summaryrefslogtreecommitdiff
path: root/modules/encryption
diff options
context:
space:
mode:
Diffstat (limited to 'modules/encryption')
-rw-r--r--modules/encryption/CMakeLists.txt1
-rw-r--r--modules/encryption/bcrypt.cpp (renamed from modules/encryption/enc_bcrypt.cpp)69
-rw-r--r--modules/encryption/enc_none.cpp69
-rw-r--r--modules/encryption/md5.cpp (renamed from modules/encryption/enc_md5.cpp)69
-rw-r--r--modules/encryption/none.cpp78
-rw-r--r--modules/encryption/old.cpp (renamed from modules/encryption/enc_old.cpp)68
-rw-r--r--modules/encryption/sha1.cpp (renamed from modules/encryption/enc_sha1.cpp)63
-rw-r--r--modules/encryption/sha256.cpp (renamed from modules/encryption/enc_sha256.cpp)67
8 files changed, 296 insertions, 188 deletions
diff --git a/modules/encryption/CMakeLists.txt b/modules/encryption/CMakeLists.txt
new file mode 100644
index 000000000..cd225a94d
--- /dev/null
+++ b/modules/encryption/CMakeLists.txt
@@ -0,0 +1 @@
+build_modules(${CMAKE_CURRENT_SOURCE_DIR})
diff --git a/modules/encryption/enc_bcrypt.cpp b/modules/encryption/bcrypt.cpp
index a30b925b0..3375e4bee 100644
--- a/modules/encryption/enc_bcrypt.cpp
+++ b/modules/encryption/bcrypt.cpp
@@ -1,11 +1,23 @@
-/* Module for providing bcrypt hashing
+/*
+ * Anope IRC Services
+ *
+ * Copyright (C) 2014-2016 Anope Team <team@anope.org>
*
- * (C) 2003-2016 Anope Team
- * Contact us at team@anope.org
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
*
- * This program is free but copyrighted software; see the file COPYING for
- * details.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
*
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
+ */
+
+/*
* Most of the code in this file is taken from
* http://openwall.com/crypt/crypt_blowfish-1.2.tar.gz
*/
@@ -839,8 +851,11 @@ char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count,
#include "module.h"
#include "modules/encryption.h"
+#include "modules/nickserv.h"
class EBCRYPT : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
{
unsigned int rounds;
@@ -873,8 +888,10 @@ class EBCRYPT : public Module
}
public:
- EBCRYPT(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR),
- rounds(10)
+ EBCRYPT(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ , rounds(10)
{
// Test a pre-calculated hash
bool test = Compare("Test!", "$2a$10$x9AQFAQScY0v9KF2suqkEOepsHFrG.CXHbIXI.1F28SfSUb56A/7K");
@@ -886,28 +903,28 @@ class EBCRYPT : public Module
throw ModuleException("BCrypt could not load!");
}
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
{
dest = "bcrypt:" + Generate(src, Salt());
- Log(LOG_DEBUG_2) << "(enc_bcrypt) hashed password from [" << src << "] to [" << dest << "]";
+ logger.Debug2("hashed password from {0} to {1}", src, dest);
return EVENT_ALLOW;
}
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
{
- const NickAlias *na = NickAlias::Find(req->GetAccount());
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
if (na == NULL)
return;
- NickCore *nc = na->nc;
+ NickServ::Account *nc = na->GetAccount();
- size_t pos = nc->pass.find(':');
+ size_t pos = nc->GetPassword().find(':');
if (pos == Anope::string::npos)
return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
+ Anope::string hash_method(nc->GetPassword().begin(), nc->GetPassword().begin() + pos);
if (hash_method != "bcrypt")
return;
- if (Compare(req->GetPassword(), nc->pass.substr(7)))
+ if (Compare(req->GetPassword(), nc->GetPassword().substr(7)))
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
@@ -916,24 +933,28 @@ class EBCRYPT : public Module
unsigned int hashrounds = 0;
try
{
- size_t roundspos = nc->pass.find('$', 11);
+ size_t roundspos = nc->GetPassword().find('$', 11);
if (roundspos == Anope::string::npos)
throw ConvertException("Could not find hashrounds");
