3 /* Written by David Herrmann,
4 * improved by Philipp Kreil.
5 * Dedicated to the Public Domain.
8 * The IAuth collects all information from the ircd and when it thinks it has a complete
9 * set of information, it starts this script with all information as parameters. This
10 * script has to check the database for a dataset and return the values it wants to change
11 * or return nothing if it wants to reject the client.
13 * The data from the IAuth is passed in the array $argv. If a value is not available, it is
14 * an empty string. If a value is available it must be a string between 1 and IAUTH_DATALEN
15 * characters, whereas IAUTH_DATALEN is defined in iauth.h.
16 * - Name of the script:
17 * $argv[0] = ./iauth.php
18 * - The IP of the remote socket endpoint:
19 * $argv[1] = 85.214.49.253
20 * - The port of the remote socket endpoint:
22 * - The ip of the local socket endpoint:
23 * $argv[3] = 127.0.0.1
24 * - The port of the local socket endpoint:
26 * - The resolved hostname of the remote socket:
27 * $argv[5] = p3EE37393.dip.t-dialin.net
28 * - The hostname the user passed to USER:
29 * $argv[6] = localhost
30 * - The servername the user passed to USER:
31 * $argv[7] = irc.ogn.net
32 * - The nick which the user passed:
33 * $argv[8] = some_weird_nick
34 * - The username the user passed to USER:
36 * - The realname the user passed to USER:
37 * $argv[10] = realname
38 * - The account[:timestamp] which was proofed by LOC: (The :timestamp is optional)
39 * $argv[11] = some_account:124206424
40 * - The fakehost which was set by LOC:
41 * $argv[12] = cool.1337.fakehost
42 * - The class that the server would assign to the user if iauth would not be there:
43 * $argv[13] = some_server_class
44 * - The last PASS line the user sent:
45 * $argv[14] = some_password
46 * - The ident we got from the user's ident server:
48 * - The name of the server we are connected to:
49 * $argv[16] = devnull.xy.net
51 * The response of the script is sent to STDOUT. If the script wants to reject the request, it can
52 * simply exit without sending anything.
53 * If you want to accept the client, you have to pass several parameters to STDOUT. Each parameter
54 * is separated by a space. If you want to skip a parameter, simply put "$" in there.
55 * Every value which is not "$" is forced on the user before he gets assigned to a class.
56 * Each value is limited again to IAUTH_DATALEN, however, the ircd itself may limit the data again,
57 * therefore, it is recommended to use short values. '\0' characters are not allowed in a reply and
58 * the IAuth parser will reject the query.
60 * - The class which is assigned to the user:
62 * - The ident which should be forced on the user:
64 * - The host which should be forced on the user:
65 * echo "forced.host.on.user ";
66 * - The ip which should be forced on the user:
67 * echo "127.244.12.110 ";
68 * - A mode striing which is set on the user. This can include fakehosts/accounts/operators/etc.
69 * echo "+wogsfr 131071 fake.host.net account:124653295"
70 * The last parameter "mode" can have as many spaces as you want.
74 /* These constants are defined to access $argv more easily. */
75 define("ARG_REMOTEIP", $argv[1]);
76 define("ARG_REMOTEPORT", $argv[2]);
77 define("ARG_LOCALIP", $argv[3]);
78 define("ARG_LOCALPORT", $argv[4]);
79 define("ARG_HOSTNAME", $argv[5]);
80 define("ARG_USER_HOST", $argv[6]);
81 define("ARG_USER_SERV", $argv[7]);
82 define("ARG_NICK", $argv[8]);
83 define("ARG_USERNAME", $argv[9]);
84 define("ARG_REALNAME", $argv[10]);
85 define("ARG_TS_ACCOUNT", $argv[11]);
86 define("ARG_ACCOUNT", preg_replace('/^(.*?)(:\d+)?$/', '$1', $argv[11]));
87 define("ARG_FAKEHOST", $argv[12]);
88 define("ARG_CLASS", $argv[13]);
89 define("ARG_PASS", $argv[14]);
90 define("ARG_IDENT", $argv[15]);
91 define("ARG_SERVER", $argv[16]);
93 /* This function can be used to return a result. */
94 function iauth_return($class = NULL, $ident = NULL, $host = NULL, $ip = NULL, $mode = NULL) {
95 $class = trim($class);
96 $ident = trim($ident);
98 $ip = trim((substr($ip, 0, 1) == ":") ? "0".$ip : $ip);
100 if($class === NULL || strlen($class) == 0) $class = "$";
101 if($ident === NULL || strlen($ident) == 0) $ident = "$";
102 if($host === NULL || strlen($host) == 0) $host = "$";
103 if($ip === NULL || strlen($ip) == 0) $ip = "$";
104 if($mode === NULL || strlen($mode) == 0) $mode = "$";
105 echo "$class $ident $host $ip $mode";
109 /* This rejects the client. */
110 function iauth_reject($reason = NULL) {
111 if($reason != NULL && strlen($reason) != 0) echo"error ".$reason." %";
115 /* Validate the input now and return the right result.
116 * REMEMBER: SOME VALUES MIGHT BE AN EMPTY STRING AND NOT SET!
120 /****************************************************/
121 /****************************************************/
122 /* Following three example ways to handle a client. */
123 /****************************************************/
124 /****************************************************/
126 /* Simply allow the client to connect the normal way. */
127 /* iauth_return(); */
129 /* Or as an example return only a class and a mode change. */
130 /* iauth_return("class", NULL, NULL, NULL, "+rf account:14314789 fake.host.net"); */
132 /* Or reject the client. */
133 /* iauth_reject(); */
135 /* our real implementation */
136 if (is_readable('iauth-wgn.php')) {
137 require('iauth-wgn.php');