#define KEY_SET_EPITHET_LEVEL "set_epithet_level"
#define KEY_SET_TITLE_LEVEL "set_title_level"
#define KEY_SET_FAKEHOST_LEVEL "set_fakehost_level"
+#define KEY_DENIED_FAKEHOST_WORDS "denied_fakehost_words"
#define KEY_TITLEHOST_SUFFIX "titlehost_suffix"
#define KEY_AUTO_OPER "auto_oper"
#define KEY_AUTO_ADMIN "auto_admin"
struct userList curr_helpers;
const char *handle_flags = HANDLE_FLAGS;
+extern struct string_list *autojoin_channels;
static struct module *nickserv_module;
static struct service *nickserv_service;
static struct log_type *NS_LOG;
{ "NSMSG_ATE_FOREIGN_COOKIE", "I ate the cookie for account $b%s$b. It may now have another." },
{ "NSMSG_USE_RENAME", "You are already authenticated to account $b%s$b -- contact the support staff to rename your account." },
{ "NSMSG_ALREADY_REGISTERING", "You have already used $bREGISTER$b once this session; you may not use it again." },
- { "NSMSG_REGISTER_BAD_NICKMASK", "Could not recognize $b%s$b as either a current nick or a hostmask." },
+ { "NSMSG_REGISTER_BAD_NICKMASK", "You must provide a hostmask, or online nick to generate one automatically. (or set a default hostmask in the config such as *@*)." },
{ "NSMSG_NICK_NOT_REGISTERED", "Nick $b%s$b has not been registered to any account." },
{ "NSMSG_HANDLE_NOT_FOUND", "Could not find your account -- did you register yet?" },
{ "NSMSG_ALREADY_AUTHED", "You are already authed to account $b%s$b; you must reconnect to auth to a different account." },
{ "NSMSG_USER_PREV_AUTH", "$b%s$b is already authenticated." },
{ "NSMSG_USER_PREV_STAMP", "$b%s$b has authenticated to an account once and cannot authenticate again." },
{ "NSMSG_BAD_MAX_LOGINS", "MaxLogins must be at most %d." },
+ { "NSMSG_BAD_ADVANCED", "Advanced must be either 1 to enable it or 0 to disable it." },
{ "NSMSG_LANGUAGE_NOT_FOUND", "Language $b%s$b is not supported; $b%s$b was the closest available match." },
{ "NSMSG_MAX_LOGINS", "Your account already has its limit of %d user(s) logged in." },
{ "NSMSG_STAMPED_REGISTER", "You have already authenticated to an account once this session; you may not register a new account." },
{ "NSMSG_SET_PRIVMSG", "$bPRIVMSG: $b%s" },
{ "NSMSG_SET_STYLE", "$bSTYLE: $b%s" },
{ "NSMSG_SET_ANNOUNCEMENTS", "$bANNOUNCEMENTS: $b%s" },
- { "NSMSG_SET_AUTOHIDE", "$bAUTOHIDE: $b%s" },
+ { "NSMSG_SET_AUTOHIDE", "$bAUTOHIDE: $b%s" },
{ "NSMSG_SET_PASSWORD", "$bPASSWORD: $b%s" },
{ "NSMSG_SET_FLAGS", "$bFLAGS: $b%s" },
{ "NSMSG_SET_EMAIL", "$bEMAIL: $b%s" },
{ "NSMSG_SET_MAXLOGINS", "$bMAXLOGINS: $b%d" },
+ { "NSMSG_SET_ADVANCED", "$bADVANCED: $b%s" },
{ "NSMSG_SET_LANGUAGE", "$bLANGUAGE: $b%s" },
{ "NSMSG_SET_LEVEL", "$bLEVEL: $b%d" },
{ "NSMSG_SET_EPITHET", "$bEPITHET: $b%s" },
{ "NSEMAIL_EMAIL_VERIFY_BODY", "This email has been sent to verify that this address belongs to the same person as %5$s on %1$s. Your cookie is %2$s.\nTo verify your address as associated with this account, log on to %1$s and type the following command:\n /msg %3$s@%4$s COOKIE %5$s %2$s\nIf you did NOT request this email address to be associated with this account, you do not need to do anything. Please contact the %1$s staff if you have questions." },
{ "NSEMAIL_ALLOWAUTH_SUBJECT", "Authentication allowed for %s" },
{ "NSEMAIL_ALLOWAUTH_BODY", "This email has been sent to let you authenticate (auth) to account %5$s on %1$s. Your cookie is %2$s.\nTo auth to that account, log on to %1$s and type the following command:\n /msg %3$s@%4$s COOKIE %5$s %2$s\nIf you did NOT request this authorization, you do not need to do anything. Please contact the %1$s staff if you have questions." },