- hashrounds = convertTo<unsigned int>(nc->pass.substr(11, roundspos - 11));
+ hashrounds = convertTo<unsigned int>(nc->GetPassword().substr(11, roundspos - 11));
}
catch (const ConvertException &)
{
- Log(this) << "Could not get the round size of a hash. This is probably a bug. Hash: " << nc->pass;
+ logger.Log("Could not get the round size of a hash. This is probably a bug. Hash: {0}", nc->GetPassword());
}
if (ModuleManager::FindFirstOf(ENCRYPTION) != this || (hashrounds && hashrounds != rounds))
- Anope::Encrypt(req->GetPassword(), nc->pass);
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
req->Success(this);
}
}
- void OnReload(Configuration::Conf *conf) anope_override
+ void OnReload(Configuration::Conf *conf) override
{
Configuration::Block *block = conf->GetModule(this);
rounds = block->Get<unsigned int>("rounds", "10");
@@ -941,20 +962,20 @@ class EBCRYPT : public Module
if (rounds == 0)
{
rounds = 10;
- Log(this) << "Rounds can't be 0! Setting ignored.";
+ logger.Log("Rounds can't be 0! Setting ignored.");
}
else if (rounds < 10)
{
- Log(this) << "10 to 12 rounds is recommended.";
+ logger.Log("10 to 12 rounds is recommended.");
}
else if (rounds >= 32)
{
rounds = 10;
- Log(this) << "The maximum number of rounds supported is 31. Ignoring setting and using 10.";
+ logger.Log("The maximum number of rounds supported is 31. Ignoring setting and using 10.");
}
else if (rounds >= 14)
{
- Log(this) << "Are you sure you want to use " << stringify(rounds) << " in your bcrypt settings? This is very CPU intensive! Recommended rounds is 10-12.";
+ logger.Log("Are you sure you want to use {0} in your bcrypt settings? This is very CPU intensive! Recommended rounds is 10-12.", rounds);
}
}
};
diff --git a/modules/encryption/enc_none.cpp b/modules/encryption/enc_none.cpp
deleted file mode 100644
index 0302316f7..000000000
--- a/modules/encryption/enc_none.cpp
+++ /dev/null
@@ -1,69 +0,0 @@
-/* Module for plain text encryption.
- *
- * (C) 2003-2016 Anope Team
- * Contact us at team@anope.org
- *
- * This program is free but copyrighted software; see the file COPYING for
- * details.
- */
-
-#include "module.h"
-
-class ENone : public Module
-{
- public:
- ENone(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
- {
-
- }
-
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
- {
- Anope::string buf = "plain:";
- Anope::string cpass;
- Anope::B64Encode(src, cpass);
- buf += cpass;
- Log(LOG_DEBUG_2) << "(enc_none) hashed password from [" << src << "] to [" << buf << "]";
- dest = buf;
- return EVENT_ALLOW;
- }
-
- EventReturn OnDecrypt(const Anope::string &hashm, const Anope::string &src, Anope::string &dest) anope_override
- {
- if (!hashm.equals_cs("plain"))
- return EVENT_CONTINUE;
- size_t pos = src.find(':');
- Anope::string buf = src.substr(pos + 1);
- Anope::B64Decode(buf, dest);
- return EVENT_ALLOW;
- }
-
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
- {
- const NickAlias *na = NickAlias::Find(req->GetAccount());
- if (na == NULL)
- return;
- NickCore *nc = na->nc;
-
- size_t pos = nc->pass.find(':');
- if (pos == Anope::string::npos)
- return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
- if (!hash_method.equals_cs("plain"))
- return;
-
- Anope::string buf;
- this->OnEncrypt(req->GetPassword(), buf);
- if (nc->pass.equals_cs(buf))
- {
- /* if we are NOT the first module in the list,
- * we want to re-encrypt the pass with the new encryption
- */
- if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
- Anope::Encrypt(req->GetPassword(), nc->pass);
- req->Success(this);
- }
- }
-};
-
-MODULE_INIT(ENone)
diff --git a/modules/encryption/enc_md5.cpp b/modules/encryption/md5.cpp
index 1dab95f0b..7dd92d92f 100644
--- a/modules/encryption/enc_md5.cpp
+++ b/modules/encryption/md5.cpp
@@ -1,14 +1,26 @@
-/* Module for encryption using MD5.
