#define KEY_LDAP_FIELD_EMAIL "ldap_field_email"
#define KEY_LDAP_OBJECT_CLASSES "ldap_object_classes"
#define KEY_LDAP_OPER_GROUP_DN "ldap_oper_group_dn"
+#define KEY_LDAP_OPER_GROUP_LEVEL "ldap_oper_group_level"
#define KEY_LDAP_FIELD_GROUP_MEMBER "ldap_field_group_member"
#define KEY_LDAP_TIMEOUT "ldap_timeout"
#endif
}
else {
if(user) {
- register_nick(user->nick, hi);
- send_message(user, nickserv, "NSMSG_REGISTER_HN_SUCCESS");
+ if (is_registerable_nick(user->nick)) {
+ register_nick(user->nick, hi);
+ send_message(user, nickserv, "NSMSG_REGISTER_HN_SUCCESS");
+ }
}
}
if (settee && (user != settee)) {
else
fmt = handle_find_message(hi, "NSEMAIL_PASSWORD_CHANGE_BODY");
snprintf(body, sizeof(body), fmt, netname, cookie->cookie, nickserv->nick, self->name, hi->handle);
+ first_time = 0;
break;
case EMAIL_CHANGE:
misc = hi->email_addr;
sendmail(nickserv, hi, subject, body, 1);
fmt = handle_find_message(hi, "NSEMAIL_EMAIL_CHANGE_BODY_OLD");
snprintf(body, sizeof(body), fmt, netname, cookie->cookie, nickserv->nick, self->name, hi->handle, COOKIELEN/2, hi->email_addr);
+ first_time = 1;
} else {
#endif
send_message(user, nickserv, "NSMSG_USE_COOKIE_EMAIL_1");
* called by nefariouses enhanced AC login-on-connect code
*
*/
-struct handle_info *loc_auth(char *handle, char *password)
+struct handle_info *loc_auth(char *handle, char *password, char *userhost)
{
int pw_arg, used, maxlogins;
unsigned int ii;
#ifdef WITH_LDAP
int ldap_result = LDAP_SUCCESS;
char *email = NULL;
-
#endif
hi = dict_find(nickserv_handle_dict, handle, NULL);
return NULL;
}
}
-// else
#else
if (!hi) {
return NULL;
}
#endif
#ifdef WITH_LDAP
- if( (!hi) && nickserv_conf.ldap_enable && ldap_result == LDAP_SUCCESS && nickserv_conf.ldap_autocreate) {
+ /* ldap libs are present but we are not using them... */
+ if( !nickserv_conf.ldap_enable ) {
+ if (!hi) {
+ return NULL;
+ }
+ if (!checkpass(password, hi->passwd)) {
+ return NULL;
+ }
+ }
+ else if( (!hi) && ldap_result == LDAP_SUCCESS && nickserv_conf.ldap_autocreate) {
/* user not found, but authed to ldap successfully..
* create the account.
*/
int rc;
/* Add a *@* mask */
+ /* TODO if userhost is not null, build mask based on that. */
if(nickserv_conf.default_hostmask)
mask = "*@*";
else
/* We don't know the users hostname, or anything because they
* havn't registered yet. So we can only allow LOC if your
* account has *@* as a hostmask.
