See Comments
On 5/26/2010 5:15 PM, Kobi Shmueli wrote:
Coca Cola wrote:
- +S should be available only for channel opers connected through SSL
(In a case of a new channel with one single chanoper).
I agree with that.
I don't get it. How did DALnet implement the +S channelmode? It sounds like they deviated from what everyone else to my knowledge does with this mode. We researched this heavily 5 or 6 years ago when we implemented it and.. back then there were not many SSL capable networks out there... less than a dozen for sure. To my knowledge, all that have implemented some form of SSL only user restriction have followed the same rules we followed. I think we may have gone just a bit further, but not by much. I need to look at it more in depth.... I am just very busy these days.
- +S should be available for use ONLY if ALL users in the channel are
connected through SSL.
How do you suggest we enforce that?
Easily. No SSL no join.
- Invites should NOT over-ride +S and if for any reason someone
non-ssl joins, S mode should be removed by the server.
I agree with the /invite part and I also think the +I list shouldn't bypass it either. As for the second part, I don't really see the point if servers will only allow SSL users to join.
The whole point for some of us coding +S into Bahamut with SSL was to prevent anyone NOT using SSL from joining the channel. -Period- There are a certain subset of users that want it that way, for whatever reasons.. not for me to decide. [on Freequest] when we created these modes it was simple.... if your NOT using SSL you are -NOT- getting in. The only exception to this was being an oper or a service. We were early adopters of SSL and had to learn all of this the hard way.
In short, I can't see what the point of having an SSL only channel mode (if this is what it is) that does not prevent non-SSL clients from joining. Hence the above question.... what did DALnet do differently from virtually everyone else?
- No exceptions/overrides for /samode. (Perhaps only ulines should
override it but at as far as i know ircservices at least "enforce" the mode and kicks out non-ssl users).
I disagree with that, /samode and /sajoin should be able to bypass these restrictions.
We never prevented this either, and because we want services/opers to chase into +S channels as well. Like it or not users do incredibly dumb things and opers/admins have to gain entry to stop whatever crap users are doing that are a detriment to the network or -other- networks.... be it flooding, operating botnets, etc. Disallowing this gives botnet operators a free ride... I can pretty much say for certain that it won't happen on any network... or let me put it this way - any network that is managed with anyone that has common sense. I have seen some stuff in my many, many years out here.
But, this is DALnet.. and you guys do what you will :) On another note, thanks for finally putting SSL support in..... makes life easier when merging back :) Although it does appear I have to fix some things still. -Mark
-Kobi. _______________________________________________ DALnet-src mailing list DALnet-src@lists.dal.net https://lists.dal.net/mailman/listinfo/dalnet-src