10 files changed, 17 insertions, 484 deletions
diff --git a/src/modules/hash.h b/src/modules/hash.h
index f7bf85e20..98a182165 100644
--- a/src/modules/hash.h
+++ b/src/modules/hash.h
@@ -40,20 +40,6 @@ class HashProvider : public DataProvider
 		return BinToBase64(sum(data), NULL, 0);
 	}
 
-	/** Allows the IVs for the hash to be specified. As the choice of initial IV is
-	 * important for the security of a hash, this should not be used except to
-	 * maintain backwards compatability. This also allows you to change the hex
-	 * sequence from its default of "0123456789abcdef", which does not improve the
-	 * strength of the output, but helps confuse those attempting to implement it.
-	 *
-	 * Example:
-	 * \code
-	 * unsigned int iv[] = { 0xFFFFFFFF, 0x00000000, 0xAAAAAAAA, 0xCCCCCCCC };
-	 * std::string result = Hash.sumIV(iv, "fedcba9876543210", "data");
-	 * \endcode
-	 */
-	virtual std::string sumIV(unsigned int* IV, const char* HexMap, const std::string &sdata) = 0;
-
 	/** HMAC algorithm, RFC 2104 */
 	std::string hmac(const std::string& key, const std::string& msg)
 	{
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp
index 105d68833..3ad0c7ab3 100644
--- a/src/modules/m_cloaking.cpp
+++ b/src/modules/m_cloaking.cpp
@@ -30,10 +30,6 @@
 
 enum CloakMode
 {
-	/** 1.2-compatible host-based cloak */
-	MODE_COMPAT_HOST,
-	/** 1.2-compatible IP-only cloak */
-	MODE_COMPAT_IPONLY,
 	/** 2.0 cloak of "half" of the hostname plus the full IP hash */
 	MODE_HALF_CLOAK,
 	/** 2.0 cloak of IP hash, split at 2 common CIDR range points */
@@ -147,7 +143,6 @@ class ModuleCloaking : public Module
 	std::string prefix;
 	std::string suffix;
 	std::string key;
-	unsigned int compatkey[4];
 	const char* xtab[4];
 	dynamic_reference<HashProvider> Hash;
 
@@ -224,63 +219,6 @@ class ModuleCloaking : public Module
 		return rv;
 	}
 
-	std::string CompatCloak4(const char* ip)
-	{
-		irc::sepstream seps(ip, '.');
-		std::string octet[4];
-		int i[4];
-
-		for (int j = 0; j < 4; j++)
-		{
-			seps.GetToken(octet[j]);
-			i[j] = atoi(octet[j].c_str());
-		}
-
-		octet[3] = octet[0] + "." + octet[1] + "." + octet[2] + "." + octet[3];
-		octet[2] = octet[0] + "." + octet[1] + "." + octet[2];
-		octet[1] = octet[0] + "." + octet[1];
-
-		/* Reset the Hash module and send it our IV */
-
-		std::string rv;
-
-		/* Send the Hash module a different hex table for each octet group's Hash sum */
-		for (int k = 0; k < 4; k++)
-		{
-			rv.append(Hash->sumIV(compatkey, xtab[(compatkey[k]+i[k]) % 4], octet[k]).substr(0,6));
-			if (k < 3)
-				rv.append(".");
-		}
-		/* Stick them all together */
-		return rv;
-	}
-
-	std::string CompatCloak6(const char* ip)
-	{
-		std::vector<std::string> hashies;
-		std::string item;
-		int rounds = 0;
-
-		/* Reset the Hash module and send it our IV */
-
-		for (const char* input = ip; *input; input++)
-		{
-			item += *input;
-			if (item.length() > 7)
-			{
-				hashies.push_back(Hash->sumIV(compatkey, xtab[(compatkey[0]+rounds) % 4], item).substr(0,8));
-				item.clear();
-			}
-			rounds++;
-		}
-		if (!item.empty())
-		{
-			hashies.push_back(Hash->sumIV(compatkey, xtab[(compatkey[0]+rounds) % 4], item).substr(0,8));
-		}
-		/* Stick them all together */
-		return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined();
-	}
-
 	std::string SegmentIP(const irc::sockets::sockaddrs& ip, bool full)
 	{
 		std::string bindata;
@@ -395,12 +333,6 @@ class ModuleCloaking : public Module
 		{
 			switch (mode)
 			{
-				case MODE_COMPAT_HOST:
-					testcloak = prefix + "-" + Hash->sumIV(compatkey, xtab[0], "*").substr(0,10);
-					break;
-				case MODE_COMPAT_IPONLY:
-					testcloak = Hash->sumIV(compatkey, xtab[0], "*").substr(0,10);
-					break;
 				case MODE_HALF_CLOAK:
 					testcloak = prefix + SegmentCloak("*", 3, 8) + suffix;
 					break;
@@ -418,75 +350,16 @@ class ModuleCloaking : public Module
 		suffix = tag->getString("suffix", ".IP");
 
