summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2007-02-01 20:26:12 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2007-02-01 20:26:12 +0000
commitfa923bb5549eba6807ebd1274d0b5cbfa503667a (patch)
tree9ecf858b1c557b5e4f6772461f6f6d206dcc49a9
parent685861f2bd0e30d7dcf74ff4cb97fd77e73d8463 (diff)
Add <securelist:exception> to allow certain masks to get around securelist.
By default add two lines to the config which allow searchirc and netsplit.de. (bwahaha) git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6475 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r--docs/inspircd.conf.example22
-rw-r--r--src/modules/m_securelist.cpp21
2 files changed, 33 insertions, 10 deletions
diff --git a/docs/inspircd.conf.example b/docs/inspircd.conf.example
index 27ec1d7e0..06435f057 100644
--- a/docs/inspircd.conf.example
+++ b/docs/inspircd.conf.example
@@ -377,7 +377,7 @@
<oper name="katsklaw"
password="s3cret"
host="ident@dialup15.isp.com *@localhost *@server.com *@3ffe::0/16"
- fingerprint="a41d730937a53b79f788c0ab13e9e1d5"
+ fingerprint="a41d730937a53b79f788c0ab13e9e1d5"
type="NetAdmin">
@@ -494,18 +494,18 @@
<link name="hub.penguin.org"
ipaddr="penguin.box.com"
port="7000"
- allowmask="69.58.44.0/24"
+ allowmask="69.58.44.0/24"
autoconnect="300"
- failover="hub.other.net"
- timeout="15"
- transport="gnutls"
+ failover="hub.other.net"
+ timeout="15"
+ transport="gnutls"
sendpass="outgoing!password"
recvpass="incoming!password">
<link name="services.antarctic.com"
ipaddr="localhost"
port="7000"
- allowmask="127.0.0.0/8"
+ allowmask="127.0.0.0/8"
sendpass="penguins"
recvpass="polarbears">
@@ -1492,10 +1492,18 @@
# SAQUIT module: Adds the oper /SAQUIT command (abusable!!!)
#<module name="m_saquit.so">
-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-
+#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Secure list module: Prevent /LIST in the first minute of connection,
# crippling most spambots and trojan spreader bots.
#<module name="m_securelist.so">
+#
+#-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
+# #
+# Securelist can be harmful to some irc search engines such as #
+# netsplit.de and searchirc.com. To prevent securelist blocking these #
+# sites from listing, define exception tags as shown below: #
+<securelist exception="*@*.searchirc.com">
+<securelist exception="*@*.netsplit.de">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Set Idle module: Adds a command for opers to change their
diff --git a/src/modules/m_securelist.cpp b/src/modules/m_securelist.cpp
index b9d7363a5..efa448290 100644
--- a/src/modules/m_securelist.cpp
+++ b/src/modules/m_securelist.cpp
@@ -23,11 +23,11 @@
class ModuleSecureList : public Module
{
private:
-
+ std::vector<std::string> allowlist;
public:
ModuleSecureList(InspIRCd* Me) : Module::Module(Me)
{
-
+ OnRehash(NULL,"");
}
virtual ~ModuleSecureList()
@@ -38,10 +38,19 @@ class ModuleSecureList : public Module
{
return Version(1,1,0,0,VF_VENDOR,API_VERSION);
}
+
+ void OnRehash(userrec* user, const std::string &parameter)
+ {
+ ConfigReader* MyConf = new ConfigReader(ServerInstance);
+ allowlist.clear();
+ for (int i = 0; i < MyConf->Enumerate("securelist"); i++)
+ allowlist.push_back(MyConf->ReadValue("securelist", "exception", i));
+ DELETE(MyConf);
+ }
void Implements(char* List)
{
- List[I_OnPreCommand] = List[I_On005Numeric] = 1;
+ List[I_OnRehash] = List[I_OnPreCommand] = List[I_On005Numeric] = 1;
}
/*
@@ -56,6 +65,12 @@ class ModuleSecureList : public Module
if ((command == "LIST") && (ServerInstance->Time() < (user->signon+60)) && (!*user->oper))
{
+ /* Normally wouldnt be allowed here, are they exempt? */
+ for (std::vector<std::string>::iterator x = allowlist.begin(); x != allowlist.end(); x++)
+ if (ServerInstance->MatchText(user->MakeHost(), *x))
+ return 0;
+
+ /* Not exempt, BOOK EM DANNO! */
user->WriteServ("NOTICE %s :*** You cannot list within the first minute of connecting. Please try again later.",user->nick);
/* Some crap clients (read: mIRC, various java chat applets) muck up if they don't
* receive these numerics whenever they send LIST, so give them an empty LIST to mull over.