+ { "NSMSG_NOT_VALID_FAKEHOST_DOT", "$b%s$b is not a valid vhost. (needs at least one dot)" },
+ { "NSMSG_NOT_VALID_FAKEHOST_AT", "$b%s$b is not a valid vhost. (it can not have a '@')" },
+ { "NSMSG_DENIED_FAKEHOST_WORD", "Access denied because there's a prohibited word in $b%s$b (%s)." },
+ { "NSMSG_NOT_VALID_FAKEHOST_LEN", "$b%s$b is not a valid vhost. (can only be 63 characters)" },
+ { "NSMSG_NOT_VALID_FAKEHOST_TLD_LEN", "$b%s$b is not a valid vhost. (TLD can only be 4 characters and less)" },
{ "CHECKPASS_YES", "Yes." },
{ "CHECKPASS_NO", "No." },
{ NULL, NULL }
const char *auto_oper;
const char *auto_admin;
char default_style;
+ struct string_list *denied_fakehost_words;
} nickserv_conf;
/* We have 2^32 unique account IDs to use. */
return 0;
}
-static struct handle_info *
+struct handle_info *
get_victim_oper(struct userNode *user, const char *target)
{
struct handle_info *hi;
static NICKSERV_FUNC(cmd_oregister)
{
- char *mask;
- struct userNode *settee;
+ struct userNode *settee = NULL;
struct handle_info *hi;
+ char* account = NULL;
+ char* pass = NULL;
+ char* email = NULL;
+ char* mask = NULL;
+ char* nick = NULL;
- NICKSERV_MIN_PARMS(nickserv_conf.email_required ? 4 : 3);
-
- if (!is_valid_handle(argv[1])) {
- reply("NSMSG_BAD_HANDLE", argv[1]);
- return 0;
- }
-
+ NICKSERV_MIN_PARMS(3);
+
+ account = argv[1];
+ pass = argv[2];
if (nickserv_conf.email_required) {
- if (!valid_email(argv[4])) {
- reply("NSMSG_BAD_EMAIL_ADDR");
- return 0;
+ NICKSERV_MIN_PARMS(4);
+ email = argv[3];
+ if (argc >= 5) {/* take: "acct pass email mask nick" or "acct pass email mask" or "acct pass email nick" */
+ if (strchr(argv[4], '@') || argc >= 6) /* If @, its mask not nick */
+ mask = argv[4];
+ else
+ nick = argv[4];
+ }
+ if (argc >= 6) {
+ nick = argv[5];
}
}
-
- if (strchr(argv[3], '@')) {
- mask = canonicalize_hostmask(strdup(argv[3]));
- if (argc > 4) {
- settee = GetUserH(nickserv_conf.email_required ? argv[5] : argv[4]);
- if (!settee) {
- reply("MSG_NICK_UNKNOWN", nickserv_conf.email_required ? argv[5] : argv[4]);
- free(mask);
- return 0;
- }
- } else {
- settee = NULL;
- }
- } else if ((settee = GetUserH(argv[3]))) {
- mask = generate_hostmask(settee, GENMASK_OMITNICK|GENMASK_NO_HIDING|GENMASK_ANY_IDENT);
- } else {
- reply("NSMSG_REGISTER_BAD_NICKMASK", argv[3]);
- return 0;
+ else {
+ if (argc >= 4) {/* take: "account pass mask nick" or "account pass mask" or "account pass nick" */
+ if (strchr(argv[3], '@') || argc >= 5) /* If @, its mask not nick */
+ mask = argv[3];
+ else
+ nick = argv[3];
+ }
+ if (argc >= 5) {
+ nick = argv[4];
+ }
}
+ /* If they passed a nick, look for that user.. */
+ if (nick && !(settee = GetUserH(nick))) {
+ reply("MSG_NICK_UNKNOWN", argv[4]);
+ return 0;
+ }
+ /* If the setee is already authed, we cant add a 2nd account for them.. */
if (settee && settee->handle_info) {
reply("NSMSG_USER_PREV_AUTH", settee->nick);
- free(mask);
return 0;
}
- if (!(hi = nickserv_register(user, settee, argv[1], argv[2], 0))) {
- if (nickserv_conf.email_required) {
- nickserv_set_email_addr(hi, argv[4]);
- if (nickserv_conf.sync_log)
- SyncLog("REGISTER %s %s %s %s", hi->handle, hi->passwd, argv[4], user->info);
+ /* If there is no default mask in the conf, and they didn't pass a mask,
+ * but we did find a user by nick, generate the mask */
+ if (!mask) {
+ if (nickserv_conf.default_hostmask)
+ mask = "*@*";
+ else if (settee)
+ mask = generate_hostmask(settee, GENMASK_OMITNICK|GENMASK_NO_HIDING|GENMASK_ANY_IDENT);
+ else {
+ reply("NSMSG_REGISTER_BAD_NICKMASK");
+ return 0;
}
- free(mask);
- return 0;
}
- string_list_append(hi->masks, mask);
