/* * Set the expected credentials, and returns 1 if authentication is needed, * or 0 if not. * If the hub is configured to allow only registered users and the user * is not recognized this will return 1. */ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct adc_message* cmd) { int ret = 0; struct auth_info* info = acl_get_access_info(hub, user->id.nick); if (info) { user->credentials = info->credentials; ret = 1; } else { user->credentials = auth_cred_guest; } hub_free(info); switch (user->credentials) { case auth_cred_none: break; case auth_cred_bot: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT); break; case auth_cred_guest: /* Nothing to be added to the info message */ break; case auth_cred_user: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_REGISTERED_USER); break; case auth_cred_operator: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_OPERATOR); break; case auth_cred_super: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_SUPER_USER); break; case auth_cred_admin: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_ADMIN); break; case auth_cred_link: break; } return ret; }
int acl_password_verify(struct hub_info* hub, struct hub_user* user, const char* password) { char buf[1024]; struct auth_info* access; const char* challenge; char raw_challenge[64]; char password_calc[64]; uint64_t tiger_res[3]; size_t password_len; if (!password || !user || strlen(password) != MAX_CID_LEN) return 0; access = acl_get_access_info(hub, user->id.nick); if (!access) return 0; challenge = acl_password_generate_challenge(hub, user); base32_decode(challenge, (unsigned char*) raw_challenge, MAX_CID_LEN); password_len = strlen(access->password); memcpy(&buf[0], access->password, password_len); memcpy(&buf[password_len], raw_challenge, TIGERSIZE); tiger((uint64_t*) buf, TIGERSIZE+password_len, (uint64_t*) tiger_res); base32_encode((unsigned char*) tiger_res, TIGERSIZE, password_calc); password_calc[MAX_CID_LEN] = 0; #ifdef PLUGIN_SUPPORT hub_free(access); #endif if (strcasecmp(password, password_calc) == 0) { return 1; } return 0; }