From 7d37795353e42bcf29b90308dc08fd4d0a508feb Mon Sep 17 00:00:00 2001 From: Bram Matthys Date: Mon, 23 Sep 2024 13:08:57 +0200 Subject: [PATCH] Don't list security groups by default, add 'public ' * [Security group blocks](https://www.unrealircd.org/docs/Security-group_block) are now hidden in lists by default. If you want the security group to be shown in things like `MODE #channel +b ~security-group:x` (which shows a list) then you need to use `public yes;`. The default security groups like known-users, webirc-users, etc. are public by default. --- doc/RELEASE-NOTES.md | 5 +++++ include/struct.h | 1 + src/modules/extbans/securitygroup.c | 3 ++- src/securitygroup.c | 15 +++++++++++++++ 4 files changed, 23 insertions(+), 1 deletion(-) diff --git a/doc/RELEASE-NOTES.md b/doc/RELEASE-NOTES.md index 9c48f2cc7..591a25481 100644 --- a/doc/RELEASE-NOTES.md +++ b/doc/RELEASE-NOTES.md @@ -55,6 +55,11 @@ in progress and may not always be a stable version. * Update shipped libraries: c-ares to 1.33.1 * Move +/- 1000 lines of code from core to modules (regarding throttling, maxperip, vhost, exit_client). +* [Security group blocks](https://www.unrealircd.org/docs/Security-group_block) + are now hidden in lists by default. If you want the security group to be shown + in things like `MODE #channel +b ~security-group:x` (which shows a list) + then you need to use `public yes;`. The default security groups + like known-users, webirc-users, etc. are public by default. ### Fixes: * In some circumstances users could hang during the handshake when diff --git a/include/struct.h b/include/struct.h index f94a2e06e..323628347 100644 --- a/include/struct.h +++ b/include/struct.h @@ -2198,6 +2198,7 @@ struct SecurityGroup { SecurityGroup *prev, *next; int priority; char name[SECURITYGROUPLEN+1]; + int public; NameValuePrioList *printable_list; int printable_list_counter; /* Include */ diff --git a/src/modules/extbans/securitygroup.c b/src/modules/extbans/securitygroup.c index 6b2423a17..34510a01a 100644 --- a/src/modules/extbans/securitygroup.c +++ b/src/modules/extbans/securitygroup.c @@ -122,7 +122,8 @@ int extban_securitygroup_is_ok(BanContext *b) sendnotice(b->client, "ERROR: Unknown security-group '%s'. Syntax: +b ~security-group:securitygroup or +b ~security-group:!securitygroup", b->banstr); sendnotice(b->client, "Available security groups:"); for (s = securitygroups; s; s = s->next) - sendnotice(b->client, "%s", s->name); + if (s->public) + sendnotice(b->client, "%s", s->name); sendnotice(b->client, "unknown-users"); sendnotice(b->client, "End of security group list."); return 0; diff --git a/src/securitygroup.c b/src/securitygroup.c index 59e2ead2f..27297f5ef 100644 --- a/src/securitygroup.c +++ b/src/securitygroup.c @@ -368,6 +368,12 @@ int _test_security_group(ConfigFile *conf, ConfigEntry *ce) for (cep = ce->items; cep; cep = cep->next) { + if (cep->name && !strcmp(cep->name, "public")) + { + } else + if (cep->name && !strcmp(cep->name, "priority")) + { + } else if (!test_match_item(conf, cep, &errors)) { config_error_unknown(cep->file->filename, cep->line_number, @@ -555,7 +561,12 @@ int _conf_security_group(ConfigFile *conf, ConfigEntry *ce) DelListItem(s, securitygroups); AddListItemPrio(s, securitygroups, s->priority); } else + if (cep->name && !strcmp(cep->name, "public")) + { + s->public = config_checkval(cep->value, CFG_YESNO); + } else { conf_match_item(conf, cep, &s); + } } return 1; } @@ -700,20 +711,24 @@ void set_security_group_defaults(void) /* Default group: webirc */ s = add_security_group("webirc-users", 50); + s->public = 1; s->webirc = 1; /* Default group: websocket */ s = add_security_group("websocket-users", 51); + s->public = 1; s->websocket = 1; /* Default group: known-users */ s = add_security_group("known-users", 100); + s->public = 1; s->identified = 1; s->reputation_score = 25; s->webirc = 0; /* Default group: tls-users */ s = add_security_group("tls-users", 300); + s->public = 1; s->tls = 1; }