aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Sadie Powell2020-06-08 18:14:19 +0100
committerGravatar Sadie Powell2020-06-08 18:14:19 +0100
commit58e9055162e003f991870637b73f8ec4044d56a8 (patch)
tree62289918baee8739fb14a71d3e10c47e1eff5210
parentRip out compatibility code for the 2.0 protocol. (diff)
parentAdd an ISUPPORT token for the bot mode and 'B' to the WHO flags. (diff)
Merge branch 'insp3' into master.
-rw-r--r--.github/SECURITY.md4
-rw-r--r--docs/conf/modules.conf.example2
-rw-r--r--include/modules.h67
-rw-r--r--include/typedefs.h2
-rw-r--r--make/template/help.txt19
-rw-r--r--make/template/main.mk1
-rw-r--r--src/modules/m_botmode.cpp27
-rw-r--r--src/modules/m_ircv3_ctctags.cpp9
-rw-r--r--src/modules/m_ojoin.cpp10
-rwxr-xr-xtools/genssl13
10 files changed, 111 insertions, 43 deletions
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
index 94e5b60e4..d8b772e22 100644
--- a/.github/SECURITY.md
+++ b/.github/SECURITY.md
@@ -2,14 +2,14 @@
## Supported Versions
-Currently the v2 (old stable) and v3 (stable) branches are actively receiving security fixes. Support for v2 will end on 2020-06-01.
+Currently the v2 (old stable) and v3 (stable) branches are actively receiving security fixes. Support for v2 will end on 2021-01-01.
The v4 branch is still early in development and only receives security fixes when they are synced from the v3 branch.
Version | Supported
------- | ---------
4.x.y | :warning:
-3.x.y | :white_check_mark:
+3.x.y | :white_check_mark:
2.0.x | :white_check_mark:
1.2.y | :x:
1.1.y | :x:
diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example
index 1831a48ad..2562e1812 100644
--- a/docs/conf/modules.conf.example
+++ b/docs/conf/modules.conf.example
@@ -2286,7 +2286,7 @@
#<module name="watch">
#
# Set the maximum number of entries on a user's watch list below.
-#<watch maxentries="32">
+#<watch maxwatch="32">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# WebSocket module: Adds HTML5 WebSocket support.
diff --git a/include/modules.h b/include/modules.h
index e7507db7d..c6ef15a89 100644
--- a/include/modules.h
+++ b/include/modules.h
@@ -58,44 +58,69 @@ enum ModuleFlags
VF_OPTCOMMON = 8
};
+/** The event was explicitly allowed. */
#define MOD_RES_ALLOW (ModResult(1))
+
+/** The event was not explicitly allowed or denied. */
#define MOD_RES_PASSTHRU (ModResult(0))
+
+/** The event was explicitly denied. */
#define MOD_RES_DENY (ModResult(-1))
-/** Used to represent an allow/deny module result.
- * Not constructed as an enum because it reverses the value logic of some functions;
- * the compiler will inline accesses to have the same efficiency as integer operations.
- */
-struct ModResult {
- int res = 0;
+/** Represents the result of a module event. */
+class ModResult
+{
+ private:
+ /** The underlying result value. */
+ char result = 0;
+
+ public:
+ /** Creates a new instance of the ModResult class which defaults to MOD_RES_PASSTHRU. */
ModResult() = default;
- explicit ModResult(int r) : res(r) {}
- inline bool operator==(const ModResult& r) const
+
+ /** Creates a new instance of the ModResult class with the specified value. */
+ explicit ModResult(char res)
+ : result(res)
{
- return res == r.res;
}
- inline bool operator!=(const ModResult& r) const
+
+ /** Determines whether this ModResult has.the same value as \p res */
+ inline bool operator==(const ModResult& res) const
{
- return res != r.res;
+ return result == res.result;
}
+
+ /** Determines whether this ModResult has.a different value to \p res */
+ inline bool operator!=(const ModResult& res) const
+ {
+ return result != res.result;
+ }
+
+ /** Determines whether a non-MOD_RES_PASSTHRU result has been set. */
inline bool operator!() const
{
- return !res;
+ return !result;
}
+
+ /** Checks whether the result is an MOD_RES_ALLOW or MOD_RES_PASSTHRU when the default is to allow. */
inline bool check(bool def) const
{
- return (res == 1 || (res == 0 && def));
+ return (result == 1 || (result == 0 && def));
}
- /**
- * Merges two results, preferring ALLOW to DENY
- */
- inline ModResult operator+(const ModResult& r) const
+
+ /* Merges two results preferring MOD_RES_ALLOW to MOD_RES_DENY. */
+ inline ModResult operator+(const ModResult& res) const
{
- if (res == r.res || r.res == 0)
+ // If the results are identical or the other result is MOD_RES_PASSTHRU
+ // then return this result.
