From b105e9366b0d8fc3b6ee41942cc2a3518e24bc21 Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Fri, 16 Jun 2017 18:08:40 +0100 Subject: Fix exempting CTCP ACTIONs in m_blockcaps and m_noctcp. Previously we assumed that CTCP ACTIONs matched "\1ACTION ". This is incorrect because "\1ACTION\1" and "\1ACTION" are valid CTCPs. --- src/modules/m_blockcaps.cpp | 2 +- src/modules/m_noctcp.cpp | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'src/modules') diff --git a/src/modules/m_blockcaps.cpp b/src/modules/m_blockcaps.cpp index 200693699..7146ee068 100644 --- a/src/modules/m_blockcaps.cpp +++ b/src/modules/m_blockcaps.cpp @@ -67,7 +67,7 @@ public: { if (target_type == TYPE_CHANNEL) { - if ((!IS_LOCAL(user)) || (text.length() < minlen)) + if ((!IS_LOCAL(user)) || (text.length() < minlen) || (text == "\1ACTION\1") || (text == "\1ACTION")) return MOD_RES_PASSTHRU; Channel* c = (Channel*)dest; diff --git a/src/modules/m_noctcp.cpp b/src/modules/m_noctcp.cpp index 1dd6fe34a..c934a05c6 100644 --- a/src/modules/m_noctcp.cpp +++ b/src/modules/m_noctcp.cpp @@ -67,7 +67,7 @@ class ModuleNoCTCP : public Module if ((target_type == TYPE_CHANNEL) && (IS_LOCAL(user))) { Channel* c = (Channel*)dest; - if ((text.empty()) || (text[0] != '\001') || (!strncmp(text.c_str(),"\1ACTION ",8))) + if ((text.empty()) || (text[0] != '\001') || (!strncmp(text.c_str(),"\1ACTION ", 8)) || (text == "\1ACTION\1") || (text == "\1ACTION")) return MOD_RES_PASSTHRU; ModResult res = ServerInstance->OnCheckExemption(user,c,"noctcp"); -- cgit v1.2.3 From 1f2a8e4db6a4c722de4e090fcd7f710d874de1ed Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Fri, 25 Aug 2017 13:12:44 +0100 Subject: Fix mistakenly hardcoding the halfop prefix char in timedbans. This will almost always be % but if the server admin is using the customprefix module and remaps it to something else messages will not be sent out correctly. --- src/modules/m_timedbans.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/modules') diff --git a/src/modules/m_timedbans.cpp b/src/modules/m_timedbans.cpp index b47327704..61095d6eb 100644 --- a/src/modules/m_timedbans.cpp +++ b/src/modules/m_timedbans.cpp @@ -119,7 +119,7 @@ class CommandTban : public Command // If halfop is loaded, send notice to halfops and above, otherwise send to ops and above ModeHandler* mh = ServerInstance->Modes->FindMode('h', MODETYPE_CHANNEL); - char pfxchar = (mh && mh->name == "halfop") ? '%' : '@'; + char pfxchar = (mh && mh->name == "halfop") ? mh->GetPrefix() : '@'; channel->WriteAllExcept(ServerInstance->FakeClient, true, pfxchar, tmp, "NOTICE %s :%s added a timed ban on %s lasting for %ld seconds.", channel->name.c_str(), user->nick.c_str(), mask.c_str(), duration); return CMD_SUCCESS; -- cgit v1.2.3 From 5fc4403f621ac93ef8a8c250b30436c0fea8f493 Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Fri, 8 Sep 2017 20:47:10 +0100 Subject: Fix m_cgiirc allowing malformed hosts sent via WEBIRC. --- src/modules/m_cgiirc.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/modules') diff --git a/src/modules/m_cgiirc.cpp b/src/modules/m_cgiirc.cpp index 09f6a4659..9e1a546d6 100644 --- a/src/modules/m_cgiirc.cpp +++ b/src/modules/m_cgiirc.cpp @@ -99,7 +99,7 @@ class CommandWebirc : public Command realhost.set(user, user->host); realip.set(user, user->GetIPString()); - bool host_ok = (parameters[2].length() < 64); + bool host_ok = (parameters[2].length() < 64) && (parameters[2].find_first_not_of("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-") == std::string::npos); const std::string& newhost = (host_ok ? parameters[2] : parameters[3]); if (notify) -- cgit v1.2.3 From 0337b92c158fa662f04056343affd59315da78db Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Wed, 11 Oct 2017 12:15:05 +0100 Subject: Include connection security with the SASL host information. See atheme/atheme@b41753f740 for more details. --- src/modules/m_sasl.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'src/modules') diff --git a/src/modules/m_sasl.cpp b/src/modules/m_sasl.cpp index 5afab9502..0ef93ec5a 100644 --- a/src/modules/m_sasl.cpp +++ b/src/modules/m_sasl.cpp @@ -99,6 +99,15 @@ class SaslAuthenticator params.push_back(host); params.push_back(ip); + LocalUser* lu = IS_LOCAL(user); + if (lu) + { + // NOTE: SaslAuthenticator instances are only created for local + // users so this parameter will always be appended. + SocketCertificateRequest req(&lu->eh, ServerInstance->Modules->Find("m_sasl.so")); + params.push_back(req.cert ? "S" : "P"); + } + SendSASL(params); } -- cgit v1.2.3