{ "NSMSG_HANDLEINFO_COOKIE_EMAIL_DATA", "Cookie: New email address: %s" },
{ "NSMSG_HANDLEINFO_INFOLINE", "Infoline: %s" },
{ "NSMSG_HANDLEINFO_FLAGS", "Flags: %s" },
+ { "NSMSG_HANDLEINFO_OPSERV_LEVEL", "Opserv level: %d " },
{ "NSMSG_HANDLEINFO_EPITHET", "Epithet: %s" },
{ "NSMSG_HANDLEINFO_NOTE", "Note (by %s on %s): %s " },
{ "NSMSG_HANDLEINFO_FAKEHOST", "Fake host: %s" },
reply("NSMSG_HANDLEINFO_FLAGS", nsmsg_none);
}
+ if (hi->opserv_level > 0) {
+ reply("NSMSG_HANDLEINFO_OPSERV_LEVEL", hi->opserv_level);
+ }
+
if (HANDLE_FLAGGED(hi, SUPPORT_HELPER)
|| HANDLE_FLAGGED(hi, NETWORK_HELPER)
|| (hi->opserv_level > 0)) {
handle = hi->handle;
}
+ /* Ensure handle is valid if not found in internal DB */
+ if (!hi && (!handle || !is_valid_handle(handle)))
+ return 0;
+
#ifdef WITH_LDAP
if (nickserv_conf.ldap_enable && (password != NULL)) {
ldap_result = ldap_check_auth(handle, password);
static NICKSERV_FUNC(cmd_auth)
{
int pw_arg, used, maxlogins;
+ int sslfpauth = 0;
struct handle_info *hi;
const char *passwd;
const char *handle;
}
#ifdef WITH_LDAP
- if(strchr(argv[1], '<') || strchr(handle, '>')) {
+ if(strchr(handle, '<') || strchr(handle, '>')) {
reply("NSMSG_NO_ANGLEBRACKETS");
return 0;
}
* create the account.
*/
char *mask;
- if(!(hi = nickserv_register(user, user, argv[1], argv[2], 0))) {
+ if(!(hi = nickserv_register(user, user, handle, passwd, 0))) {
reply("NSMSG_UNABLE_TO_ADD");
return 0; /* couldn't add the user for some reason */
}
argv[pw_arg] = "BADMASK";
return 1;
}
+
+ if (valid_user_sslfp(user, hi))
+ sslfpauth = 1;
+
#ifdef WITH_LDAP
if(( ( nickserv_conf.ldap_enable && ldap_result == LDAP_INVALID_CREDENTIALS ) ||
- ( (!nickserv_conf.ldap_enable) && (!checkpass(passwd, hi->passwd)) ) ) && !valid_user_sslfp(user, hi)) {
+ ( (!nickserv_conf.ldap_enable) && (!checkpass(passwd, hi->passwd)) ) ) && !sslfpauth) {
#else
- if (!checkpass(passwd, hi->passwd) && !valid_user_sslfp(user, hi)) {
+ if (!checkpass(passwd, hi->passwd) && !sslfpauth) {
#endif
unsigned int n;
send_message_type(4, user, cmd->parent->bot,
set_user_handle_info(user, hi, 1);
if (nickserv_conf.email_required && !hi->email_addr)
reply("NSMSG_PLEASE_SET_EMAIL");
- if (!is_secure_password(hi->handle, passwd, NULL))
+ if (!sslfpauth && !is_secure_password(hi->handle, passwd, NULL))
reply("NSMSG_WEAK_PASSWORD");
- if (hi->passwd[0] != '$')
+ if (!sslfpauth && (hi->passwd[0] != '$'))
cryptpass(passwd, hi->passwd);
/* If a channel was waiting for this user to auth,
if(nickserv_conf.ldap_enable > 0) {
/* ldap is enabled but not compiled in - error out */
log_module(MAIN_LOG, LOG_ERROR, "ldap is enabled in config, but not compiled in!");
- nickserv_conf.ldap_enable = 0;
- sleep(5);
+ exit(2);
+ /* nickserv_conf.ldap_enable = 0; */
+ /* sleep(5); */
}
#endif
check_user_nick(struct userNode *user, UNUSED_ARG(void *extra)) {
struct nick_info *ni;
user->modes &= ~FLAGS_REGNICK;
+
if (!(ni = get_nick_info(user->nick)))
return 0;
if (user->handle_info == ni->owner) {
return 0;
}
+static int
+new_user_event(struct userNode *user, void *extra) {
+ /* If the user's server is not bursting,
+ * the user is authed, the account has autohide set
+ * and the user doesn't have user mode +x then apply
+ * the autohide setting.
+ */
+ if (!user->uplink->burst && user->handle_info &&
+ HANDLE_FLAGGED(user->handle_info, AUTOHIDE) &&
+ !IsHiddenHost(user))
+ irc_umode(user, "+x");
+
+ return check_user_nick(user, extra);
+}
+
void
handle_account(struct userNode *user, const char *stamp)
{
log_module(NS_LOG, LOG_DEBUG, "SASL: Checking supplied credentials");
- if (c != 2)
+ if ((c != 2) || !(*authcid))
{
log_module(NS_LOG, LOG_DEBUG, "SASL: Incomplete credentials supplied");
irc_sasl(session->source, session->uid, "D", "F");
}
else
{
- if (*authzid && irccasecmp(authzid, authcid) && HANDLE_FLAGGED(hi, IMPERSONATE))
+ if (*authzid && irccasecmp(authzid, authcid))
{
- hii = hi;
- hi = get_handle_info(authzid);
+ if (HANDLE_FLAGGED(hi, IMPERSONATE))
+ {
+ hii = hi;
+ hi = get_handle_info(authzid);
+ }
+ else
+ {
+ log_module(NS_LOG, LOG_DEBUG, "SASL: Impersonation unauthorized");
+ hi = NULL;
+ }
}
if (hi)
{
struct chanNode *chan;
unsigned int i;
NS_LOG = log_register_type("NickServ", "file:nickserv.log");
- reg_new_user_func(check_user_nick, NULL);
+ reg_new_user_func(new_user_event, NULL);
reg_nick_change_func(handle_nick_change, NULL);
reg_del_user_func(nickserv_remove_user, NULL);
reg_account_func(handle_account);
projects / irc / evilnet / x3.git / blobdiff