summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Powell <petpow@saberuk.com>2019-02-15 12:35:51 +0000
committerPeter Powell <petpow@saberuk.com>2019-02-15 12:35:51 +0000
commit27e261780809073b5c776e535f8d2402c0df2ec7 (patch)
treeed676467399cb2df979e120ab1eb817275c5ea19
parenta7fc2fe0dc845ffba1f4575e694aa1bb7f60756b (diff)
Move the close and jumpserver modules to inspircd-extras.
- The close module is borderline useless. - The jumpserver numeric is supported by barely any clients and has various security problems.
-rw-r--r--docs/conf/helpop.conf.example45
-rw-r--r--docs/conf/modules.conf.example14
-rw-r--r--docs/conf/opers.conf.example4
-rw-r--r--src/modules/m_close.cpp83
-rw-r--r--src/modules/m_jumpserver.cpp198
5 files changed, 12 insertions, 332 deletions
diff --git a/docs/conf/helpop.conf.example b/docs/conf/helpop.conf.example
index a38040f91..bd184f6ef 100644
--- a/docs/conf/helpop.conf.example
+++ b/docs/conf/helpop.conf.example
@@ -407,16 +407,16 @@ Sets your name to the specified name.">
-------------
ALLTIME CBAN CHECK CHGHOST CHGIDENT
-CHGNAME CLEARCHAN CLOAK CLONES CLOSE
-CONNECT DIE ELINE FILTER GLINE
-GLOADMODULE GLOBOPS GRELOADMODULE GUNLOADMODULE JUMPSERVER
-KILL KLINE LOADMODULE LOCKSERV MODENOTICE
-NICKLOCK NICKUNLOCK OJOIN OPERMOTD QLINE
-RCONNECT REHASH RELOADMODULE RESTART RLINE
-RSQUIT SAJOIN SAKICK SAMODE SANICK
-SAPART SAQUIT SATOPIC SETHOST SETIDENT
-SETIDLE SHUN SQUIT SWHOIS TLINE
-UNLOADMODULE UNLOCKSERV USERIP WALLOPS ZLINE">
+CHGNAME CLEARCHAN CLOAK CLONES CONNECT
+DIE ELINE FILTER GLINE GLOADMODULE
+GLOBOPS GRELOADMODULE GUNLOADMODULE KILL KLINE
+LOADMODULE LOCKSERV MODENOTICE NICKLOCK NICKUNLOCK
+OJOIN OPERMOTD QLINE RCONNECT REHASH
+RELOADMODULE RESTART RLINE RSQUIT SAJOIN
+SAKICK SAMODE SANICK SAPART SAQUIT
+SATOPIC SETHOST SETIDENT SETIDLE SHUN
+SQUIT SWHOIS TLINE UNLOADMODULE UNLOCKSERV
+USERIP WALLOPS ZLINE">
<helpop key="userip" value="/USERIP <nick> [<nick>]
@@ -438,27 +438,6 @@ service is temporarily closed and to try again later.">
Opens the server up again for new connections.">
-<helpop key="jumpserver" value="/JUMPSERVER [<newserver> <newport> <(+|-)[flags]> :[<reason>]]
-
-Sets or cancels jumpserver mode. If no parameters are given,
-jumpserver mode is cancelled, if it is currently set. If parameters
-are given, a server address must be given for <newserver> and a
-server port must be given for <newport>. Zero or more status flags
-should be given for 'flags', from the list below (if you do not
-wish to specify any flags just place a '+' in this field):
-
-1. +a: Redirect all users immediately (except for opers) and cause
-them to quit with the given reason
-
-2. +n: Redirect any new users who connect and cause them to quit
-during registration
-
-You may use + and - to set or unset these flags in the command, the
-default flags are -a+n, which will just redirect new users. The
-reason parameter is optional, and if not provided defaults to
-'Please use this server/port instead' (the default given in various
-numeric lists)">
-
<helpop key="filter" value="/FILTER <filter-definition> [<action> <flags> [<duration>] :<reason>]
This command will add a filter when more than one parameter is given,
@@ -776,10 +755,6 @@ The duration may be specified in seconds, or in the format
1y2w3d4h5m6s - meaning one year, two weeks, three days, 4 hours,
5 minutes and 6 seconds. All fields in this format are optional.">
-<helpop key="close" value="/CLOSE
-
-Closes all unregistered connections to the local server.">
-
<helpop key="clearchan" value="/CLEARCHAN <channel> [<KILL|KICK|G|Z>] [<reason>]
Quits or kicks all non-opers from a channel, optionally G/Z-lines them.
