* Add extension extb_guest
This module provides an extban type that acts as a normal ban but
only matches unidentified users.
* Document extban g in help/opers/extban
* extensions/extb_guest: support CIDR masks in $g extbans
This allows a channel operator to set a channel ban such as
"$g:*!*@192.0.2.0/24#*web.libera.chat*" and have it function
as intended.
---------
Co-authored-by: Aaron Jones <me@aaronmdjones.net>
If the user performing a WHOIS has hidden their idle time (is umode +I),
also prevent them from seeing other user's idle times, even if said users
are not themselves umode +I.
Suggested-by: @Unit193
Split oper:wallops right from oper:mass_notice. Update documentation and
examples to grant oper:wallops everywhere oper:mass_notice was granted.
closes#103
This change modifies extb_channel to allow matching users in secret
channels, which prevents trivial ban evasion by setting the target
channel +s. Information leak due to this change is unlikely since the
attacker would have to know that the target channel exists, the name of
the channel (or guess it), have a specific user they wanted to know
whether was in the channel (and not know already), and the target user
would need to have something like autojoin-on-invite enabled (or any of
the other various ways hostname cloaking is attacked).
This change modifies extb_channel to allow matching users in secret
channels, which prevents trivial ban evasion by setting the target
channel +s. Information leak due to this change is unlikely since the
attacker would have to know that the target channel exists, the name of
the channel (or guess it), have a specific user they wanted to know
whether was in the channel (and not know already), and the target user
would need to have something like autojoin-on-invite enabled (or any of
the other various ways hostname cloaking is attacked).
Add REHASH SSLD (admins only) that starts new sslds and marks the
existing ones as inactive until all their clients disconnect.
Very useful whenever the SSL library has a vulnerability because
new connections can use a new version of the library without
disconnecting existing clients/servers.
Add STATS S (admins only) to list ssld processes, status, and client
count.
Add REHASH SSLD (admins only) that starts new sslds and marks the
existing ones as inactive until all their clients disconnect.
Very useful whenever the SSL library has a vulnerability because
new connections can use a new version of the library without
disconnecting existing clients/servers.
Add STATS S (admins only) to list ssld processes, status, and client
count.
What is done here:
1. All the outdated configuration flag information has been removed and
replaced with the more current information.
2. Spellchecking has been done on all helpfiles and the actual errors
have been fixed.