From a5986ac2d317d148074522007007a6aac85baadb Mon Sep 17 00:00:00 2001 From: Attila Molnar Date: Tue, 8 Apr 2014 16:48:10 +0200 Subject: [PATCH] m_spanningtree Don't rely on "m_sha256.so" being loaded, use any "hash/sha256" service provider --- src/modules/m_spanningtree/capab.cpp | 6 +++--- src/modules/m_spanningtree/hmac.cpp | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/modules/m_spanningtree/capab.cpp b/src/modules/m_spanningtree/capab.cpp index fe673f5c3..5d87b1578 100644 --- a/src/modules/m_spanningtree/capab.cpp +++ b/src/modules/m_spanningtree/capab.cpp @@ -129,7 +129,7 @@ void TreeSocket::SendCapabilities(int phase) std::string extra; /* Do we have sha256 available? If so, we send a challenge */ - if (ServerInstance->Modules->Find("m_sha256.so")) + if (ServerInstance->Modules->FindService(SERVICE_DATA, "hash/sha256")) { SetOurChallenge(ServerInstance->GenRandomStr(20)); extra = " CHALLENGE=" + this->GetOurChallenge(); @@ -312,7 +312,7 @@ bool TreeSocket::Capab(const parameterlist ¶ms) /* Challenge response, store their challenge for our password */ std::map::iterator n = this->capab->CapKeys.find("CHALLENGE"); - if ((n != this->capab->CapKeys.end()) && (ServerInstance->Modules->Find("m_sha256.so"))) + if ((n != this->capab->CapKeys.end()) && (ServerInstance->Modules->FindService(SERVICE_DATA, "hash/sha256"))) { /* Challenge-response is on now */ this->SetTheirChallenge(n->second); @@ -324,7 +324,7 @@ bool TreeSocket::Capab(const parameterlist ¶ms) } else { - /* They didnt specify a challenge or we don't have m_sha256.so, we use plaintext */ + // They didn't specify a challenge or we don't have sha256, we use plaintext if (this->LinkState == CONNECTING) { this->SendCapabilities(2); diff --git a/src/modules/m_spanningtree/hmac.cpp b/src/modules/m_spanningtree/hmac.cpp index 638f283fa..895323a02 100644 --- a/src/modules/m_spanningtree/hmac.cpp +++ b/src/modules/m_spanningtree/hmac.cpp @@ -51,7 +51,7 @@ std::string TreeSocket::MakePass(const std::string &password, const std::string /* This is a simple (maybe a bit hacky?) HMAC algorithm, thanks to jilles for * suggesting the use of HMAC to secure the password against various attacks. * - * Note: If m_sha256.so is not loaded, we MUST fall back to plaintext with no + * Note: If an sha256 provider is not available, we MUST fall back to plaintext with no * HMAC challenge/response. */ HashProvider* sha256 = ServerInstance->Modules->FindDataService("hash/sha256"); @@ -59,7 +59,7 @@ std::string TreeSocket::MakePass(const std::string &password, const std::string return "AUTH:" + BinToBase64(sha256->hmac(password, challenge)); if (!challenge.empty() && !sha256) - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Not authenticating to server using SHA256/HMAC because we don't have m_sha256 loaded!"); + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Not authenticating to server using SHA256/HMAC because we don't have an SHA256 provider (e.g. m_sha256) loaded!"); return password; } -- 2.39.5