When webadmin "grabs" HTTP connections from the IRC port, it moves the
underlying connection to its own socket class and copies all of the settings
from the old socket to this new one.
One of the properties that is copied is the MaxBufferThreshold which is 1024 for
IRC sockets, but which should be 10240 webadmin sockets (CSocket::CSocket()).
This could theoretically cause bugs like the "blank page in firefox" reported by
kaiz0ku.
Anyway, this is hopefully fixed by setting the 10k MaxBufferThreshold again.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1617 726aef4b-f618-498e-8847-2d620e286838
The directory prefix checking which prevents path traversal exploits had a logic
error that made it always fail.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1574 726aef4b-f618-498e-8847-2d620e286838
A common pattern for checking directories in ZNC is the following:
sAbsolutePath = CDir::ChangeDir(sAllowedPath, sFile);
if (sAbsolutePath.Left(sAllowedPath.length()) != sAllowedPath)
Error;
But there is a problem: If sAllowedPath doesn't end with a slash, we are
vulnerable to an attack. If e.g. sAllowedPath = "/foo/bar", then
sFile = "../bartender" would result in sAbsolutePath = "/foo/bartender". Since
this path does begin with sAllowedPath, the code allowed it.
There shouldn't be any places where this can be exploited currently, but it is
still a security bug (path traversal).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1569 726aef4b-f618-498e-8847-2d620e286838
r1481 moved the /img/ subdir into /data/, but forgot to fix the path which
is used for the favicon, which meant we generated a 404 for the favicon.
Fix this by using the correct path and everyone is happy again.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1524 726aef4b-f618-498e-8847-2d620e286838
This moves all static webadmin files (images, css) to the data/ subdirectory
of the skin dir. The webadmin module is changed to redirect requests to
/<skin name>/ to that data directory. The skins are changed to use the
new URL when linking to their stuff. (I only needed to change the path to
the main.css file in each Header.tmpl. Since the .css and the images are now
in the same directory, relative URLs work just fine).
This means that we now generate different URLs after changing the webadmin
skins and the browser cache can do its thing.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1481 726aef4b-f618-498e-8847-2d620e286838
One needs to be admin to change the current skin dir, but it still sounds
like a good idea to be careful...
Plus, this wont deny symlinks anyway!
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1412 726aef4b-f618-498e-8847-2d620e286838
There was a bug in webadmin which allowed any users to write arbitrary strings
to znc.conf by setting e.g. their quit message to:
Some quit message
Admin = true
LoadModule = shell
</User>
ISpoofFile = /home/<user>/.ssh/authorited_keys
ISpoofFormat = <some ssh key>
<User a>
(The newlines must be sent as newlines to webadmin)
This commit fixes this by stripping all newlines from all the data fields
by default. Since some fields (e.g. CTCPReplies and Servers) do need newlines,
there is a new function CHTTPSock::GetRawParam() which doesn't do the stripping.
Thanks to cnu for finding and reporting this bug.
Thanks to kroimon for patch review.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1395 726aef4b-f618-498e-8847-2d620e286838
This breaks CAuthBase's API for modules that want to auth users.
Instead of overloading AcceptLogin() and RefuseLogin(), they now have to
overload AcceptedLogin() and RefusedLogin().
Modules that auth users (e.g. imapauth) still call AcceptLogin() and
RefuseLogin() which is where OnFailedLogin() gets called.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1389 726aef4b-f618-498e-8847-2d620e286838
The stuff in CUtils::GetHashPass() and CUtils::GetSaltedHashPass() shouldn't
hurt, since we don't do such stuff in other places for passwords either.
This should improve the readability of the code a lot.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1324 726aef4b-f618-498e-8847-2d620e286838
Now every module that uses CSocket automatically gets its generated traffic
counted. Those which use Csock directly should be shot and burried anyway ;)
This adds CModule::IsGlobal().
