]>
Commit | Line | Data |
---|---|---|
c2234094 CP |
1 | /* ticketauth.c */ |
2 | ||
3 | #include <stdio.h> | |
4 | #include <string.h> | |
5 | #include <strings.h> | |
6 | ||
7 | #include "../control/control.h" | |
8 | #include "../core/config.h" | |
9 | #include "../nick/nick.h" | |
10 | #include "../core/error.h" | |
893267ed | 11 | #include "../lib/hmac.h" |
c2234094 | 12 | #include "../lib/version.h" |
893267ed | 13 | #include "../localuser/localuser.h" |
c2234094 CP |
14 | #include "../core/hooks.h" |
15 | #include "../irc/irc.h" | |
16 | ||
f20f0b80 | 17 | #define WARN_CHANNEL "#twilightzone" |
c2234094 | 18 | |
70b0a4e5 | 19 | MODULE_VERSION(""); |
c2234094 CP |
20 | |
21 | sstring *sharedsecret = NULL; | |
22 | ||
c2234094 CP |
23 | int ta_ticketauth(void *source, int cargc, char **cargv) { |
24 | nick *np = (nick *)source; | |
893267ed CP |
25 | char buffer[1024], *uhmac, *acc, *junk; |
26 | unsigned char digest[32]; | |
27 | int expiry, acclen, id; | |
28 | hmacsha256 hmac; | |
29 | channel *wcp; | |
c2234094 CP |
30 | |
31 | if(IsAccount(np)) { | |
32 | controlreply(np, "You're already authed."); | |
33 | return CMD_ERROR; | |
34 | } | |
35 | ||
f20f0b80 | 36 | if(cargc != 5) |
c2234094 CP |
37 | return CMD_USAGE; |
38 | ||
893267ed | 39 | acc = cargv[0]; |
f20f0b80 | 40 | expiry = atoi(cargv[1]); |
893267ed | 41 | id = atoi(cargv[2]); |
c2234094 | 42 | acclen = strlen(acc); |
f5ec1838 | 43 | junk = cargv[3]; |
893267ed | 44 | uhmac = cargv[4]; |
f5ec1838 | 45 | |
c2234094 CP |
46 | if((acclen <= 1) || (acclen > ACCOUNTLEN)) { |
47 | controlreply(np, "Bad account."); | |
48 | return CMD_ERROR; | |
49 | } | |
50 | ||
f20f0b80 | 51 | if(time(NULL) > expiry + 30) { |
c2234094 CP |
52 | controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (expired)", np->nick, np->ident, np->host->name->content, acc); |
53 | controlreply(np, "Ticket time is bad or has expired."); | |
54 | return CMD_ERROR; | |
55 | } | |
c2234094 | 56 | |
893267ed | 57 | hmacsha256_init(&hmac, (unsigned char *)sharedsecret->content, sharedsecret->length); |
f20f0b80 | 58 | snprintf(buffer, sizeof(buffer), "%s %d %d %s", acc, expiry, id, junk); |
893267ed CP |
59 | hmacsha256_update(&hmac, (unsigned char *)buffer, strlen(buffer)); |
60 | hmacsha256_final(&hmac, digest); | |
c2234094 | 61 | |
893267ed CP |
62 | /* hahahaha */ |
63 | snprintf(buffer, sizeof(buffer), "%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", digest[0], digest[1], digest[2], digest[3], digest[4], digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], digest[11], digest[12], digest[13], digest[14], digest[15], digest[16], digest[17], digest[18], digest[19], digest[20], digest[21], digest[22], digest[23], digest[24], digest[25], digest[26], digest[27], digest[28], digest[29], digest[30], digest[31]); | |
c2234094 | 64 | |
893267ed | 65 | if(strcasecmp(buffer, uhmac)) { |
c2234094 CP |
66 | controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (bad HMAC)", np->nick, np->ident, np->host->name->content, acc); |
67 | controlreply(np, "Bad HMAC."); | |
68 | return CMD_ERROR; | |
69 | } | |
70 | ||
71 | controlwall(NO_OPER, NL_MISC, "%s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc); | |
893267ed CP |
72 | |
73 | wcp = findchannel(WARN_CHANNEL); | |
74 | if(wcp) | |
75 | controlchanmsg(wcp, "WARNING: %s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc); | |
76 | ||
c2234094 CP |
77 | controlreply(np, "Ticket valid, authing. . ."); |
78 | ||
c4ffdb9b | 79 | localusersetaccountflags(np, acc, id, 0, 0); |
c2234094 | 80 | |
893267ed | 81 | controlreply(np, "Done."); |
c2234094 CP |
82 | return CMD_OK; |
83 | } | |
84 | ||
893267ed | 85 | void _init() { |
c2234094 CP |
86 | sharedsecret = getcopyconfigitem("ticketauth", "sharedsecret", "", 512); |
87 | if(!sharedsecret || !sharedsecret->content || !sharedsecret->content[0]) { | |
88 | Error("ticketauth", ERR_ERROR, "Shared secret not defined in config file."); | |
89 | if(sharedsecret) { | |
90 | freesstring(sharedsecret); | |
91 | sharedsecret = NULL; | |
92 | } | |
93 | ||
94 | return; | |
95 | } | |
96 | ||
f20f0b80 | 97 | registercontrolhelpcmd("ticketauth", NO_OPERED, 5, ta_ticketauth, "Usage: ticketauth <ticket>"); |
c2234094 CP |
98 | } |
99 | ||
100 | void _fini() { | |
101 | if(!sharedsecret) | |
102 | return; | |
103 | ||
104 | deregistercontrolcmd("ticketauth", ta_ticketauth); | |
105 | ||
106 | freesstring(sharedsecret); | |
107 | } |