diff options
| author | linuxdaemon <linuxdaemon@users.noreply.github.com> | 2019-02-01 03:47:20 -0600 |
|---|---|---|
| committer | Peter Powell <petpow@saberuk.com> | 2019-02-01 09:47:20 +0000 |
| commit | 2ee2e8b60d707d7a1bb644a16060654cb86c7b9f (patch) | |
| tree | 26fcbf7b673056bfe20e482170dd08e6a2185d6d | |
| parent | e844a2cef9aeadbeea26531f98e5fe8b0b2f4dd1 (diff) | |
Allow multiple fingerprints in an oper block (#1564)
| -rw-r--r-- | include/hashcomp.h | 6 | ||||
| -rw-r--r-- | src/hashcomp.cpp | 10 | ||||
| -rw-r--r-- | src/modules/m_sslinfo.cpp | 9 |
3 files changed, 23 insertions, 2 deletions
diff --git a/include/hashcomp.h b/include/hashcomp.h index 80c02332d..453e28c45 100644 --- a/include/hashcomp.h +++ b/include/hashcomp.h @@ -148,6 +148,12 @@ namespace irc * @return True if the end of the stream has been reached, otherwise false */ bool StreamEnd(); + + /** Returns true if the specified value exists in the stream + * @param value The value to search for + * @return True if the value was found, False otherwise + */ + bool Contains(const std::string& value); }; /** A derived form of sepstream, which seperates on commas diff --git a/src/hashcomp.cpp b/src/hashcomp.cpp index a51430a4b..4fee9fd55 100644 --- a/src/hashcomp.cpp +++ b/src/hashcomp.cpp @@ -287,6 +287,16 @@ bool irc::sepstream::StreamEnd() return this->pos > this->tokens.length(); } +bool irc::sepstream::Contains(const std::string& value) +{ + std::string token; + while (GetToken(token)) + if (value == token) + return true; + + return false; +} + irc::portparser::portparser(const std::string &source, bool allow_overlapped) : sep(source), in_range(0), range_begin(0), range_end(0), overlapped(allow_overlapped) { diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index d3514eac6..21857b3d9 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -188,6 +188,11 @@ class ModuleSSLInfo private: CommandSSLInfo cmd; + bool MatchFP(ssl_cert* const cert, const std::string& fp) const + { + return irc::spacesepstream(fp).Contains(cert->GetFingerprint()); + } + public: ModuleSSLInfo() : WebIRC::EventListener(this) @@ -231,7 +236,7 @@ class ModuleSSLInfo } std::string fingerprint; - if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || cert->GetFingerprint() != fingerprint)) + if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || !MatchFP(cert, fingerprint))) { user->WriteNumeric(ERR_NOOPERHOST, "This oper login requires a matching SSL certificate fingerprint."); user->CommandFloodPenalty += 10000; @@ -275,7 +280,7 @@ class ModuleSSLInfo { OperInfo* ifo = i->second; std::string fp = ifo->oper_block->getString("fingerprint"); - if (fp == cert->fingerprint && ifo->oper_block->getBool("autologin")) + if (MatchFP(cert, fp) && ifo->oper_block->getBool("autologin")) user->Oper(ifo); } } |