commit - 8579b2a1e514b2c25d81f439f277c9fb39fc1e9f
commit + 490c9d04d71433982b848c032acee546e2d411f2
blob - 7d134b6fcbce5fd7eb3fc8c5c86ba74f5de78a45
blob + 13929d531c19168bdda5c38fda4d171fa614a561
--- ChangeLog
+++ ChangeLog
ngIRCd CVSHEAD
+ - New configuration option "Mask" for [Operator] sections to limit OPER
+ commands to ussers with a specific IRC mask. Patch from Florian Westphal.
- Write "error file" (/tmp/ngircd-XXX.err) only if compiled with debug
code ("--enable-debug") and running as daemon process.
- Don't create version information string each time a client connects
--
-$Id: ChangeLog,v 1.261 2005/02/10 12:49:04 alex Exp $
+$Id: ChangeLog,v 1.262 2005/03/02 16:07:30 alex Exp $
blob - 9b1efedfd95c0c36bcead3d62faeaced96e0b5fe
blob + 4778cd7d38295bc3e7f6369b870da4cc4ca5a748
--- NEWS
+++ NEWS
ngIRCd CVSHEAD
+ - New configuration option "Mask" for [Operator] sections to limit OPER
+ commands to ussers with a specific IRC mask. Patch from Florian Westphal.
- New configuration variable "PidFile", section "[Global]": if defined,
the server writes its process ID (PID) to this file. Default: off.
Idea of Florian Westphal, <westphal@foo.fh-furtwangen.de>.
--
-$Id: NEWS,v 1.68 2005/02/04 14:24:20 alex Exp $
+$Id: NEWS,v 1.69 2005/03/02 16:07:30 alex Exp $
blob - a34f04801ed84b6c6a071a86d6811fe66293660e
blob + 72d2e4671fbe82ce6483d1a3d52ea9b5b5965cae
--- doc/sample-ngircd.conf
+++ doc/sample-ngircd.conf
-# $Id: sample-ngircd.conf,v 1.30 2005/02/04 14:24:21 alex Exp $
+# $Id: sample-ngircd.conf,v 1.31 2005/03/02 16:07:30 alex Exp $
#
# This is a sample configuration file for the ngIRCd, which must be adepted
# Password of the IRC operator
;Password = ThePwd
+ # Optional Mask from which /OPER will be accepted
+ ;Mask = *!ident@somewhere.example.com
+
[Operator]
# More [Operator] sections, if you like ...
blob - 49efafded42ac06e7c4b3c5eb84c67d4f8419ab5
blob + e7f44c6d6875f998127565ba5e1ec29773c6563c
--- man/ngircd.conf.5
+++ man/ngircd.conf.5
.\"
-.\" $Id: ngircd.conf.5,v 1.14 2005/02/14 00:42:41 alex Exp $
+.\" $Id: ngircd.conf.5,v 1.15 2005/03/02 16:07:31 alex Exp $
.\"
.TH ngircd.conf 5 "February 2005" ngircd "ngIRCd Manual"
.SH NAME
.TP
\fBPassword\fR
Password of the IRC operator.
+.TP
+\fBMask\fR
+Mask that is to be checked before an /OPER for this account is accepted.
