|
@@ -2177,14 +2177,19 @@ func operHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
2177
|
2177
|
return false
|
2178
|
2178
|
}
|
2179
|
2179
|
|
2180
|
|
- authorized := false
|
|
2180
|
+ // must have a matching oper block and not fail any enabled checks
|
|
2181
|
+ // (config validation ensures that there is at least one check)
|
2181
|
2182
|
oper := server.GetOperator(msg.Params[0])
|
|
2183
|
+ authorized := oper != nil
|
2182
|
2184
|
if oper != nil {
|
2183
|
|
- if utils.CertfpsMatch(oper.Fingerprint, client.certfp) {
|
2184
|
|
- authorized = true
|
2185
|
|
- } else if 1 < len(msg.Params) {
|
2186
|
|
- password := []byte(msg.Params[1])
|
2187
|
|
- authorized = (bcrypt.CompareHashAndPassword(oper.Pass, password) == nil)
|
|
2185
|
+ if oper.Fingerprint != "" && !utils.CertfpsMatch(oper.Fingerprint, client.certfp) {
|
|
2186
|
+ authorized = false
|
|
2187
|
+ } else if oper.Pass != nil {
|
|
2188
|
+ if len(msg.Params) == 1 {
|
|
2189
|
+ authorized = false
|
|
2190
|
+ } else if bcrypt.CompareHashAndPassword(oper.Pass, []byte(msg.Params[1])) != nil {
|
|
2191
|
+ authorized = false
|
|
2192
|
+ }
|
2188
|
2193
|
}
|
2189
|
2194
|
}
|
2190
|
2195
|
if !authorized {
|
|
@@ -2193,9 +2198,17 @@ func operHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
2193
|
2198
|
return true
|
2194
|
2199
|
}
|
2195
|
2200
|
|
2196
|
|
- oldNickmask := client.NickMaskString()
|
|
2201
|
+ applyOper(client, oper, rb)
|
|
2202
|
+ return false
|
|
2203
|
+}
|
|
2204
|
+
|
|
2205
|
+// applies operator status to a client, who MUST NOT already be an operator
|
|
2206
|
+func applyOper(client *Client, oper *Oper, rb *ResponseBuffer) {
|
|
2207
|
+ details := client.Details()
|
|
2208
|
+ oldNickmask := details.nickMask
|
2197
|
2209
|
client.SetOper(oper)
|
2198
|
|
- if client.NickMaskString() != oldNickmask {
|
|
2210
|
+ newNickmask := client.NickMaskString()
|
|
2211
|
+ if newNickmask != oldNickmask {
|
2199
|
2212
|
client.sendChghost(oldNickmask, oper.Vhost)
|
2200
|
2213
|
}
|
2201
|
2214
|
|
|
@@ -2208,17 +2221,14 @@ func operHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
|
2208
|
2221
|
copy(modeChanges[1:], oper.Modes)
|
2209
|
2222
|
applied := ApplyUserModeChanges(client, modeChanges, true)
|
2210
|
2223
|
|
2211
|
|
- rb.Add(nil, server.name, RPL_YOUREOPER, client.nick, client.t("You are now an IRC operator"))
|
2212
|
|
- rb.Add(nil, server.name, "MODE", client.nick, applied.String())
|
2213
|
|
-
|
2214
|
|
- server.snomasks.Send(sno.LocalOpers, fmt.Sprintf(ircfmt.Unescape("Client opered up $c[grey][$r%s$c[grey], $r%s$c[grey]]"), client.nickMaskString, oper.Name))
|
|
2224
|
+ client.server.snomasks.Send(sno.LocalOpers, fmt.Sprintf(ircfmt.Unescape("Client opered up $c[grey][$r%s$c[grey], $r%s$c[grey]]"), client.nickMaskString, oper.Name))
|
2215
|
2225
|
|
2216
|
|
- // client may now be unthrottled by the fakelag system
|
|
2226
|
+ rb.Broadcast(nil, client.server.name, RPL_YOUREOPER, details.nick, client.t("You are now an IRC operator"))
|
|
2227
|
+ rb.Broadcast(nil, client.server.name, "MODE", details.nick, applied.String())
|
2217
|
2228
|
for _, session := range client.Sessions() {
|
|
2229
|
+ // client may now be unthrottled by the fakelag system
|
2218
|
2230
|
session.resetFakelag()
|
2219
|
2231
|
}
|
2220
|
|
-
|
2221
|
|
- return false
|
2222
|
2232
|
}
|
2223
|
2233
|
|
2224
|
2234
|
// PART <channel>{,<channel>} [<reason>]
|