One needs to be admin to change the current skin dir, but it still sounds
like a good idea to be careful...
Plus, this wont deny symlinks anyway!
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1412 726aef4b-f618-498e-8847-2d620e286838
There was a bug in webadmin which allowed any users to write arbitrary strings
to znc.conf by setting e.g. their quit message to:
Some quit message
Admin = true
LoadModule = shell
</User>
ISpoofFile = /home/<user>/.ssh/authorited_keys
ISpoofFormat = <some ssh key>
<User a>
(The newlines must be sent as newlines to webadmin)
This commit fixes this by stripping all newlines from all the data fields
by default. Since some fields (e.g. CTCPReplies and Servers) do need newlines,
there is a new function CHTTPSock::GetRawParam() which doesn't do the stripping.
Thanks to cnu for finding and reporting this bug.
Thanks to kroimon for patch review.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1395 726aef4b-f618-498e-8847-2d620e286838
This is a slightly modified version of the connect_throttle from znc-extra.
If a login attempt fails, all further login attempts from that source IP are
blocked for some time (by default one minute).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1390 726aef4b-f618-498e-8847-2d620e286838
This breaks CAuthBase's API for modules that want to auth users.
Instead of overloading AcceptLogin() and RefuseLogin(), they now have to
overload AcceptedLogin() and RefusedLogin().
Modules that auth users (e.g. imapauth) still call AcceptLogin() and
RefuseLogin() which is where OnFailedLogin() gets called.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1389 726aef4b-f618-498e-8847-2d620e286838
- No longer a global module, why was it ever one?
- Fix '/msg *admin set ident a' to error out instead of modifying my own user.
- Document '$me'.
- Other, minor stuff.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1386 726aef4b-f618-498e-8847-2d620e286838
This module basically does the same things webadmin does, but via
an IRC query interface.
Thanks to sebastinas for writing the original version of this module.
Thanks to kroimon for making this suite ZNC's coding style better and porting
it to newer ZNC versions.
Finally, I added a DelUser command and ported it again to laters versions.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1379 726aef4b-f618-498e-8847-2d620e286838
Because some ENTER/LEAVE pair was missing, the stack perl uses for passing
arguments grew and grew.
Besides adding those calls this also fixes some more of the callback calling
code to look a little closer to the examples from perldoc.
This also fixes some warnings perl threw at us when unloading by not
making ZNC::{CONTINUE,HALT{,MODS,CORE}} mortal.
Thanks to tomaw and AnMaster for reporting and helping me debug this mem issue.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1357 726aef4b-f618-498e-8847-2d620e286838
Channel buffers are loaded from disk when we join a channel (OnJoin) and when
the module is loaded (OnBoot(), called from OnLoad()) and only if KeepBuffer
for that channel is turned on. So every case is handled.
If we now also load channel buffers in SaveBufferToDisk() we will only reload
old channel buffers which were deleted since then
(e.g. /msg *status clearallchannelbuffers).
Thanks to Julian for finding this bug and helping me debug.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1345 726aef4b-f618-498e-8847-2d620e286838
In theory this could lead to extra copies of the password in memory, but since
no caller actually makes sure that those passwords are forgotten as fast as
possible, I don't see why this should be done the Old Way(tm).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1343 726aef4b-f618-498e-8847-2d620e286838
The stuff in CUtils::GetHashPass() and CUtils::GetSaltedHashPass() shouldn't
hurt, since we don't do such stuff in other places for passwords either.
This should improve the readability of the code a lot.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1324 726aef4b-f618-498e-8847-2d620e286838
This removes ReadFile(), WriteFile(), ReadLine(), Lower() and Upper() from
Utils.h and adds CFile::ReadFile().
The biggest part of this patch fixes modules to use CFile and CString instead
of these global functions.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1311 726aef4b-f618-498e-8847-2d620e286838
- schat now works again (yay)
- it now uses CSocket instead of Csock directly
- list only displays schat's own sockets
- other minor stuff
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1303 726aef4b-f618-498e-8847-2d620e286838
Now every module that uses CSocket automatically gets its generated traffic
counted. Those which use Csock directly should be shot and burried anyway ;)
This adds CModule::IsGlobal().
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1283 726aef4b-f618-498e-8847-2d620e286838
OnUserAttached is renamed to OnClientLogin and
OnUserDetached to OnClientDisconnect.
This adds some new function with different arguments for the old names to cause
warnings from -Woverloaded-virtual while compiling.
This patch also adds OnClientConnect() which is called when the low-level
raw connection is established. (No SSL-handshake was done at this point yet!)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1266 726aef4b-f618-498e-8847-2d620e286838
We now first run the perl command to get the compiler flags and display
those when compiling modperl, so we now what's going on.
Plus this also uses -Wno-write-strings to disabled all the perl compiler
warnings.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1261 726aef4b-f618-498e-8847-2d620e286838
I just got this: (binding to ::1 on an ipv4-only build)
Module [webadmin] aborted: Could not bind to port 8080: No such file or directory
Module [webadmin] aborted: Could not bind to port 8080: Success
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1259 726aef4b-f618-498e-8847-2d620e286838
Thanks to ashikase for pointing out the needed linker and compiler flags.
Thanks to GiZMo for testing on his mac 10.5.4.
This also cleans up configure.in a little by adding appendMod.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1258 726aef4b-f618-498e-8847-2d620e286838
