ouch/inspircd
2
0
Fork 0
mirror of https://github.com/inspircd/inspircd.git synced 2025-03-11 11:39:02 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix authentication logic, someone forgot to change an || to an &&, because we use continue now the logic is reversed, we continue if auth method one fails AND auth method two fails

Browse Source 
(instead of if auth method one fails OR auth method two fails)
Also, fix bug where credentials of outbound server are leaked on successful auth to other ircds behind it


git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9437 e03df62e-2008-0410-955e-edbf42e46eb7
This commit is contained in:
brain 2008-04-08 23:27:49 +00:00
parent 149ed936a8
commit 2e1cd4fb31
1 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/modules/m_spanningtree/server.cpp
View File

@ -130,9 +130,12 @@ bool TreeSocket::Outbound_Reply_Server(std::deque<std::string> &params)
if (x->Name != servername && x->Name != "*") // open link allowance
continue;
if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) ||
(x->RecvPass != password && !this->GetTheirChallenge().empty()))
if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) &&
(x->RecvPass != password && this->GetTheirChallenge().empty()))
{
this->Instance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
continue;
}
TreeServer* CheckDupe = Utils->FindServer(sname);
if (CheckDupe)
@ -163,7 +166,12 @@ bool TreeSocket::Outbound_Reply_Server(std::deque<std::string> &params)
Utils->TreeRoot->AddChild(Node);
params[4] = ":" + params[4];
/* IMPORTANT: Take password/hmac hash OUT of here before we broadcast the introduction! */
params[1] = "*";
Utils->DoOneToAllButSender(Instance->Config->GetSID(),"SERVER",params,sname);
Node->bursting = true;
this->DoBurst(Node);
return true;
@ -218,9 +226,12 @@ bool TreeSocket::Inbound_Server(std::deque<std::string> &params)
if (x->Name != servername && x->Name != "*") // open link allowance
continue;
if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) ||
(x->RecvPass != password && !this->GetTheirChallenge().empty()))
if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) &&
(x->RecvPass != password && this->GetTheirChallenge().empty()))
{
this->Instance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
continue;
}
/* Check for fully initialized instances of the server by id */
Instance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str());