vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add need_ssl to auth{} and operator{}.

Browse source 
Specifying need_ssl on auth{} denies the connection if
it is not SSL/TLS, much like need_ident or need_sasl.
Specifying need_ssl on operator{} refuses opering with
ERR_NOOPERHOST if the connection is not SSL/TLS.
from ircd-ratbox
This commit is contained in:
Jilles Tjoelker 2008-09-07 01:18:58 +02:00
parent 17b97f3024
commit b159441429
7 changed files with 48 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

16
modules/m_challenge.c
View file

@ -223,6 +223,22 @@ m_challenge(struct Client *client_p, struct Client *source_p, int parc, const ch
return 0;
}
if(IsOperConfNeedSSL(oper_p) && !IsSSLClient(source_p))
{
sendto_one(source_p, form_str(ERR_NOOPERHOST), me.name, source_p->name);
ilog(L_FOPER, "FAILED CHALLENGE (%s) by (%s!%s@%s) (%s) -- requires SSL/TLS",
parv[1], source_p->name, source_p->username, source_p->host,
source_p->sockhost);
if(ConfigFileEntry.failed_oper_notice)
{
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"Failed CHALLENGE attempt - missing SSL/TLS by %s (%s@%s)",
source_p->name, source_p->username, source_p->host);
}
return 0;
}
if(!generate_challenge(&challenge, &(source_p->localClient->challenge), oper_p->rsa_pubkey))
{
char *chal = challenge;