Rewrote some of the opertype system, added os_login

9 files changed, 110 insertions, 72 deletions

diff --git a/src/commands.cpp b/src/commands.cpp
index 00fe6574c..91b4787fd 100644
--- a/src/commands.cpp
+++ b/src/commands.cpp
@@ -156,7 +156,7 @@ void mod_run_cmd(BotInfo *bi, User *u, ChannelInfo *ci, Command *c, const Anope:
 	}
 
 	// If the command requires a permission, and they aren't registered or don't have the required perm, DENIED
-	if (!c->permission.empty() && !u->Account()->HasCommand(c->permission))
+	if (!c->permission.empty() && !u->HasCommand(c->permission))
 	{
 		u->SendMessage(bi, _(ACCESS_DENIED));
 		Log(LOG_COMMAND, "denied", bi) << "Access denied for user " << u->GetMask() << " with command " << command;
@@ -201,7 +201,7 @@ void mod_help_cmd(BotInfo *bi, User *u, ChannelInfo *ci, const Anope::string &cm
 	source.service = ci ? ci->bi : bi;
 	source.fantasy = ci != NULL;
 
-	if (!c || (Config->HidePrivilegedCommands && !c->permission.empty() && (!u->Account() || !u->Account()->HasCommand(c->permission))) || !c->OnHelp(source, subcommand))
+	if (!c || (Config->HidePrivilegedCommands && !c->permission.empty() && !u->HasCommand(c->permission)) || !c->OnHelp(source, subcommand))
 		source.Reply( _("No help available for \002%s\002."), cmd.c_str());
 	else
 	{
@@ -215,7 +215,7 @@ void mod_help_cmd(BotInfo *bi, User *u, ChannelInfo *ci, const Anope::string &cm
 		if (!c->HasFlag(CFLAG_ALLOW_UNREGISTERED) && !u->IsIdentified())
 			source.Reply( _("You need to be identified to use this command."));
 		/* User doesn't have the proper permission to use this command */
-		else if (!c->permission.empty() && (!u->Account() || !u->Account()->HasCommand(c->permission)))
+		else if (!c->permission.empty() && !u->HasCommand(c->permission))
 			source.Reply(_("You cannot use this command."));
 		/* User can use this command */
 		else
diff --git a/src/config.cpp b/src/config.cpp
index 86ef446bc..e230a15b7 100644
--- a/src/config.cpp
+++ b/src/config.cpp
@@ -792,8 +792,10 @@ static bool DoneOperTypes(ServerConfig *, const Anope::string &)
 static bool InitOpers(ServerConfig *config, const Anope::string &)
 {
 	for (nickcore_map::const_iterator it = NickCoreList.begin(), it_end = NickCoreList.end(); it != it_end; ++it)
-		it->second->ot = NULL;
+		it->second->o = NULL;
 
+	for (unsigned i = 0; i < config->Opers.size(); ++i)
+		delete config->Opers[i];
 	config->Opers.clear();
 
 	return true;
@@ -803,6 +805,8 @@ static bool DoOper(ServerConfig *config, const Anope::string &, const Anope::str
 {
 	Anope::string name = values[0].GetValue();
 	Anope::string type = values[1].GetValue();
+	Anope::string password = values[2].GetValue();
+	Anope::string certfp = values[3].GetValue();
 
 	ValueItem vi(name);
 	if (!ValidateNotEmpty(config, "oper", "name", vi))
@@ -811,35 +815,35 @@ static bool DoOper(ServerConfig *config, const Anope::string &, const Anope::str
 	ValueItem vi2(type);
 	if (!ValidateNotEmpty(config, "oper", "type", vi2))
 		throw ConfigException("One or more values in your configuration file failed to validate. Please see your log for more information.");
+	
+	OperType *ot = NULL;
+	for (std::list<OperType *>::iterator it = config->MyOperTypes.begin(), it_end = config->MyOperTypes.end(); it != it_end; ++it)
+		if ((*it)->GetName() == type)
+			ot = *it;
+	if (ot == NULL)
+		throw ConfigException("Oper block for " + name + " has invalid oper type " + type);
+	
+	Oper *o = new Oper(name, password, certfp, ot);
+	config->Opers.push_back(o);
 
-	config->Opers.push_back(std::make_pair(name, type));
 	return true;
 }
 
 static bool DoneOpers(ServerConfig *config, const Anope::string &)
 {
-	for (std::list<std::pair<Anope::string, Anope::string> >::iterator it = config->Opers.begin(), it_end = config->Opers.end(); it != it_end; ++it)
+	for (unsigned i = 0; i < config->Opers.size(); ++i)
 	{
-		Anope::string nick = it->first, type = it->second;
+		Oper *o = config->Opers[i];
 
-		NickAlias *na = findnick(nick);
+		NickAlias *na = findnick(o->name);
 		if (!na)
 			// Nonexistant nick
 			continue;
 
