mirror of
https://github.com/anope/anope.git
synced 2026-07-10 06:03:14 +02:00
Rip out ns_access and related code.
This is wildly insecure and has been disabled by default for at least a decade.
This commit is contained in:
@@ -76,14 +76,6 @@ bool WebCPanel::ChanServ::Set::OnRequest(HTTPProvider *server, const Anope::stri
|
||||
ci->Shrink<bool>("RESTRICTED");
|
||||
replacements["MESSAGES"] = "Restricted updated";
|
||||
}
|
||||
if (ci->HasExt("CS_SECURE") != message.post_data.count("secure"))
|
||||
{
|
||||
if (!ci->HasExt("CS_SECURE"))
|
||||
ci->Extend<bool>("CS_SECURE");
|
||||
else
|
||||
ci->Shrink<bool>("CS_SECURE");
|
||||
replacements["MESSAGES"] = "Secure updated";
|
||||
}
|
||||
if (ci->HasExt("SECUREOPS") != message.post_data.count("secureops"))
|
||||
{
|
||||
if (!ci->HasExt("SECUREOPS"))
|
||||
@@ -132,9 +124,6 @@ bool WebCPanel::ChanServ::Set::OnRequest(HTTPProvider *server, const Anope::stri
|
||||
if (ci->HasExt("RESTRICTED"))
|
||||
replacements["RESTRICTED"];
|
||||
|
||||
if (ci->HasExt("CS_SECURE"))
|
||||
replacements["SECURE"];
|
||||
|
||||
if (ci->HasExt("SECUREOPS"))
|
||||
replacements["SECUREOPS"];
|
||||
|
||||
|
||||
@@ -1,39 +0,0 @@
|
||||
/*
|
||||
* (C) 2003-2024 Anope Team
|
||||
* Contact us at team@anope.org
|
||||
*
|
||||
* Please read COPYING and README for further details.
|
||||
*/
|
||||
|
||||
#include "../../webcpanel.h"
|
||||
|
||||
WebCPanel::NickServ::Access::Access(const Anope::string &cat, const Anope::string &u) : WebPanelProtectedPage(cat, u)
|
||||
{
|
||||
}
|
||||
|
||||
bool WebCPanel::NickServ::Access::OnRequest(HTTPProvider *server, const Anope::string &page_name, HTTPClient *client, HTTPMessage &message, HTTPReply &reply, NickAlias *na, TemplateFileServer::Replacements &replacements)
|
||||
{
|
||||
if (message.post_data.count("access") > 0)
|
||||
{
|
||||
std::vector<Anope::string> params;
|
||||
params.emplace_back("ADD");
|
||||
params.push_back(message.post_data["access"]);
|
||||
|
||||
WebPanel::RunCommand(client, na->nc->display, na->nc, "NickServ", "nickserv/access", params, replacements);
|
||||
}
|
||||
else if (message.get_data.count("del") > 0 && message.get_data.count("mask") > 0)
|
||||
{
|
||||
std::vector<Anope::string> params;
|
||||
params.emplace_back("DEL");
|
||||
params.push_back(message.get_data["mask"]);
|
||||
|
||||
WebPanel::RunCommand(client, na->nc->display, na->nc, "NickServ", "nickserv/access", params, replacements);
|
||||
}
|
||||
|
||||
for (const auto &access : na->nc->access)
|
||||
replacements["ACCESS"] = access;
|
||||
|
||||
TemplateFileServer page("nickserv/access.html");
|
||||
page.Serve(server, page_name, client, message, reply, replacements);
|
||||
return true;
|
||||
}
|
||||
@@ -1,27 +0,0 @@
|
||||
/*
|
||||
* (C) 2003-2024 Anope Team
|
||||
* Contact us at team@anope.org
|
||||
*
|
||||
* Please read COPYING and README for further details.
