From ec0355f6998eb5dee254e4bc60a3207bb661c854 Mon Sep 17 00:00:00 2001
From: Wilmer van der Gaast <wilmer@gaast.net>
Date: Sun, 16 Mar 2008 16:31:27 +0000
Subject: Passwords in bitlbee.conf can now be (properly salted) MD5 hashes,
 for just that little bit extra security.

---
 irc_commands.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'irc_commands.c')

diff --git a/irc_commands.c b/irc_commands.c
index 68db4617..14209732 100644
--- a/irc_commands.c
+++ b/irc_commands.c
@@ -29,7 +29,10 @@
 
 static void irc_cmd_pass( irc_t *irc, char **cmd )
 {
-	if( global.conf->auth_pass && strcmp( cmd[1], global.conf->auth_pass ) == 0 )
+	if( global.conf->auth_pass &&
+	    strncmp( global.conf->auth_pass, "md5:", 4 ) == 0 ?
+	      md5_verify_password( cmd[1], global.conf->auth_pass + 4 ) == 0 :
+	      strcmp( cmd[1], global.conf->auth_pass ) == 0 )
 	{
 		irc->status |= USTATUS_AUTHORIZED;
 		irc_check_login( irc );
@@ -87,7 +90,10 @@ static void irc_cmd_ping( irc_t *irc, char **cmd )
 
 static void irc_cmd_oper( irc_t *irc, char **cmd )
 {
-	if( global.conf->oper_pass && strcmp( cmd[2], global.conf->oper_pass ) == 0 )
+	if( global.conf->oper_pass &&
+	    strncmp( global.conf->oper_pass, "md5:", 4 ) == 0 ?
+	      md5_verify_password( cmd[2], global.conf->oper_pass + 4 ) == 0 :
+	      strcmp( cmd[2], global.conf->oper_pass ) == 0 )
 	{
 		irc_umode_set( irc, "+o", 1 );
 		irc_reply( irc, 381, ":Password accepted" );
-- 
cgit v1.2.3