1
0
mirror of https://github.com/anope/anope.git synced 2026-07-08 10:43:14 +02:00

added a way to load multiple encryption modules at the same and to switch between encryption methods

git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@2602 5417fbe8-f217-4b02-8779-1006273d7864
This commit is contained in:
DukePyrolator
2009-11-02 05:22:35 +00:00
parent d2362719b2
commit 9a0b1efc24
15 changed files with 60 additions and 42 deletions
+6 -1
View File
@@ -255,8 +255,13 @@ options
* - enc_old (old, broken MD5 encryption)
* - enc_md5 (working MD5 encryption)
* - enc_sha1 (SHA1 encryption)
*
* The first module in this list is the active encryption module. All new passwords are
* encrypted by this module. Old passwords stored in another encryption method are
* automatically re-encrypted by the active encryption module on next identify.
* Changing the order of the modules requires the services to restart.
*/
encryption = "enc_none"
encryption = "enc_none enc_sha1 enc_md5 enc_old"
/*
* These keys are used to initiate the random number generator. These numbers
+3 -2
View File
@@ -405,13 +405,14 @@ E long unsigned int UserKey3;
E int convert_ircservices_44();
/**** encrypt.c ****/
E char *EncModule;
E char **EncModuleList;
E int EncModulesNumber;
E void initEncryption();
E int enc_encrypt(const char *src, int len, char *dest, int size);
E int enc_encrypt_in_place(char *buf, int size);
E int enc_encrypt_check_len(int passlen, int bufsize);
E int enc_decrypt(const char *src, char *dest, int size);
E int enc_check_password(const char *plaintext, const char *password);
E int enc_check_password(const char *plaintext, char *password);
E void encmodule_encrypt(int (*func)(const char *src, int len, char *dest, int size));
E void encmodule_encrypt_in_place(int (*func)(char *buf, int size));
E void encmodule_encrypt_check_len(int (*func)(int passlen, int bufsize));
+1 -2
View File
@@ -607,7 +607,7 @@ class CoreExport Module
virtual EventReturn OnEncryptInPlace(char *buf, int size) { return EVENT_CONTINUE; }
virtual EventReturn OnEncryptCheckLen(int passlen, int bufsize) { return EVENT_CONTINUE; }
virtual EventReturn OnDecrypt(const char *src, char *dest, int size) { return EVENT_CONTINUE; }
virtual EventReturn OnCheckPassword(const char *plaintext, const char *password) { return EVENT_CONTINUE; }
virtual EventReturn OnCheckPassword(const char *plaintext, char *password) { return EVENT_CONTINUE; }
/** Called on fantasy command
* @param command The command
@@ -1151,7 +1151,6 @@ struct MessageHash_ {
/* Module Managment Functions */
MDE Module *findModule(const char *name); /* Find a module */
int encryption_module_init(); /* Load the encryption module */
int protocol_module_init(); /* Load the IRCD Protocol Module up*/
MDE void moduleDisplayHelp(const char *service, User *u);
+7 -2
View File
@@ -23,7 +23,6 @@ ServerConfig serverConfig;
/* Configurable variables: */
char *IRCDModule;
char *EncModule;
std::list<Uplink *> Uplinks;
@@ -206,6 +205,10 @@ int ModulesNumber;
/**
* Core Module Stuff
**/
char **EncModuleList;
char *EncModules;
int EncModulesNumber;
static char *HostCoreModules;
char **HostServCoreModules;
int HostServCoreNumber;
@@ -831,7 +834,7 @@ int ServerConfig::Read(bool bail)
{"networkinfo", "logbot", "no", new ValueContainerBool(&LogBot), DT_BOOLEAN, NoValidation},
{"networkinfo", "networkname", "", new ValueContainerChar(&NetworkName), DT_CHARPTR, ValidateNotEmpty},
{"networkinfo", "nicklen", "0", new ValueContainerUInt(&NickLen), DT_UINTEGER | DT_NORELOAD, ValidateNickLen},
{"options", "encryption", "", new ValueContainerChar(&EncModule), DT_CHARPTR | DT_NORELOAD, ValidateNotEmpty},
{"options", "encryption", "", new ValueContainerChar(&EncModules), DT_CHARPTR | DT_NORELOAD, ValidateNotEmpty},
{"options", "userkey1", "0", new ValueContainerLUInt(&UserKey1), DT_LUINTEGER, NoValidation},
{"options", "userkey2", "0", new ValueContainerLUInt(&UserKey2), DT_LUINTEGER, NoValidation},
{"options", "userkey3", "0", new ValueContainerLUInt(&UserKey3), DT_LUINTEGER, NoValidation},
@@ -1907,6 +1910,8 @@ int read_config(int reload)
/* Modules Autoload building... :P */
ModulesAutoload = buildStringList(Modules, &ModulesNumber);
EncModuleList =
buildStringList(EncModules ? EncModules : "", &EncModulesNumber);
HostServCoreModules =
buildStringList(HostCoreModules ? HostCoreModules : "", &HostServCoreNumber);
MemoServCoreModules =
+9 -2
View File
@@ -397,7 +397,7 @@ class EMD5 : public Module
}
EventReturn OnCheckPassword(const char *plaintext, const char *password)
EventReturn OnCheckPassword(const char *plaintext, char *password)
{
char buf[BUFSIZE];
@@ -405,9 +405,16 @@ class EMD5 : public Module
return EVENT_STOP;
