mirror of
https://github.com/anope/anope.git
synced 2026-07-01 10:06:37 +02:00
Rip out ns_access and related code.
This is wildly insecure and has been disabled by default for at least a decade.
This commit is contained in:
@@ -61,8 +61,6 @@ NickCore::~NickCore()
|
||||
if (this->id)
|
||||
NickCoreIdList.erase(this->id);
|
||||
|
||||
this->ClearAccess();
|
||||
|
||||
if (!this->memos.memos->empty())
|
||||
{
|
||||
for (unsigned i = 0, end = this->memos.memos->size(); i < end; ++i)
|
||||
@@ -78,8 +76,6 @@ void NickCore::Serialize(Serialize::Data &data) const
|
||||
data["pass"] << this->pass;
|
||||
data["email"] << this->email;
|
||||
data["language"] << this->language;
|
||||
for (const auto &mask : this->access)
|
||||
data["access"] << mask << " ";
|
||||
data["memomax"] << this->memos.memomax;
|
||||
for (const auto &ignore : this->memos.ignores)
|
||||
data["memoignores"] << ignore << " ";
|
||||
@@ -104,14 +100,6 @@ Serializable *NickCore::Unserialize(Serializable *obj, Serialize::Data &data)
|
||||
data["pass"] >> nc->pass;
|
||||
data["email"] >> nc->email;
|
||||
data["language"] >> nc->language;
|
||||
{
|
||||
Anope::string buf;
|
||||
data["access"] >> buf;
|
||||
spacesepstream sep(buf);
|
||||
nc->access.clear();
|
||||
while (sep.GetToken(buf))
|
||||
nc->access.push_back(buf);
|
||||
}
|
||||
data["memomax"] >> nc->memos.memomax;
|
||||
{
|
||||
Anope::string buf;
|
||||
@@ -127,10 +115,6 @@ Serializable *NickCore::Unserialize(Serializable *obj, Serialize::Data &data)
|
||||
/* compat */
|
||||
bool b;
|
||||
b = false;
|
||||
data["extensible:SECURE"] >> b;
|
||||
if (b)
|
||||
nc->Extend<bool>("NS_SECURE");
|
||||
b = false;
|
||||
data["extensible:PRIVATE"] >> b;
|
||||
if (b)
|
||||
nc->Extend<bool>("NS_PRIVATE");
|
||||
@@ -187,69 +171,6 @@ bool NickCore::IsServicesOper() const
|
||||
return this->o != NULL;
|
||||
}
|
||||
|
||||
void NickCore::AddAccess(const Anope::string &entry)
|
||||
{
|
||||
this->access.push_back(entry);
|
||||
FOREACH_MOD(OnNickAddAccess, (this, entry));
|
||||
}
|
||||
|
||||
Anope::string NickCore::GetAccess(unsigned entry) const
|
||||
{
|
||||
if (this->access.empty() || entry >= this->access.size())
|
||||
return "";
|
||||
return this->access[entry];
|
||||
}
|
||||
|
||||
unsigned NickCore::GetAccessCount() const
|
||||
{
|
||||
return this->access.size();
|
||||
}
|
||||
|
||||
bool NickCore::FindAccess(const Anope::string &entry)
|
||||
{
|
||||
for (const auto &mask : this->access)
|
||||
{
|
||||
if (mask == entry)
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
void NickCore::EraseAccess(const Anope::string &entry)
|
||||
{
|
||||
for (unsigned i = 0, end = this->access.size(); i < end; ++i)
|
||||
if (this->access[i] == entry)
|
||||
{
|
||||
FOREACH_MOD(OnNickEraseAccess, (this, entry));
|
||||
this->access.erase(this->access.begin() + i);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
void NickCore::ClearAccess()
|
||||
{
|
||||
FOREACH_MOD(OnNickClearAccess, (this));
|
||||
this->access.clear();
|
||||
}
|
||||
|
||||
bool NickCore::IsOnAccess(const User *u) const
|
||||
{
|
||||
Anope::string buf = u->GetIdent() + "@" + u->host, buf2, buf3;
|
||||
if (!u->vhost.empty())
|
||||
buf2 = u->GetIdent() + "@" + u->vhost;
|
||||
if (!u->GetCloakedHost().empty())
|
||||
buf3 = u->GetIdent() + "@" + u->GetCloakedHost();
|
||||
|
||||
for (unsigned i = 0, end = this->access.size(); i < end; ++i)
|
||||
{
|
||||
Anope::string a = this->GetAccess(i);
|
||||
if (Anope::Match(buf, a) || (!buf2.empty() && Anope::Match(buf2, a)) || (!buf3.empty() && Anope::Match(buf3, a)))
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
