1
0
mirror of https://github.com/anope/anope.git synced 2026-07-10 04:25:43 +02:00

Rip out ns_access and related code.

This is wildly insecure and has been disabled by default for at
least a decade.
This commit is contained in:
Sadie Powell
2024-02-29 14:49:39 +00:00
parent 25bdcfcbc4
commit 579af3c442
32 changed files with 41 additions and 1104 deletions
+5 -5
View File
@@ -766,9 +766,9 @@ log
* memoserv/info - Can see any information with /MEMOSERV INFO
* memoserv/set-limit - Can set the limit of max stored memos on any user and channel
* memoserv/no-limit - Can send memos through limits and throttles
* nickserv/access - Can modify other users access and certificate lists
* nickserv/alist - Can see the channel access list of other users
* nickserv/auspex - Can see any information with /NICKSERV INFO
* nickserv/cert - Can modify other certificate lists
* nickserv/confirm - Can confirm other users nicknames
* nickserv/drop - Can drop other users nicks
* nickserv/recover - Can recover other users nicks
@@ -789,10 +789,10 @@ log
*
* nickserv/getemail nickserv/suspend nickserv/ajoin nickserv/list
*
* nickserv/saset/autoop nickserv/saset/email nickserv/saset/greet nickserv/saset/password
* nickserv/saset/display nickserv/saset/kill nickserv/saset/language nickserv/saset/message
* nickserv/saset/private nickserv/saset/secure nickserv/saset/url nickserv/saset/noexpire
* nickserv/saset/keepmodes nickserv/saset/neverop
* nickserv/saset/autoop nickserv/saset/display nickserv/saset/email nickserv/saset/greet
* nickserv/saset/kill nickserv/saset/keepmodes nickserv/saset/language nickserv/saset/message
* nickserv/saset/neverop nickserv/saset/noexpire nickserv/saset/password nickserv/saset/private
* nickserv/saset/url
*
* hostserv/set hostserv/del hostserv/list
*
+2 -4
View File
@@ -76,8 +76,6 @@ module
* access level or superior
* - cs_private: Hide the channel from ChanServ's LIST command
* - restricted: Kick/ban users who are restricted from the channel
* - cs_secure: Enable channel security, requiring the user to be identified with NickServ in
* order to be considered for being on the access list of the channel
* - secureops: Only allow operator status to be given if the user is on the access list
* - securefounder: Only allow the real founder of the channel to drop the channel, change its
* password, or change the founder or successor
@@ -93,10 +91,10 @@ module
* to be a registered nick, otherwise the channel will be dropped.
* - none: No defaults
*
* This directive is optional, if left blank, the options will default to keeptopic, peace, cs_secure,
* This directive is optional, if left blank, the options will default to keeptopic, peace,
* securefounder, and signkick. If you really want no defaults, use "none" by itself as the option.
*/
defaults = "keeptopic peace cs_secure securefounder signkick"
defaults = "keeptopic peace securefounder signkick"
/*
* The maximum number of channels which may be registered to a single nickname.
+3 -47
View File
@@ -96,8 +96,6 @@ module
* option and the killprotect option must be specified with this one
* - kill_immed: Kill nick immediately if not identified, this one overrides both the killprotect
* and kill_quick options and the killprotect option must be specified with this one
* - ns_secure: Enable nickname security, requiring the nick's password before any operations
* can be done on it
* - ns_private: Hide the nick from NickServ's LIST command
* - hide_email: Hide the nick's e-mail address from NickServ's INFO command
* - hide_mask: Hide the nick's last or current user@host from NickServ's INFO command
@@ -112,10 +110,10 @@ module
* to be enabled as well
* - ns_keep_modes: Enables keepmodes, which retains user modes across sessions
*
* This directive is optional, if left blank, the options will default to ns_secure, memo_signon, and
* This directive is optional, if left blank, the options will default to memo_signon, and
* memo_receive. If you really want no defaults, use "none" by itself as the option.
*/
defaults = "killprotect ns_secure ns_private hide_email hide_mask memo_signon memo_receive autoop"
defaults = "killprotect ns_private hide_email hide_mask memo_signon memo_receive autoop"
/*
* The minimum length of time between consecutive uses of NickServ's REGISTER command. This
@@ -248,33 +246,6 @@ command_group
/* Give it a help command. */
command { service = "NickServ"; name = "HELP"; command = "generic/help"; }
/*
* ns_access
*
* Provides the command nickserv/access.
*
* Used for configuring what hosts have access to your account.
*/
module
{
name = "ns_access"
/*
* The maximum number of entries allowed on a nickname's access list.
* If not set, the default is 32. This number cannot be set to 0.
*/
accessmax = 32
/*
* If set, Anope will add the usermask of registering users to the access list of their
* newly created account. If not set, users will always have to identify to NickServ before
* being recognized, unless they manually add an address to the access list of their account.
* This directive is optional.
