static bool param_more(uint8_t seq, uint8_t limit, const uint8_t *payload)
{
switch (limit-seq) {
default:
hash_merge(payload, PAYLOAD);
break;
case 1:
hash_end();
failed = !hash_eq(payload, PAYLOAD, 0);
break;
case 0:
if (!hash_eq(payload, PAYLOAD, PAYLOAD))
failed = 1;
if (failed)
return 0;
new_params();
break;
}
return 1;
}
static int on_d2cs_accountloginreq(t_connection * c, t_packet const * packet)
{
unsigned int sessionkey;
unsigned int sessionnum;
unsigned int salt;
char const * account;
char const * tname;
t_connection * client;
int reply;
t_packet * rpacket;
struct
{
bn_int salt;
bn_int sessionkey;
bn_int sessionnum;
bn_int secret;
bn_int passhash[5];
} temp;
t_hash secret_hash;
char const * pass_str;
t_hash passhash;
t_hash try_hash;
if (packet_get_size(packet)<sizeof(t_d2cs_bnetd_accountloginreq)) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","got bad packet size");
return -1;
}
if (!(account=packet_get_str_const(packet,sizeof(t_d2cs_bnetd_accountloginreq),USER_NAME_MAX))) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","got bad account name");
return -1;
}
sessionkey=bn_int_get(packet->u.d2cs_bnetd_accountloginreq.sessionkey);
sessionnum=bn_int_get(packet->u.d2cs_bnetd_accountloginreq.sessionnum);
salt=bn_int_get(packet->u.d2cs_bnetd_accountloginreq.seqno);
if (!(client=connlist_find_connection_by_sessionnum(sessionnum))) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","sessionnum %d not found",sessionnum);
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
} else if (sessionkey!=conn_get_sessionkey(client)) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","sessionkey %d not match",sessionkey);
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
} else if (!(tname=conn_get_username(client))) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","got NULL username");
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
} else if (strcasecmp(account,tname)) {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","username %s not match",account);
conn_unget_username(client,tname);
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
} else {
conn_unget_username(client,tname);
bn_int_set(&temp.salt,salt);
bn_int_set(&temp.sessionkey,sessionkey);
bn_int_set(&temp.sessionnum,sessionnum);
bn_int_set(&temp.secret,conn_get_secret(client));
pass_str=account_get_pass(conn_get_account(client));
if (hash_set_str(&passhash,pass_str)<0) {
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
} else {
hash_to_bnhash((t_hash const *)&passhash,temp.passhash);
bnet_hash(&secret_hash,sizeof(temp),&temp);
bnhash_to_hash(packet->u.d2cs_bnetd_accountloginreq.secret_hash,&try_hash);
if (hash_eq(try_hash,secret_hash)==1) {
eventlog(eventlog_level_debug,"on_d2cs_accountloginreq","user %s loggedin on d2cs",\
account);
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_SUCCEED;
} else {
eventlog(eventlog_level_error,"on_d2cs_accountloginreq","user %s hash not match",\
account);
reply=BNETD_D2CS_ACCOUNTLOGINREPLY_FAILED;
}
}
account_unget_pass(pass_str);
}
if ((rpacket=packet_create(packet_class_d2cs_bnetd))) {
packet_set_size(rpacket,sizeof(t_bnetd_d2cs_accountloginreply));
packet_set_type(rpacket,BNETD_D2CS_ACCOUNTLOGINREPLY);
bn_int_set(&rpacket->u.bnetd_d2cs_accountloginreply.h.seqno,\
bn_int_get(packet->u.d2cs_bnetd_accountloginreq.h.seqno));
bn_int_set(&rpacket->u.bnetd_d2cs_accountloginreply.reply,reply);
queue_push_packet(conn_get_out_queue(c),rpacket);
packet_del_ref(rpacket);
}
return 0;
}
extern int handle_bot_packet(t_connection * c, t_packet const * const packet)
{
t_packet * rpacket;
if (!c)
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] got NULL connection",conn_get_socket(c));
return -1;
}
if (!packet)
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] got NULL packet",conn_get_socket(c));
return -1;
}
if (packet_get_class(packet)!=packet_class_raw)
