From 438103199485f0e0e80289874f6f5cf70f8a76e3 Mon Sep 17 00:00:00 2001 From: Adam Date: Mon, 19 Dec 2016 19:03:10 -0500 Subject: [PATCH] m_sasl: log hostname/ip, if provided --- include/modules/sasl.h | 16 +++++++++++++--- modules/m_sasl.cpp | 36 ++++++++++++++++++++++++++++++------ 2 files changed, 43 insertions(+), 9 deletions(-) diff --git a/include/modules/sasl.h b/include/modules/sasl.h index 6cb1d21c9..cd6c7c8c5 100644 --- a/include/modules/sasl.h +++ b/include/modules/sasl.h @@ -46,6 +46,7 @@ namespace SASL { time_t created; Anope::string uid; + Anope::string hostname, ip; Reference mech; Session(Mechanism *m, const Anope::string &u) : created(Anope::CurTime), uid(u), mech(m) { } @@ -76,9 +77,10 @@ namespace SASL class IdentifyRequest : public ::IdentifyRequest { Anope::string uid; + Anope::string hostname, ip; public: - IdentifyRequest(Module *m, const Anope::string &id, const Anope::string &acc, const Anope::string &pass) : ::IdentifyRequest(m, acc, pass), uid(id) { } + IdentifyRequest(Module *m, const Anope::string &id, const Anope::string &acc, const Anope::string &pass, const Anope::string &h, const Anope::string &i) : ::IdentifyRequest(m, acc, pass), uid(id), hostname(h), ip(i) { } void OnSuccess() anope_override { @@ -96,7 +98,11 @@ namespace SASL Session *s = sasl->GetSession(uid); if (s) { - Log(Config->GetClient("NickServ"), "sasl") << "A user identified to account " << this->GetAccount() << " using SASL"; + Anope::string user = "A user"; + if (!hostname.empty() && !ip.empty()) + user = hostname + " (" + ip + ")"; + + Log(Config->GetClient("NickServ"), "sasl") << user << " identified to account " << this->GetAccount() << " using SASL"; sasl->Succeed(s, na->nc); delete s; } @@ -121,7 +127,11 @@ namespace SASL else if (na->nc->HasExt("NS_SUSPENDED")) accountstatus = "suspended "; - Log(Config->GetClient("NickServ"), "sasl") << "A user failed to identify for " << accountstatus << "account " << this->GetAccount() << " using SASL"; + Anope::string user = "A user"; + if (!hostname.empty() && !ip.empty()) + user = hostname + " (" + ip + ")"; + + Log(Config->GetClient("NickServ"), "sasl") << user << " failed to identify for " << accountstatus << "account " << this->GetAccount() << " using SASL"; } }; } diff --git a/modules/m_sasl.cpp b/modules/m_sasl.cpp index e1f55bcc9..3dff6c41f 100644 --- a/modules/m_sasl.cpp +++ b/modules/m_sasl.cpp @@ -55,7 +55,7 @@ class Plain : public Mechanism return; } - SASL::IdentifyRequest *req = new SASL::IdentifyRequest(this->owner, m.source, acc, pass); + SASL::IdentifyRequest *req = new SASL::IdentifyRequest(this->owner, m.source, acc, pass, sess->hostname, sess->ip); FOREACH_MOD(OnCheckAuthentication, (NULL, req)); req->Dispatch(); } @@ -104,16 +104,20 @@ class External : public Mechanism return; } + Anope::string user = "A user"; + if (!mysess->hostname.empty() && !mysess->ip.empty()) + user = mysess->hostname + " (" + mysess->ip + ")"; + NickCore *nc = certs->FindAccountFromCert(mysess->cert); if (!nc || nc->HasExt("NS_SUSPENDED")) { - Log(Config->GetClient("NickServ"), "sasl") << "A user failed to identify using certificate " << mysess->cert << " using SASL EXTERNAL"; + Log(Config->GetClient("NickServ"), "sasl") << user << " failed to identify using certificate " << mysess->cert << " using SASL EXTERNAL"; sasl->Fail(sess); delete sess; return; } - Log(Config->GetClient("NickServ"), "sasl") << "A user identified to account " << nc->display << " using SASL EXTERNAL"; + Log(Config->GetClient("NickServ"), "sasl") << user << " identified to account " << nc->display << " using SASL EXTERNAL"; sasl->Succeed(sess, nc); delete sess; } @@ -160,8 +164,21 @@ class SASLService : public SASL::Service, public Timer return; } - if (!session) - session = mech->CreateSession(m.source); + Anope::string hostname, ip; + if (session) + { + // Copy over host/ip to mech-specific session + hostname = session->hostname; + ip = session->ip; + delete session; + } + + session = mech->CreateSession(m.source); + if (session) + { + session->hostname = hostname; + session->ip = ip; + } } else if (m.type == "D") { @@ -169,6 +186,13 @@ class SASLService : public SASL::Service, public Timer sessions.erase(m.source); return; } + else if (m.type == "H") + { + if (!session) + session = new Session(NULL, m.source); + session->hostname = m.data; + session->ip = m.ext; + } if (session && session->mech) session->mech->ProcessMessage(session, m); @@ -261,7 +285,7 @@ class SASLService : public SASL::Service, public Timer Session *s = it->second; ++it; - if (!s || !s->mech || s->created + 60 < Anope::CurTime) + if (!s || s->created + 60 < Anope::CurTime) { delete s; sessions.erase(key);