void NickCore::AddChannelReference(ChannelInfo *ci)
|
||||
{
|
||||
++(*this->chanaccess)[ci];
|
||||
|
||||
+1
-13
@@ -268,10 +268,6 @@ Serializable *ChannelInfo::Unserialize(Serializable *obj, Serialize::Data &data)
|
||||
/* compat */
|
||||
bool b;
|
||||
b = false;
|
||||
data["extensible:SECURE"] >> b;
|
||||
if (b)
|
||||
ci->Extend<bool>("CS_SECURE");
|
||||
b = false;
|
||||
data["extensible:PRIVATE"] >> b;
|
||||
if (b)
|
||||
ci->Extend<bool>("CS_PRIVATE");
|
||||
@@ -423,18 +419,10 @@ AccessGroup ChannelInfo::AccessFor(const User *u, bool updateLastUsed)
|
||||
if (u == NULL)
|
||||
return group;
|
||||
|
||||
const NickCore *nc = u->Account();
|
||||
if (nc == NULL && !this->HasExt("NS_SECURE") && u->IsRecognized())
|
||||
{
|
||||
const NickAlias *na = NickAlias::Find(u->nick);
|
||||
if (na != NULL)
|
||||
nc = na->nc;
|
||||
}
|
||||
|
||||
group.super_admin = u->super_admin;
|
||||
group.founder = IsFounder(u, this);
|
||||
group.ci = this;
|
||||
group.nc = nc;
|
||||
group.nc = u->Account();
|
||||
|
||||
FindMatches(group, this, u, u->Account());
|
||||
|
||||
|
||||
+3
-25
@@ -40,7 +40,6 @@ User::User(const Anope::string &snick, const Anope::string &sident, const Anope:
|
||||
quit = false;
|
||||
server = NULL;
|
||||
invalid_pw_count = invalid_pw_time = lastmemosend = lastnickreg = lastmail = 0;
|
||||
on_access = false;
|
||||
|
||||
this->nick = snick;
|
||||
this->ident = sident;
|
||||
@@ -153,7 +152,7 @@ void User::ChangeNick(const Anope::string &newnick, time_t ts)
|
||||
else
|
||||
{
|
||||
NickAlias *old_na = NickAlias::Find(this->nick);
|
||||
if (old_na && (this->IsIdentified(true) || this->IsRecognized()))
|
||||
if (old_na && this->IsIdentified(true))
|
||||
old_na->last_seen = Anope::CurTime;
|
||||
|
||||
UserListByNick.erase(this->nick);
|
||||
@@ -169,11 +168,7 @@ void User::ChangeNick(const Anope::string &newnick, time_t ts)
|
||||
}
|
||||
other = this;
|
||||
|
||||
on_access = false;
|
||||
NickAlias *na = NickAlias::Find(this->nick);
|
||||
if (na)
|
||||
on_access = na->nc->IsOnAccess(this);
|
||||
|
||||
if (na && na->nc == this->Account())
|
||||
{
|
||||
na->last_seen = Anope::CurTime;
|
||||
@@ -282,7 +277,7 @@ void User::SetRealname(const Anope::string &srealname)
|
||||
this->realname = srealname;
|
||||
NickAlias *na = NickAlias::Find(this->nick);
|
||||
|
||||
if (na && (this->IsIdentified(true) || this->IsRecognized()))
|
||||
if (na && this->IsIdentified(true))
|
||||
na->last_realname = srealname;
|
||||
|
||||
Log(this, "realname") << "changed realname to " << srealname;
|
||||
@@ -446,19 +441,6 @@ bool User::IsIdentified(bool check_nick) const
|
||||
return this->nc;
|
||||
}
|
||||
|
||||
bool User::IsRecognized(bool check_secure) const
|
||||
{
|
||||
if (check_secure && on_access)
|
||||
{
|
||||
const NickAlias *na = NickAlias::Find(this->nick);
|
||||
|
||||
if (!na || na->nc->HasExt("NS_SECURE"))
|
||||
return false;
|
||||
}
|
||||
|
||||
return on_access;
|
||||
}
|
||||
|
||||
bool User::IsSecurelyConnected() const
|
||||
{
|
||||
return HasMode("SSL") || HasExt("ssl");
|
||||
@@ -530,11 +512,7 @@ void User::UpdateHost()
|
||||
return;
|
||||
|
||||
NickAlias *na = NickAlias::Find(this->nick);
|
||||
on_access = false;
|
||||
if (na)
|
||||
on_access = na->nc->IsOnAccess(this);
|
||||
|
||||
if (na && (this->IsIdentified(true) || this->IsRecognized()))
|
||||
if (na && this->IsIdentified(true))
|
||||
{
|
||||
Anope::string last_usermask = this->GetIdent() + "@" + this->GetDisplayedHost();
|
||||
Anope::string last_realhost = this->GetIdent() + "@" + this->host;
|
||||
|
||||
Reference in New Issue
Block a user