*/
addaccessonreg = no
}
command { service = "NickServ"; name = "ACCESS"; command = "nickserv/access"; }
/*
* ns_ajoin
*
@@ -530,10 +501,9 @@ command { service = "NickServ"; name = "RESETPASS"; command = "nickserv/resetpas
* nickserv/set/kill, nickserv/saset/kill - Used for configuring nickname protection.
* nickserv/set/language, nickserv/saset/language - Used for configuring what language services use.
* nickserv/set/message, nickserv/saset/message - Used to configure how services send messages to you.
* nickserv/set/password, nickserv/saset/password - Used for changing a users password.
* nickserv/set/secure, nickserv/saset/secure - Used for configuring whether a user can identify by simply being recognized by nickserv/access.
* nickserv/set/neverop, nickserv/saset/neverop - Used to configure whether a user can be added to access lists
* nickserv/saset/noexpire - Used for configuring noexpire, which prevents nicks from expiring.
* nickserv/set/password, nickserv/saset/password - Used for changing a users password.
*/
module
{
@@ -574,9 +544,6 @@ command { service = "NickServ"; name = "SASET MESSAGE"; command = "nickserv/sase
command { service = "NickServ"; name = "SET PASSWORD"; command = "nickserv/set/password"; }
command { service = "NickServ"; name = "SASET PASSWORD"; command = "nickserv/saset/password"; permission = "nickserv/saset/password"; }
command { service = "NickServ"; name = "SET SECURE"; command = "nickserv/set/secure"; }
command { service = "NickServ"; name = "SASET SECURE"; command = "nickserv/saset/secure"; permission = "nickserv/saset/secure"; }
command { service = "NickServ"; name = "SET NEVEROP"; command = "nickserv/set/neverop"; }
command { service = "NickServ"; name = "SASET NEVEROP"; command = "nickserv/saset/neverop"; permission = "nickserv/saset/neverop"; }
@@ -601,17 +568,6 @@ command { service = "NickServ"; name = "SASET URL"; command = "nickserv/saset/mi
#command { service = "NickServ"; name = "SET MASTODON"; command = "nickserv/set/misc"; misc_description = _("Associate a Mastodon account with your account"); }
#command { service = "NickServ"; name = "SASET MASTODON"; command = "nickserv/saset/misc"; misc_description = _("Associate a Mastodon account with this account"); permission = "nickserv/saset/mastodon"; group = "nickserv/admin"; }
/*
* ns_status
*
* Provides the nickserv/status command.
*
* Used to determine if a user is recognized or identified by services.
*/
module { name = "ns_status" }
command { service = "NickServ"; name = "STATUS"; command = "nickserv/status"; }
/*
* ns_suspend
*
-55
View File
@@ -122,9 +122,6 @@ public:
Anope::string email;
/* Locale name of the language of the user. Empty means default language */
Anope::string language;
/* Access list, contains user@host masks of users who get certain privileges based
* on if NI_SECURE is set and what (if any) kill protection is enabled. */
std::vector<Anope::string> access;
MemoInfo memos;
std::map<Anope::string, Anope::string> last_modes;
@@ -165,61 +162,9 @@ public:
*/
virtual bool IsServicesOper() const;
/** Add an entry to the nick's access list
*
* @param entry The nick!ident@host entry to add to the access list
*
* Adds a new entry into the access list.
*/
void AddAccess(const Anope::string &entry);
/** Get an entry from the nick's access list by index
*
* @param entry Index in the access list vector to retrieve
* @return The access list entry of the given index if within bounds, an empty string if the vector is empty or the index is out of bounds
*
* Retrieves an entry from the access list corresponding to the given index.
*/
Anope::string GetAccess(unsigned entry) const;
/** Get the number of entries on the access list for this account.
*/
unsigned GetAccessCount() const;
/** Retrieves the account id for this user */
uint64_t GetId();
/** Find an entry in the nick's access list
*
* @param entry The nick!ident@host entry to search for
* @return True if the entry is found in the access list, false otherwise
*
* Search for an entry within the access list.
*/
bool FindAccess(const Anope::string &entry);
/** Erase an entry from the nick's access list
*
* @param entry The nick!ident@host entry to remove
*
* Removes the specified access list entry from the access list.
*/
void EraseAccess(const Anope::string &entry);
/** Clears the entire nick's access list
*
* Deletes all the memory allocated in the access list vector and then clears the vector.
*/
void ClearAccess();
/** Is the given user on this accounts access list?
*
* @param u The user
*
* @return true if the user is on the access list
*/
bool IsOnAccess(const User *u) const;
/** Finds an account
* @param nick The account name to find
* @return The account, if it exists
-2
View File
@@ -90,8 +90,6 @@ namespace Language
#define UNKNOWN _("<unknown>")
#define NO_EXPIRE _("does not expire")
#define LIST_INCORRECT_RANGE _("Incorrect range specified. The correct syntax is \002#\037from\037-\037to\037\002.")
#define NICK_IS_REGISTERED _("This nick is owned by someone else. Please choose another.\n" \
"(If this is your nick, type \002%s%s IDENTIFY \037password\037\002.)")
