librb mbedTLS: der_pubkey is used out of scope

[solanum.git] / ircd / s_user.c

diff --git a/ircd/s_user.c b/ircd/s_user.c
index bda9bca82844b71d6aa2642ff2c5bc27b06d39d4..afd37d99d0dbdcca659eaccb3a850117a42b43b0 100644 (file)
--- a/ircd/s_user.c
+++ b/ircd/s_user.c
@@ -89,7 +89,7 @@ int user_modes[256] = {
        0,                      /* W */
        0,                      /* X */
        0,                      /* Y */
-       UMODE_SSLCLIENT,        /* Z */
+       UMODE_SECURE,           /* Z */
        /* 0x5B */ 0, 0, 0, 0, 0, 0, /* 0x60 */
        UMODE_ADMIN,            /* a */
        0,                      /* b */
@@ -254,7 +254,7 @@ authd_check(struct Client *client_p, struct Client *source_p)
                        {
                                /* This shouldn't happen, better tell the ops... */
                                ierror("authd sent us a malformed OPM string %s", proxy);
-                               sendto_realops_snomask(SNO_GENERAL, L_ALL,
+                               sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
                                        "authd sent us a malformed OPM string %s", proxy);
                                break;
                        }
@@ -441,7 +441,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
                return (CLIENT_EXITED);
        }
 
-       if(IsConfSSLNeeded(aconf) && !IsSSL(source_p))
+       if(IsConfSSLNeeded(aconf) && !IsSecure(source_p))
        {
                ServerStats.is_ref++;
                sendto_one_notice(source_p, ":*** Notice -- You need to use SSL/TLS to use this server");
@@ -542,7 +542,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
        if(rb_dlink_list_length(&lclient_list) >=
            (unsigned long)GlobalSetOptions.maxclients && !IsConfExemptLimits(aconf))
        {
-               sendto_realops_snomask(SNO_FULL, L_ALL,
+               sendto_realops_snomask(SNO_FULL, L_NETWIDE,
                                     "Too many clients, rejecting %s[%s].", source_p->name, source_p->host);
 
                ServerStats.is_ref++;
@@ -568,7 +568,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
 
        if(!valid_username(source_p->username))
        {
-               sendto_realops_snomask(SNO_REJ, L_ALL,
+               sendto_realops_snomask(SNO_REJ, L_NETWIDE,
                                     "Invalid username: %s (%s@%s)",
                                     source_p->name, source_p->username, source_p->host);
                ServerStats.is_ref++;
@@ -634,8 +634,8 @@ register_local_user(struct Client *client_p, struct Client *source_p)
                add_to_id_hash(source_p->id, source_p);
        }
 
-       if (IsSSL(source_p) && !IsInsecure(source_p))
-               source_p->umodes |= UMODE_SSLCLIENT;
+       if (IsSecure(source_p))
+               source_p->umodes |= UMODE_SECURE;
 
        if (source_p->umodes & UMODE_INVISIBLE)
                Count.invisi++;
@@ -659,7 +659,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
        {
                Count.max_loc = rb_dlink_list_length(&lclient_list);
                if(!(Count.max_loc % 10))
-                       sendto_realops_snomask(SNO_GENERAL, L_ALL,
+                       sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
                                             "New Max Local Clients: %d", Count.max_loc);
        }
 
@@ -972,6 +972,22 @@ report_and_set_user_flags(struct Client *source_p, struct ConfItem *aconf)
        }
 }
 
+void
+report_priv_change(struct Client *client, struct PrivilegeSet *old, struct PrivilegeSet *new)
+{
+       struct privset_diff diff = privilegeset_diff(old, new);
+
+       hook_data_priv_change hdata = {
+               .client = client,
+               .new = new,
+               .old = old,
+               .unchanged = diff.unchanged,
+               .added = diff.added,
+               .removed = diff.removed,
+       };
+       call_hook(h_priv_change, &hdata);
+}
+
 static void
 show_other_user_mode(struct Client *source_p, struct Client *target_p)
 {
@@ -1040,14 +1056,14 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
 
        if(IsServer(source_p))
        {
-               sendto_realops_snomask(SNO_GENERAL, L_ADMIN,
+               sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
                                     "*** Mode for User %s from %s", parv[1], source_p->name);
                return 0;
        }
 
        if(source_p != target_p)
        {
-               if (MyOper(source_p) && parc < 3)
+               if (HasPrivilege(source_p, "auspex:umodes") && parc < 3)
                        show_other_user_mode(source_p, target_p);
                else
                        sendto_one(source_p, form_str(ERR_USERSDONTMATCH), me.name, source_p->name);
@@ -1116,11 +1132,6 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
                                if(MyConnect(source_p))
                                {
                                        source_p->umodes &= ~ConfigFileEntry.oper_only_umodes;
-                                       if (!(source_p->umodes & UMODE_SERVNOTICE) && source_p->snomask != 0)
-                                       {
-                                               source_p->snomask = 0;
-                                               showsnomask = true;
-                                       }
                                        source_p->flags &= ~OPER_FLAGS;
 
                                        rb_dlinkFindDestroy(source_p, &local_oper_list);
@@ -1134,6 +1145,8 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
 
