Commit graph

159 commits

Author SHA1 Message Date
Elizabeth Jennifer Myers
8aabb973c0 Implement chanroles, as discussed with nenolod.
The theory behind this is that services sends an ENCAP * GRANT #channel
UID :+flagspec message specifying the chanroles the user has. They are
mapped into flag bits and applied to the membership of the user. They
then are restricted or permitted to what they can do based on the
permissions mask regardless of rank.

For backwards compatibility, the default permission bit (without a GRANT
statement) allows a user to to anything an existing op can do ONLY if
they are an op.

Todo: make CHANROLE_STATUS work (the ability to apply +ov to people),
which is at the moment controlled by CHANROLE_MODE.
2011-07-06 13:46:22 -04:00
Jilles Tjoelker
a1574df4a2 Allow kick_on_split_riding to protect channels with mlocked keys.
Do kick_on_split_riding if services sends an SJOIN
with a lower TS and a different key. This relies on
services restoring TS (changets option in atheme) and
services not immediately parting after receiving the
KICK, which is the case in recent atheme.

For invite-only channels, still only do
kick_on_split_riding in netbursts. Services is
assumed to handle this itself (atheme does).
2011-04-06 19:05:08 +02:00
Stephen Bennett
341f971efa Bring across disable_local_channels config option from ircd-seven 2010-12-21 20:38:04 +00:00
William Pitcock
805cfa5ab2 Use send_channel_join(). 2010-12-16 00:13:42 -06:00
William Pitcock
7a948bdaa7 Add capability parameter to sendto_common_channels_local() and sendto_common_channels_local_butone(). 2010-12-15 22:55:05 -06:00
William Pitcock
cddbab51bb Send ERR_TOOMANYCHANNELS for each channel join that fails due to channel limits.
The reason why we do this is because some clients are dependent on receiving a numeric
for every channel join failure, even due to this limit where it can be assumed that
subsequent joins failed.
2010-12-14 02:24:23 -06:00
William Pitcock
ff0cc1e616 Add support for linking using SSL certificate fingerprints as the link credential rather than the traditional server-password pair. 2010-12-13 23:14:00 -06:00
B.Greenham
15484f02bd Move flood_attack_channel to channel.c so it can be used outside m_message.c 2010-12-09 18:29:56 -05:00
William Pitcock
0343b3c563 Use get_channel_access() for KICK/TOPIC. 2010-12-07 00:14:42 -06:00
William Pitcock
6ca4dec95a Extend hook_data_channel_activity moduledata with membership struct. 2010-12-06 22:57:04 -06:00
William Pitcock
1f679bfe7b Filter bogus CTCP ACTION messages. 2010-11-05 01:16:03 -05:00
Jilles Tjoelker
02e655aeac Provide an error message when a user does /quote ban. 2010-08-29 15:16:47 +02:00
Jilles Tjoelker
717238d2a2 Add target change for channels.
This has a separate enabling option channel::channel_target_change.

It applies to PRIVMSG, NOTICE and TOPIC by unvoiced unopped non-opers.

The same slots are used for channels and users.
2010-08-29 01:26:00 +02:00
Jilles Tjoelker
dd9b78dc92 Remove redundant MyClient check, it is already checked above. 2010-08-24 22:46:57 +02:00
William Pitcock
6fb6bd15ae Enforce TS rules on MLOCKs. 2010-08-23 20:22:59 -05:00
Jilles Tjoelker
f5455d2cd5 Tweak auto-accept:
* does not apply to NOTICE (as those may well be automated)
* mirrors +g behaviour so that no useless accept entries are added for services
* respects max_accept, if it would be exceeded the message is dropped with numeric 494
* check moved up so this is checked before floodcount/tgchange
2010-07-04 17:14:56 +02:00
William Pitcock
0770c9936e Stop griefing through taunting while hiding behind CALLERID.
This shouldn't provide any way for a client to get on a CALLERID list
without authorization, as if a client is +g already, a CTCP request, for
example, won't be replied to.
2010-07-03 00:44:55 -05:00
Stephen Bennett
6b8db2daf2 Allow the final parameter of MLOCK to be empty, to remove an existing mlock 2010-05-02 20:42:46 +01:00
Stephen Bennett
1916ed52f8 Branch merge 2010-04-30 22:03:42 +01:00
Stephen Bennett
78e6b731e4 Rework ircd-side MLOCK enforcement: instead of trying to track modes locked on or off, instead keep a simple list of mode letters that are locked, and reject any change to those modes. 2010-04-30 22:01:21 +01:00
Jilles Tjoelker
a0ce140ed6 Improve technical documentation of BAN protocol. 2010-04-29 00:26:49 +02:00
Jilles Tjoelker
803ce385bf Fix various compiler warnings. 2010-03-27 20:09:46 +01:00
Jilles Tjoelker
dca9e55257 Add propagated resvs, like klines and xlines. 2010-03-27 16:13:57 +01:00
Jilles Tjoelker
f89191ace9 BAN: xlines do not have oper reasons, their "reason" is already oper only. 2010-03-18 00:22:35 +01:00
Jilles Tjoelker
3cbbfb2556 Add propagated xlines, like klines. 2010-03-16 23:05:50 +01:00
William Pitcock
8727cbe88a Add propagation of MLOCK state for simple modes.
Special modes like +j can be tracked easily just by adding the necessary
code to parse them to set_channel_mlock().  This will cover propagation
as well.
2010-03-07 23:13:39 -06:00
Jilles Tjoelker
5c2b9eaf48 BAN: Reject bans with insufficient non-wildcard characters.
Such bans are not applied locally, but are propagated normally.
They can only be removed on a server that applies them.

