From 0a67b8861adfca7b09e59d9639e26b6bf71859a5 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Wed, 11 Mar 2020 14:32:46 +0000 Subject: Warn if the server config contains an unhashed password. This will be made a hard failure in v4. --- src/configreader.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/configreader.cpp') diff --git a/src/configreader.cpp b/src/configreader.cpp index 51f846f70..a43a9d78c 100644 --- a/src/configreader.cpp +++ b/src/configreader.cpp @@ -304,6 +304,14 @@ void ServerConfig::CrossCheckConnectBlocks(ServerConfig* current) me->maxconnwarn = tag->getBool("maxconnwarn", me->maxconnwarn); me->limit = tag->getUInt("limit", me->limit); me->resolvehostnames = tag->getBool("resolvehostnames", me->resolvehostnames); + me->password = tag->getString("password", me->password); + + me->passwordhash = tag->getString("hash", me->passwordhash); + if (!me->password.empty() && (me->passwordhash.empty() || stdalgo::string::equalsci(me->passwordhash, "plaintext"))) + { + ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEFAULT, " tag '%s' at %s contains an plain text password, this is insecure!", + name.c_str(), tag->getTagLocation().c_str()); + } std::string ports = tag->getString("port"); if (!ports.empty()) -- cgit v1.3.1-10-gc9f91