ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/contrib/mysql_auth.c
Revision: 812
Committed: Thu Sep 7 09:41:54 2006 UTC (17 years, 6 months ago) by michael
Content type: text/x-csrc
File size: 5362 byte(s)
Log Message:
- Imported contrib/

File Contents

# Content
1 #define USERNAME_LEN 32
2 #define PASSWORD_LEN 32
3 #define MYSQL_SERVER "localhost"
4 #define MYSQL_USER "ircd"
5 #define MYSQL_PASSWORD "somepass"
6 #define MYSQL_DATABASE "ircd"
7 #define MYSQL_QUERY1 "SELECT uid,class FROM uids WHERE username = '%s' AND password = '%s'"
8 #define MYSQL_QUERY2 "SELECT username FROM uids WHERE uid = '%s'"
9
10 /*
11 * ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
12 * mysql_auth.c: Allows users to authorize against a MySQL db.
13 *
14 * Copyright (C) 2005 by the past and present ircd coders, and others.
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 * This program is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * You should have received a copy of the GNU General Public License
27 * along with this program; if not, write to the Free Software
28 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
29 * USA
30 *
31 * $Id$
32 */
33
34 #include "stdinc.h"
35 #include "conf/conf.h"
36 #include "client.h"
37 #include "common.h"
38 #include "hash.h"
39 #include "send.h"
40 #include "user.h"
41 #include "server.h"
42 #include "/usr/local/include/mysql/mysql.h"
43
44 static MYSQL *mysql;
45 static dlink_node *h_auth, *h_uid;
46 static char buffer[IRCD_BUFSIZE];
47
48 static void *my_authorize_client(va_list);
49 static void *my_uid_get(va_list);
50
51 INIT_MODULE(mysql_auth, "$Revision$")
52 {
53 h_uid = install_hook(uid_get, my_uid_get);
54 h_auth = install_hook(authorize_client, my_authorize_client);
55
56 mysql = mysql_init(NULL);
57
58 if (!mysql_real_connect(
59 mysql,
60 MYSQL_SERVER,
61 MYSQL_USER,
62 MYSQL_PASSWORD,
63 MYSQL_DATABASE,
64 0,
65 NULL,
66 0
67 ))
68 {
69 ilog(L_CRIT, "Cannot connect to MySQL");
70 sendto_realops_flags(UMODE_ALL, L_ALL, "Cannot connect to MySQL");
71 }
72 }
73
74 CLEANUP_MODULE
75 {
76 mysql_close(mysql);
77
78 uninstall_hook(authorize_client, my_authorize_client);
79 uninstall_hook(uid_get, my_uid_get);
80 }
81
82 /*
83 * uid_is_registered()
84 *
85 * Checks if the generated UID is registered.
86 *
87 * inputs: pointer to UID string
88 * output: YES/NO
89 */
90 static int
91 uid_is_registered(const char *uid)
92 {
93 int len = strlen(uid);
94 char uid_esc[TOTALSIDUID*2 + 1];
95 MYSQL_RES *res;
96
97 if (len > TOTALSIDUID)
98 len = TOTALSIDUID;
99 mysql_real_escape_string(mysql, uid_esc, uid, len);
100
101 len = snprintf(buffer, sizeof(buffer), MYSQL_QUERY2, uid_esc);
102
103 if (mysql_real_query(mysql, buffer, len) != 0)
104 return NO;
105
106 res = mysql_store_result(mysql);
107 len = mysql_num_rows(res);
108 mysql_free_result(res);
109
110 return len ? YES : NO;
111 }
112
113 /*
114 * my_authorize_client()
115 *
116 * Overrides the normal auth{} lookup.
117 *
118 * inputs:
119 * source_p - pointer to struct Client
120 * username - new client's username
121 * output: referenced class pointer or NULL, if the client's been exited
122 */
123 static void *
124 my_authorize_client(va_list args)
125 {
126 struct Class *cl = NULL;
127 struct Client *source_p = va_arg(args, struct Client *);
128 const char *username = va_arg(args, const char *);
129 char *user = source_p->localClient->passwd;
130 char *pass;
131
132 // Client password should be in format user:pass
133
134 if (user != NULL && (pass = strchr(user, ':')) != NULL)
135 {
136 char user_esc[USERNAME_LEN*2 + 1];
137 char pass_esc[PASSWORD_LEN*2 + 1];
138 int len;
139 MYSQL_RES *res;
140
141 *pass++ = 0;
142
143 len = strlen(user);
144 if (len > USERNAME_LEN)
145 len = USERNAME_LEN;
146 mysql_real_escape_string(mysql, user_esc, user, len);
147
148 len = strlen(pass);
149 if (len > PASSWORD_LEN)
150 len = PASSWORD_LEN;
151 mysql_real_escape_string(mysql, pass_esc, pass, len);
152
153 // leave localClient->password unmodified, it is used by ircd sometimes
154 *--pass = ':';
155
156 len = snprintf(buffer, sizeof(buffer), MYSQL_QUERY1, user_esc, pass_esc);
157 if (mysql_real_query(mysql, buffer, len) != 0)
158 {
159 ilog(L_ERROR, "MySQL query failed for %s",
160 get_client_name(source_p, HIDE_IP));
161 return pass_callback(h_auth, source_p, username);
162 }
163
164 res = mysql_store_result(mysql);
165
166 if (mysql_num_rows(res) > 0)
167 {
168 struct Client *cptr;
169 MYSQL_ROW row = mysql_fetch_row(res);
170
171 strlcpy(buffer, row[0], TOTALSIDUID+1);
172 cl = ref_class_by_name(row[1]);
173 mysql_free_result(res);
174
175 if (buffer[0])
176 {
177 // Got the UID, this means the user owns it.
178
179 if ((cptr = hash_find_id(buffer)) != NULL)
180 exit_client(cptr, &me, "Overridden");
181
182 strlcpy(source_p->id, buffer, sizeof(source_p->id));
183 }
184 }
185
186 mysql_free_result(res);
187
188 if (cl != NULL)
189 return cl;
190 }
191
192 // Nothing found, so use standard rules
193
194 return pass_callback(h_auth, source_p, username);
195 }
196
197 /*
198 * my_uid_get()
199 *
200 * Overrides the plain UID generation routine.
201 *
202 * inputs: pointer to struct Client
203 * output: the generated UID
204 */
205 static void *
206 my_uid_get(va_list args)
207 {
208 struct Client *source_p = va_arg(args, struct Client *);
209 char *uid;
210
211 if (source_p->id[0])
212 return source_p->id;
213
214 while (uid_is_registered(uid = pass_callback(h_uid, source_p)))
215 ; // loop
216
217 return uid;
218 }

Properties

Name Value
svn:eol-style native
svn:keywords "Id Revision"