summaryrefslogtreecommitdiff
path: root/src/modules/m_cgiirc.cpp
diff options
context:
space:
mode:
authorPeter Powell <petpow@saberuk.com>2017-10-15 13:38:50 +0100
committerPeter Powell <petpow@saberuk.com>2017-10-15 17:18:11 +0100
commit907a37967c2d18475ae32f00113431768cf71229 (patch)
treef8461b23e067df30ed5aaba41e38a32d09681d8a /src/modules/m_cgiirc.cpp
parentc2ea260d6307c8cb3b4d7a814a92d7383fe37f82 (diff)
Add support for hashed WebIRC passwords to m_cgiirc.
Diffstat (limited to 'src/modules/m_cgiirc.cpp')
-rw-r--r--src/modules/m_cgiirc.cpp8
1 files changed, 5 insertions, 3 deletions
diff --git a/src/modules/m_cgiirc.cpp b/src/modules/m_cgiirc.cpp
index c00c9bba3..f5584e264 100644
--- a/src/modules/m_cgiirc.cpp
+++ b/src/modules/m_cgiirc.cpp
@@ -41,18 +41,20 @@ class WebIRCHost
private:
const std::string hostmask;
const std::string password;
+ const std::string passhash;
public:
- WebIRCHost(const std::string& mask, const std::string& pass)
+ WebIRCHost(const std::string& mask, const std::string& pass, const std::string& hash)
: hostmask(mask)
, password(pass)
+ , passhash(hash)
{
}
bool Matches(LocalUser* user, const std::string& pass) const
{
// Did the user send a valid password?
- if (!InspIRCd::TimingSafeCompare(password, pass))
+ if (!ServerInstance->PassCompare(user, password, pass, passhash))
return false;
// Does the user's hostname match our hostmask?
@@ -294,7 +296,7 @@ public:
if (password.empty())
throw ModuleException("When using <cgihost type=\"webirc\"> the password field is required, at " + tag->getTagLocation());
- webirchosts.push_back(WebIRCHost(mask, password));
+ webirchosts.push_back(WebIRCHost(mask, password, tag->getString("hash")));
}
else
{