diff options
| author | 2020-03-11 14:32:46 +0000 | |
|---|---|---|
| committer | 2020-03-11 15:06:19 +0000 | |
| commit | 0a67b8861adfca7b09e59d9639e26b6bf71859a5 (patch) | |
| tree | a478051a877b14b9a225e529949e90725f9412bd /src/modules/m_cgiirc.cpp | |
| parent | Fix detection of the "plaintext" pseudo-hash being case sensitive. (diff) | |
Warn if the server config contains an unhashed password.
This will be made a hard failure in v4.
Diffstat (limited to 'src/modules/m_cgiirc.cpp')
| -rw-r--r-- | src/modules/m_cgiirc.cpp | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/modules/m_cgiirc.cpp b/src/modules/m_cgiirc.cpp index 94fc99db1..d4a02859d 100644 --- a/src/modules/m_cgiirc.cpp +++ b/src/modules/m_cgiirc.cpp @@ -307,12 +307,19 @@ class ModuleCgiIRC // The IP address will be received via the WEBIRC command. const std::string fingerprint = tag->getString("fingerprint"); const std::string password = tag->getString("password"); + const std::string passwordhash = tag->getString("hash", "plaintext", 1); // WebIRC blocks require a password. if (fingerprint.empty() && password.empty()) throw ModuleException("When using <cgihost type=\"webirc\"> either the fingerprint or password field is required, at " + tag->getTagLocation()); - webirchosts.push_back(WebIRCHost(mask, fingerprint, password, tag->getString("hash"))); + if (!password.empty() && stdalgo::string::equalsci(passwordhash, "plaintext")) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "<cgihost> tag at %s contains an plain text password, this is insecure!", + tag->getTagLocation().c_str()); + } + + webirchosts.push_back(WebIRCHost(mask, fingerprint, password, passwordhash)); } else { |
