aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Sadie Powell2026-05-31 09:41:01 +0100
committerGravatar Sadie Powell2026-05-31 09:41:01 +0100
commit811d6e278ec96cb87a5bedfb7fba1b2247cb5619 (patch)
tree041467fb68a95980786cf8f1d94d55c84fecf9c3
parentMerge branch 'insp4' into master. (diff)
parentFix FJOINs wrapped by the compat layer not being prefixed properly. (diff)
Merge branch 'insp4' into master.
-rw-r--r--docs/conf/inspircd.example.conf3
-rw-r--r--docs/conf/modules.example.conf47
-rw-r--r--include/modules/extban.h8
-rw-r--r--modules/extra/mysql.cpp8
-rw-r--r--modules/joinflood.cpp2
-rw-r--r--modules/nickflood.cpp6
-rw-r--r--modules/sslmodes.cpp2
7 files changed, 60 insertions, 16 deletions
diff --git a/docs/conf/inspircd.example.conf b/docs/conf/inspircd.example.conf
index ce66f37f2..d3cce652a 100644
--- a/docs/conf/inspircd.example.conf
+++ b/docs/conf/inspircd.example.conf
@@ -333,6 +333,9 @@
# issued by a certificate authority that you can configure in the
# settings of the TLS module that you're using.
# Requires the sslinfo module to be loaded.
+ # IMPORTANT: this will not match users who have just connected to the server
+ # because their TLS connection has not been initialised yet. Consider using
+ # the port option instead.
#requiressl="yes"
# requireaccount: Require that users of this block have authenticated to a
diff --git a/docs/conf/modules.example.conf b/docs/conf/modules.example.conf
index d327d5266..e8c47e808 100644
--- a/docs/conf/modules.example.conf
+++ b/docs/conf/modules.example.conf
@@ -1507,7 +1507,14 @@
# package to find out whether this module is available.
#<module name="ldap">
#
-#<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree">
+#<database module="ldap"
+# id="users"
+# bindauth="password"
+# binddn="cn=Manager,dc=inspircd,dc=org"
+# searchscope="subtree"
+# server="ldaps://localhost"
+# timeout="5s">
+#
# The server parameter indicates the LDAP server to connect to. The #
# ldap:// style scheme before the hostname proper is MANDATORY. #
# #
@@ -1717,7 +1724,16 @@
# mysql is more complex than described here, see the docs for more #
# info: https://docs.inspircd.org/4/modules/mysql #
#
-#<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2" ssl="no">
+#<database module="mysql"
+# id="mydb"
+# host="localhost"
+# port="3306"
+# user="inspircd"
+# pass="changeme"
+# name="inspircd"
+# charset="utf8mb4"
+# srv="no"
+# tls="no">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Named modes module: Allows for the display and set/unset of channel
@@ -1731,8 +1747,16 @@
# which allows up to X nick changes in Y seconds.
#<module name="nickflood">
#
-# The time period to prevent nick changes for:
-#<nickflood duration="1m">
+# duration: The duration to prevent nick changes for once the limit is
+# reached.
+#
+# notifyrank: The lowest prefix rank that should receive notification
+# that the channel is closed to new users. This can be set
+# to 0 for all users, 10000 for voiced users (+v) and above,
+# 30000 for channel operators (+o), or the value specified
+# in <customprefix:rank> for any custom prefix rank.
+#<nickflood duration="1m"
+# notifyrank="0">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Nicklock module: Let opers change a user's nick and then stop that
@@ -1964,7 +1988,14 @@
# pgsql is more complex than described here, see the docs for #
# more: https://docs.inspircd.org/4/modules/pgsql #
#
-#<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" tls="yes">
+#<database module="pgsql"
+# id="mydb"
+# host="localhost"
+# port="5432"
+# tls="no"
+# user="inspircd"
+# pass="changeme"
+# name="inspircd">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Random quote module: Provides a random quote on connect.
@@ -2564,7 +2595,9 @@
# sqlite is more complex than described here, see the docs for more #
# info: https://docs.inspircd.org/4/modules/sqlite3 #
#
-#<database module="sqlite" hostname="/full/path/to/database.db" id="anytext">
+#<database module="sqlite"
+# id="mydb"
+# hostname="/path/to/database.sq3">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# SQL oper module: Allows you to store oper credentials in an SQL
@@ -2580,7 +2613,7 @@
# #
# See also: https://docs.inspircd.org/4/modules/sqloper #
# #
-#<sqloper dbid="1">
+#<sqloper dbid="sqloper">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# GnuTLS TLS module: Adds support for TLS connections using GnuTLS. This
diff --git a/include/modules/extban.h b/include/modules/extban.h
index 88b187c85..cebe0be5e 100644
--- a/include/modules/extban.h
+++ b/include/modules/extban.h
@@ -245,7 +245,7 @@ protected:
* @param xbletter The character used in bans to signify this extban.
* @param xbmatchflags The flags used for matching.
