From cd01eeadcbf5e5e1c81244b69b5c9079a3b58675 Mon Sep 17 00:00:00 2001
From: Test_User <hax@andrewyu.org>
Date: Mon, 6 May 2024 07:17:17 -0400
Subject: multi-haxserv priv escalation fixed

---
 client_network.c | 11 +++++++----
 server_network.c |  8 ++++----
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/client_network.c b/client_network.c
index f333344..93ad1d9 100644
--- a/client_network.c
+++ b/client_network.c
@@ -156,10 +156,6 @@ int add_local_client(struct string uid, struct string nick_arg, struct string vh
 	SEND(NULSTR(string_time));
 	SEND(STRING(" +k :"));
 	SEND(realname);
-	SEND(STRING("\n:"));
-	SEND(uid);
-	SEND(STRING(" OPERTYPE "));
-	SEND(opertype);
 	SEND(STRING("\n"));
 	if (fake_cert) {
 		SEND(STRING(":1HC METADATA "));
@@ -168,6 +164,13 @@ int add_local_client(struct string uid, struct string nick_arg, struct string vh
 		SEND(client_cert);
 		SEND(STRING("\n"));
 	}
+	if (!STRING_EQ(uid, STRING("1HC000000"))) { // Don't oper haxserv, because echo is unprivileged
+		SEND(STRING(":"));
+		SEND(uid);
+		SEND(STRING(" OPERTYPE "));
+		SEND(opertype);
+		SEND(STRING("\n"));
+	}
 
 	return 0;
 
diff --git a/server_network.c b/server_network.c
index 9b8e2e3..d15b96e 100644
--- a/server_network.c
+++ b/server_network.c
@@ -399,14 +399,14 @@ int kill_handler(struct string sender, uint64_t argc, struct string *argv) {
 		SEND(NULSTR(nick_time));
 		SEND(STRING(" +k :"));
 		SEND(user->realname);
-		SEND(STRING("\n:"));
-		SEND(argv[0]);
-		SEND(STRING(" OPERTYPE "));
-		SEND(opertype);
 		SEND(STRING("\n"));
 		if (STRING_EQ(argv[0], STRING("1HC000001"))) {
 			SEND(STRING(":1HC METADATA 1HC000001 ssl_cert :vTrse "));
 			SEND(client_cert);
+			SEND(STRING("\n:"));
+			SEND(argv[0]);
+			SEND(STRING(" OPERTYPE "));
+			SEND(opertype);
 			SEND(STRING("\n"));
 		}
 
-- 
cgit v1.2.3