sanity check operator vhosts

ergochat / ergo

A modern IRC server (daemon/ircd) written in Go.

https://ergo.chat/

MIT License

2.27k stars 180 forks source link

sanity check operator vhosts #1582

Open slingamn opened 3 years ago

slingamn commented 3 years ago

@mogad0n reported that you can set an invalid operator vhost. This should be rejected during config validation.

DanielOaks commented 3 years ago

I think 'invalid' in terms of oper vhosts should really just check for protocol-breaking characters and junk like @& etc - the 'host' part of nuh doesn't contain properly-formatted hostnames and hasn't for a long while now, and allowing flexibility when it comes to how opers show themselves on the network is alright I reckon (I think this issue came out of spaces being allowed, which like, yeah breaks absolutely everything oh no).

slingamn commented 3 years ago

Discussed, we will just check the protocolBreakingNameCharacters (,*?.!@:)

slingamn commented 3 years ago

@mogad0n points out accurately that . is not protocol-breaking in a hostname!