+
+ for (int i = 0; i < cf->Enumerate("oper"); i++)
+ {
+ LoginName = cf->ReadValue("oper", "name", i);
+ Password = cf->ReadValue("oper", "password", i);
+ OperType = cf->ReadValue("oper", "type", i);
+ HostName = cf->ReadValue("oper", "host", i);
+ FingerPrint = cf->ReadValue("oper", "fingerprint", i);
+ SSLOnly = cf->ReadFlag("oper", "sslonly", i);
+
+ if (SSLOnly || !FingerPrint.empty())
+ {
+ if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->OperPassCompare(Password.c_str(),parameters[1],i)) && (OneOfMatches(TheHost,TheIP,HostName.c_str())))
+ {
+ if (SSLOnly && !user->GetExt("ssl", dummy))
+ {
+ user->WriteServ("491 %s :This oper login name requires an SSL connection.", user->nick);
+ return 1;
+ }
+
+ /* This oper would match */
+ if ((!cert) || (cert->GetFingerprint() != FingerPrint))
+ {
+ user->WriteServ("491 %s :This oper login name requires a matching key fingerprint.",user->nick);
+ ServerInstance->SNO->WriteToSnoMask('o',"'%s' cannot oper, does not match fingerprint", user->nick);
+ ServerInstance->Log(DEFAULT,"OPER: Failed oper attempt by %s!%s@%s: credentials valid, but wrong fingerprint.",user->nick,user->ident,user->host);
+ return 1;
+ }
+ }
+ }
+ }