This allows restricting an oper account based on other data such
as TLS fingerprint or services account but without logging them in
automatically like autologin.
This introduces the concept of a real username. This value comes
from either the initial USER message or from an ident lookup. Doing
this allows us to use it for bans through vidents and cloaking web
client users using their remote username.
While changing this I also changed all of the uses of "ident" other
than RFC 1413 lookups and some compatibility cases to refer to
usernames as user(name) instead of ident. Our use of ident in these
places was incorrect as that only refers to the RFC 1413 response
and is not commonly used in the way we used it by any other IRC
server implementations.
- Move core connect class checks and <performance:clonesonconnect>
to the core_user module.
- Add pre-change and post-change events for when a connect class
changes.
- Split explicit class changing out into its own method.
- Remove the need to almost always call CheckClass after SetClass.
- Add use counting to the connect class instead of relying on the
shared_ptr use count.
- Promote autologin to a core concept with visibility in events.
- Replace the binary yes/no value with strict/relaxed/never. This
intentionally breaks v3 oper block autologin as admins will need
to review them for the security implications of the new behaviour.
The numerics we used previously were not being used according to
the RFC and every implementation has their own behaviour here which
makes it hard for clients to do anything reasonable. Instead of this
using the generic stats numeric makes a lot more sense.
- Allow overriding privileges from the <class> blocks in the <type>
and <oper> blocks.
- Separate oper types from oper accounts in the code. This enables
moving some core stuff out of the config tag later.
- Merge the config tags together to make a synthetic tag that can
have getXXX called on it instead of using getConfig and then
converting it.
- Move the details of Have*Permission into the oper type class.
- Improve oper events to allow modules to easily hook into the oper
system.
We previously referred to both session registration and user registration
as "registration" which is confusing for users who aren't familiar with
how IRC works.
This was part of a failed attempt to implement zero downtime
restarts in v3. This can be implemented in a better way but for
now its just slowing down build times so lets kill it.
