# This program is free software; you can redistribute it and/or# modify it und

1. # This program is free software; you can redistribute it and/or
2. # modify it under the terms of the GNU General Public License
3. # as published by the Free Software Foundation; either version 2
4. # of the License, or (at your option) any later version.
5. #
6. # This program is distributed in the hope that it will be useful,
7. # but WITHOUT ANY WARRANTY; without even the implied warranty of
8. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9. # GNU General Public License for more details.
10. #
11. # You should have received a copy of the GNU General Public License
12. # along with this program; if not, write to the Free Software
13. # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
14.  
15. #
16. # binds
17. #
18. internalbind command auth:commands
19. internalbind svrlogon auth:logon
20.  
21. #
22. # checks /ison reply for 'NickServ'
23. #
24. proc auth:ison {client params} {
25. if {[string equal -nocase [lindex $params 3] "NickServ"]} {
26. set [getns]::sbnc_nickserv 1
27. killtimer [timerexists [list sbnc:multi:command [list "internalunbind server auth:server NOTICE $client" "internalunbind server auth:server PRIVMSG $client"]]]
28. internalunbind server auth:ison 303 $client
29. haltoutput
30. }
31. }
32.  
33. #
34. # cleans up
35. #
36. proc auth:cleanup {client} {
37. internalunbind server auth:server NOTICE $client
38. internalunbind server auth:server PRIVMSG $client
39. internalunbind server auth:ison 303 $client
40. killtimer [timerexists [list internalunbind server auth:server NOTICE $client]]
41. killtimer [timerexists [list sbnc:multi:command [list "internalunbind server auth:server NOTICE $client" "internalunbind server auth:server PRIVMSG $client"]]]
42. killtimer [timerexists [list internalunbind server auth:ison 303 $client]]
43. }
44.  
45. #
46. # sends login data after connecting to a server.
47. #
48. proc auth:logon {client} {
49. auth:cleanup $client
50. if {[info exists [getns]::sbnc_nickserv]} {
51. unset [getns]::sbnc_nickserv
52. }
53. set authuser [getbncuser $client tag authuser]
54. set authpass [getbncuser $client tag authpass]
55. set auth [getbncuser $client tag auth]
56. switch -- [string tolower [getisupport network]] {
57. "quakenet" {
58. if {$authuser != "" && $authpass != "" && [string equal -nocase $auth "on"]} {
59. if {![llength $::qauth_supported_algorithms]} {
60. putquick "PRIVMSG Q@CServe.QuakeNet.Org :AUTH $authuser $authpass"
61.  
62. } else {
63. internalbind server auth:server NOTICE $client
64. putquick "PRIVMSG Q@CServe.QuakeNet.Org :CHALLENGE"
65. timer 2 [list internalunbind server auth:server NOTICE $client]
66. }
67. }
68. }
69. "GameSurge" {
70. if {$authuser != "" && $authpass != "" && [string equal -nocase $auth "on"]} {
71. putquick "AUTHSERV auth $authuser $authpass"
72. }
73. }
74. "UnderNet" {
75. if {$authuser != "" && $authpass != "" && [string equal -nocase $auth "on"]} {
76. putquick "PRIVMSG X@channels.undernet.org :login $authuser $authpass"
77. }
78. }
79. default {
80. internalbind server auth:server NOTICE $client
81. internalbind server auth:server PRIVMSG $client
82. internalbind server auth:ison 303 $client
83. timer 30 [list sbnc:multi:command [list "internalunbind server auth:server NOTICE $client" "internalunbind server auth:server PRIVMSG $client"]]]
84. timer 2 [list internalunbind server auth:ison 303 $client]
85. putquick "ISON NickServ"
86. }
87. }
88. }
89.  
90. #
91. # Q-auth challenge encryptions
92. #
93. set ::qauth_algorithms [list md5 sha1 sha256]
94. set ::qauth_supported_algorithms [list]
95. foreach algorithm $::qauth_algorithms {
96. if {![catch [list package require $algorithm] error]} {
97. lappend ::qauth_supported_algorithms $algorithm
98. }
99. }
100.  
