Commit graph

330 commits

Author SHA1 Message Date
Ed Kellett
04952c32ad Rework channel mode handling
Incoming MODE processing is split into a parsing step and an execution
step, instead of a mode's effector function being involved in its own
parsing. Modes can no longer use custom logic to control their parsing,
and instead supply a combination of CHM_* flags to the parser. As a
result, we know before we try to effect any mode changes what all of
them will be.

The reauthorize hack for override is no longer necessary. A side effect
of its introduction was that `MODE #foo b x!y@z` no longer worked; in
removing it we restore that behaviour.

We gain the ability to reject various invalid inputs that:
- mutate or query unknown modes
- supply excess mode arguments
- query modes that can't be queried

In each case, whether we *should* reject it is an open question; for now
I'm rejecting the first one.
2020-11-08 00:26:27 +00:00
Ed Kellett
861a544541 m_webirc: Blow away ident if we've got it
Previously, anyone on the WEBIRC gateway would get its ident if it
advertised one, which seems wrong to me.

This allows ident to be used with WEBIRC while still letting users send
their own ~username in band.
2020-11-02 19:59:29 +00:00
Ed Kellett
f57d88bc71 Remove shared blocks 2020-11-01 04:20:44 +00:00
Ed Kellett
35eccf4930 Rename UMODE_SSLCLIENT, IsSSLClient 2020-10-31 16:00:02 +00:00
Ed Kellett
bbdc439aa3 Replace IsInsecure with IsSecure 2020-10-31 16:00:02 +00:00
Ed Kellett
26c3681f7c Delete extensions/spy_*,sno_whois 2020-10-28 21:19:36 +00:00
Ed Kellett
0f8ec93849 helpops: change umode char to h 2020-10-27 13:53:01 +00:00
Ed Kellett
8a776ce65c cap_realhost: neaten oper IP tag check 2020-10-24 16:19:52 +01:00
Ed Kellett
272e4a7d33 cap_realhost: Don't send realhost to non-opers
If they can see it it's already in the message source
2020-10-24 16:19:52 +01:00
Ed Kellett
3b4731951f Implement oper realhost view via a hidden cap 2020-10-24 16:19:52 +01:00
Ed Kellett
0862875dd8 Add extensions/cap_realhost 2020-10-24 16:19:52 +01:00
Ed Kellett
e8a8d7a440 Refactor common channel iteration 2020-10-19 20:15:26 +01:00
Ed Kellett
5e413b1372 Use linear channel list comparisons 2020-10-19 20:15:26 +01:00
Ed Kellett
d6b9005892 extb_canjoin: disable inside +e 2020-10-19 01:07:16 +01:00
Ed Kellett
a7bd528f61 extb_hostmask: handle banstr == NULL 2020-10-18 19:45:51 +01:00
Ed Kellett
94613c78b6 Implement the solanum.chat/identify-msg vendor cap 2020-10-16 21:47:38 +01:00
Ed Kellett
a6f63a829e
Innovation by sed 2020-10-15 15:52:41 +01:00
Ed Kellett
4a4b20955f
Add oper:dehelper 2020-08-04 22:58:30 +01:00
Ed Kellett
f510983eeb
Add oper:receive_immunity 2020-08-04 22:58:30 +01:00
Ed Kellett
d4f7eb4ce6
Replace most checks for +o with oper:general
I'm preparing to PR a succession of privs changes with the ultimate goal
of severely limiting the scope of the binary oper/user dichotomy and
move conceptually distinct oper functions into their own privs.

Accomplishing this is a non-trivial task, and can wait, but it's
inconvenient now to have such functions enabled by the same mechanism
that grants any privs at all--so I'm moving all of them to a
transitional priv with the intention of eroding that later.
2020-08-04 22:58:30 +01:00
Ariadne Conill
b07445c6d9 extensions/umode_noctcp: skip privmsg_user hook except on recipient server 2020-07-10 18:08:33 -06:00
Aaron Jones
4682079dd9
Merge pull request #327 from edk0/filter-quit
filter quit messages
2020-06-10 14:55:02 +00:00
Aaron Jones
64e6d3b9cd
Merge pull request #321 from edk0/hook-priorities
Simple hook priority system
2020-06-10 14:49:59 +00:00
Ed Kellett
211c25b17d
extensions/filter: filter quit messages 2020-05-23 19:10:31 +01:00
Ed Kellett
e9408bc4fc
filter: fix part handling
previously we would have formatted a null pointer into %s for the
command, which is theoretically bad but handled by glibc
2020-05-02 02:52:21 +01:00
Ed Kellett
c500b0bdb5
Add priorities to some hooks 2020-05-01 17:47:14 +01:00
Ed Kellett
91ccda4f8c
Fix invite-notify and move it to an extension
The existing approach to invite-notify is deeply flawed--it currently
notifies only the target user's server, and that can't be fixed without
sending notifies for invites that end up not happening.

