1
0
mirror of https://github.com/anope/anope.git synced 2026-07-10 05:23:14 +02:00

Reject registrations and password changes if password encryption fails.

This commit is contained in:
Sadie Powell
2024-03-11 19:37:11 +00:00
parent 6ad3430ac4
commit 02355546ff
5 changed files with 31 additions and 11 deletions
+1 -1
View File
@@ -470,7 +470,7 @@ namespace Anope
* @param src The source string to encrypt
* @param dest The destination where the encrypted string is placed
*/
extern CoreExport void Encrypt(const Anope::string &src, Anope::string &dest);
extern CoreExport bool Encrypt(const Anope::string &src, Anope::string &dest);
/** Hashes a buffer with SipHash-2-4
* @param src The start of the buffer to hash
+8 -2
View File
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: Anope\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2024-03-09 21:00+0000\n"
"PO-Revision-Date: 2024-03-09 21:00+0000\n"
"POT-Creation-Date: 2024-03-11 19:36+0000\n"
"PO-Revision-Date: 2024-03-11 19:36+0000\n"
"Last-Translator: Sadie Powell <sadie@witchery.services>\n"
"Language-Team: English\n"
"Language: en_US\n"
@@ -1803,6 +1803,9 @@ msgstr "Account"
msgid "Account %s has already reached the maximum number of simultaneous logins (%u)."
msgstr "Account %s has already reached the maximum number of simultaneous logins (%u)."
msgid "Accounts can not be registered right now. Please try again later."
msgstr "Accounts can not be registered right now. Please try again later."
msgid "Activate the requested vHost for the given nick."
msgstr "Activate the requested vHost for the given nick."
@@ -5292,6 +5295,9 @@ msgstr "Password incorrect."
msgid "Password reset email for %s has been sent."
msgstr "Password reset email for %s has been sent."
msgid "Passwords can not be changed right now. Please try again later."
msgstr "Passwords can not be changed right now. Please try again later."
#, c-format
msgid "Passwords encrypted with %s: %zu"
msgstr "Passwords encrypted with %s: %zu"
+8 -1
View File
@@ -211,10 +211,17 @@ public:
source.Reply(MAIL_X_INVALID, email.c_str());
else
{
Anope::string encpass;
if (!Anope::Encrypt(pass, encpass))
{
source.Reply(_("Accounts can not be registered right now. Please try again later."));
return;
}
auto *nc = new NickCore(u_nick);
auto *na = new NickAlias(u_nick, nc);
Anope::Encrypt(pass, nc->pass);
nc->email = email;
nc->pass = encpass;
if (u)
{
+12 -5
View File
@@ -148,9 +148,13 @@ public:
return;
}
Log(LOG_COMMAND, source, this) << "to change their password";
if (!Anope::Encrypt(param, source.nc->pass))
{
source.Reply(_("Passwords can not be changed right now. Please try again later."));
return;
}
Anope::Encrypt(param, source.nc->pass);
Log(LOG_COMMAND, source, this) << "to change their password";
source.Reply(_("Password for \002%s\002 changed."), source.nc->display.c_str());
}
@@ -218,10 +222,13 @@ public:
return;
}
Log(LOG_ADMIN, source, this) << "to change the password of " << nc->display;
if (!Anope::Encrypt(params[1], nc->pass))
{
source.Reply(_("Passwords can not be changed right now. Please try again later."));
return;
}
Anope::Encrypt(params[1], nc->pass);
Anope::string tmp_pass;
Log(LOG_ADMIN, source, this) << "to change the password of " << nc->display;
source.Reply(_("Password for \002%s\002 changed."), nc->display.c_str());
}
+2 -2
View File
@@ -494,11 +494,11 @@ bool Anope::Match(const Anope::string &str, const Anope::string &mask, bool case
return m == mask_len;
}
void Anope::Encrypt(const Anope::string &src, Anope::string &dest)
bool Anope::Encrypt(const Anope::string &src, Anope::string &dest)
{
EventReturn MOD_RESULT;
FOREACH_RESULT(OnEncrypt, MOD_RESULT, (src, dest));
static_cast<void>(MOD_RESULT);
return MOD_RESULT == EVENT_ALLOW &&!dest.empty();
}
Anope::string Anope::printf(const char *fmt, ...)