#define NICK_IS_SECURE _("This nickname is registered and protected. If it is your\n" \
"nick, type \002%s%s IDENTIFY \037password\037\002. Otherwise,\n" \
"please choose a different nick.")
+1 -18
View File
@@ -777,23 +777,6 @@ public:
*/
virtual void OnChangeCoreDisplay(NickCore *nc, const Anope::string &newdisplay) { throw NotImplementedException(); }
/** called from NickCore::ClearAccess()
* @param nc pointer to the NickCore
*/
virtual void OnNickClearAccess(NickCore *nc) { throw NotImplementedException(); }
/** Called when a user adds an entry to their access list
* @param nc The nick
* @param entry The entry
*/
virtual void OnNickAddAccess(NickCore *nc, const Anope::string &entry) { throw NotImplementedException(); }
/** Called from NickCore::EraseAccess()
* @param nc pointer to the NickCore
* @param entry The access mask
*/
virtual void OnNickEraseAccess(NickCore *nc, const Anope::string &entry) { throw NotImplementedException(); }
/** called from NickCore::ClearCert()
* @param nc pointer to the NickCore
*/
@@ -1096,7 +1079,7 @@ enum Implementation
I_OnCreateChan, I_OnDelChan, I_OnChannelCreate, I_OnChannelDelete, I_OnAkickAdd, I_OnAkickDel, I_OnCheckKick,
I_OnChanInfo, I_OnCheckPriv, I_OnGroupCheckPriv, I_OnNickDrop, I_OnNickGroup, I_OnNickIdentify,
I_OnUserLogin, I_OnNickLogout, I_OnNickRegister, I_OnNickConfirm, I_OnNickSuspend, I_OnNickUnsuspended, I_OnDelNick, I_OnNickCoreCreate,
I_OnDelCore, I_OnChangeCoreDisplay, I_OnNickClearAccess, I_OnNickAddAccess, I_OnNickEraseAccess, I_OnNickClearCert,
I_OnDelCore, I_OnChangeCoreDisplay, I_OnNickClearCert,
I_OnNickAddCert, I_OnNickEraseCert, I_OnNickInfo, I_OnBotInfo, I_OnCheckAuthentication, I_OnNickUpdate,
I_OnFingerprint, I_OnUserAway, I_OnInvite, I_OnDeleteVhost, I_OnSetVhost, I_OnSetDisplayedHost, I_OnMemoSend, I_OnMemoDel,
I_OnChannelModeSet, I_OnChannelModeUnset, I_OnUserModeSet, I_OnUserModeUnset, I_OnChannelModeAdd, I_OnUserModeAdd,
-8
View File
@@ -44,8 +44,6 @@ protected:
Anope::string vident;
Anope::string ident;
Anope::string uid;
/* If the user is on the access list of the nick they're on */
bool on_access;
/* Map of user modes and the params this user has (if any) */
ModeList modes;
/* NickCore account the user is currently logged in as, if they are logged in */
@@ -223,12 +221,6 @@ public:
*/
bool IsIdentified(bool check_nick = false) const;
/** Check if the user is recognized for their nick (on the nicks access list)
* @param check_secure Only returns true if the user has secure off
* @return true or false
*/
bool IsRecognized(bool check_secure = true) const;
/** Check if the user is connected securely.
* @return True if the user is connected securely; otherwise, false.
*/
+5 -187
View File
File diff suppressed because it is too large Load Diff
+1 -2
View File
@@ -116,12 +116,11 @@ public:
ChanServ = bi;
spacesepstream(conf->GetModule(this)->Get<const Anope::string>("defaults", "keeptopic peace cs_secure securefounder signkick")).GetTokens(defaults);
spacesepstream(conf->GetModule(this)->Get<const Anope::string>("defaults", "keeptopic peace securefounder signkick")).GetTokens(defaults);
if (defaults.empty())
{
defaults.emplace_back("KEEPTOPIC");
defaults.emplace_back("PEACE");
defaults.emplace_back("CS_SECURE");
defaults.emplace_back("SECUREFOUNDER");
defaults.emplace_back("SIGNKICK");
}
+1 -1
View File
@@ -196,7 +196,7 @@ public:
target_ci->last_topic_setter = source.service->nick;
const Anope::string settings[] = { "NOAUTOOP", "CS_KEEP_MODES", "PEACE", "PERSIST", "RESTRICTED",
"CS_SECURE", "SECUREFOUNDER", "SECUREOPS", "SIGNKICK", "SIGNKICK_LEVEL", "CS_NO_EXPIRE" };
"SECUREFOUNDER", "SECUREOPS", "SIGNKICK", "SIGNKICK_LEVEL", "CS_NO_EXPIRE" };
for (const auto &setting : settings)
CopySetting(ci, target_ci, setting);
File diff suppressed because it is too large Load Diff
+2 -9
View File
@@ -35,7 +35,6 @@ else \
#define OLD_BI_PRIVATE 0x0001
#define OLD_NI_KILLPROTECT 0x00000001 /* Kill others who take this nick */
#define OLD_NI_SECURE 0x00000002 /* Don't recognize unless IDENTIFY'd */
#define OLD_NI_MSG 0x00000004 /* Use PRIVMSGs instead of NOTICEs */
#define OLD_NI_MEMO_HARDMAX 0x00000008 /* Don't allow user to change memo limit */
#define OLD_NI_MEMO_SIGNON 0x00000010 /* Notify of memos at signon and un-away */
@@ -60,7 +59,6 @@ else \
#define OLD_CI_TOPICLOCK 0x00000008