101. #
102. # server response parser
103. #
104. proc auth:server {client params} {
105. set host [lindex $params 0]
106. set msg [lindex $params 3]
107. #
108. # QuakeNet
109. #
110. if {[string equal -nocase $host "Q!TheQBot@CServe.quakenet.org"]} {
111. if {[string match -nocase "You are now logged in as*" $msg]} {
112. bncjoinchans $client
113. if {![getbncuser $client hasclient]} {
114. putlog "Successfully Authed to Q"
115. }
116. internalunbind server auth:server NOTICE $client
117. }
118. if {[string match -nocase "*CHALLENGE*" $msg]} {
119. set challenge [lindex [split $msg " "] 1]
120. set authuser [getbncuser $client tag authuser]
121. set authuserlower [string tolower [string map -nocase {"[" "{" "]" "}" "|" "\\"} [getbncuser $client tag authuser]]]
122. set authpass [string range [getbncuser $client tag authpass] 0 9]
123. if {[string match -nocase "*HMAC-SHA-256*" $msg] && [lsearch $::qauth_supported_algorithms sha256] > "-1"} {
124. set authpass [string tolower [::sha2::sha256 -hex $authpass]]
125. set response [string tolower [::sha2::sha256 -hex "${authuserlower}:${authpass}"]]
126. set response [string tolower [::sha2::hmac -hex -key $response $challenge]]
127. putquick "PRIVMSG Q@CServe.QuakeNet.Org :CHALLENGEAUTH $authuser $response HMAC-SHA-256"
128. } elseif {[string match -nocase "*HMAC-SHA-1*" $msg] && [lsearch $::qauth_supported_algorithms sha1] > "-1"} {
129. set authpass [string tolower [::sha1::sha1 -hex $authpass]]
130. set response [string tolower [::sha1::sha1 -hex "${authuserlower}:${authpass}"]]
131. set response [string tolower [::sha1::hmac -hex -key $response $challenge]]
132. putquick "PRIVMSG Q@CServe.QuakeNet.Org :CHALLENGEAUTH $authuser $response HMAC-SHA-1"
133. } elseif {[string match -nocase "*HMAC-MD5*" $msg] && [lsearch $::qauth_supported_algorithms md5] > "-1"} {
134. set authpass [string tolower [::md5::md5 -hex $authpass]]
135. set response [string tolower [::md5::md5 -hex "${authuserlower}:${authpass}"]]
136. set response [string tolower [::md5::hmac -hex -key $response $challenge]]
137. putquick "PRIVMSG Q@CServe.QuakeNet.Org :CHALLENGEAUTH $authuser $response HMAC-MD5"
138. } else {
139. putquick "PRIVMSG Q@CServe.QuakeNet.Org :AUTH $authuser $authpass"
140. }
141. }
142. }
143. #
144. # NickServ
145. #
146. if {[string equal -nocase [lindex [split $host "!"] 0] "NickServ"]} {
147. set [getns]::sbnc_nickserv 1
148. if {[string match -nocase [getbncuser $client tag authphrase] $msg]} {
149. if {[string equal -nocase [getbncuser $client tag authuser] $::botnick] && [getbncuser $client tag authpass] != "" && [string equal -nocase [getbncuser $client tag auth] "on"]} {
150. putquick "NICKSERV identify [getbncuser $client tag authpass]"
151. }
152. }
153. }
154. }
155.  
156. #
157. # outputs auth info during "set"
158. #
159. proc auth:help {client} {
160. if {[getbncuser $client tag authuser] != ""} {
161. set authuser [getbncuser $client tag authuser]
162. } else {
163. set authuser "Not set"
164. }
165.  
166. if {[getbncuser $client tag authpass] != ""} {
167. set authpass "Set"
168. } else {
169. set authpass "Not set"
170. }
171.  
172. if {[string equal -nocase [getbncuser $client tag auth] "on"]} {
173. set auth "on"
174. } else {
175. set auth "off"
176. }
177.  
178. if {[info exists [getns]::sbnc_nickserv]} {
179. if {[getbncuser $client tag authphrase] != ""} {
180. set authphrase [getbncuser $client tag authphrase]
181. } else {
182. set authphrase "Not set"
183. }
184. }
185. bncreply "authuser - $authuser"
186. bncreply "authpass - $authpass"
187. if {[info exists authphrase]} {
188. bncreply "authphrase - $authphrase"
189. }
190. bncreply "auth - $auth"
191. }
192.  
193. #
194. # commands for changing auth data/settings
195. #
196. proc auth:commands {client params} {
197. if {[string equal -nocase "help" [lindex $params 0]]} {
198. bncaddcommand authmanual "User" "Manually authenticates to a server's Authentication Service"
199. }
200. if {[string equal -nocase "authmanual" [lindex $params 0]]} {
201. if {[getbncuser $client tag authuser] != "" && [getbncuser $client tag authpass] != "" && [string equal -nocase [getbncuser $client tag auth] "on"]} {
202. auth:logon $client
203. bncreply "Manually triggered authing"
204. haltoutput
205. } else {
206. bncreply "Error: either authuser or authpass isn't set or auth isn't turned on. Check /sbnc set"
207. haltoutput
208. }
209. }
210. if {[string equal -nocase "set" [lindex $params 0]]} {
211. if {[llength $params] == 1} {
212. internaltimer 0 0 auth:help $client
213. } else {
214. switch -- [lindex $params 1] {
215. "authuser" {
216. setbncuser $client tag authuser [lindex $params 2]
217. bncreply "Done."
218. haltoutput
219. }
220. "authpass" {
221. setbncuser $client tag authpass [lindex $params 2]
222. bncreply "Done."
223. haltoutput
224. }
225. "auth" {
226. if {([getbncuser $client tag authuser] != "" && [getbncuser $client tag authpass] != "") || [lindex $params 2] == ""} {
227. if {![string equal -nocase [lindex $params 2] "on"] && ![string equal -nocase [lindex $params 2] "off"] && [lindex $params 2] != ""} {
228. bncreply "Value should be either 'on' or 'off'."
229. haltoutput
230. } else {
231. setbncuser $client tag auth [lindex $params 2]
232. bncreply "Done."
233. haltoutput
234. }
235. } else {
236. bncreply "Please set authuser and authpass first. Check /sbnc set"
237. haltoutput
238. }
239. }
240. "authphrase" {
241. if {[info exists [getns]::sbnc_nickserv]} {
242. set text [join [lrange $params 2 end] " "]
243. if {$text != "" && [string length $text] > 7} {
244. setbncuser $client tag authphrase $text
245. bncreply "Done."
246. haltoutput
247. } else {
248. bncreply "Error: no text specified or too short. Wildcards (*) may be used."
249. haltoutput
250. }
251. }
252. }
253. }
254. if {[getbncuser $client tag authuser] != "" && [getbncuser $client tag authpass] != ""} {
255. setbncuser $client delayjoin 1
256. } else {
257. setbncuser $client delayjoin 0
258. }
259. }
260. }
261. }
262.  
263. #
264. # used by auth.tcl to execute multiple commands in timers
265. #
266. proc sbnc:multi:command {commands} {
267. foreach command $commands {
268. catch $command
269. }
270. }