+ *
+ * UPDATE: New nefarious LOC supports u@h
*/
- for (ii=0; ii<hi->masks->used; ii++)
- {
- if (!strcmp(hi->masks->list[ii], "*@*"))
- {
- wildmask++;
- break;
- }
+ if(userhost) {
+ char *buf;
+ char *ident;
+ char *realhost;
+ char *ip;
+ char *uh;
+ char *ui;
+
+ buf = strdup(userhost);
+ ident = mysep(&buf, "@");
+ realhost = mysep(&buf, ":");
+ ip = mysep(&buf, ":");
+ if(!ip || !realhost || !ident) {
+ free(buf);
+ return NULL; /* Invalid AC request, just quit */
+ }
+ uh = malloc(strlen(userhost));
+ ui = malloc(strlen(userhost));
+ sprintf(uh, "%s@%s", ident, realhost);
+ sprintf(ui, "%s@%s", ident, ip);
+ for (ii=0; ii<hi->masks->used; ii++)
+ {
+ if(match_ircglob(uh, hi->masks->list[ii])
+ || match_ircglob(ui, hi->masks->list[ii]))
+ {
+ wildmask++;
+ break;
+ }
+ }
+ free(buf);
+ free(uh);
+ free(ui);
+ }
+ else {
+
+ for (ii=0; ii<hi->masks->used; ii++)
+ {
+ if (!strcmp(hi->masks->list[ii], "*@*"))
+ {
+ wildmask++;
+ break;
+ }
+ }
}
if(wildmask < 1)
return NULL;
static OPTION_FUNC(opt_password)
{
char crypted[MD5_CRYPT_LENGTH+1];
- if(argc < 1) {
+ if(argc < 2) {
return 0;
}
if (!override) {
return 0;
}
#ifdef WITH_LDAP
- if(nickserv_conf.ldap_enable && nickserv_conf.ldap_oper_group_dn && nickserv_conf.ldap_admin_dn) {
+ if(nickserv_conf.ldap_enable && *(nickserv_conf.ldap_oper_group_dn) && *(nickserv_conf.ldap_admin_dn)) {
int rc;
- if(new_level > 0)
+ if(new_level > nickserv_conf.ldap_oper_group_level)
rc = ldap_add2group(target->handle, nickserv_conf.ldap_oper_group_dn);
else
rc = ldap_delfromgroup(target->handle, nickserv_conf.ldap_oper_group_dn);
nickserv_unregister_handle(match, source, nickserv); // XXX nickserv hard coded
}
+#ifdef WITH_LDAP
static void
search_add2ldap_func (struct userNode *source, struct handle_info *match)
{
-#ifdef WITH_LDAP
int rc;
if(match->email_addr && match->passwd && match->handle) {
rc = ldap_do_add(match->handle, match->passwd, match->email_addr);
send_message(source, nickserv, "NSMSG_LDAP_FAIL_ADD", match->handle, ldap_err2string(rc));
}
}
-#endif
}
+#endif
static int
nickserv_sort_accounts_by_access(const void *a, const void *b)
str = database_get_data(conf_node, KEY_LDAP_OPER_GROUP_DN, RECDB_QSTRING);
nickserv_conf.ldap_oper_group_dn = str ? str : "";
+ str = database_get_data(conf_node, KEY_LDAP_OPER_GROUP_LEVEL, RECDB_QSTRING);
+ nickserv_conf.ldap_oper_group_level = str ? strtoul(str, NULL, 0) : 99;
+
str = database_get_data(conf_node, KEY_LDAP_FIELD_GROUP_MEMBER, RECDB_QSTRING);
nickserv_conf.ldap_field_group_member = str ? str : "";
hi = dict_find(nickserv_handle_dict, stamp, NULL);
if(hi && timestamp && hi->registered != timestamp)
{
- log_module(MAIN_LOG, LOG_WARNING, "%s using account %s but timestamp does not match %lu is not %lu.", user->nick, stamp, timestamp, hi->registered);
+ log_module(MAIN_LOG, LOG_WARNING, "%s using account %s but timestamp does not match %s is not %s.", user->nick, stamp, ctime(×tamp),
+ctime(&hi->registered));
return;
}
#else
regfree(&nickserv_conf.valid_nick_regex);
}
+void handle_loc_auth_oper(struct userNode *user, UNUSED_ARG(struct handle_info *old_handle)) {
+ if (!*nickserv_conf.auto_oper || !user->handle_info)
+ return;
+
+ if (!IsOper(user)) {
+ if (*nickserv_conf.auto_admin && user->handle_info->opserv_level >= opserv_conf_admin_level()) {
+ irc_umode(user, nickserv_conf.auto_admin);
+ irc_sno(0x1, "%s (%s@%s) is now an IRC Administrator",
+ user->nick, user->ident, user->hostname);
+ } else if (*nickserv_conf.auto_oper && user->handle_info->opserv_level) {
+ irc_umode(user, nickserv_conf.auto_oper);
+ irc_sno(0x1, "%s (%s@%s) is now an IRC Operator",
+ user->nick, user->ident, user->hostname);
+ }
+ }
+}
+
void
init_nickserv(const char *nick)
{
reg_nick_change_func(handle_nick_change);
reg_del_user_func(nickserv_remove_user);
reg_account_func(handle_account);
+ reg_auth_func(handle_loc_auth_oper);
/* set up handle_inverse_flags */
memset(handle_inverse_flags, 0, sizeof(handle_inverse_flags));