X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_oper_cert.cpp;h=c99dfa2e20a0331a211d093d461fc0460f49edf8;hb=813bc55a8496875cef52e6da42d608e4d2fa35da;hp=312ec874b13bf2f0c2d5fdfb13b4159613c40424;hpb=dd36852a52e8541306b76c5b88bce8ab9b36654c;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_ssl_oper_cert.cpp b/src/modules/extra/m_ssl_oper_cert.cpp
index 312ec874b..c99dfa2e2 100644
--- a/src/modules/extra/m_ssl_oper_cert.cpp
+++ b/src/modules/extra/m_ssl_oper_cert.cpp
@@ -33,7 +33,7 @@ class cmd_fingerprint : public Command
 		syntax = "<nickname>";
 	}       
 	          
-	CmdResult Handle (const char* const* parameters, int pcnt, User *user)
+	CmdResult Handle (const std::vector<std::string> &parameters, User *user)
 	{
 		User* target = ServerInstance->FindNick(parameters[0]);
 		if (target)
@@ -43,24 +43,24 @@ class cmd_fingerprint : public Command
 			{
 				if (cert->GetFingerprint().length())
 				{
-					user->WriteServ("NOTICE %s :Certificate fingerprint for %s is %s",user->nick,target->nick,cert->GetFingerprint().c_str());
+					user->WriteServ("NOTICE %s :Certificate fingerprint for %s is %s",user->nick.c_str(),target->nick.c_str(),cert->GetFingerprint().c_str());
 					return CMD_SUCCESS;
 				}
 				else
 				{
-					user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick,target->nick);
+					user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick.c_str(),target->nick.c_str());
 					return CMD_FAILURE;
 				}
 			}
 			else
 			{
-				user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick, target->nick);
+				user->WriteServ("NOTICE %s :Certificate fingerprint for %s does not exist!", user->nick.c_str(), target->nick.c_str());
 				return CMD_FAILURE;
 			}
 		}
 		else
 		{
-			user->WriteServ("401 %s %s :No such nickname", user->nick, parameters[0]);
+			user->WriteNumeric(401, "%s %s :No such nickname", user->nick.c_str(), parameters[0].c_str());
 			return CMD_FAILURE;
 		}
 	}
@@ -104,7 +104,7 @@ class ModuleOperSSLCert : public Module
 		std::string xhost;
 		while (hl >> xhost)
 		{
-			if (match(host,xhost.c_str()) || match(ip,xhost.c_str(),true))
+			if (match(host, xhost) || match(ip, xhost, true))
 			{
 				return true;
 			}
@@ -112,7 +112,7 @@ class ModuleOperSSLCert : public Module
 		return false;
 	}
 
-	virtual int OnPreCommand(const std::string &command, const char* const* parameters, int pcnt, User *user, bool validated, const std::string &original_line)
+	virtual int OnPreCommand(const std::string &command, const std::vector<std::string> &parameters, User *user, bool validated, const std::string &original_line)
 	{
 		irc::string cmd = command.c_str();
 		
@@ -129,8 +129,8 @@ class ModuleOperSSLCert : public Module
 			bool SSLOnly;
 			char* dummy;
 
-			snprintf(TheHost,MAXBUF,"%s@%s",user->ident,user->host);
-			snprintf(TheIP, MAXBUF,"%s@%s",user->ident,user->GetIPString());
+			snprintf(TheHost,MAXBUF,"%s@%s",user->ident.c_str(),user->host.c_str());
+			snprintf(TheIP, MAXBUF,"%s@%s",user->ident.c_str(),user->GetIPString());
 
 			HasCert = user->GetExt("ssl_cert",cert);
 
@@ -144,34 +144,44 @@ class ModuleOperSSLCert : public Module
 				FingerPrint = cf->ReadValue("oper", "fingerprint", i);
 				SSLOnly = cf->ReadFlag("oper", "sslonly", i);
 
-				if (SSLOnly || !FingerPrint.empty())
+				if (FingerPrint.empty() && !SSLOnly)
+					continue;
+
+				if (LoginName != parameters[0])
+					continue;
+
+				if (!OneOfMatches(TheHost, TheIP, HostName.c_str()))
+					continue;
+
+				if (Password.length() && !ServerInstance->PassCompare(user, Password.c_str(),parameters[1].c_str(), HashType.c_str()))
+					continue;
+
+				if (SSLOnly && !user->GetExt("ssl", dummy))
 				{
-					if ((!strcmp(LoginName.c_str(),parameters[0])) && (!ServerInstance->PassCompare(user, Password.c_str(),parameters[1], HashType.c_str())) && (OneOfMatches(TheHost,TheIP,HostName.c_str())))
-					{
-						if (SSLOnly && !user->GetExt("ssl", dummy))
-						{
-							user->WriteServ("491 %s :This oper login name requires an SSL connection.", user->nick);
-							return 1;
-						}
-
-						/* This oper would match */
-						if ((!cert) || (cert->GetFingerprint() != FingerPrint))
-						{
-							user->WriteServ("491 %s :This oper login name requires a matching key fingerprint.",user->nick);
-							ServerInstance->SNO->WriteToSnoMask('o',"'%s' cannot oper, does not match fingerprint", user->nick);
-							ServerInstance->Log(DEFAULT,"OPER: Failed oper attempt by %s!%s@%s: credentials valid, but wrong fingerprint.",user->nick,user->ident,user->host);
-							return 1;
-						}
-					}
+					user->WriteNumeric(491, "%s :This oper login name requires an SSL connection.", user->nick.c_str());
+					return 1;
+				}
+
+				/*
+				 * No cert found or the fingerprint doesn't match
+				 */
+				if ((!cert) || (cert->GetFingerprint() != FingerPrint))
+				{
+					user->WriteNumeric(491, "%s :This oper login name requires a matching key fingerprint.",user->nick.c_str());
+					ServerInstance->SNO->WriteToSnoMask('o',"'%s' cannot oper, does not match fingerprint", user->nick.c_str());
+					ServerInstance->Logs->Log("m_ssl_oper_cert",DEFAULT,"OPER: Failed oper attempt by %s!%s@%s: credentials valid, but wrong fingerprint.", user->nick.c_str(), user->ident.c_str(), user->host.c_str());
+					return 1;
 				}
 			}
 		}
+
+		// Let core handle it for extra stuff
 		return 0;
 	}
 
 	virtual Version GetVersion()
 	{
-		return Version(1,1,0,0,VF_VENDOR,API_VERSION);
+		return Version(1,2,0,0,VF_VENDOR,API_VERSION);
 	}
 };