View Issue Details

IDProjectCategoryView StatusLast Update
0005134unrealircdpublic2018-09-09 17:52
ReportercapitaineAssigned Tosyzop 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version4.0.18 
Target VersionFixed in Version4.2.0 
Summary0005134: Chanmode +z can't be overriden
DescriptionWe have a +z channel but a bot couldn't join it, no matter the configuration.
With or without /invite and /sajoin

Only a successful scenario : when another ircop invite the bot and the bot is netadmin-with-override

But a netadmin-with-override alone cannot /invite or /sajoin himself to the chan.
Steps To Reproducejoin :#testers
:foo.chat 489 test #testers :Cannot join channel (SSL is required)


oper bb :qwe123
:test MODE test :+os
:foo.chat 008 test +kcfvGqSsob :Server notice mask
:foo.chat 381 test :You are now an IRC Operator
:foo.chat 375 test :- foo.chat Message of the Day -
:foo.chat 372 test :- IRC Operator Message of the Day
:foo.chat 372 test :- !
:foo.chat 376 test :End of /MOTD command.
:foo.services NOTICE test :from OperServ: USERS: test!test@localhost is now an IRC operator.


join :#testers
:foo.chat 489 test #testers :Cannot join channel (SSL is required)


whois :test
:foo.chat 311 test test test foo-CD2727B1 * :Tester
:foo.chat 379 test test :is using modes +owsxp +kcfvGqSsob
:foo.chat 378 test test :is connecting from *@localhost 127.0.0.1
:foo.chat 312 test test foo.chat :www.example.com
:foo.chat 313 test test :is an IRC Operator (bb) [bobot]
:foo.chat 317 test test 32 1534430145 :seconds idle, signon time
:foo.chat 318 test test :End of /WHOIS list.

invite test :#testers

join :#testers
:foo.chat 489 test #testers :Cannot join channel (SSL is required)


sajoin test :#testers
:foo.chat NOTICE test :You cannot SAJOIN test to #testers because the channel is +z and the user is not connected via SSL
Additional InformationConfiguration :

operclass bobot
{
    parent netadmin-with-override;
    privileges
    {
        override:secure;
        immune:secureonly;
    };
};

oper bb
{
    mask 127.0.0.1;
    password "qwe123";
    class clients;
    operclass bobot;
    maxlogins 1;
};
TagsNo tags attached.
3rd party modules

Activities

syzop

2018-09-09 17:24

administrator   ~0020308

Last edited: 2018-09-09 17:25

View 2 revisions

I don't think SAJOIN should walk through it: it could be unintended and setting -z/-Z is quite major.

But... self-invite/override should allow you to walk through it so not doing that is a bug. (It will then set mode -Z)
If I'm not mistaken this used to work, so must have been broken by some commit, possibly quite a while ago..

syzop

2018-09-09 17:51

administrator   ~0020310

Ok, I think I found a solution. It isn't perfect as it may also be triggered by invites not initiated by yourself, but it works well enough I think.

Result is expected in the override case:

:maintest.test.net NOTICE hai :*** OperOverride -- op (x@localhost) invited him/herself into #test (overriding +z).
:op!x@netadmin.test.net JOIN :#test
:maintest.test.net NOTICE #test :User 'op' joined and is not connected through SSL, setting channel -Z (insecure)
:maintest.test.net MODE #test -Z

Thanks for the report.

syzop

2018-09-09 17:52

administrator   ~0020311

https://github.com/unrealircd/unrealircd/commit/5445a009a3c126a32b2046e28535b13548cb949c

commit 5445a009a3c126a32b2046e28535b13548cb949c (HEAD -> unreal40, origin/unreal40, origin/HEAD)
Author: Bram Matthys <syzop@vulnscan.org>
Date: Sun Sep 9 17:49:32 2018 +0200

    Fix bug preventing (insecure) IRCops from overriding +z.
    Reported by capitaine in https://bugs.unrealircd.org/view.php?id=5134

Issue History

Date Modified Username Field Change
2018-08-16 17:06 capitaine New Issue
2018-09-09 17:24 syzop Note Added: 0020308
2018-09-09 17:25 syzop Note Edited: 0020308 View Revisions
2018-09-09 17:25 syzop Assigned To => syzop
2018-09-09 17:25 syzop Status new => acknowledged
2018-09-09 17:51 syzop Status acknowledged => resolved
2018-09-09 17:51 syzop Resolution open => fixed
2018-09-09 17:51 syzop Fixed in Version => 4.2.0
2018-09-09 17:51 syzop Note Added: 0020310
2018-09-09 17:52 syzop Note Added: 0020311