summaryrefslogtreecommitdiff
path: root/blabouncer.c
diff options
context:
space:
mode:
Diffstat (limited to 'blabouncer.c')
-rw-r--r--blabouncer.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/blabouncer.c b/blabouncer.c
index ae62487..a69ec71 100644
--- a/blabouncer.c
+++ b/blabouncer.c
@@ -4,7 +4,6 @@
// - Get CAP from server and relay to client
// - Keep track of changing user modes in channels
// - Should replay log do more than PRIVMSGs?
-// - Check authentication before even getting to the send functions to save unnecessary processing
// - Configurable auto channels
// - Comma separated channel list in JOINs/PARTs
// - Perhaps rename clients.ssl and server_ssl since they may not even be OpenSSL sockets
@@ -1028,6 +1027,14 @@ int processircmessage(SSL *server_ssl, char *str, int source, struct client *cli
return 1;
}
+ // We're past PASS in the list of possible commands, so ignore
+ // anything else the client says if they are not authenticated yet.
+ if (!clients[arrindex(clients, sourcefd)].authed) {
+ printf("Ignoring client command '%s' from sourcefd '%d' as not authenticated yet.\n", tokens[0], sourcefd);
+ free(strcopyPtr);
+ return 1;
+ }
+
// USER received? If so, assume this is a new client connecting and catch them on up on the state
if (strncmp(tokens[0], "USER", strlen(tokens[0])) == 0) {
// Somewhere to store the several strings we will need to build and send