Changeset 060d066


Ignore:
Timestamp:
2011-02-01T13:05:58Z (9 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
da60f28
Parents:
00fd005
Message:

More password paranoia: Allow omitting the identify/register password as
well (and enter it using /OPER instead).

This is a gross hack and indeed still not solid: In irssi one can still
use /RAWLOG SAVE to find the OPER line sent to BitlBee (and of course not
everyone uses SSL to talk to remote BitlBee servers). This only works
within 10-30 minutes after entering the password though.

Files:
4 edited

Legend:

Unmodified
Added
Removed
  • doc/user-guide/commands.xml

    r00fd005 r060d066  
    2525
    2626                                <para>
    27                                         If you omit the password, you should use the IRC /OPER command to enter it separately. The advantage of this approach is that most IRC clients will not show OPER passwords on screen/save them in logs.
     27                                        You can omit the password and enter it separately using the IRC /OPER command. This lets you enter your password without your IRC client echoing it on screen or recording it in logs.
    2828                                </para>
    2929                        </description>
     
    16041604        <bitlbee-command name="register">
    16051605                <short-description>Register yourself</short-description>
    1606                 <syntax>register &lt;password&gt;</syntax>
     1606                <syntax>register [&lt;password&gt;]</syntax>
    16071607
    16081608                <description>
     
    16181618                                To identify yourself in later sessions, you can use the <emphasis>identify</emphasis> command. To change your password later, you can use the <emphasis>set password</emphasis> command.
    16191619                        </para>
     1620
     1621                        <para>
     1622                                You can omit the password and enter it separately using the IRC /OPER command. This lets you enter your password without your IRC client echoing it on screen or recording it in logs.
     1623                        </para>
    16201624                </description>
    16211625
     
    16231627
    16241628        <bitlbee-command name="identify">
    1625                 <syntax>identify [-noload|-force] &lt;password&gt;</syntax>
     1629                <syntax>identify [-noload|-force] [&lt;password&gt;]</syntax>
    16261630                <short-description>Identify yourself with your password</short-description>
    16271631
     
    16411645                        <para>
    16421646                                <emphasis>-noload</emphasis> will log you in but not load any accounts and settings saved under your current nickname. These will be overwritten once you save your settings (i.e. when you disconnect).
     1647                        </para>
     1648
     1649                        <para>
     1650                                You can omit the password and enter it separately using the IRC /OPER command. This lets you enter your password without your IRC client echoing it on screen or recording it in logs.
    16431651                        </para>
    16441652                </description>
  • irc.h

    r00fd005 r060d066  
    5050        USTATUS_SHUTDOWN = 8,   /* Now used to indicate we're shutting down.
    5151                                   Currently just blocks irc_vawrite(). */
     52
     53        /* Not really status stuff, but other kinds of flags: For slightly
     54           better password security, since the only way to send passwords
     55           to the IRC server securely (i.e. not echoing to screen or written
     56           to logfiles) is the /OPER command, try to use that command for
     57           stuff that matters. */
     58        OPER_HACK_IDENTIFY = 0x100,
     59        OPER_HACK_REGISTER = 0x200,
     60        OPER_HACK_ACCOUNT_ADD = 0x400,
     61        OPER_HACK_ANY = 0x700,  /* To check for them all at once. */
    5262} irc_status_t;
    5363
  • irc_commands.c

    r00fd005 r060d066  
    397397}
    398398
    399 
     399static void irc_cmd_oper_hack( irc_t *irc, char **cmd );
    400400
    401401static void irc_cmd_oper( irc_t *irc, char **cmd )
    402402{
    403         account_t *a;
    404        
    405         /* /OPER can now also be used to enter IM passwords without echoing.
    406            It's a hack but the extra password security is worth it. */
    407         for( a = irc->b->accounts; a; a = a->next )
    408                 if( strcmp( a->pass, PASSWORD_PENDING ) == 0 )
    409                 {
    410                         set_setstr( &a->set, "password", cmd[2] );
    411                         irc_usermsg( irc, "Password added to IM account "
    412                                      "%s(%s)", a->prpl->name, a->user );
    413                         /* The IRC client may expect this. Report failure since
    414                            we didn't hand out a +o. */
    415                         irc_send_num( irc, 491, ":Password added to IM account "
    416                                       "%s(%s)", a->prpl->name, a->user );
    417                         return;
    418                 }
     403        /* Very non-standard evil but useful/secure hack, see below. */
     404        if( irc->status & OPER_HACK_ANY )
     405                return irc_cmd_oper_hack( irc, cmd );
    419406       
    420407        if( global.conf->oper_pass &&
     