+ if (result == res.result || res.result == 0)
return *this;
- if (res == 0)
- return r;
- // they are different, and neither is passthru
+
+ // If this result is MOD_RES_PASSTHRU then return the other result.
+ if (result == 0)
+ return res;
+
+ // Otherwise, they are different, and neither is MOD_RES_PASSTHRU.
return MOD_RES_ALLOW;
}
};
diff --git a/include/typedefs.h b/include/typedefs.h
index d0337bdef..a9ea23e30 100644
--- a/include/typedefs.h
+++ b/include/typedefs.h
@@ -50,7 +50,7 @@ class XLine;
class XLineManager;
class XLineFactory;
struct ConnectClass;
-struct ModResult;
+class ModResult;
namespace ClientProtocol
{
diff --git a/make/template/help.txt b/make/template/help.txt
new file mode 100644
index 000000000..0afe91e02
--- /dev/null
+++ b/make/template/help.txt
@@ -0,0 +1,19 @@
+Thanks for installing InspIRCd!
+
+In order to get your server running you need to create config files. Examples
+can be found at `@EXAMPLE_DIR@`.
+
+If you need any help with this then you can visit our support channel at
+irc.inspircd.org #inspircd or refer to the the docs site:
+
+ https://docs.inspircd.org/@VERSION_MAJOR@/configuration
+ https://docs.inspircd.org/@VERSION_MAJOR@/modules
+
+When you are done you can run the following command to start InspIRCd:
+
+ @BINARY_DIR@/inspircd
+
+If you have installed from an official package you may need to prefix this
+command with `sudo -g @GROUP@ -u @USER@` to run as the correct group/user.
+
+You can also use one of the helper scripts in `@SCRIPT_DIR@`.
diff --git a/make/template/main.mk b/make/template/main.mk
index 2e036a229..8225a2bdf 100644
--- a/make/template/main.mk
+++ b/make/template/main.mk
@@ -250,6 +250,7 @@ endif
-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/conf/providers/*.example $(EXAPATH)/providers
-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/conf/services/*.example $(EXAPATH)/services
-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) docs/sql/*.sql $(EXAPATH)/sql
+ -$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_TXT) @CONFIGURE_DIRECTORY@/help.txt $(CONPATH)
-$(INSTALL) -g @GID@ -o @UID@ -m $(INSTMODE_PRV) *.pem $(CONPATH) 2>/dev/null
@echo ""
@echo "*************************************"
diff --git a/src/modules/m_botmode.cpp b/src/modules/m_botmode.cpp
index 18c1951f9..25dd39018 100644
--- a/src/modules/m_botmode.cpp
+++ b/src/modules/m_botmode.cpp
@@ -25,6 +25,8 @@
#include "inspircd.h"
#include "modules/ctctags.h"
+#include "modules/isupport.h"
+#include "modules/who.h"
#include "modules/whois.h"
enum
@@ -60,7 +62,11 @@ class BotTag : public ClientProtocol::MessageTagProvider
}
};
-class ModuleBotMode : public Module, public Whois::EventListener
+class ModuleBotMode
+ : public Module
+ , public ISupport::EventListener
+ , public Who::EventListener
+ , public Whois::EventListener
{
private:
SimpleUserModeHandler bm;
@@ -69,12 +75,31 @@ class ModuleBotMode : public Module, public Whois::EventListener
public:
ModuleBotMode()
: Module(VF_VENDOR, "Adds user mode B (bot) which marks users with it set as bots in their /WHOIS response.")
+ , ISupport::EventListener(this)
+ , Who::EventListener(this)
, Whois::EventListener(this)
, bm(this, "bot", 'B')
, tag(this, bm)
{
}
+ void OnBuildISupport(ISupport::TokenMap& tokens) override
+ {
+ tokens["BOT"] = ConvToStr(bm.GetModeChar());
+ }
+
+ ModResult OnWhoLine(const Who::Request& request, LocalUser* source, User* user, Membership* memb, Numeric::Numeric& numeric) override
+ {
+ size_t flag_index;
+ if (!request.GetFieldIndex('f', flag_index))
+ return MOD_RES_PASSTHRU;
+
+ if (user->IsModeSet(bm))
+ numeric.GetParams()[flag_index].push_back('B');
+
+ return MOD_RES_PASSTHRU;
+ }
+
void OnWhois(Whois::Context& whois) override
{
if (whois.GetTarget()->IsModeSet(bm))
diff --git a/src/modules/m_ircv3_ctctags.cpp b/src/modules/m_ircv3_ctctags.cpp
index 4b538ac07..fff38140a 100644
--- a/src/modules/m_ircv3_ctctags.cpp
+++ b/src/modules/m_ircv3_ctctags.cpp
@@ -21,6 +21,7 @@
#include "inspircd.h"
#include "modules/cap.h"
#include "modules/ctctags.h"
+#include "modules/isupport.h"
class CommandTagMsg : public Command
{
@@ -294,6 +295,7 @@ class C2CTags : public ClientProtocol::MessageTagProvider
class ModuleIRCv3CTCTags
: public Module
, public CTCTags::EventListener
+ , public ISupport::EventListener
{
private:
Cap::Capability cap;
@@ -317,6 +319,7 @@ class ModuleIRCv3CTCTags
ModuleIRCv3CTCTags()
: Module(VF_VENDOR | VF_COMMON, "Provides the IRCv3 message-tags client capability.")