|
||||
*/
|
||||
|
||||
#pragma once
|
||||
|
||||
namespace WebCPanel
|
||||
{
|
||||
|
||||
namespace NickServ
|
||||
{
|
||||
|
||||
class Access final
|
||||
: public WebPanelProtectedPage
|
||||
{
|
||||
public:
|
||||
Access(const Anope::string &cat, const Anope::string &u);
|
||||
|
||||
bool OnRequest(HTTPProvider *, const Anope::string &, HTTPClient *, HTTPMessage &, HTTPReply &, NickAlias *, TemplateFileServer::Replacements &) override;
|
||||
};
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -56,14 +56,6 @@ bool WebCPanel::NickServ::Info::OnRequest(HTTPProvider *server, const Anope::str
|
||||
na->nc->Shrink<bool>("NS_PRIVATE");
|
||||
replacements["MESSAGES"] = "Private updated";
|
||||
}
|
||||
if (na->nc->HasExt("NS_SECURE") != message.post_data.count("secure"))
|
||||
{
|
||||
if (!na->nc->HasExt("NS_SECURE"))
|
||||
na->nc->Extend<bool>("NS_SECURE");
|
||||
else
|
||||
na->nc->Shrink<bool>("NS_SECURE");
|
||||
replacements["MESSAGES"] = "Secure updated";
|
||||
}
|
||||
if (message.post_data["kill"] == "on" && !na->nc->HasExt("KILLPROTECT"))
|
||||
{
|
||||
na->nc->Extend<bool>("KILLPROTECT");
|
||||
@@ -102,8 +94,6 @@ bool WebCPanel::NickServ::Info::OnRequest(HTTPProvider *server, const Anope::str
|
||||
replacements["AUTOOP"];
|
||||
if (na->nc->HasExt("NS_PRIVATE"))
|
||||
replacements["PRIVATE"];
|
||||
if (na->nc->HasExt("NS_SECURE"))
|
||||
replacements["SECURE"];
|
||||
if (na->nc->HasExt("KILLPROTECT"))
|
||||
replacements["KILL_ON"];
|
||||
if (na->nc->HasExt("KILL_QUICK"))
|
||||
|
||||
@@ -64,10 +64,6 @@
|
||||
<td>Restricted</td>
|
||||
<td><input type="checkbox" name="restricted" value="on" {IF EXISTS RESTRICTED}checked{END IF}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Secure</td>
|
||||
<td><input type="checkbox" name="secure" value="on" {IF EXISTS SECURE}checked{END IF}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Secure Ops</td>
|
||||
<td><input type="checkbox" name="secureops" value="on" {IF EXISTS SECUREOPS}checked{END IF}></td>
|
||||
|
||||
@@ -1,42 +0,0 @@
|
||||
{INCLUDE header.html}
|
||||
<div class="panel-heading">Nick access list</div>
|
||||
<div class="panel-body">
|
||||
{FOR M IN MESSAGES}
|
||||
<div class="alert alert-info">
|
||||
{M}<br>
|
||||
</div>
|
||||
{END FOR}
|
||||
|
||||
{IF EXISTS ACCESS}
|
||||
<table id="tableNSAccess" class="table table-hover">
|
||||
<tbody>
|
||||
{FOR A IN ACCESS}
|
||||
<tr>
|
||||
<td class="col-lg-4">{A}</td>
|
||||
<td class="col-lg-8"><a href="/nickserv/access?mask={A}&del=1" class="btn btn-sm btn-danger">Delete</a></td>
|
||||
</tr>
|
||||
{END FOR}
|
||||
</tbody>
|
||||
</table>
|
||||
{ELSE}
|
||||
<em>Your access list is empty.</em>
|
||||
{END IF}
|
||||
|
||||
<hr>
|
||||
|
||||
<h4>Add an access entry</h4>
|
||||
<form class="form-horizontal" method="post" action="/nickserv/access">
|
||||
<div class="form-group">
|
||||
<label class="control-label col-lg-2" for="access">Hostmask:</label>
|
||||
<div class="col-lg-5">
|
||||
<input class="form-control" type="text" name="access" id="access" placeholder="Mask must be in the form user@host">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<div class="col-lg-offset-2 col-lg-5">
