X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_password_hash.cpp;h=aa2c21cd56abfd8b7ed5a51148de011811731d1d;hb=553a8da754c8cd308bad2008018849714e70f9b7;hp=f064e9cf0cafc0540542752606094229c9846858;hpb=54fb0cd5aa7d090d5c3da5ab54988c86ba8a2e8e;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp index f064e9cf0..aa2c21cd5 100644 --- a/src/modules/m_password_hash.cpp +++ b/src/modules/m_password_hash.cpp @@ -1,20 +1,27 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2009 InspIRCd Development Team - * See: http://wiki.inspircd.org/Credits + * Copyright (C) 2009-2010 Daniel De Graaf + * Copyright (C) 2008 Thomas Stagner * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ + /* $ModDesc: Allows for hashed oper passwords */ #include "inspircd.h" -#include "m_hash.h" +#include "hash.h" /* Handle /MKPASSWD */ @@ -29,6 +36,23 @@ class CommandMkpasswd : public Command void MakeHash(User* user, const std::string& algo, const std::string& stuff) { + if (algo.substr(0,5) == "hmac-") + { + std::string type = algo.substr(5); + HashProvider* hp = ServerInstance->Modules->FindDataService("hash/" + type); + if (!hp) + { + user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str()); + return; + } + std::string salt = ServerInstance->GenRandomStr(6, false); + std::string target = hp->hmac(salt, stuff); + std::string str = BinToBase64(salt) + "$" + BinToBase64(target, NULL, 0); + + user->WriteServ("NOTICE %s :%s hashed password for %s is %s", + user->nick.c_str(), algo.c_str(), stuff.c_str(), str.c_str()); + return; + } HashProvider* hp = ServerInstance->Modules->FindDataService("hash/" + algo); if (hp) { @@ -38,7 +62,6 @@ class CommandMkpasswd : public Command } else { - /* I dont do flying, bob. */ user->WriteServ("NOTICE %s :Unknown hash type", user->nick.c_str()); } } @@ -68,6 +91,25 @@ class ModuleOperHash : public Module virtual ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) { + if (hashtype.substr(0,5) == "hmac-") + { + std::string type = hashtype.substr(5); + HashProvider* hp = ServerInstance->Modules->FindDataService("hash/" + type); + if (!hp) + return MOD_RES_PASSTHRU; + // this is a valid hash, from here on we either accept or deny + std::string::size_type sep = data.find('$'); + if (sep == std::string::npos) + return MOD_RES_DENY; + std::string salt = Base64ToBin(data.substr(0, sep)); + std::string target = Base64ToBin(data.substr(sep + 1)); + + if (target == hp->hmac(salt, input)) + return MOD_RES_ALLOW; + else + return MOD_RES_DENY; + } + HashProvider* hp = ServerInstance->Modules->FindDataService("hash/" + hashtype); /* Is this a valid hash name? */