From d86ef503b3218a8615acdfe658e90761de30d86b Mon Sep 17 00:00:00 2001 From: klondike Date: Fri, 4 Apr 2014 04:59:13 +0200 Subject: [PATCH 1/6] Add opbots and unrestricted bots --- src/core/auth.c | 3 +++ src/core/inf.c | 12 ++++++++++++ src/util/credentials.c | 15 +++++++++++++++ src/util/credentials.h | 5 ++++- 4 files changed, 34 insertions(+), 1 deletion(-) diff --git a/src/core/auth.c b/src/core/auth.c index 3d0686f..3cb9faa 100644 --- a/src/core/auth.c +++ b/src/core/auth.c @@ -170,6 +170,9 @@ static int acl_parse_line(char* line, int line_count, void* ptr_data) LOG_DEBUG("acl_parse_line: '%s'", line); ACL_ADD_USER("bot", handle->users, auth_cred_bot); + ACL_ADD_USER("ubot", handle->users, auth_cred_ubot); + ACL_ADD_USER("opbot", handle->users, auth_cred_opbot); + ACL_ADD_USER("opubot", handle->users, auth_cred_opubot); ACL_ADD_USER("user_admin", handle->users, auth_cred_admin); ACL_ADD_USER("user_super", handle->users, auth_cred_super); ACL_ADD_USER("user_op", handle->users, auth_cred_operator); diff --git a/src/core/inf.c b/src/core/inf.c index 2e8d37a..0fedc98 100644 --- a/src/core/inf.c +++ b/src/core/inf.c @@ -571,6 +571,10 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT); break; + case auth_cred_ubot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_BOT); + break; + case auth_cred_guest: /* Nothing to be added to the info message */ break; @@ -583,6 +587,14 @@ static int set_credentials(struct hub_info* hub, struct hub_user* user, struct a adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_OPERATOR); break; + case auth_cred_opbot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT); + break; + + case auth_cred_opubot: + adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_HUBBOT); + break; + case auth_cred_super: adc_msg_add_argument(cmd, ADC_INF_FLAG_CLIENT_TYPE ADC_CLIENT_TYPE_SUPER_USER); break; diff --git a/src/util/credentials.c b/src/util/credentials.c index bb87407..f4a2820 100644 --- a/src/util/credentials.c +++ b/src/util/credentials.c @@ -24,6 +24,9 @@ int auth_cred_is_protected(enum auth_credentials cred) switch (cred) { case auth_cred_bot: + case auth_cred_ubot: + case auth_cred_opbot: + case auth_cred_opubot: case auth_cred_operator: case auth_cred_super: case auth_cred_admin: @@ -45,6 +48,9 @@ int auth_cred_is_registered(enum auth_credentials cred) switch (cred) { case auth_cred_bot: + case auth_cred_ubot: + case auth_cred_opbot: + case auth_cred_opubot: case auth_cred_user: case auth_cred_operator: case auth_cred_super: @@ -64,6 +70,9 @@ const char* auth_cred_to_string(enum auth_credentials cred) { case auth_cred_none: return "none"; case auth_cred_bot: return "bot"; + case auth_cred_ubot: return "ubot"; + case auth_cred_opbot: return "opbot"; + case auth_cred_opubot: return "opubot"; case auth_cred_guest: return "guest"; case auth_cred_user: return "user"; case auth_cred_operator: return "operator"; @@ -95,14 +104,20 @@ int auth_string_to_cred(const char* str, enum auth_credentials* out) if (!strcasecmp(str, "none")) { *out = auth_cred_none; return 1; } if (!strcasecmp(str, "user")) { *out = auth_cred_user; return 1; } if (!strcasecmp(str, "link")) { *out = auth_cred_link; return 1; } + if (!strcasecmp(str, "ubot")) { *out = auth_cred_ubot; return 1; } return 0; case 5: if (!strcasecmp(str, "admin")) { *out = auth_cred_admin; return 1; } if (!strcasecmp(str, "super")) { *out = auth_cred_super; return 1; } + if (!strcasecmp(str, "opbot")) { *out = auth_cred_opbot; return 