 		std::string modestr = tag->getString("mode");
-		if (modestr == "compat-host")
-			mode = MODE_COMPAT_HOST;
-		else if (modestr == "compat-ip")
-			mode = MODE_COMPAT_IPONLY;
-		else if (modestr == "half")
+		if (modestr == "half")
 			mode = MODE_HALF_CLOAK;
 		else if (modestr == "full")
 			mode = MODE_OPAQUE;
 		else
-			throw ModuleException("Bad value for <cloak:mode>; must be one of compat-host, compat-ip, half, full");
-
-		if (mode == MODE_COMPAT_HOST || mode == MODE_COMPAT_IPONLY)
-		{
-			bool lowercase = tag->getBool("lowercase");
-
-			/* These are *not* using the need_positive parameter of ReadInteger -
-			 * that will limit the valid values to only the positive values in a
-			 * signed int. Instead, accept any value that fits into an int and
-			 * cast it to an unsigned int. That will, a bit oddly, give us the full
-			 * spectrum of an unsigned integer. - Special
-			 *
-			 * We must limit the keys or else we get different results on
-			 * amd64/x86 boxes. - psychon */
-			const unsigned int limit = 0x80000000;
-			compatkey[0] = (unsigned int) tag->getInt("key1");
-			compatkey[1] = (unsigned int) tag->getInt("key2");
-			compatkey[2] = (unsigned int) tag->getInt("key3");
-			compatkey[3] = (unsigned int) tag->getInt("key4");
-
-			if (!lowercase)
-			{
-				xtab[0] = "F92E45D871BCA630";
-				xtab[1] = "A1B9D80C72E653F4";
-				xtab[2] = "1ABC078934DEF562";
-				xtab[3] = "ABCDEF5678901234";
-			}
-			else
-			{
-				xtab[0] = "f92e45d871bca630";
-				xtab[1] = "a1b9d80c72e653f4";
-				xtab[2] = "1abc078934def562";
-				xtab[3] = "abcdef5678901234";
-			}
+			throw ModuleException("Bad value for <cloak:mode>; must be half or full");
 