+/*
+ * Anope IRC Services
*
- * Modified for Anope.
- * (C) 2003-2016 Anope Team
- * Contact us at team@anope.org
+ * Copyright (C) 2006-2016 Anope Team <team@anope.org>
*
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
+ */
+
+/*
* Taken from IRC Services and is copyright (c) 1996-2002 Andrew Church.
* E-mail: <achurch@achurch.org>
* Parts written by Andrew Kempe and others.
- * This program is free but copyrighted software; see the file COPYING for
- * details.
*/
#include "module.h"
@@ -250,7 +262,7 @@ class MD5Context : public Encryption::Context
* operation, processing another message block, and updating the
* context.
*/
- void Update(const unsigned char *input, size_t len) anope_override
+ void Update(const unsigned char *input, size_t len) override
{
unsigned i, index, partLen;
@@ -284,8 +296,8 @@ class MD5Context : public Encryption::Context
/* MD5 finalization. Ends an MD5 message-digest opera
* the message digest and zeroizing the context.
- */
- void Finalize() anope_override
+ */
+ void Finalize() override
{
unsigned char bits[8];
unsigned index, padLen;
@@ -309,7 +321,7 @@ class MD5Context : public Encryption::Context
memset(this->buffer, 0, sizeof(this->buffer));
}
- Encryption::Hash GetFinalizedHash() anope_override
+ Encryption::Hash GetFinalizedHash() override
{
Encryption::Hash hash;
hash.first = this->digest;
@@ -323,12 +335,12 @@ class MD5Provider : public Encryption::Provider
public:
MD5Provider(Module *creator) : Encryption::Provider(creator, "md5") { }
- Encryption::Context *CreateContext(Encryption::IV *iv) anope_override
+ Encryption::Context *CreateContext(Encryption::IV *iv) override
{
return new MD5Context(iv);
}
- Encryption::IV GetDefaultIV() anope_override
+ Encryption::IV GetDefaultIV() override
{
Encryption::IV iv;
iv.first = md5_iv;
@@ -338,17 +350,22 @@ class MD5Provider : public Encryption::Provider
};
class EMD5 : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
{
MD5Provider md5provider;
public:
- EMD5(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR),
- md5provider(this)
+ EMD5(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ , md5provider(this)
{
-
+ if (ModuleManager::FindFirstOf(ENCRYPTION) == this)
+ throw ModuleException("enc_md5 is deprecated and can not be used as a primary encryption method");
}
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
{
MD5Context context;
@@ -359,34 +376,38 @@ class EMD5 : public Module
Anope::string buf = "md5:" + Anope::Hex(reinterpret_cast<const char *>(hash.first), hash.second);
- Log(LOG_DEBUG_2) << "(enc_md5) hashed password from [" << src << "] to [" << buf << "]";
+ logger.Debug2("hashed password from [{0}] to [{1}]", src, buf);
dest = buf;
return EVENT_ALLOW;
}
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
{
- const NickAlias *na = NickAlias::Find(req->GetAccount());
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
if (na == NULL)
return;
- NickCore *nc = na->nc;
+ NickServ::Account *nc = na->GetAccount();
- size_t pos = nc->pass.find(':');
+ size_t pos = nc->GetPassword().find(':');
if (pos == Anope::string::npos)
return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
+ Anope::string hash_method(nc->GetPassword().begin(), nc->GetPassword().begin() + pos);
if (!hash_method.equals_cs("md5"))
return;
Anope::string buf;
this->OnEncrypt(req->GetPassword(), buf);
- if (nc->pass.equals_cs(buf))
+ if (nc->GetPassword().equals_cs(buf))
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
- Anope::Encrypt(req->GetPassword(), nc->pass);
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