1; } if (!strcasecmp(str, "guest")) { *out = auth_cred_guest; return 1; } return 0; + case 6: + if (!strcasecmp(str, "opubot")) { *out = auth_cred_opubot; return 1; } + return 0; + case 8: if (!strcasecmp(str, "operator")) { *out = auth_cred_operator; return 1; } return 0; diff --git a/src/util/credentials.h b/src/util/credentials.h index 7628eb9..7fdbe43 100644 --- a/src/util/credentials.h +++ b/src/util/credentials.h @@ -23,10 +23,13 @@ enum auth_credentials { auth_cred_none, /**<<< "User has no credentials (not yet logged in)" */ - auth_cred_bot, /**<<< "User is a robot" */ auth_cred_guest, /**<<< "User is a guest (unregistered user)" */ auth_cred_user, /**<<< "User is identified as a registered user" */ + auth_cred_bot, /**<<< "User is a robot" */ + auth_cred_ubot, /**<<< "User is an unrestricted robot" */ auth_cred_operator, /**<<< "User is identified as a hub operator" */ + auth_cred_opbot, /**<<< "User is a operator robot" */ + auth_cred_opubot, /**<<< "User is an unrestricted operator robot" */ auth_cred_super, /**<<< "User is a super user" (not used) */ auth_cred_link, /**<<< "User is a link (not used currently)" */ auth_cred_admin, /**<<< "User is identified as a hub administrator/owner" */ From 7bda215ad4a45b98ca3cd6ac363c0ab867ebe8f7 Mon Sep 17 00:00:00 2001 From: klondike Date: Fri, 4 Apr 2014 05:01:07 +0200 Subject: [PATCH 2/6] Add bots to uhub-passwd --- src/tools/uhub-passwd.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/tools/uhub-passwd.c b/src/tools/uhub-passwd.c index ad07197..4d491b6 100644 --- a/src/tools/uhub-passwd.c +++ b/src/tools/uhub-passwd.c @@ -101,7 +101,19 @@ static const char* validate_cred(const char* cred_str) if (!strcmp(cred_str, "user")) return "user"; - fprintf(stderr, "Invalid user credentials. Must be one of: 'admin', 'super', 'op' or 'user'\n"); + if (!strcmp(cred_str, "bot")) + return "bot"; + + if (!strcmp(cred_str, "ubot")) + return "ubot"; + + if (!strcmp(cred_str, "opbot")) + return "opbot"; + + if (!strcmp(cred_str, "opubot")) + return "opubot"; + + fprintf(stderr, "Invalid user credentials. Must be one of: 'bot', 'ubot', 'opbot', 'opubot', 'admin', 'super', 'op' or 'user'\n"); exit(1); } From c15f201d7004eed588d25666b688b4a3b4e6a5a5 Mon Sep 17 00:00:00 2001 From: klondike Date: Fri, 4 Apr 2014 05:06:14 +0200 Subject: [PATCH 3/6] Add auth_cred_is_unrestricted --- src/util/credentials.c | 19 +++++++++++++++++++ src/util/credentials.h | 6 ++++++ 2 files changed, 25 insertions(+) diff --git a/src/util/credentials.c b/src/util/credentials.c index f4a2820..ee72627 100644 --- a/src/util/credentials.c +++ b/src/util/credentials.c @@ -19,6 +19,25 @@ #include "uhub.h" +/** + * Returns 1 if a user is unrestricted. + * Unrestricted users override the limits of flood and can send messages in + * the name of other users. + * This is useful for amongst other external chatrooms. + */ +int auth_cred_is_unrestricted(enum auth_credentials cred) +{ + switch (cred) + { + case auth_cred_ubot: + case auth_cred_opubot: + return 1; + default: + break; + } + return 0; +} + int auth_cred_is_protected(enum auth_credentials cred) { switch (cred) diff --git a/src/util/credentials.h b/src/util/credentials.h index 7fdbe43..540b96e 100644 --- a/src/util/credentials.h +++ b/src/util/credentials.h @@ -35,6 +35,12 @@ enum auth_credentials auth_cred_admin, /**<<< "User is identified as a hub administrator/owner" */ }; +/** + * Returns 1 if the credentials means that a user is unrestricted. + * Returns 0 otherwise. + */ +int auth_cred_is_unrestricted(enum auth_credentials cred); + /** * Returns 1 if the credentials means that a user is protected. * Returns 0 otherwise. From 19068de08818796cc9b088d8fa0dc5125ae00ee8 Mon Sep 17 00:00:00 2001 From: klondike Date: Fri, 4 Apr 2014 05:16:35 +0200 Subject: [PATCH 4/6] Make unrestricted... unrestricted --- src/adc/message.c | 2 +- src/core/hub.