diff options
| -rw-r--r-- | doc/modes.txt | 1 | ||||
| -rw-r--r-- | help/umode | 3 | ||||
| -rw-r--r-- | include/client.h | 4 | ||||
| -rw-r--r-- | modules/m_svsmode.c | 3 | ||||
| -rw-r--r-- | modules/m_whois.c | 9 | ||||
| -rw-r--r-- | src/channel.c | 7 | ||||
| -rw-r--r-- | src/s_bsd.c | 1 | ||||
| -rw-r--r-- | src/s_user.c | 8 |
8 files changed, 21 insertions, 15 deletions
diff --git a/doc/modes.txt b/doc/modes.txt index 1e7ed41..7b0f053 100644 --- a/doc/modes.txt +++ b/doc/modes.txt @@ -33,6 +33,7 @@ User Modes: This mode can be set by servers and services only. +R - regonly - Only registered clients may message you +s - servnotice - See general server notices ++S - ssl - Client is connected via SSL/TLS +u - unauth - See unauthorized client notices +w - wallop - See server generated WALLOPS +x - hiddenhost - User's host has been spoofed by services. @@ -10,7 +10,6 @@ Usermodes: (* designates that the umode is oper only) * +w - Can see server wallops. * +z - Can see oper wallops. * +l - Can see oper locops (local wallops). - * +s - Can see generic server messages and oper kills. * +c - Can see client connections and exits. * +u - Can see unauthorized client connections. * +j - Can see 'rejected' client notices. @@ -25,6 +24,8 @@ Usermodes: (* designates that the umode is oper only) +r - User has been registered and identified for its nick. This mode can be set by servers and services only. +R - Only registered clients may message you. + * +s - Can see generic server messages and oper kills. + +S - Client is connected via SSL/TLS * +e - Can see new server introduction and split messages. * +b - Can see possible bot / join flood warnings. * +a - Is marked as a server admin in stats p/o. diff --git a/include/client.h b/include/client.h index f5b1dc3..33d0f98 100644 --- a/include/client.h +++ b/include/client.h @@ -128,6 +128,7 @@ #define FLAGS_FLOOD_NOTICED 0x01000000 /**< Notice to opers about this flooder has been sent */ #define FLAGS_SERVICE 0x02000000 /**< Client/server is a network service */ #define FLAGS_AUTH_SPOOF 0x04000000 /**< user's hostname has been spoofed by an auth{} spoof*/ +#define FLAGS_SSL 0x08000000 /**< User is connected via TLS/SSL */ #define HasFlag(x, y) ((x)->flags & (y)) #define AddFlag(x, y) ((x)->flags |= (y)) @@ -161,6 +162,7 @@ #define UMODE_ADMIN 0x00400000 /**< Admin on server */ #define UMODE_FARCONNECT 0x00800000 /**< Can see remote client connects/exits */ #define UMODE_HIDDENHOST 0x01000000 /**< User's host is hidden */ +#define UMODE_SSL 0x02000000 /**< User is connected via TLS/SSL */ #define UMODE_ALL UMODE_SERVNOTICE @@ -171,7 +173,7 @@ #define SEND_UMODES (UMODE_INVISIBLE | UMODE_OPER | UMODE_WALLOP |\ UMODE_REGONLY | UMODE_REGISTERED | UMODE_ADMIN |\ - UMODE_HIDDEN) + UMODE_HIDDEN | UMODE_SSL) diff --git a/modules/m_svsmode.c b/modules/m_svsmode.c index d54f664..77cfad6 100644 --- a/modules/m_svsmode.c +++ b/modules/m_svsmode.c @@ -146,6 +146,9 @@ ms_svsmode(struct Client *client_p, struct Client *source_p, break; + case 'S': /* Only servers may set +S in a burst */ + break; + default: if ((flag = user_modes[(unsigned char)*m])) { diff --git a/modules/m_whois.c b/modules/m_whois.c index 85531a2..764e458 100644 --- a/modules/m_whois.c +++ b/modules/m_whois.c @@ -136,6 +136,10 @@ whois_person(struct Client *source_p, struct Client *target_p) show_ip ? target_p->sockhost : "255.255.255.255"); } + if (HasUMode(target_p, UMODE_SSL)) + sendto_one(source_p, form_str(RPL_WHOISSECURE), me.name, + source_p->name, target_p->name); + if (!EmptyString(target_p->certfp)) if (target_p == source_p || HasUMode(source_p, UMODE_OPER)) sendto_one(source_p, form_str(RPL_WHOISCERTFP), me.name, @@ -143,11 +147,6 @@ whois_person(struct Client *source_p, struct Client *target_p) if (MyConnect(target_p)) { -#ifdef HAVE_LIBCRYPTO - if (target_p->localClient->fd.ssl) - sendto_one(source_p, form_str(RPL_WHOISSECURE), - me.name, source_p->name, target_p->name); -#endif sendto_one(source_p, form_str(RPL_WHOISIDLE), me.name, source_p->name, target_p->name, idle_time_get(source_p, target_p), diff --git a/src/channel.c b/src/channel.c index 1c04488..e588add 100644 --- a/src/channel.c +++ b/src/channel.c @@ -641,13 +641,8 @@ is_banned(const struct Channel *chptr, const struct Client *who) int can_join(struct Client *source_p, struct Channel *chptr, const char *key) { -#ifdef HAVE_LIBCRYPTO - if ((chptr->mode.mode & MODE_SSLONLY) && !source_p->localClient->fd.ssl) + if ((chptr->mode.mode & MODE_SSLONLY) && !HasUMode(source_p, UMODE_SSL)) return ERR_SSLONLYCHAN; -#else - if ((chptr->mode.mode & MODE_SSLONLY)) - return ERR_SSLONLYCHAN; -#endif if ((chptr->mode.mode & MODE_REGONLY) && !HasUMode(source_p, UMODE_REGISTERED)) return ERR_NEEDREGGEDNICK; diff --git a/src/s_bsd.c b/src/s_bsd.c index e0b8173..903741e 100644 --- a/src/s_bsd.c +++ b/src/s_bsd.c @@ -368,6 +368,7 @@ add_connection(struct Listener *listener, struct irc_ssaddr *irn, int fd) return; } + AddFlag(new_client, FLAGS_SSL); SSL_set_fd(new_client->localClient->fd.ssl, fd); ssl_handshake(0, new_client); } diff --git a/src/s_user.c b/src/s_user.c index ebbeecd..97ad2c1 100644 --- a/src/s_user.c +++ b/src/s_user.c @@ -101,7 +101,7 @@ const unsigned int user_modes[256] = 0, /* P */ 0, /* Q */ UMODE_REGONLY, /* R */ - 0, /* S */ + UMODE_SSL, /* S */ 0, /* T */ 0, /* U */ 0, /* V */ @@ -895,6 +895,7 @@ set_user_mode(struct Client *client_p, struct Client *source_p, break; + case 'S': /* Only servers may set +S in a burst */ case 'r': /* Only services may set +r */ case 'x': /* Only services may set +x */ break; @@ -1143,10 +1144,13 @@ user_welcome(struct Client *source_p) #endif #ifdef HAVE_LIBCRYPTO - if (source_p->localClient->fd.ssl != NULL) + if (HasFlag(source_p, FLAGS_SSL)) + { + AddUMode(source_p, UMODE_SSL); sendto_one(source_p, ":%s NOTICE %s :*** Connected securely via %s", me.name, source_p->name, ssl_get_cipher(source_p->localClient->fd.ssl)); + } #endif sendto_one(source_p, form_str(RPL_WELCOME), me.name, source_p->name, |