9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sasl: first attempt at ircv3.1 AUTHENTICATE EXTERNAL support

Browse source
This commit is contained in:
William Pitcock 2011-03-31 00:35:58 -05:00
parent d8c45202e3
commit 27126f911d
2 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/client.h
View file

@ -292,6 +292,7 @@ struct PreClient
char sasl_agent[IDLEN]; char sasl_agent[IDLEN];
unsigned char sasl_out; unsigned char sasl_out;
unsigned char sasl_complete; unsigned char sasl_complete;
unsigned char sasl_external;
rb_dlink_list dnsbl_queries; /* list of struct BlacklistClient * */ rb_dlink_list dnsbl_queries; /* list of struct BlacklistClient * */
struct Blacklist *dnsbl_listed; /* first dnsbl where it's listed */ struct Blacklist *dnsbl_listed; /* first dnsbl where it's listed */

26
modules/m_sasl.c
View file

@ -1,6 +1,6 @@
/* modules/m_sasl.c /* modules/m_sasl.c
* Copyright (C) 2006 Michael Tharp <gxti@partiallystapled.com> * Copyright (C) 2006 Michael Tharp <gxti@partiallystapled.com>
* Copyright (C) 2006 charybdis development team * Copyright (C) 2006, 2011 charybdis development team
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are * modification, are permitted provided that the following conditions are
@ -67,6 +67,10 @@ mapi_hfn_list_av1 sasl_hfnlist[] = {
DECLARE_MODULE_AV1(sasl, NULL, NULL, sasl_clist, NULL, sasl_hfnlist, "$Revision: 1409 $"); DECLARE_MODULE_AV1(sasl, NULL, NULL, sasl_clist, NULL, sasl_hfnlist, "$Revision: 1409 $");
/*
* parv[1] = mechanism.
* in ircv3.1, if this is EXTERNAL, we just send the certificate fingerprint.
*/
static int static int
mr_authenticate(struct Client *client_p, struct Client *source_p, mr_authenticate(struct Client *client_p, struct Client *source_p,
int parc, const char *parv[]) int parc, const char *parv[])
@ -100,8 +104,16 @@ mr_authenticate(struct Client *client_p, struct Client *source_p,
agent_p = find_id(source_p->preClient->sasl_agent); agent_p = find_id(source_p->preClient->sasl_agent);
if(agent_p == NULL) if(agent_p == NULL)
{
if (!strcasecmp(parv[1], "EXTERNAL"))
{
if (source_p->certfp)
source_p->preClient->sasl_external++;
}
sendto_server(NULL, NULL, CAP_TS6|CAP_ENCAP, NOCAPS, ":%s ENCAP * SASL %s * S %s", me.id, sendto_server(NULL, NULL, CAP_TS6|CAP_ENCAP, NOCAPS, ":%s ENCAP * SASL %s * S %s", me.id,
source_p->id, parv[1]); source_p->id, parv[1]);
}
else else
sendto_one(agent_p, ":%s ENCAP %s SASL %s %s C %s", me.id, agent_p->servptr->name, sendto_one(agent_p, ":%s ENCAP %s SASL %s %s C %s", me.id, agent_p->servptr->name,
source_p->id, agent_p->id, parv[1]); source_p->id, agent_p->id, parv[1]);
@ -147,8 +159,18 @@ me_sasl(struct Client *client_p, struct Client *source_p,
else if(!*target_p->preClient->sasl_agent) else if(!*target_p->preClient->sasl_agent)
rb_strlcpy(target_p->preClient->sasl_agent, parv[1], IDLEN); rb_strlcpy(target_p->preClient->sasl_agent, parv[1], IDLEN);
if(*parv[3] == 'C') if(*parv[3] == 'C' && !target_p->preClient->sasl_external)
sendto_one(target_p, "AUTHENTICATE %s", parv[4]); sendto_one(target_p, "AUTHENTICATE %s", parv[4]);
else if(*parv[3] == 'C' && *target_p->preClient->sasl_agent)
{
unsigned char *message;
message = rb_base64_encode((unsigned char *) target_p->certfp, strlen(target_p->certfp));
sendto_one(agent_p, ":%s ENCAP %s SASL %s %s C %s", me.id, agent_p->servptr->name,
source_p->id, agent_p->id, message);
rb_free(message);
}
else if(*parv[3] == 'D') else if(*parv[3] == 'D')
{ {
if(*parv[4] == 'F') if(*parv[4] == 'F')