From: Chris Porter Date: Sun, 29 Jun 2014 20:32:06 +0000 (+0100) Subject: CHANSERV: don't allow non-opers to see last realhosts in AUTHHISTORY / WHOIS X-Git-Url: https://jfr.im/git/irc/quakenet/newserv.git/commitdiff_plain/ffc0f3ab2d170c06ea55ea35fa5b9f2aa395a058 CHANSERV: don't allow non-opers to see last realhosts in AUTHHISTORY / WHOIS --HG-- branch : chanserv-live --- diff --git a/chanserv/authcmds/authhistory.c b/chanserv/authcmds/authhistory.c index 44f32a27..dc1300e9 100644 --- a/chanserv/authcmds/authhistory.c +++ b/chanserv/authcmds/authhistory.c @@ -23,6 +23,7 @@ struct authhistoryinfo { unsigned int numeric; unsigned int userID; + int realhost; }; void csdb_doauthhistory_real(DBConn *dbconn, void *arg) { @@ -66,6 +67,7 @@ void csdb_doauthhistory_real(DBConn *dbconn, void *arg) { free(ahi); return; } + chanservstdmessage(np, QM_AUTHHISTORYHEADER); /* @TIMELEN */ while(dbfetchrow(pgres)) { if (!UHasHelperPriv(rup) && (strtoul(dbgetvalue(pgres, 0), NULL, 10) != rup->ID)) { @@ -83,7 +85,7 @@ void csdb_doauthhistory_real(DBConn *dbconn, void *arg) { if (ahdisconnecttime) q9strftime(tbuf2, sizeof(tbuf2), ahdisconnecttime); - snprintf(uhbuf,sizeof(uhbuf),"%s!%s@%s", ahnick, ahuser, ahhost); + snprintf(uhbuf,sizeof(uhbuf),"%s!%s@%s", ahnick, ahuser, ahi->realhost ? ahhost : "(hidden)"); chanservsendmessage(np, "#%-2d %-50s %-19s %-19s %s", ++count, uhbuf, tbuf1, ahdisconnecttime?tbuf2:"never", dbgetvalue(pgres,6)); /* @TIMELEN */ } chanservstdmessage(np, QM_ENDOFLIST); @@ -92,7 +94,7 @@ void csdb_doauthhistory_real(DBConn *dbconn, void *arg) { free(ahi); } -void csdb_retreiveauthhistory(nick *np, reguser *rup, int limit) { +void csdb_retreiveauthhistory(nick *np, reguser *rup, int limit, int realhost) { struct authhistoryinfo *ahi; char limitstr[30]; @@ -105,6 +107,7 @@ void csdb_retreiveauthhistory(nick *np, reguser *rup, int limit) { ahi=(struct authhistoryinfo *)malloc(sizeof(struct authhistoryinfo)); ahi->numeric=np->numeric; ahi->userID=rup->ID; + ahi->realhost=realhost; q9a_asyncquery(csdb_doauthhistory_real, (void *)ahi, "SELECT userID, nick, username, host, authtime, disconnecttime, quitreason from chanserv.authhistory where " "userID=%u order by authtime desc%s", rup->ID, limitstr); @@ -115,7 +118,8 @@ int csa_doauthhistory(void *source, int cargc, char **cargv) { nick *sender=source; unsigned int arg=0; unsigned int limit=10; - + int realhost; + if (!(rup=getreguserfromnick(sender))) return CMD_ERROR; @@ -147,14 +151,23 @@ int csa_doauthhistory(void *source, int cargc, char **cargv) { return CMD_ERROR; } + if(cs_privcheck(QPRIV_VIEWREALHOST, sender)) { + realhost = 1; + } else { + realhost = 0; + } + /* checks passed */ chanservwallmessage("%s (%s) used AUTHHISTORY on %s", sender->nick, rup->username, trup->username); + } else { + realhost = 0; } } else { trup=rup; + realhost = 1; } - csdb_retreiveauthhistory(sender, trup, limit); + csdb_retreiveauthhistory(sender, trup, limit, realhost); return CMD_OK; } diff --git a/chanserv/chanserv.h b/chanserv/chanserv.h index c8ddfc1c..752e26f3 100644 --- a/chanserv/chanserv.h +++ b/chanserv/chanserv.h @@ -144,6 +144,7 @@ #define QPRIV_VIEWCHANSUSPENSION 110 #define QPRIV_VIEWSUSPENDEDBY 111 #define QPRIV_VIEWWALLMESSAGE 112 +#define QPRIV_VIEWREALHOST 113 #define QPRIV_CHANGECHANFLAGS 200 #define QPRIV_CHANGECHANLEV 201 diff --git a/chanserv/chanservprivs.c b/chanserv/chanservprivs.c index 522e92b7..c38e6b20 100644 --- a/chanserv/chanservprivs.c +++ b/chanserv/chanservprivs.c @@ -34,6 +34,7 @@ int cs_privcheck(int privnum, nick *np) { case QPRIV_CHANGEUSERFLAGS: case QPRIV_VIEWSUSPENDEDBY: case QPRIV_VIEWWALLMESSAGE: /* if you change VIEWWALLMESSAGE alter chanservwallmessage too */ + case QPRIV_VIEWREALHOST: return (np && rup && IsOper(np) && UHasOperPriv(rup)); default: /* By default opers can override anything */ diff --git a/chanserv/usercmds/whois.c b/chanserv/usercmds/whois.c index 2d4cd7eb..8a3c59e4 100644 --- a/chanserv/usercmds/whois.c +++ b/chanserv/usercmds/whois.c @@ -172,7 +172,9 @@ int csu_dowhois(void *source, int cargc, char **cargv) { /* Commenting out language until we implement some - splidge chanservstdmessage(sender, QM_WHOIS_USERLANG, cslanguages[target->languageid] ? cslanguages[target->languageid]->name->content : "(unknown)"); */ - chanservstdmessage(sender, QM_WHOIS_LASTUSERHOST, target->lastuserhost->content); + if(rup==target || cs_privcheck(QPRIV_VIEWREALHOST, sender)) { + chanservstdmessage(sender, QM_WHOIS_LASTUSERHOST, target->lastuserhost->content); + } } if (target->email && (rup==target || cs_privcheck(QPRIV_VIEWEMAIL, sender))) {