diff --git a/src/adc/adcconst.h b/src/adc/adcconst.h index 365281c..88f4e68 100644 --- a/src/adc/adcconst.h +++ b/src/adc/adcconst.h @@ -156,9 +156,10 @@ typedef uint32_t fourcc_t; #define ADC_SUP_FLAG_ADD "AD" #define ADC_SUP_FLAG_REMOVE "RM" -#define ADC_CLIENT_TYPE_BOT "1" -#define ADC_CLIENT_TYPE_REGISTERED_USER "2" -#define ADC_CLIENT_TYPE_OPERATOR "4" +#define ADC_CLIENT_TYPE_BOT "1" +#define ADC_CLIENT_TYPE_REGISTERED_USER "2" +#define ADC_CLIENT_TYPE_OPERATOR "4" +#define ADC_CLIENT_TYPE_HUBBOT "5" /* 1 + 4 */ #define ADC_CLIENT_TYPE_SUPER_USER "12" /* 8 + 4 */ #define ADC_CLIENT_TYPE_ADMIN "20" /* 16 + 4 = hub owner */ #define ADC_CLIENT_TYPE_HUB "32" /* the hub itself */ diff --git a/src/adc/message.c b/src/adc/message.c index 2b6f1bc..0d52ac1 100644 --- a/src/adc/message.c +++ b/src/adc/message.c @@ -310,7 +310,7 @@ struct adc_message* adc_msg_parse_verify(struct hub_user* u, const char* line, s if (!command) return 0; - if (command->source && (!u || command->source != u->id.sid)) + if (command->source && (!u || (command->source != u->id.sid && !auth_cred_is_unrestricted(u->credentials)))) { LOG_DEBUG("Command does not match user's SID (command->source=%d, user->id.sid=%d)", command->source, (u ? u->id.sid : 0)); adc_msg_free(command); diff --git a/src/core/auth.c b/src/core/auth.c index 3d0686f..3cb9faa 100644 --- a/src/core/auth.c +++ b/src/core/auth.c @@ -170,6 +170,9 @@ static int acl_parse_line(char* line, int line_count, void* ptr_data) LOG_DEBUG("acl_parse_line: '%s'", line); ACL_ADD_USER("bot", handle->users, auth_cred_bot); + ACL_ADD_USER("ubot", handle->users, auth_cred_ubot); + ACL_ADD_USER("opbot", handle->users, auth_cred_opbot); + ACL_ADD_USER("opubot", handle->users, auth_cred_opubot); ACL_ADD_USER("user_admin", handle->users, auth_cred_admin); ACL_ADD_USER("user_super", handle->users, auth_cred_super); ACL_ADD_USER("user_op", handle->users, auth_cred_operator); diff --git a/src/core/hub.c b/src/core/hub.c index 2d4249e..167f5a6 100644 --- a/src/core/hub.c +++ b/src/core/hub.c @@ -23,7 +23,7 @@ struct hub_info* g_hub = 0; /* FIXME: Flood control should be done in a plugin! */ #define CHECK_FLOOD(TYPE, WARN) \ - if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_ ## TYPE, hub->config->flood_ctl_interval, net_get_time())) \ + if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_ ## TYPE, hub->config->flood_ctl_interval, net_get_time()) && !auth_cred_is_unrestricted(u->credentials)) \ { \ if (WARN) \ { \ diff --git a/src/core/inf.c b/src/core/inf.c index 2e8d37a..0fedc98 100644 --- a/src/core/inf.c +++ b/src/core/inf.c @@ -571,6 +571,10 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT); break; + case auth_cred_ubot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT); + break; + case auth_cred_guest: /* Nothing to be added to the info message */ break; @@ -583,6 +587,14 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_OPERATOR); break; + case auth_cred_opbot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT); + break; + + case auth_cred_opubot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT); + break; + case auth_cred_super: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_SUPER_USER); break; diff --git a/src/tools/uhub-passwd.c b/src/tools/uhub-passwd.c index ad07197..4d491b6 100644 --- a/src/tools/uhub-passwd.c +++ b/src/tools/uhub-passwd.c @@ -101,7 +101,19 @@ static const char* validate_cred(const char* cred_str) if (!strcmp(cred_str, "user")) return "user"; - fprintf(stderr, "Invalid user credentials. Must be one of: 'admin', 'super', 'op' or 'user'\n"); + if (!strcmp(cred_str, "bot")) + return "bot"; + + if (!strcmp(cred_str, "ubot")) + return "ubot"; + + if (!strcmp(cred_str, "opbot")) + return "opbot"; + + if (!strcmp(cred_str, "opubot")) + return "opubot"; + + fprintf(stderr, "Invalid user credentials. Must be one of: 'bot', 'ubot', 'opbot', 'opubot', 'admin', 'super', 'op' or 'user'\n"); exit(1); } diff --git a/src/util/credentials.c b/src/util/credentials.c index bb87407..ee72627 100644 --- a/src/util/credentials.c +++ b/src/util/credentials.c @@ -19,11 +19,33 @@ #include "uhub.h" +/** + * Returns 1 if a user is unrestricted. + * Unrestricted users override the limits of flood and can send messages in + * the name of other users. + * This is useful for amongst other external chatrooms. + */ +int auth_cred_is_unrestricted(enum auth_credentials cred) +{ + switch (cred) + { + case auth_cred_ubot: + case auth_cred_opubot: + return 1; + default: + break; + } + return 0; +} + int auth_cred_is_protected(enum auth_credentials cred) { switch (cred) { case auth_cred_bot: + case auth_cred_ubot: + case auth_cred_opbot: + case auth_cred_opubot: case auth_cred_operator: case auth_cred_super: case auth_cred_admin: @@ -45,6 +67,9 @@ int auth_cred_is_registered(enum auth_credentials cred) switch (cred) { case auth_cred_bot: + case auth_cred_ubot: + case auth_cred_opbot: + case auth_cred_opubot: case auth_cred_user: case auth_cred_operator: case auth_cred_super: @@ -64,6 +89,9 @@ const char* auth_cred_to_string(enum auth_credentials cred) { case auth_cred_none: return "none"; case auth_cred_bot: return "bot"; + case auth_cred_ubot: return "ubot"; + case auth_cred_opbot: return "opbot"; + case auth_cred_opubot: return "opubot"; case auth_cred_guest: return "guest"; case auth_cred_user: return "user"; case auth_cred_operator: return "operator"; @@ -95,14 +123,20 @@ int auth_string_to_cred(const char* str, enum auth_credentials* out) if (!strcasecmp(str, "none")) { *out = auth_cred_none; return 1; } if (!strcasecmp(str, "user")) { *out = auth_cred_user; return 1; } if (!strcasecmp(str, "link")) { *out = auth_cred_link; return 1; } + if (!strcasecmp(str, "ubot")) { *out = auth_cred_ubot; return 1; } return 0; case 5: if (!strcasecmp(str, "admin")) { *out = auth_cred_admin; return 1; } if (!strcasecmp(str, "super")) { *out = auth_cred_super; return 1; } + if (!strcasecmp(str, "opbot")) { *out = auth_cred_opbot; return 1; } if (!strcasecmp(str, "guest")) { *out = auth_cred_guest; return 1; } return 0; + case 6: + if (!strcasecmp(str, "opubot")) { *out = auth_cred_opubot; return 1; } + return 0; + case 8: if (!strcasecmp(str, "operator")) { *out = auth_cred_operator; return 1; } return 0; diff --git a/src/util/credentials.h b/src/util/credentials.h index 7628eb9..540b96e 100644 --- a/src/util/credentials.h +++ b/src/util/credentials.h @@ -23,15 +23,24 @@ enum auth_credentials { auth_cred_none, /**<<< "User has no credentials (not yet logged in)" */ - auth_cred_bot, /**<<< "User is a robot" */ auth_cred_guest, /**<<< "User is a guest (unregistered user)" */ auth_cred_user, /**<<< "User is identified as a registered user" */ + auth_cred_bot, /**<<< "User is a robot" */ + auth_cred_ubot, /**<<< "User is an unrestricted robot" */ auth_cred_operator, /**<<< "User is identified as a hub operator" */ + auth_cred_opbot, /**<<< "User is a operator robot" */ + auth_cred_opubot, /**<<< "User is an unrestricted operator robot" */ auth_cred_super, /**<<< "User is a super user" (not used) */ auth_cred_link, /**<<< "User is a link (not used currently)" */ auth_cred_admin, /**<<< "User is identified as a hub administrator/owner" */ }; +/** + * Returns 1 if the credentials means that a user is unrestricted. + * Returns 0 otherwise. + */ +int auth_cred_is_unrestricted(enum auth_credentials cred); + /** * Returns 1 if the credentials means that a user is protected. * Returns 0 otherwise.