-			if (prefix.empty())
-				prefix = ServerInstance->Config->Network;
-
-			if (!compatkey[0] || !compatkey[1] || !compatkey[2] || !compatkey[3] ||
-				compatkey[0] >= limit || compatkey[1] >= limit || compatkey[2] >= limit || compatkey[3] >= limit)
-			{
-				std::string detail;
-				if (!compatkey[0] || compatkey[0] >= limit)
-					detail = "<cloak:key1> is not valid, it may be set to a too high/low value, or it may not exist.";
-				else if (!compatkey[1] || compatkey[1] >= limit)
-					detail = "<cloak:key2> is not valid, it may be set to a too high/low value, or it may not exist.";
-				else if (!compatkey[2] || compatkey[2] >= limit)
-					detail = "<cloak:key3> is not valid, it may be set to a too high/low value, or it may not exist.";
-				else if (!compatkey[3] || compatkey[3] >= limit)
-					detail = "<cloak:key4> is not valid, it may be set to a too high/low value, or it may not exist.";
-
-				throw ModuleException("You have not defined cloak keys for m_cloaking!!! THIS IS INSECURE AND SHOULD BE CHECKED! - " + detail);
-			}
-		}
-		else
-		{
-			key = tag->getString("key");
-			if (key.empty() || key == "secret")
-				throw ModuleException("You have not defined cloak keys for m_cloaking. Define <cloak:key> as a network-wide secret.");
-		}
+		key = tag->getString("key");
+		if (key.empty() || key == "secret")
+			throw ModuleException("You have not defined cloak keys for m_cloaking. Define <cloak:key> as a network-wide secret.");
 	}
 
 	std::string GenCloak(const irc::sockets::sockaddrs& ip, const std::string& ipstr, const std::string& host)
@@ -495,29 +368,6 @@ class ModuleCloaking : public Module
 
 		switch (mode)
 		{
-			case MODE_COMPAT_HOST:
-			{
-				if (ipstr != host)
-				{
-					std::string tail = LastTwoDomainParts(host);
-
-					// xtab is not used here due to a bug in 1.2 cloaking
-					chost = prefix + "-" + Hash->sumIV(compatkey, "0123456789abcdef", host).substr(0,8) + tail;
-
-					/* Fix by brain - if the cloaked host is > the max length of a host (64 bytes
-					 * according to the DNS RFC) then they get cloaked as an IP.
-					 */
-					if (chost.length() <= 64)
-						break;
-				}
-				// fall through to IP cloak
-			}
-			case MODE_COMPAT_IPONLY:
-				if (ip.sa.sa_family == AF_INET6)
-					chost = CompatCloak6(ipstr.c_str());
-				else
-					chost = CompatCloak4(ipstr.c_str());
-				break;
 			case MODE_HALF_CLOAK:
 			{
 				if (ipstr != host)
diff --git a/src/modules/m_halfop.cpp b/src/modules/m_halfop.cpp
deleted file mode 100644
index 3194fcde8..000000000
--- a/src/modules/m_halfop.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
- * InspIRCd -- Internet Relay Chat Daemon
- *
- *   Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
- *
- * This file is part of InspIRCd.  InspIRCd is free software: you can
- * redistribute it and/or modify it under the terms of the GNU General Public
- * License as published by the Free Software Foundation, version 2.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-
-/* $ModDesc: Channel half-operator mode provider */
-
-#include "inspircd.h"
-
-class ModeChannelHalfOp : public ModeHandler
-{
- public:
-	ModeChannelHalfOp(Module* parent);
-	ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string &parameter, bool adding);
-	unsigned int GetPrefixRank();
-	void RemoveMode(Channel* channel, irc::modestacker* stack = NULL);
-	void RemoveMode(User* user, irc::modestacker* stack = NULL);
-
-	ModResult AccessCheck(User* src, Channel*, std::string& value, bool adding)
-	{
-		if (!adding && src->nick == value)
-			return MOD_RES_ALLOW;
-		return MOD_RES_PASSTHRU;
-	}
-};
-
-ModeChannelHalfOp::ModeChannelHalfOp(Module* parent) : ModeHandler(parent, "halfop", 'h', PARAM_ALWAYS, MODETYPE_CHANNEL)
-{
-	list = true;
-	prefix = '%';
-	levelrequired = OP_VALUE;
-	m_paramtype = TR_NICK;
-}
-
-unsigned int ModeChannelHalfOp::GetPrefixRank()
-{
-	return HALFOP_VALUE;
-}
-
-void ModeChannelHalfOp::RemoveMode(Channel* channel, irc::modestacker* stack)
-{
-	const UserMembList* clist = channel->GetUsers();
-
-	for (UserMembCIter i = clist->begin(); i != clist->end(); i++)
-	{
-		if (stack)
-		{
-			stack->Push(this->GetModeChar(), i->first->nick);
-		}
-		else
-		{
-			std::vector<std::string> parameters;
-			parameters.push_back(channel->name);
-			parameters.push_back("-h");
-			parameters.push_back(i->first->nick);
-			ServerInstance->SendMode(parameters, ServerInstance->FakeClient);
-		}
-	}
-
-}
-
-void ModeChannelHalfOp::RemoveMode(User*, irc::modestacker* stack)
-{
-}
-
-ModeAction ModeChannelHalfOp::OnModeChange(User* source, User*, Channel* channel, std::string &parameter, bool adding)
-{
-	return MODEACTION_ALLOW;
-}
-
-class ModuleHalfop : public Module
-{
-	ModeChannelHalfOp mh;
- public:
-	ModuleHalfop() : mh(this)
-	{
-	}
-
-	void init()
-	{
-		ServerInstance->Modules->AddService(mh);
-	}
-
-	Version GetVersion()
-	{
-		return Version("Channel half-operator mode provider", VF_VENDOR);
-	}
-};
-
-MODULE_INIT(ModuleHalfop)
diff --git a/src/modules/m_md5.cpp b/src/modules/m_md5.cpp
index 14ccf16a8..c42507ea1 100644
--- a/src/modules/m_md5.cpp
+++ b/src/modules/m_md5.cpp
@@ -275,13 +275,6 @@ class MD5Provider : public HashProvider
 		return std::string(res, 16);
 	}
 
