From 350791cdf8208a57366f25184f76828011865ad5 Mon Sep 17 00:00:00 2001 From: Jan Vidar Krey Date: Fri, 23 Jul 2010 01:23:13 +0200 Subject: [PATCH] Added plugin invokers for authentication code. --- src/core/auth.c | 64 +++++++++++++++++++++++------------------ src/core/auth.h | 9 +----- src/core/inf.c | 4 +-- src/core/plugininvoke.c | 18 ++++++++++++ src/core/plugininvoke.h | 6 ++++ src/plugin_api/handle.h | 2 +- 6 files changed, 64 insertions(+), 39 deletions(-) diff --git a/src/core/auth.c b/src/core/auth.c index 3fef32e..e334e10 100644 --- a/src/core/auth.c +++ b/src/core/auth.c @@ -53,30 +53,30 @@ static int check_cmd_user(const char* cmd, int status, struct linked_list* list, { char* data; char* data_extra; - struct hub_user_access_info* info = 0; - + struct auth_info* info = 0; + if (!strncmp(line, cmd, strlen(cmd))) { data = &line[strlen(cmd)]; data_extra = 0; data[0] = '\0'; data++; - + data = strip_white_space(data); if (!*data) { LOG_FATAL("ACL parse error on line %d", line_count); return -1; } - - info = hub_malloc_zero(sizeof(struct hub_user_access_info)); - + + info = hub_malloc_zero(sizeof(struct auth_info)); + if (!info) { LOG_ERROR("ACL parse error. Out of memory!"); return -1; } - + if (strncmp(cmd, "user_", 5) == 0) { data_extra = strrchr(data, ':'); @@ -86,12 +86,12 @@ static int check_cmd_user(const char* cmd, int status, struct linked_list* list, data_extra++; } } - - info->username = hub_strdup(data); - info->password = data_extra ? hub_strdup(data_extra) : 0; - info->status = status; + + strncpy(info->nickname, data, MAX_NICK_LEN); + strncpy(info->password, data_extra, MAX_PASS_LEN); + info->credentials = status; list_append(list, info); - LOG_DEBUG("ACL: Added user '%s' (%s)", info->username, auth_cred_to_string(info->status)); + LOG_DEBUG("ACL: Added user '%s' (%s)", info->nickname, auth_cred_to_string(info->credentials)); return 1; } return 0; @@ -226,11 +226,9 @@ int acl_initialize(struct hub_config* config, struct acl_handle* handle) static void acl_free_access_info(void* ptr) { - struct hub_user_access_info* info = (struct hub_user_access_info*) ptr; + struct auth_info* info = (struct auth_info*) ptr; if (info) { - hub_free(info->username); - hub_free(info->password); hub_free(info); } } @@ -290,16 +288,16 @@ int acl_shutdown(struct acl_handle* handle) } -struct hub_user_access_info* acl_get_access_info(struct acl_handle* handle, const char* name) +struct auth_info* acl_get_access_info(struct acl_handle* handle, const char* name) { - struct hub_user_access_info* info = (struct hub_user_access_info*) list_get_first(handle->users); + struct auth_info* info = (struct auth_info*) list_get_first(handle->users); while (info) { - if (strcasecmp(info->username, name) == 0) + if (strcasecmp((char*)info->nickname, name) == 0) { return info; } - info = (struct hub_user_access_info*) list_get_next(handle->users); + info = (struct auth_info*) list_get_next(handle->users); } return NULL; } @@ -432,33 +430,43 @@ const char* acl_password_generate_challenge(struct acl_handle* acl, struct hub_u int acl_password_verify(struct acl_handle* acl, struct hub_user* user, const char* password) { char buf[1024]; - struct hub_user_access_info* access; + struct auth_info* access; const char* challenge; char raw_challenge[64]; char password_calc[64]; uint64_t tiger_res[3]; - + size_t password_len; + if (!password || !user || strlen(password) != MAX_CID_LEN) return 0; - access = acl_get_access_info(acl, user->id.nick); - if (!access || !access->password) +#ifdef PLUGIN_SUPPORT + access = (struct auth_info*) hub_malloc(sizeof(struct auth_info)); + if (!plugin_auth_get_user(user->hub, user->id.nick, access)) return 0; - - if (TIGERSIZE+strlen(access->password) >= 1024) +#else + access = acl_get_access_info(acl, user->id.nick); +#endif + if (!access || !access->password) return 0; challenge = acl_password_generate_challenge(acl, user); base32_decode(challenge, (unsigned char*) raw_challenge, MAX_CID_LEN); - memcpy(&buf[0], (char*) access->password, strlen(access->password)); - memcpy(&buf[strlen(access->password)], raw_challenge, TIGERSIZE); + password_len = strlen(access->password); - tiger((uint64_t*) buf, TIGERSIZE+strlen(access->password), (uint64_t*) tiger_res); + memcpy(&buf[0], access->password, password_len); + memcpy(&buf[password_len], raw_challenge, TIGERSIZE); + + tiger((uint64_t*) buf, TIGERSIZE+password_len, (uint64_t*) tiger_res); base32_encode((unsigned