commit 9f58418765576950983b4a95c4f5f71f068f424f from: Alexander Barton date: Sun Jan 17 13:20:07 2010 UTC Implemented new "secure clients only" channel mode: +z Only clients using a SSL encrypted connection to the server are allowed to join such a channel. But please note three things: a) already joined clients are not checked when setting this mode, b) IRC operators are always allowed to join every channel, and c) remote clients using a server not supporting this mode are not checked either and therefore always allowed to join. commit - ef157715a00f565c8e17cf5618eb437b2df6d4bc commit + 9f58418765576950983b4a95c4f5f71f068f424f blob - 5a0a9dd5a7001f6defbdb6359bc2ef5cfb0da834 blob + 3457312b2d593f81c7cc1926bb31594595614c90 --- NEWS +++ NEWS @@ -1,7 +1,7 @@ ngIRCd - Next Generation IRC Server - (c)2001-2009 Alexander Barton, + (c)2001-2010 Alexander Barton, alex@barton.de, http://www.barton.de/ ngIRCd is free software and published under the @@ -9,6 +9,16 @@ -- NEWS -- + +ngIRCd Release 16 + + - A new channel mode "secure connections only" (+z) has been implemented: + Only clients using a SSL encrypted connection to the server are allowed + to join such a channel. + But please note three things: a) already joined clients are not checked + when setting this mode, b) IRC operators are always allowed to join + every channel, and c) remote clients using a server not supporting this + mode are not checked either and therefore always allowed to join. ngIRCd Release 15 (2009-11-07) blob - 010dd8ea4ee84ff906768f69c1b8eb5a1102f54c blob + 94c7dd1e92a393ae24478cb037af1755cb25e334 --- src/ngircd/defines.h +++ src/ngircd/defines.h @@ -81,7 +81,7 @@ in seconds. */ #define USERMODES "aiorsw" /* Supported user modes. */ -#define CHANMODES "biIklmnoPstv" /* Supported channel modes. */ +#define CHANMODES "biIklmnoPstvz" /* Supported channel modes. */ #define CONNECTED true /* Internal status codes. */ #define DISCONNECTED false blob - 010be3520d42b42f366e3bdabde946334cc48957 blob + 1014d3aa469f4b158b2e66842def42a66fba6878 --- src/ngircd/irc-channel.c +++ src/ngircd/irc-channel.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2010 Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -93,7 +93,7 @@ join_allowed(CLIENT *Client, CHANNEL *chan, const char } channel_modes = Channel_Modes(chan); - if ((strchr(channel_modes, 'i')) && !is_invited) { + if (strchr(channel_modes, 'i') && !is_invited) { /* Channel is "invite-only" and client is not on invite list */ IRC_WriteStrClient(Client, ERR_INVITEONLYCHAN_MSG, Client_ID(Client), channame); @@ -108,10 +108,18 @@ join_allowed(CLIENT *Client, CHANNEL *chan, const char return false; } - if ((strchr(channel_modes, 'l')) && + if (strchr(channel_modes, 'l') && (Channel_MaxUsers(chan) <= Channel_MemberCount(chan))) { /* There are more clints joined to this channel than allowed */ IRC_WriteStrClient(Client, ERR_CHANNELISFULL_MSG, + Client_ID(Client), channame); + return false; + } + + if (strchr(channel_modes, 'z') && !Conn_UsesSSL(Client_Conn(Client))) { + /* Only "secure" clients are allowed, but clients doesn't + * use SSL encryption */ + IRC_WriteStrClient(Client, ERR_SECURECHANNEL_MSG, Client_ID(Client), channame); return false; } blob - 9509fb012bc615114cc9cd7dff97adbabdf01ad0 blob + d22d32f01acc3c82a787ecc375a6fe041cc57e39 --- src/ngircd/irc-mode.c +++ src/ngircd/irc-mode.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2008 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2010 Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -401,6 +401,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Ori case 'n': /* Only members can write */ case 's': /* Secret channel */ case 't': /* Topic locked */ + case 'z': /* Secure connections only */ if (modeok) x[0] = *mode_ptr; else blob - 59c6cdb91623aae327671252da3e77dd08387feb blob + e15bf166e3ff0bf80a8a317a72490734eeb13802 --- src/ngircd/messages.h +++ src/ngircd/messages.h @@ -113,6 +113,7 @@ #define ERR_ALREADYREGISTRED_MSG "462 %s :Connection already registered" #define ERR_PASSWDMISMATCH_MSG "464 %s :Invalid password" #define ERR_CHANNELISFULL_MSG "471 %s %s :Cannot join channel (+l)" +#define ERR_SECURECHANNEL_MSG "471 %s %s :Cannot join channel (+z)" #define ERR_UNKNOWNMODE_MSG "472 %s: %c :is unknown mode char for %s" #define ERR_INVITEONLYCHAN_MSG "473 %s %s :Cannot join channel (+i)" #define ERR_BANNEDFROMCHAN_MSG "474 %s %s :Cannot join channel (+b)"