mirror of
https://github.com/anope/anope.git
synced 2026-07-08 10:43:14 +02:00
added a way to load multiple encryption modules at the same and to switch between encryption methods
git-svn-id: http://anope.svn.sourceforge.net/svnroot/anope/trunk@2602 5417fbe8-f217-4b02-8779-1006273d7864
This commit is contained in:
+6
-1
@@ -255,8 +255,13 @@ options
|
||||
* - enc_old (old, broken MD5 encryption)
|
||||
* - enc_md5 (working MD5 encryption)
|
||||
* - enc_sha1 (SHA1 encryption)
|
||||
*
|
||||
* The first module in this list is the active encryption module. All new passwords are
|
||||
* encrypted by this module. Old passwords stored in another encryption method are
|
||||
* automatically re-encrypted by the active encryption module on next identify.
|
||||
* Changing the order of the modules requires the services to restart.
|
||||
*/
|
||||
encryption = "enc_none"
|
||||
encryption = "enc_none enc_sha1 enc_md5 enc_old"
|
||||
|
||||
/*
|
||||
* These keys are used to initiate the random number generator. These numbers
|
||||
|
||||
+3
-2
@@ -405,13 +405,14 @@ E long unsigned int UserKey3;
|
||||
E int convert_ircservices_44();
|
||||
|
||||
/**** encrypt.c ****/
|
||||
E char *EncModule;
|
||||
E char **EncModuleList;
|
||||
E int EncModulesNumber;
|
||||
E void initEncryption();
|
||||
E int enc_encrypt(const char *src, int len, char *dest, int size);
|
||||
E int enc_encrypt_in_place(char *buf, int size);
|
||||
E int enc_encrypt_check_len(int passlen, int bufsize);
|
||||
E int enc_decrypt(const char *src, char *dest, int size);
|
||||
E int enc_check_password(const char *plaintext, const char *password);
|
||||
E int enc_check_password(const char *plaintext, char *password);
|
||||
E void encmodule_encrypt(int (*func)(const char *src, int len, char *dest, int size));
|
||||
E void encmodule_encrypt_in_place(int (*func)(char *buf, int size));
|
||||
E void encmodule_encrypt_check_len(int (*func)(int passlen, int bufsize));
|
||||
|
||||
+1
-2
@@ -607,7 +607,7 @@ class CoreExport Module
|
||||
virtual EventReturn OnEncryptInPlace(char *buf, int size) { return EVENT_CONTINUE; }
|
||||
virtual EventReturn OnEncryptCheckLen(int passlen, int bufsize) { return EVENT_CONTINUE; }
|
||||
virtual EventReturn OnDecrypt(const char *src, char *dest, int size) { return EVENT_CONTINUE; }
|
||||
virtual EventReturn OnCheckPassword(const char *plaintext, const char *password) { return EVENT_CONTINUE; }
|
||||
virtual EventReturn OnCheckPassword(const char *plaintext, char *password) { return EVENT_CONTINUE; }
|
||||
|
||||
/** Called on fantasy command
|
||||
* @param command The command
|
||||
@@ -1151,7 +1151,6 @@ struct MessageHash_ {
|
||||
/* Module Managment Functions */
|
||||
MDE Module *findModule(const char *name); /* Find a module */
|
||||
|
||||
int encryption_module_init(); /* Load the encryption module */
|
||||
int protocol_module_init(); /* Load the IRCD Protocol Module up*/
|
||||
MDE void moduleDisplayHelp(const char *service, User *u);
|
||||
|
||||
|
||||
+7
-2
@@ -23,7 +23,6 @@ ServerConfig serverConfig;
|
||||
/* Configurable variables: */
|
||||
|
||||
char *IRCDModule;
|
||||
char *EncModule;
|
||||
|
||||
std::list<Uplink *> Uplinks;
|
||||
|
||||
@@ -206,6 +205,10 @@ int ModulesNumber;
|
||||
/**
|
||||
* Core Module Stuff
|
||||
**/
|
||||
char **EncModuleList;
|
||||
char *EncModules;
|
||||
int EncModulesNumber;
|
||||
|
||||
static char *HostCoreModules;
|
||||
char **HostServCoreModules;
|
||||
int HostServCoreNumber;
|
||||
@@ -831,7 +834,7 @@ int ServerConfig::Read(bool bail)
|
||||
{"networkinfo", "logbot", "no", new ValueContainerBool(&LogBot), DT_BOOLEAN, NoValidation},
|
||||
{"networkinfo", "networkname", "", new ValueContainerChar(&NetworkName), DT_CHARPTR, ValidateNotEmpty},
|
||||
