Changed "sslfp" to "certfp" and "SSL fingerprint" to "client certificate fingerprint...

[irc/evilnet/x3.git] / src / nickserv.c

diff --git a/src/nickserv.c b/src/nickserv.c
index 8ef28b058f3de4b73c48ab775d0dacf90232e309..a768fa0caf66c098d225467beee3a73cf278cd2c 100644 (file)
--- a/src/nickserv.c
+++ b/src/nickserv.c
@@ -254,6 +254,7 @@ static const struct message_entry msgtab[] = {
     { "NSMSG_HANDLEINFO_COOKIE_EMAIL_DATA", "Cookie: New email address: %s" },
     { "NSMSG_HANDLEINFO_INFOLINE", "Infoline: %s" },
     { "NSMSG_HANDLEINFO_FLAGS", "Flags: %s" },
+    { "NSMSG_HANDLEINFO_OPSERV_LEVEL", "Opserv level: %d " },
     { "NSMSG_HANDLEINFO_EPITHET", "Epithet: %s" },
     { "NSMSG_HANDLEINFO_NOTE", "Note (by %s on %s): %s " },
     { "NSMSG_HANDLEINFO_FAKEHOST", "Fake host: %s" },
@@ -263,7 +264,7 @@ static const struct message_entry msgtab[] = {
     { "NSMSG_HANDLEINFO_LAST_HOST_UNKNOWN", "Last quit hostmask: Unknown" },
     { "NSMSG_HANDLEINFO_NICKS", "Nickname(s): %s" },
     { "NSMSG_HANDLEINFO_MASKS", "Hostmask(s): %s" },
-    { "NSMSG_HANDLEINFO_SSLFPS", "SSL Fingerprints(s): %s" },
+    { "NSMSG_HANDLEINFO_SSLFPS", "Client Certificate Fingerprints(s): %s" },
     { "NSMSG_HANDLEINFO_IGNORES", "Ignore(s): %s" },
     { "NSMSG_HANDLEINFO_CHANNELS", "Channel(s): %s" },
     { "NSMSG_HANDLEINFO_CURRENT", "Current nickname(s): %s" },
@@ -298,13 +299,13 @@ static const struct message_entry msgtab[] = {
     { "NSMSG_ADDMASK_SUCCESS", "Hostmask %s added." },
     { "NSMSG_ADDIGNORE_ALREADY", "$b%s$b is already an ignored hostmask in your account." },
     { "NSMSG_ADDIGNORE_SUCCESS", "Hostmask %s added." },
-    { "NSMSG_ADDSSLFP_ALREADY", "$b%s$b is already an SSL fingerprint in your account." },
-    { "NSMSG_ADDSSLFP_SUCCESS", "SSL fingerprint %s added." },
+    { "NSMSG_ADDSSLFP_ALREADY", "$b%s$b is already a client certificate fingerprint in your account." },
+    { "NSMSG_ADDSSLFP_SUCCESS", "Client certificate fingerprint %s added." },
     { "NSMSG_DELMASK_NOTLAST", "You may not delete your last hostmask." },
     { "NSMSG_DELMASK_SUCCESS", "Hostmask %s deleted." },
     { "NSMSG_DELMASK_NOT_FOUND", "Unable to find mask to be deleted." },
-    { "NSMSG_DELSSLFP_SUCCESS", "SSL fingerprint %s deleted." },
-    { "NSMSG_DELSSLFP_NOT_FOUND", "Unable to find SSL fingerprint to be deleted." },
+    { "NSMSG_DELSSLFP_SUCCESS", "Client certificate fingerprint %s deleted." },
+    { "NSMSG_DELSSLFP_NOT_FOUND", "Unable to find client certificate fingerprint to be deleted." },
     { "NSMSG_OPSERV_LEVEL_BAD", "You may not promote another oper above your level." },
     { "NSMSG_USE_CMD_PASS", "Please use the PASS command to change your password." },
     { "NSMSG_UNKNOWN_NICK", "I know nothing about nick $b%s$b." },
@@ -1795,6 +1796,10 @@ static NICKSERV_FUNC(cmd_handleinfo)
        reply("NSMSG_HANDLEINFO_FLAGS", nsmsg_none);
     }
 
