diff options
author | Adam <Adam@anope.org> | 2016-09-02 22:57:03 -0400 |
---|---|---|
committer | Adam <Adam@anope.org> | 2016-09-03 10:51:21 -0400 |
commit | 74fafb7f11b06747f69f182ad5e3769b665eea7a (patch) | |
tree | ab689f9bccf5c1e3f9aedecb934eca055f8ea8a5 | |
parent | 5288575567d453ebd9dfbec44e4948599527dde9 (diff) |
m_sasl: don't allow AUTHENTICATE with mechanisms with a space
-rw-r--r-- | src/modules/m_sasl.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/modules/m_sasl.cpp b/src/modules/m_sasl.cpp index 9cb5592d1..16a15357f 100644 --- a/src/modules/m_sasl.cpp +++ b/src/modules/m_sasl.cpp @@ -189,6 +189,7 @@ class CommandAuthenticate : public Command : Command(Creator, "AUTHENTICATE", 1), authExt(ext), cap(Cap) { works_before_reg = true; + allow_empty_last_param = false; } CmdResult Handle (const std::vector<std::string>& parameters, User *user) @@ -199,6 +200,9 @@ class CommandAuthenticate : public Command if (!cap.ext.get(user)) return CMD_FAILURE; + if (parameters[0].find(' ') != std::string::npos || parameters[0][0] == ':') + return CMD_FAILURE; + SaslAuthenticator *sasl = authExt.get(user); if (!sasl) authExt.set(user, new SaslAuthenticator(user, parameters[0])); |