GitHub/PyLink
3
0
Fork 0
mirror of https://github.com/jlu5/PyLink.git synced 2024-11-30 14:49:28 +01:00
Code Issues Projects Releases Wiki Activity

SECURITY: normalize account names before checking network / oper filters

Browse Source 
(cherry picked from commit a6c1beaad0)
This commit is contained in:
James Lu 2018-03-30 11:54:45 -07:00
parent 22efe1384c
commit 310ad345a3
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
coremods/corecommands.py
View File

@ -15,12 +15,15 @@ from pylinkirc.log import log
def _login(irc, source, username): def _login(irc, source, username):
"""Internal function to process logins.""" """Internal function to process logins."""
# Mangle case before we start checking for login data.
accounts = {k.lower(): v for k, v in conf.conf['login'].get('accounts', {}).items()}
if irc.is_internal_client(source): if irc.is_internal_client(source):
irc.error("Cannot use 'identify' via a command proxy.") irc.error("Cannot use 'identify' via a command proxy.")
return return
logindata = conf.conf['login'].get('accounts', {}).get(username, {}) logindata = accounts.get(username.lower(), {})
network_filter = logindata.get('networks') network_filter = logindata.get('networks')
require_oper = logindata.get('require_oper', False) require_oper = logindata.get('require_oper', False)
hosts_filter = logindata.get('hosts', []) hosts_filter = logindata.get('hosts', [])