summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPeter Powell <petpow@saberuk.com>2017-08-05 18:33:04 +0100
committerGitHub <noreply@github.com>2017-08-05 18:33:04 +0100
commit02497bfa999da26c19a92d8620c35bb97f1da711 (patch)
tree084ec771864163a4e93077a94895660c927903c5 /src
parent0b60166d8a9ca1c461f014b9dcb03312f2e487d7 (diff)
parent62fe5b32bcdc86aa4eb67bbe8dee214066382eeb (diff)
Merge pull request #1351 from SaberUK/master+webirc
Allow filtering WebIRC connections into a connect class by gateway.
Diffstat (limited to 'src')
-rw-r--r--src/modules/m_cgiirc.cpp33
1 files changed, 27 insertions, 6 deletions
diff --git a/src/modules/m_cgiirc.cpp b/src/modules/m_cgiirc.cpp
index 5eba5ce35..3fd9bf250 100644
--- a/src/modules/m_cgiirc.cpp
+++ b/src/modules/m_cgiirc.cpp
@@ -56,8 +56,8 @@ typedef std::vector<CGIhost> CGIHostlist;
/*
* WEBIRC
* This is used for the webirc method of CGIIRC auth, and is (really) the best way to do these things.
- * Syntax: WEBIRC password client hostname ip
- * Where password is a shared key, client is the name of the "client" and version (e.g. cgiirc), hostname
+ * Syntax: WEBIRC password gateway hostname ip
+ * Where password is a shared key, gateway is the name of the WebIRC gateway and version (e.g. cgiirc), hostname
* is the resolved host of the client issuing the command and IP is the real IP of the client.
*
* How it works:
@@ -68,18 +68,20 @@ class CommandWebirc : public Command
{
public:
bool notify;
+ StringExtItem gateway;
StringExtItem realhost;
StringExtItem realip;
CGIHostlist Hosts;
CommandWebirc(Module* Creator)
- : Command(Creator, "WEBIRC", 4),
- realhost("cgiirc_realhost", ExtensionItem::EXT_USER, Creator)
- , realip("cgiirc_realip", ExtensionItem::EXT_USER, Creator)
+ : Command(Creator, "WEBIRC", 4)
+ , gateway("cgiirc_gateway", ExtensionItem::EXT_USER, Creator)
+ , realhost("cgiirc_realhost", ExtensionItem::EXT_USER, Creator)
+ , realip("cgiirc_realip", ExtensionItem::EXT_USER, Creator)
{
allow_empty_last_param = false;
works_before_reg = true;
- this->syntax = "password client hostname ip";
+ this->syntax = "password gateway hostname ip";
}
CmdResult Handle(const std::vector<std::string> &parameters, User *user)
{
@@ -100,6 +102,7 @@ class CommandWebirc : public Command
{
if(iter->type == WEBIRC && parameters[0] == iter->password)
{
+ gateway.set(user, parameters[1]);
realhost.set(user, user->host);
realip.set(user, user->GetIPString());
@@ -314,6 +317,24 @@ public:
return MOD_RES_PASSTHRU;
}
+ ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass) CXX11_OVERRIDE
+ {
+ // If <connect:webirc> is not set then we have nothing to do.
+ const std::string webirc = myclass->config->getString("webirc");
+ if (webirc.empty())
+ return MOD_RES_PASSTHRU;
+
+ // If the user is not connecting via a WebIRC gateway then they
+ // cannot match this connect class.
+ const std::string* gateway = cmd.gateway.get(user);
+ if (!gateway)
+ return MOD_RES_DENY;
+
+ // If the gateway matches the <connect:webirc> constraint then
+ // allow the check to continue. Otherwise, reject it.
+ return InspIRCd::Match(*gateway, webirc) ? MOD_RES_PASSTHRU : MOD_RES_DENY;
+ }
+
ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE
{
for(CGIHostlist::iterator iter = cmd.Hosts.begin(); iter != cmd.Hosts.end(); iter++)