modules/m_sasl.c: abort session if we receive '*' as data

Otherwise we'd send the * on to services as actual data, which is likely to fail to decode it (it's not valid Base-64) and reply with an SASL ... D F which will result in us sending a 904 numeric instead of a 906. cf. https://github.com/ircv3/ircv3-specifications/pull/298#issuecomment-271336287 Reported-By: James Wheare
2018-04-06 19:45:50 +00:00 · 2018-04-06 19:45:50 +00:00 · 280ce6a951
parent fe5fc851aa
commit 280ce6a951
1 changed files with 16 additions and 0 deletions
--- a/modules/m_sasl.c
+++ b/modules/m_sasl.c
@ -180,6 +180,12 @@ m_authenticate(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *

 	if(agent_p == NULL)
 	{
+		if (!strcmp(parv[1], "*"))
+		{
+			sendto_one(source_p, form_str(ERR_SASLABORTED), me.name, EmptyString(source_p->name) ? "*" : source_p->name);
+			return 0;
+		}
+
 		sendto_one(saslserv_p, ":%s ENCAP %s SASL %s %s H %s %s %c",
 					me.id, saslserv_p->servptr->name, source_p->id, saslserv_p->id,
 					source_p->host, source_p->sockhost,
@ -197,9 +203,19 @@ m_authenticate(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *
 		rb_strlcpy(source_p->localClient->sasl_agent, saslserv_p->id, IDLEN);
 	}
 	else
+	{
+		if (!strcmp(parv[1], "*"))
+		{
+			sendto_one(source_p, form_str(ERR_SASLABORTED), me.name, EmptyString(source_p->name) ? "*" : source_p->name);
+			sendto_one(agent_p, ":%s ENCAP %s SASL %s %s D A", me.id, agent_p->servptr->name, source_p->id, agent_p->id);
+			return 0;
+		}
+
 		sendto_one(agent_p, ":%s ENCAP %s SASL %s %s C %s",
 				me.id, agent_p->servptr->name, source_p->id, agent_p->id,
 				parv[1]);
+	}
+
 	source_p->localClient->sasl_out++;
 }