{"networkinfo", "nicklen", "0", new ValueContainerUInt(&NickLen), DT_UINTEGER | DT_NORELOAD, ValidateNickLen},
|
||||
{"options", "encryption", "", new ValueContainerChar(&EncModule), DT_CHARPTR | DT_NORELOAD, ValidateNotEmpty},
|
||||
{"options", "encryption", "", new ValueContainerChar(&EncModules), DT_CHARPTR | DT_NORELOAD, ValidateNotEmpty},
|
||||
{"options", "userkey1", "0", new ValueContainerLUInt(&UserKey1), DT_LUINTEGER, NoValidation},
|
||||
{"options", "userkey2", "0", new ValueContainerLUInt(&UserKey2), DT_LUINTEGER, NoValidation},
|
||||
{"options", "userkey3", "0", new ValueContainerLUInt(&UserKey3), DT_LUINTEGER, NoValidation},
|
||||
@@ -1907,6 +1910,8 @@ int read_config(int reload)
|
||||
|
||||
/* Modules Autoload building... :P */
|
||||
ModulesAutoload = buildStringList(Modules, &ModulesNumber);
|
||||
EncModuleList =
|
||||
buildStringList(EncModules ? EncModules : "", &EncModulesNumber);
|
||||
HostServCoreModules =
|
||||
buildStringList(HostCoreModules ? HostCoreModules : "", &HostServCoreNumber);
|
||||
MemoServCoreModules =
|
||||
|
||||
+9
-2
@@ -397,7 +397,7 @@ class EMD5 : public Module
|
||||
}
|
||||
|
||||
|
||||
EventReturn OnCheckPassword(const char *plaintext, const char *password)
|
||||
EventReturn OnCheckPassword(const char *plaintext, char *password)
|
||||
{
|
||||
char buf[BUFSIZE];
|
||||
|
||||
@@ -405,9 +405,16 @@ class EMD5 : public Module
|
||||
return EVENT_STOP;
|
||||
if (memcmp(buf, password, 16) == 0)
|
||||
{
|
||||
/* if we are NOT the first module in the list,
|
||||
* we want to re-encrypt the pass with the new encryption
|
||||
*/
|
||||
if (stricmp(EncModuleList[0], this->name.c_str()))
|
||||
{
|
||||
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
|
||||
}
|
||||
return EVENT_ALLOW;
|
||||
}
|
||||
return EVENT_STOP;
|
||||
return EVENT_CONTINUE;
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
+10
-2
@@ -56,12 +56,20 @@ class ENone : public Module
|
||||
return EVENT_ALLOW;
|
||||
}
|
||||
|
||||
EventReturn OnCheckPassword(const char *plaintext, const char *password) {
|
||||
EventReturn OnCheckPassword(const char *plaintext, char *password)
|
||||
{
|
||||
if(strcmp(plaintext,password)==0)
|
||||
{
|
||||
/* if we are NOT the first module in the list,
|
||||
* we want to re-encrypt the pass with the new encryption
|
||||
*/
|
||||
if (stricmp(EncModuleList[0], this->name.c_str()))
|
||||
{
|
||||
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
|
||||
}
|
||||
return EVENT_ALLOW;
|
||||
}
|
||||
return EVENT_STOP;
|
||||
return EVENT_CONTINUE;
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
+9
-2
@@ -398,7 +398,7 @@ class EOld : public Module
|
||||
/* Compare a plaintext string against an encrypted password. Return 1 if
|
||||
* they match, 0 if not, and -1 if something went wrong. */
|
||||
|
||||
EventReturn OnCheckPassword(const char *plaintext, const char *password)
|
||||
EventReturn OnCheckPassword(const char *plaintext, char *password)
|
||||
{
|
||||
char buf[BUFSIZE];
|
||||
|
||||
@@ -406,9 +406,16 @@ class EOld : public Module
|
||||
return EVENT_STOP;
|
||||
if (memcmp(buf, password, 16) == 0)
|
||||
{
|
||||
/* when we are NOT the first module in the list,
|
||||
* we want to re-encrypt the pass with the new encryption
|
||||
*/
|
||||
if (stricmp(EncModuleList[0], this->name.c_str()))
|
||||
{
|
||||
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
|
||||
}
|
||||
return EVENT_ALLOW;
|
||||
}
|
||||
return EVENT_STOP;
|
||||
return EVENT_CONTINUE;
|
||||
}
|
||||
|
||||
EventReturn OnDecrypt(const char *src, char *dest, int size)
|
||||
|
||||
+9
-2
@@ -259,16 +259,23 @@ class ESHA1 : public Module
|
||||
}
|
||||
|
||||
|
||||
EventReturn OnCheckPassword(const char *plaintext, const char *password)
|
||||
EventReturn OnCheckPassword(const char *plaintext, char *password)
|
||||
{
|
||||
