mirror of
				git://git.psyced.org/git/psyced
				synced 2024-08-15 03:25:10 +00:00 
			
		
		
		
	hmac-sha1-shared auth: auto-register users & disable manual registration
This commit is contained in:
		
							parent
							
								
									f9b8f4261c
								
							
						
					
					
						commit
						d9ec4abdc5
					
				
					 2 changed files with 23 additions and 3 deletions
				
			
		|  | @ -757,9 +757,14 @@ checkPassword(try, method, salt, args, cb, varargs cbargs) { | ||||||
| 	// why here?
 | 	// why here?
 | ||||||
| 	//while (remove_call_out(#'quit) != -1);
 | 	//while (remove_call_out(#'quit) != -1);
 | ||||||
| #ifndef REGISTERED_USERS_ONLY | #ifndef REGISTERED_USERS_ONLY | ||||||
|  | # ifdef AUTH_HMAC_SECRET | ||||||
|  |         if (IS_NEWBIE && method != "hmac-sha1-shared") ARETURN(1) | ||||||
|  | # else | ||||||
| 	if (IS_NEWBIE) ARETURN(1) // could auto-register here..
 | 	if (IS_NEWBIE) ARETURN(1) // could auto-register here..
 | ||||||
| # endif | # endif | ||||||
| 	if (!try || try == "") ARETURN(0) | #endif | ||||||
|  | 	if (!try || try == "" || v("password") == "") ARETURN(0) | ||||||
|  | 
 | ||||||
| 	switch(method) { | 	switch(method) { | ||||||
| #if __EFUN_DEFINED__(sha1) | #if __EFUN_DEFINED__(sha1) | ||||||
| case "SHA1": | case "SHA1": | ||||||
|  | @ -773,8 +778,15 @@ case "HMAC-SHA1": | ||||||
| case "hmac-sha1": | case "hmac-sha1": | ||||||
| 		ARETURN(try == hmac(TLS_HASH_SHA1, v("password"), salt)) | 		ARETURN(try == hmac(TLS_HASH_SHA1, v("password"), salt)) | ||||||
| #  ifdef AUTH_HMAC_SECRET | #  ifdef AUTH_HMAC_SECRET | ||||||
|  | #   define REGISTER_DISABLED | ||||||
| case "hmac-sha1-shared": | case "hmac-sha1-shared": | ||||||
| 		ARETURN(try == hmac(TLS_HASH_SHA1, AUTH_HMAC_SECRET, salt + MYNICK)) | 		if (try == hmac(TLS_HASH_SHA1, AUTH_HMAC_SECRET, salt + MYNICK)) { | ||||||
|  | 		    if (IS_NEWBIE) { | ||||||
|  | 			vSet("password", ""); | ||||||
|  | 			save(); | ||||||
|  | 		    } | ||||||
|  | 		    ARETURN(1); | ||||||
|  | 		} else ARETURN(0); | ||||||
| #  endif | #  endif | ||||||
| # endif | # endif | ||||||
| #else | #else | ||||||
|  |  | ||||||
|  | @ -3056,6 +3056,14 @@ set(key, value) { | ||||||
| 		w("_echo_set_default",  | 		w("_echo_set_default",  | ||||||
| 	  "Setting [_key_set] has been reset to its default state.", | 	  "Setting [_key_set] has been reset to its default state.", | ||||||
| 		    ([ "_key_set" : key ]) ); | 		    ([ "_key_set" : key ]) ); | ||||||
|  | #ifdef REGISTER_DISABLED | ||||||
|  | 	} else if (key == "password" && IS_NEWBIE) { | ||||||
|  | # ifdef REGISTER_URL | ||||||
|  | 		w("_echo_set_password", "Registration disabled here. You can register at: " + REGISTER_URL); | ||||||
|  | # else | ||||||
|  | 		w("_echo_set_password", "Registration disabled."); | ||||||
|  | # endif | ||||||
|  | #endif | ||||||
| 	} else { | 	} else { | ||||||
| 		vSet(key, value); | 		vSet(key, value); | ||||||
| 		if (key == "password") w("_echo_set_password", | 		if (key == "password") w("_echo_set_password", | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue