View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003428 | unreal | ircd | public | 2007-07-07 10:26 | 2015-07-09 18:54 |
| Reporter | Stealth | Assigned To | syzop | ||
| Priority | normal | Severity | feature | Reproducibility | always |
| Status | resolved | Resolution | no change required | ||
| Platform | * | OS | * | OS Version | * |
| Product Version | 4.0-devel | ||||
| Fixed in Version | 3.4-alpha4 | ||||
| Summary | 0003428: Cert auth | ||||
| Description | 4 things: - Allow a cert file to be specified, as fingerprints can be weak (especially MD5 ones) - When using fingerprint or cert, have option to assume no actual password is required (so it behaves like Unreal3.x, currently still requires a password) - Make m_ssl_oper_cert.so into m_ssl_cert_auth.so, and allow fingerprints or certs to be used as an auth anywhere a password can be used. - A module to provide oper ability to have the IRCd save a cert. Something like "SAVECERT <nick> <filename>". Module configuration should have a directory where certs should be stored, and remove directory info from the command parameters (to prevent saving to other directories), and warn the oper if a file with that name already exists (perhaps allow an option to overwrite it). This would make it easier for netadmins to obtain someones cert when promoting them. | ||||
| Tags | No tags attached. | ||||
| 3rd party modules | |||||
| child of | 0003417 | closed | TODO list for Unreal4.0 |
|
|
[quote]- When using fingerprint or cert, have option to assume no actual password is required (so it behaves like Unreal3.x, currently still requires a password)[/quote] Exactly how is this different from unreal3? With unreal you still have to give a password (or else /oper|vhost will give 'not enough params', etc). It just doesn't matter what that password is. |
|
|
> Exactly how is this different from unreal3? U4 requires the actual password specified in the oper configuration, so you can't just send it any random crap as password |
|
|
The "requiring a correct password" issue is fixed now it seems. It also looks like we have use of ssl cert fingerprints everywhere now too. All that's still needed is to be using actual certs rather than the fingerprints (this may have to be left to someone who actually knows something about SSL stuff). |
|
|
I think the necessary functionality (or at least, similar stuff) is in current UnrealIRCd now. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2007-07-07 10:26 | Stealth | New Issue | |
| 2007-07-08 15:50 | aquanight | Note Added: 0014456 | |
| 2007-07-08 16:29 | Stealth | Note Added: 0014457 | |
| 2007-07-09 15:57 |
|
Status | new => acknowledged |
| 2007-07-09 15:57 |
|
Relationship added | child of 0003417 |
| 2007-07-23 09:24 |
|
QA | => Not touched yet by developer |
| 2007-07-23 09:24 |
|
U4: Need for upstream patch | => No need for upstream InspIRCd patch |
| 2007-07-23 09:24 |
|
U4: Upstream notification of bug | => Not decided |
| 2007-07-23 09:24 |
|
U4: Contributor working on this | => None |
| 2007-07-23 09:24 |
|
Severity | minor => feature |
| 2007-07-23 09:31 |
|
Status | acknowledged => confirmed |
| 2007-11-24 23:24 | aquanight | Note Added: 0014828 | |
| 2015-07-09 18:54 | syzop | Note Added: 0018438 | |
| 2015-07-09 18:54 | syzop | Status | confirmed => resolved |
| 2015-07-09 18:54 | syzop | Fixed in Version | => 3.4-alpha4 |
| 2015-07-09 18:54 | syzop | Resolution | open => no change required |
| 2015-07-09 18:54 | syzop | Assigned To | => syzop |
