[irc/quakenet/newserv.git] / ticketauth / ticketauth.c

/* ticketauth.c */

#include <stdio.h>
#include <string.h>
#include <strings.h>

#include "../control/control.h"
#include "../core/config.h"
#include "../nick/nick.h"
#include "../core/error.h"
#include "../lib/hmac.h"
#include "../lib/version.h"
#include "../localuser/localuser.h"
#include "../core/hooks.h"
#include "../irc/irc.h"
#include "../chanserv/chanserv.h"

#define WARN_CHANNEL "#twilightzone"

MODULE_VERSION("");

sstring *sharedsecret = NULL;

int ta_ticketauth(void *source, int cargc, char **cargv) {
  nick *np = (nick *)source;
  char buffer[1024], *uhmac, *acc, *junk, *flags;
  unsigned char digest[32];
  int expiry, acclen, id;
  hmacsha256 hmac;
  channel *wcp;

  if(IsAccount(np)) {
    controlreply(np, "You're already authed.");
    return CMD_ERROR;
  }

  if(cargc != 6)
    return CMD_USAGE;

  acc = cargv[0];
  expiry = atoi(cargv[1]);
  id = atoi(cargv[2]);
  acclen = strlen(acc);
  flags = cargv[3];
  junk = cargv[4];
  uhmac = cargv[5];

  if((acclen <= 1) || (acclen > ACCOUNTLEN)) {
    controlreply(np, "Bad account.");
    return CMD_ERROR;
  }

  if(time(NULL) > expiry + 30) {
    controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (expired)", np->nick, np->ident, np->host->name->content, acc);
    controlreply(np, "Ticket time is bad or has expired.");
    return CMD_ERROR;
  }

  hmacsha256_init(&hmac, (unsigned char *)sharedsecret->content, sharedsecret->length);
  snprintf(buffer, sizeof(buffer), "%s %d %d %s", acc, expiry, id, junk);
  hmacsha256_update(&hmac, (unsigned char *)buffer, strlen(buffer));
  hmacsha256_final(&hmac, digest);
  
  /* hahahaha */
  snprintf(buffer, sizeof(buffer), "%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", digest[0], digest[1],  digest[2], digest[3], digest[4], digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], digest[11], digest[12], digest[13], digest[14], digest[15], digest[16], digest[17], digest[18], digest[19], digest[20], digest[21], digest[22], digest[23], digest[24], digest[25], digest[26], digest[27], digest[28], digest[29], digest[30], digest[31]);

  if(strcasecmp(buffer, uhmac)) {
    controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (bad HMAC)", np->nick, np->ident, np->host->name->content, acc);
    controlreply(np, "Bad HMAC.");
    return CMD_ERROR;
  }

  controlwall(NO_OPER, NL_MISC, "%s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc);

  wcp = findchannel(WARN_CHANNEL);
  if(wcp)
    controlchanmsg(wcp, "WARNING: %s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc);

  controlreply(np, "Ticket valid, authing. . .");

  localusersetaccount(np, acc, id, 0, cs_accountflagmap_str(flags));

  controlreply(np, "Done.");
  return CMD_OK;
}

void _init() {
  sharedsecret = getcopyconfigitem("ticketauth", "sharedsecret", "", 512);
  if(!sharedsecret || !sharedsecret->content || !sharedsecret->content[0]) {
    Error("ticketauth", ERR_ERROR, "Shared secret not defined in config file.");
    if(sharedsecret) {
      freesstring(sharedsecret);
      sharedsecret = NULL;
    }

    return;
  }

  registercontrolhelpcmd("ticketauth", NO_OPERED, 5, ta_ticketauth, "Usage: ticketauth <ticket>");
}

void _fini() {
  if(!sharedsecret)
    return;

  deregistercontrolcmd("ticketauth", ta_ticketauth);

