Cleaned up the credentials handling, and made it ready for plugins.

This commit is contained in:
Jan Vidar Krey 2010-07-12 17:00:42 +02:00
parent e4977606a7
commit 56e5557146
16 changed files with 190 additions and 117 deletions

View File

@ -164,6 +164,7 @@ libadc_common_SOURCES := \
libutils_SOURCES := \
src/util/config_token.c \
src/util/credentials.c \
src/util/ipcalc.c \
src/util/list.c \
src/util/log.c \

View File

@ -23,23 +23,6 @@
#define ACL_ADD_BOOL(S, L) do { ret = check_cmd_bool(S, L, line, line_count); if (ret != 0) return ret; } while(0)
#define ACL_ADD_ADDR(S, L) do { ret = check_cmd_addr(S, L, line, line_count); if (ret != 0) return ret; } while(0)
const char* get_user_credential_string(enum user_credentials cred)
{
switch (cred)
{
case cred_none: return "none";
case cred_bot: return "bot";
case cred_guest: return "guest";
case cred_user: return "user";
case cred_operator: return "operator";
case cred_super: return "super";
case cred_admin: return "admin";
case cred_link: return "link";
}
return "";
};
static int check_cmd_bool(const char* cmd, struct linked_list* list, char* line, int line_count)
{
char* data;
@ -108,7 +91,7 @@ static int check_cmd_user(const char* cmd, int status, struct linked_list* list,
info->password = data_extra ? hub_strdup(data_extra) : 0;
info->status = status;
list_append(list, info);
LOG_DEBUG("ACL: Added user '%s' (%s)", info->username, get_user_credential_string(info->status));
LOG_DEBUG("ACL: Added user '%s' (%s)", info->username, auth_cred_to_string(info->status));
return 1;
}
return 0;
@ -187,12 +170,12 @@ static int acl_parse_line(char* line, int line_count, void* ptr_data)
LOG_DEBUG("acl_parse_line: '%s'", line);
ACL_ADD_USER("bot", handle->users, cred_bot);
ACL_ADD_USER("user_admin", handle->users, cred_admin);
ACL_ADD_USER("user_super", handle->users, cred_super);
ACL_ADD_USER("user_op", handle->users, cred_operator);
ACL_ADD_USER("user_reg", handle->users, cred_user);
ACL_ADD_USER("link", handle->users, cred_link);
ACL_ADD_USER("bot", handle->users, auth_cred_bot);
ACL_ADD_USER("user_admin", handle->users, auth_cred_admin);
ACL_ADD_USER("user_super", handle->users, auth_cred_super);
ACL_ADD_USER("user_op", handle->users, auth_cred_operator);
ACL_ADD_USER("user_reg", handle->users, auth_cred_user);
ACL_ADD_USER("link", handle->users, auth_cred_link);
ACL_ADD_BOOL("deny_nick", handle->users_denied);
ACL_ADD_BOOL("ban_nick", handle->users_banned);
ACL_ADD_BOOL("ban_cid", handle->cids);

View File

@ -24,25 +24,11 @@ struct hub_config;
struct hub_user;
struct ip_addr_encap;
enum user_credentials
{
cred_none, /**<<< "User has no credentials (not yet logged in)" */
cred_bot, /**<<< "User is a robot" */
cred_guest, /**<<< "User is a guest (unregistered user)" */
cred_user, /**<<< "User is identified as a registered user" */
cred_operator, /**<<< "User is identified as a hub operator" */
cred_super, /**<<< "User is a super user" (not used) */
cred_admin, /**<<< "User is identified as a hub administrator/owner" */
cred_link, /**<<< "User is a link (not used currently)" */
};
const char* get_user_credential_string(enum user_credentials cred);
struct hub_user_access_info
{
char* username; /* name of user, cid or IP range */
char* password; /* password */
enum user_credentials status;
enum auth_credentials status;
};
struct acl_handle