Note that normally KLINE will not accept such bans.
This is mainly for services, differing min_wildcard and
ircd changes.
2010-03-06 01:45:41 +01:00
Jilles Tjoelker
6229f9f83b Among bans with the same creation time, prefer the one with longest lifetime. 2010-03-05 23:16:28 +01:00
Jilles Tjoelker
9470d75a42 BAN: Avoid fake direction. 2010-03-05 22:53:35 +01:00
Jilles Tjoelker
cedb7d05b4 Remove +/- from the BAN message, instead indicating unban with duration=0.
A kline must now last at least one second since its creation time.

Also add better logic for bans that have already expired
when they come in.
2010-03-05 22:51:47 +01:00
Jilles Tjoelker
431a1a2784 Add propagated klines.
A KLINE command without the ON clause now sets a propagated
("global") ban. KLINE commands with the ON clause work as
before.

Propagated klines can only be removed with an UNKLINE command
without the ON clause, and this removes them everywhere.
In fact, they remain in a deactivated state until the latest
expiry ever used for the mask has passed.

Propagated klines are part of the netburst using a new BAN
message and capab. If such a burst has an effect, both the
server name and the original oper are shown in the server
notice.

No checks whatsoever are done on bursted klines at this time.

The system should be extended to XLINE and RESV later.

There is currently no way to list propagated klines,
but TESTLINE works normally.
2010-03-05 18:36:44 +01:00
Jilles Tjoelker
ff91faaf76 Do not penalize for spambot checks if creating a new channel. 2010-02-21 01:45:51 +01:00
Jilles Tjoelker
4eb9a3ca0b JOIN 0: Make spambot check equivalent to PART's. 2010-02-21 01:12:04 +01:00
Jilles Tjoelker
9148f6aa7c Remove dead code: last_join_time is already updated by check_spambot_warning(). 2010-02-21 01:10:04 +01:00
Jilles Tjoelker
cf3564d61f Do not check for spambot if the user is not allowed to join the channel. 2010-02-21 01:07:32 +01:00
Jilles Tjoelker
4f2685f3e1 Move target change code to src/tgchange.c,
so we can use it for /invite as well.
2010-02-15 21:58:34 +01:00
Jilles Tjoelker
c9f01c4f2f target change: Allow free replies.
When a user receives a private message, notice or RPL_UMODEGMSG,
add the source to a special set of 5 target slots.
These slots are checked in the normal way when sending messages,
allowing a reply without using up a free target.

This feature will not be very useful if a user is being messaged
by many different users; to help this, messages blocked entirely
by +g or +R do not affect the targets. CTCP replies also remain
free in terms of targets.
2010-02-15 01:07:07 +01:00
Jilles Tjoelker
179becdf5f target change: Overwrite the least recently used target with a new one. 2010-02-15 00:31:17 +01:00
Jilles Tjoelker
ad1d39a76f Make the number of targets tracked for target change a #define. 2010-02-13 15:18:17 +01:00
Jilles Tjoelker
1fd171a547 Fix op-moderate (cmode +z) for channel names with '@'. 2010-01-24 19:37:00 +01:00
Jilles Tjoelker
641eb2c3c8 Put back fb7d6089158e, not setting large_ctcp_sent for CTCP ACTION. 2010-01-20 00:03:57 +01:00
William Pitcock
2e918bf515 Merge +C (no CTCP to channels) from ircd-seven. 2010-01-19 02:11:04 -06:00
Jilles Tjoelker
3d0bbdcbe1 Do not set large_ctcp_sent for CTCP ACTION as it does not request a reply. 2010-01-14 01:12:16 +01:00
Stephen Bennett
c127b45b83 Revert all presence-related changes 2009-12-08 19:22:55 +00:00
William Pitcock
884b5d41c1 presence: Remove user.away, replaced by a metadata entry.
Cache the metadata retrieval value where feasible for minimal performance impact.
2009-06-02 02:03:51 -05:00
Jilles Tjoelker
aa9c9ed268 Allow ctcp replies through floodcount after ctcp'ing a large group.
A large group is any $$ or $# or a channel with more than
floodcount/2 local members, checked on each server separately.
Note that floodcount checks are done on the sender's server.

The special treatment is active for 15 seconds.
2009-05-17 20:52:16 +02:00
Jilles Tjoelker
a416ed2e79 Move check for required CAPABs to mr_server -- CAPAB may not be sent.
Also fix exit message.
2009-04-21 18:43:07 +02:00
William Pitcock
5f8d323c59 can_kick hook, based on the ircd-seven one. 2009-04-20 09:20:11 -05:00
Jilles Tjoelker
b7b1d686a9 Simplify floodcount checking, it is no longer affected by +g/+R anymore. 2009-04-19 00:04:21 +02:00
Jilles Tjoelker
631b4a542a Use uid/sid for some ERR_CHANOPRIVSNEEDED if they go to a remote client. 2009-04-09 23:45:35 +02:00