-	std::string sumIV(unsigned int* IV, const char* HexMap, const std::string &sdata)
-	{
-		char res[33];
-		GenHash(sdata.data(), res, HexMap, IV, sdata.length());
-		return res;
-	}
-
 	MD5Provider(Module* parent) : HashProvider(parent, "hash/md5", 16, 64) {}
 };
 
diff --git a/src/modules/m_ripemd160.cpp b/src/modules/m_ripemd160.cpp
index 6ceb4b481..3c76ed1d6 100644
--- a/src/modules/m_ripemd160.cpp
+++ b/src/modules/m_ripemd160.cpp
@@ -451,11 +451,6 @@ public:
 		return std::string(rv, RMDsize / 8);
 	}
 
-	std::string sumIV(unsigned int* IV, const char* HexMap, const std::string &sdata)
-	{
-		return "";
-	}
-
 	RIProv(Module* m) : HashProvider(m, "hash/ripemd160", 20, 64) {}
 };
 
diff --git a/src/modules/m_sha256.cpp b/src/modules/m_sha256.cpp
index 86970968a..360b18ddd 100644
--- a/src/modules/m_sha256.cpp
+++ b/src/modules/m_sha256.cpp
@@ -263,11 +263,6 @@ class HashSHA256 : public HashProvider
 		return std::string((char*)bytes, SHA256_DIGEST_SIZE);
 	}
 
-	std::string sumIV(unsigned int* IV, const char* HexMap, const std::string &sdata)
-	{
-		return "";
-	}
-
 	HashSHA256(Module* parent) : HashProvider(parent, "hash/sha256", 32, 64) {}
 };
 
