diff options
Diffstat (limited to 'src/modules')
| -rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 50 | ||||
| -rw-r--r-- | src/modules/m_joinflood.cpp | 13 | ||||
| -rw-r--r-- | src/modules/m_lockserv.cpp | 32 | ||||
| -rw-r--r-- | src/modules/m_nickflood.cpp | 15 |
4 files changed, 82 insertions, 28 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 7cff5da8a..370f855ed 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -58,6 +58,15 @@ #define INSPIRCD_OPENSSL_ENABLE_ECDH #endif +// BIO is opaque in OpenSSL 1.1 but the access API does not exist in 1.0 and older. +#if OPENSSL_VERSION_NUMBER < 0x10100000L +# define BIO_get_data(BIO) BIO->ptr +# define BIO_set_data(BIO, VALUE) BIO->ptr = VALUE; +# define BIO_set_init(BIO, VALUE) BIO->init = VALUE; +#else +# define INSPIRCD_OPENSSL_OPAQUE_BIO +#endif + enum issl_status { ISSL_NONE, ISSL_HANDSHAKING, ISSL_OPEN }; static bool SelfSigned = false; @@ -372,7 +381,7 @@ namespace OpenSSL { static int create(BIO* bio) { - bio->init = 1; + BIO_set_init(bio, 1); return 1; } @@ -393,9 +402,25 @@ namespace OpenSSL static int read(BIO* bio, char* buf, int len); static int write(BIO* bio, const char* buf, int len); + +#ifdef INSPIRCD_OPENSSL_OPAQUE_BIO + static BIO_METHOD* alloc() + { + BIO_METHOD* meth = BIO_meth_new(100 | BIO_TYPE_SOURCE_SINK, "inspircd"); + BIO_meth_set_write(meth, OpenSSL::BIOMethod::write); + BIO_meth_set_read(meth, OpenSSL::BIOMethod::read); + BIO_meth_set_ctrl(meth, OpenSSL::BIOMethod::ctrl); + BIO_meth_set_create(meth, OpenSSL::BIOMethod::create); + BIO_meth_set_destroy(meth, OpenSSL::BIOMethod::destroy); + return meth; + } +#endif } } +// BIO_METHOD is opaque in OpenSSL 1.1 so we can't do this. +// See OpenSSL::BIOMethod::alloc for the new method. +#ifndef INSPIRCD_OPENSSL_OPAQUE_BIO static BIO_METHOD biomethods = { (100 | BIO_TYPE_SOURCE_SINK), @@ -409,6 +434,9 @@ static BIO_METHOD biomethods = OpenSSL::BIOMethod::destroy, // destroy, does nothing, see function body for more info NULL // callback_ctrl }; +#else +static BIO_METHOD* biomethods; +#endif static int OnVerify(int preverify_ok, X509_STORE_CTX *ctx) { @@ -558,7 +586,7 @@ class OpenSSLIOHook : public SSLIOHook // to ISSL_NONE so CheckRenego() closes the session status = ISSL_NONE; BIO* bio = SSL_get_rbio(sess); - EventHandler* eh = static_cast<StreamSocket*>(bio->ptr); + EventHandler* eh = static_cast<StreamSocket*>(BIO_get_data(bio)); SocketEngine::Shutdown(eh, 2); } } @@ -601,8 +629,12 @@ class OpenSSLIOHook : public SSLIOHook , profile(sslprofile) { // Create BIO instance and store a pointer to the socket in it which will be used by the read and write functions +#ifdef INSPIRCD_OPENSSL_OPAQUE_BIO + BIO* bio = BIO_new(biomethods); +#else BIO* bio = BIO_new(&biomethods); - bio->ptr = sock; +#endif + BIO_set_data(bio, sock); SSL_set_bio(sess, bio, bio); SSL_set_ex_data(sess, exdataindex, this); @@ -759,7 +791,7 @@ static int OpenSSL::BIOMethod::write(BIO* bio, const char* buffer, int size) { BIO_clear_retry_flags(bio); - StreamSocket* sock = static_cast<StreamSocket*>(bio->ptr); + StreamSocket* sock = static_cast<StreamSocket*>(BIO_get_data(bio)); if (sock->GetEventMask() & FD_WRITE_WILL_BLOCK) { // Writes blocked earlier, don't retry syscall @@ -782,7 +814,7 @@ static int OpenSSL::BIOMethod::read(BIO* bio, char* buffer, int size) { BIO_clear_retry_flags(bio); - StreamSocket* sock = static_cast<StreamSocket*>(bio->ptr); + StreamSocket* sock = static_cast<StreamSocket*>(BIO_get_data(bio)); if (sock->GetEventMask() & FD_READ_WILL_BLOCK) { // Reads blocked earlier, don't retry syscall @@ -892,6 +924,14 @@ class ModuleSSLOpenSSL : public Module // Initialize OpenSSL SSL_library_init(); SSL_load_error_strings(); +#ifdef INSPIRCD_OPENSSL_OPAQUE_BIO + biomethods = OpenSSL::BIOMethod::alloc(); + } + + ~ModuleSSLOpenSSL() + { + BIO_meth_free(biomethods); +#endif } void init() CXX11_OVERRIDE diff --git a/src/modules/m_joinflood.cpp b/src/modules/m_joinflood.cpp index 56131f0be..077ceff52 100644 --- a/src/modules/m_joinflood.cpp +++ b/src/modules/m_joinflood.cpp @@ -23,6 +23,9 @@ #include "inspircd.h" +// The number of seconds the channel will be closed for. +static unsigned int duration; + /** Holds settings and state associated with channel mode +j */ class joinfloodsettings @@ -71,7 +74,7 @@ class joinfloodsettings void lock() { - unlocktime = ServerInstance->Time() + 60; + unlocktime = ServerInstance->Time() + duration; } bool operator==(const joinfloodsettings& other) const @@ -129,6 +132,12 @@ class ModuleJoinFlood : public Module { } + void ReadConfig(ConfigStatus&) CXX11_OVERRIDE + { + ConfigTag* tag = ServerInstance->Config->ConfValue("joinflood"); + duration = tag->getDuration("duration", 60, 10, 600); + } + ModResult OnUserPreJoin(LocalUser* user, Channel* chan, const std::string& cname, std::string& privs, const std::string& keygiven) CXX11_OVERRIDE { if (chan) @@ -159,7 +168,7 @@ class ModuleJoinFlood : public Module { f->clear(); f->lock(); - memb->chan->WriteNotice(InspIRCd::Format("This channel has been closed to new users for 60 seconds because there have been more than %d joins in %d seconds.", f->joins, f->secs)); + memb->chan->WriteNotice(InspIRCd::Format("This channel has been closed to new users for %u seconds because there have been more than %d joins in %d seconds.", duration, f->joins, f->secs)); } } } diff --git a/src/modules/m_lockserv.cpp b/src/modules/m_lockserv.cpp index ffcc04682..7c1bb5bd3 100644 --- a/src/modules/m_lockserv.cpp +++ b/src/modules/m_lockserv.cpp @@ -27,23 +27,24 @@ class CommandLockserv : public Command { - bool& locked; + std::string& locked; public: - CommandLockserv(Module* Creator, bool& lock) : Command(Creator, "LOCKSERV", 0), locked(lock) + CommandLockserv(Module* Creator, std::string& lock) : Command(Creator, "LOCKSERV", 0, 1), locked(lock) { + allow_empty_last_param = false; flags_needed = 'o'; } CmdResult Handle (const std::vector<std::string> ¶meters, User *user) { - if (locked) + if (!locked.empty()) { user->WriteNotice("The server is already locked."); return CMD_FAILURE; } - locked = true; + locked = parameters.empty() ? "Server is temporarily closed. Please try again later." : parameters[0]; user->WriteNumeric(988, user->server->GetName(), "Closed for new connections"); ServerInstance->SNO->WriteGlobalSno('a', "Oper %s used LOCKSERV to temporarily disallow new connections", user->nick.c_str()); return CMD_SUCCESS; @@ -52,23 +53,23 @@ class CommandLockserv : public Command class CommandUnlockserv : public Command { - bool& locked; + std::string& locked; public: - CommandUnlockserv(Module* Creator, bool &lock) : Command(Creator, "UNLOCKSERV", 0), locked(lock) + CommandUnlockserv(Module* Creator, std::string& lock) : Command(Creator, "UNLOCKSERV", 0), locked(lock) { flags_needed = 'o'; } CmdResult Handle (const std::vector<std::string> ¶meters, User *user) { - if (!locked) + if (locked.empty()) { user->WriteNotice("The server isn't locked."); return CMD_FAILURE; } - locked = false; + locked.clear(); user->WriteNumeric(989, user->server->GetName(), "Open for new connections"); ServerInstance->SNO->WriteGlobalSno('a', "Oper %s used UNLOCKSERV to allow new connections", user->nick.c_str()); return CMD_SUCCESS; @@ -77,7 +78,7 @@ class CommandUnlockserv : public Command class ModuleLockserv : public Module { - bool locked; + std::string locked; CommandLockserv lockcommand; CommandUnlockserv unlockcommand; @@ -86,23 +87,18 @@ class ModuleLockserv : public Module { } - void init() CXX11_OVERRIDE - { - locked = false; - } - void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE { // Emergency way to unlock if (!status.srcuser) - locked = false; + locked.clear(); } ModResult OnUserRegister(LocalUser* user) CXX11_OVERRIDE { - if (locked) + if (!locked.empty()) { - ServerInstance->Users->QuitUser(user, "Server is temporarily closed. Please try again later."); + ServerInstance->Users->QuitUser(user, locked); return MOD_RES_DENY; } return MOD_RES_PASSTHRU; @@ -110,7 +106,7 @@ class ModuleLockserv : public Module ModResult OnCheckReady(LocalUser* user) CXX11_OVERRIDE { - return locked ? MOD_RES_DENY : MOD_RES_PASSTHRU; + return !locked.empty() ? MOD_RES_DENY : MOD_RES_PASSTHRU; } Version GetVersion() CXX11_OVERRIDE diff --git a/src/modules/m_nickflood.cpp b/src/modules/m_nickflood.cpp index 39e097daa..abb3cdfaf 100644 --- a/src/modules/m_nickflood.cpp +++ b/src/modules/m_nickflood.cpp @@ -20,6 +20,9 @@ #include "inspircd.h" +// The number of seconds nickname changing will be blocked for. +static unsigned int duration; + /** Holds settings and state associated with channel mode +F */ class nickfloodsettings @@ -72,7 +75,7 @@ class nickfloodsettings void lock() { - unlocktime = ServerInstance->Time() + 60; + unlocktime = ServerInstance->Time() + duration; } }; @@ -126,6 +129,12 @@ class ModuleNickFlood : public Module { } + void ReadConfig(ConfigStatus&) CXX11_OVERRIDE + { + ConfigTag* tag = ServerInstance->Config->ConfValue("nickflood"); + duration = tag->getDuration("duration", 60, 10, 600); + } + ModResult OnUserPreNick(LocalUser* user, const std::string& newnick) CXX11_OVERRIDE { for (User::ChanList::iterator i = user->chans.begin(); i != user->chans.end(); i++) @@ -142,7 +151,7 @@ class ModuleNickFlood : public Module if (f->islocked()) { - user->WriteNumeric(ERR_CANTCHANGENICK, InspIRCd::Format("%s has been locked for nickchanges for 60 seconds because there have been more than %u nick changes in %u seconds", channel->name.c_str(), f->nicks, f->secs)); + user->WriteNumeric(ERR_CANTCHANGENICK, InspIRCd::Format("%s has been locked for nickchanges for %u seconds because there have been more than %u nick changes in %u seconds", channel->name.c_str(), duration, f->nicks, f->secs)); return MOD_RES_DENY; } @@ -150,7 +159,7 @@ class ModuleNickFlood : public Module { f->clear(); f->lock(); - channel->WriteNotice(InspIRCd::Format("No nick changes are allowed for 60 seconds because there have been more than %u nick changes in %u seconds.", f->nicks, f->secs)); + channel->WriteNotice(InspIRCd::Format("No nick changes are allowed for %u seconds because there have been more than %u nick changes in %u seconds.", duration, f->nicks, f->secs)); return MOD_RES_DENY; } } |