extensions: add chm_insecure, which has the opposite effect of chm_sslonly.
This module makes SSL required to join any channels except for ones specifically marked insecure. It is meant to be used in a migration path away from plaintext IRC.
This commit is contained in:
William Pitcock
parent
35f284c2bd
commit
c4e9deaef9
|
|
@ -9,6 +9,7 @@ extension_LTLIBRARIES = \
|
|||
chm_adminonly.la \
|
||||
chm_operonly.la \
|
||||
chm_operonly_compat.la \
|
||||
chm_insecure.la \
|
||||
chm_nonotice.la \
|
||||
chm_operpeace.la \
|
||||
chm_quietunreg_compat.la \
|
||||
|
|
|
|||
|
|
@ -140,6 +140,9 @@ AM_V_lt = $(am__v_lt_@AM_V@)
|
|||
am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@)
|
||||
am__v_lt_0 = --silent
|
||||
am__v_lt_1 =
|
||||
chm_insecure_la_LIBADD =
|
||||
chm_insecure_la_SOURCES = chm_insecure.c
|
||||
chm_insecure_la_OBJECTS = chm_insecure.lo
|
||||
chm_nonotice_la_LIBADD =
|
||||
chm_nonotice_la_SOURCES = chm_nonotice.c
|
||||
chm_nonotice_la_OBJECTS = chm_nonotice.lo
|
||||
|
|
@ -357,7 +360,7 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
|
|||
am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
|
||||
am__v_CCLD_0 = @echo " CCLD " $@;
|
||||
am__v_CCLD_1 =
|
||||
SOURCES = chm_adminonly.c chm_nonotice.c chm_operonly.c \
|
||||
SOURCES = chm_adminonly.c chm_insecure.c chm_nonotice.c chm_operonly.c \
|
||||
chm_operonly_compat.c chm_operpeace.c chm_quietunreg_compat.c \
|
||||
chm_sslonly.c chm_sslonly_compat.c createauthonly.c \
|
||||
createoperonly.c example_module.c extb_account.c \
|
||||
|
|
@ -375,14 +378,14 @@ SOURCES = chm_adminonly.c chm_nonotice.c chm_operonly.c \
|
|||
sno_globaloper.c sno_whois.c spy_admin_notice.c \
|
||||
spy_info_notice.c spy_links_notice.c spy_motd_notice.c \
|
||||
spy_stats_notice.c spy_stats_p_notice.c spy_trace_notice.c
|
||||
DIST_SOURCES = chm_adminonly.c chm_nonotice.c chm_operonly.c \
|
||||
chm_operonly_compat.c chm_operpeace.c chm_quietunreg_compat.c \
|
||||
chm_sslonly.c chm_sslonly_compat.c createauthonly.c \
|
||||
createoperonly.c example_module.c extb_account.c \
|
||||
extb_canjoin.c extb_channel.c extb_combi.c extb_extgecos.c \
|
||||
extb_hostmask.c extb_oper.c extb_realname.c extb_server.c \
|
||||
extb_ssl.c extb_usermode.c force_user_invis.c helpops.c \
|
||||
hide_uncommon_channels.c hurt.c ip_cloaking.c \
|
||||
DIST_SOURCES = chm_adminonly.c chm_insecure.c chm_nonotice.c \
|
||||
chm_operonly.c chm_operonly_compat.c chm_operpeace.c \
|
||||
chm_quietunreg_compat.c chm_sslonly.c chm_sslonly_compat.c \
|
||||
createauthonly.c createoperonly.c example_module.c \
|
||||
extb_account.c extb_canjoin.c extb_channel.c extb_combi.c \
|
||||
extb_extgecos.c extb_hostmask.c extb_oper.c extb_realname.c \
|
||||
extb_server.c extb_ssl.c extb_usermode.c force_user_invis.c \
|
||||
helpops.c hide_uncommon_channels.c hurt.c ip_cloaking.c \
|
||||
ip_cloaking_3.0.c ip_cloaking_4.0.c ip_cloaking_old.c m_42.c \
|
||||
m_adminwall.c m_extendchans.c m_findforwards.c m_identify.c \
|
||||
