unrealircd- supernets unrealircd source & configuration |
git clone git://git.acid.vegas/unrealircd.git |
Log | Files | Refs | Archive | README | LICENSE |
securitygroup.c (4046B)
1 /* 2 * Extended ban to ban based on security groups such as "unknown-users" 3 * (C) Copyright 2020 Bram Matthys (Syzop) and the UnrealIRCd team 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation; either version 1, or (at your option) 8 * any later version. 9 * 10 * This program is distributed in the hope that it will be useful, 11 * but WITHOUT ANY WARRANTY; without even the implied warranty of 12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program; if not, write to the Free Software 17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 */ 19 #include "unrealircd.h" 20 21 ModuleHeader MOD_HEADER 22 = { 23 "extbans/securitygroup", 24 "4.2", 25 "ExtBan ~G - Ban based on security-group", 26 "UnrealIRCd Team", 27 "unrealircd-6", 28 }; 29 30 /* Forward declarations */ 31 const char *extban_securitygroup_conv_param(BanContext *b, Extban *extban); 32 int extban_securitygroup_is_ok(BanContext *b); 33 int extban_securitygroup_is_banned(BanContext *b); 34 35 Extban *register_securitygroup_extban(ModuleInfo *modinfo) 36 { 37 ExtbanInfo req; 38 39 memset(&req, 0, sizeof(req)); 40 req.letter = 'G'; 41 req.name = "security-group"; 42 req.conv_param = extban_securitygroup_conv_param; 43 req.is_ok = extban_securitygroup_is_ok; 44 req.is_banned = extban_securitygroup_is_banned; 45 req.is_banned_events = BANCHK_ALL|BANCHK_TKL; 46 req.options = EXTBOPT_INVEX|EXTBOPT_TKL; 47 return ExtbanAdd(modinfo->handle, req); 48 } 49 50 /** Called upon module test */ 51 MOD_TEST() 52 { 53 if (!register_securitygroup_extban(modinfo)) 54 { 55 config_error("could not register extended ban type ~G"); 56 return MOD_FAILED; 57 } 58 59 return MOD_SUCCESS; 60 } 61 62 /** Called upon module init */ 63 MOD_INIT() 64 { 65 if (!register_securitygroup_extban(modinfo)) 66 { 67 config_error("could not register extended ban type ~G"); 68 return MOD_FAILED; 69 } 70 71 MARK_AS_OFFICIAL_MODULE(modinfo); 72 73 return MOD_SUCCESS; 74 } 75 76 /** Called upon module load */ 77 MOD_LOAD() 78 { 79 return MOD_SUCCESS; 80 } 81 82 /** Called upon unload */ 83 MOD_UNLOAD() 84 { 85 return MOD_SUCCESS; 86 } 87 88 /* Helper function for extban_securitygroup_is_ok() and extban_securitygroup_conv_param() 89 * to do ban validation. 90 */ 91 int extban_securitygroup_generic(char *mask, int strict) 92 { 93 /* ! at the start means negative match */ 94 if (*mask == '!') 95 mask++; 96 97 /* Check if the rest of the security group name is valid */ 98 if (strict) 99 { 100 if (!security_group_exists(mask)) 101 return 0; /* security group does not exist */ 102 } else { 103 if (!security_group_valid_name(mask)) 104 return 0; /* invalid characters or too long */ 105 } 106 107 if (!*mask) 108 return 0; /* don't allow "~G:" nor "~G:!" */ 109 110 return 1; 111 } 112 113 int extban_securitygroup_is_ok(BanContext *b) 114 { 115 if (MyUser(b->client) && (b->what == MODE_ADD) && (b->is_ok_check == EXBCHK_PARAM)) 116 { 117 char banbuf[SECURITYGROUPLEN+8]; 118 strlcpy(banbuf, b->banstr, sizeof(banbuf)); 119 if (!extban_securitygroup_generic(banbuf, 1)) 120 { 121 SecurityGroup *s; 122 sendnotice(b->client, "ERROR: Unknown security-group '%s'. Syntax: +b ~G:securitygroup or +b ~G:!securitygroup", b->banstr); 123 sendnotice(b->client, "Available security groups:"); 124 for (s = securitygroups; s; s = s->next) 125 sendnotice(b->client, "%s", s->name); 126 sendnotice(b->client, "unknown-users"); 127 sendnotice(b->client, "End of security group list."); 128 return 0; 129 } 130 } 131 return 1; 132 } 133 134 /** Security group extban - conv_param */ 135 const char *extban_securitygroup_conv_param(BanContext *b, Extban *extban) 136 { 137 static char retbuf[SECURITYGROUPLEN + 8]; 138 139 strlcpy(retbuf, b->banstr, sizeof(retbuf)); 140 if (!extban_securitygroup_generic(retbuf, 0)) 141 return NULL; 142 143 return retbuf; 144 } 145 146 /** Is the user banned by ~G:something ? */ 147 int extban_securitygroup_is_banned(BanContext *b) 148 { 149 if (*b->banstr == '!') 150 return !user_allowed_by_security_group_name(b->client, b->banstr+1); 151 return user_allowed_by_security_group_name(b->client, b->banstr); 152 }