,33 @@ class CommandMkpasswd : public Command
 
 	void MakeHash(User* user, const std::string& algo, const std::string& stuff)
 	{
+		if (algo.substr(0,5) == "hmac-")
+		{
+			std::string type = algo.substr(5);
+			HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+			if (!hp)
+			{
+				user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
+				return;
+			}
+			std::string salt = ServerInstance->GenRandomStr(6, false);
+			std::string target = hp->hmac(salt, stuff);
+			std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0);
+
+			user->WriteServ("NOTICE %s :%s hashed password for %s is %s",
+				user->nick.c_str(), algo.c_str(), stuff.c_str(), str.c_str());
+			return;
+		}
 		HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + algo);
 		if (hp)
 		{
 			/* Now attempt to generate a hash */
+			std::string hexsum = hp->hexsum(stuff);
 			user->WriteServ("NOTICE %s :%s hashed password for %s is %s",
-				user->nick.c_str(), algo.c_str(), stuff.c_str(), hp->hexsum(stuff).c_str());
+				user->nick.c_str(), algo.c_str(), stuff.c_str(), hexsum.c_str());
 		}
 		else
 		{
-			/* I dont do flying, bob. */
 			user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str());
 		}
 	}
@@ -57,17 +81,40 @@ class ModuleOperHash : public Module
  public:
 
 	ModuleOperHash() : cmd(this)
+	{
+	}
+
+	void init()
 	{
 		/* Read the config file first */
 		OnRehash(NULL);
 
-		ServerInstance->AddCommand(&cmd);
+		ServerInstance->Modules->AddService(cmd);
 		Implementation eventlist[] = { I_OnPassCompare };
-		ServerInstance->Modules->Attach(eventlist, this, 1);
+		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 	}
 
 	virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype)
 	{
+		if (hashtype.substr(0,5) == "hmac-")
+		{
+			std::string type = hashtype.substr(5);
+			HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + type);
+			if (!hp)
+				return MOD_RES_PASSTHRU;
+			// this is a valid hash, from here on we either accept or deny
+			std::string::size_type sep = data.find('$');
+			if (sep == std::string::npos)
+				return MOD_RES_DENY;
+			std::string salt = Base64ToBin(data.substr(0, sep));
+			std::string target = Base64ToBin(data.substr(sep + 1));
+
+			if (target == hp->hmac(salt, input))
+				return MOD_RES_ALLOW;
+			else
+				return MOD_RES_DENY;
+		}
+
 		HashProvider* hp = ServerInstance->Modules->FindDataService<HashProvider>("hash/" + hashtype);
 
 		/* Is this a valid hash name? */