X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_password_hash.cpp;h=98462780b09a7fda288759b029d0a9bd327ca845;hb=fc4fc43ec232407b38d7ca182cb92c5cac4287aa;hp=d27856b3e31d16fdfeab8036391bc822565b08fc;hpb=f91a61fa22b239384c31526fd11da1e3030aaa96;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp index d27856b3e..98462780b 100644 --- a/src/modules/m_password_hash.cpp +++ b/src/modules/m_password_hash.cpp @@ -1,33 +1,27 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2010 InspIRCd Development Team - * See: http://wiki.inspircd.org/Credits + * Copyright (C) 2009-2010 Daniel De Graaf + * Copyright (C) 2008 Thomas Stagner * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ + /* $ModDesc: Allows for hashed oper passwords */ #include "inspircd.h" -#include "m_hash.h" - -static std::string hmac(HashProvider* hp, const std::string& key, const std::string& msg) -{ - std::string hmac1, hmac2; - for (size_t n = 0; n < key.length(); n++) - { - hmac1.push_back(static_cast(key[n] ^ 0x5C)); - hmac2.push_back(static_cast(key[n] ^ 0x36)); - } - hmac2.append(msg); - hmac1.append(hp->sum(hmac2)); - return hp->sum(hmac1); -} +#include "hash.h" /* Handle /MKPASSWD */ @@ -51,19 +45,21 @@ class CommandMkpasswd : public Command user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str()); return; } - std::string salt = GenRandomStr(6, false); - std::string target = hmac(hp, salt, stuff); + std::string salt = ServerInstance->GenRandomStr(6, false); + std::string target = hp->hmac(salt, stuff); std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0); user->WriteServ("NOTICE %s :%s hashed password for %s is %s", user->nick.c_str(), algo.c_str(), stuff.c_str(), str.c_str()); + return; } HashProvider* hp = ServerInstance->Modules->FindDataService("hash/" + algo); if (hp) { /* Now attempt to generate a hash */ + std::string hexsum = hp->hexsum(stuff); user->WriteServ("NOTICE %s :%s hashed password for %s is %s", - user->nick.c_str(), algo.c_str(), stuff.c_str(), hp->hexsum(stuff).c_str()); + user->nick.c_str(), algo.c_str(), stuff.c_str(), hexsum.c_str()); } else { @@ -85,13 +81,17 @@ class ModuleOperHash : public Module public: ModuleOperHash() : cmd(this) + { + } + + void init() { /* Read the config file first */ OnRehash(NULL); - ServerInstance->AddCommand(&cmd); + ServerInstance->Modules->AddService(cmd); Implementation eventlist[] = { I_OnPassCompare }; - ServerInstance->Modules->Attach(eventlist, this, 1); + ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation)); } virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) @@ -109,15 +109,7 @@ class ModuleOperHash : public Module std::string salt = Base64ToBin(data.substr(0, sep)); std::string target = Base64ToBin(data.substr(sep + 1)); - std::string hmac1, hmac2; - for (size_t n = 0; n < salt.length(); n++) - { - hmac1.push_back(static_cast(salt[n] ^ 0x5C)); - hmac2.push_back(static_cast(salt[n] ^ 0x36)); - } - hmac2.append(input); - hmac1.append(hp->sum(hmac2)); - if (target == hp->sum(hmac1)) + if (target == hp->hmac(salt, input)) return MOD_RES_ALLOW; else return MOD_RES_DENY;