req->Success(this);
}
}
diff --git a/modules/encryption/none.cpp b/modules/encryption/none.cpp
new file mode 100644
index 000000000..2e0ae8636
--- /dev/null
+++ b/modules/encryption/none.cpp
@@ -0,0 +1,78 @@
+/*
+ * Anope IRC Services
+ *
+ * Copyright (C) 2006-2016 Anope Team <team@anope.org>
+ *
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
+ */
+
+#include "module.h"
+
+class ENone : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
+{
+ public:
+ ENone(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ {
+ if (ModuleManager::FindFirstOf(ENCRYPTION) == this)
+ throw ModuleException("enc_none is deprecated and can not be used as a primary encryption method");
+ }
+
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
+ {
+ Anope::string buf = "plain:";
+ Anope::string cpass;
+ Anope::B64Encode(src, cpass);
+ buf += cpass;
+ logger.Debug2("hashed password from [{0}] to [{1}]", src, buf);
+ dest = buf;
+ return EVENT_ALLOW;
+ }
+
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
+ {
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
+ if (na == NULL)
+ return;
+ NickServ::Account *nc = na->GetAccount();
+
+ size_t pos = nc->GetPassword().find(':');
+ if (pos == Anope::string::npos)
+ return;
+ Anope::string hash_method(nc->GetPassword().begin(), nc->GetPassword().begin() + pos);
+ if (!hash_method.equals_cs("plain"))
+ return;
+
+ Anope::string buf;
+ this->OnEncrypt(req->GetPassword(), buf);
+ if (nc->GetPassword().equals_cs(buf))
+ {
+ /* if we are NOT the first module in the list,
+ * we want to re-encrypt the pass with the new encryption
+ */
+ if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
+ req->Success(this);
+ }
+ }
+};
+
+MODULE_INIT(ENone)
diff --git a/modules/encryption/enc_old.cpp b/modules/encryption/old.cpp
index 7346132f9..99767aabe 100644
--- a/modules/encryption/enc_old.cpp
+++ b/modules/encryption/old.cpp
@@ -1,32 +1,43 @@
-/* Include file for high-level encryption routines.
+/*
+ * Anope IRC Services
*
- * (C) 2003-2016 Anope Team
- * Contact us at team@anope.org
+ * Copyright (C) 2003-2016 Anope Team <team@anope.org>
*
- * Please read COPYING and README for further details.
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
*
- * Based on the original code of Epona by Lara.
- * Based on the original code of Services by Andy Church.
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
*/
#include "module.h"
#include "modules/encryption.h"
-static ServiceReference<Encryption::Provider> md5("Encryption::Provider", "md5");
-
class OldMD5Provider : public Encryption::Provider
{
+ ServiceReference<Encryption::Provider> md5;
+
public:
- OldMD5Provider(Module *creator) : Encryption::Provider(creator, "oldmd5") { }
+ OldMD5Provider(Module *creator) : Encryption::Provider(creator, "oldmd5")
+ , md5("md5")
+ {
+ }
- Encryption::Context *CreateContext(Encryption::IV *iv) anope_override
+ Encryption::Context *CreateContext(Encryption::IV *iv) override
{
if (md5)
return md5->CreateContext(iv);
return NULL;
}
- Encryption::IV GetDefaultIV() anope_override
+ Encryption::IV GetDefaultIV() override
{
if (md5)
return md5->GetDefaultIV();
@@ -35,15 +46,23 @@ class OldMD5Provider : public Encryption::Provider
};
class EOld : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
{
OldMD5Provider oldmd5provider;
+ ServiceReference<Encryption::Provider> md5;
inline static char XTOI(char c) { return c > 9 ? c - 'A' + 10 : c - '0'; }
public:
- EOld(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR),
- oldmd5provider(this)
+ EOld(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ , oldmd5provider(this)