m_mkpasswd.c m_ojoin.c m_okick.c m_omode.c m_opme.c m_remove.c \
|
||||
|
|
@ -606,6 +609,7 @@ extension_LTLIBRARIES = \
|
|||
chm_adminonly.la \
|
||||
chm_operonly.la \
|
||||
chm_operonly_compat.la \
|
||||
chm_insecure.la \
|
||||
chm_nonotice.la \
|
||||
chm_operpeace.la \
|
||||
chm_quietunreg_compat.la \
|
||||
|
|
@ -738,6 +742,9 @@ clean-extensionLTLIBRARIES:
|
|||
chm_adminonly.la: $(chm_adminonly_la_OBJECTS) $(chm_adminonly_la_DEPENDENCIES) $(EXTRA_chm_adminonly_la_DEPENDENCIES)
|
||||
$(AM_V_CCLD)$(LINK) -rpath $(extensiondir) $(chm_adminonly_la_OBJECTS) $(chm_adminonly_la_LIBADD) $(LIBS)
|
||||
|
||||
chm_insecure.la: $(chm_insecure_la_OBJECTS) $(chm_insecure_la_DEPENDENCIES) $(EXTRA_chm_insecure_la_DEPENDENCIES)
|
||||
$(AM_V_CCLD)$(LINK) -rpath $(extensiondir) $(chm_insecure_la_OBJECTS) $(chm_insecure_la_LIBADD) $(LIBS)
|
||||
|
||||
chm_nonotice.la: $(chm_nonotice_la_OBJECTS) $(chm_nonotice_la_DEPENDENCIES) $(EXTRA_chm_nonotice_la_DEPENDENCIES)
|
||||
$(AM_V_CCLD)$(LINK) -rpath $(extensiondir) $(chm_nonotice_la_OBJECTS) $(chm_nonotice_la_LIBADD) $(LIBS)
|
||||
|
||||
|
|
@ -928,6 +935,7 @@ distclean-compile:
|
|||
-rm -f *.tab.c
|
||||
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chm_adminonly.Plo@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chm_insecure.Plo@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chm_nonotice.Plo@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chm_operonly.Plo@am__quote@
|
||||
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chm_operonly_compat.Plo@am__quote@
|
||||
|
|
|
|||
53
extensions/chm_insecure.c
Normal file
53
extensions/chm_insecure.c
Normal file
|
|
@ -0,0 +1,53 @@
|
|||
#include "stdinc.h"
|
||||
#include "modules.h"
|
||||
#include "hook.h"
|
||||
#include "client.h"
|
||||
#include "ircd.h"
|
||||
#include "send.h"
|
||||
#include "s_conf.h"
|
||||
#include "s_user.h"
|
||||
#include "s_serv.h"
|
||||
#include "numeric.h"
|
||||
#include "chmode.h"
|
||||
|
||||
static void h_can_join(hook_data_channel *);
|
||||
|
||||
mapi_hfn_list_av1 sslonly_hfnlist[] = {
|
||||
{ "can_join", (hookfn) h_can_join },
|
||||
{ NULL, NULL }
|
||||
};
|
||||
|
||||
static unsigned int mymode;
|
||||
|
||||
static int
|
||||
_modinit(void)
|
||||
{
|
||||
mymode = cflag_add('U', chm_simple);
|
||||
if (mymode == 0)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
_moddeinit(void)
|
||||
{
|
||||
cflag_orphan('U');
|
||||
}
|
||||
|
||||
DECLARE_MODULE_AV1(chm_insecure, _modinit, _moddeinit, NULL, NULL, sslonly_hfnlist, "$Revision$");
|
||||
|
||||
static void
|
||||
h_can_join(hook_data_channel *data)
|
||||
{
|
||||
struct Client *source_p = data->client;
|
||||
struct Channel *chptr = data->chptr;
|
||||
|
||||
if(!(chptr->mode.mode & mymode) && !IsSSLClient(source_p)) {
|
||||
/* XXX This is equal to ERR_THROTTLE */
|
||||
sendto_one_numeric(source_p, 480, "%s :Cannot join channel (-U) - SSL/TLS required", chptr->chname);
|
||||
data->approved = ERR_CUSTOM;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in a new issue