mirror/librenms-librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-10-07 16:52:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

feature: Added Irc host authentication for irc-bot (#6757)

Browse Source 
* Allow irc-users to be authenticated by hostmask i config.php

* Fix some whitespace and a small typo

* Refactored the code a bit. Checking if user is already authd before matching on hostmask

* Updating docs

* Add missing " to docs
This commit is contained in:
Olen
2017-06-02 22:27:29 +02:00
committed by Neil Lathwood
parent f784228e93
commit 43e135ee03
2 changed files with 50 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
LibreNMS/IRCBot.php
View File

@@ -319,6 +319,9 @@ class IRCBot
$this->command = str_replace(':.', '', $this->command); $this->command = str_replace(':.', '', $this->command);
$tmp = explode(':.'.$this->command.' ', $this->data); $tmp = explode(':.'.$this->command.' ', $this->data);
$this->user = $this->getAuthdUser(); $this->user = $this->getAuthdUser();
if (!$this->isAuthd() && (isset($this->config['irc_auth']))) {
$this->hostAuth();
}
if ($this->isAuthd() || trim($this->command) == 'auth') { if ($this->isAuthd() || trim($this->command) == 'auth') {
$this->proceedCommand(str_replace("\n", '', trim($this->command)), trim($tmp[1])); $this->proceedCommand(str_replace("\n", '', trim($this->command)), trim($tmp[1]));
} }
@@ -366,6 +369,11 @@ class IRCBot
return str_replace(':', '', $arrData[0]); return str_replace(':', '', $arrData[0]);
}//end getUser() }//end getUser()
private function getUserHost($param)
{
$arrData = explode(' ', $param, 2);
return str_replace(':', '', $arrData[0]);
}//end getUserHost()
private function connect($try = 0) private function connect($try = 0)
{ {
@@ -471,7 +479,38 @@ class IRCBot
private function getAuthdUser() private function getAuthdUser()
{ {
return $this->authd[$this->getUser($this->data)]; return $this->authd[$this->getUser($this->data)];
}//end get_user() }//end getAuthUser()
private function hostAuth()
{
foreach ($this->config['irc_auth'] as $nms_user => $hosts) {
foreach ($hosts as $host) {
$host = preg_replace("/\*/", ".*", $host);
if (preg_match("/$host/", $this->getUserHost($this->data))) {
$user_id = get_userid(mres($nms_user));
$user = get_user($user_id);
$this->user['name'] = $user['username'];
$this->user['id'] = $user_id;
$this->user['level'] = get_userlevel($user['username']);
$this->user['expire'] = (time() + ($this->config['irc_authtime'] * 3600));
if ($this->user['level'] < 5) {
foreach (dbFetchRows('SELECT device_id FROM devices_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
$this->user['devices'][] = $tmp['device_id'];
}
foreach (dbFetchRows('SELECT port_id FROM ports_perms WHERE user_id = ?', array($this->user['id'])) as $tmp) {
$this->user['ports'][] = $tmp['port_id'];
}
}
if ($this->debug) {
$this->log("HostAuth on irc for '".$user['username']."', ID: '".$user_id."', Host: '".$host);
}
return true;
}
}
}
return false;
}//end hostAuth
private function ircRaw($params) private function ircRaw($params)

10
doc/Extensions/IRC-Bot.md
View File

@@ -34,6 +34,7 @@ Option | Default-Value | Notes
`$config['irc_nick']` | `LibreNMS` | Optional; `$config['irc_nick']` | `LibreNMS` | Optional;
`$config['irc_pass']` | | Optional; This sends the IRC-PASS Sequence to IRC-Servers that require Password on Connect `$config['irc_pass']` | | Optional; This sends the IRC-PASS Sequence to IRC-Servers that require Password on Connect
`$config['irc_port']` | `6667` | Required; To enable SSL append a `+` before the Port. (Example: `+6697`) `$config['irc_port']` | `6667` | Required; To enable SSL append a `+` before the Port. (Example: `+6697`)
`$config['irc_auth']` | | Optional: Array of hostmasks that are automatically authenticated.
### <a name="commands">IRC-Commands</a> ### <a name="commands">IRC-Commands</a>
@@ -102,6 +103,15 @@ Or using a single string using `,` as delimiter between various channels:
$config['irc_chan'] = "#librenms,#otherchan,#noc"; $config['irc_chan'] = "#librenms,#otherchan,#noc";
... ...
``` ```
### Hostmask authentication:
```php
...
$config['irc_auth']['admin'][] = "*!root@nms.host.invalid";
$config['irc_auth']['admin'][] = "*!*peter@peters.computer.invalid";
$config['irc_auth']['john][] = "john!doe@login.server.invalid";
...
```
Any client matching one of the first two hostmasks will automatically be authenticated as the "admin" user in LibreNMS, and clients matching the last line will be authenticated as the user "john" in LibreNMS, without using .auth and a waiting for a valid token.
# <a name="extensions">Extensions?!</a> # <a name="extensions">Extensions?!</a>