+ , md5("md5")
{
+ if (ModuleManager::FindFirstOf(ENCRYPTION) == this)
+ throw ModuleException("enc_old is deprecated and can not be used as a primary encryption method");
ModuleManager::LoadModule("enc_md5", User::Find(creator, true));
if (!md5)
@@ -51,7 +70,7 @@ class EOld : public Module
}
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
{
if (!md5)
return EVENT_CONTINUE;
@@ -73,35 +92,40 @@ class EOld : public Module
Anope::string buf = "oldmd5:" + Anope::Hex(digest2, sizeof(digest2));
- Log(LOG_DEBUG_2) << "(enc_old) hashed password from [" << src << "] to [" << buf << "]";
+ logger.Debug2("hashed password from [{0}] to [{1}]", src, buf);
+
dest = buf;
delete context;
return EVENT_ALLOW;
}
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
{
- const NickAlias *na = NickAlias::Find(req->GetAccount());
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
if (na == NULL)
return;
- NickCore *nc = na->nc;
+ NickServ::Account *nc = na->GetAccount();
- size_t pos = nc->pass.find(':');
+ size_t pos = nc->GetPassword().find(':');
if (pos == Anope::string::npos)
return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
+ Anope::string hash_method(nc->GetPassword().begin(), nc->GetPassword().begin() + pos);
if (!hash_method.equals_cs("oldmd5"))
return;
Anope::string buf;
this->OnEncrypt(req->GetPassword(), buf);
- if (nc->pass.equals_cs(buf))
+ if (nc->GetPassword().equals_cs(buf))
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
- Anope::Encrypt(req->GetPassword(), nc->pass);
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
req->Success(this);
}
}
diff --git a/modules/encryption/enc_sha1.cpp b/modules/encryption/sha1.cpp
index b9782bc34..1dcb2dc5e 100644
--- a/modules/encryption/enc_sha1.cpp
+++ b/modules/encryption/sha1.cpp
@@ -1,9 +1,23 @@
/*
+ * Anope IRC Services
*
- * Modified for Anope.
- * (C) 2006-2016 Anope Team
- * Contact us at team@anope.org
+ * Copyright (C) 2006-2016 Anope Team <team@anope.org>
+ *
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
+ */
+/*
SHA-1 in C
By Steve Reid <steve@edmweb.com>
100% Public Domain
@@ -125,7 +139,7 @@ class SHA1Context : public Encryption::Context
memset(this->digest, 0, sizeof(this->digest));
}
- void Update(const unsigned char *data, size_t len) anope_override
+ void Update(const unsigned char *data, size_t len) override
{
uint32_t i, j;
@@ -146,7 +160,7 @@ class SHA1Context : public Encryption::Context
memcpy(&this->buffer[j], &data[i], len - i);
}
- void Finalize() anope_override
+ void Finalize() override
{
uint32_t i;
unsigned char finalcount[8];
@@ -169,7 +183,7 @@ class SHA1Context : public Encryption::Context
this->Transform(this->buffer);
}
- Encryption::Hash GetFinalizedHash() anope_override
+ Encryption::Hash GetFinalizedHash() override
{
Encryption::Hash hash;
hash.first = this->digest;
@@ -183,12 +197,12 @@ class SHA1Provider : public Encryption::Provider
public:
SHA1Provider(Module *creator) : Encryption::Provider(creator, "sha1") { }
- Encryption::Context *CreateContext(Encryption::IV *iv) anope_override
+ Encryption::Context *CreateContext(Encryption::IV *iv) override
{
return new SHA1Context(iv);
}
- Encryption::IV GetDefaultIV() anope_override
+ Encryption::IV GetDefaultIV() override
{
Encryption::IV iv;
iv.first = sha1_iv;
@@ -198,17 +212,22 @@ class SHA1Provider : public Encryption::Provider
};
class ESHA1 : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
{
SHA1Provider sha1provider;
public:
- ESHA1(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR),
- sha1provider(this)