View File

@ -40,7 +40,7 @@ struct commands_handler
const char* prefix;
size_t length;
const char* args;
enum user_credentials cred;
enum auth_credentials cred;
command_handler handler;
const char* description;
};
@ -637,28 +637,28 @@ int command_dipatcher(struct hub_info* hub, struct hub_user* user, const char* m
}
static struct commands_handler command_handlers[] = {
{ "ban", 3, "n", cred_operator, command_ban, "Ban a user" },
{ "broadcast", 9, "m", cred_operator, command_broadcast,"Send a message to all users" },
{ "ban", 3, "n", auth_cred_operator, command_ban, "Ban a user" },
{ "broadcast", 9, "m", auth_cred_operator, command_broadcast,"Send a message to all users" },
#ifdef CRASH_DEBUG
{ "crash", 5, 0, cred_admin, command_crash, "Crash the hub (DEBUG)." },
{ "crash", 5, 0, auth_cred_admin, command_crash, "Crash the hub (DEBUG)." },
#endif
{ "getip", 5, "n", cred_operator, command_getip, "Show IP address for a user" },
{ "help", 4, 0, cred_guest, command_help, "Show this help message." },
{ "history", 7, 0, cred_guest, command_history, "Show the last chat messages." },
{ "kick", 4, "n", cred_operator, command_kick, "Kick a user" },
{ "log", 3, 0, cred_operator, command_log, "Display log" },
{ "motd", 4, 0, cred_guest, command_motd, "Show the message of the day" },
{ "mute", 4, "n", cred_operator, command_mute, "Mute user" },
{ "myip", 4, 0, cred_guest, command_myip, "Show your own IP." },
{ "reload", 6, 0, cred_admin, command_reload, "Reload configuration files." },
{ "rules", 5, 0, cred_guest, command_rules, "Show the hub rules" },
{ "shutdown", 8, 0, cred_admin, command_shutdown, "Shutdown hub." },
{ "stats", 5, 0, cred_super, command_stats, "Show hub statistics." },
{ "unban", 5, "n", cred_operator, command_unban, "Lift ban on a user" },
{ "unmute", 6, "n", cred_operator, command_mute, "Unmute user" },
{ "uptime", 6, 0, cred_guest, command_uptime, "Display hub uptime info." },
{ "version", 7, 0, cred_guest, command_version, "Show hub version info." },
{ "whoip", 5, "a", cred_operator, command_whoip, "Show users matching IP range" },
{ 0, 0, 0, cred_none, command_help, "" }
{ "getip", 5, "n", auth_cred_operator, command_getip, "Show IP address for a user" },
{ "help", 4, 0, auth_cred_guest, command_help, "Show this help message." },
{ "history", 7, 0, auth_cred_guest, command_history, "Show the last chat messages." },
{ "kick", 4, "n", auth_cred_operator, command_kick, "Kick a user" },
{ "log", 3, 0, auth_cred_operator, command_log, "Display log" },
{ "motd", 4, 0, auth_cred_guest, command_motd, "Show the message of the day" },
{ "mute", 4, "n", auth_cred_operator, command_mute, "Mute user" },
{ "myip", 4, 0, auth_cred_guest, command_myip, "Show your own IP." },
{ "reload", 6, 0, auth_cred_admin, command_reload, "Reload configuration files." },
{ "rules", 5, 0, auth_cred_guest, command_rules, "Show the hub rules" },
{ "shutdown", 8, 0, auth_cred_admin, command_shutdown, "Shutdown hub." },
{ "stats", 5, 0, auth_cred_super, command_stats, "Show hub statistics." },
{ "unban", 5, "n", auth_cred_operator, command_unban, "Lift ban on a user" },
{ "unmute", 6, "n", auth_cred_operator, command_mute, "Unmute user" },
{ "uptime", 6, 0, auth_cred_guest, command_uptime, "Display hub uptime info." },
{ "version", 7, 0, auth_cred_guest, command_version, "Show hub version info." },
{ "whoip", 5, "a", auth_cred_operator, command_whoip, "Show users matching IP range" },
{ 0, 0, 0, auth_cred_none, command_help, "" }
};

View File

@ -22,7 +22,7 @@
struct hub_info* g_hub = 0;
#define CHECK_CHAT_ONLY \
if (hub->config->chat_only && u->credentials < cred_operator) \
if (hub->config->chat_only && u->credentials < auth_cred_operator) \
break
#define CHECK_FLOOD(TYPE, WARN) \

View File

@ -22,7 +22,7 @@
static void log_user_login(struct hub_user* u)
{
const char* cred = get_user_credential_string(u->credentials);
const char* cred = auth_cred_to_string(u->credentials);
const char* addr = user_get_address(u);
LOG_USER("LoginOK %s/%s %s \"%s\" (%s) \"%s\"", sid_to_string(u->id.sid), u->id.cid, addr, u->id.nick, cred, u->user_agent);
}

