pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-28 13:56:37 +02:00
Code Activity

relay/api: allow clients without authentication when no relay password is defined and option relay.network.allow_empty_password is on (issue #2158)

Browse Source
This commit is contained in:
Sébastien Helleu
2024-07-20 15:48:46 +02:00
parent 484b90d39a
commit fc197df056
2 changed files with 68 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+1
View File
@@ -52,6 +52,7 @@
- ruby: fix builtin functions not available ([#2109](https://github.com/weechat/weechat/issues/2109))
- php: fix return value of function hdata_longlong
- tcl: fix return value of function hdata_longlong ([#2119](https://github.com/weechat/weechat/issues/2119))
- relay/api: allow clients without authentication when no relay password is defined and option relay.network.allow_empty_password is on ([#2158](https://github.com/weechat/weechat/issues/2158))
- relay/api: fix timezone of dates sent to clients ([#2151](https://github.com/weechat/weechat/issues/2151))
- relay/api: fix "body_type" returned when lines or nicks of a buffer are requested
- relay/api: fix read of one buffer line
src/plugins/relay/relay-http.c
+67 -57
View File
@@ -579,72 +579,82 @@ relay_http_get_auth_status (struct t_relay_client *client)
goto end;
}
auth = weechat_hashtable_get (client->http_req->headers, "authorization");
if (!auth || (weechat_strncasecmp (auth, "basic ", 6) != 0))
{
rc = -1;
goto end;
}
pos = auth + 6;
while (pos[0] == ' ')
{
pos++;
}
length = strlen (pos);
user_pass = malloc (length + 1);
if (!user_pass)
{
rc = -8;
goto end;
}
length = weechat_string_base_decode ("64", pos, user_pass);
if (length < 0)
if (!relay_password[0]
&& !weechat_config_boolean (relay_config_network_allow_empty_password))
{
rc = -2;
goto end;
}
if (strncmp (user_pass, "plain:", 6) == 0)
if (relay_password[0])
{
switch (relay_auth_check_password_plain (client, user_pass + 6, relay_password))
auth = weechat_hashtable_get (client->http_req->headers, "authorization");
if (!auth || (weechat_strncasecmp (auth, "basic ", 6) != 0))
{
case 0: /* password OK */
break;
case -1: /* "plain" is not allowed */
rc = -5;
goto end;
case -2: /* invalid password */
default:
rc = -2;
goto end;
rc = -1;
goto end;
}
}
else if (strncmp (user_pass, "hash:", 5) == 0)
{
switch (relay_auth_password_hash (client, user_pass + 5, relay_password))
pos = auth + 6;
while (pos[0] == ' ')
{
case 0: /* password OK */
break;
case -1: /* invalid hash algorithm */
rc = -5;
goto end;
case -2: /* invalid timestamp */
rc = -6;
goto end;
case -3: /* invalid iterations */
rc = -7;
goto end;
case -4: /* invalid password */
default:
rc = -2;
goto end;
pos++;
}
length = strlen (pos);
user_pass = malloc (length + 1);
if (!user_pass)
{
rc = -8;
goto end;
}
length = weechat_string_base_decode ("64", pos, user_pass);
if (length < 0)
{
rc = -2;
goto end;
}
if (strncmp (user_pass, "plain:", 6) == 0)
{
switch (relay_auth_check_password_plain (client, user_pass + 6, relay_password))
{
case 0: /* password OK */
break;
case -1: /* "plain" is not allowed */
rc = -5;
goto end;
case -2: /* invalid password */
default:
rc = -2;
goto end;
}
}
else if (strncmp (user_pass, "hash:", 5) == 0)
{
switch (relay_auth_password_hash (client, user_pass + 5, relay_password))
{
case 0: /* password OK */
break;
case -1: /* invalid hash algorithm */
rc = -5;
goto end;
case -2: /* invalid timestamp */
rc = -6;
goto end;
case -3: /* invalid iterations */
rc = -7;
goto end;
case -4: /* invalid password */
default:
rc = -2;
goto end;
}
}
else
{
rc = -2;
goto end;
}
}
else
{
rc = -2;
goto end;
}
totp_secret = weechat_string_eval_expression (