#define OLD_CI_RESTRICTED 0x00000010
#define OLD_CI_PEACE 0x00000020
#define OLD_CI_SECURE 0x00000040
#define OLD_CI_VERBOTEN 0x00000080
#define OLD_CI_ENCRYPTEDPW 0x00000100
#define OLD_CI_NO_EXPIRE 0x00000200
@@ -449,7 +447,7 @@ static void LoadNicks()
READ(read_string(buffer, f));
auto *nc = new NickCore(buffer);
const Anope::string settings[] = { "killprotect", "kill_quick", "ns_secure", "ns_private", "hide_email",
const Anope::string settings[] = { "killprotect", "kill_quick", "ns_private", "hide_email",
"hide_mask", "hide_quit", "memo_signon", "memo_receive", "autoop", "msg", "ns_keepmodes" };
for (const auto &setting : settings)
nc->Shrink<bool>(setting.upper());
@@ -483,8 +481,6 @@ static void LoadNicks()
READ(read_uint32(&u32, f));
if (u32 & OLD_NI_KILLPROTECT)
nc->Extend<bool>("KILLPROTECT");
if (u32 & OLD_NI_SECURE)
nc->Extend<bool>("NS_SECURE");
if (u32 & OLD_NI_MSG)
nc->Extend<bool>("MSG");
if (u32 & OLD_NI_MEMO_HARDMAX)
@@ -571,7 +567,6 @@ static void LoadNicks()
for (uint16_t j = 0; j < u16; ++j)
{
READ(read_string(buffer, f));
nc->access.push_back(buffer);
}
int16_t i16;
@@ -752,7 +747,7 @@ static void LoadChannels()
READ(read_buffer(namebuf, f));
auto *ci = new ChannelInfo(namebuf);
const Anope::string settings[] = { "keeptopic", "peace", "cs_private", "restricted", "cs_secure", "secureops", "securefounder",
const Anope::string settings[] = { "keeptopic", "peace", "cs_private", "restricted", "secureops", "securefounder",
"signkick", "signkick_level", "topiclock", "persist", "noautoop", "cs_keepmodes" };
for (const auto &setting : settings)
ci->Shrink<bool>(setting.upper());
@@ -801,8 +796,6 @@ static void LoadChannels()
ci->Extend<bool>("RESTRICTED");
if (tmpu32 & OLD_CI_PEACE)
ci->Extend<bool>("PEACE");
if (tmpu32 & OLD_CI_SECURE)
ci->Extend<bool>("CS_SECURE");
if (tmpu32 & OLD_CI_NO_EXPIRE)
ci->Extend<bool>("CS_NO_EXPIRE");
if (tmpu32 & OLD_CI_MEMO_HARDMAX)
+6 -20
View File
@@ -190,27 +190,14 @@ public:
else if (MOD_RESULT == EVENT_ALLOW)
return;
if (!na->nc->HasExt("NS_SECURE") && u->IsRecognized())
{
na->last_seen = Anope::CurTime;
na->last_usermask = u->GetIdent() + "@" + u->GetDisplayedHost();
na->last_realname = u->realname;
return;
}
if (Config->GetModule("nickserv")->Get<bool>("nonicknameownership"))
return;
bool on_access = u->IsRecognized(false);
if (on_access || !na->nc->HasExt("KILL_IMMED"))
if (!na->nc->HasExt("KILL_IMMED"))
{
if (na->nc->HasExt("NS_SECURE"))
u->SendMessage(NickServ, NICK_IS_SECURE, Config->StrictPrivmsg.c_str(), NickServ->nick.c_str());
else
u->SendMessage(NickServ, NICK_IS_REGISTERED, Config->StrictPrivmsg.c_str(), NickServ->nick.c_str());
u->SendMessage(NickServ, NICK_IS_SECURE, Config->StrictPrivmsg.c_str(), NickServ->nick.c_str());
}
if (na->nc->HasExt("KILLPROTECT") && !on_access)
if (na->nc->HasExt("KILLPROTECT"))
{
if (na->nc->HasExt("KILL_IMMED"))
{
@@ -310,10 +297,9 @@ public:
NickServ = bi;
spacesepstream(conf->GetModule(this)->Get<const Anope::string>("defaults", "ns_secure memo_signon memo_receive")).GetTokens(defaults);
spacesepstream(conf->GetModule(this)->Get<const Anope::string>("defaults", "memo_signon memo_receive")).GetTokens(defaults);
if (defaults.empty())
{
defaults.emplace_back("NS_SECURE");
defaults.emplace_back("MEMO_SIGNON");
defaults.emplace_back("MEMO_RECEIVE");
}
@@ -523,7 +509,7 @@ public:
/* Update last quit and last seen for the user */
NickAlias *na = NickAlias::Find(u->nick);
if (na && !na->nc->HasExt("NS_SUSPENDED") && (u->IsRecognized() || u->IsIdentified(true)))
if (na && !na->nc->HasExt("NS_SUSPENDED") && u->IsIdentified(true))
{
na->last_seen = Anope::CurTime;
na->last_quit = msg;
@@ -543,7 +529,7 @@ public:
++it;
User *u = User::Find(na->nick, true);
if (u && (u->IsIdentified(true) || u->IsRecognized()))
if (u && u->IsIdentified(true))
na->last_seen = Anope::CurTime;
bool expire = false;
File diff suppressed because it is too large Load Diff
+1 -1
View File
@@ -299,7 +299,7 @@ public:
source.Reply(NICK_X_NOT_REGISTERED, nick.c_str());
return;
}
else if (na->nc != source.GetAccount() && !source.HasPriv("nickserv/access"))
else if (na->nc != source.GetAccount() && !source.HasPriv("nickserv/cert"))
{
source.Reply(ACCESS_DENIED);
return;
+2 -4
View File
@@ -59,7 +59,7 @@ public:
// same person that is executing the command, so kill them off (old GHOST command).