diff --git a/src/modules/m_spanningtree/capab.cpp b/src/modules/m_spanningtree/capab.cpp
index 62afe5974..cf0fde3e8 100644
--- a/src/modules/m_spanningtree/capab.cpp
+++ b/src/modules/m_spanningtree/capab.cpp
@@ -40,17 +40,14 @@ std::string TreeSocket::MyModules(int filter)
 	for (std::vector<std::string>::const_iterator i = modlist.begin(); i != modlist.end(); ++i)
 	{
 		if (i != modlist.begin())
-			capabilities.push_back(proto_version > 1201 ? ' ' : ',');
+			capabilities.push_back(' ');
 		capabilities.append(*i);
 		Module* m = ServerInstance->Modules->Find(*i);
-		if (m && proto_version > 1201)
+		Version v = m->GetVersion();
+		if (!v.link_data.empty())
 		{
-			Version v = m->GetVersion();
-			if (!v.link_data.empty())
-			{
-				capabilities.push_back('=');
-				capabilities.append(v.link_data);
-			}
+			capabilities.push_back('=');
+			capabilities.append(v.link_data);
 		}
 	}
 	return capabilities;
@@ -90,7 +87,7 @@ void TreeSocket::SendCapabilities(int phase)
 	if (phase < 2)
 		return;
 
-	char sep = proto_version > 1201 ? ' ' : ',';
+	const char sep = ' ';
 	irc::sepstream modulelist(MyModules(VF_COMMON), sep);
 	irc::sepstream optmodulelist(MyModules(VF_OPTCOMMON), sep);
 	/* Send module names, split at 509 length */
@@ -139,8 +136,6 @@ void TreeSocket::SendCapabilities(int phase)
 		SetOurChallenge(ServerInstance->GenRandomStr(20));
 		extra = " CHALLENGE=" + this->GetOurChallenge();
 	}
-	if (proto_version < 1202)
-		extra += ServerInstance->Modes->FindMode('h', MODETYPE_CHANNEL) ? " HALFOP=1" : " HALFOP=0";
 
 	this->WriteLine("CAPAB CAPABILITIES " /* Preprocessor does this one. */
 			":NICKMAX="+ConvToStr(ServerInstance->Config->Limits.NickMax)+
@@ -212,7 +207,7 @@ bool TreeSocket::Capab(const parameterlist &params)
 		if ((this->capab->ModuleList != this->MyModules(VF_COMMON)) && (this->capab->ModuleList.length()))
 		{
 			std::string diffIneed, diffUneed;
-			ListDifference(this->capab->ModuleList, this->MyModules(VF_COMMON), proto_version > 1201 ? ' ' : ',', diffIneed, diffUneed);
+			ListDifference(this->capab->ModuleList, this->MyModules(VF_COMMON), ' ', diffIneed, diffUneed);
 			if (diffIneed.length() || diffUneed.length())
 			{
 				reason = "Modules incorrectly matched on these servers.";
@@ -348,7 +343,7 @@ bool TreeSocket::Capab(const parameterlist &params)
 		}
 		else
 		{
-			capab->ModuleList.push_back(proto_version > 1201 ? ' ' : ',');
+			capab->ModuleList.push_back(' ');
 			capab->ModuleList.append(params[1]);
 		}
 	}
diff --git a/src/modules/m_spanningtree/compat.cpp b/src/modules/m_spanningtree/compat.cpp
index ec0cdb036..92f2bc8f4 100644
--- a/src/modules/m_spanningtree/compat.cpp
+++ b/src/modules/m_spanningtree/compat.cpp
@@ -21,96 +21,8 @@
 #include "main.h"
 #include "treesocket.h"
 
