X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Firc-login.c;h=bf3254c985807e62ff24232e46ab1f6babc32752;hp=53069f00ff24c7e749db0e18a53f0d65ccbfc1d4;hb=edfcc2f9d5b796fd30f60138591e4f96d54cfcf6;hpb=ee362b3bd2e31db4cb6b7832ca01e64a643f9b96

diff --git a/src/ngircd/irc-login.c b/src/ngircd/irc-login.c
index 53069f00..bf3254c9 100644
--- a/src/ngircd/irc-login.c
+++ b/src/ngircd/irc-login.c
@@ -18,22 +18,16 @@
 
 #include "imp.h"
 #include <assert.h>
-#include <stdio.h>
 #include <stdlib.h>
-#include <string.h>
 #include <strings.h>
-#include <signal.h>
-#include <unistd.h>
 
-#include "ngircd.h"
 #include "conn-func.h"
 #include "class.h"
 #include "conf.h"
 #include "channel.h"
-#include "io.h"
 #include "log.h"
+#include "login.h"
 #include "messages.h"
-#include "pam.h"
 #include "parse.h"
 #include "irc.h"
 #include "irc-info.h"
@@ -42,13 +36,7 @@
 #include "exp.h"
 #include "irc-login.h"
 
-
-static bool Hello_User PARAMS(( CLIENT *Client ));
-static bool Hello_User_PostAuth PARAMS(( CLIENT *Client ));
 static void Kill_Nick PARAMS(( char *Nick, char *Reason ));
-#ifdef PAM
-static void cb_Read_Auth_Result PARAMS((int r_fd, UNUSED short events));
-#endif
 
 /**
  * Handler for the IRC "PASS" command.
@@ -280,7 +268,7 @@ IRC_NICK( CLIENT *Client, REQUEST *Req )
 			/* If we received a valid USER command already then
 			 * register the new client! */
 			if( Client_Type( Client ) == CLIENT_GOTUSER )
-				return Hello_User( Client );
+				return Login_User( Client );
 			else
 				Client_SetType( Client, CLIENT_GOTNICK );
 		} else {
@@ -452,7 +440,7 @@ IRC_USER(CLIENT * Client, REQUEST * Req)
 		LogDebug("Connection %d: got valid USER command ...",
 		    Client_Conn(Client));
 		if (Client_Type(Client) == CLIENT_GOTNICK)
-			return Hello_User(Client);
+			return Login_User(Client);
 		else
 			Client_SetType(Client, CLIENT_GOTUSER);
 		return CONNECTED;
@@ -875,7 +863,7 @@ IRC_PONG(CLIENT *Client, REQUEST *Req)
 		if (auth_ping == atoi(Req->argv[0])) {
 			Conn_SetAuthPing(conn, 0);
 			if (Client_Type(Client) == CLIENT_WAITAUTHPING)
-				Hello_User(Client);
+				Login_User(Client);
 		} else
 			if (!IRC_WriteStrClient(Client,
 					"To connect, type /QUOTE PONG %ld",
@@ -898,196 +886,6 @@ IRC_PONG(CLIENT *Client, REQUEST *Req)
 } /* IRC_PONG */
 