else if (u->Account() == na->nc)
{
if (!source.GetAccount() && na->nc->HasExt("NS_SECURE"))
if (!source.GetAccount())
{
source.GetUser()->Login(u->Account());
Log(LOG_COMMAND, source, cmd) << "and was automatically identified to " << u->Account()->display;
@@ -90,7 +90,7 @@ public:
/* User is not identified or not identified to the same account as the person using this command */
else
{
if (!source.GetAccount() && na->nc->HasExt("NS_SECURE"))
if (!source.GetAccount())
{
source.GetUser()->Login(na->nc); // Identify the user using the command if they arent identified
Log(LOG_COMMAND, source, cmd) << "and was automatically identified to " << na->nick << " (" << na->nc->display << ")";
@@ -182,8 +182,6 @@ public:
bool ok = false;
if (source.GetAccount() == na->nc)
ok = true;
else if (!na->nc->HasExt("NS_SECURE") && source.GetUser() && na->nc->IsOnAccess(source.GetUser()))
ok = true;
NSCertList *cl = na->nc->GetExt<NSCertList>("certificates");
if (source.GetUser() && !source.GetUser()->fingerprint.empty() && cl && cl->FindCert(source.GetUser()->fingerprint))
+1 -5
View File
@@ -233,11 +233,7 @@ public:
Log(LOG_COMMAND, source, this) << "to register " << na->nick << " (email: " << (!na->nc->email.empty() ? na->nc->email : "none") << ")";
if (na->nc->GetAccessCount())
source.Reply(_("Nickname \002%s\002 registered under your user@host-mask: %s"), u_nick.c_str(), na->nc->GetAccess(0).c_str());
else
source.Reply(_("Nickname \002%s\002 registered."), u_nick.c_str());
source.Reply(_("Nickname \002%s\002 registered."), u_nick.c_str());
if (nsregister.equals_ci("admin"))
{
nc->Extend<bool>("UNCONFIRMED");
File diff suppressed because it is too large Load Diff
-89
View File
@@ -1,89 +0,0 @@
/* NickServ core functions
*
* (C) 2003-2024 Anope Team
* Contact us at team@anope.org
*
* Please read COPYING and README for further details.
*
* Based on the original code of Epona by Lara.
* Based on the original code of Services by Andy Church.
