/*
* InspIRCd -- Internet Relay Chat Daemon
*
- * Copyright (C) 2013 Shawn Smith <shawn@inspircd.org>
- * Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
- * Copyright (C) 2007 Robin Burchell <robin+git@viroteck.net>
+ * Copyright (C) 2020 Matt Schatz <genius3000@g3k.solutions>
+ * Copyright (C) 2013, 2017-2020 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2013 Shawn Smith <ShawnSmith0828@gmail.com>
+ * Copyright (C) 2012-2014 Attila Molnar <attilamolnar@hush.com>
+ * Copyright (C) 2012 Robby <robby@chatbelgie.be>
+ * Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ * Copyright (C) 2009 Uli Schlachter <psychon@inspircd.org>
+ * Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
* Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
- * Copyright (C) 2006 Craig Edwards <craigedwards@brainbox.cc>
- * Copyright (C) 2006 Oliver Lupton <oliverlupton@gmail.com>
+ * Copyright (C) 2006-2007, 2010 Craig Edwards <brain@inspircd.org>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
* redistribute it and/or modify it under the terms of the GNU General Public
{
if (!API)
{
- source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via SSL");
+ source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via TLS (SSL)");
return MODEACTION_DENY;
}
+ unsigned long nonssl = 0;
const Channel::MemberMap& userlist = channel->GetUsers();
for (Channel::MemberMap::const_iterator i = userlist.begin(); i != userlist.end(); ++i)
{
ssl_cert* cert = API->GetCertificate(i->first);
if (!cert && !i->first->server->IsULine())
- {
- source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "all members of the channel must be connected via SSL");
- return MODEACTION_DENY;
- }
+ nonssl++;
+ }
+
+ if (nonssl)
+ {
+ source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, InspIRCd::Format("All members of the channel must be connected via TLS (SSL) (%lu/%lu are non-TLS (SSL))",
+ nonssl, static_cast<unsigned long>(userlist.size())));
+ return MODEACTION_DENY;
}
}
channel->SetMode(this, true);
{
if (!api)
{
- user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are a SSL user (+z)");
+ user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are a TLS (SSL) user (+z is set)");
return MOD_RES_DENY;
}
if (!api->GetCertificate(user))
{
- user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; SSL users only (+z)");
+ user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; TLS (SSL) users only (+z is set)");
return MOD_RES_DENY;
}
}
User* target = msgtarget.Get<User>();
- /* If one or more of the parties involved is a ulined service, we wont stop it. */
+ /* If one or more of the parties involved is a ulined service, we won't stop it. */
if (user->server->IsULine() || target->server->IsULine())
return MOD_RES_PASSTHRU;
if (!api || !api->GetCertificate(user))
{
/* The sending user is not on an SSL connection */
- user->WriteNumeric(ERR_CANTSENDTOUSER, target->nick, "You are not permitted to send private messages to this user (+z set)");
+ user->WriteNumeric(Numerics::CannotSendTo(target, "messages", &sslquery));
return MOD_RES_DENY;
}
}
{
if (!api || !api->GetCertificate(target))
{
- user->WriteNumeric(ERR_CANTSENDTOUSER, target->nick, "You must remove usermode 'z' before you are able to send private messages to a non-ssl user.");
+ user->WriteNumeric(Numerics::CannotSendTo(target, "messages", &sslquery, true));
return MOD_RES_DENY;
}
}
Version GetVersion() CXX11_OVERRIDE
{
- return Version("Provides user and channel mode +z to allow for SSL-only channels, queries and notices.", VF_VENDOR);
+ return Version("Adds channel mode z (sslonly) which prevents users who are not connecting using TLS (SSL) from joining the channel and user mode z (sslqueries) to prevent messages from non-TLS (SSL) users.", VF_VENDOR);
}
};