-		if (!na->nc)
-			throw CoreException("Nick with no core?");
-
-		for (std::list<OperType *>::iterator tit = config->MyOperTypes.begin(), tit_end = config->MyOperTypes.end(); tit != tit_end; ++tit)
-		{
-			OperType *ot = *tit;
-			if (ot->GetName().equals_ci(type))
-			{
-				Log() << "Tied oper " << na->nc->display << " to type " << type;
-				na->nc->ot = ot;
-			}
-		}
+		na->nc->o = o;
+		Log() << "Tied oper " << na->nc->display << " to type " << o->ot->GetName();
 	}
+
 	return true;
 }
 
@@ -1295,9 +1299,9 @@ ConfigItems::ConfigItems(ServerConfig *conf)
 			{DT_CHARPTR, DT_CHARPTR, DT_CHARPTR, DT_CHARPTR},
 			InitOperTypes, DoOperType, DoneOperTypes},
 		{"oper",
-			{"name", "type", ""},
-			{"", "", ""},
-			{DT_CHARPTR, DT_CHARPTR},
+			{"name", "type", "password", "certfp", ""},
+			{"", "", "", "", ""},
+			{DT_CHARPTR, DT_CHARPTR, DT_CHARPTR, DT_CHARPTR},
 			InitOpers, DoOper, DoneOpers},
 		{"",
 			{""},
diff --git a/src/memoserv.cpp b/src/memoserv.cpp
index 128694557..9869e4264 100644
--- a/src/memoserv.cpp
+++ b/src/memoserv.cpp
@@ -167,7 +167,7 @@ void memo_send(CommandSource &source, const Anope::string &name, const Anope::st
 	bool ischan, isforbid;
 	MemoInfo *mi;
 	Anope::string sender = u && u->Account() ? u->Account()->display : "";
-	int is_servoper = u && u->Account() && u->Account()->IsServicesOper();
+	bool is_servoper = u != NULL && u->IsServicesOper();
 
 	if (readonly)
 		u->SendMessage(MemoServ, _(MEMO_SEND_DISABLED));
@@ -217,7 +217,7 @@ void memo_send(CommandSource &source, const Anope::string &name, const Anope::st
 	{
 		if (!z || z == 3)
 			source.Reply(_("Memo sent to \002%s\002."), name.c_str());
-		if ((!u->Account() || !u->Account()->IsServicesOper()) && mi->HasIgnore(u))
+		if (!u->IsServicesOper() && mi->HasIgnore(u))
 			return;
 
 		u->lastmemosend = Anope::CurTime;
diff --git a/src/messages.cpp b/src/messages.cpp
index c5ea2f039..192859e6f 100644
--- a/src/messages.cpp
+++ b/src/messages.cpp
@@ -37,15 +37,13 @@ bool OnStats(const Anope::string &source, const std::vector<Anope::string> &para
 				ircdproto->SendNumeric(Config->ServerName, 219, source, "%c :End of /STATS report.", params[0][0]);
 			else
 			{
-				std::list<std::pair<Anope::string, Anope::string> >::iterator it, it_end;
-
-				for (it = Config->Opers.begin(), it_end = Config->Opers.end(); it != it_end; ++it)
+				for (unsigned i = 0; i < Config->Opers.size(); ++i)
 				{
-					Anope::string nick = it->first, type = it->second;
+					Oper *o = Config->Opers[i];
 
-					NickCore *nc = findcore(nick);
-					if (nc)
-						ircdproto->SendNumeric(Config->ServerName, 243, source, "O * * %s %s 0", nick.c_str(), type.c_str());
+					NickAlias *na = findnick(o->name);
+					if (na)
+						ircdproto->SendNumeric(Config->ServerName, 243, source, "O * * %s %s 0", o->name.c_str(), o->ot->GetName().c_str());
 				}
 
 				ircdproto->SendNumeric(Config->ServerName, 219, source, "%c :End of /STATS report.", params[0][0]);
diff --git a/src/nickalias.cpp b/src/nickalias.cpp
index 3c8af1142..06e5f60dd 100644
--- a/src/nickalias.cpp
+++ b/src/nickalias.cpp
@@ -19,24 +19,12 @@ NickAlias::NickAlias(const Anope::string &nickname, NickCore *nickcore) : Flags<
 
 	NickAliasList[this->nick] = this;
 
-	for (std::list<std::pair<Anope::string, Anope::string> >::iterator it = Config->Opers.begin(), it_end = Config->Opers.end(); it != it_end; ++it)
+	if (this->nc->o == NULL)
 	{
-		if (this->nc->ot)
-			break;
-		if (!this->nick.equals_ci(it->first))
-			continue;
-
-		for (std::list<OperType *>::iterator tit = Config->MyOperTypes.begin(), tit_end = Config->MyOperTypes.end(); tit != tit_end; ++tit)
-		{
-			OperType *ot = *tit;
-
-			if (ot->GetName().equals_ci(it->second))
-			{
-				Log() << "Tied oper " << this->nc->display << " to type " << ot->GetName();
-				this->nc->ot = ot;
-				break;
-			}
-		}
+		Oper *o = Oper::Find(this->nick);
+		if (o == NULL)
+			o = Oper::Find(this->nc->display);
+		this->nc->o = o;
 	}
 }
 
diff --git a/src/nickcore.cpp b/src/nickcore.cpp
index e83d46c47..5fdf9c2dd 100644
--- a/src/nickcore.cpp
+++ b/src/nickcore.cpp
@@ -9,7 +9,7 @@ NickCore::NickCore(const Anope::string &coredisplay) : Flags<NickCoreFlag, NI_EN
 	if (coredisplay.empty())
 		throw CoreException("Empty display passed to NickCore constructor");
 
