New configuration option "Mask" for [Operator] sections to limit OPER command.

3 files changed, 32 insertions, 6 deletions

diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c
index 17090d8a..312ebff9 100644
--- a/src/ngircd/conf.c
+++ b/src/ngircd/conf.c
@@ -14,7 +14,7 @@
 
 #include "portab.h"
 
-static char UNUSED id[] = "$Id: conf.c,v 1.68 2005/02/04 14:24:21 alex Exp $";
+static char UNUSED id[] = "$Id: conf.c,v 1.69 2005/03/02 16:07:31 alex Exp $";
 
 #include "imp.h"
 #include <assert.h>
@@ -158,6 +158,7 @@ Conf_Test( VOID )
 		puts( "[OPERATOR]" );
 		printf( "  Name = %s\n", Conf_Oper[i].name );
 		printf( "  Password = %s\n", Conf_Oper[i].pwd );
+		if ( Conf_Oper[i].mask ) printf( "  Mask = %s\n", Conf_Oper[i].mask );
 		puts( "" );
 	}
 
@@ -466,8 +467,12 @@ Read_Config( VOID )
 				else
 				{
 					/* Initialize new operator structure */
-					strcpy( Conf_Oper[Conf_Oper_Count].name, "" );
-					strcpy( Conf_Oper[Conf_Oper_Count].pwd, "" );
+					Conf_Oper[Conf_Oper_Count].name[0] = '\0';
+					Conf_Oper[Conf_Oper_Count].pwd[0] = '\0';
+					if (Conf_Oper[Conf_Oper_Count].mask) {
+						free(Conf_Oper[Conf_Oper_Count].mask );
+						Conf_Oper[Conf_Oper_Count].mask = NULL;
+					}
 					Conf_Oper_Count++;
 				}
 				continue;
@@ -782,6 +787,7 @@ Handle_GLOBAL( INT Line, CHAR *Var, CHAR *Arg )
 LOCAL VOID
 Handle_OPERATOR( INT Line, CHAR *Var, CHAR *Arg )
 {
+	unsigned int len;
 	assert( Line > 0 );
 	assert( Var != NULL );
 	assert( Arg != NULL );
@@ -799,7 +805,19 @@ Handle_OPERATOR( INT Line, CHAR *Var, CHAR *Arg )
 		if( strlcpy( Conf_Oper[Conf_Oper_Count - 1].pwd, Arg, sizeof( Conf_Oper[Conf_Oper_Count - 1].pwd )) >= sizeof( Conf_Oper[Conf_Oper_Count - 1].pwd )) Config_Error_TooLong( Line, Var );
 		return;
 	}
-	
+	if( strcasecmp( Var, "Mask" ) == 0 )
+	{
+		if (Conf_Oper[Conf_Oper_Count - 1].mask) return; /* Hostname already configured */
+		len = strlen( Arg ) + 1;
+		Conf_Oper[Conf_Oper_Count - 1].mask = malloc( len );
+		if (! Conf_Oper[Conf_Oper_Count - 1].mask) {
+			Config_Error( LOG_ERR, "%s, line %d: Cannot allocate memory for operator mask: %s", NGIRCd_ConfFile, Line, strerror(errno) );
+			return;
+		}
+
+		strlcpy( Conf_Oper[Conf_Oper_Count - 1].mask, Arg, len);
+		return;
+	}
 	Config_Error( LOG_ERR, "%s, line %d (section \"Operator\"): Unknown variable \"%s\"!", NGIRCd_ConfFile, Line, Var );
 } /* Handle_OPERATOR */
 
diff --git a/src/ngircd/conf.h b/src/ngircd/conf.h
index 93c8ebf0..3c180160 100644
--- a/src/ngircd/conf.h
+++ b/src/ngircd/conf.h
@@ -8,7 +8,7 @@
  * (at your option) any later version.
  * Please read the file COPYING, README and AUTHORS for more information.
  *
- * $Id: conf.h,v 1.30 2005/02/04 14:24:21 alex Exp $
+ * $Id: conf.h,v 1.31 2005/03/02 16:07:31 alex Exp $
  *
  * Configuration management (header)
  */
@@ -26,6 +26,7 @@ typedef struct _Conf_Oper
 {
 	CHAR name[CLIENT_PASS_LEN];	/* Name (ID) of IRC operator */
 	CHAR pwd[CLIENT_PASS_LEN];	/* Password */
+	char *mask;
 } CONF_OPER;
 
 typedef struct _Conf_Server
diff --git a/src/ngircd/irc-oper.c b/src/ngircd/irc-oper.c
index a113f179..f1824c9b 100644
--- a/src/ngircd/irc-oper.c
+++ b/src/ngircd/irc-oper.c
@@ -14,7 +14,7 @@
 
 #include "portab.h"
 
-static char UNUSED id[] = "$Id: irc-oper.c,v 1.17 2002/12/31 16:10:55 alex Exp $";
+static char UNUSED id[] = "$Id: irc-oper.c,v 1.18 2005/03/02 16:07:31 alex Exp $";
 
 #include "imp.h"
 #include <assert.h>
@@ -65,6 +65,13 @@ IRC_OPER( CLIENT *Client, REQUEST *Req )
 		return IRC_WriteStrClient( Client, ERR_PASSWDMISMATCH_MSG, Client_ID( Client ));
 	}
 
+	/* Authorized Mask? */
+	if( Conf_Oper[i].mask && (! Match( Conf_Oper[i].mask, Client_Mask( Client ) ))) {
+		Log( LOG_WARNING, "Rejected valid OPER for \"%s\": Mask mismatch (got: \"%s\", want: \"%s\")!", Conf_Oper[i].name, Client_Mask( Client ), Conf_Oper[i].mask );
+		return IRC_WriteStrClient( Client, ERR_PASSWDMISMATCH_MSG, Client_ID( Client ));
+	}
+
+
 	if( ! Client_HasMode( Client, 'o' ))
 	{
 		/* noch kein o-Mode gesetzt */