mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-22 18:52:41 +01:00
dline: Prevent opers from banning themselves
This commit is contained in:
parent
e973862944
commit
f1e2c54fca
18
irc/dline.go
18
irc/dline.go
@ -168,7 +168,7 @@ func (dm *DLineManager) CheckIP(addr net.IP) (isBanned bool, info *IPBanInfo) {
|
||||
return false, nil
|
||||
}
|
||||
|
||||
// DLINE [duration] <ip>/<net> [ON <server>] [reason [| oper reason]]
|
||||
// DLINE [MYSELF] [duration] <ip>/<net> [ON <server>] [reason [| oper reason]]
|
||||
func dlineHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
||||
// check oper permissions
|
||||
if !client.class.Capabilities["oper:local_ban"] {
|
||||
@ -178,6 +178,14 @@ func dlineHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
||||
|
||||
currentArg := 0
|
||||
|
||||
// when setting a ban that covers the oper's current connection, we require them to say
|
||||
// "DLINE MYSELF" so that we're sure they really mean it.
|
||||
var dlineMyself bool
|
||||
if len(msg.Params) > currentArg+1 && strings.ToLower(msg.Params[currentArg]) == "myself" {
|
||||
dlineMyself = true
|
||||
currentArg++
|
||||
}
|
||||
|
||||
// duration
|
||||
duration, err := time.ParseDuration(msg.Params[currentArg])
|
||||
durationIsUsed := err == nil
|
||||
@ -209,8 +217,16 @@ func dlineHandler(server *Server, client *Client, msg ircmsg.IrcMessage) bool {
|
||||
|
||||
if hostNet == nil {
|
||||
hostString = hostAddr.String()
|
||||
if !dlineMyself && hostAddr.Equal(net.ParseIP(IPString(client.socket.conn.RemoteAddr()))) {
|
||||
client.Send(nil, server.name, ERR_UNKNOWNERROR, client.nick, msg.Command, "This ban matches you. To DLINE yourself, you must pass use the command: /DLINE MYSELF <arguments>")
|
||||
return false
|
||||
}
|
||||
} else {
|
||||
hostString = hostNet.String()
|
||||
if !dlineMyself && hostNet.Contains(net.ParseIP(IPString(client.socket.conn.RemoteAddr()))) {
|
||||
client.Send(nil, server.name, ERR_UNKNOWNERROR, client.nick, msg.Command, "This ban matches you. To DLINE yourself, you must pass use the command: /DLINE MYSELF <arguments>")
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
// check remote
|
||||
|
@ -99,7 +99,7 @@ Prints debug information about the IRCd. <option> can be one of:
|
||||
},
|
||||
"dline": {
|
||||
oper: true,
|
||||
text: `DLINE [duration] <ip>/<net> [ON <server>] [reason [| oper reason]]
|
||||
text: `DLINE [MYSELF] [duration] <ip>/<net> [ON <server>] [reason [| oper reason]]
|
||||
|
||||
Bans an IP address or network from connecting to the server. If the duration is
|
||||
given then only for that long. The reason is shown to the user themselves, but
|
||||
@ -108,6 +108,9 @@ operators getting info about the DLINEs that exist.
|
||||
|
||||
Bans are saved across subsequent launches of the server.
|
||||
|
||||
"MYSELF" is required when the DLINE matches the address the person applying it is connected
|
||||
from. If "MYSELF" is not given, trying to DLINE yourself will result in an error.
|
||||
|
||||
[duration] can be of the following forms:
|
||||
10h 8m 13s
|
||||
|
||||
@ -115,6 +118,8 @@ Bans are saved across subsequent launches of the server.
|
||||
127.0.0.1/8
|
||||
8.8.8.8/24
|
||||
|
||||
ON <server> specifies that the ban is to be set on that specific server.
|
||||
|
||||
[reason] and [oper reason], if they exist, are separated by a vertical bar (|).`,
|
||||
},
|
||||
"help": {
|
||||
|
Loading…
Reference in New Issue
Block a user