  freesstring(sharedsecret);
}
Commit	Line	Data
c2234094 CP	1	/* ticketauth.c */
	2
	3	#include <stdio.h>
	4	#include <string.h>
	5	#include <strings.h>
	6
	7	#include "../control/control.h"
	8	#include "../core/config.h"
	9	#include "../nick/nick.h"
	10	#include "../core/error.h"
893267ed	11	#include "../lib/hmac.h"
c2234094	12	#include "../lib/version.h"
893267ed	13	#include "../localuser/localuser.h"
c2234094 CP	14	#include "../core/hooks.h"
c2234094 CP	15	#include "../irc/irc.h"
3294b10b	16	#include "../chanserv/chanserv.h"
c2234094	17
f20f0b80	18	#define WARN_CHANNEL "#twilightzone"
c2234094	19
70b0a4e5	20	MODULE_VERSION("");
c2234094 CP	21
	22	sstring *sharedsecret = NULL;
	23
c2234094 CP	24	int ta_ticketauth(void source, int cargc, char *cargv) {
c2234094 CP	25	nick np = (nick )source;
3294b10b	26	char buffer[1024], uhmac, acc, junk, flags;
893267ed CP	27	unsigned char digest[32];
	28	int expiry, acclen, id;
	29	hmacsha256 hmac;
	30	channel *wcp;
c2234094 CP	31
	32	if(IsAccount(np)) {
	33	controlreply(np, "You're already authed.");
	34	return CMD_ERROR;
	35	}
	36
3294b10b	37	if(cargc != 6)
c2234094 CP	38	return CMD_USAGE;
c2234094 CP	39
893267ed	40	acc = cargv[0];
f20f0b80	41	expiry = atoi(cargv[1]);
893267ed	42	id = atoi(cargv[2]);
c2234094	43	acclen = strlen(acc);
3294b10b CP	44	flags = cargv[3];
	45	junk = cargv[4];
	46	uhmac = cargv[5];
f5ec1838	47
c2234094 CP	48	if((acclen <= 1) \|\| (acclen > ACCOUNTLEN)) {
	49	controlreply(np, "Bad account.");
	50	return CMD_ERROR;
	51	}
	52
f20f0b80	53	if(time(NULL) > expiry + 30) {
c2234094 CP	54	controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (expired)", np->nick, np->ident, np->host->name->content, acc);
	55	controlreply(np, "Ticket time is bad or has expired.");
	56	return CMD_ERROR;
	57	}
c2234094	58
893267ed	59	hmacsha256_init(&hmac, (unsigned char *)sharedsecret->content, sharedsecret->length);
f20f0b80	60	snprintf(buffer, sizeof(buffer), "%s %d %d %s", acc, expiry, id, junk);
893267ed CP	61	hmacsha256_update(&hmac, (unsigned char *)buffer, strlen(buffer));
893267ed CP	62	hmacsha256_final(&hmac, digest);
c2234094	63
893267ed CP	64	/* hahahaha */
893267ed CP	65	snprintf(buffer, sizeof(buffer), "%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x%.2x", digest[0], digest[1], digest[2], digest[3], digest[4], digest[5], digest[6], digest[7], digest[8], digest[9], digest[10], digest[11], digest[12], digest[13], digest[14], digest[15], digest[16], digest[17], digest[18], digest[19], digest[20], digest[21], digest[22], digest[23], digest[24], digest[25], digest[26], digest[27], digest[28], digest[29], digest[30], digest[31]);
c2234094	66
893267ed	67	if(strcasecmp(buffer, uhmac)) {
c2234094 CP	68	controlwall(NO_OPER, NL_MISC, "%s!%s@%s attempted to TICKETAUTH as %s (bad HMAC)", np->nick, np->ident, np->host->name->content, acc);
	69	controlreply(np, "Bad HMAC.");
	70	return CMD_ERROR;
	71	}
	72
	73	controlwall(NO_OPER, NL_MISC, "%s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc);
893267ed CP	74
	75	wcp = findchannel(WARN_CHANNEL);
	76	if(wcp)
	77	controlchanmsg(wcp, "WARNING: %s!%s@%s TICKETAUTH'ed as %s", np->nick, np->ident, np->host->name->content, acc);
	78
c2234094 CP	79	controlreply(np, "Ticket valid, authing. . .");
c2234094 CP	80
3294b10b	81	localusersetaccount(np, acc, id, 0, cs_accountflagmap_str(flags));
c2234094	82
893267ed	83	controlreply(np, "Done.");
c2234094 CP	84	return CMD_OK;
	85	}
	86
893267ed	87	void _init() {
c2234094 CP	88	sharedsecret = getcopyconfigitem("ticketauth", "sharedsecret", "", 512);
	89	if(!sharedsecret \|\| !sharedsecret->content \|\| !sharedsecret->content[0]) {
	90	Error("ticketauth", ERR_ERROR, "Shared secret not defined in config file.");
	91	if(sharedsecret) {
	92	freesstring(sharedsecret);
	93	sharedsecret = NULL;
	94	}
	95
	96	return;
	97	}
	98
f20f0b80	99	registercontrolhelpcmd("ticketauth", NO_OPERED, 5, ta_ticketauth, "Usage: ticketauth <ticket>");
c2234094 CP	100	}
	101
	102	void _fini() {
	103	if(!sharedsecret)
	104	return;
	105
	106	deregistercontrolcmd("ticketauth", ta_ticketauth);
	107
	108	freesstring(sharedsecret);
	109	}