*/
#include "module.h"
class CommandNSStatus final
: public Command
{
public:
CommandNSStatus(Module *creator) : Command(creator, "nickserv/status", 0, 16)
{
this->SetDesc(_("Returns the owner status of the given nickname"));
this->SetSyntax(_("[\037nickname\037]"));
this->AllowUnregistered(true);
}
void Execute(CommandSource &source, const std::vector<Anope::string> &params) override
{
const Anope::string &nick = !params.empty() ? params[0] : source.GetNick();
const NickAlias *na = NickAlias::Find(nick);
spacesepstream sep(nick);
Anope::string nickbuf;
while (sep.GetToken(nickbuf))
{
User *u2 = User::Find(nickbuf, true);
if (!u2) /* Nick is not online */
source.Reply("STATUS %s %d %s", nickbuf.c_str(), 0, "");
else if (u2->IsIdentified() && na && na->nc == u2->Account()) /* Nick is identified */
source.Reply("STATUS %s %d %s", nickbuf.c_str(), 3, u2->Account()->display.c_str());
else if (u2->IsRecognized()) /* Nick is recognised, but NOT identified */
source.Reply("STATUS %s %d %s", nickbuf.c_str(), 2, u2->Account() ? u2->Account()->display.c_str() : "");
else if (!na) /* Nick is online, but NOT a registered */
source.Reply("STATUS %s %d %s", nickbuf.c_str(), 0, "");
else
/* Nick is not identified for the nick, but they could be logged into an account,
* so we tell the user about it
*/
source.Reply("STATUS %s %d %s", nickbuf.c_str(), 1, u2->Account() ? u2->Account()->display.c_str() : "");
}
return;
}
bool OnHelp(CommandSource &source, const Anope::string &subcommand) override
{
this->SendSyntax(source);
source.Reply(" ");
source.Reply(_("Returns whether the user using the given nickname is\n"
"recognized as the owner of the nickname. The response has\n"
"this format:\n"
" \n"
" \037nickname\037 \037status-code\037 \037account\037\n"
" \n"
"where \037nickname\037 is the nickname sent with the command,\n"
"\037status-code\037 is one of the following, and \037account\037\n"
"is the account they are logged in as.\n"
" \n"
" 0 - no such user online \002or\002 nickname not registered\n"
" 1 - user not recognized as nickname's owner\n"
" 2 - user recognized as owner via access list only\n"
" 3 - user recognized as owner via password identification\n"
" \n"
"If no nickname is given, your status will be returned."));
return true;
}
};
class NSStatus final
: public Module
{
CommandNSStatus commandnsstatus;
public:
NSStatus(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator, VENDOR),
commandnsstatus(this)
{
}
};
MODULE_INIT(NSStatus)
+1 -1
View File
@@ -214,7 +214,7 @@ public:
" \n"
"Sets read-only mode on or off. In read-only mode, normal\n"
"users will not be allowed to modify any services data,\n"
"including channel and nickname access lists, etc. IRCops\n"
"including channel access lists, etc. Server operators\n"
"with sufficient services privileges will be able to modify\n"
"Services' AKILL, SQLINE, SNLINE and ignore lists, drop,\n"
"suspend or forbid nicknames and channels, and manage news,\n"
-11
View File
@@ -76,14 +76,6 @@ bool WebCPanel::ChanServ::Set::OnRequest(HTTPProvider *server, const Anope::stri
ci->Shrink<bool>("RESTRICTED");
replacements["MESSAGES"] = "Restricted updated";
}
if (ci->HasExt("CS_SECURE") != message.post_data.count("secure"))
{
if (!ci->HasExt("CS_SECURE"))
ci->Extend<bool>("CS_SECURE");
else
ci->Shrink<bool>("CS_SECURE");
replacements["MESSAGES"] = "Secure updated";
}
if (ci->HasExt("SECUREOPS") != message.post_data.count("secureops"))
{
if (!ci->HasExt("SECUREOPS"))
@@ -132,9 +124,6 @@ bool WebCPanel::ChanServ::Set::OnRequest(HTTPProvider *server, const Anope::stri
if (ci->HasExt("RESTRICTED"))
replacements["RESTRICTED"];
if (ci->HasExt("CS_SECURE"))
replacements["SECURE"];
if (ci->HasExt("SECUREOPS"))
replacements["SECUREOPS"];
@@ -1,39 +0,0 @@
/*
* (C) 2003-2024 Anope Team
* Contact us at team@anope.org
*
* Please read COPYING and README for further details.
*/
#include "../../webcpanel.h"
WebCPanel::NickServ::Access::Access(const Anope::string &cat, const Anope::string &u) : WebPanelProtectedPage(cat, u)
{
}
bool WebCPanel::NickServ::Access::OnRequest(HTTPProvider *server, const Anope::string &page_name, HTTPClient *client, HTTPMessage &message, HTTPReply &reply, NickAlias *na, TemplateFileServer::Replacements &replacements)
{
if (message.post_data.count("access") > 0)
{
std::vector<Anope::string> params;
params.emplace_back("ADD");
params.push_back(message.post_data["access"]);
WebPanel::RunCommand(client, na->nc->display, na->nc, "NickServ", "nickserv/access", params, replacements);
}
else if (message.get_data.count("del") > 0 && message.get_data.count("mask") > 0)
{
std::vector<Anope::string> params;
params.emplace_back("DEL");
params.push_back(message.get_data["mask"]);
WebPanel::RunCommand(client, na->nc->display, na->nc, "NickServ", "nickserv/access", params, replacements);
}
for (const auto &access : na->nc->access)
replacements["ACCESS"] = access;
TemplateFileServer page("nickserv/access.html");
page.Serve(server, page_name, client, message, reply, replacements);
return true;
}
-27
View File
@@ -1,27 +0,0 @@
/*
* (C) 2003-2024 Anope Team
* Contact us at team@anope.org
*
* Please read COPYING and README for further details.