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example
index fded47e2f..090096668 100644
--- a/docs/conf/modules.conf.example
+++ b/docs/conf/modules.conf.example
@@ -554,12 +554,6 @@
# key="changeme"
# prefix="net-">
-#-#-#-#-#-#-#-#-#-#-#-#- CLOSE MODULE #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Close module: Allows an oper to close all unregistered connections.
-# This module is oper-only and provides the /CLOSE command.
-# To use, CLOSE must be in one of your oper class blocks.
-#<module name="close">
-
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Clones module: Adds an oper command /CLONES for detecting cloned
# users. Warning: This command may be resource intensive when it is
@@ -1166,14 +1160,6 @@
#<joinflood duration="1m">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
-# Jump server module: Adds support for the RPL_REDIR numeric.
-# This module is oper-only.
-# To use, JUMPSERVER must be in one of your oper class blocks.
-# If your server is redirecting new clients and you get disconnected,
-# do a REHASH from shell to open up again.
-#<module name="jumpserver">
-
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Anti auto rejoin: Adds support for prevention of auto-rejoin (+J).
#<module name="kicknorejoin">
diff --git a/docs/conf/opers.conf.example b/docs/conf/opers.conf.example
index 4112e56dd..98bc47c69 100644
--- a/docs/conf/opers.conf.example
+++ b/docs/conf/opers.conf.example
@@ -43,8 +43,8 @@
chanmodes="*">
<class name="SACommands" commands="SAJOIN SAPART SANICK SAQUIT SATOPIC SAKICK SAMODE OJOIN">
-<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS JUMPSERVER LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
-<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN CLOSE" usermodes="*" chanmodes="*">
+<class name="ServerLink" commands="CONNECT SQUIT RCONNECT RSQUIT MKPASSWD ALLTIME SWHOIS LOCKSERV UNLOCKSERV" usermodes="*" chanmodes="*" privs="servers/auspex">
+<class name="BanControl" commands="KILL GLINE KLINE ZLINE QLINE ELINE TLINE RLINE CHECK NICKLOCK NICKUNLOCK SHUN CLONES CBAN" usermodes="*" chanmodes="*">
<class name="OperChat" commands="WALLOPS GLOBOPS" usermodes="*" chanmodes="*" privs="users/mass-message">
<class name="HostCloak" commands="SETHOST SETIDENT SETIDLE CHGNAME CHGHOST CHGIDENT" usermodes="*" chanmodes="*" privs="users/auspex">
diff --git a/src/modules/m_close.cpp b/src/modules/m_close.cpp
deleted file mode 100644
index c2a94a6ff..000000000
--- a/src/modules/m_close.cpp
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- * InspIRCd -- Internet Relay Chat Daemon
- *
- * Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
- * Copyright (C) 2007 Carsten Valdemar Munk <carsten.munk+inspircd@gmail.com>
- *
- * This file is part of InspIRCd. InspIRCd is free software: you can
- * redistribute it and/or modify it under the terms of the GNU General Public
- * License as published by the Free Software Foundation, version 2.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-
-#include "inspircd.h"
-
-/** Handle /CLOSE
- */
-class CommandClose : public Command
-{
- public:
- /* Command 'close', needs operator */
- CommandClose(Module* Creator) : Command(Creator,"CLOSE", 0)
- {
- flags_needed = 'o';