+
+ if (!(hi = nickserv_register(user, settee, account, pass, 0))) {
+ return 0; /* error reply handled by above */
+ }
+ if (email) {
+ nickserv_set_email_addr(hi, email);
+ }
+ if (mask) {
+ char* mask_canonicalized = canonicalize_hostmask(strdup(mask));
+ string_list_append(hi->masks, mask_canonicalized);
+ }
+
+ if (nickserv_conf.sync_log)
+ SyncLog("REGISTER %s %s %s %s", hi->handle, hi->passwd, email ? email : "@", user->info); /* Send just @ for email if none */
return 1;
}
nickserv_ignore(struct userNode *user, struct handle_info *hi, const char *mask)
{
unsigned int i;
- char *new_mask = canonicalize_hostmask(strdup(mask));
+ struct userNode *target;
+ char *new_mask = pretty_mask(strdup(mask));
for (i=0; i<hi->ignores->used; i++) {
if (!irccasecmp(new_mask, hi->ignores->list[i])) {
send_message(user, nickserv, "NSMSG_ADDIGNORE_ALREADY", new_mask);
- free(new_mask);
+/* free(new_mask); i hate glibc */
return 0;
}
}
string_list_append(hi->ignores, new_mask);
send_message(user, nickserv, "NSMSG_ADDIGNORE_SUCCESS", new_mask);
- irc_silence(user, new_mask, 1);
+ for (target = hi->users; target; target = target->next_authed) {
+ irc_silence(target, new_mask, 1);
+ }
return 1;
}
NICKSERV_MIN_PARMS(3);
if (!(hi = get_victim_oper(user, argv[1])))
return 0;
+
return nickserv_ignore(user, hi, argv[2]);
}
nickserv_delignore(struct userNode *user, struct handle_info *hi, const char *del_mask)
{
unsigned int i;
+ struct userNode *target;
+ char *dmask = pretty_mask(strdup(del_mask));
for (i=0; i<hi->ignores->used; i++) {
- if (!strcmp(del_mask, hi->ignores->list[i])) {
+ if (!strcmp(dmask, hi->ignores->list[i])) {
char *old_mask = hi->ignores->list[i];
hi->ignores->list[i] = hi->ignores->list[--hi->ignores->used];
send_message(user, nickserv, "NSMSG_DELMASK_SUCCESS", old_mask);
- irc_silence(user, old_mask, 0);
- free(old_mask);
+ for (target = hi->users; target; target = target->next_authed) {
+ irc_silence(user, old_mask, 0);
+ }
+/* free(old_mask); i hate glibc */
return 1;
}
}
char *set_display[] = {
"INFO", "WIDTH", "TABLEWIDTH", "COLOR", "PRIVMSG", "STYLE",
"EMAIL", "ANNOUNCEMENTS", "AUTOHIDE", "MAXLOGINS", "LANGUAGE",
- "FAKEHOST", "TITLE", "EPITHET"
+ "FAKEHOST", "TITLE", "EPITHET", "ADVANCED"
};
send_message(user, nickserv, "NSMSG_SETTING_LIST");
return 1;
}
+static OPTION_FUNC(opt_advanced)
+{
+ if (argc > 1) {
+ if (enabled_string(argv[1]))
+ HANDLE_SET_FLAG(hi, ADVANCED);
+ else if (disabled_string(argv[1]))
+ HANDLE_CLEAR_FLAG(hi, ADVANCED);
+ else {
+ send_message(user, nickserv, "MSG_INVALID_BINARY", argv[1]);
+ return 0;
+ }
+ }
+
+ send_message(user, nickserv, "NSMSG_SET_ADVANCED", user_find_message(user, HANDLE_FLAGGED(hi, ADVANCED) ? "MSG_ON" : "MSG_OFF"));
+ return 1;
+}
+
static OPTION_FUNC(opt_language)
{
struct language *lang;
return 1;
}
+int
+check_vhost(char *vhost, struct userNode *user)
+{
+ unsigned int y, depth;
+ char *hostname;
+
+ // check for a dot in the vhost
+ if(strchr(vhost, '.') == NULL) {
+ send_message(user, nickserv, "NSMSG_NOT_VALID_FAKEHOST_DOT", vhost);
+ return 0;
+ }
+
+ // check for a @ in the vhost
+ if(strchr(vhost, '@') != NULL) {
+ send_message(user, nickserv, "NSMSG_NOT_VALID_FAKEHOST_AT", vhost);
+ return 0;
+ }
+
+ // check for denied words, inspired by monk at paki.sex
+ for(y = 0; y < nickserv_conf.denied_fakehost_words->used; y++) {
+ if(strstr(vhost, nickserv_conf.denied_fakehost_words->list[y]) != NULL) {
+ send_message(user, nickserv, "NSMSG_DENIED_FAKEHOST_WORD", vhost, nickserv_conf.denied_fakehost_words->list[y]);
+ return 0;
+ }
+ }
+
+ // check for ircu's HOSTLEN length.
