Make passwords for oper accounts optional.

This allows restricting an oper account based on other data such as TLS fingerprint or services account but without logging them in automatically like autologin.
2025-03-09 10:39:02 -04:00 · 2024-05-16 12:29:32 +01:00 · 2024-05-16 12:29:32 +01:00 · c3cff63dca
commit c3cff63dca
parent 5ac051a999
6 changed files with 29 additions and 10 deletions
--- a/docs/conf/help.conf.example
+++ b/docs/conf/help.conf.example
@ -363,7 +363,7 @@ contain important server rules and notices and should be read prior
 to using a server.
 ">

-<helptopic key="oper" title="/OPER <username> <password>" value="
+<helptopic key="oper" title="/OPER <username> [<password>]" value="
 Attempts to authenticate as a server operator.

 Both successful and unsuccessful oper attempts are
--- a/docs/conf/opers.conf.example
+++ b/docs/conf/opers.conf.example
@ -123,6 +123,14 @@
      # password: Case-sensitive, unhashed (plaintext).
      password="s3cret"

+      # nopassword: Whether to allow logging into an account without a password.
+      #
+      # IMPORTANT: As this option overrides the password field it should **NOT** be used
+      # unless you are certain that nobody other than the intended user will match the
+      # restrictions of this <oper> block. Failure to do this may result in your server
+      # being compromised.
+      #nopassword="no"
+
      # host: What hostnames and IPs are allowed to use this operator account.
      # Multiple options can be separated by spaces and CIDRs are allowed.
      # You can use just * or *@* for this section, but it is not recommended
--- a/include/users.h
+++ b/include/users.h
@ -285,6 +285,9 @@ protected:
 	/** Whether this oper account can be automatically logged into. */
 	AutoLogin autologin;

+	/** Whether the account can be logged into without a password. */
+	bool nopassword;
+
 	/** The password to used to log into this oper account. */
 	std::string password;

--- a/src/configreader.cpp
+++ b/src/configreader.cpp
@ -176,15 +176,18 @@ void ServerConfig::CrossCheckOperBlocks()

 	for (const auto& [_, tag] : ConfTags("oper"))
 	{
-		const std::string name = tag->getString("name");
+		const auto name = tag->getString("name");
 		if (name.empty())
 			throw CoreException("<oper:name> missing from tag at " + tag->source.str());

-		const std::string typestr = tag->getString("type");
+		const auto typestr = tag->getString("type");
 		if (typestr.empty())
 			throw CoreException("<oper:type> missing from tag at " + tag->source.str());

-		auto type = OperTypes.find(typestr);
+		if (tag->getString("password").empty() && !tag->getBool("nopassword"))
+			throw CoreException("<oper:password> missing from tag at " + tag->source.str());
+
+		const auto type = OperTypes.find(typestr);
 		if (type == OperTypes.end())
 			throw CoreException("Oper block " + name + " has missing type " + typestr + " at " + tag->source.str());

--- a/src/coremods/core_oper/cmd_oper.cpp
+++ b/src/coremods/core_oper/cmd_oper.cpp
@ -38,9 +38,9 @@ namespace
 }

 CommandOper::CommandOper(Module* parent)
-	: SplitCommand(parent, "OPER", 2, 2)
+	: SplitCommand(parent, "OPER", 1, 2)
 {
-	syntax = { "<username> <password>" };
+	syntax = { "<username> [<password>]" };
 }

 CmdResult CommandOper::HandleLocal(LocalUser* user, const Params& parameters)
@ -56,7 +56,8 @@ CmdResult CommandOper::HandleLocal(LocalUser* user, const Params& parameters)

 	// Check whether the password is correct.
 	auto account = it->second;
-	if (!account->CheckPassword(parameters[1]))
+	const auto& password = parameters.size() > 1 ? parameters[1] : "";
+	if (!account->CheckPassword(password))
 	{
 		ServerInstance->SNO.WriteGlobalSno('o', "{} ({}) [{}] failed to log into the \x02{}\x02 oper account because they specified the wrong password.",
 			user->nick, user->GetRealUserHost(), user->GetAddress(), parameters[0]);
--- a/src/users.cpp
+++ b/src/users.cpp
@ -1294,8 +1294,9 @@ void OperType::MergeTag(const std::shared_ptr<ConfigTag>& tag)

 OperAccount::OperAccount(const std::string& n, const std::shared_ptr<OperType>& o, const std::shared_ptr<ConfigTag>& t)
 	: OperType(n, nullptr)
-	, password(t->getString("password"))
-	, passwordhash(t->getString("hash", "plaintext", 1))
+	, nopassword(t->getBool("nopassword"))
+	, password(nopassword ? "" : t->getString("password"))
+	, passwordhash(nopassword ? "" : t->getString("hash", "plaintext", 1))
 	, type(o ? o->GetName() : n)
 {
 	autologin = t->getEnum("autologin", AutoLogin::NEVER, {
@ -1336,5 +1337,8 @@ bool OperAccount::CanAutoLogin(LocalUser* user) const

 bool OperAccount::CheckPassword(const std::string& pw) const
 {
-	return InspIRCd::CheckPassword(password, passwordhash, pw);
+	if (nopassword)
+		return true; // <oper nopassword="yes">
+
+	return !password.empty() && InspIRCd::CheckPassword(password, passwordhash, pw);
 }