Add <securelist:exception> to allow certain masks to get around securelist.

By default add two lines to the config which allow searchirc and netsplit.de.
(bwahaha)


git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6475 e03df62e-2008-0410-955e-edbf42e46eb7

2 files changed, 33 insertions, 10 deletions

diff --git a/docs/inspircd.conf.example b/docs/inspircd.conf.example
index 27ec1d7e0..06435f057 100644
--- a/docs/inspircd.conf.example
+++ b/docs/inspircd.conf.example
@@ -377,7 +377,7 @@
 <oper   name="katsklaw"
         password="s3cret"
         host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16"
-	fingerprint="a41d730937a53b79f788c0ab13e9e1d5"
+        fingerprint="a41d730937a53b79f788c0ab13e9e1d5"
         type="NetAdmin">
 
 
@@ -494,18 +494,18 @@
 <link name="hub.penguin.org"
         ipaddr="penguin.box.com"
         port="7000"
-	allowmask="69.58.44.0/24"
+        allowmask="69.58.44.0/24"
         autoconnect="300"
-	failover="hub.other.net"
-	timeout="15"
-	transport="gnutls"
+        failover="hub.other.net"
+        timeout="15"
+        transport="gnutls"
         sendpass="outgoing!password"
         recvpass="incoming!password">
 
 <link name="services.antarctic.com"
         ipaddr="localhost"
         port="7000"
-	allowmask="127.0.0.0/8"
+        allowmask="127.0.0.0/8"
         sendpass="penguins"
         recvpass="polarbears">
 
@@ -1492,10 +1492,18 @@
 # SAQUIT module: Adds the oper /SAQUIT command (abusable!!!)
 #<module name="m_saquit.so">
 
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
 # Secure list module: Prevent /LIST in the first minute of connection,
 # crippling most spambots and trojan spreader bots.
 #<module name="m_securelist.so">
+#
+#-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
+#                                                                     #
+# Securelist can be harmful to some irc search engines such as        #
+# netsplit.de and searchirc.com. To prevent securelist blocking these #
+# sites from listing, define exception tags as shown below:           #
+<securelist exception="*@*.searchirc.com">
+<securelist exception="*@*.netsplit.de">
 
 #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
 # Set Idle module: Adds a command for opers to change their
diff --git a/src/modules/m_securelist.cpp b/src/modules/m_securelist.cpp
index b9d7363a5..efa448290 100644
--- a/src/modules/m_securelist.cpp
+++ b/src/modules/m_securelist.cpp
@@ -23,11 +23,11 @@
 class ModuleSecureList : public Module
 {
  private:
-	 
+	std::vector<std::string> allowlist;
  public:
 	ModuleSecureList(InspIRCd* Me) : Module::Module(Me)
 	{
-		
+		OnRehash(NULL,"");
 	}
  
 	virtual ~ModuleSecureList()
@@ -38,10 +38,19 @@ class ModuleSecureList : public Module
 	{
 		return Version(1,1,0,0,VF_VENDOR,API_VERSION);
 	}
+
+	void OnRehash(userrec* user, const std::string &parameter)
+	{
+		ConfigReader* MyConf = new ConfigReader(ServerInstance);
+		allowlist.clear();
+		for (int i = 0; i < MyConf->Enumerate("securelist"); i++)
+			allowlist.push_back(MyConf->ReadValue("securelist", "exception", i));
+		DELETE(MyConf);
+	}
  
 	void Implements(char* List)
 	{
-		List[I_OnPreCommand] = List[I_On005Numeric] = 1;
+		List[I_OnRehash] = List[I_OnPreCommand] = List[I_On005Numeric] = 1;
 	}
 
 	/*
@@ -56,6 +65,12 @@ class ModuleSecureList : public Module
  
 		if ((command == "LIST") && (ServerInstance->Time() < (user->signon+60)) && (!*user->oper))
 		{
+			/* Normally wouldnt be allowed here, are they exempt? */
+			for (std::vector<std::string>::iterator x = allowlist.begin(); x != allowlist.end(); x++)
+				if (ServerInstance->MatchText(user->MakeHost(), *x))
+					return 0;
+
+			/* Not exempt, BOOK EM DANNO! */
 			user->WriteServ("NOTICE %s :*** You cannot list within the first minute of connecting. Please try again later.",user->nick);
 			/* Some crap clients (read: mIRC, various java chat applets) muck up if they don't
 			 * receive these numerics whenever they send LIST, so give them an empty LIST to mull over.