+ ESHA1(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ , sha1provider(this)
{
-
+ if (ModuleManager::FindFirstOf(ENCRYPTION) == this)
+ throw ModuleException("enc_sha1 is deprecated and can not be used as a primary encryption method");
}
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
{
SHA1Context context;
@@ -219,31 +238,35 @@ class ESHA1 : public Module
Anope::string buf = "sha1:" + Anope::Hex(reinterpret_cast<const char *>(hash.first), hash.second);
- Log(LOG_DEBUG_2) << "(enc_sha1) hashed password from [" << src << "] to [" << buf << "]";
+ logger.Debug2("hashed password from [{0}] to [{1}]", src, buf);
dest = buf;
return EVENT_ALLOW;
}
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
{
- const NickAlias *na = NickAlias::Find(req->GetAccount());
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
if (na == NULL)
return;
- NickCore *nc = na->nc;
+ NickServ::Account *nc = na->GetAccount();
- size_t pos = nc->pass.find(':');
+ size_t pos = nc->GetPassword().find(':');
if (pos == Anope::string::npos)
return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
+ Anope::string hash_method(nc->GetPassword().begin(), nc->GetPassword().begin() + pos);
if (!hash_method.equals_cs("sha1"))
return;
Anope::string buf;
this->OnEncrypt(req->GetPassword(), buf);
- if (nc->pass.equals_cs(buf))
+ if (nc->GetPassword().equals_cs(buf))
{
if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
- Anope::Encrypt(req->GetPassword(), nc->pass);
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
req->Success(this);
}
}
diff --git a/modules/encryption/enc_sha256.cpp b/modules/encryption/sha256.cpp
index 4f111da34..8226cb792 100644
--- a/modules/encryption/enc_sha256.cpp
+++ b/modules/encryption/sha256.cpp
@@ -1,18 +1,20 @@
-/* This module generates and compares password hashes using SHA256 algorithms.
+/*
+ * Anope IRC Services
*
- * If an intruder gets access to your system or uses a brute force attack,
- * salt will not provide much value.
- * IMPORTANT: DATA HASHES CANNOT BE "DECRYPTED" BACK TO PLAIN TEXT.
+ * Copyright (C) 2010-2016 Anope Team <team@anope.org>
*
- * Modified for Anope.
- * (C) 2003-2016 Anope Team
- * Contact us at team@anope.org
+ * This file is part of Anope. Anope is free software; you can
+ * redistribute it and/or modify it under the terms of the GNU
+ * General Public License as published by the Free Software
+ * Foundation, version 2.
*
- * Taken from InspIRCd ( www.inspircd.org )
- * see http://wiki.inspircd.org/Credits
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
*
- * This program is free but copyrighted software; see
- * the file COPYING for details.
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see see <http://www.gnu.org/licenses/>.
*/
/* FIPS 180-2 SHA-224/256/384/512 implementation
@@ -55,7 +57,6 @@ static const unsigned SHA256_BLOCK_SIZE = 512 / 8;
inline static uint32_t SHFR(uint32_t x, uint32_t n) { return x >> n; }
inline static uint32_t ROTR(uint32_t x, uint32_t n) { return (x >> n) | (x << ((sizeof(x) << 3) - n)); }
-inline static uint32_t ROTL(uint32_t x, uint32_t n) { return (x << n) | (x >> ((sizeof(x) << 3) - n)); }
inline static uint32_t CH(uint32_t x, uint32_t y, uint32_t z) { return (x & y) ^ (~x & z); }
inline static uint32_t MAJ(uint32_t x, uint32_t y, uint32_t z) { return (x & y) ^ (x & z) ^ (y & z); }
@@ -173,7 +174,7 @@ class SHA256Context : public Encryption::Context
memset(this->digest, 0, sizeof(this->digest));
}
- void Update(const unsigned char *message, size_t mlen) anope_override
+ void Update(const unsigned char *message, size_t mlen) override