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/adc/message.c b/src/adc/message.c index a6c6812..a53fdd2 100644 --- a/src/adc/message.c +++ b/src/adc/message.c @@ -311,7 +311,7 @@ struct adc_message* adc_msg_parse_verify(struct hub_user* u, const char* line, s if (!command) return 0; - if (command->source && (!u || command->source != u->id.sid)) + if (command->source && (!u || command->source != u->id.sid || auth_cred_is_unrestricted(u->credentials))) { LOG_DEBUG("Command does not match user's SID (command->source=%d, user->id.sid=%d)", command->source, (u ? u->id.sid : 0)); adc_msg_free(command); diff --git a/src/core/hub.c b/src/core/hub.c index 2d4249e..167f5a6 100644 --- a/src/core/hub.c +++ b/src/core/hub.c @@ -23,7 +23,7 @@ struct hub_info* g_hub = 0; /* FIXME: Flood control should be done in a plugin! */ #define CHECK_FLOOD(TYPE, WARN) \ - if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_ ## TYPE, hub->config->flood_ctl_interval, net_get_time())) \ + if (flood_control_check(&u->flood_ ## TYPE , hub->config->flood_ctl_ ## TYPE, hub->config->flood_ctl_interval, net_get_time()) && !auth_cred_is_unrestricted(u->credentials)) \ { \ if (WARN) \ { \ From 223e01937e7c9670952bf4963c83cec5a608750d Mon Sep 17 00:00:00 2001 From: "Francisco Blas (klondike) Izquierdo Riera" Date: Sat, 12 Jul 2014 17:13:37 +0200 Subject: [PATCH 5/6] Fix boolean logic fuck up --- src/adc/message.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/adc/message.c b/src/adc/message.c index a53fdd2..db12155 100644 --- a/src/adc/message.c +++ b/src/adc/message.c @@ -311,7 +311,7 @@ struct adc_message* adc_msg_parse_verify(struct hub_user* u, const char* line, s if (!command) return 0; - if (command->source && (!u || command->source != u->id.sid || auth_cred_is_unrestricted(u->credentials))) + if (command->source && (!u || (command->source != u->id.sid && !auth_cred_is_unrestricted(u->credentials)))) { LOG_DEBUG("Command does not match user's SID (command->source=%d, user->id.sid=%d)", command->source, (u ? u->id.sid : 0)); adc_msg_free(command); From 076daec846bb31b5dc786f1c8538a68b5ffdf5a2 Mon Sep 17 00:00:00 2001 From: "Francisco Blas (klondike) Izquierdo Riera" Date: Mon, 24 Nov 2014 12:28:28 +0100 Subject: [PATCH 6/6] Backport the HUBBOT constant defining a bot which is also an operator --- src/adc/adcconst.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/adc/adcconst.h b/src/adc/adcconst.h index 365281c..88f4e68 100644 --- a/src/adc/adcconst.h +++ b/src/adc/adcconst.h @@ -156,9 +156,10 @@ typedef uint32_t fourcc_t; #define ADC_SUP_FLAG_ADD "AD" #define ADC_SUP_FLAG_REMOVE "RM" -#define ADC_CLIENT_TYPE_BOT "1" -#define ADC_CLIENT_TYPE_REGISTERED_USER "2" -#define ADC_CLIENT_TYPE_OPERATOR "4" +#define ADC_CLIENT_TYPE_BOT "1" +#define ADC_CLIENT_TYPE_REGISTERED_USER "2" +#define ADC_CLIENT_TYPE_OPERATOR "4" +#define ADC_CLIENT_TYPE_HUBBOT "5" /* 1 + 4 */ #define ADC_CLIENT_TYPE_SUPER_USER "12" /* 8 + 4 */ #define ADC_CLIENT_TYPE_ADMIN "20" /* 16 + 4 = hub owner */ #define ADC_CLIENT_TYPE_HUB "32" /* the hub itself */