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1283 726aef4b-f618-498e-8847-2d620e286838
I just got this: (binding to ::1 on an ipv4-only build)
Module [webadmin] aborted: Could not bind to port 8080: No such file or directory
Module [webadmin] aborted: Could not bind to port 8080: Success
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1259 726aef4b-f618-498e-8847-2d620e286838
This also changes the layout of the default skin a little, because it was
a little messed up. I still don't like the result, but meh, send patches!
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1187 726aef4b-f618-498e-8847-2d620e286838
This should hopefully fix a couple of 'Excess flood' problems we were having.
Thanks to SilverLeo for finally writing this :P
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1177 726aef4b-f618-498e-8847-2d620e286838
This also removes all the code catching those exceptions. There was nothing
which justified these exceptions and removing them doesn't hurt.
ByeBye CException::EX_BadModVersion
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1137 726aef4b-f618-498e-8847-2d620e286838
auth modules = imapauth and saslauth
Some code in CWebAdminSock::OnLogin() is skipped if a module handles auth
and thus m_pUser stays NULL. Most checks for admin rights only check for
m_pUser being NULL and thus any user WHO ALREADY HAS A VALID LOGIN can edit
other users if they know their user name.
(=Change the password of an admin and log in using this info)
One of the major excpeptions are the templates which use m_bAdmin instead of
m_pUser for checking the privieleges, thus users still see the normal pages
and this bug stayed unnoticed for a while.
This patch now moves the code that sets m_pUser to some code which is executed
in both cases, when an auth module is in effect and when one isn't.
(Well, technically this isn't a move, but code duplication, but executing this
twice won't hurt and one of the follow-up patches cleans this up.)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1113 726aef4b-f618-498e-8847-2d620e286838
In r1058 the behaviour of CUser::Clone() was changed. It now also handles the
channel settings. This change breaks webadmin, because it doesn't properly
set up the channels it feeds to CUser::Clone()
This commit 'fixes' this by adding an extra parameter to CUser::Clone() which
makes it revert to the old behaviour. Webadmin uses this parameter.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1074 726aef4b-f618-498e-8847-2d620e286838
This removes some commented out functions and it also
removes CFir::Exists() since CFile::IsDir() does exactly
the same job (and it uses fewer syscalls for that).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1042 726aef4b-f618-498e-8847-2d620e286838
Since adding and editing users is handled pretty much the same way in webadmin,
you could change your user name when you sent a POST requests with some
arbitrary user field:
echo "user=newuser&submitted=1" | \
lynx -post_data -auth=user:pass http://localhost:55455/edituser
This was spotted by SilverLeo who seems to spend quite some time trying to make
ZNC break, which is a good thing. Thanks!
Oh and btw, the last commit (delete the pid file) is from SilverLeo.
I forgot to mention him in the commit msg. Sorry.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@949 726aef4b-f618-498e-8847-2d620e286838
This was just recently introduced in rev 935 "Display user's vhost if it's
not in the global vhost list".
Thanks to icu and Kuja for reporting.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@937 726aef4b-f618-498e-8847-2d620e286838
All the headers are now self-contained (g++ Header.h -o /dev/null).
Some system headers where moved to the .cpp they are actually needed in,
some of our own headers are includes less. (Especially MD5.h)
Headers are sorted alphabetically while in e.g. FileUtils.cpp FileUtils.h
is the first file included.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@915 726aef4b-f618-498e-8847-2d620e286838
Based on darix' patch I wrote this. Modperl's changes were not tested since I
didn't find someone who could test it. Well...
Ah and btw it regenerates configure
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@902 726aef4b-f618-498e-8847-2d620e286838
Now webadmin uses what you have in your <User> section for DefModes,
BufferCount, AutoCycle and KeepBuffer when you create a new user.
Thanks to SilverLeo for noticing and writing this patch.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@886 726aef4b-f618-498e-8847-2d620e286838
This message is always displayed when the module returns (well, screw webadmin)
and this way a module can notify the user if it loaded but something unexpected
happened.
As you might guess, no one uses this ATM :)
Proposal comes from prozac
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@855 726aef4b-f618-498e-8847-2d620e286838