*/
- Base(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
+ Base(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
: Service::Provider(mod, "ExtBan::Base", xbname)
, letter(ServerInstance->Config->ConfValue("extbans")->getCharacter(xbname, xbletter, true))
, manager(mod, "extbanmanager")
@@ -346,7 +346,7 @@ protected:
* @param xbletter The character used in bans to signify this extban.
* @param xbmatchflags The flags used for matching.
*/
- ActingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
+ ActingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
: Base(mod, xbname, xbletter, xbmatchflags | ExtBan::MATCH_REQUIRE_CHANNEL)
{
}
@@ -392,7 +392,7 @@ public:
* @param xbname The name used in bans to signify this extban.
* @param xbletter The character used in bans to signify this extban.
*/
- Acting(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter)
+ Acting(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0')
: ActingBase(mod, xbname, xbletter)
{
}
@@ -424,7 +424,7 @@ protected:
* @param xbletter The character used in bans to signify this extban.
* @param xbmatchflags The flags used for matching.
*/
- MatchingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
+ MatchingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT)
: Base(mod, xbname, xbletter, xbmatchflags)
{
}
diff --git a/modules/extra/mysql.cpp b/modules/extra/mysql.cpp
index a9f3a2d19..353dd8f7b 100644
--- a/modules/extra/mysql.cpp
+++ b/modules/extra/mysql.cpp
@@ -334,9 +334,13 @@ public:
mysql_options(connection, MYSQL_OPT_CONNECT_TIMEOUT, &timeout);
// Enable SSL if requested.
+ const bool tls = config->getBool("tls", config->getBool("ssl"));
#if defined LIBMYSQL_VERSION_ID && LIBMYSQL_VERSION_ID > 80000
- unsigned int ssl = config->getBool("ssl") ? SSL_MODE_REQUIRED : SSL_MODE_PREFERRED;
- mysql_options(connection, MYSQL_OPT_SSL_MODE, &ssl);
+ unsigned int sslmode = tls ? SSL_MODE_REQUIRED : SSL_MODE_PREFERRED;
+ mysql_options(connection, MYSQL_OPT_SSL_MODE, &sslmode);
+#else
+ // my_bool and bool function the same with regards to truthiness.
+ mysql_options(connection, MYSQL_OPT_SSL_ENFORCE, &tls);
#endif
// Attempt to connect to the database.
diff --git a/modules/joinflood.cpp b/modules/joinflood.cpp
index 783ed6f9e..6a9be0748 100644
--- a/modules/joinflood.cpp
+++ b/modules/joinflood.cpp
@@ -201,7 +201,7 @@ public:
f->clear();
f->lock();
- PrefixMode* pm = ServerInstance->Modes.FindNearestPrefixMode(notifyrank);
+ auto* pm = notifyrank ? ServerInstance->Modes.FindNearestPrefixMode(notifyrank) : nullptr;
memb->chan->WriteNotice(FMT::format("This channel has been closed to new users for {} because there have been more than {} joins in {}.",
Duration::ToLongString(duration), f->joins, Duration::ToLongString(f->secs)), pm ? pm->GetPrefix() : 0);
}
diff --git a/modules/nickflood.cpp b/modules/nickflood.cpp
index 1cea06d73..df059a9a5 100644
--- a/modules/nickflood.cpp
+++ b/modules/nickflood.cpp
@@ -132,6 +132,7 @@ class ModuleNickFlood final
private:
CheckExemption::EventProvider exemptionprov;
NickFlood nf;
+ ModeHandler::Rank notifyrank;
public:
ModuleNickFlood()
@@ -145,6 +146,7 @@ public:
{
const auto& tag = ServerInstance->Config->ConfValue("nickflood");
duration = static_cast<unsigned int>(tag->getDuration("duration", 60, 10, 600));
+ notifyrank = tag->getNum<ModeHandler::Rank>("notifyrank", 0);
}
ModResult OnUserPreNick(LocalUser* user, const std::string& newnick) override
@@ -169,8 +171,10 @@ public:
{
f->clear();
f->lock();
+
+ auto* pm = notifyrank ? ServerInstance->Modes.FindNearestPrefixMode(notifyrank) : nullptr;
memb->chan->WriteNotice(FMT::format("No nick changes are allowed for {} because there have been more than {} nick changes in {}.",
- Duration::ToLongString(duration), f->nicks, Duration::ToLongString(f->secs)));
+ Duration::ToLongString(duration), f->nicks, Duration::ToLongString(f->secs)), pm ? pm->GetPrefix() : 0);
return MOD_RES_DENY;
}
}
diff --git a/modules/sslmodes.cpp b/modules/sslmodes.cpp
index 3bf1dd922..facca33a1 100644
--- a/modules/sslmodes.cpp
+++ b/modules/sslmodes.cpp
@@ -193,7 +193,7 @@ public:
void ReadConfig(ConfigStatus& status) override
{
- const auto fpvisible = ServerInstance->Config->ConfValue("sslmodes")->getBool("operonly");
+ const auto fpvisible = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly");
const auto& tag = ServerInstance->Config->ConfValue("sslmodes");
extban.operonly = tag->getBool("extbanoperonly", fpvisible);
}