* | Inspire Internet Relay Chat Daemon |
* +------------------------------------+
*
- * InspIRCd: (C) 2002-2008 InspIRCd Development Team
- * See: http://www.inspircd.org/wiki/index.php/Credits
+ * InspIRCd: (C) 2002-2010 InspIRCd Development Team
+ * See: http://wiki.inspircd.org/Credits
*
* This program is free but copyrighted software; see
* the file COPYING for details.
*/
#include "inspircd.h"
-#include <stdio.h>
-#include <string>
-#include "users.h"
-#include "channels.h"
-#include "modules.h"
-#include "configreader.h"
/* $ModDesc: Provides support for Austhex style +k / UnrealIRCD +S services mode */
class ServProtectMode : public ModeHandler
{
public:
- ServProtectMode(InspIRCd* Instance) : ModeHandler(Instance, 'k', 0, 0, false, MODETYPE_USER, true) { }
+ ServProtectMode(Module* Creator) : ModeHandler(Creator, "servprotect", 'k', PARAM_NONE, MODETYPE_USER) { oper = true; }
ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string ¶meter, bool adding)
{
+ /* Because this returns MODEACTION_DENY all the time, there is only ONE
+ * way to add this mode and that is at client introduction in the UID command,
+ * as this calls OnModeChange for each mode but disregards the return values.
+ * The mode cannot be manually added or removed, not even by a server or by a remote
+ * user or uline, which prevents its (ab)use as a kiddie 'god mode' on such networks.
+ * I'm sure if someone really wants to do that they can make a copy of this module
+ * that does the job. It won't be me though!
+ */
return MODEACTION_DENY;
}
-
- bool NeedsOper() { return true; }
};
class ModuleServProtectMode : public Module
{
-
- ServProtectMode* bm;
+ ServProtectMode bm;
public:
- ModuleServProtectMode(InspIRCd* Me)
- : Module(Me)
+ ModuleServProtectMode()
+ : bm(this)
{
-
- bm = new ServProtectMode(ServerInstance);
- if (!ServerInstance->AddMode(bm))
+ if (!ServerInstance->Modes->AddMode(&bm))
throw ModuleException("Could not add new modes!");
- Implementation eventlist[] = { I_OnWhois, I_OnKill, I_OnWhoisLine };
- ServerInstance->Modules->Attach(eventlist, this, 3);
+ Implementation eventlist[] = { I_OnWhois, I_OnKill, I_OnWhoisLine, I_OnRawMode, I_OnUserPreKick };
+ ServerInstance->Modules->Attach(eventlist, this, 5);
}
-
- virtual ~ModuleServProtectMode()
+
+ ~ModuleServProtectMode()
{
- ServerInstance->Modes->DelMode(bm);
- delete bm;
}
-
- virtual Version GetVersion()
+
+ Version GetVersion()
{
- return Version(1,1,0,0,VF_COMMON,API_VERSION);
+ return Version("Provides support for Austhex style +k / UnrealIRCD +S services mode", VF_VENDOR);
}
- virtual void OnWhois(User* src, User* dst)
+ void OnWhois(User* src, User* dst)
{
if (dst->IsModeSet('k'))
{
}
}
- virtual int OnKill(User* src, User* dst, const std::string &reason)
+ ModResult OnRawMode(User* user, Channel* chan, const char mode, const std::string ¶m, bool adding, int pcnt)
+ {
+ /* Check that the mode is not a server mode, it is being removed, the user making the change is local, there is a parameter,
+ * and the user making the change is not a uline
+ */
+ if (!adding && chan && IS_LOCAL(user) && !param.empty() && !ServerInstance->ULine(user->server))
+ {
+ /* Check if the parameter is a valid nick/uuid
+ */
+ User *u = ServerInstance->FindNick(param);
+ if (u)
+ {
+ Membership* memb = chan->GetUser(u);
+ /* The target user has +k set on themselves, and you are trying to remove a privilege mode the user has set on themselves.
+ * This includes any prefix permission mode, even those registered in other modules, e.g. +qaohv. Using ::ModeString()
+ * here means that the number of modes is restricted to only modes the user has, limiting it to as short a loop as possible.
+ */
+ if (u->IsModeSet('k') && memb && memb->modes.find(mode) != std::string::npos)
+ {
+ /* BZZZT, Denied! */
+ user->WriteNumeric(482, "%s %s :You are not permitted to remove privileges from %s services", user->nick.c_str(), chan->name.c_str(), ServerInstance->Config->Network.c_str());
+ return MOD_RES_DENY;
+ }
+ }
+ }
+ /* Mode allowed */
+ return MOD_RES_PASSTHRU;
+ }
+
+ ModResult OnKill(User* src, User* dst, const std::string &reason)
{
if (src == NULL)
- return 0;
+ return MOD_RES_PASSTHRU;
if (dst->IsModeSet('k'))
{
- src->WriteServ("485 %s :You are not allowed to kill %s Services!", src->nick, ServerInstance->Config->Network);
- ServerInstance->WriteOpers("*** "+std::string(src->nick)+" tried to kill service "+dst->nick+" ("+reason+")");
- return 1;
+ src->WriteNumeric(485, "%s :You are not permitted to kill %s services!", src->nick.c_str(), ServerInstance->Config->Network.c_str());
+ ServerInstance->SNO->WriteGlobalSno('a', std::string(src->nick)+" tried to kill service "+dst->nick+" ("+reason+")");
+ return MOD_RES_DENY;
}
- return 0;
+ return MOD_RES_PASSTHRU;
+ }
+
+ ModResult OnUserPreKick(User *src, Membership* memb, const std::string &reason)
+ {
+ if (memb->user->IsModeSet('k'))
+ {
+ src->WriteNumeric(484, "%s %s :You are not permitted to kick services",
+ src->nick.c_str(), memb->chan->name.c_str());
+ return MOD_RES_DENY;
+ }
+
+ return MOD_RES_PASSTHRU;
}
- virtual int OnWhoisLine(User* src, User* dst, int &numeric, std::string &text)
+ ModResult OnWhoisLine(User* src, User* dst, int &numeric, std::string &text)
{
- return ((src != dst) && (numeric == 319) && dst->IsModeSet('k'));
+ return ((src != dst) && (numeric == 319) && dst->IsModeSet('k')) ? MOD_RES_DENY : MOD_RES_PASSTHRU;
}
};