diff options
| author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2007-04-09 16:42:09 +0000 |
|---|---|---|
| committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2007-04-09 16:42:09 +0000 |
| commit | 7f00015727fab50e37de46aa90d218b31c852c87 (patch) | |
| tree | 1f7b137d3959aeba4950bf057823387bcac9c0bd /src/modules/m_spanningtree/treesocket2.cpp | |
| parent | 96798509aca60b4359bb0e1e697a751cce0d6b51 (diff) | |
Add config <options:disablehmac> to support disabling of HMAC, and tidy up to detect if the other side hasnt got it enabled and we did, or if we enabled it and dont have sha256 (that would be an oops)
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6776 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules/m_spanningtree/treesocket2.cpp')
| -rw-r--r-- | src/modules/m_spanningtree/treesocket2.cpp | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/modules/m_spanningtree/treesocket2.cpp b/src/modules/m_spanningtree/treesocket2.cpp index 5f8cafb53..6c0418a0b 100644 --- a/src/modules/m_spanningtree/treesocket2.cpp +++ b/src/modules/m_spanningtree/treesocket2.cpp @@ -814,6 +814,24 @@ bool TreeSocket::RemoteServer(const std::string &prefix, std::deque<std::string> return true; } +bool TreeSocket::ComparePass(const std::string &ours, const std::string &theirs) +{ + if ((!strncmp(ours.c_str(), "HMAC-SHA256:", 12)) || (!strncmp(theirs.c_str(), "HMAC-SHA256:", 12))) + { + /* One or both of us specified hmac sha256, but we don't have sha256 module loaded! + * We can't allow this password as valid. + */ + if (!Instance->FindModule("m_sha256.so") || !Utils->ChallengeResponse) + return false; + else + /* Straight string compare of hashes */ + return ours == theirs; + } + else + /* Straight string compare of plaintext */ + return ours == theirs; +} + bool TreeSocket::Outbound_Reply_Server(std::deque<std::string> ¶ms) { if (params.size() < 4) @@ -833,7 +851,7 @@ bool TreeSocket::Outbound_Reply_Server(std::deque<std::string> ¶ms) std::string description = params[3]; for (std::vector<Link>::iterator x = Utils->LinkBlocks.begin(); x < Utils->LinkBlocks.end(); x++) { - if ((x->Name == servername) && (this->MakePass(x->RecvPass,this->GetOurChallenge()) == password)) + if ((x->Name == servername) && (ComparePass(this->MakePass(x->RecvPass,this->GetOurChallenge()),password))) { TreeServer* CheckDupe = Utils->FindServer(sname); if (CheckDupe) @@ -882,7 +900,7 @@ bool TreeSocket::Inbound_Server(std::deque<std::string> ¶ms) std::string description = params[3]; for (std::vector<Link>::iterator x = Utils->LinkBlocks.begin(); x < Utils->LinkBlocks.end(); x++) { - if ((x->Name == servername) && (this->MakePass(x->RecvPass,this->GetOurChallenge()) == password)) + if ((x->Name == servername) && (ComparePass(this->MakePass(x->RecvPass,this->GetOurChallenge()),password))) { TreeServer* CheckDupe = Utils->FindServer(sname); if (CheckDupe) |