    430417                irc_send_num( irc, 491, ":Incorrect password" );
    431418        }
     419}
     420
     421static void irc_cmd_oper_hack( irc_t *irc, char **cmd )
     422{
     423        char *password = g_strjoinv( " ", cmd + 2 );
     424       
     425        /* /OPER can now also be used to enter IM/identify passwords without
     426           echoing. It's a hack but the extra password security is worth it. */
     427        if( irc->status & OPER_HACK_ACCOUNT_ADD )
     428        {
     429                account_t *a;
     430               
     431                for( a = irc->b->accounts; a; a = a->next )
     432                        if( strcmp( a->pass, PASSWORD_PENDING ) == 0 )
     433                        {
     434                                set_setstr( &a->set, "password", password );
     435                                irc_usermsg( irc, "Password added to IM account "
     436                                             "%s(%s)", a->prpl->name, a->user );
     437                                /* The IRC client may expect this. 491 suggests the OPER
     438                                   password was wrong, so the client won't expect a +o.
     439                                   It may however repeat the password prompt. We'll see. */
     440                                irc_send_num( irc, 491, ":Password added to IM account "
     441                                              "%s(%s)", a->prpl->name, a->user );
     442                        }
     443        }
     444        else if( irc->status & OPER_HACK_IDENTIFY )
     445        {
     446                char *send_cmd[] = { "identify", password, NULL };
     447                irc_send_num( irc, 491, ":Trying to identify" );
     448                root_command( irc, send_cmd );
     449        }
     450        else if( irc->status & OPER_HACK_REGISTER )
     451        {
     452                char *send_cmd[] = { "register", password, NULL };
     453                irc_send_num( irc, 491, ":Trying to identify" );
     454                root_command( irc, send_cmd );
     455        }
     456       
     457        irc->status &= ~OPER_HACK_ANY;
     458        g_free( password );
    432459}
    433460
     
    756783                }
    757784       
    758         if( irc->status >= USTATUS_LOGGED_IN )
     785        if( irc->status & USTATUS_LOGGED_IN )
    759786                irc_send_num( irc, 421, "%s :Unknown command", cmd[0] );
    760787}
  • root_commands.c

    r00fd005 r060d066  
    114114        }
    115115       
    116         if( strncmp( cmd[1], "-no", 3 ) == 0 )
     116        if( cmd[1] == NULL )
     117        {
     118        }
     119        else if( strncmp( cmd[1], "-no", 3 ) == 0 )
    117120        {
    118121                load = FALSE;
     
    135138        if( password == NULL )
    136139        {
    137                 MIN_ARGS( 2 );
     140                irc_usermsg( irc, "About to identify, use /OPER to enter the password" );
     141                irc->status |= OPER_HACK_IDENTIFY;
     142                return;
    138143        }
    139144       
     
    211216        {
    212217                irc_usermsg( irc, "This server does not allow registering new accounts" );
     218                return;
     219        }
     220       
     221        if( cmd[1] == NULL )
     222        {
     223                irc_usermsg( irc, "About to register, use /OPER to enter the password" );
     224                irc->status |= OPER_HACK_REGISTER;
    213225                return;
    214226        }
     
    13621374        { "group",          1, cmd_group,          0 },
    13631375        { "help",           0, cmd_help,           0 },
    1364         { "identify",       1, cmd_identify,       0 },
     1376        { "identify",       0, cmd_identify,       0 },
    13651377        { "info",           1, cmd_info,           0 },
    13661378        { "nick",           1, cmd_nick,           0 },
    13671379        { "no",             0, cmd_yesno,          0 },
    13681380        { "qlist",          0, cmd_qlist,          0 },
    1369         { "register",       1, cmd_register,       0 },
     1381        { "register",       0, cmd_register,       0 },
    13701382        { "remove",         1, cmd_remove,         0 },
    13711383        { "rename",         2, cmd_rename,         0 },
Note: See TracChangeset for help on using the changeset viewer.