- }
-
- CmdResult Handle(User* src, const Params& parameters) CXX11_OVERRIDE
- {
- std::map<std::string,int> closed;
-
- const UserManager::LocalList& list = ServerInstance->Users.GetLocalUsers();
- for (UserManager::LocalList::const_iterator u = list.begin(); u != list.end(); )
- {
- // Quitting the user removes it from the list
- LocalUser* user = *u;
- ++u;
- if (user->registered != REG_ALL)
- {
- ServerInstance->Users->QuitUser(user, "Closing all unknown connections per request");
- std::string key = ConvToStr(user->GetIPString())+"."+ConvToStr(user->server_sa.port());
- closed[key]++;
- }
- }
-
- int total = 0;
- for (std::map<std::string,int>::iterator ci = closed.begin(); ci != closed.end(); ci++)
- {
- src->WriteNotice("*** Closed " + ConvToStr(ci->second) + " unknown " + (ci->second == 1 ? "connection" : "connections") +
- " from [" + ci->first + "]");
- total += ci->second;
- }
- if (total)
- src->WriteNotice("*** " + ConvToStr(total) + " unknown " + (total == 1 ? "connection" : "connections") + " closed");
- else
- src->WriteNotice("*** No unknown connections found");
-
- return CMD_SUCCESS;
- }
-};
-
-class ModuleClose : public Module
-{
- CommandClose cmd;
- public:
- ModuleClose()
- : cmd(this)
- {
- }
-
- Version GetVersion() CXX11_OVERRIDE
- {
- return Version("Provides /CLOSE functionality", VF_VENDOR);
- }
-};
-
-MODULE_INIT(ModuleClose)
diff --git a/src/modules/m_jumpserver.cpp b/src/modules/m_jumpserver.cpp
deleted file mode 100644
index 80b0a84ab..000000000
--- a/src/modules/m_jumpserver.cpp
+++ /dev/null
@@ -1,198 +0,0 @@
-/*
- * InspIRCd -- Internet Relay Chat Daemon
- *
- * Copyright (C) 2007-2008 Craig Edwards <craigedwards@brainbox.cc>
- * Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
- * Copyright (C) 2007 Robin Burchell <robin+git@viroteck.net>
- *
- * This file is part of InspIRCd. InspIRCd is free software: you can
- * redistribute it and/or modify it under the terms of the GNU General Public
- * License as published by the Free Software Foundation, version 2.
- *
- * This program is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-
-#include "inspircd.h"
-#include "modules/ssl.h"
-
-enum
-{
- // From ircd-ratbox.
- RPL_REDIR = 10
-};
-
-/** Handle /JUMPSERVER
- */
-class CommandJumpserver : public Command
-{
- public:
- bool redirect_new_users;
- std::string redirect_to;
- std::string reason;
- int port;
- int sslport;
- UserCertificateAPI sslapi;
-
- CommandJumpserver(Module* Creator)
- : Command(Creator, "JUMPSERVER", 0, 4)
- , sslapi(Creator)
- {
- flags_needed = 'o';
- syntax = "[<server> <port>[:<sslport>] <+/-an> <reason>]";
- port = 0;
- sslport = 0;
- redirect_new_users = false;
- }
-
- CmdResult Handle(User* user, const Params& parameters) CXX11_OVERRIDE
- {
- int n_done = 0;
- reason = (parameters.size() < 4) ? "Please use this server/port instead" : parameters[3];
- bool redirect_all_immediately = false;
- redirect_new_users = true;
- bool direction = true;
- std::string n_done_s;
-
- /* No parameters: jumpserver disabled */
- if (parameters.empty())
- {
- if (port)
- user->WriteNotice("*** Disabled jumpserver (previously set to '" + redirect_to + ":" + ConvToStr(port) + "')");
- else
- user->WriteNotice("*** Jumpserver was not enabled.");