, CTCTags::EventListener(this)
+ , ISupport::EventListener(this)
, cap(this, "message-tags")
, cmd(this, cap)
, c2ctags(this, cap)
@@ -330,6 +333,12 @@ class ModuleIRCv3CTCTags
c2ctags.allowclientonlytags = ServerInstance->Config->ConfValue("ctctags")->getBool("allowclientonlytags", true);
}
+ void OnBuildISupport(ISupport::TokenMap& tokens) override
+ {
+ if (!c2ctags.allowclientonlytags)
+ tokens["CLIENTTAGDENY"] = "*";
+ }
+
ModResult OnUserPreMessage(User* user, const MessageTarget& target, MessageDetails& details) override
{
return CopyClientTags(details.tags_in, details.tags_out);
diff --git a/src/modules/m_ojoin.cpp b/src/modules/m_ojoin.cpp
index f7cf073e0..33c50959d 100644
--- a/src/modules/m_ojoin.cpp
+++ b/src/modules/m_ojoin.cpp
@@ -33,9 +33,11 @@ class CommandOjoin : public SplitCommand
bool notice;
bool op;
ModeHandler* npmh;
+ ChanModeReference opmode;
CommandOjoin(Module* parent, ModeHandler& mode)
: SplitCommand(parent, "OJOIN", 1)
, npmh(&mode)
+ , opmode(parent, "op")
{
access_needed = CmdAccess::OPERATOR;
syntax = { "<channel>" };
@@ -73,8 +75,8 @@ class CommandOjoin : public SplitCommand
// they're already in the channel
Modes::ChangeList changelist;
changelist.push_add(npmh, user->nick);
- if (op)
- changelist.push_add(ServerInstance->Modes.FindMode('o', MODETYPE_CHANNEL), user->nick);
+ if (op && opmode)
+ changelist.push_add(*opmode, user->nick);
ServerInstance->Modes.Process(ServerInstance->FakeClient, channel, NULL, changelist);
}
return CMD_SUCCESS;
@@ -123,8 +125,8 @@ class ModuleOjoin : public Module
if (mycommand.active)
{
privs += np.GetModeChar();
- if (mycommand.op)
- privs += 'o';
+ if (mycommand.op && mycommand.opmode)
+ privs += mycommand.opmode->IsPrefixMode()->GetPrefix();
return MOD_RES_ALLOW;
}
diff --git a/tools/genssl b/tools/genssl
index dfe821f43..930f4b1d7 100755
--- a/tools/genssl
+++ b/tools/genssl
@@ -85,9 +85,6 @@ my $state = prompt('What state are you located in?', 'Example State');
my $country = prompt('What is the ISO 3166-1 code for the country you are located in?', 'XZ');
my $days = prompt('How many days do you want your certificate to be valid for?', '365');
-# Contains the SSL certificate in DER form.
-my $dercert;
-
# Contains the exit code of openssl/gnutls-certtool.
my $status = 0;
@@ -119,7 +116,6 @@ __GNUTLS_END__
$status ||= system "$certtool --generate-self-signed --load-privkey key.pem --outfile cert.pem --template $tmp";
$status ||= system "$certtool --generate-request --load-privkey key.pem --outfile csr.pem --template $tmp";
$status ||= system "$certtool --generate-dh-params $sec_param --outfile dhparams.pem";
- $dercert = `$certtool --certificate-info --infile cert.pem --outder` unless $status;
} elsif ($tool eq 'openssl') {
my $tmp = new File::Temp();
print $tmp <<__OPENSSL_END__;
@@ -137,18 +133,9 @@ __OPENSSL_END__
$status ||= system "cat $tmp | openssl req -x509 -nodes -newkey rsa:2048 -keyout key.pem -out cert.pem -days $days 2>/dev/null";
$status ||= system "cat $tmp | openssl req -new -nodes -key key.pem -out csr.pem 2>/dev/null";
$status ||= system 'openssl dhparam -out dhparams.pem 2048';
- $dercert = `openssl x509 -in cert.pem -outform DER` unless $status;
}
if ($status) {
say STDERR "SSL generation failed: $tool exited with a non-zero status!";
exit 1;
}
-
-if (defined $dercert && eval 'use Digest::SHA; 1') {
- my $hash = Digest::SHA->new(256);
- $hash->add($dercert);
- say '';
- say 'If you are using the self-signed certificate then add this TLSA record to your domain for DANE support:';
- say "_6697._tcp." . $common_name . " TLSA 3 0 1 " . $hash->hexdigest;
-}