+    if (hi->opserv_level > 0) {
+        reply("NSMSG_HANDLEINFO_OPSERV_LEVEL", hi->opserv_level);
+    }
+
     if (HANDLE_FLAGGED(hi, SUPPORT_HELPER)
         || HANDLE_FLAGGED(hi, NETWORK_HELPER)
         || (hi->opserv_level > 0)) {
@@ -2122,6 +2127,10 @@ struct handle_info *loc_auth(char *sslfp, char *handle, char *password, char *us
             handle = hi->handle;
     }
     
+    /* Ensure handle is valid if not found in internal DB */
+    if (!hi && (!handle || !is_valid_handle(handle)))
+        return 0;
+
 #ifdef WITH_LDAP
     if (nickserv_conf.ldap_enable && (password != NULL)) {
         ldap_result = ldap_check_auth(handle, password);
@@ -5322,8 +5331,9 @@ nickserv_conf_read(void)
     if(nickserv_conf.ldap_enable > 0) {
         /* ldap is enabled but not compiled in - error out */
         log_module(MAIN_LOG, LOG_ERROR, "ldap is enabled in config, but not compiled in!");
-        nickserv_conf.ldap_enable = 0;
-        sleep(5);
+        exit(2);
+        /* nickserv_conf.ldap_enable = 0; */
+        /* sleep(5); */
     }
 #endif 
 
@@ -5439,9 +5449,10 @@ check_user_nick(struct userNode *user, UNUSED_ARG(void *extra)) {
         irc_regnick(user);
         return 0;
     }
-    if (nickserv_conf.warn_nick_owned)
+    if (nickserv_conf.warn_nick_owned) {
         send_message(user, nickserv, "NSMSG_RECLAIM_WARN", ni->nick, ni->owner->handle);
         send_message(user, nickserv, "NSMSG_RECLAIM_HOWTO", ni->owner->handle, nickserv->nick, self->name, ni->owner->handle);
+    }
     if (nickserv_conf.auto_reclaim_action == RECLAIM_NONE)
         return 0;
     if (nickserv_conf.auto_reclaim_delay)
@@ -5785,7 +5796,7 @@ sasl_packet(struct SASLSession *session)
 
         log_module(NS_LOG, LOG_DEBUG, "SASL: Checking supplied credentials");
 
-        if (c != 2)
+        if ((c != 2) || !(*authcid))
         {
             log_module(NS_LOG, LOG_DEBUG, "SASL: Incomplete credentials supplied");
             irc_sasl(session->source, session->uid, "D", "F");
@@ -6019,10 +6030,10 @@ init_nickserv(const char *nick)
     nickserv_define_func("OADDMASK", cmd_oaddmask, 0, 1, 0);
     nickserv_define_func("DELMASK", cmd_delmask, -1, 1, 0);
     nickserv_define_func("ODELMASK", cmd_odelmask, 0, 1, 0);
-    nickserv_define_func("ADDSSLFP", cmd_addsslfp, -1, 1, 0);
-    nickserv_define_func("OADDSSLFP", cmd_oaddsslfp, 0, 1, 0);
-    nickserv_define_func("DELSSLFP", cmd_delsslfp, -1, 1, 0);
-    nickserv_define_func("ODELSSLFP", cmd_odelsslfp, 0, 1, 0);
+    nickserv_define_func("ADDCERTFP", cmd_addsslfp, -1, 1, 0);
+    nickserv_define_func("OADDCERTFP", cmd_oaddsslfp, 0, 1, 0);
+    nickserv_define_func("DELCERTFP", cmd_delsslfp, -1, 1, 0);
+    nickserv_define_func("ODELCERTFP", cmd_odelsslfp, 0, 1, 0);
     nickserv_define_func("PASS", cmd_pass, -1, 1, 0);
     nickserv_define_func("SET", cmd_set, -1, 1, 0);
     nickserv_define_func("OSET", cmd_oset, 0, 1, 0);