unrealircd

- supernets unrealircd source & configuration
git clone git://git.acid.vegas/unrealircd.git
Log | Files | Refs | Archive | README | LICENSE

secureonlymsg.c (2808B)

      1 /*
      2  * Recieve private messages only from TLS users (User mode +Z)
      3  * (C) Copyright 2000-.. Bram Matthys (Syzop) and the UnrealIRCd team
      4  * Idea from "Stealth" <stealth@x-tab.org>
      5  *
      6  * This program is free software; you can redistribute it and/or modify
      7  * it under the terms of the GNU General Public License as published by
      8  * the Free Software Foundation; either version 1, or (at your option)
      9  * any later version.
     10  *
     11  * This program is distributed in the hope that it will be useful,
     12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
     13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     14  * GNU General Public License for more details.
     15  *
     16  * You should have received a copy of the GNU General Public License
     17  * along with this program; if not, write to the Free Software
     18  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
     19  */
     20 
     21 #include "unrealircd.h"
     22 
     23 #define IsSecureOnlyMsg(client)    (client->umodes & UMODE_SECUREONLYMSG)
     24 
     25 /* Module header */
     26 ModuleHeader MOD_HEADER
     27   = {
     28 	"usermodes/secureonlymsg",
     29 	"4.2",
     30 	"User Mode +Z",
     31 	"UnrealIRCd Team",
     32 	"unrealircd-6",
     33     };
     34 
     35 /* Global variables */
     36 long UMODE_SECUREONLYMSG = 0L;
     37 
     38 /* Forward declarations */
     39 int secureonlymsg_can_send_to_user(Client *client, Client *target, const char **text, const char **errmsg, SendType sendtype);
     40                     
     41 MOD_INIT()
     42 {
     43 	UmodeAdd(modinfo->handle, 'Z', UMODE_GLOBAL, 0, umode_allow_all, &UMODE_SECUREONLYMSG);
     44 	
     45 	HookAdd(modinfo->handle, HOOKTYPE_CAN_SEND_TO_USER, 0, secureonlymsg_can_send_to_user);
     46 	
     47 	MARK_AS_OFFICIAL_MODULE(modinfo);
     48 	return MOD_SUCCESS;
     49 }
     50 
     51 MOD_LOAD()
     52 {
     53 	return MOD_SUCCESS;
     54 }
     55 
     56 MOD_UNLOAD()
     57 {
     58 	return MOD_SUCCESS;
     59 }
     60 
     61 int secureonlymsg_can_send_to_user(Client *client, Client *target, const char **text, const char **errmsg, SendType sendtype)
     62 {
     63 	if (IsSecureOnlyMsg(target) && !IsServer(client) && !IsULine(client) && !IsSecureConnect(client))
     64 	{
     65 		if (ValidatePermissionsForPath("client:override:message:secureonlymsg",client,target,NULL,text?*text:NULL))
     66 			return HOOK_CONTINUE; /* bypass this restriction */
     67 
     68 		*errmsg = "You must be connected via TLS to message this user";
     69 		return HOOK_DENY;
     70 	} else
     71 	if (IsSecureOnlyMsg(client) && !IsSecureConnect(target) && !IsULine(target))
     72 	{
     73 		if (ValidatePermissionsForPath("client:override:message:secureonlymsg",client,target,NULL,text?*text:NULL))
     74 			return HOOK_CONTINUE; /* bypass this restriction */
     75 		
     76 		/* Similar to above but in this case we are +Z and are trying to message
     77 		 * a secure user (who does not have +Z set, note the 'else'). This does not
     78 		 * make sense since they could never message back to us. Better block the
     79 		 * message than leave the user confused.
     80 		 */
     81 		*errmsg = "Recipient is not connected via TLS and you are +Z";
     82 		return HOOK_DENY;
     83 	}
     84 
     85 	return HOOK_CONTINUE;
     86 }