char*) tiger_res, TIGERSIZE, password_calc); password_calc[MAX_CID_LEN] = 0; +#ifdef PLUGIN_SUPPORT + hub_free(access); +#endif + if (strcasecmp(password, password_calc) == 0) { return 1; diff --git a/src/core/auth.h b/src/core/auth.h index 9a47546..842c6f3 100644 --- a/src/core/auth.h +++ b/src/core/auth.h @@ -24,13 +24,6 @@ struct hub_config; struct hub_user; struct ip_addr_encap; -struct hub_user_access_info -{ - char* username; /* name of user, cid or IP range */ - char* password; /* password */ - enum auth_credentials status; -}; - struct acl_handle { struct linked_list* users; /* Known users. See enum user_status */ @@ -45,7 +38,7 @@ struct acl_handle extern int acl_initialize(struct hub_config* config, struct acl_handle* handle); extern int acl_shutdown(struct acl_handle* handle); -extern struct hub_user_access_info* acl_get_access_info(struct acl_handle* handle, const char* name); +extern struct auth_info* acl_get_access_info(struct acl_handle* handle, const char* name); extern int acl_is_cid_banned(struct acl_handle* handle, const char* cid); extern int acl_is_ip_banned(struct acl_handle* handle, const char* ip_address); extern int acl_is_ip_nat_override(struct acl_handle* handle, const char* ip_address); diff --git a/src/core/inf.c b/src/core/inf.c index df9b9fe..8fe2a15 100644 --- a/src/core/inf.c +++ b/src/core/inf.c @@ -535,11 +535,11 @@ static int check_limits(struct hub_info* hub, struct hub_user* user, struct adc_ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct adc_message* cmd) { int ret = 0; - struct hub_user_access_info* info = acl_get_access_info(hub->acl, user->id.nick); + struct auth_info* info = acl_get_access_info(hub->acl, user->id.nick); if (info) { - user->credentials = info->status; + user->credentials = info->credentials; ret = 1; } else diff --git a/src/core/plugininvoke.c b/src/core/plugininvoke.c index 16b978d..3a5e7f0 100644 --- a/src/core/plugininvoke.c +++ b/src/core/plugininvoke.c @@ -153,4 +153,22 @@ plugin_st plugin_handle_revconnect(struct hub_info* hub, struct hub_user* from, PLUGIN_INVOKE_STATUS(hub, on_p2p_revconnect, (&user1, &user2)); } +plugin_st plugin_auth_get_user(struct hub_info* hub, const char* nickname, struct auth_info* info) +{ + PLUGIN_INVOKE_STATUS(hub, auth_get_user, (nickname, info)); +} +plugin_st plugin_auth_register_user(struct hub_info* hub, struct auth_info* info) +{ + PLUGIN_INVOKE_STATUS(hub, auth_register_user, (info)); +} + +plugin_st plugin_auth_update_user(struct hub_info* hub, struct auth_info* info) +{ + PLUGIN_INVOKE_STATUS(hub, auth_update_user, (info)); +} + +plugin_st plugin_auth_delete_user(struct hub_info* hub, struct auth_info* info) +{ + PLUGIN_INVOKE_STATUS(hub, auth_delete_user, (info)); +} diff --git a/src/core/plugininvoke.h b/src/core/plugininvoke.h index 209d73f..6291b0f 100644 --- a/src/core/plugininvoke.h +++ b/src/core/plugininvoke.h @@ -53,6 +53,12 @@ plugin_st plugin_handle_search(struct hub_info* hub, struct hub_user* user, cons plugin_st plugin_handle_connect(struct hub_info* hub, struct hub_user* from, struct hub_user* to); plugin_st plugin_handle_revconnect(struct hub_info* hub, struct hub_user* from, struct hub_user* to); +/* Authentication related */ +int plugin_auth_get_user(struct hub_info* hub, const char* nickname, struct auth_info* info); +plugin_st plugin_auth_register_user(struct hub_info* hub, struct auth_info* user); +plugin_st plugin_auth_update_user(struct hub_info* hub, struct auth_info* user); +plugin_st plugin_auth_delete_user(struct hub_info* hub, struct auth_info* user); + #endif #endif // HAVE_UHUB_PLUGIN_INVOKE_H diff --git a/src/plugin_api/handle.h b/src/plugin_api/handle.h index d60f242..27cb4af 100644 --- a/src/plugin_api/handle.h +++ b/src/plugin_api/handle.h @@ -79,7 +79,7 @@ typedef plugin_st (*on_check_ip_late_t)(struct ip_addr_encap*); typedef plugin_st (*on_validate_nick_t)(const char* nick); typedef plugin_st (*on_validate_cid_t)(const char* cid); -typedef int (*auth_get_user_t)(const char* nickname, struct auth_info* info); +typedef plugin_st (*auth_get_user_t)(const char* nickname, struct auth_info* info); typedef plugin_st (*auth_register_user_t)(struct auth_info* user); typedef plugin_st (*auth_update_user_t)(struct auth_info* user); typedef plugin_st (*auth_delete_user_t)(struct auth_info* user);