*/
#pragma once
namespace WebCPanel
{
namespace NickServ
{
class Access final
: public WebPanelProtectedPage
{
public:
Access(const Anope::string &cat, const Anope::string &u);
bool OnRequest(HTTPProvider *, const Anope::string &, HTTPClient *, HTTPMessage &, HTTPReply &, NickAlias *, TemplateFileServer::Replacements &) override;
};
}
}
-10
View File
@@ -56,14 +56,6 @@ bool WebCPanel::NickServ::Info::OnRequest(HTTPProvider *server, const Anope::str
na->nc->Shrink<bool>("NS_PRIVATE");
replacements["MESSAGES"] = "Private updated";
}
if (na->nc->HasExt("NS_SECURE") != message.post_data.count("secure"))
{
if (!na->nc->HasExt("NS_SECURE"))
na->nc->Extend<bool>("NS_SECURE");
else
na->nc->Shrink<bool>("NS_SECURE");
replacements["MESSAGES"] = "Secure updated";
}
if (message.post_data["kill"] == "on" && !na->nc->HasExt("KILLPROTECT"))
{
na->nc->Extend<bool>("KILLPROTECT");
@@ -102,8 +94,6 @@ bool WebCPanel::NickServ::Info::OnRequest(HTTPProvider *server, const Anope::str
replacements["AUTOOP"];
if (na->nc->HasExt("NS_PRIVATE"))
replacements["PRIVATE"];
if (na->nc->HasExt("NS_SECURE"))
replacements["SECURE"];
if (na->nc->HasExt("KILLPROTECT"))
replacements["KILL_ON"];
if (na->nc->HasExt("KILL_QUICK"))
@@ -64,10 +64,6 @@
<td>Restricted</td>
<td><input type="checkbox" name="restricted" value="on" {IF EXISTS RESTRICTED}checked{END IF}></td>
</tr>
<tr>
<td>Secure</td>
<td><input type="checkbox" name="secure" value="on" {IF EXISTS SECURE}checked{END IF}></td>
</tr>
<tr>
<td>Secure Ops</td>
<td><input type="checkbox" name="secureops" value="on" {IF EXISTS SECUREOPS}checked{END IF}></td>
@@ -1,42 +0,0 @@
{INCLUDE header.html}
<div class="panel-heading">Nick access list</div>
<div class="panel-body">
{FOR M IN MESSAGES}
<div class="alert alert-info">
{M}<br>
</div>
{END FOR}
{IF EXISTS ACCESS}
<table id="tableNSAccess" class="table table-hover">
<tbody>
{FOR A IN ACCESS}
<tr>
<td class="col-lg-4">{A}</td>
<td class="col-lg-8"><a href="/nickserv/access?mask={A}&del=1" class="btn btn-sm btn-danger">Delete</a></td>
</tr>
{END FOR}
</tbody>
</table>
{ELSE}
<em>Your access list is empty.</em>
{END IF}
<hr>
<h4>Add an access entry</h4>
<form class="form-horizontal" method="post" action="/nickserv/access">
<div class="form-group">
<label class="control-label col-lg-2" for="access">Hostmask:</label>
<div class="col-lg-5">
<input class="form-control" type="text" name="access" id="access" placeholder="Mask must be in the form user@host">
</div>
</div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-5">
<button type="submit" class="btn btn-primary">Add</button>
</div>
</div>
</form>
</div>
{INCLUDE footer.html}
@@ -48,10 +48,6 @@
<td>Private:</td>
<td><input type="checkbox" name="private" value="on" {IF EXISTS PRIVATE}checked{END IF}></td>
</tr>
<tr>
<td>Secure:</td>
<td><input type="checkbox" name="secure" value="on" {IF EXISTS SECURE}checked{END IF}></td>
</tr>
<tr>
<td>Kill:</td>
<td>
+1 -8
View File
@@ -27,7 +27,6 @@ class ModuleWebCPanel final
WebCPanel::NickServ::Info nickserv_info;
WebCPanel::NickServ::Cert nickserv_cert;
WebCPanel::NickServ::Access nickserv_access;
WebCPanel::NickServ::Alist nickserv_alist;
WebCPanel::NickServ::Confirm nickserv_confirm;
@@ -51,7 +50,7 @@ public:
id(this, "webcpanel_id"), ip(this, "webcpanel_ip"), last_login(this, "webcpanel_last_login"),
style_css("style.css", "/static/style.css", "text/css"), logo_png("logo.png", "/static/logo.png", "image/png"), cubes_png("cubes.png", "/static/cubes.png", "image/png"), favicon_ico("favicon.ico", "/favicon.ico", "image/x-icon"),
index("/"), logout("/logout"), _register("/register"), confirm("/confirm"),
nickserv_info("NickServ", "/nickserv/info"), nickserv_cert("NickServ", "/nickserv/cert"), nickserv_access("NickServ", "/nickserv/access"), nickserv_alist("NickServ", "/nickserv/alist"), nickserv_confirm("NickServ", "/nickserv/confirm"),
nickserv_info("NickServ", "/nickserv/info"), nickserv_cert("NickServ", "/nickserv/cert"), nickserv_alist("NickServ", "/nickserv/alist"), nickserv_confirm("NickServ", "/nickserv/confirm"),
