diff options
| author | 2026-03-04 21:11:16 +0000 | |
|---|---|---|
| committer | 2026-03-04 21:11:16 +0000 | |
| commit | 4ad8a917490606b79f9d6b69e579a51934237322 (patch) | |
| tree | 37b93a1b00611beb6293d4fbd7df22b2a3563e7d /src/modules/m_sslmodes.cpp | |
| parent | Add a validation hook for extbans. (diff) | |
| download | inspircd++-4ad8a917490606b79f9d6b69e579a51934237322.tar.gz inspircd++-4ad8a917490606b79f9d6b69e579a51934237322.tar.bz2 inspircd++-4ad8a917490606b79f9d6b69e579a51934237322.zip | |
Prevent non-opers from using extban z when <sslinfo:operonly> is set.
Diffstat (limited to 'src/modules/m_sslmodes.cpp')
| -rw-r--r-- | src/modules/m_sslmodes.cpp | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp index d3225f6a5..8621c61d1 100644 --- a/src/modules/m_sslmodes.cpp +++ b/src/modules/m_sslmodes.cpp @@ -48,6 +48,8 @@ private: UserCertificateAPI& sslapi; public: + bool operonly; + FingerprintExtBan(Module* Creator, UserCertificateAPI& api) : ExtBan::MatchingBase(Creator, "fingerprint", 'z') , sslapi(api) @@ -66,6 +68,17 @@ public: } return false; } + + bool Validate(ListModeBase* lm, LocalUser* user, Channel* channel, std::string& text, bool inverted) override + { + if (operonly && !user->IsOper()) + { + // XXX: this has to match the check in sslinfo. + user->WriteNumeric(ERR_NOPRIVILEGES, "Permission Denied - You do not have the required operator privileges"); + return false; + } + return true; + } }; /** Handle channel mode +z @@ -177,6 +190,12 @@ public: { } + void ReadConfig(ConfigStatus& status) override + { + const auto& tag = ServerInstance->Config->ConfValue("sslinfo"); + extban.operonly = tag->getBool("operonly"); + } + ModResult OnUserPreJoin(LocalUser* user, Channel* chan, const std::string& cname, std::string& privs, const std::string& keygiven, bool override) override { if (!override && chan && chan->IsModeSet(sslm)) |
