From 62581962a6cb15853cfe2019286fae6021e21ebd Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Sun, 25 Feb 2018 05:17:39 -0500
Subject: [PATCH 1/3] fix confusing ips-per-subnet name

---
 irc/connection_limits/limiter.go | 17 +++++++++++------
 oragono.yaml                     |  4 ++--
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/irc/connection_limits/limiter.go b/irc/connection_limits/limiter.go
index 11d1d666..0a4e3813 100644
--- a/irc/connection_limits/limiter.go
+++ b/irc/connection_limits/limiter.go
@@ -12,11 +12,12 @@ import (
 
 // LimiterConfig controls the automated connection limits.
 type LimiterConfig struct {
-	Enabled     bool
-	CidrLenIPv4 int `yaml:"cidr-len-ipv4"`
-	CidrLenIPv6 int `yaml:"cidr-len-ipv6"`
-	IPsPerCidr  int `yaml:"ips-per-subnet"`
-	Exempted    []string
+	Enabled        bool
+	CidrLenIPv4    int `yaml:"cidr-len-ipv4"`
+	CidrLenIPv6    int `yaml:"cidr-len-ipv6"`
+	ConnsPerSubnet int `yaml:"connections-per-subnet"`
+	IPsPerSubnet   int `yaml:"ips-per-subnet"` // legacy name for ConnsPerSubnet
+	Exempted       []string
 }
 
 var (
@@ -145,7 +146,11 @@ func (cl *Limiter) ApplyConfig(config LimiterConfig) error {
 	cl.ipv6Mask = net.CIDRMask(config.CidrLenIPv6, 128)
 	// subnetLimit is explicitly NOT capped at a minimum of one.
 	// this is so that CL config can be used to allow ONLY clients from exempted IPs/nets
-	cl.subnetLimit = config.IPsPerCidr
+	cl.subnetLimit = config.ConnsPerSubnet
+	// but: check if the current key was left unset, but the legacy was set:
+	if cl.subnetLimit == 0 && config.IPsPerSubnet != 0 {
+		cl.subnetLimit = config.IPsPerSubnet
+	}
 	cl.exemptedIPs = exemptedIPs
 	cl.exemptedNets = exemptedNets
 
diff --git a/oragono.yaml b/oragono.yaml
index d32a50db..d154bc9b 100644
--- a/oragono.yaml
+++ b/oragono.yaml
@@ -100,8 +100,8 @@ server:
         # how wide the cidr should be for IPv6
         cidr-len-ipv6: 64
 
-        # maximum number of IPs per subnet (defined above by the cird length)
-        ips-per-subnet: 16
+        # maximum concurrent connections per subnet (defined above by the cidr length)
+        connections-per-subnet: 16
 
         # IPs/networks which are exempted from connection limits
         exempted:

From 9d163a4ba2232f3c32cdb8b1a3e2c55c56fe533b Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Sun, 25 Feb 2018 05:18:54 -0500
Subject: [PATCH 2/3] warn about whitelisting the webirc gateway

See #197 (this is not a complete fix, though).
---
 oragono.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/oragono.yaml b/oragono.yaml
index d154bc9b..402bcf04 100644
--- a/oragono.yaml
+++ b/oragono.yaml
@@ -79,6 +79,7 @@ server:
             password: JDJhJDA0JG9rTTVERlNRa0hpOEZpNkhjZE95SU9Da1BseFdlcWtOTEQxNEFERVlqbEZNTkdhOVlYUkMu
 
             # hosts that can use this webirc command
+            # you should also add these addresses to the connection limits and throttling exemption lists
             hosts:
                 # - localhost
                 # - "127.0.0.1"

From 784a3bbf529dd840505ba06a2f6ed092d9c20a38 Mon Sep 17 00:00:00 2001
From: Shivaram Lingamneni <slingamn@cs.stanford.edu>
Date: Sun, 25 Feb 2018 05:02:42 -0500
Subject: [PATCH 3/3] Don't send error messages for bad channels in NAMES

"There is no error reply for bad channel names."
<https://tools.ietf.org/html/rfc2812#section-3.2.5>
---
 irc/handlers.go | 26 ++++++++------------------
 1 file changed, 8 insertions(+), 18 deletions(-)

diff --git a/irc/handlers.go b/irc/handlers.go
index fecabba0..b774a708 100644
--- a/irc/handlers.go
+++ b/irc/handlers.go
@@ -1594,16 +1594,14 @@ func motdHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Resp
 	return false
 }
 
-// NAMES [<channel>{,<channel>}]
+// NAMES [<channel>{,<channel>} [target]]
 func namesHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *ResponseBuffer) bool {
 	var channels []string
 	if len(msg.Params) > 0 {
 		channels = strings.Split(msg.Params[0], ",")
 	}
-	//var target string
-	//if len(msg.Params) > 1 {
-	//	target = msg.Params[1]
-	//}
+
+	// TODO: in a post-federation world, process `target` (server to forward request to)
 
 	if len(channels) == 0 {
 		for _, channel := range server.channels.Channels() {
@@ -1612,21 +1610,13 @@ func namesHandler(server *Server, client *Client, msg ircmsg.IrcMessage, rb *Res
 		return false
 	}
 
-	// limit regular users to only listing one channel
-	if !client.flags[modes.Operator] {
-		channels = channels[:1]
-	}
-
 	for _, chname := range channels {
-		casefoldedChname, err := CasefoldChannel(chname)
-		channel := server.channels.Get(casefoldedChname)
-		if err != nil || channel == nil {
-			if len(chname) > 0 {
-				rb.Add(nil, server.name, ERR_NOSUCHCHANNEL, client.nick, chname, client.t("No such channel"))
-			}
-			continue
+		channel := server.channels.Get(chname)
+		if channel != nil {
+			channel.Names(client, rb)
+		} else if chname != "" {
+			rb.Add(nil, server.name, RPL_ENDOFNAMES, client.Nick(), chname, client.t("End of NAMES list"))
 		}
-		channel.Names(client, rb)
 	}
 	return false
 }