-static const char* const forge_common_1201[] = {
-	"m_allowinvite.so",
-	"m_alltime.so",
-	"m_auditorium.so",
-	"m_banexception.so",
-	"m_blockcaps.so",
-	"m_blockcolor.so",
-	"m_botmode.so",
-	"m_censor.so",
-	"m_chanfilter.so",
-	"m_chanhistory.so",
-	"m_channelban.so",
-	"m_chanprotect.so",
-	"m_chghost.so",
-	"m_chgname.so",
-	"m_commonchans.so",
-	"m_customtitle.so",
-	"m_deaf.so",
-	"m_delayjoin.so",
-	"m_delaymsg.so",
-	"m_exemptchanops.so",
-	"m_gecosban.so",
-	"m_globops.so",
-	"m_helpop.so",
-	"m_hidechans.so",
-	"m_hideoper.so",
-	"m_invisible.so",
-	"m_inviteexception.so",
-	"m_joinflood.so",
-	"m_kicknorejoin.so",
-	"m_knock.so",
-	"m_messageflood.so",
-	"m_muteban.so",
-	"m_nickflood.so",
-	"m_nicklock.so",
-	"m_noctcp.so",
-	"m_nokicks.so",
-	"m_nonicks.so",
-	"m_nonotice.so",
-	"m_nopartmsg.so",
-	"m_ojoin.so",
-	"m_operprefix.so",
-	"m_permchannels.so",
-	"m_redirect.so",
-	"m_regex_glob.so",
-	"m_regex_pcre.so",
-	"m_regex_posix.so",
-	"m_regex_tre.so",
-	"m_remove.so",
-	"m_sajoin.so",
-	"m_sakick.so",
-	"m_sanick.so",
-	"m_sapart.so",
-	"m_saquit.so",
-	"m_serverban.so",
-	"m_services_account.so",
-	"m_servprotect.so",
-	"m_setident.so",
-	"m_showwhois.so",
-	"m_silence.so",
-	"m_sslmodes.so",
-	"m_stripcolor.so",
-	"m_swhois.so",
-	"m_uninvite.so",
-	"m_watch.so"
-};
-
-static std::string wide_newline("\r\n");
 static std::string newline("\n");
 
-void TreeSocket::CompatAddModules(std::vector<std::string>& modlist)
-{
-	if (proto_version < 1202)
-	{
-		// you MUST have chgident loaded in order to be able to translate FIDENT
-		modlist.push_back("m_chgident.so");
-		for(int i=0; i * sizeof(char*) < sizeof(forge_common_1201); i++)
-		{
-			if (ServerInstance->Modules->Find(forge_common_1201[i]))
-				modlist.push_back(forge_common_1201[i]);
-		}
-		// module was merged
-		if (ServerInstance->Modules->Find("m_operchans.so"))
-		{
-			modlist.push_back("m_operchans.so");
-			modlist.push_back("m_operinvex.so");
-		}
-	}
-}
-
 void TreeSocket::WriteLine(std::string line)
 {
 	if (LinkState == CONNECTED)
@@ -127,70 +39,10 @@ void TreeSocket::WriteLine(std::string line)
 			std::string command = line.substr(a + 1, b-a-1);
 			// now try to find a translation entry
 			// TODO a more efficient lookup method will be needed later
-			if (proto_version < 1202 && command == "FIDENT")
-			{
-				ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Rewriting FIDENT for 1201-protocol server");
-				line = ":" + ServerInstance->Config->GetSID() + " CHGIDENT " +  line.substr(1,a-1) + line.substr(b);
-			}
-			else if (proto_version < 1202 && command == "SAVE")
-			{
-				ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Rewriting SAVE for 1201-protocol server");
-				std::string::size_type c = line.find(' ', b + 1);
-				std::string uid = line.substr(b, c - b);
-				line = ":" + ServerInstance->Config->GetSID() + " SVSNICK" + uid + line.substr(b);
-			}
-			else if (proto_version < 1202 && command == "AWAY")
-			{
-				if (b != std::string::npos)
-				{
-					ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Stripping AWAY timestamp for 1201-protocol server");
-					std::string::size_type c = line.find(' ', b + 1);
-					line.erase(b,c-b);
-				}
-			}
-			else if (proto_version < 1202 && command == "ENCAP")
-			{
-				// :src ENCAP target command [args...]
-				//     A     B      C       D
-				// Therefore B and C cannot be npos in a valid command
-				if (b == std::string::npos)
-					return;
-				std::string::size_type c = line.find(' ', b + 1);
-				if (c == std::string::npos)
-					return;
-				std::string::size_type d = line.find(' ', c + 1);
-				std::string subcmd = line.substr(c + 1, d - c - 1);
-
-				if (subcmd == "CHGIDENT" && d != std::string::npos)
-				{
-					std::string::size_type e = line.find(' ', d + 1);
-					if (e == std::string::npos)
-						return; // not valid
-					std::string target = line.substr(d + 1, e - d - 1);
-
-					ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Forging acceptance of CHGIDENT from 1201-protocol server");
-					recvq.insert(0, ":" + target + " FIDENT " + line.substr(e) + "\n");
-				}
-
-				Command* thiscmd = ServerInstance->Parser->GetHandler(subcmd);
-				if (thiscmd && subcmd != "WHOISNOTICE")
-				{
-					Version ver = thiscmd->creator->GetVersion();
-					if (ver.Flags & VF_OPTCOMMON)
-					{
-						ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Removing ENCAP on '%s' for 1201-protocol server",
-							subcmd.c_str());
-						line.erase(a, c-a);
-					}
-				}
-			}
 		}
 	}
 