chanserv_info("ChanServ", "/chanserv/info"), chanserv_set("ChanServ", "/chanserv/set"), chanserv_access("ChanServ", "/chanserv/access"), chanserv_akick("ChanServ", "/chanserv/akick"),
chanserv_modes("ChanServ", "/chanserv/modes"), chanserv_drop("ChanServ", "/chanserv/drop"), memoserv_memos("MemoServ", "/memoserv/memos"), hostserv_request("HostServ", "/hostserv/request"),
operserv_akill("OperServ", "/operserv/akill")
@@ -99,11 +98,6 @@ public:
provider->RegisterPage(&this->nickserv_cert);
}
ss.name = "Access";
ss.url = "/nickserv/access";
s.subsections.push_back(ss);
provider->RegisterPage(&this->nickserv_access);
ss.name = "AList";
ss.url = "/nickserv/alist";
s.subsections.push_back(ss);
@@ -219,7 +213,6 @@ public:
provider->UnregisterPage(&this->nickserv_info);
provider->UnregisterPage(&this->nickserv_cert);
provider->UnregisterPage(&this->nickserv_access);
provider->UnregisterPage(&this->nickserv_alist);
provider->UnregisterPage(&this->nickserv_confirm);
-1
View File
@@ -170,7 +170,6 @@ namespace WebPanel
#include "pages/nickserv/info.h"
#include "pages/nickserv/cert.h"
#include "pages/nickserv/access.h"
#include "pages/nickserv/alist.h"
#include "pages/nickserv/confirm.h"
-79
View File
File diff suppressed because it is too large Load Diff
+1 -13
View File
@@ -268,10 +268,6 @@ Serializable *ChannelInfo::Unserialize(Serializable *obj, Serialize::Data &data)
/* compat */
bool b;
b = false;
data["extensible:SECURE"] >> b;
if (b)
ci->Extend<bool>("CS_SECURE");
b = false;
data["extensible:PRIVATE"] >> b;
if (b)
ci->Extend<bool>("CS_PRIVATE");
@@ -423,18 +419,10 @@ AccessGroup ChannelInfo::AccessFor(const User *u, bool updateLastUsed)
if (u == NULL)
return group;
const NickCore *nc = u->Account();
if (nc == NULL && !this->HasExt("NS_SECURE") && u->IsRecognized())
{
const NickAlias *na = NickAlias::Find(u->nick);
if (na != NULL)
nc = na->nc;
}
group.super_admin = u->super_admin;
group.founder = IsFounder(u, this);
group.ci = this;
group.nc = nc;
group.nc = u->Account();
FindMatches(group, this, u, u->Account());
+3 -25
View File
@@ -40,7 +40,6 @@ User::User(const Anope::string &snick, const Anope::string &sident, const Anope:
quit = false;
server = NULL;
invalid_pw_count = invalid_pw_time = lastmemosend = lastnickreg = lastmail = 0;
on_access = false;
this->nick = snick;
this->ident = sident;
@@ -153,7 +152,7 @@ void User::ChangeNick(const Anope::string &newnick, time_t ts)
else
{
NickAlias *old_na = NickAlias::Find(this->nick);
if (old_na && (this->IsIdentified(true) || this->IsRecognized()))
if (old_na && this->IsIdentified(true))
old_na->last_seen = Anope::CurTime;
UserListByNick.erase(this->nick);
@@ -169,11 +168,7 @@ void User::ChangeNick(const Anope::string &newnick, time_t ts)
}
other = this;
on_access = false;
NickAlias *na = NickAlias::Find(this->nick);
if (na)
on_access = na->nc->IsOnAccess(this);
if (na && na->nc == this->Account())
{
na->last_seen = Anope::CurTime;
@@ -282,7 +277,7 @@ void User::SetRealname(const Anope::string &srealname)
this->realname = srealname;
NickAlias *na = NickAlias::Find(this->nick);
if (na && (this->IsIdentified(true) || this->IsRecognized()))
if (na && this->IsIdentified(true))
na->last_realname = srealname;
Log(this, "realname") << "changed realname to " << srealname;
@@ -446,19 +441,6 @@ bool User::IsIdentified(bool check_nick) const
return this->nc;
}
bool User::IsRecognized(bool check_secure) const
{
if (check_secure && on_access)
{
const NickAlias *na = NickAlias::Find(this->nick);
if (!na || na->nc->HasExt("NS_SECURE"))
return false;
}
return on_access;
}
bool User::IsSecurelyConnected() const
{
return HasMode("SSL") || HasExt("ssl");
@@ -530,11 +512,7 @@ void User::UpdateHost()
return;
NickAlias *na = NickAlias::Find(this->nick);
on_access = false;
if (na)
on_access = na->nc->IsOnAccess(this);
if (na && (this->IsIdentified(true) || this->IsRecognized()))
if (na && this->IsIdentified(true))
{
Anope::string last_usermask = this->GetIdent() + "@" + this->GetDisplayedHost();
Anope::string last_realhost = this->GetIdent() + "@" + this->host;