GanneffServ: make it possible to not kill irccloud #50
Conversation
jsoref
force-pushed
the
akill-downgrade-clusters
branch
from
aca1729
to
6fe3639
Compare
jsoref
force-pushed
the
akill-downgrade-clusters
branch
2 times, most recently
from
01f5a1c
to
08ed923
Compare
Without this, anyone using irccloud (or a similar service) can get all other users k:lined by tripping on a trap (J). With this, they should be treated like a tor user (getting themselves killed).
jsoref
force-pushed
the
akill-downgrade-clusters
branch
from
08ed923
to
9458c5b
Compare
| @@ -326,7 +391,7 @@ def BADSERV(client, parv = []) | |||
| debug(LOG_DEBUG, "#{client.name} called BADSERV and the parms are #{parv.join(",")}") | |||
| server = parv[1].downcase | |||
|
|
|||
| if server =~ /.*\.oftc.net$/ | |||
| if server =~ /.*\.oftc\.net$/ | |||
There was a problem hiding this comment.
This is unrelated, but included because I was thinking about regular expressions while working on this file. It's an outlier in this file, everything else included the \.
Add a unique index so Postgres will enforce unique constraints Co-authored-by: Doug Freed <[email protected]>
jsoref
changed the title
| ret = akill_add("*@#{host}", reason, @akill_duration) | ||
| if client.host =~ /#{@protected_patterns}/i # if protected hosts | ||
| debug(LOG_DEBUG, "Using /kill instead of AKILL for protected user #{client.name}") | ||
| ret = kill_user(client, reason) |
There was a problem hiding this comment.
This leaks the oper reason; kills don't hide oper reasons like akills do; easy fix is to just put this section as a branch in the enclosing if
| pattern = irc_pattern_to_regex(requested_pattern) | ||
| reason = parv[2] | ||
|
|
||
| ret = DB.execute_nonquery(@dbq['INSERT_PROTECT'], 'iiss', client.nick.account_id, |
There was a problem hiding this comment.
Put the original pattern in the DB, rather than the regex. This is important for the listing later, as looking at IRC masks is nicer than regexes, unless we've specifically given a regex.
| @dbq['DELETE_PROTECT'] = DB.prepare('DELETE FROM ganneffprotect WHERE | ||
| irc_lower(pattern) = irc_lower($1)') | ||
| @dbq['GET_PROTECTED_PATTERNS'] = DB.prepare('SELECT pattern, reason FROM ganneffprotect') | ||
| @dbq['GET_PROTECTED_PATTERNS_DETAILED'] = DB.prepare('SELECT pattern, setter, time, |
There was a problem hiding this comment.
setter here will be an ID, not a name. Look at GET_ALL_CHANNELS for a simple way to get the primary nick of the setting account.
Without this, anyone using irccloud (or a similar service) can get all other users k:lined
by tripping on a trap (J).
Goal: they should be treated like a tor user (getting themselves killed).
Background: I'm an irccloud user, and today someone managed to trip on a
Jtrap which got my connection to oftc k:lined.@dwfreed said that we could add some sort of pattern/mask support to enable users like me not to suffer when other irccloud users do harmless stupid things.
Implementation:
PROTECTandUNPROTECT-- I'm not attached to the command names (or anything else really). Both take irc masks or regular expressions (the former being converted into the latter).akillis called, after checking if the user is on tor, the code tries to check to see if the host would match a protected pattern -- if so, the kill is downgraded to the user just as for tor users.