Skip to content
Browse files

Merge remote-tracking branch 'inspircd/insp21' into insp21

  • Loading branch information...
2 parents 7fba8b9 + 38ec590 commit a2cb6bb32d8816f57ed35edbc244d0b8c5ef7eb4 @Justasic committed Apr 14, 2012
View
6 docs/inspircd.conf.example
@@ -554,7 +554,11 @@
# invitebypassmodes: This allows /invite to bypass other channel modes.
# (Such as +k, +j, +l, etc)
- invitebypassmodes="yes">
+ invitebypassmodes="yes"
+
+ # nosnoticestack: This prevents snotices from 'stacking' and giving you
+ # the message staying 'Last message repeated 'X' times'. Defaults to no.
+ nosnoticestack="no">
#-#-#-#-#-#-#-#-#-#-#-# PERFORMANCE CONFIGURATION #-#-#-#-#-#-#-#-#-#-#
View
6 docs/modules.conf.example
@@ -911,6 +911,8 @@
# setaccount="no" #
# verbose="yes"> #
# #
+# <ldapwhitelist cidr="10.42.0.0/16"> #
+# #
# The baserdn indicates the base DN to search in for users. Usually #
# this is 'ou=People,dc=yourdomain,dc=yourtld'. #
# #
@@ -941,6 +943,10 @@
# #
# If setaccount is yes, the account name in m_services_account is set #
# to the LDAP username that was authenticated #
+# #
+# ldapwhitelist indicates that clients connecting from an IP in the *
+* provided CIDR do not need to authenticate against LDAP. It can be *
+* repeated to whitelist multiple CIDRs. #
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# LDAP oper configuration module: Adds the ability to authenticate #
View
4 include/configreader.h
@@ -488,6 +488,10 @@ class CoreExport ServerConfig
*/
bool InvBypassModes;
+ /** If this value is true, snotices will not stack when repeats are sent
+ */
+ bool NoSnoticeStack;
+
/** If this value is true, modes can have their letters removed (enables +Z)
*/
bool NameOnlyModes;
View
1 src/configreader.cpp
@@ -442,6 +442,7 @@ void ServerConfig::Fill()
Limits.MaxGecos = GetTag("limits")->getInt("maxgecos", 128);
Limits.MaxAway = GetTag("limits")->getInt("maxaway", 200);
InvBypassModes = options->getBool("invitebypassmodes", true);
+ NoSnoticeStack = options->getBool("nosnoticestack", false);
NameOnlyModes = options->getBool("nameonlymodes", true);
AnnounceTSChange = options->getBool("announcets");
View
19 src/modules/extra/m_ldapauth.cpp
@@ -39,6 +39,7 @@ class ModuleLDAPAuth : public Module
std::string killreason;
std::string username;
std::string password;
+ std::vector<std::string> whitelistedcidrs;
int searchscope;
bool verbose;
bool useusername;
@@ -66,6 +67,7 @@ class ModuleLDAPAuth : public Module
void ReadConfig(ConfigReadStatus&)
{
+ whitelistedcidrs.clear();
base = ServerInstance->Config->GetTag("ldapauth")->getString("baserdn");
attribute = ServerInstance->Config->GetTag("ldapauth")->getString("attribute");
@@ -78,6 +80,14 @@ class ModuleLDAPAuth : public Module
verbose = ServerInstance->Config->GetTag("ldapauth")->getBool("verbose"); /* Set to true if failed connects should be reported to operators */
useusername = ServerInstance->Config->GetTag("ldapauth")->getBool("userfield");
setaccount = ServerInstance->Config->GetTag("ldapauth")->getBool("setaccount");
+ ConfigTagList whitelisttags = ServerInstance->Config->GetTags("ldapwhitelist");
+
+ for (ConfigIter i = whitelisttags.first; i != whitelisttags.second; ++i)
+ {
+ std::string cidr = i->second->getString("cidr");
+ if (!cidr.empty())
+ whitelistedcidrs.push_back(cidr);
+ }
if (scope == "base")
searchscope = LDAP_SCOPE_BASE;
@@ -122,6 +132,15 @@ class ModuleLDAPAuth : public Module
return;
}
+ for (std::vector<std::string>::iterator i = whitelistedcidrs.begin(); i != whitelistedcidrs.end(); i++)
+ {
+ if (InspIRCd::MatchCIDR(user->GetIPString(), *i, ascii_case_insensitive_map))
+ {
+ ldapAuthed.set(user,1);
+ return;
+ }
+ }
+
if (!CheckCredentials(user))
{
ServerInstance->Users->QuitUser(user, killreason);
View
8 src/modules/extra/m_ssl_gnutls.cpp
@@ -42,10 +42,9 @@ struct DH_info : public refcountbase
{
int bits;
gnutls_dh_params params;
- DH_info()
+ DH_info(int Bits) : bits(Bits)
{
gnutls_dh_params_init(&params);
- bits = gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_NORMAL);
int ret = gnutls_dh_params_generate2(params, bits);
if (ret < 0)
ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to generate DH parameters (%d bits): %s",
@@ -780,9 +779,12 @@ class ModuleSSLGnuTLS : public Module
ConfigTag* Conf = ServerInstance->Config->GetTag("gnutls");
+ int dh_bits = Conf->getInt("dhbits");
std::string hashname = Conf->getString("hash", "md5");
- dh = new DH_info();
+ if((dh_bits != 768) && (dh_bits != 1024) && (dh_bits != 2048) && (dh_bits != 3072) && (dh_bits != 4096))
+ dh_bits = 1024;
+ dh = new DH_info(dh_bits);
if (hashname == "md5")
hash = GNUTLS_DIG_MD5;
View
6 src/snomasks.cpp
@@ -84,7 +84,11 @@ SnomaskManager::SnomaskManager()
void Snomask::SendMessage(const std::string &message, char mysnomask)
{
- if (message != LastMessage || mysnomask != LastLetter)
+ /* I thought it better to just add the Config check here instead of adding a whole
+ new if to do this job. Since as long as the config returns true every time
+ 'Count' will never get above 1, and when it does Flush() it wont print the
+ stack line. - Shawn */
+ if (ServerInstance->Config->NoSnoticeStack || message != LastMessage || mysnomask != LastLetter)
{
this->Flush();
LastMessage = message;

0 comments on commit a2cb6bb

Please sign in to comment.
Something went wrong with that request. Please try again.