diff options
| author | 2026-05-31 09:41:01 +0100 | |
|---|---|---|
| committer | 2026-05-31 09:41:01 +0100 | |
| commit | 811d6e278ec96cb87a5bedfb7fba1b2247cb5619 (patch) | |
| tree | 041467fb68a95980786cf8f1d94d55c84fecf9c3 | |
| parent | Merge branch 'insp4' into master. (diff) | |
| parent | Fix FJOINs wrapped by the compat layer not being prefixed properly. (diff) | |
Merge branch 'insp4' into master.
| -rw-r--r-- | docs/conf/inspircd.example.conf | 3 | ||||
| -rw-r--r-- | docs/conf/modules.example.conf | 47 | ||||
| -rw-r--r-- | include/modules/extban.h | 8 | ||||
| -rw-r--r-- | modules/extra/mysql.cpp | 8 | ||||
| -rw-r--r-- | modules/joinflood.cpp | 2 | ||||
| -rw-r--r-- | modules/nickflood.cpp | 6 | ||||
| -rw-r--r-- | modules/sslmodes.cpp | 2 |
7 files changed, 60 insertions, 16 deletions
diff --git a/docs/conf/inspircd.example.conf b/docs/conf/inspircd.example.conf index ce66f37f2..d3cce652a 100644 --- a/docs/conf/inspircd.example.conf +++ b/docs/conf/inspircd.example.conf @@ -333,6 +333,9 @@ # issued by a certificate authority that you can configure in the # settings of the TLS module that you're using. # Requires the sslinfo module to be loaded. + # IMPORTANT: this will not match users who have just connected to the server + # because their TLS connection has not been initialised yet. Consider using + # the port option instead. #requiressl="yes" # requireaccount: Require that users of this block have authenticated to a diff --git a/docs/conf/modules.example.conf b/docs/conf/modules.example.conf index d327d5266..e8c47e808 100644 --- a/docs/conf/modules.example.conf +++ b/docs/conf/modules.example.conf @@ -1507,7 +1507,14 @@ # package to find out whether this module is available. #<module name="ldap"> # -#<database module="ldap" id="ldapdb" server="ldap://localhost" binddn="cn=Manager,dc=inspircd,dc=org" bindauth="mysecretpass" searchscope="subtree"> +#<database module="ldap" +# id="users" +# bindauth="password" +# binddn="cn=Manager,dc=inspircd,dc=org" +# searchscope="subtree" +# server="ldaps://localhost" +# timeout="5s"> +# # The server parameter indicates the LDAP server to connect to. The # # ldap:// style scheme before the hostname proper is MANDATORY. # # # @@ -1717,7 +1724,16 @@ # mysql is more complex than described here, see the docs for more # # info: https://docs.inspircd.org/4/modules/mysql # # -#<database module="mysql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database2" ssl="no"> +#<database module="mysql" +# id="mydb" +# host="localhost" +# port="3306" +# user="inspircd" +# pass="changeme" +# name="inspircd" +# charset="utf8mb4" +# srv="no" +# tls="no"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Named modes module: Allows for the display and set/unset of channel @@ -1731,8 +1747,16 @@ # which allows up to X nick changes in Y seconds. #<module name="nickflood"> # -# The time period to prevent nick changes for: -#<nickflood duration="1m"> +# duration: The duration to prevent nick changes for once the limit is +# reached. +# +# notifyrank: The lowest prefix rank that should receive notification +# that the channel is closed to new users. This can be set +# to 0 for all users, 10000 for voiced users (+v) and above, +# 30000 for channel operators (+o), or the value specified +# in <customprefix:rank> for any custom prefix rank. +#<nickflood duration="1m" +# notifyrank="0"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Nicklock module: Let opers change a user's nick and then stop that @@ -1964,7 +1988,14 @@ # pgsql is more complex than described here, see the docs for # # more: https://docs.inspircd.org/4/modules/pgsql # # -#<database module="pgsql" name="mydb" user="myuser" pass="mypass" host="localhost" id="my_database" tls="yes"> +#<database module="pgsql" +# id="mydb" +# host="localhost" +# port="5432" +# tls="no" +# user="inspircd" +# pass="changeme" +# name="inspircd"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # Random quote module: Provides a random quote on connect. @@ -2564,7 +2595,9 @@ # sqlite is more complex than described here, see the docs for more # # info: https://docs.inspircd.org/4/modules/sqlite3 # # -#<database module="sqlite" hostname="/full/path/to/database.db" id="anytext"> +#<database module="sqlite" +# id="mydb" +# hostname="/path/to/database.sq3"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # SQL oper module: Allows you to store oper credentials in an SQL @@ -2580,7 +2613,7 @@ # # # See also: https://docs.inspircd.org/4/modules/sqloper # # # -#<sqloper dbid="1"> +#<sqloper dbid="sqloper"> #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # GnuTLS TLS module: Adds support for TLS connections using GnuTLS. This diff --git a/include/modules/extban.h b/include/modules/extban.h index 88b187c85..cebe0be5e 100644 --- a/include/modules/extban.h +++ b/include/modules/extban.h @@ -245,7 +245,7 @@ protected: * @param xbletter The character used in bans to signify this extban. * @param xbmatchflags The flags used for matching. */ - Base(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) + Base(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) : Service::Provider(mod, "ExtBan::Base", xbname) , letter(ServerInstance->Config->ConfValue("extbans")->getCharacter(xbname, xbletter, true)) , manager(mod, "extbanmanager") @@ -346,7 +346,7 @@ protected: * @param xbletter The character used in bans to signify this extban. * @param xbmatchflags The flags used for matching. */ - ActingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) + ActingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) : Base(mod, xbname, xbletter, xbmatchflags | ExtBan::MATCH_REQUIRE_CHANNEL) { } @@ -392,7 +392,7 @@ public: * @param xbname The name used in bans to signify this extban. * @param xbletter The character used in bans to signify this extban. */ - Acting(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter) + Acting(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0') : ActingBase(mod, xbname, xbletter) { } @@ -424,7 +424,7 @@ protected: * @param xbletter The character used in bans to signify this extban. * @param xbmatchflags The flags used for matching. */ - MatchingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter, uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) + MatchingBase(const WeakModulePtr& mod, const std::string& xbname, ExtBan::Letter xbletter = '\0', uint8_t xbmatchflags = ExtBan::MATCH_DEFAULT) : Base(mod, xbname, xbletter, xbmatchflags) { } diff --git a/modules/extra/mysql.cpp b/modules/extra/mysql.cpp index a9f3a2d19..353dd8f7b 100644 --- a/modules/extra/mysql.cpp +++ b/modules/extra/mysql.cpp @@ -334,9 +334,13 @@ public: mysql_options(connection, MYSQL_OPT_CONNECT_TIMEOUT, &timeout); // Enable SSL if requested. + const bool tls = config->getBool("tls", config->getBool("ssl")); #if defined LIBMYSQL_VERSION_ID && LIBMYSQL_VERSION_ID > 80000 - unsigned int ssl = config->getBool("ssl") ? SSL_MODE_REQUIRED : SSL_MODE_PREFERRED; - mysql_options(connection, MYSQL_OPT_SSL_MODE, &ssl); + unsigned int sslmode = tls ? SSL_MODE_REQUIRED : SSL_MODE_PREFERRED; + mysql_options(connection, MYSQL_OPT_SSL_MODE, &sslmode); +#else + // my_bool and bool function the same with regards to truthiness. + mysql_options(connection, MYSQL_OPT_SSL_ENFORCE, &tls); #endif // Attempt to connect to the database. diff --git a/modules/joinflood.cpp b/modules/joinflood.cpp index 783ed6f9e..6a9be0748 100644 --- a/modules/joinflood.cpp +++ b/modules/joinflood.cpp @@ -201,7 +201,7 @@ public: f->clear(); f->lock(); - PrefixMode* pm = ServerInstance->Modes.FindNearestPrefixMode(notifyrank); + auto* pm = notifyrank ? ServerInstance->Modes.FindNearestPrefixMode(notifyrank) : nullptr; memb->chan->WriteNotice(FMT::format("This channel has been closed to new users for {} because there have been more than {} joins in {}.", Duration::ToLongString(duration), f->joins, Duration::ToLongString(f->secs)), pm ? pm->GetPrefix() : 0); } diff --git a/modules/nickflood.cpp b/modules/nickflood.cpp index 1cea06d73..df059a9a5 100644 --- a/modules/nickflood.cpp +++ b/modules/nickflood.cpp @@ -132,6 +132,7 @@ class ModuleNickFlood final private: CheckExemption::EventProvider exemptionprov; NickFlood nf; + ModeHandler::Rank notifyrank; public: ModuleNickFlood() @@ -145,6 +146,7 @@ public: { const auto& tag = ServerInstance->Config->ConfValue("nickflood"); duration = static_cast<unsigned int>(tag->getDuration("duration", 60, 10, 600)); + notifyrank = tag->getNum<ModeHandler::Rank>("notifyrank", 0); } ModResult OnUserPreNick(LocalUser* user, const std::string& newnick) override @@ -169,8 +171,10 @@ public: { f->clear(); f->lock(); + + auto* pm = notifyrank ? ServerInstance->Modes.FindNearestPrefixMode(notifyrank) : nullptr; memb->chan->WriteNotice(FMT::format("No nick changes are allowed for {} because there have been more than {} nick changes in {}.", - Duration::ToLongString(duration), f->nicks, Duration::ToLongString(f->secs))); + Duration::ToLongString(duration), f->nicks, Duration::ToLongString(f->secs)), pm ? pm->GetPrefix() : 0); return MOD_RES_DENY; } } diff --git a/modules/sslmodes.cpp b/modules/sslmodes.cpp index 3bf1dd922..facca33a1 100644 --- a/modules/sslmodes.cpp +++ b/modules/sslmodes.cpp @@ -193,7 +193,7 @@ public: void ReadConfig(ConfigStatus& status) override { - const auto fpvisible = ServerInstance->Config->ConfValue("sslmodes")->getBool("operonly"); + const auto fpvisible = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly"); const auto& tag = ServerInstance->Config->ConfValue("sslmodes"); extban.operonly = tag->getBool("extbanoperonly", fpvisible); } |
