Allow multiple fingerprints in an oper block (#1564)

author: linuxdaemon <linuxdaemon@users.noreply.github.com> 2019-02-01 03:47:20 -0600
committer: Peter Powell <petpow@saberuk.com> 2019-02-01 09:47:20 +0000
commit: 2ee2e8b60d707d7a1bb644a16060654cb86c7b9f (patch)
tree: 26fcbf7b673056bfe20e482170dd08e6a2185d6d /src/modules
parent: e844a2cef9aeadbeea26531f98e5fe8b0b2f4dd1 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index d3514eac6..21857b3d9 100644
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -188,6 +188,11 @@ class ModuleSSLInfo
  private:
 	CommandSSLInfo cmd;
 
+	bool MatchFP(ssl_cert* const cert, const std::string& fp) const
+	{
+		return irc::spacesepstream(fp).Contains(cert->GetFingerprint());
+	}
+
  public:
 	ModuleSSLInfo()
 		: WebIRC::EventListener(this)
@@ -231,7 +236,7 @@ class ModuleSSLInfo
 				}
 
 				std::string fingerprint;
-				if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || cert->GetFingerprint() != fingerprint))
+				if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || !MatchFP(cert, fingerprint)))
 				{
 					user->WriteNumeric(ERR_NOOPERHOST, "This oper login requires a matching SSL certificate fingerprint.");
 					user->CommandFloodPenalty += 10000;
@@ -275,7 +280,7 @@ class ModuleSSLInfo
 		{
 			OperInfo* ifo = i->second;
 			std::string fp = ifo->oper_block->getString("fingerprint");
-			if (fp == cert->fingerprint && ifo->oper_block->getBool("autologin"))
+			if (MatchFP(cert, fp) && ifo->oper_block->getBool("autologin"))
 				user->Oper(ifo);
 		}
 	}
author	linuxdaemon <linuxdaemon@users.noreply.github.com>	2019-02-01 03:47:20 -0600
committer	Peter Powell <petpow@saberuk.com>	2019-02-01 09:47:20 +0000
commit	2ee2e8b60d707d7a1bb644a16060654cb86c7b9f (patch)
tree	26fcbf7b673056bfe20e482170dd08e6a2185d6d /src/modules
parent	e844a2cef9aeadbeea26531f98e5fe8b0b2f4dd1 (diff)