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] got bad packet (class %d)",conn_get_socket(c),(int)packet_get_class(packet));
return -1;
}
{
char const * const linestr=packet_get_str_const(packet,0,MAX_MESSAGE_LEN);
if (packet_get_size(packet)<2) /* empty line */
return 0;
if (!linestr)
{
eventlog(eventlog_level_warn,__FUNCTION__,"[%d] line too long",conn_get_socket(c));
return 0;
}
switch (conn_get_state(c))
{
case conn_state_connected:
conn_add_flags(c,MF_PLUG);
conn_set_clienttag(c,CLIENTTAG_BNCHATBOT_UINT);
{
char const * temp=linestr;
if (temp[0]=='\004') /* FIXME: no echo, ignore for now (we always do no echo) */
temp = &temp[1];
if (temp[0]=='\0') /* empty line */
{
conn_set_state(c,conn_state_bot_username); /* don't look for ^D or reset tag and flags */
break;
}
conn_set_state(c,conn_state_bot_password);
if (conn_set_loggeduser(c,temp)<0)
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not set username to \"%s\"",conn_get_socket(c),temp);
{
char const * const msg="\r\nPassword: "******"[%d] could not create rpacket",conn_get_socket(c));
break;
}
#if 1 /* don't echo */
packet_append_ntstring(rpacket,conn_get_loggeduser(c));
#endif
packet_append_ntstring(rpacket,msg);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
}
}
break;
case conn_state_bot_username:
conn_set_state(c,conn_state_bot_password);
if (conn_set_loggeduser(c,linestr)<0)
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not set username to \"%s\"",conn_get_socket(c),linestr);
{
char const * const temp="\r\nPassword: "******"[%d] could not create rpacket",conn_get_socket(c));
break;
}
#if 1 /* don't echo */
packet_append_ntstring(rpacket,linestr);
#endif
packet_append_ntstring(rpacket,temp);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
}
break;
case conn_state_bot_password:
{
char const * const tempa="\r\nLogin failed.\r\n\r\nUsername: "******"\r\nAccount has no bot access.\r\n\r\nUsername: "******"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
if (connlist_find_connection_by_accountname(loggeduser))
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (already logged in)",conn_get_socket(c),loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
if (!(account = accountlist_find_account(loggeduser)))
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (bad account)",conn_get_socket(c),loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
if ((oldstrhash1 = account_get_pass(account)))
{
if (hash_set_str(&oldpasshash1,oldstrhash1)<0)
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (corrupted passhash1?)",conn_get_socket(c),loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
testpass = xstrdup(linestr);
{
unsigned int i;
for (i=0; i<strlen(testpass); i++)
if (isupper((int)testpass[i]))
testpass[i] = tolower((int)testpass[i]);
}
if (bnet_hash(&trypasshash1,strlen(testpass),testpass)<0) /* FIXME: force to lowercase */
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (unable to hash password)",conn_get_socket(c), loggeduser);
conn_set_state(c,conn_state_bot_username);
xfree((void *)testpass);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
xfree((void *)testpass);
if (hash_eq(trypasshash1,oldpasshash1)!=1)
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (wrong password)",conn_get_socket(c), loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempa);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
if (account_get_auth_botlogin(account)!=1) /* default to false */
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (no bot access)",conn_get_socket(c), loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempb);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
else if (account_get_auth_lock(account)==1) /* default to false */
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] bot login for \"%s\" refused (this account is locked)",conn_get_socket(c), loggeduser);