+Example: nick!ident@*.example.com
.SH [SERVER]
Other servers are configured in
.I [Server]
blob - 17090d8a5e4af5df85077d1274b4c91b33ca9fae
blob + 312ebff9a1cfcb724b3065613b1acefe904abdd0
--- src/ngircd/conf.c
+++ src/ngircd/conf.c
#include "portab.h"
-static char UNUSED id[] = "$Id: conf.c,v 1.68 2005/02/04 14:24:21 alex Exp $";
+static char UNUSED id[] = "$Id: conf.c,v 1.69 2005/03/02 16:07:31 alex Exp $";
#include "imp.h"
#include <assert.h>
puts( "[OPERATOR]" );
printf( " Name = %s\n", Conf_Oper[i].name );
printf( " Password = %s\n", Conf_Oper[i].pwd );
+ if ( Conf_Oper[i].mask ) printf( " Mask = %s\n", Conf_Oper[i].mask );
puts( "" );
}
else
{
/* Initialize new operator structure */
- strcpy( Conf_Oper[Conf_Oper_Count].name, "" );
- strcpy( Conf_Oper[Conf_Oper_Count].pwd, "" );
+ Conf_Oper[Conf_Oper_Count].name[0] = '\0';
+ Conf_Oper[Conf_Oper_Count].pwd[0] = '\0';
+ if (Conf_Oper[Conf_Oper_Count].mask) {
+ free(Conf_Oper[Conf_Oper_Count].mask );
+ Conf_Oper[Conf_Oper_Count].mask = NULL;
+ }
Conf_Oper_Count++;
}
continue;
LOCAL VOID
Handle_OPERATOR( INT Line, CHAR *Var, CHAR *Arg )
{
+ unsigned int len;
assert( Line > 0 );
assert( Var != NULL );
assert( Arg != NULL );
if( strlcpy( Conf_Oper[Conf_Oper_Count - 1].pwd, Arg, sizeof( Conf_Oper[Conf_Oper_Count - 1].pwd )) >= sizeof( Conf_Oper[Conf_Oper_Count - 1].pwd )) Config_Error_TooLong( Line, Var );
return;
}
-
+ if( strcasecmp( Var, "Mask" ) == 0 )
+ {
+ if (Conf_Oper[Conf_Oper_Count - 1].mask) return; /* Hostname already configured */
+ len = strlen( Arg ) + 1;
+ Conf_Oper[Conf_Oper_Count - 1].mask = malloc( len );
+ if (! Conf_Oper[Conf_Oper_Count - 1].mask) {
+ Config_Error( LOG_ERR, "%s, line %d: Cannot allocate memory for operator mask: %s", NGIRCd_ConfFile, Line, strerror(errno) );
+ return;
+ }
+
+ strlcpy( Conf_Oper[Conf_Oper_Count - 1].mask, Arg, len);
+ return;
+ }
Config_Error( LOG_ERR, "%s, line %d (section \"Operator\"): Unknown variable \"%s\"!", NGIRCd_ConfFile, Line, Var );
} /* Handle_OPERATOR */
blob - 93c8ebf0d241b320902281c355188f0ea0489cba
blob + 3c180160a2746a48cb050c17ed9ce541fde5e2cf
--- src/ngircd/conf.h
+++ src/ngircd/conf.h
* (at your option) any later version.
* Please read the file COPYING, README and AUTHORS for more information.
*
- * $Id: conf.h,v 1.30 2005/02/04 14:24:21 alex Exp $
+ * $Id: conf.h,v 1.31 2005/03/02 16:07:31 alex Exp $
*
* Configuration management (header)
*/
{
CHAR name[CLIENT_PASS_LEN]; /* Name (ID) of IRC operator */
CHAR pwd[CLIENT_PASS_LEN]; /* Password */
+ char *mask;
} CONF_OPER;
typedef struct _Conf_Server
blob - a113f1797f9fb9bb8a1ab320aa1c325235cd0c80
blob + f1824c9b5647869bf7657e2e5350516a2201ecc6
--- src/ngircd/irc-oper.c
+++ src/ngircd/irc-oper.c
#include "portab.h"
-static char UNUSED id[] = "$Id: irc-oper.c,v 1.17 2002/12/31 16:10:55 alex Exp $";
+static char UNUSED id[] = "$Id: irc-oper.c,v 1.18 2005/03/02 16:07:31 alex Exp $";
#include "imp.h"
#include <assert.h>
return IRC_WriteStrClient( Client, ERR_PASSWDMISMATCH_MSG, Client_ID( Client ));
}
+ /* Authorized Mask? */
+ if( Conf_Oper[i].mask && (! Match( Conf_Oper[i].mask, Client_Mask( Client ) ))) {
+ Log( LOG_WARNING, "Rejected valid OPER for \"%s\": Mask mismatch (got: \"%s\", want: \"%s\")!", Conf_Oper[i].name, Client_Mask( Client ), Conf_Oper[i].mask );
+ return IRC_WriteStrClient( Client, ERR_PASSWDMISMATCH_MSG, Client_ID( Client ));
+ }
+
+
if( ! Client_HasMode( Client, 'o' ))
{
/* noch kein o-Mode gesetzt */
