X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Firc-oper.c;h=e877213ef7629f14c0a10593e6c389d5b0bcd76d;hp=ee0a556349b3c113f5dd6841a01f42e9b9baabef;hb=02c8887543b298abcc7b79d752e22cbd34ea8069;hpb=eb9929e82c735100a0b432f878f83fce091eb636

diff --git a/src/ngircd/irc-oper.c b/src/ngircd/irc-oper.c
index ee0a5563..e877213e 100644
--- a/src/ngircd/irc-oper.c
+++ b/src/ngircd/irc-oper.c
@@ -47,7 +47,7 @@
 static bool
 Bad_OperPass(CLIENT *Client, char *errtoken, char *errmsg)
 {
-	Log(LOG_WARNING, "Got invalid OPER from \"%s\": \"%s\" -- %s!",
+	Log(LOG_ERR|LOG_snotice, "Got invalid OPER from \"%s\": \"%s\" -- %s!",
 	    Client_Mask(Client), errtoken, errmsg);
 	/* Increase penalty to slow down possible brute force attacks */
 	IRC_SetPenalty(Client, 10);
@@ -398,7 +398,16 @@ IRC_xLINE(CLIENT *Client, REQUEST *Req)
 		return IRC_WriteErrClient(Client, ERR_NEEDMOREPARAMS_MSG,
 					  Client_ID(Client), Req->command);
 
-	from = Op_Check(Client, Req);
+	if (!Conf_AllowRemoteOper && Client_Type(Client) == CLIENT_SERVER) {
+		/* Explicitely forbid remote servers to modify "x-lines" when
+		 * the "AllowRemoteOper" configuration option isn't set, even
+		 * when the command seems to originate from the remote server
+		 * itself: this prevents GLINE's to become set during server
+		 * handshake in this case (what wouldn't be possible during
+		 * regular runtime when a remote IRC Op sends the command). */
+		from = NULL;
+	} else
+		from = Op_Check(Client, Req);
 	if (!from)
 		return Op_NoPrivileges(Client, Req);