From: Alexander Barton Date: Sun, 13 Apr 2008 14:39:08 +0000 (+0200) Subject: New configuration option "AllowRemoteOper" X-Git-Tag: rel-15-rc1~18 X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=commitdiff_plain;h=f78b0c61e967c66386803a3dc77069c66bd664de New configuration option "AllowRemoteOper" Added new configuration option "AllowRemoteOper" to control whether remote IRC operators are allowed to use administrative commands that affect this server or not This commit introduces the configuration variable, but actually no function is using it. That's up for the next patches to come ... --- diff --git a/doc/sample-ngircd.conf b/doc/sample-ngircd.conf index 0d0061bc..b945224e 100644 --- a/doc/sample-ngircd.conf +++ b/doc/sample-ngircd.conf @@ -115,6 +115,10 @@ # server? (This is a compatibility hack for ircd-irc2 servers) ;OperServerMode = no + # Are remote IRC operators allowed to control this server, e. g. + # use commands like CONNECT, SQUIT, DIE, ...? + ;AllowRemoteOper = no + # Allow Pre-Defined Channels only (see Section [Channels]) ;PredefChannelsOnly = no diff --git a/man/ngircd.conf.5.tmpl b/man/ngircd.conf.5.tmpl index a725af65..d9e6f462 100644 --- a/man/ngircd.conf.5.tmpl +++ b/man/ngircd.conf.5.tmpl @@ -179,6 +179,11 @@ If \fBOperCanUseMode\fR is enabled, this may lead the compatibility problems wit Servers that run the ircd-irc2 Software. This Option "masks" mode requests by non-chanops as if they were coming from the server. Default: no. .TP +\fBAllowRemoteOper\fR +Are IRC operators connected to remote servers allowed to control this server, +e. g. are they allowed to use administrative commands like CONNECT, DIE, +SQUIT, ... that affect this server? Default: no. +.TP \fBPredefChannelsOnly\fR If enabled, no new channels can be created. Useful if you do not want to have channels other than those defined in diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index c50f8f9f..c728d55f 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -263,7 +263,6 @@ Conf_Test( void ) printf( " PidFile = %s\n", Conf_PidFile); printf(" Listen = %s\n", Conf_ListenAddress); fputs(" Ports = ", stdout); - ports_puts(&Conf_ListenPorts); #ifdef SSL_SUPPORT fputs(" SSLPorts = ", stdout); @@ -272,29 +271,34 @@ Conf_Test( void ) config_valid = false; #endif - pwd = getpwuid( Conf_UID ); - if( pwd ) printf( " ServerUID = %s\n", pwd->pw_name ); - else printf( " ServerUID = %ld\n", (long)Conf_UID ); - grp = getgrgid( Conf_GID ); - if( grp ) printf( " ServerGID = %s\n", grp->gr_name ); - else printf( " ServerGID = %ld\n", (long)Conf_GID ); - printf( " PingTimeout = %d\n", Conf_PingTimeout ); - printf( " PongTimeout = %d\n", Conf_PongTimeout ); - printf( " ConnectRetry = %d\n", Conf_ConnectRetry ); - printf( " OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); - printf( " OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); - printf( " PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly)); - printf( " NoDNS = %s\n", yesno_to_str(Conf_NoDNS)); - printf( " NoIdent = %s\n", yesno_to_str(Conf_NoIdent)); + pwd = getpwuid(Conf_UID); + if (pwd) + printf(" ServerUID = %s\n", pwd->pw_name); + else + printf(" ServerUID = %ld\n", (long)Conf_UID); + grp = getgrgid(Conf_GID); + if (grp) + printf(" ServerGID = %s\n", grp->gr_name); + else + printf(" ServerGID = %ld\n", (long)Conf_GID); + printf(" PingTimeout = %d\n", Conf_PingTimeout); + printf(" PongTimeout = %d\n", Conf_PongTimeout); + printf(" ConnectRetry = %d\n", Conf_ConnectRetry); + printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); + printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); + printf(" AllowRemoteOper = %s\n", yesno_to_str(Conf_AllowRemoteOper)); + printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly)); + printf(" NoDNS = %s\n", yesno_to_str(Conf_NoDNS)); + printf(" NoIdent = %s\n", yesno_to_str(Conf_NoIdent)); #ifdef WANT_IPV6 printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6)); printf(" ConnectIPv6 = %s\n", yesno_to_str(Conf_ConnectIPv4)); #endif - printf( " MaxConnections = %ld\n", Conf_MaxConnections); - printf( " MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP); - printf( " MaxJoins = %d\n", Conf_MaxJoins>0 ? Conf_MaxJoins : -1); - printf( " MaxNickLength = %u\n\n", Conf_MaxNickLength - 1); + printf(" MaxConnections = %ld\n", Conf_MaxConnections); + printf(" MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP); + printf(" MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1); + printf(" MaxNickLength = %u\n\n", Conf_MaxNickLength - 1); for( i = 0; i < Conf_Oper_Count; i++ ) { if( ! Conf_Oper[i].name[0] ) continue; @@ -511,47 +515,47 @@ Conf_IsService(int ConfServer, const char *Nick) } /* Conf_IsService */ +/** + * Initialize configuration settings with their default values. + */ static void -Set_Defaults( bool InitServers ) +Set_Defaults(bool InitServers) { - /* Initialize configuration variables with default values. */ - int i; - strcpy( Conf_ServerName, "" ); - snprintf( Conf_ServerInfo, sizeof Conf_ServerInfo, "%s %s", PACKAGE_NAME, PACKAGE_VERSION ); - strcpy( Conf_ServerPwd, "" ); - - strcpy( Conf_ServerAdmin1, "" ); - strcpy( Conf_ServerAdmin2, "" ); - strcpy( Conf_ServerAdminMail, "" ); - - strlcpy( Conf_MotdFile, SYSCONFDIR, sizeof( Conf_MotdFile )); - strlcat( Conf_MotdFile, MOTD_FILE, sizeof( Conf_MotdFile )); + strcpy(Conf_ServerName, ""); + snprintf(Conf_ServerInfo, sizeof Conf_ServerInfo, "%s %s", + PACKAGE_NAME, PACKAGE_VERSION); + strcpy(Conf_ServerPwd, ""); - strlcpy( Conf_MotdPhrase, MOTD_PHRASE, sizeof( Conf_MotdPhrase )); + strcpy(Conf_ServerAdmin1, ""); + strcpy(Conf_ServerAdmin2, ""); + strcpy(Conf_ServerAdminMail, ""); - strlcpy( Conf_Chroot, CHROOT_DIR, sizeof( Conf_Chroot )); + strlcpy(Conf_MotdFile, SYSCONFDIR, sizeof(Conf_MotdFile)); + strlcat(Conf_MotdFile, MOTD_FILE, sizeof(Conf_MotdFile)); + strlcpy(Conf_MotdPhrase, MOTD_PHRASE, sizeof(Conf_MotdPhrase)); - strlcpy( Conf_PidFile, PID_FILE, sizeof( Conf_PidFile )); + Conf_UID = Conf_GID = 0; + strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot)); + strlcpy(Conf_PidFile, PID_FILE, sizeof(Conf_PidFile)); free(Conf_ListenAddress); Conf_ListenAddress = NULL; - Conf_UID = Conf_GID = 0; Conf_PingTimeout = 120; Conf_PongTimeout = 20; - Conf_ConnectRetry = 60; + Conf_NoDNS = false; + Conf_NoIdent = false; Conf_Oper_Count = 0; Conf_Channel_Count = 0; Conf_OperCanMode = false; - Conf_NoDNS = false; - Conf_NoIdent = false; - Conf_PredefChannelsOnly = false; Conf_OperServerMode = false; + Conf_AllowRemoteOper = false; + Conf_PredefChannelsOnly = false; Conf_ConnectIPv4 = true; Conf_ConnectIPv6 = true; @@ -562,7 +566,10 @@ Set_Defaults( bool InitServers ) Conf_MaxNickLength = CLIENT_NICK_LEN_DEFAULT; /* Initialize server configuration structures */ - if( InitServers ) for( i = 0; i < MAX_SERVERS; Init_Server_Struct( &Conf_Server[i++] )); + if (InitServers) { + for (i = 0; i < MAX_SERVERS; + Init_Server_Struct(&Conf_Server[i++])); + } } /* Set_Defaults */ @@ -974,6 +981,11 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) Conf_OperServerMode = Check_ArgIsTrue( Arg ); return; } + if(strcasecmp(Var, "AllowRemoteOper") == 0) { + /* Are remote IRC operators allowed to control this server? */ + Conf_AllowRemoteOper = Check_ArgIsTrue(Arg); + return; + } if( strcasecmp( Var, "MaxConnections" ) == 0 ) { /* Maximum number of connections. 0 -> "no limit". */ #ifdef HAVE_ISDIGIT diff --git a/src/ngircd/conf.h b/src/ngircd/conf.h index 9bdecdee..2308e4cb 100644 --- a/src/ngircd/conf.h +++ b/src/ngircd/conf.h @@ -140,6 +140,14 @@ GLOBAL bool Conf_PredefChannelsOnly; /* Are IRC operators allowed to always use MODE? */ GLOBAL bool Conf_OperCanMode; +/* If an IRC op gives chanop privileges without being a chanop, + * ircd2 will ignore the command. This enables a workaround: + * It masks the command as coming from the server */ +GLOBAL bool Conf_OperServerMode; + +/* Are remote IRC operators allowed to manage this server? */ +GLOBAL bool Conf_AllowRemoteOper; + /* Disable all DNS functions? */ GLOBAL bool Conf_NoDNS; @@ -155,11 +163,6 @@ GLOBAL bool Conf_ConnectIPv6; /* same as above, but for ipv4 hosts, default: yes */ GLOBAL bool Conf_ConnectIPv4; -/* If an IRC op gives chanop privileges without being a chanop, - * ircd2 will ignore the command. This enables a workaround: - * It masks the command as coming from the server */ -GLOBAL bool Conf_OperServerMode; - /* Maximum number of connections to this server */ GLOBAL long Conf_MaxConnections;