 	ServerInstance->Logs->Log("m_spanningtree", RAWIO, "S[%d] O %s", this->GetFd(), line.c_str());
 	this->WriteData(line);
-	if (proto_version < 1202)
-		this->WriteData(wide_newline);
-	else
-		this->WriteData(newline);
+	this->WriteData(newline);
 }
diff --git a/src/modules/m_spanningtree/hmac.cpp b/src/modules/m_spanningtree/hmac.cpp
index d990e1fbf..65b3a5997 100644
--- a/src/modules/m_spanningtree/hmac.cpp
+++ b/src/modules/m_spanningtree/hmac.cpp
@@ -62,38 +62,9 @@ std::string TreeSocket::MakePass(const std::string &password, const std::string
 	 */
 	HashProvider* sha256 = ServerInstance->Modules->FindDataService<HashProvider>("hash/sha256");
 	if (Utils->ChallengeResponse && sha256 && !challenge.empty())
-	{
-		if (proto_version < 1202)
-		{
-			/* This is how HMAC is done in InspIRCd 1.2:
-			 *
-			 * sha256( (pass xor 0x5c) + sha256((pass xor 0x36) + m) )
-			 *
-			 * 5c and 36 were chosen as part of the HMAC standard, because they
-			 * flip the bits in a way likely to strengthen the function.
-			 */
-			std::string hmac1, hmac2;
-
-			for (size_t n = 0; n < password.length(); n++)
-			{
-				hmac1.push_back(static_cast<char>(password[n] ^ 0x5C));
-				hmac2.push_back(static_cast<char>(password[n] ^ 0x36));
-			}
-
-			hmac2.append(challenge);
-			hmac2 = sha256->hexsum(hmac2);
-		
-			std::string hmac = hmac1 + hmac2;
-			hmac = sha256->hexsum(hmac);
+		return "AUTH:" + BinToBase64(sha256->hmac(password, challenge));
 
-			return "HMAC-SHA256:"+ hmac;
-		}
-		else
-		{
-			return "AUTH:" + BinToBase64(sha256->hmac(password, challenge));
-		}
-	}
-	else if (!challenge.empty() && !sha256)
+	if (!challenge.empty() && !sha256)
 		ServerInstance->Logs->Log("m_spanningtree",DEFAULT,"Not authenticating to server using SHA256/HMAC because we don't have m_sha256 loaded!");
 
 	return password;
diff --git a/src/modules/m_spanningtree/main.h b/src/modules/m_spanningtree/main.h
index ae6e2e602..1a16d72bb 100644
--- a/src/modules/m_spanningtree/main.h
+++ b/src/modules/m_spanningtree/main.h
@@ -37,7 +37,7 @@
  * painful death by pain. You have been warned.
  */
 const long ProtocolVersion = 1202;
-const long MinCompatProtocol = 1201;
+const long MinCompatProtocol = 1202;
 
 /** Forward declarations
  */