conn_set_state(c,conn_state_bot_username);
if (!(rpacket = packet_create(packet_class_raw)))
{
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
break;
}
packet_append_ntstring(rpacket,tempb);
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
break;
}
eventlog(eventlog_level_info,__FUNCTION__,"[%d] \"%s\" bot logged in (correct password)",conn_get_socket(c), loggeduser);
}
else
{
eventlog(eventlog_level_info,__FUNCTION__,"[%d] \"%s\" bot logged in (no password)",conn_get_socket(c), loggeduser);
}
if (!(rpacket = packet_create(packet_class_raw))) /* if we got this far, let them log in even if this fails */
eventlog(eventlog_level_error,__FUNCTION__,"[%d] could not create rpacket",conn_get_socket(c));
else
{
packet_append_ntstring(rpacket,"\r\n");
conn_push_outqueue(c,rpacket);
packet_del_ref(rpacket);
}
bnetd_log(loggeduser, addr_num_to_ip_str(conn_get_addr(c)), "BOT", "LOGIN", NULL, 1, 0);
conn_login(c,account,loggeduser);
message_send_text(c,message_type_uniqueid,c,loggeduser);
if (conn_set_channel(c,CHANNEL_NAME_CHAT)<0)
conn_set_channel(c,CHANNEL_NAME_BANNED); /* should not fail */
}
break;
case conn_state_loggedin:
{
t_channel const * channel;
conn_set_idletime(c);
if ((channel = conn_get_channel(c)))
channel_message_log(channel,c,1,linestr);
/* we don't log game commands currently */
if (linestr[0]=='/')
handle_command(c,linestr);
else
if (channel && !conn_quota_exceeded(c,linestr))
channel_message_send(channel,message_type_talk,c,linestr);
/* else discard */
}
break;
default:
eventlog(eventlog_level_error,__FUNCTION__,"[%d] unknown bot connection state %d",conn_get_socket(c),(int)conn_get_state(c));
}
}
return 0;
}
extern int irc_authenticate(t_connection * conn, char const * passhash)
{
t_hash h1;
t_hash h2;
t_account * a;
char const * temphash;
char const * username;
char const * tempapgar;
if (!conn) {
eventlog(eventlog_level_error,__FUNCTION__,"got NULL connection");
return 0;
}
if (!passhash) {
eventlog(eventlog_level_error,__FUNCTION__,"got NULL passhash");
return 0;
}
username = conn_get_loggeduser(conn);
if (!username) {
/* redundant sanity check */
eventlog(eventlog_level_error,__FUNCTION__,"got NULL conn->protocol.loggeduser");
return 0;
}
a = accountlist_find_account(username);
if (!a) {
irc_send_cmd(conn,"NOTICE",":Authentication failed."); /* user does not exist */
return 0;
}
if (connlist_find_connection_by_account(a) && prefs_get_kick_old_login()==0) {
irc_send_cmd(conn,"NOTICE",":Authentication rejected (already logged in) ");
}
else if (account_get_auth_lock(a)==1) {
irc_send_cmd(conn,"NOTICE",":Authentication rejected (account is locked) ");
}
else
{
if((conn_get_wol(conn) == 1)) {
temphash = account_get_wol_apgar(a);
tempapgar = conn_wol_get_apgar(conn);
if(temphash == NULL) {
account_set_wol_apgar(a,tempapgar);
temphash = account_get_wol_apgar(a);
}
if(tempapgar == NULL) {
irc_send_cmd(conn,"NOTICE",":Authentication failed."); /* bad APGAR */
conn_increment_passfail_count(conn);
return 0;
}
if(strcmp(temphash,tempapgar) == 0) {
bnetd_log(username, addr_num_to_ip_str(conn_get_addr(conn)), "IRC", "LOGIN", NULL, 1, 0);
conn_login(conn,a,username);
conn_set_state(conn,conn_state_loggedin);
conn_set_clienttag(conn,CLIENTTAG_WWOL_UINT); /* WWOL hope here is ok */
return 1;
}
else {
conn_increment_passfail_count(conn);
return 0;
}
}
hash_set_str(&h1,passhash);
temphash = account_get_pass(a);
hash_set_str(&h2,temphash);
if (hash_eq(h1,h2)) {
bnetd_log(username, addr_num_to_ip_str(conn_get_addr(conn)), "IRC", "LOGIN", NULL, 1, 0);
conn_login(conn,a,username);
conn_set_state(conn,conn_state_loggedin);
conn_set_clienttag(conn,CLIENTTAG_IIRC_UINT); /* IIRC hope here is ok */
irc_send_cmd(conn,"NOTICE",":Authentication successful. You are now logged in.");
return 1;
} else {
irc_send_cmd(conn,"NOTICE",":Authentication failed."); /* wrong password */
conn_increment_passfail_count(conn);
}
}
return 0;
}