]> jfr.im git - solanum.git/blob - extensions/sasl_usercloak.c
projects / solanum.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add `solanum.chat/oper` capablity (#217)
[solanum.git] / extensions / sasl_usercloak.c
1 #include "stdinc.h"
2 #include "modules.h"
3 #include "hook.h"
4 #include "client.h"
5 #include "hostmask.h"
6 #include "ircd.h"
7 #include "send.h"
8 #include "hash.h"
9 #include "s_conf.h"
10 #include "s_user.h"
11 #include "s_serv.h"
12 #include "numeric.h"
13
14 #include <stdint.h>
15
16 static const char sasl_usercloak_desc[] =
17 "Insert the SASL account name into certain iline spoofed hosts";
18
19 static void check_new_user(void *data);
20 mapi_hfn_list_av1 sasl_usercloak_hfnlist[] = {
21 { "new_local_user", check_new_user },
22 { NULL, NULL }
23 };
24
25
26 unsigned int fnv_hash_string(char *str)
27 {
28 unsigned int hash = 0x811c9dc5; // Magic value for 32-bit fnv1 hash initialisation.
29 unsigned char *p = (unsigned char *)str;
30 while (*p)
31 {
32 hash += (hash<<1) + (hash<<4) + (hash<<7) + (hash<<8) + (hash<<24);
33 hash ^= *p++;
34 }
35 return hash;
36 }
37
38 static void
39 check_new_user(void *vdata)
40 {
41 struct Client *source_p = vdata;
42
43 if (!IsIPSpoof(source_p))
44 return;
45
46 if (EmptyString(source_p->user->suser))
47 return;
48
49 char *accountpart = strstr(source_p->orighost, "/account");
50 if (!accountpart || accountpart[8] != '\0')
51 return;
52
53 accountpart += 1;
54
55 char buf[HOSTLEN];
56 memset(buf, 0, sizeof(buf));
57 char *dst = buf;
58
59 strncpy(buf, source_p->orighost, accountpart - source_p->orighost);
60 dst += accountpart - source_p->orighost;
61
62 int needhash = 0;
63
64 for (char *src = source_p->user->suser; *src ; src++ )
65 {
66 if (dst >= buf + sizeof(buf))
67 {
68 /* Doesn't fit. Warn opers and bail. */
69 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
70 "Couldn't fit account name part %s in hostname for %s!%s@%s",
71 source_p->user->suser, source_p->name, source_p->username, source_p->orighost);
72 return;
73 }
74
75 char c = tolower(*src);
76
77 if (IsHostChar(c))
78 *dst++ = c;
79 else
80 needhash = 1;
81 }
82
83 if (needhash)
84 {
85 if (dst > buf + sizeof(buf) - 12) /* '/x-' plus eight digit hash plus null terminator */
86 {
87 /* Doesn't fit. Warn opers and bail. */
88 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
89 "Couldn't fit account name part %s in hostname for %s!%s@%s",
90 source_p->user->suser, source_p->name, source_p->username, source_p->orighost);
91 return;
92 }
93
94 *dst++ = '/';
95 *dst++ = 'x';
96 *dst++ = '-';
97
98 unsigned int hashval = fnv_hash_string(source_p->user->suser);
99 hashval %= 100000000; // eight digits only please.
100 snprintf(dst, 9, "%08u", hashval);
101 }
102
103 /* just in case */
104 buf[HOSTLEN-1] = '\0';
105
106 /* If hostname has been changed already (probably by services cloak on SASL login), then
107 * leave it intact. If not, change it. In either case, update the original hostname.
108 */
109 if (0 == irccmp(source_p->host, source_p->orighost))
110 change_nick_user_host(source_p, source_p->name, source_p->username, buf, 0, "Changing host");
111 strncpy(source_p->orighost, buf, HOSTLEN);
112
113 {
114 struct ConfItem *aconf = find_kline(source_p);
115
116 if(aconf == NULL)
117 return;
118
119 if(IsExemptKline(source_p))
120 {
121 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
122 "KLINE over-ruled for %s, client is kline_exempt [%s@%s]",
123 get_client_name(source_p, HIDE_IP),
124 aconf->user, aconf->host);
125 return;
126 }
127
128 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
129 "KLINE active for %s",
130 get_client_name(source_p, HIDE_IP));
131
132 notify_banned_client(source_p, aconf, K_LINED);
133 }
134 }
135
136 DECLARE_MODULE_AV2(sasl_usercloak, NULL, NULL, NULL, NULL, sasl_usercloak_hfnlist, NULL, NULL, sasl_usercloak_desc);
Fork of solanum ircd, history is rebased regularly