-
- port = 0;
- sslport = 0;
- redirect_to.clear();
- return CMD_SUCCESS;
- }
-
- port = 0;
- redirect_to.clear();
-
- if (parameters.size() >= 3)
- {
- for (std::string::const_iterator n = parameters[2].begin(); n != parameters[2].end(); ++n)
- {
- switch (*n)
- {
- case '+':
- direction = true;
- break;
- case '-':
- direction = false;
- break;
- case 'a':
- redirect_all_immediately = direction;
- break;
- case 'n':
- redirect_new_users = direction;
- break;
- default:
- user->WriteNotice("*** Invalid JUMPSERVER flag: " + ConvToStr(*n));
- return CMD_FAILURE;
- break;
- }
- }
-
- size_t delimpos = parameters[1].find(':');
- port = ConvToNum<int>(parameters[1].substr(0, delimpos ? delimpos : std::string::npos));
- sslport = (delimpos == std::string::npos ? 0 : ConvToNum<int>(parameters[1].substr(delimpos + 1)));
-
- if (parameters[1].find_first_not_of("0123456789:") != std::string::npos
- || parameters[1].rfind(':') != delimpos
- || port > 65535 || sslport > 65535)
- {
- user->WriteNotice("*** Invalid port number");
- return CMD_FAILURE;
- }
-
- if (redirect_all_immediately)
- {
- /* Redirect everyone but the oper sending the command */
- const UserManager::LocalList& list = ServerInstance->Users.GetLocalUsers();
- for (UserManager::LocalList::const_iterator i = list.begin(); i != list.end(); )
- {
- // Quitting the user removes it from the list
- LocalUser* t = *i;
- ++i;
- if (!t->IsOper())
- {
- t->WriteNumeric(RPL_REDIR, parameters[0], GetPort(t), "Please use this Server/Port instead");
- ServerInstance->Users->QuitUser(t, reason);
- n_done++;
- }
- }
- if (n_done)
- {
- n_done_s = ConvToStr(n_done);
- }
- }
-
- if (redirect_new_users)
- redirect_to = parameters[0];
-
- user->WriteNotice("*** Set jumpserver to server '" + parameters[0] + "' port '" + (port ? ConvToStr(port) : "Auto") + ", SSL " + (sslport ? ConvToStr(sslport) : "Auto") + "', flags '+" +
- (redirect_all_immediately ? "a" : "") + (redirect_new_users ? "n'" : "'") +
- (n_done ? " (" + n_done_s + "user(s) redirected): " : ": ") + reason);
- }
-
- return CMD_SUCCESS;
- }
-
- int GetPort(LocalUser* user)
- {
- int p = (sslapi && sslapi->GetCertificate(user) ? sslport : port);
- if (p == 0)
- p = user->server_sa.port();
- return p;
- }
-};
-
-class ModuleJumpServer : public Module
-{
- CommandJumpserver js;
- public:
- ModuleJumpServer() : js(this)
- {
- }
-
- void OnModuleRehash(User* user, const std::string& param) CXX11_OVERRIDE
- {
- if (irc::equals(param, "jumpserver") && js.redirect_new_users)
- js.redirect_new_users = false;
- }
-
- ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE
- {
- if (js.redirect_new_users)
- {
- int port = js.GetPort(user);
- user->WriteNumeric(RPL_REDIR, js.redirect_to, port, "Please use this Server/Port instead");
- ServerInstance->Users->QuitUser(user, js.reason);
- return MOD_RES_DENY;
- }
- return MOD_RES_PASSTHRU;
- }
-
- void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
- {
- // Emergency way to unlock
- if (!status.srcuser)
- js.redirect_new_users = false;
- }
-
- Version GetVersion() CXX11_OVERRIDE
- {
- return Version("Provides support for the RPL_REDIR numeric and the /JUMPSERVER command.", VF_VENDOR);
- }
-};
-
-MODULE_INIT(ModuleJumpServer)