I'm resolving this by broadcasting a second message, INVITED, from the
target user's server. I'm also pulling it out into an extension while
I'm at it--invite notifies reveal new information, so I don't think
they should be mandatory.
2020-04-30 18:17:00 +01:00
Ed Kellett
a7d4a0ab81
Centralise banmask matching logic 2020-04-12 12:35:18 +01:00
Aaron Jones
6cfb19943a
extensions/extb_ssl.c: make certfp parameter case-insensitive
I had the idea that maybe these should be case-sensitive because some
encodings (like Base-64) are. But it turns out it's better to
prioritise not breaking existing configurations / channel mode lists,
and just revisit this in future maybe.

[ci skip]
2020-01-28 20:48:23 +00:00
Aaron Jones
e0a8d121fa
extensions/extb_ssl.c: port e0f1c3b5bc & 5572f43834
Reported-by: Opal Hart <opal@wowana.me>
2020-01-28 20:37:39 +00:00
Ed Kellett
b44f6669d8
sasl_usercloak: fix typo in format string
thanks @ProgVal
2020-01-02 16:29:23 +00:00
Ed Kellett
cdeca37ec3
sasl_usercloak: make the magic string more specific
Require '/account' at the end of the spoof, rather than
'account' anywhere.
2020-01-02 16:15:51 +00:00
Ed Kellett
5d5603b6ef
sasl_usercloak: modernize 2020-01-02 16:15:50 +00:00
Ed Kellett
11ae52095f
Remove duplicated notify_banned_client 2020-01-02 03:36:34 +00:00
Ed Kellett
5958d6b99b
sasl_usercloak: check K-lines after host change 2020-01-02 03:36:34 +00:00
Ed Kellett
40c4d9d85b
Revert "recheck users after applying SASL account cloaks"
This reverts commit 4d401d3c60019cf96b07a012106cab9678b7a79d.
2020-01-02 03:36:34 +00:00
Ed Kellett
5aeeea187e
recheck users after applying SASL account cloaks
(so K-lines on them will take effect properly)
2020-01-02 03:36:34 +00:00
Stephen Bennett
dae6f5dbee
Make sasl_usercloak.so update the original host, as well as the visible host if it hasn't already changed. Allows for the sasl spoof to be used to override services ones in some circumstances. 2020-01-02 03:36:34 +00:00
Stephen Bennett
271ddd99d7
Be sure to zero out host buffer before using it 2020-01-02 03:36:34 +00:00
Stephen Bennett
721410d575
Add sasl_usercloak module, to allow injecting SASL account name into a user's host on connection 2020-01-02 03:36:24 +00:00
Aaron Jones
58a7048006
Merge pull request #287 from edk0/filter
Add extensions/filter (port from ircd-seven)
2019-10-22 18:33:51 +00:00
Ed Kellett
09784400f2
filter: avoid a memory leak per @amdj 2019-10-22 18:44:19 +01:00
Aaron Jones
a52d84f723
Merge pull request #293 from edk0/webirc
m_webirc: improve TLS handling
2019-10-22 16:17:33 +00:00
Aaron Jones
9e6c36d571
Merge pull request #294 from edk0/deny-webirc-auth
m_webirc: deny using webirc. as a real auth block
2019-10-22 16:16:36 +00:00
Ed Kellett
8ffc517321
m_webirc: deny using webirc. as a real auth block 2019-10-20 18:41:39 +01:00
Ed Kellett
cccda2ff2f
m_webirc: it's "TLS" to you 2019-10-20 18:18:32 +01:00
Ed Kellett
11ef0e2b98
m_webirc: don't bail out when denying 'secure' 2019-10-20 18:18:32 +01:00
Ed Kellett
a6b97b7d88
m_webirc: const-correctness 2019-10-20 18:18:27 +01:00
Ed Kellett
d6c813780f
m_webirc: respect ircv3's secure option 2019-10-20 18:17:34 +01:00
Ed Kellett
ab4420cbbe
m_webirc: enforce need_ssl 2019-10-20 18:17:33 +01:00