diff options
| author | Loganius <31364192+TheMiningTeamYT@users.noreply.github.com> | 2025-12-19 10:17:43 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-12-19 17:17:43 +0100 |
| commit | b932baab5240d80512406e660efece151add0d9d (patch) | |
| tree | 4a318df4f045f40eeb1cf7ccd2cd6c8e994dcdac /src | |
| parent | 3e4ca16dc245727c64f23494636601c29fd07643 (diff) | |
| download | ngircd-b932baab5240d80512406e660efece151add0d9d.tar.gz ngircd-b932baab5240d80512406e660efece151add0d9d.zip | |
Handle clients which erroneously send passwords for non-password protected servers
Ignore passwords sent by clients when not configured/needed. Closes #332.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ngircd/login.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/ngircd/login.c b/src/ngircd/login.c index 3412e337..75f85940 100644 --- a/src/ngircd/login.c +++ b/src/ngircd/login.c @@ -93,7 +93,8 @@ Login_User(CLIENT * Client) /* Don't do any PAM authentication at all if PAM is not * enabled, instead emulate the behavior of the daemon * compiled without PAM support. */ - if (strcmp(Conn_Password(conn), Conf_ServerPwd) == 0) + if (Conf_ServerPwd[0] == 0 || + strcmp(Conn_Password(conn), Conf_ServerPwd) == 0) return Login_User_PostAuth(Client); Client_Reject(Client, "Bad server password", false); return DISCONNECTED; @@ -132,7 +133,8 @@ Login_User(CLIENT * Client) } else return CONNECTED; #else /* Check global server password ... */ - if (strcmp(Conn_Password(conn), Conf_ServerPwd) != 0) { + if (Conf_ServerPwd[0] != 0 && + strcmp(Conn_Password(conn), Conf_ServerPwd) != 0) { /* Bad password! */ Client_Reject(Client, "Bad server password", false); return DISCONNECTED; |