ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) override
{
if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
{
const std::string fp = api ? api->GetFingerprint(user) : "";
if (!fp.empty() && InspIRCd::Match(fp, mask.substr(2)))
return MOD_RES_DENY;
}
return MOD_RES_PASSTHRU;
}
bool Matches(LocalUser* user, const std::string& pass, UserCertificateAPI& sslapi) const
{
// Did the user send a valid password?
if (!password.empty() && !ServerInstance->PassCompare(user, password, pass, passhash))
return false;
// Does the user have a valid fingerprint?
const std::string fp = sslapi ? sslapi->GetFingerprint(user) : "";
if (!fingerprint.empty() && !InspIRCd::TimingSafeCompare(fp, fingerprint))
return false;
// Does the user's hostname match our hostmask?
if (InspIRCd::Match(user->GetRealHost(), hostmask, ascii_case_insensitive_map))
return true;
// Does the user's IP address match our hostmask?
return InspIRCd::MatchCIDR(user->GetIPString(), hostmask, ascii_case_insensitive_map);
}