 
-/**
- * Initiate client registration.
- *
- * This function is called after the daemon received the required NICK and
- * USER commands of a new client. If the daemon is compiled with support for
- * PAM, the authentication sub-processs is forked; otherwise the global server
- * password is checked.
- *
- * @param Client	The client logging in.
- * @returns		CONNECTED or DISCONNECTED.
- */
-static bool
-Hello_User(CLIENT * Client)
-{
-#ifdef PAM
-	int pipefd[2], result;
-	pid_t pid;
-#endif
-	CONN_ID conn;
-
-	assert(Client != NULL);
-	conn = Client_Conn(Client);
-
-#ifndef STRICT_RFC
-	if (Conf_AuthPing) {
-		/* Did we receive the "auth PONG" already? */
-		if (Conn_GetAuthPing(conn)) {
-			Client_SetType(Client, CLIENT_WAITAUTHPING);
-			LogDebug("Connection %d: Waiting for AUTH PONG ...", conn);
-			return CONNECTED;
-		}
-	}
-#endif
-
-#ifdef PAM
-	if (!Conf_PAM) {
-		/* Don't do any PAM authentication at all, instead emulate
-		 * the beahiour of the daemon compiled without PAM support:
-		 * because there can't be any "server password", all
-		 * passwords supplied are classified as "wrong". */
-		if(Client_Password(Client)[0] == '\0')
-			return Hello_User_PostAuth(Client);
-		Client_Reject(Client, "Non-empty password", false);
-		return DISCONNECTED;
-	}
-
-	if (Conf_PAMIsOptional && strcmp(Client_Password(Client), "") == 0) {
-		/* Clients are not required to send a password and to be PAM-
-		 * authenticated at all. If not, they won't become "identified"
-		 * and keep the "~" in their supplied user name.
-		 * Therefore it is sensible to either set Conf_PAMisOptional or
-		 * to enable IDENT lookups -- not both. */
-		return Hello_User_PostAuth(Client);
-	}
-
-	/* Fork child process for PAM authentication; and make sure that the
-	 * process timeout is set higher than the login timeout! */
-	pid = Proc_Fork(Conn_GetProcStat(conn), pipefd,
-			cb_Read_Auth_Result, Conf_PongTimeout + 1);
-	if (pid > 0) {
-		LogDebug("Authenticator for connection %d created (PID %d).",
-			 conn, pid);
-		return CONNECTED;
-	} else {
-		/* Sub process */
-		Log_Init_Subprocess("Auth");
-		Conn_CloseAllSockets(NONE);
-		result = PAM_Authenticate(Client);
-		if (write(pipefd[1], &result, sizeof(result)) != sizeof(result))
-			Log_Subprocess(LOG_ERR,
-				       "Failed to pipe result to parent!");
-		Log_Exit_Subprocess("Auth");
-		exit(0);
-	}
-#else
-	/* Check global server password ... */
-	if (strcmp(Client_Password(Client), Conf_ServerPwd) != 0) {
-		/* Bad password! */
-		Client_Reject(Client, "Bad server password", false);
-		return DISCONNECTED;
-	}
-	return Hello_User_PostAuth(Client);
-#endif
-}
-
-
-#ifdef PAM
-
-/**
- * Read result of the authenticatior sub-process from pipe
- *
- * @param r_fd		File descriptor of the pipe.
- * @param events	(ignored IO specification)
- */
-static void
-cb_Read_Auth_Result(int r_fd, UNUSED short events)
-{
-	CONN_ID conn;
-	CLIENT *client;
-	int result;
-	size_t len;
-	PROC_STAT *proc;
-
-	LogDebug("Auth: Got callback on fd %d, events %d", r_fd, events);
-	conn = Conn_GetFromProc(r_fd);
-	if (conn == NONE) {
-		/* Ops, none found? Probably the connection has already
-		 * been closed!? We'll ignore that ... */
-		io_close(r_fd);
-		LogDebug("Auth: Got callback for unknown connection!?");
-		return;
-	}
-	proc = Conn_GetProcStat(conn);
-	client = Conn_GetClient(conn);
-
-	/* Read result from pipe */
-	len = Proc_Read(proc, &result, sizeof(result));
-	Proc_Close(proc);
-	if (len == 0)
-		return;
-
-	if (len != sizeof(result)) {
-		Log(LOG_CRIT, "Auth: Got malformed result!");
-		Client_Reject(client, "Internal error", false);
-		return;
-	}
-
-	if (result == true) {
-		Client_SetUser(client, Client_OrigUser(client), true);
-		(void)Hello_User_PostAuth(client);
-	} else
-		Client_Reject(client, "Bad password", false);
-}
-
-#endif
-
-
-/**
- * Finish client registration.
- *
- * Introduce the new client to the network and send all "hello messages"
- * to it after authentication has been succeeded.
- *
- * @param Client	The client logging in.
- * @returns		CONNECTED or DISCONNECTED.
- */
-static bool
-Hello_User_PostAuth(CLIENT *Client)
-{
-	assert(Client != NULL);
-
-	if (Class_HandleServerBans(Client) != CONNECTED)
-		return DISCONNECTED;
-
-	Client_Introduce(NULL, Client, CLIENT_USER);
-
-	if (!IRC_WriteStrClient
-	    (Client, RPL_WELCOME_MSG, Client_ID(Client), Client_Mask(Client)))
-		return false;
-	if (!IRC_WriteStrClient
-	    (Client, RPL_YOURHOST_MSG, Client_ID(Client),
-	     Client_ID(Client_ThisServer()), PACKAGE_VERSION, TARGET_CPU,
-	     TARGET_VENDOR, TARGET_OS))
-		return false;
-	if (!IRC_WriteStrClient
-	    (Client, RPL_CREATED_MSG, Client_ID(Client), NGIRCd_StartStr))
-		return false;
-	if (!IRC_WriteStrClient
-	    (Client, RPL_MYINFO_MSG, Client_ID(Client),
-	     Client_ID(Client_ThisServer()), PACKAGE_VERSION, USERMODES,
-	     CHANMODES))
-		return false;
-
-	/* Features supported by this server (005 numeric, ISUPPORT),
-	 * see <http://www.irc.org/tech_docs/005.html> for details. */
-	if (!IRC_Send_ISUPPORT(Client))
-		return DISCONNECTED;
-
-	if (!IRC_Send_LUSERS(Client))
-		return DISCONNECTED;
-	if (!IRC_Show_MOTD(Client))
-		return DISCONNECTED;
-
-	/* Suspend the client for a second ... */
-	IRC_SetPenalty(Client, 1);
-
-	return CONNECTED;
-}
-
-
 /**
  * Kill all users with a specific nick name in the network.
  *