Add support to connect to server via unix socket

The syntax for AddServer command and config is chosen to be unix:/path or unix:ssl:/path

For security reasons, only admins can add such servers, to prevent users from poking around the file system.
This commit is contained in:
Alexey Sokolov
2025-04-20 22:20:52 +01:00
parent 66b17926cc
commit 63d10ccb17
10 changed files with 212 additions and 81 deletions
+13 -4
View File
@@ -21,6 +21,7 @@
#include <znc/IRCNetwork.h>
#include <znc/Chan.h>
#include <znc/IRCSock.h>
#include "znc/Server.h"
using std::map;
using std::vector;
@@ -1249,6 +1250,10 @@ class CAdminMod : public CModule {
PutModule(
t_s("Usage: AddServer <username> <network> <server> [[+]port] "
"[password]"));
if (GetUser()->IsAdmin()) {
PutModule(t_s("Or: AddServer <username> <network> unix:[ssl:]/path/to/socket"));
}
PutModule(t_s("+ means SSL"));
return;
}
@@ -1265,7 +1270,13 @@ class CAdminMod : public CModule {
return;
}
if (pNetwork->AddServer(sServer))
CServer Server = CServer::Parse(sServer);
if (Server.IsUnixSocket() && !GetUser()->IsAdmin()) {
PutModule(t_s("Access denied!"));
return;
}
if (pNetwork->AddServer(std::move(Server)))
PutModule(t_f("Added IRC Server {1} to network {2} for user {3}.")(
sServer, pNetwork->GetName(), pUser->GetUsername()));
else
@@ -1278,8 +1289,6 @@ class CAdminMod : public CModule {
CString sUsername = sLine.Token(1);
CString sNetwork = sLine.Token(2);
CString sServer = sLine.Token(3, true);
unsigned short uPort = sLine.Token(4).ToUShort();
CString sPass = sLine.Token(5);
if (sServer.empty()) {
PutModule(
@@ -1301,7 +1310,7 @@ class CAdminMod : public CModule {
return;
}
if (pNetwork->DelServer(sServer, uPort, sPass))
if (pNetwork->DelServer(CServer::Parse(sServer)))
PutModule(
t_f("Deleted IRC Server {1} from network {2} for user {3}.")(
sServer, pNetwork->GetName(), pUser->GetUsername()));