+ if(strlen(vhost) >= HOSTLEN) {
+ send_message(user, nickserv, "NSMSG_NOT_VALID_FAKEHOST_LEN", vhost);
+ return 0;
+ }
+
+ if (vhost[strspn(vhost, "0123456789.")]) {
+ hostname = vhost + strlen(vhost);
+ for (depth = 1; depth && (hostname > vhost); depth--) {
+ hostname--;
+ while ((hostname > vhost) && (*hostname != '.')) hostname--;
+ }
+
+ if (*hostname == '.') hostname++; /* advance past last dot we saw */
+ if(strlen(hostname) > 4) {
+ send_message(user, nickserv, "NSMSG_NOT_VALID_FAKEHOST_TLD_LEN", vhost);
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
static OPTION_FUNC(opt_fakehost)
{
const char *fake;
return 0;
}
free(hi->fakehost);
- if (!strcmp(fake, "*"))
+ if (!strcmp(fake, "*")) {
hi->fakehost = NULL;
- else
+ } else {
+ if (!check_vhost(argv[1], user))
+ return 0;
+
hi->fakehost = strdup(fake);
+ }
fake = hi->fakehost;
apply_fakehost(hi);
- } else
+ } else {
fake = generate_fakehost(hi);
+ }
if (!fake)
fake = user_find_message(user, "MSG_NONE");
send_message(user, nickserv, "NSMSG_SET_FAKEHOST", fake);
str = database_get_data(obj, KEY_FAKEHOST, RECDB_QSTRING);
if (str)
hi->fakehost = strdup(str);
+
subdb = database_get_data(obj, KEY_COOKIE, RECDB_OBJECT);
if (subdb) {
const char *data, *type, *expires, *cookie_str;
dict_t conf_node, child;
const char *str;
dict_iterator_t it;
+ struct string_list *strlist;
if (!(conf_node = conf_get_data(NICKSERV_CONF_NAME, RECDB_OBJECT))) {
log_module(NS_LOG, LOG_ERROR, "config node `%s' is missing or has wrong type.", NICKSERV_CONF_NAME);
str = database_get_data(conf_node, KEY_TITLEHOST_SUFFIX, RECDB_QSTRING);
nickserv_conf.titlehost_suffix = str ? str : "example.net";
+ free_string_list(nickserv_conf.denied_fakehost_words);
+ strlist = database_get_data(conf_node, KEY_DENIED_FAKEHOST_WORDS, RECDB_STRING_LIST);
+ if(strlist)
+ strlist = string_list_copy(strlist);
+ else {
+ strlist = alloc_string_list(4);
+ string_list_append(strlist, strdup("sex"));
+ string_list_append(strlist, strdup("fuck"));
+ }
+ nickserv_conf.denied_fakehost_words = strlist;
+
str = database_get_data(conf_node, KEY_DEFAULT_STYLE, RECDB_QSTRING);
nickserv_conf.default_style = str ? str[0] : HI_DEFAULT_STYLE;
void
init_nickserv(const char *nick)
{
+ struct chanNode *chan;
unsigned int i;
NS_LOG = log_register_type("NickServ", "file:nickserv.log");
reg_new_user_func(handle_new_user);
}
dict_insert(nickserv_opt_dict, "ANNOUNCEMENTS", opt_announcements);
dict_insert(nickserv_opt_dict, "MAXLOGINS", opt_maxlogins);
+ dict_insert(nickserv_opt_dict, "ADVANCED", opt_advanced);
dict_insert(nickserv_opt_dict, "LANGUAGE", opt_language);
nickserv_handle_dict = dict_new();
reg_exit_func(nickserv_db_cleanup);
if(nickserv_conf.handle_expire_frequency)
timeq_add(now + nickserv_conf.handle_expire_frequency, expire_handles, NULL);
+
+ if(autojoin_channels && nickserv) {
+ for (i = 0; i < autojoin_channels->used; i++) {
+ chan = AddChannel(autojoin_channels->list[i], now, "+nt", NULL, NULL);
+ AddChannelUser(nickserv, chan)->modes |= MODE_CHANOP;
+ }
+ }
+
message_register_table(msgtab);
}