summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSébastien Helleu <flashcode@flashtux.org>2019-12-21 10:47:35 +0100
committerSébastien Helleu <flashcode@flashtux.org>2019-12-21 10:47:35 +0100
commit330149b9b6e997412a203f36bd0f5f9253652c3b (patch)
tree11b7ae71e0f8a990132ae1db1d945769037df68f
parente612e63140e5f272da3dda9443660534cb5e606a (diff)
downloadweechat-330149b9b6e997412a203f36bd0f5f9253652c3b.zip
relay: reject client with weechat protocol if password or totp is received in init command but not set in WeeChat (closes #1435)
-rw-r--r--ChangeLog.adoc1
-rw-r--r--src/plugins/relay/weechat/relay-weechat-protocol.c47
-rw-r--r--src/plugins/relay/weechat/relay-weechat.c62
3 files changed, 56 insertions, 54 deletions
diff --git a/ChangeLog.adoc b/ChangeLog.adoc
index 01ba63999..2f5cb1eeb 100644
--- a/ChangeLog.adoc
+++ b/ChangeLog.adoc
@@ -22,6 +22,7 @@ New features::
* core: add debug option "-d" in command /eval (issue #1434)
* api: add info "weechat_headless" (issue #1433)
+ * relay: reject client with weechat protocol if password or totp is received in init command but not set in WeeChat (issue #1435)
Bug fixes::
diff --git a/src/plugins/relay/weechat/relay-weechat-protocol.c b/src/plugins/relay/weechat/relay-weechat-protocol.c
index 8d50c5d17..ffeff9357 100644
--- a/src/plugins/relay/weechat/relay-weechat-protocol.c
+++ b/src/plugins/relay/weechat/relay-weechat-protocol.c
@@ -170,11 +170,22 @@ relay_weechat_protocol_is_sync (struct t_relay_client *ptr_client,
RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
{
char **options, *pos, *password, *totp_secret, *info_totp_args, *info_totp;
- int i, compression, length;
+ int i, compression, length, password_received, totp_received;
- RELAY_WEECHAT_PROTOCOL_MIN_ARGS(1);
+ RELAY_WEECHAT_PROTOCOL_MIN_ARGS(0);
+
+ password = weechat_string_eval_expression (
+ weechat_config_string (relay_config_network_password),
+ NULL, NULL, NULL);
+ totp_secret = weechat_string_eval_expression (
+ weechat_config_string (relay_config_network_totp_secret),
+ NULL, NULL, NULL);
- options = weechat_string_split_command (argv_eol[0], ',');
+ password_received = 0;
+ totp_received = 0;
+
+ options = (argc > 0) ?
+ weechat_string_split_command (argv_eol[0], ',') : NULL;
if (options)
{
for (i = 0; options[i]; i++)
@@ -186,21 +197,13 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
pos++;
if (strcmp (options[i], "password") == 0)
{
- password = weechat_string_eval_expression (
- weechat_config_string (relay_config_network_password),
- NULL, NULL, NULL);
- if (password)
- {
- if (strcmp (password, pos) == 0)
- RELAY_WEECHAT_DATA(client, password_ok) = 1;
- free (password);
- }
+ password_received = 1;
+ if (password && (strcmp (password, pos) == 0))
+ RELAY_WEECHAT_DATA(client, password_ok) = 1;
}
else if (strcmp (options[i], "totp") == 0)
{
- totp_secret = weechat_string_eval_expression (
- weechat_config_string (relay_config_network_totp_secret),
- NULL, NULL, NULL);
+ totp_received = 1;
if (totp_secret)
{
length = strlen (totp_secret) + strlen (pos) + 16 + 1;
@@ -220,7 +223,6 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
free (info_totp);
free (info_totp_args);
}
- free (totp_secret);
}
}
else if (strcmp (options[i], "compression") == 0)
@@ -234,6 +236,14 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
weechat_string_free_split_command (options);
}
