Added automatic authentication of users with client certificate fingerprints added...

diff --git a/src/nickserv.c b/src/nickserv.c
index a768fa0caf66c098d225467beee3a73cf278cd2c..29dab0fab9ddf4e2d961a1616f4b185d0ae6ee34 100644 (file)
--- a/src/nickserv.c
+++ b/src/nickserv.c
@@ -2294,6 +2294,71 @@ struct handle_info *loc_auth(char *sslfp, char *handle, char *password, char *us
     return hi;
 }
 
+void nickserv_do_autoauth(struct userNode *user)
+{
+    struct handle_info *hi;
+    struct userNode *other;
+    int used, maxlogins;
+
+    /* Already authed, nothing to do */
+    if (user->handle_info)
+        return;
+
+    /* No client certificate fingerprint, cant auto auth */
+    if (!user->sslfp)
+        return;
+
+    hi = find_handleinfo_by_sslfp(user->sslfp);
+    if (!hi)
+        return;
+
+    /* User doesn't match host masks */
+    if (!valid_user_for(user, hi)) {
+        if (hi->email_addr && nickserv_conf.email_enabled)
+            send_message_type(4, user, nickserv,
+                              handle_find_message(hi, "NSMSG_USE_AUTHCOOKIE"),
+                              hi->handle);
+        else
+            send_message_type(4, user, nickserv,
+                              handle_find_message(hi, "NSMSG_HOSTMASK_INVALID"),
+                              hi->handle);
+        return;
+    }
+
+    /* Account suspended? */
+    if (HANDLE_FLAGGED(hi, SUSPENDED)) {
+        send_message_type(4, user, nickserv,
+                          handle_find_message(hi, "NSMSG_HANDLE_SUSPENDED"));
+        return;
+    }
+
+    maxlogins = hi->maxlogins ? hi->maxlogins : nickserv_conf.default_maxlogins;
+    for (used = 0, other = hi->users; other; other = other->next_authed) {
+        if (++used >= maxlogins) {
+            send_message_type(4, user, nickserv,
+                              handle_find_message(hi, "NSMSG_MAX_LOGINS"),
+                              maxlogins);
+            return;
+        }
+    }
+
+    set_user_handle_info(user, hi, 1);
+    if (nickserv_conf.email_required && !hi->email_addr)
+        send_message_type(4, user, nickserv,
+                          handle_find_message(hi, "NSMSG_PLEASE_SET_EMAIL"));
+
+   /* If a channel was waiting for this user to auth,
+    * finish adding them */
+    process_adduser_pending(user);
+
+    send_message_type(4, user, nickserv,
+                      handle_find_message(hi, "NSMSG_AUTH_SUCCESS"));
+
+    /* Set +x if autohide is on */
+    if(HANDLE_FLAGGED(hi, AUTOHIDE))
+        irc_umode(user, "+x");
+}
+
 static NICKSERV_FUNC(cmd_auth)
 {
     int pw_arg, used, maxlogins;
@@ -3894,12 +3959,10 @@ static OPTION_FUNC(opt_note)
 
 static NICKSERV_FUNC(cmd_reclaim)
 {
-    struct handle_info *hi;
     struct nick_info *ni;
     struct userNode *victim;
 
     NICKSERV_MIN_PARMS(2);
-    hi = user->handle_info;
     ni = dict_find(nickserv_nick_dict, argv[1], 0);
     if (!ni) {
         reply("NSMSG_UNKNOWN_NICK", argv[1]);

diff --git a/src/nickserv.h b/src/nickserv.h
index 5a2fb893fe8bceff846cbe7bc267bda21d0dcf9d..206ad0e5d49612dfede145fb6aa89af58cc41d81 100644 (file)
--- a/src/nickserv.h
+++ b/src/nickserv.h
@@ -229,6 +229,8 @@ int nickserv_modify_handle_flags(struct userNode *user, struct userNode *bot, co
 int oper_has_access(struct userNode *user, struct userNode *bot, unsigned int min_level, unsigned int quiet);
 void nickserv_show_oper_accounts(struct userNode *user, struct svccmd *cmd);
 
+void nickserv_do_autoauth(struct userNode *user);
+
 struct handle_info *get_victim_oper(struct userNode *user, const char *target);
 struct handle_info *loc_auth(char *sslfp, char *handle, char *password, char *userhost);
 

diff --git a/src/proto-p10.c b/src/proto-p10.c
index 731b1cf7d477028158f0f6fba94e2e17b64600cb..d64b1a5d2f0104f6183d11aa44443a974f44b966 100644 (file)
--- a/src/proto-p10.c
+++ b/src/proto-p10.c
@@ -2093,6 +2093,8 @@ static CMD_FUNC(cmd_mark)
 
         target->sslfp = strdup(sslfp);
 
+        nickserv_do_autoauth(target);
+
         return 1;
     }
     /* unknown type of mark */