Module: ngircd.git Branch: master Commit: 9f58418765576950983b4a95c4f5f71f068f424f URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=9f584...
Author: Alexander Barton alex@barton.de Date: Sun Jan 17 14:19:35 2010 +0100
Implemented new "secure clients only" channel mode: +z
Only clients using a SSL encrypted connection to the server are allowed to join such a channel.
But please note three things:
a) already joined clients are not checked when setting this mode, b) IRC operators are always allowed to join every channel, and c) remote clients using a server not supporting this mode are not checked either and therefore always allowed to join.
---
NEWS | 12 +++++++++++- src/ngircd/defines.h | 2 +- src/ngircd/irc-channel.c | 14 +++++++++++--- src/ngircd/irc-mode.c | 3 ++- src/ngircd/messages.h | 1 + 5 files changed, 26 insertions(+), 6 deletions(-)
diff --git a/NEWS b/NEWS index 5a0a9dd..3457312 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,7 @@
ngIRCd - Next Generation IRC Server
- (c)2001-2009 Alexander Barton, + (c)2001-2010 Alexander Barton, alex@barton.de, http://www.barton.de/
ngIRCd is free software and published under the @@ -10,6 +10,16 @@ -- NEWS --
+ngIRCd Release 16 + + - A new channel mode "secure connections only" (+z) has been implemented: + Only clients using a SSL encrypted connection to the server are allowed + to join such a channel. + But please note three things: a) already joined clients are not checked + when setting this mode, b) IRC operators are always allowed to join + every channel, and c) remote clients using a server not supporting this + mode are not checked either and therefore always allowed to join. + ngIRCd Release 15 (2009-11-07)
ngIRCd 15~rc1 (2009-10-15) diff --git a/src/ngircd/defines.h b/src/ngircd/defines.h index 010dd8e..94c7dd1 100644 --- a/src/ngircd/defines.h +++ b/src/ngircd/defines.h @@ -81,7 +81,7 @@ in seconds. */
#define USERMODES "aiorsw" /* Supported user modes. */ -#define CHANMODES "biIklmnoPstv" /* Supported channel modes. */ +#define CHANMODES "biIklmnoPstvz" /* Supported channel modes. */
#define CONNECTED true /* Internal status codes. */ #define DISCONNECTED false diff --git a/src/ngircd/irc-channel.c b/src/ngircd/irc-channel.c index 010be35..1014d3a 100644 --- a/src/ngircd/irc-channel.c +++ b/src/ngircd/irc-channel.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2010 Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -93,7 +93,7 @@ join_allowed(CLIENT *Client, CHANNEL *chan, const char *channame, }
channel_modes = Channel_Modes(chan); - if ((strchr(channel_modes, 'i')) && !is_invited) { + if (strchr(channel_modes, 'i') && !is_invited) { /* Channel is "invite-only" and client is not on invite list */ IRC_WriteStrClient(Client, ERR_INVITEONLYCHAN_MSG, Client_ID(Client), channame); @@ -108,7 +108,7 @@ join_allowed(CLIENT *Client, CHANNEL *chan, const char *channame, return false; }
- if ((strchr(channel_modes, 'l')) && + if (strchr(channel_modes, 'l') && (Channel_MaxUsers(chan) <= Channel_MemberCount(chan))) { /* There are more clints joined to this channel than allowed */ IRC_WriteStrClient(Client, ERR_CHANNELISFULL_MSG, @@ -116,6 +116,14 @@ join_allowed(CLIENT *Client, CHANNEL *chan, const char *channame, return false; }
+ if (strchr(channel_modes, 'z') && !Conn_UsesSSL(Client_Conn(Client))) { + /* Only "secure" clients are allowed, but clients doesn't + * use SSL encryption */ + IRC_WriteStrClient(Client, ERR_SECURECHANNEL_MSG, + Client_ID(Client), channame); + return false; + } + return true; }
diff --git a/src/ngircd/irc-mode.c b/src/ngircd/irc-mode.c index 9509fb0..d22d32f 100644 --- a/src/ngircd/irc-mode.c +++ b/src/ngircd/irc-mode.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2010 Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -401,6 +401,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) case 'n': /* Only members can write */ case 's': /* Secret channel */ case 't': /* Topic locked */ + case 'z': /* Secure connections only */ if (modeok) x[0] = *mode_ptr; else diff --git a/src/ngircd/messages.h b/src/ngircd/messages.h index 59c6cdb..e15bf16 100644 --- a/src/ngircd/messages.h +++ b/src/ngircd/messages.h @@ -113,6 +113,7 @@ #define ERR_ALREADYREGISTRED_MSG "462 %s :Connection already registered" #define ERR_PASSWDMISMATCH_MSG "464 %s :Invalid password" #define ERR_CHANNELISFULL_MSG "471 %s %s :Cannot join channel (+l)" +#define ERR_SECURECHANNEL_MSG "471 %s %s :Cannot join channel (+z)" #define ERR_UNKNOWNMODE_MSG "472 %s: %c :is unknown mode char for %s" #define ERR_INVITEONLYCHAN_MSG "473 %s %s :Cannot join channel (+i)" #define ERR_BANNEDFROMCHAN_MSG "474 %s %s :Cannot join channel (+b)"