                                if(source_p->user->privset != NULL)
                                {
+                                       report_priv_change(source_p, source_p->user->privset, NULL);
+
                                        privilegeset_unref(source_p->user->privset);
                                        source_p->user->privset = NULL;
                                }
@@ -1158,8 +1171,8 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
                case 's':
                        if (MyConnect(source_p))
                        {
-                               if(!IsOper(source_p)
-                                               && (ConfigFileEntry.oper_only_umodes & UMODE_SERVNOTICE))
+                               if((ConfigFileEntry.oper_only_umodes & UMODE_SERVNOTICE) &&
+                                               (!IsOper(source_p) || !HasPrivilege(source_p, "usermode:servnotice")))
                                {
                                        if (what == MODE_ADD || source_p->umodes & UMODE_SERVNOTICE)
                                                badflag = true;
@@ -1218,6 +1231,18 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
        if(badflag)
                sendto_one(source_p, form_str(ERR_UMODEUNKNOWNFLAG), me.name, source_p->name);
 
+       if(MyClient(source_p))
+       {
+               if ((ConfigFileEntry.oper_only_umodes & UMODE_SERVNOTICE) &&
+                               !HasPrivilege(source_p, "usermode:servnotice"))
+                       source_p->umodes &= ~UMODE_SERVNOTICE;
+               if (!(source_p->umodes & UMODE_SERVNOTICE) && source_p->snomask != 0)
+               {
+                       source_p->snomask = 0;
+                       showsnomask = true;
+               }
+       }
+
        if(MyClient(source_p) && (source_p->snomask & SNO_NCHANGE) && !IsOperN(source_p))
        {
                sendto_one_notice(source_p, ":*** You need oper and nick_changes flag for +s +n");
@@ -1237,6 +1262,9 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char
                source_p->umodes &= ~UMODE_ADMIN;
        }
 
+       if(MyClient(source_p))
+               source_p->handler = IsOperGeneral(source_p) ? OPER_HANDLER : CLIENT_HANDLER;
+
        /* let modules providing usermodes know that we've changed our usermode --nenolod */
        hdata.client = source_p;
        hdata.oldumodes = setflags;
@@ -1425,6 +1453,8 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p)
        source_p->user->opername = rb_strdup(oper_p->name);
        source_p->user->privset = privilegeset_ref(oper_p->privset);
 
+       report_priv_change(source_p, NULL, source_p->user->privset);
+
        rb_dlinkAddAlloc(source_p, &local_oper_list);
        rb_dlinkAddAlloc(source_p, &oper_list);
 
@@ -1434,11 +1464,19 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p)
                source_p->snomask &= ~SNO_NCHANGE;
        if(!IsOperOperwall(source_p))
                source_p->umodes &= ~UMODE_OPERWALL;
+       if((ConfigFileEntry.oper_only_umodes & UMODE_SERVNOTICE) &&
+                       !HasPrivilege(source_p, "usermode:servnotice"))
+       {
+               source_p->umodes &= ~UMODE_SERVNOTICE;
+               source_p->snomask = 0;
+       }
        hdata.client = source_p;
        hdata.oldumodes = old;
        hdata.oldsnomask = oldsnomask;
        call_hook(h_umode_changed, &hdata);
 
+       source_p->handler = IsOperGeneral(source_p) ? OPER_HANDLER : CLIENT_HANDLER;
+
        sendto_realops_snomask(SNO_GENERAL, L_ALL,
                             "%s (%s!%s@%s) is now an operator", oper_p->name, source_p->name,
                             source_p->username, source_p->host);
@@ -1453,7 +1491,10 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p)
                   construct_snobuf(source_p->snomask));
        sendto_one(source_p, form_str(RPL_YOUREOPER), me.name, source_p->name);
        sendto_one_notice(source_p, ":*** Oper privilege set is %s", oper_p->privset->name);
-       sendto_one_notice(source_p, ":*** Oper privs are %s", oper_p->privset->privs);
+       send_multiline_init(source_p, " ", ":%s NOTICE %s :*** Oper privs are ", me.name, source_p->name);
+       for (const char *const *s = privilegeset_privs(oper_p->privset); *s != NULL; s++)
+               send_multiline_item(source_p, "%s", *s);
+       send_multiline_fini(source_p, NULL);
        send_oper_motd(source_p);
 }
 
@@ -1495,12 +1536,12 @@ construct_umodebuf(void)
                        if (user_modes[i] == 0)
                        {
                                orphaned_umodes |= prev_user_modes[i];
-                               sendto_realops_snomask(SNO_DEBUG, L_ALL, "Umode +%c is now orphaned", i);
+                               sendto_realops_snomask(SNO_DEBUG, L_NETWIDE, "Umode +%c is now orphaned", i);
                        }
                        else
                        {
                                orphaned_umodes &= ~prev_user_modes[i];
-                               sendto_realops_snomask(SNO_DEBUG, L_ALL, "Orphaned umode +%c is picked up by module", i);
+                               sendto_realops_snomask(SNO_DEBUG, L_NETWIDE, "Orphaned umode +%c is picked up by module", i);
                        }
                        user_modes[i] = prev_user_modes[i];
                }
@@ -1626,3 +1667,20 @@ change_nick_user_host(struct Client *target_p,   const char *nick, const char *use
                del_all_accepts(target_p);
        }
 }
+
+bool
+has_common_channel(struct Client *source_p, struct Client *target_p)
+{
+        rb_dlink_node *ps, *pt;
+        struct membership *ms, *mt;
+        struct Channel *chptr;
+
+        ITER_COMM_CHANNELS(ps, pt, source_p->user->channel.head, target_p->user->channel.head, ms, mt, chptr)
+        {
+                if (ms != NULL && mt != NULL)
+                        return true;
+        }
+
+        return false;
+}
+