+ /* if no password received and password is empty, it's OK */
+ if (!password_received && (!password || !password[0]))
+ RELAY_WEECHAT_DATA(client, password_ok) = 1;
+
+ /* if no TOTP received and totp_secret is empty, it's OK */
+ if (!totp_received && (!totp_secret || !totp_secret[0]))
+ RELAY_WEECHAT_DATA(client, totp_ok) = 1;
+
if (RELAY_WEECHAT_DATA(client, password_ok)
&& RELAY_WEECHAT_DATA(client, totp_ok))
{
@@ -246,6 +256,11 @@ RELAY_WEECHAT_PROTOCOL_CALLBACK(init)
relay_client_set_status (client, RELAY_STATUS_AUTH_FAILED);
}
+ if (password)
+ free (password);
+ if (totp_secret)
+ free (totp_secret);
+
return WEECHAT_RC_OK;
}
diff --git a/src/plugins/relay/weechat/relay-weechat.c b/src/plugins/relay/weechat/relay-weechat.c
index 928fc8f3e..8c7052bb7 100644
--- a/src/plugins/relay/weechat/relay-weechat.c
+++ b/src/plugins/relay/weechat/relay-weechat.c
@@ -166,46 +166,32 @@ relay_weechat_free_buffers_nicklist (struct t_hashtable *hashtable,
void
relay_weechat_alloc (struct t_relay_client *client)
{
- char *password, *totp_secret;
-
- password = weechat_string_eval_expression (
- weechat_config_string (relay_config_network_password),
- NULL, NULL, NULL);
- totp_secret = weechat_string_eval_expression (
- weechat_config_string (relay_config_network_totp_secret),
- NULL, NULL, NULL);
-
client->protocol_data = malloc (sizeof (struct t_relay_weechat_data));
- if (client->protocol_data)
- {
- RELAY_WEECHAT_DATA(client, password_ok) = (password && password[0]) ? 0 : 1;
- RELAY_WEECHAT_DATA(client, totp_ok) = (totp_secret && totp_secret[0]) ? 0 : 1;
- RELAY_WEECHAT_DATA(client, compression) = RELAY_WEECHAT_COMPRESSION_ZLIB;
- RELAY_WEECHAT_DATA(client, buffers_sync) =
- weechat_hashtable_new (32,
- WEECHAT_HASHTABLE_STRING,
- WEECHAT_HASHTABLE_INTEGER,
- NULL, NULL);
- RELAY_WEECHAT_DATA(client, hook_signal_buffer) = NULL;
- RELAY_WEECHAT_DATA(client, hook_hsignal_nicklist) = NULL;
- RELAY_WEECHAT_DATA(client, hook_signal_upgrade) = NULL;
- RELAY_WEECHAT_DATA(client, buffers_nicklist) =
- weechat_hashtable_new (32,
- WEECHAT_HASHTABLE_POINTER,
- WEECHAT_HASHTABLE_POINTER,
- NULL, NULL);
- weechat_hashtable_set_pointer (RELAY_WEECHAT_DATA(client, buffers_nicklist),
- "callback_free_value",
- &relay_weechat_free_buffers_nicklist);
- RELAY_WEECHAT_DATA(client, hook_timer_nicklist) = NULL;
-
- relay_weechat_hook_signals (client);
- }
+ if (!client->protocol_data)
+ return;
- if (password)
- free (password);
- if (totp_secret)
- free (totp_secret);
+ RELAY_WEECHAT_DATA(client, password_ok) = 0;
+ RELAY_WEECHAT_DATA(client, totp_ok) = 0;
+ RELAY_WEECHAT_DATA(client, compression) = RELAY_WEECHAT_COMPRESSION_ZLIB;
+ RELAY_WEECHAT_DATA(client, buffers_sync) =
+ weechat_hashtable_new (32,
+ WEECHAT_HASHTABLE_STRING,
+ WEECHAT_HASHTABLE_INTEGER,
+ NULL, NULL);
+ RELAY_WEECHAT_DATA(client, hook_signal_buffer) = NULL;
+ RELAY_WEECHAT_DATA(client, hook_hsignal_nicklist) = NULL;
+ RELAY_WEECHAT_DATA(client, hook_signal_upgrade) = NULL;
+ RELAY_WEECHAT_DATA(client, buffers_nicklist) =
+ weechat_hashtable_new (32,
+ WEECHAT_HASHTABLE_POINTER,
+ WEECHAT_HASHTABLE_POINTER,
+ NULL, NULL);
+ weechat_hashtable_set_pointer (RELAY_WEECHAT_DATA(client, buffers_nicklist),
+ "callback_free_value",
+ &relay_weechat_free_buffers_nicklist);
+ RELAY_WEECHAT_DATA(client, hook_timer_nicklist) = NULL;
+
+ relay_weechat_hook_signals (client);
}
/*