X-Git-Url: https://jfr.im/git/irc/evilnet/x3.git/blobdiff_plain/7b35859e0b0b10c5d820b6a65d302cbe4a7d8fda..1ef37f9e521eaa2673d792badff62c25681a009e:/src/nickserv.c diff --git a/src/nickserv.c b/src/nickserv.c index 9dcd8a0..7435a45 100644 --- a/src/nickserv.c +++ b/src/nickserv.c @@ -221,7 +221,7 @@ static const struct message_entry msgtab[] = { { "NSMSG_NICK_NOT_REGISTERED", "Nick $b%s$b has not been registered to any account." }, { "NSMSG_HANDLE_NOT_FOUND", "Could not find your account -- did you register yet?" }, { "NSMSG_ALREADY_AUTHED", "You are already authed to account $b%s$b; you must reconnect to auth to a different account." }, - { "NSMSG_USE_AUTHCOOKIE", "Your hostmask is not valid for account $b%1$s$b. Please use the $bauthcookie$b command to grant yourself access. (/msg $S authcookie %1$s)" }, + { "NSMSG_USE_AUTHCOOKIE", "Your hostmask is not valid for account $b%1$s$b. Please use the $bauthcookie$b command to grant yourself access. (/msg $N authcookie %1$s)" }, { "NSMSG_HOSTMASK_INVALID", "Your hostmask is not valid for account $b%s$b." }, { "NSMSG_USER_IS_SERVICE", "$b%s$b is a network service; you can only use that command on real users." }, { "NSMSG_USER_PREV_AUTH", "$b%s$b is already authenticated." }, @@ -1548,7 +1548,7 @@ static NICKSERV_FUNC(cmd_oregister) char* mask = NULL; char* nick = NULL; - NICKSERV_MIN_PARMS(2); + NICKSERV_MIN_PARMS(3); account = argv[1]; pass = argv[2]; @@ -2341,7 +2341,7 @@ static NICKSERV_FUNC(cmd_auth) } #ifdef WITH_LDAP - if(strchr(argv[1], '<') || strchr(handle, '>')) { + if(strchr(handle, '<') || strchr(handle, '>')) { reply("NSMSG_NO_ANGLEBRACKETS"); return 0; } @@ -2377,7 +2377,7 @@ static NICKSERV_FUNC(cmd_auth) * create the account. */ char *mask; - if(!(hi = nickserv_register(user, user, argv[1], argv[2], 0))) { + if(!(hi = nickserv_register(user, user, handle, passwd, 0))) { reply("NSMSG_UNABLE_TO_ADD"); return 0; /* couldn't add the user for some reason */ } @@ -5731,7 +5731,7 @@ sasl_packet(struct SASLSession *session) free(raw); return; } - else /* We only have PLAIN at the moment so next message must be credentials */ + else { char *raw = NULL; size_t rawlen = 0; @@ -5741,6 +5741,7 @@ sasl_packet(struct SASLSession *session) char *r = NULL; unsigned int i = 0, c = 0; struct handle_info *hi = NULL; + struct handle_info *hii = NULL; static char buffer[256]; base64_decode_alloc(session->buf, session->buflen, &raw, &rawlen); @@ -5777,10 +5778,29 @@ sasl_packet(struct SASLSession *session) } else { - snprintf(buffer, sizeof(buffer), "%s "FMT_TIME_T, hi->handle, hi->registered); - log_module(NS_LOG, LOG_DEBUG, "SASL: Valid credentials supplied"); - irc_sasl(session->source, session->uid, "L", buffer); - irc_sasl(session->source, session->uid, "D", "S"); + if (*authzid && irccasecmp(authzid, authcid) && HANDLE_FLAGGED(hi, IMPERSONATE)) + { + hii = hi; + hi = get_handle_info(authzid); + } + if (hi) + { + if (hii) + { + log_module(NS_LOG, LOG_DEBUG, "SASL: %s is ipersonating %s", hii->handle, hi->handle); + snprintf(buffer, sizeof(buffer), "%s "FMT_TIME_T, hii->handle, hii->registered); + irc_sasl(session->source, session->uid, "I", buffer); + } + log_module(NS_LOG, LOG_DEBUG, "SASL: Valid credentials supplied"); + snprintf(buffer, sizeof(buffer), "%s "FMT_TIME_T, hi->handle, hi->registered); + irc_sasl(session->source, session->uid, "L", buffer); + irc_sasl(session->source, session->uid, "D", "S"); + } + else + { + log_module(NS_LOG, LOG_DEBUG, "SASL: Invalid credentials supplied"); + irc_sasl(session->source, session->uid, "D", "F"); + } } } @@ -5943,6 +5963,9 @@ init_nickserv(const char *nick) for (i=0; handle_flags[i]; i++) { handle_inverse_flags[(unsigned char)handle_flags[i]] = i + 1; flag_access_levels[i] = 0; + /* ensure flag I requires a minimum of 999 if not set in the config */ + if ((unsigned char)handle_flags[i] == 'I') + flag_access_levels[i] = 999; } conf_register_reload(nickserv_conf_read);