View File

@ -544,39 +544,39 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a
}
else
{
user->credentials = cred_guest;
user->credentials = auth_cred_guest;
}
switch (user->credentials)
{
case cred_none:
case auth_cred_none:
break;
case cred_bot:
case auth_cred_bot:
adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT);
break;
case cred_guest:
case auth_cred_guest:
/* Nothing to be added to the info message */
break;
case cred_user:
case auth_cred_user:
adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_REGISTERED_USER);
break;
case cred_operator:
case auth_cred_operator:
adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_OPERATOR);
break;
case cred_super:
case auth_cred_super:
adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_SUPER_USER);
break;
case cred_admin:
case auth_cred_admin:
adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_ADMIN);
break;
case cred_link:
case auth_cred_link:
break;
}

View File

@ -69,6 +69,7 @@ void plugin_log_connection_denied(struct hub_info* hub, struct ip_addr_encap* ip
void plugin_log_user_login_success(struct hub_info* hub, struct hub_user* user)
{
}
void plugin_log_user_login_error(struct hub_info* hub, struct hub_user* user)
@ -80,10 +81,11 @@ void plugin_log_user_logout(struct hub_info* hub, struct hub_user* user)
}
void convert_user_to_plugin_user(struct plugin_user* puser, struct hub_user* user)
static void convert_user_to_plugin_user(struct plugin_user* puser, struct hub_user* user)
{
puser->sid = user->id.sid;
puser->nick = user->id.nick;
puser->cid = user->id.cid;
puser->addr = user->id.addr;
puser->credentials = user->credentials;
}

View File

@ -288,18 +288,7 @@ int user_is_disconnecting(struct hub_user* user)
int user_is_protected(struct hub_user* user)
{
switch (user->credentials)
{
case cred_bot:
case cred_operator:
case cred_super:
case cred_admin:
case cred_link:
return 1;
default:
break;
}
return 0;
return auth_cred_is_protected(user->credentials);
}
/**
@ -309,19 +298,7 @@ int user_is_protected(struct hub_user* user)
*/
int user_is_registered(struct hub_user* user)
{
switch (user->credentials)
{
case cred_bot:
case cred_user:
case cred_operator:
case cred_super:
case cred_admin:
case cred_link:
return 1;
default:
break;
}
return 0;
return auth_cred_is_registered(user->credentials);
}
void user_net_io_want_write(struct hub_user* user)

View File

@ -106,7 +106,7 @@ struct hub_user_limits
struct hub_user
{
enum user_state state; /** see enum user_state */
enum user_credentials credentials; /** see enum user_credentials */
enum auth_credentials credentials; /** see enum user_credentials */
struct hub_user_info id; /** Contains nick name and CID */
uint32_t flags; /** see enum user_features */
char user_agent[MAX_UA_LEN+1];/** User agent string */

View File

@ -33,7 +33,7 @@ static void clear_user_list_callback(void* ptr)
* This prevents the hub from trying to send
* quit messages to other users.
*/
u->credentials = cred_none;
u->credentials = auth_cred_none;
user_destroy(u);
}
}

View File

@ -21,6 +21,7 @@
#define HAVE_UHUB_PLUGIN_HANDLE_H
#include "system.h"
#include "util/credentials.h"
#include "util/ipcalc.h"
#define PLUGIN_API_VERSION 0
@ -41,6 +42,7 @@ struct plugin_user
const char* nick;
const char* cid;
struct ip_addr_encap addr;
enum auth_credentials credentials;
};
enum plugin_status
@ -52,18 +54,6 @@ enum plugin_status
typedef enum plugin_status plugin_st;
enum auth_credentials
{
auth_cred_none, /**<<< "User has no credentials (not yet logged in)" */
auth_cred_bot, /**<<< "User is a robot" */
auth_cred_guest, /**<<< "User is a guest (unregistered user)" */
auth_cred_user, /**<<< "User is identified as a registered user" */
auth_cred_operator, /**<<< "User is identified as a hub operator" */
auth_cred_super, /**<<< "User is a super user" (not used) */
auth_cred_link, /**<<< "User is a link (not used currently)" */
auth_cred_admin, /**<<< "User is identified as a hub administrator/owner" */
};
struct auth_info
{
char nickname[MAX_NICK_LEN+1];

