From 8562445038d078d2524ae00acb10ca5850109008 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Sun, 9 Nov 2025 11:38:51 +0000 Subject: [PATCH] Fix double lookups on accounts when authenticating. --- include/account.h | 4 ++-- modules/encryption/enc_bcrypt.cpp | 4 ++-- modules/encryption/enc_md5.cpp | 4 ++-- modules/encryption/enc_none.cpp | 4 ++-- modules/encryption/enc_sha1.cpp | 4 ++-- modules/encryption/enc_sha2.cpp | 4 ++-- modules/encryption/enc_sha256.cpp | 4 ++-- modules/extra/enc_argon2.cpp | 4 ++-- modules/extra/enc_posix.cpp | 4 ++-- modules/ldap_authentication.cpp | 2 +- modules/nickserv/ns_group.cpp | 4 ++-- modules/nickserv/ns_identify.cpp | 23 ++++++++--------------- modules/nickserv/ns_recover.cpp | 11 +++-------- modules/nickserv/ns_sasl_plain.cpp | 12 ++++++------ modules/rpc/rpc_user.cpp | 6 +----- modules/sql_authentication.cpp | 2 +- modules/webcpanel/pages/index.cpp | 8 +------- src/account.cpp | 4 ++-- 18 files changed, 43 insertions(+), 65 deletions(-) diff --git a/include/account.h b/include/account.h index c3ca8ee1f..e5eca188d 100644 --- a/include/account.h +++ b/include/account.h @@ -230,7 +230,7 @@ protected: public: /* One of these is called when the request goes through */ - virtual void OnSuccess() = 0; + virtual void OnSuccess(NickAlias *na) = 0; virtual void OnFail() = 0; Module *GetOwner() const { return owner; } @@ -256,7 +256,7 @@ public: * If this request is behind held it must still be Released after calling this. * @param m The module confirming authentication */ - void Success(Module *m); + void Success(Module *m, NickAlias *na); /** Used to either finalize this request or marks * it as dispatched and begins waiting for the module(s) diff --git a/modules/encryption/enc_bcrypt.cpp b/modules/encryption/enc_bcrypt.cpp index 75d6e2c6b..5b38eb3ea 100644 --- a/modules/encryption/enc_bcrypt.cpp +++ b/modules/encryption/enc_bcrypt.cpp @@ -129,7 +129,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -161,7 +161,7 @@ public: // encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this || (rounds && rounds != BCryptContext::rounds)) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } diff --git a/modules/encryption/enc_md5.cpp b/modules/encryption/enc_md5.cpp index f4639ab53..cdc244c68 100644 --- a/modules/encryption/enc_md5.cpp +++ b/modules/encryption/enc_md5.cpp @@ -63,7 +63,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -83,7 +83,7 @@ public: // the password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/encryption/enc_none.cpp b/modules/encryption/enc_none.cpp index f6970fa1f..2ed7dab0a 100644 --- a/modules/encryption/enc_none.cpp +++ b/modules/encryption/enc_none.cpp @@ -22,7 +22,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -42,7 +42,7 @@ public: // the password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/encryption/enc_sha1.cpp b/modules/encryption/enc_sha1.cpp index 1334a499b..1b34a9291 100644 --- a/modules/encryption/enc_sha1.cpp +++ b/modules/encryption/enc_sha1.cpp @@ -187,7 +187,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -207,7 +207,7 @@ public: // the password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/encryption/enc_sha2.cpp b/modules/encryption/enc_sha2.cpp index 6f7a2b7cb..2d6ea7189 100644 --- a/modules/encryption/enc_sha2.cpp +++ b/modules/encryption/enc_sha2.cpp @@ -146,7 +146,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -207,7 +207,7 @@ public: // password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this || !is_hmac || provider != defaultprovider) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/encryption/enc_sha256.cpp b/modules/encryption/enc_sha256.cpp index 17dc5dee1..47a0c0794 100644 --- a/modules/encryption/enc_sha256.cpp +++ b/modules/encryption/enc_sha256.cpp @@ -64,7 +64,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -85,7 +85,7 @@ public: // the password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/extra/enc_argon2.cpp b/modules/extra/enc_argon2.cpp index ecfd94d4b..88b7291d5 100644 --- a/modules/extra/enc_argon2.cpp +++ b/modules/extra/enc_argon2.cpp @@ -186,7 +186,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -208,7 +208,7 @@ public: // encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this || provider != defaultprovider) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/extra/enc_posix.cpp b/modules/extra/enc_posix.cpp index 7bcfc1fea..f8eda79d1 100644 --- a/modules/extra/enc_posix.cpp +++ b/modules/extra/enc_posix.cpp @@ -23,7 +23,7 @@ public: void OnCheckAuthentication(User *, IdentifyRequest *req) override { - const auto *na = NickAlias::Find(req->GetAccount()); + auto *na = NickAlias::Find(req->GetAccount()); if (!na) return; @@ -43,7 +43,7 @@ public: // the password with the primary encryption method. if (ModuleManager::FindFirstOf(ENCRYPTION) != this) Anope::Encrypt(req->GetPassword(), nc->pass); - req->Success(this); + req->Success(this, na); } } }; diff --git a/modules/ldap_authentication.cpp b/modules/ldap_authentication.cpp index 6d57599e7..34ff1c9ab 100644 --- a/modules/ldap_authentication.cpp +++ b/modules/ldap_authentication.cpp @@ -116,7 +116,7 @@ public: Anope::Encrypt(ii->req->GetPassword(), na->nc->pass); na->nc->Extend("ldap_authentication_dn", ii->dn); - ii->req->Success(me); + ii->req->Success(me, na); } break; } diff --git a/modules/nickserv/ns_group.cpp b/modules/nickserv/ns_group.cpp index 37b486f06..2a9be315f 100644 --- a/modules/nickserv/ns_group.cpp +++ b/modules/nickserv/ns_group.cpp @@ -32,7 +32,7 @@ public: { } - void OnSuccess() override + void OnSuccess(NickAlias *) override { User *u = source.GetUser(); @@ -188,7 +188,7 @@ public: NSGroupRequest req(owner, source, this, source.GetNick(), target, pass); if (ok) - req.OnSuccess(); + req.OnSuccess(target); else req.OnFail(); } diff --git a/modules/nickserv/ns_identify.cpp b/modules/nickserv/ns_identify.cpp index cd51d1de5..1c5eea0fc 100644 --- a/modules/nickserv/ns_identify.cpp +++ b/modules/nickserv/ns_identify.cpp @@ -25,25 +25,18 @@ public: { } - void OnSuccess() override + void OnSuccess(NickAlias *na) override { - if (!source.GetUser()) + auto *u = source.GetUser(); + if (!u) return; - User *u = source.GetUser(); - NickAlias *na = NickAlias::Find(GetAccount()); + if (u->IsIdentified()) + Log(LOG_COMMAND, source, cmd) << "to log out of account " << u->Account()->display; - if (!na) - source.Reply(NICK_X_NOT_REGISTERED, GetAccount().c_str()); - else - { - if (u->IsIdentified()) - Log(LOG_COMMAND, source, cmd) << "to log out of account " << u->Account()->display; - - Log(LOG_COMMAND, source, cmd) << "and identified for account " << na->nc->display; - source.Reply(_("Password accepted - you are now recognized.")); - u->Identify(na); - } + Log(LOG_COMMAND, source, cmd) << "and identified for account " << na->nc->display; + source.Reply(_("Password accepted - you are now recognized.")); + u->Identify(na); } void OnFail() override diff --git a/modules/nickserv/ns_recover.cpp b/modules/nickserv/ns_recover.cpp index 76f021bae..48cd1e13b 100644 --- a/modules/nickserv/ns_recover.cpp +++ b/modules/nickserv/ns_recover.cpp @@ -39,16 +39,12 @@ public: { } - void OnSuccess() override + void OnSuccess(NickAlias *na) override { User *u = User::Find(user, true); if (!source.GetUser() || !source.service) return; - NickAlias *na = NickAlias::Find(user); - if (!na) - return; - Log(LOG_COMMAND, source, cmd) << "for " << na->nick; /* Nick is being held by us, release it */ @@ -174,8 +170,7 @@ public: return; } - const NickAlias *na = NickAlias::Find(nick); - + auto *na = NickAlias::Find(nick); if (!na) { source.Reply(NICK_X_NOT_REGISTERED, nick.c_str()); @@ -209,7 +204,7 @@ public: NSRecoverRequest req(owner, source, this, na->nick, pass); if (ok) - req.OnSuccess(); + req.OnSuccess(na); else req.OnFail(); } diff --git a/modules/nickserv/ns_sasl_plain.cpp b/modules/nickserv/ns_sasl_plain.cpp index 68fbd0ec6..86136cef7 100644 --- a/modules/nickserv/ns_sasl_plain.cpp +++ b/modules/nickserv/ns_sasl_plain.cpp @@ -34,24 +34,24 @@ public: { } - void OnSuccess() override + void OnSuccess(NickAlias *na) override { if (!SASL::service) return; - auto *na = NickAlias::Find(GetAccount()); - if (!na || na->nc->HasExt("NS_SUSPENDED") || na->nc->HasExt("UNCONFIRMED")) + NickCore *nc = na->nc; + if (nc->HasExt("NS_SUSPENDED") || nc->HasExt("UNCONFIRMED")) return OnFail(); auto maxlogins = Config->GetModule("ns_identify").Get("maxlogins"); - if (maxlogins && na->nc->users.size() >= maxlogins) + if (maxlogins && nc->users.size() >= maxlogins) return OnFail(); auto *s = SASL::service->GetSession(uid); if (s) { - Log(this->GetOwner(), "sasl", Config->GetClient("NickServ")) << GetUserInfo() << " identified to account " << this->GetAccount() << " using SASL"; - SASL::service->Succeed(s, na->nc); + Log(this->GetOwner(), "sasl", Config->GetClient("NickServ")) << GetUserInfo() << " identified to account " << nc->display << " using SASL"; + SASL::service->Succeed(s, nc); delete s; } } diff --git a/modules/rpc/rpc_user.cpp b/modules/rpc/rpc_user.cpp index 9c15077af..63912609d 100644 --- a/modules/rpc/rpc_user.cpp +++ b/modules/rpc/rpc_user.cpp @@ -50,15 +50,11 @@ private: { } - void OnSuccess() override + void OnSuccess(NickAlias *na) override { if (!rpcinterface || !client) return; - auto *na = NickAlias::Find(GetAccount()); - if (!na) - return; // Should never happen. - NickCore *nc = na->nc; if (nc->HasExt("NS_SUSPENDED")) { diff --git a/modules/sql_authentication.cpp b/modules/sql_authentication.cpp index c0a6ea8e5..f97f2fe92 100644 --- a/modules/sql_authentication.cpp +++ b/modules/sql_authentication.cpp @@ -90,7 +90,7 @@ public: user->SendMessage(NickServ, _("Your email address has been updated to \002%s\002."), email.c_str()); } - req->Success(me); + req->Success(me, na); delete this; } diff --git a/modules/webcpanel/pages/index.cpp b/modules/webcpanel/pages/index.cpp index 560853e31..1373be7fd 100644 --- a/modules/webcpanel/pages/index.cpp +++ b/modules/webcpanel/pages/index.cpp @@ -29,16 +29,10 @@ public: { } - void OnSuccess() override + void OnSuccess(NickAlias *na) override { if (!client || !server) return; - NickAlias *na = NickAlias::Find(this->GetAccount()); - if (!na) - { - this->OnFail(); - return; - } if (na->nc->HasExt("NS_SUSPENDED")) { diff --git a/src/account.cpp b/src/account.cpp index 95bfc9698..6f5fa1cfa 100644 --- a/src/account.cpp +++ b/src/account.cpp @@ -48,11 +48,11 @@ void IdentifyRequest::Release(Module *m) } } -void IdentifyRequest::Success(Module *m) +void IdentifyRequest::Success(Module *m, NickAlias *na) { if (!success) { - this->OnSuccess(); + this->OnSuccess(na); success = true; } }