From 31340d50a4053c681614583ecdd5e8c6ba373d69 Mon Sep 17 00:00:00 2001 From: Peter Powell Date: Sat, 11 May 2019 14:29:54 +0100 Subject: Allow disabling a STS policy for users in specific connect classes. Fixes #1634. --- docs/conf/inspircd.conf.example | 8 ++++++++ src/modules/m_ircv3_sts.cpp | 4 ++++ 2 files changed, 12 insertions(+) diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example index 8091ec5de..cfccf8ac0 100644 --- a/docs/conf/inspircd.conf.example +++ b/docs/conf/inspircd.conf.example @@ -291,6 +291,10 @@ # useident: Defines if users in this class MUST respond to a ident query or not. useident="no" + # usests: Whether a STS policy should be advertised to users in this class. + # This setting only has effect when the ircv3_sts module is loaded. + #usests="no" + # webirc: Restricts usage of this class to the specified WebIRC gateway. # This setting only has effect when the cgiirc module is loaded. #webirc="name" @@ -419,6 +423,10 @@ # useident: Defines if users in this class must respond to a ident query or not. useident="no" + # usests: Whether a STS policy should be advertised to users in this class. + # This setting only has effect when the ircv3_sts module is loaded. + #usests="no" + # limit: How many users are allowed in this class limit="5000" diff --git a/src/modules/m_ircv3_sts.cpp b/src/modules/m_ircv3_sts.cpp index a8738b2ac..68f4c46c6 100644 --- a/src/modules/m_ircv3_sts.cpp +++ b/src/modules/m_ircv3_sts.cpp @@ -35,6 +35,10 @@ class STSCap : public Cap::Capability if (GetProtocol(user) == Cap::CAP_LEGACY) return false; + // Don't send the cap to clients in a class which has STS disabled. + if (user->GetClass()->config->getBool("usests", true)) + return false; + // Plaintext listeners have their own policy. SSLIOHook* sslhook = SSLIOHook::IsSSL(&user->eh); if (!sslhook) -- cgit v1.2.3