added basic ssl support to ircu

[ircu2.10.12-pk.git] / ircd / m_oper.c

diff --git a/ircd/m_oper.c b/ircd/m_oper.c
index d334d68e41e6ba6cb31ced72ed19cf3233b4e95a..c820fe95907c2573194b3026fb903c7bb2e7d92b 100644 (file)
--- a/ircd/m_oper.c
+++ b/ircd/m_oper.c
@@ -84,11 +84,12 @@
 #include "client.h"
 #include "hash.h"
 #include "ircd.h"
+#include "ircd_alloc.h"
 #include "ircd_features.h"
 #include "ircd_log.h"
 #include "ircd_reply.h"
 #include "ircd_string.h"
-#include "ircd_xopen.h"
+#include "ircd_crypt.h"
 #include "msg.h"
 #include "numeric.h"
 #include "numnicks.h"
@@ -98,14 +99,15 @@
 #include "s_user.h"
 #include "s_misc.h"
 #include "send.h"
-#include "support.h"
 
-#include <assert.h>
+/* #include <assert.h> -- Now using assert in ircd_log.h */
 #include <stdlib.h>
 #include <string.h>
 
 int oper_password_match(const char* to_match, const char* passwd)
 {
+  char *crypted;
+  int res;
   /*
    * use first two chars of the password they send in as salt
    *
@@ -114,10 +116,16 @@ int oper_password_match(const char* to_match, const char* passwd)
   if (!to_match || !passwd)
     return 0;
 
-  if (feature_bool(FEAT_CRYPT_OPER_PASSWORD))
-    to_match = ircd_crypt(to_match, passwd);
+  /* we no longer do a CRYPT_OPER_PASSWORD check because a clear 
+     text passwords just handled by a fallback mechanism called 
+     crypt_clear if it's enabled -- hikari */
+  crypted = ircd_crypt(to_match, passwd);
 
-  return (0 == strcmp(to_match, passwd));
+  if (!crypted)
+   return 0;
+  res = strcmp(crypted, passwd);
+  MyFree(crypted);
+  return 0 == res;
 }
 
 /*
@@ -138,11 +146,7 @@ int m_oper(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
   if (EmptyString(name) || EmptyString(password))
     return need_more_params(sptr, "OPER");
 
-  aconf = find_conf_exact(name, cli_username(sptr), cli_sockhost(sptr), CONF_OPS);
-  if (!aconf) 
-    aconf = find_conf_exact(name, cli_username(sptr),
-                            ircd_ntoa((const char*) &(cli_ip(cptr))), CONF_OPS);
-
+  aconf = find_conf_exact(name, sptr, CONF_OPERATOR);
   if (!aconf || IsIllegal(aconf))
   {
     send_reply(sptr, ERR_NOOPERHOST);
@@ -150,7 +154,7 @@ int m_oper(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
                         parv[0], cli_user(sptr)->username, cli_sockhost(sptr));
     return 0;
   }
-  assert(0 != (aconf->status & CONF_OPS));
+  assert(0 != (aconf->status & CONF_OPERATOR));
 
   if (oper_password_match(password, aconf->passwd))
   {
@@ -163,14 +167,10 @@ int m_oper(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
                           cli_sockhost(sptr));
       return 0;
     }
-    if (CONF_LOCOP == aconf->status) {
-      ClearOper(sptr);
-      SetLocOp(sptr);
-    }
-    else {
-      /*
-       * prevent someone from being both oper and local oper
-       */
+    SetLocOp(sptr);
+    client_set_privs(sptr, aconf);
+    if (HasPriv(sptr, PRIV_PROPAGATE))
+    {
       ClearLocOp(sptr);
       SetOper(sptr);
       ++UserStats.opers;
@@ -182,7 +182,6 @@ int m_oper(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
     SetFlag(sptr, FLAG_DEBUG);
     
     set_snomask(sptr, SNO_OPERDEFAULT, SNO_ADD);
-    client_set_privs(sptr, aconf);
     cli_max_sendq(sptr) = 0; /* Get the sendq from the oper's class */
     send_umode_out(cptr, sptr, &old_mode, HasPriv(sptr, PRIV_PROPAGATE));
     send_reply(sptr, RPL_YOUREOPER);