-	this->ot = NULL;
+	this->o = NULL;
 	this->channelcount = 0;
 	this->lastmail = 0;
 	this->memos.memomax = Config->MSMaxMemos;
@@ -65,30 +65,9 @@ NickCore::~NickCore()
 	}
 }
 
-bool NickCore::HasCommand(const Anope::string &cmdstr) const
-{
-	if (!this->ot)
-		// No opertype.
-		return false;
-
-	return this->ot->HasCommand(cmdstr);
-}
-
 bool NickCore::IsServicesOper() const
 {
-	if (this->ot)
-		return true;
-
-	return false;
-}
-
-bool NickCore::HasPriv(const Anope::string &privstr) const
-{
-	if (!this->ot)
-		// No opertype.
-		return false;
-
-	return this->ot->HasPriv(privstr);
+	return this->o != NULL;
 }
 
 void NickCore::AddAccess(const Anope::string &entry)
diff --git a/src/nickserv.cpp b/src/nickserv.cpp
index fb1e52819..0c036f564 100644
--- a/src/nickserv.cpp
+++ b/src/nickserv.cpp
@@ -185,12 +185,14 @@ int validate_user(User *u)
 		u->Collide(na);
 		return 0;
 	}
+
 	if (!u->IsIdentified() && !u->fingerprint.empty() && na->nc->FindCert(u->fingerprint))
 	{
 		u->SendMessage(NickServ, _("SSL Fingerprint accepted, you are now identified"));
 		u->Identify(na);
 		return 1;
 	}
+
 	if (!na->nc->HasFlag(NI_SECURE) && u->IsRecognized())
 	{
 		na->last_seen = Anope::CurTime;
diff --git a/src/opertype.cpp b/src/opertype.cpp
index 19e0dd00f..9d6a4086f 100644
--- a/src/opertype.cpp
+++ b/src/opertype.cpp
@@ -7,6 +7,33 @@
 
 #include "services.h"
 
+
+Oper *Oper::Find(const Anope::string &name)
+{
+	for (unsigned i = 0; i < Config->Opers.size(); ++i)
+	{
+		Oper *o = Config->Opers[i];
+
+		if (o->name.equals_ci(name))
+			return o;
+	}
+
+	return NULL;
+}
+
+OperType *OperType::Find(const Anope::string &name)
+{
+	for (std::list<OperType *>::iterator it = Config->MyOperTypes.begin(), it_end = Config->MyOperTypes.end(); it != it_end; ++it)
+	{
+		OperType *ot = *it;
+
+		if (ot->GetName() == name)
+			return ot;
+	}
+
+	return NULL;
+}
+
 OperType::OperType(const Anope::string &nname) : name(nname)
 {
 }
diff --git a/src/users.cpp b/src/users.cpp
index 4b6e7368e..5e97fee5d 100644
--- a/src/users.cpp
+++ b/src/users.cpp
@@ -462,6 +462,46 @@ bool User::IsRecognized(bool CheckSecure)
 	return OnAccess;
 }
 
+/** Check if the user is a services oper
+ * @return true if they are an oper
+ */
+bool User::IsServicesOper()
+{
+	if (!this->nc || !this->nc->o)
+		// No opertype.
+		return false;
+	else if (!this->nc->o->certfp.empty() && this->fingerprint != this->nc->o->certfp)
+		// Certfp mismatch
+		return false;
+	else if (!this->nc->o->password.empty() && !this->GetExt("os_login_password_correct"))
+		// Not identified
+		return false;
+
+	return true;
+}
+
+/** Check whether this user has access to run the given command string.
+  * @param cmdstr The string to check, e.g. botserv/set/private.
+  * @return True if this user may run the specified command, false otherwise.
+  */
+bool User::HasCommand(const Anope::string &command)
+{
+	if (this->IsServicesOper())
+		return this->nc->o->ot->HasCommand(command);
+	return false;
+}
+
+/** Check whether this user has access to the given special permission.
+  * @param privstr The priv to check for, e.g. users/auspex.
+  * @return True if this user has the specified priv, false otherwise.
+  */
+bool User::HasPriv(const Anope::string &priv)
+{
+	if (this->IsServicesOper())
+		return this->nc->o->ot->HasPriv(priv);
+	return false;
+}
+
 /** Update the last usermask stored for a user, and check to see if they are recognized
  */
 void User::UpdateHost()