|
||||
<button type="submit" class="btn btn-primary">Add</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
{INCLUDE footer.html}
|
||||
@@ -48,10 +48,6 @@
|
||||
<td>Private:</td>
|
||||
<td><input type="checkbox" name="private" value="on" {IF EXISTS PRIVATE}checked{END IF}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Secure:</td>
|
||||
<td><input type="checkbox" name="secure" value="on" {IF EXISTS SECURE}checked{END IF}></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>Kill:</td>
|
||||
<td>
|
||||
|
||||
@@ -27,7 +27,6 @@ class ModuleWebCPanel final
|
||||
|
||||
WebCPanel::NickServ::Info nickserv_info;
|
||||
WebCPanel::NickServ::Cert nickserv_cert;
|
||||
WebCPanel::NickServ::Access nickserv_access;
|
||||
WebCPanel::NickServ::Alist nickserv_alist;
|
||||
WebCPanel::NickServ::Confirm nickserv_confirm;
|
||||
|
||||
@@ -51,7 +50,7 @@ public:
|
||||
id(this, "webcpanel_id"), ip(this, "webcpanel_ip"), last_login(this, "webcpanel_last_login"),
|
||||
style_css("style.css", "/static/style.css", "text/css"), logo_png("logo.png", "/static/logo.png", "image/png"), cubes_png("cubes.png", "/static/cubes.png", "image/png"), favicon_ico("favicon.ico", "/favicon.ico", "image/x-icon"),
|
||||
index("/"), logout("/logout"), _register("/register"), confirm("/confirm"),
|
||||
nickserv_info("NickServ", "/nickserv/info"), nickserv_cert("NickServ", "/nickserv/cert"), nickserv_access("NickServ", "/nickserv/access"), nickserv_alist("NickServ", "/nickserv/alist"), nickserv_confirm("NickServ", "/nickserv/confirm"),
|
||||
nickserv_info("NickServ", "/nickserv/info"), nickserv_cert("NickServ", "/nickserv/cert"), nickserv_alist("NickServ", "/nickserv/alist"), nickserv_confirm("NickServ", "/nickserv/confirm"),
|
||||
chanserv_info("ChanServ", "/chanserv/info"), chanserv_set("ChanServ", "/chanserv/set"), chanserv_access("ChanServ", "/chanserv/access"), chanserv_akick("ChanServ", "/chanserv/akick"),
|
||||
chanserv_modes("ChanServ", "/chanserv/modes"), chanserv_drop("ChanServ", "/chanserv/drop"), memoserv_memos("MemoServ", "/memoserv/memos"), hostserv_request("HostServ", "/hostserv/request"),
|
||||
operserv_akill("OperServ", "/operserv/akill")
|
||||
@@ -99,11 +98,6 @@ public:
|
||||
provider->RegisterPage(&this->nickserv_cert);
|
||||
}
|
||||
|
||||
ss.name = "Access";
|
||||
ss.url = "/nickserv/access";
|
||||
s.subsections.push_back(ss);
|
||||
provider->RegisterPage(&this->nickserv_access);
|
||||
|
||||
ss.name = "AList";
|
||||
ss.url = "/nickserv/alist";
|
||||
s.subsections.push_back(ss);
|
||||
@@ -219,7 +213,6 @@ public:
|
||||
|
||||
provider->UnregisterPage(&this->nickserv_info);
|
||||
provider->UnregisterPage(&this->nickserv_cert);
|
||||
provider->UnregisterPage(&this->nickserv_access);
|
||||
provider->UnregisterPage(&this->nickserv_alist);
|
||||
provider->UnregisterPage(&this->nickserv_confirm);
|
||||
|
||||
|
||||
@@ -170,7 +170,6 @@ namespace WebPanel
|
||||
|
||||
#include "pages/nickserv/info.h"
|
||||
#include "pages/nickserv/cert.h"
|
||||
#include "pages/nickserv/access.h"
|
||||
#include "pages/nickserv/alist.h"
|
||||
#include "pages/nickserv/confirm.h"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user