if (memcmp(buf, password, 16) == 0)
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (stricmp(EncModuleList[0], this->name.c_str()))
{
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
}
return EVENT_ALLOW;
}
return EVENT_STOP;
return EVENT_CONTINUE;
}
};
+10 -2
View File
@@ -56,12 +56,20 @@ class ENone : public Module
return EVENT_ALLOW;
}
EventReturn OnCheckPassword(const char *plaintext, const char *password) {
EventReturn OnCheckPassword(const char *plaintext, char *password)
{
if(strcmp(plaintext,password)==0)
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (stricmp(EncModuleList[0], this->name.c_str()))
{
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
}
return EVENT_ALLOW;
}
return EVENT_STOP;
return EVENT_CONTINUE;
}
};
+9 -2
View File
@@ -398,7 +398,7 @@ class EOld : public Module
/* Compare a plaintext string against an encrypted password. Return 1 if
* they match, 0 if not, and -1 if something went wrong. */
EventReturn OnCheckPassword(const char *plaintext, const char *password)
EventReturn OnCheckPassword(const char *plaintext, char *password)
{
char buf[BUFSIZE];
@@ -406,9 +406,16 @@ class EOld : public Module
return EVENT_STOP;
if (memcmp(buf, password, 16) == 0)
{
/* when we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (stricmp(EncModuleList[0], this->name.c_str()))
{
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
}
return EVENT_ALLOW;
}
return EVENT_STOP;
return EVENT_CONTINUE;
}
EventReturn OnDecrypt(const char *src, char *dest, int size)
+9 -2
View File
@@ -259,16 +259,23 @@ class ESHA1 : public Module
}
EventReturn OnCheckPassword(const char *plaintext, const char *password)
EventReturn OnCheckPassword(const char *plaintext, char *password)
{
char buf[BUFSIZE];
if (OnEncrypt(plaintext, strlen(plaintext), buf, sizeof(buf)) == EVENT_STOP)
return EVENT_STOP;
if (memcmp(buf, password, 20) == 0)
{
/* when we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (stricmp(EncModuleList[0], this->name.c_str()))
{
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
}
return EVENT_ALLOW;
}
return EVENT_STOP;
return EVENT_CONTINUE;
}
};
+1 -1
View File
@@ -84,7 +84,7 @@ int enc_decrypt(const char *src, char *dest, int size)
* 0 if the password does not match
* 0 if an error occurred while checking
**/
int enc_check_password(const char *plaintext, const char *password)
int enc_check_password(const char *plaintext, char *password)
{
EventReturn MOD_RESULT;
FOREACH_RESULT(I_OnCheckPassword, OnCheckPassword(plaintext, password));
+2 -4
View File
@@ -386,10 +386,8 @@ int init_primary(int ac, char **av)
return -1;
}
/* Add Encryption Module; exit if there are errors */
if (encryption_module_init()) {
return -1;
}
/* Add Encryption Modules */
ModuleManager::LoadModuleList(EncModulesNumber, EncModuleList);
return 0;
}
+1 -1
View File
@@ -277,7 +277,7 @@ int m_stats(const char *source, int ac, const char **av)
int m_version(const char *source, int ac, const char **av)
{
if (source) ircdproto->SendNumeric(ServerName, 351, source, "Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags,
EncModule, version_build);
EncModuleList[0], version_build);
return MOD_CONT;
}
-6
View File
@@ -245,12 +245,6 @@ int ModuleManager::LoadModule(const std::string &modname, User * u)
alog("You cannot load two protocol modules");
return MOD_STOP;
}
else if (m->type == ENCRYPTION && IsOneOfModuleTypeLoaded(ENCRYPTION))
{
DeleteModule(m);
alog("You cannot load two encryption modules");
return MOD_STOP;
}
if (u)
{
-13
View File
@@ -53,19 +53,6 @@ char *ModuleGetErrStr(int status)
/************************************************/
/**
*
**/
int encryption_module_init() {
int ret = 0;
alog("Loading Encryption Module: [%s]", EncModule);
ret = ModuleManager::LoadModule(EncModule, NULL);
if (ret == MOD_ERR_OK)
findModule(EncModule)->SetType(ENCRYPTION);
return ret;
}
/**
* Load the ircd protocol module up
**/
+1 -1
View File
@@ -348,7 +348,7 @@ class InspIRCdProto : public IRCDProto
me_server = new_server(NULL, ServerName, ServerDesc, SERVER_ISME, NULL);
SendServer(me_server);
send_cmd(NULL, "BURST");
send_cmd(ServerName, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModule, version_build);
send_cmd(ServerName, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModuleList[0], version_build);
}
/* CHGIDENT */
+1 -1
View File
@@ -358,7 +358,7 @@ class InspIRCdProto : public IRCDProto
me_server = new_server(NULL, ServerName, ServerDesc, SERVER_ISME, TS6SID);
SendServer(me_server);
send_cmd(TS6SID, "BURST");
send_cmd(TS6SID, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModule, version_build);
send_cmd(TS6SID, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModuleList[0], version_build);
}
/* CHGIDENT */