{
unsigned tmp_len = SHA256_BLOCK_SIZE - this->len, rem_len = mlen < tmp_len ? mlen : tmp_len;
@@ -195,7 +196,7 @@ class SHA256Context : public Encryption::Context
this->tot_len += (block_nb + 1) << 6;
}
- void Finalize() anope_override
+ void Finalize() override
{
unsigned block_nb = 1 + ((SHA256_BLOCK_SIZE - 9) < (this->len % SHA256_BLOCK_SIZE));
unsigned len_b = (this->tot_len + this->len) << 3;
@@ -208,7 +209,7 @@ class SHA256Context : public Encryption::Context
UNPACK32(this->h[i], &this->digest[i << 2]);
}
- Encryption::Hash GetFinalizedHash() anope_override
+ Encryption::Hash GetFinalizedHash() override
{
Encryption::Hash hash;
hash.first = this->digest;
@@ -222,12 +223,12 @@ class SHA256Provider : public Encryption::Provider
public:
SHA256Provider(Module *creator) : Encryption::Provider(creator, "sha256") { }
- Encryption::Context *CreateContext(Encryption::IV *iv) anope_override
+ Encryption::Context *CreateContext(Encryption::IV *iv) override
{
return new SHA256Context(iv);
}
- Encryption::IV GetDefaultIV() anope_override
+ Encryption::IV GetDefaultIV() override
{
Encryption::IV iv;
iv.first = sha256_h0;
@@ -237,6 +238,8 @@ class SHA256Provider : public Encryption::Provider
};
class ESHA256 : public Module
+ , public EventHook<Event::Encrypt>
+ , public EventHook<Event::CheckAuthentication>
{
SHA256Provider sha256provider;
@@ -273,15 +276,17 @@ class ESHA256 : public Module
}
public:
- ESHA256(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR),
- sha256provider(this)
+ ESHA256(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, ENCRYPTION | VENDOR)
+ , EventHook<Event::Encrypt>(this)
+ , EventHook<Event::CheckAuthentication>(this)
+ , sha256provider(this)
{
use_iv = false;
}
- EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) anope_override
+ EventReturn OnEncrypt(const Anope::string &src, Anope::string &dest) override
{
if (!use_iv)
NewRandomIV();
@@ -297,36 +302,40 @@ class ESHA256 : public Module
std::stringstream buf;
buf << "sha256:" << Anope::Hex(reinterpret_cast<const char *>(hash.first), hash.second) << ":" << GetIVString();
- Log(LOG_DEBUG_2) << "(enc_sha256) hashed password from [" << src << "] to [" << buf.str() << " ]";
+ logger.Debug2("hashed password from [{0}] to [{1}]", src, buf.str());
dest = buf.str();
return EVENT_ALLOW;
}
- void OnCheckAuthentication(User *, IdentifyRequest *req) anope_override
+ void OnCheckAuthentication(User *, NickServ::IdentifyRequest *req) override
{
- const NickAlias *na = NickAlias::Find(req->GetAccount());
+ NickServ::Nick *na = NickServ::FindNick(req->GetAccount());
if (na == NULL)
return;
- NickCore *nc = na->nc;
+ NickServ::Account *nc = na->GetAccount();
- size_t pos = nc->pass.find(':');
+ size_t pos = nc->GetPassword().find(':');
if (pos == Anope::string::npos)
return;
- Anope::string hash_method(nc->pass.begin(), nc->pass.begin() + pos);
+ Anope::string hash_method(nc->GetPassword().substr(0, pos));
if (!hash_method.equals_cs("sha256"))
return;
- GetIVFromPass(nc->pass);
+ GetIVFromPass(nc->GetPassword());
use_iv = true;
Anope::string buf;
this->OnEncrypt(req->GetPassword(), buf);
- if (nc->pass.equals_cs(buf))
+ if (nc->GetPassword().equals_cs(buf))
{
/* if we are NOT the first module in the list,
* we want to re-encrypt the pass with the new encryption
*/
if (ModuleManager::FindFirstOf(ENCRYPTION) != this)
- Anope::Encrypt(req->GetPassword(), nc->pass);
+ {
+ Anope::string p;
+ Anope::Encrypt(req->GetPassword(), p);
+ nc->SetPassword(p);
+ }
req->Success(this);
}
}
generated by cgit (git 2.34.1) at 2025-06-20 02:27:22 +0000