View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001742 | Anope Stable (2.0.x series) | General | public | 2020-11-05 12:58 | 2020-11-05 12:58 |
| Reporter | ivp | Assigned To | |||
| Priority | normal | Severity | feature | Reproducibility | have not tried |
| Status | new | Resolution | open | ||
| Summary | 0001742: Provide IP address to m_sql_authentication for SASL authentication | ||||
| Description | m_sql_authentication does not have access to IP address of end user when doing SASL authentication. It is important to have @i@ available in SQL query, to be able to prevent unauthorized access. Patch files are attached. | ||||
| Tags | No tags attached. | ||||
|
|
sasl.patch.txt (496 bytes)
--- old/include/modules/sasl.h 2019-03-31 04:13:04.000000000 +0200
+++ new/include/modules/sasl.h 2020-11-05 11:12:03.836226028 +0100
@@ -82,6 +82,8 @@
public:
IdentifyRequest(Module *m, const Anope::string &id, const Anope::string &acc, const Anope::string &pass, const Anope::string &h, const Anope::string &i) : ::IdentifyRequest(m, acc, pass), uid(id), hostname(h), ip(i) { }
+ const Anope::string GetIP() const { return ip; }
+
void OnSuccess() anope_override
{
if (!sasl)
m_sql_authenticationl.patch.txt (712 bytes)
--- old/modules/extra/m_sql_authentication.cpp 2019-03-31 04:13:04.000000000 +0200
+++ new/modules/extra/m_sql_authentication.cpp 2020-11-05 11:25:05.454577129 +0100
@@ -8,6 +8,8 @@
#include "module.h"
#include "modules/sql.h"
+#include <typeinfo>
+#include "modules/sasl.h"
static Module *me;
@@ -136,8 +138,15 @@
{
q.SetValue("n", "");
q.SetValue("i", "");
- }
+ try {
+ if ( typeid(*req) == typeid(SASL::IdentifyRequest) ) {
+ q.SetValue("i", anope_dynamic_static_cast<SASL::IdentifyRequest *>(req)->GetIP());
+ }
+ } catch (const std::bad_typeid& e) {
+ Log() << "m_sql_authentication: " << e.what();
+ }
+ }
this->SQL->Run(new SQLAuthenticationResult(u, req), q);
|