char buf[BUFSIZE];
|
||||
if (OnEncrypt(plaintext, strlen(plaintext), buf, sizeof(buf)) == EVENT_STOP)
|
||||
return EVENT_STOP;
|
||||
if (memcmp(buf, password, 20) == 0)
|
||||
{
|
||||
/* when we are NOT the first module in the list,
|
||||
* we want to re-encrypt the pass with the new encryption
|
||||
*/
|
||||
if (stricmp(EncModuleList[0], this->name.c_str()))
|
||||
{
|
||||
enc_encrypt(plaintext, strlen(password), password, PASSMAX -1 );
|
||||
}
|
||||
return EVENT_ALLOW;
|
||||
}
|
||||
return EVENT_STOP;
|
||||
return EVENT_CONTINUE;
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
+1
-1
@@ -84,7 +84,7 @@ int enc_decrypt(const char *src, char *dest, int size)
|
||||
* 0 if the password does not match
|
||||
* 0 if an error occurred while checking
|
||||
**/
|
||||
int enc_check_password(const char *plaintext, const char *password)
|
||||
int enc_check_password(const char *plaintext, char *password)
|
||||
{
|
||||
EventReturn MOD_RESULT;
|
||||
FOREACH_RESULT(I_OnCheckPassword, OnCheckPassword(plaintext, password));
|
||||
|
||||
+2
-4
@@ -386,10 +386,8 @@ int init_primary(int ac, char **av)
|
||||
return -1;
|
||||
}
|
||||
|
||||
/* Add Encryption Module; exit if there are errors */
|
||||
if (encryption_module_init()) {
|
||||
return -1;
|
||||
}
|
||||
/* Add Encryption Modules */
|
||||
ModuleManager::LoadModuleList(EncModulesNumber, EncModuleList);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
+1
-1
@@ -277,7 +277,7 @@ int m_stats(const char *source, int ac, const char **av)
|
||||
int m_version(const char *source, int ac, const char **av)
|
||||
{
|
||||
if (source) ircdproto->SendNumeric(ServerName, 351, source, "Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags,
|
||||
EncModule, version_build);
|
||||
EncModuleList[0], version_build);
|
||||
return MOD_CONT;
|
||||
}
|
||||
|
||||
|
||||
@@ -245,12 +245,6 @@ int ModuleManager::LoadModule(const std::string &modname, User * u)
|
||||
alog("You cannot load two protocol modules");
|
||||
return MOD_STOP;
|
||||
}
|
||||
else if (m->type == ENCRYPTION && IsOneOfModuleTypeLoaded(ENCRYPTION))
|
||||
{
|
||||
DeleteModule(m);
|
||||
alog("You cannot load two encryption modules");
|
||||
return MOD_STOP;
|
||||
}
|
||||
|
||||
if (u)
|
||||
{
|
||||
|
||||
@@ -53,19 +53,6 @@ char *ModuleGetErrStr(int status)
|
||||
|
||||
/************************************************/
|
||||
|
||||
/**
|
||||
*
|
||||
**/
|
||||
int encryption_module_init() {
|
||||
int ret = 0;
|
||||
|
||||
alog("Loading Encryption Module: [%s]", EncModule);
|
||||
ret = ModuleManager::LoadModule(EncModule, NULL);
|
||||
if (ret == MOD_ERR_OK)
|
||||
findModule(EncModule)->SetType(ENCRYPTION);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Load the ircd protocol module up
|
||||
**/
|
||||
|
||||
@@ -348,7 +348,7 @@ class InspIRCdProto : public IRCDProto
|
||||
me_server = new_server(NULL, ServerName, ServerDesc, SERVER_ISME, NULL);
|
||||
SendServer(me_server);
|
||||
send_cmd(NULL, "BURST");
|
||||
send_cmd(ServerName, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModule, version_build);
|
||||
send_cmd(ServerName, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModuleList[0], version_build);
|
||||
}
|
||||
|
||||
/* CHGIDENT */
|
||||
|
||||
@@ -358,7 +358,7 @@ class InspIRCdProto : public IRCDProto
|
||||
me_server = new_server(NULL, ServerName, ServerDesc, SERVER_ISME, TS6SID);
|
||||
SendServer(me_server);
|
||||
send_cmd(TS6SID, "BURST");
|
||||
send_cmd(TS6SID, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModule, version_build);
|
||||
send_cmd(TS6SID, "VERSION :Anope-%s %s :%s - %s (%s) -- %s", version_number, ServerName, ircd->name, version_flags, EncModuleList[0], version_build);
|
||||
}
|
||||
|
||||
/* CHGIDENT */
|
||||
|
||||
Reference in New Issue
Block a user