View File

@ -25,7 +25,6 @@ void insert_user(struct linked_list* users, const char* nick, const char* pass,
list_append(users, data);
}
static int parse_line(char* line, int line_count, void* ptr_data)
{
struct linked_list* users = (struct linked_list*) ptr_data;
@ -39,10 +38,10 @@ static int parse_line(char* line, int line_count, void* ptr_data)
char* username = (char*) list_get_next(tokens);
char* password = (char*) list_get_next(tokens);
if (strcmp(credential, "user_admin")) cred = auth_cred_admin;
else if (strcmp(credential, "user_super")) cred = auth_cred_super;
else if (strcmp(credential, "user_op")) cred = auth_cred_operator;
else if (strcmp(credential, "user_reg")) cred = auth_cred_user;
if (strcmp(credential, "admin")) cred = auth_cred_admin;
else if (strcmp(credential, "super")) cred = auth_cred_super;
else if (strcmp(credential, "op")) cred = auth_cred_operator;
else if (strcmp(credential, "reg")) cred = auth_cred_user;
else
return -1;

View File

@ -59,6 +59,7 @@ extern "C" {
#include "adc/adcconst.h"
#include "util/config_token.h"
#include "util/credentials.h"
#include "util/ipcalc.h"
#include "util/list.h"
#include "util/log.h"
@ -68,6 +69,7 @@ extern "C" {
#include "adc/sid.h"
#include "adc/message.h"
#include "network/network.h"
#include "network/connection.h"
#include "network/timeout.h"
@ -90,6 +92,8 @@ extern "C" {
#include "core/plugininvoke.h"
#include "core/pluginloader.h"
#ifdef __cplusplus
}
#endif

77
src/util/credentials.c Normal file
View File

@ -0,0 +1,77 @@
/*
* uhub - A tiny ADC p2p connection hub
* Copyright (C) 2007-2010, Jan Vidar Krey
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#include "uhub.h"
int auth_cred_is_protected(enum auth_credentials cred)
{
switch (cred)
{
case auth_cred_bot:
case auth_cred_operator:
case auth_cred_super:
case auth_cred_admin:
case auth_cred_link:
return 1;
default:
break;
}
return 0;
}
/**
* Returns 1 if a user is registered.
* Only registered users will be let in if the hub is configured for registered
* users only.
*/
int auth_cred_is_registered(enum auth_credentials cred)
{
switch (cred)
{
case auth_cred_bot:
case auth_cred_user:
case auth_cred_operator:
case auth_cred_super:
case auth_cred_admin:
case auth_cred_link:
return 1;
default:
break;
}
return 0;
}
const char* auth_cred_to_string(enum auth_credentials cred)
{
switch (cred)
{
case auth_cred_none: return "none";
case auth_cred_bot: return "bot";
case auth_cred_guest: return "guest";
case auth_cred_user: return "user";
case auth_cred_operator: return "operator";
case auth_cred_super: return "super";
case auth_cred_link: return "link";
case auth_cred_admin: return "admin";
}
return "";
};

54
src/util/credentials.h Normal file
View File

@ -0,0 +1,54 @@
/*
* uhub - A tiny ADC p2p connection hub
* Copyright (C) 2007-2010, Jan Vidar Krey
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef HAVE_UHUB_CREDENTIALS_H
#define HAVE_UHUB_CREDENTIALS_H
enum auth_credentials
{
auth_cred_none, /**<<< "User has no credentials (not yet logged in)" */
auth_cred_bot, /**<<< "User is a robot" */
auth_cred_guest, /**<<< "User is a guest (unregistered user)" */
auth_cred_user, /**<<< "User is identified as a registered user" */
auth_cred_operator, /**<<< "User is identified as a hub operator" */
auth_cred_super, /**<<< "User is a super user" (not used) */
auth_cred_link, /**<<< "User is a link (not used currently)" */
auth_cred_admin, /**<<< "User is identified as a hub administrator/owner" */
};
/**
* Returns 1 if the credentials means that a user is protected.
* Returns 0 otherwise.
*/
int auth_cred_is_protected(enum auth_credentials cred);
/**
* Returns 1 if a user is registered.
* Returns 0 otherwise.
* Only registered users will be let in if the hub is configured for registered
* users only.
*/
int auth_cred_is_registered(enum auth_credentials cred);
/**
* Returns a string representation of the credentials enum.
*/
const char* auth_cred_to_string(enum auth_credentials cred);
#endif /* HAVE_UHUB_CREDENTIALS_H */