m_cap.c: Do not allow CAP ACK to set prohibited caps, or clear sticky ones.

Thanks to Michael Wobst from the ircd-hybrid team for reporting this.

diff --git a/ircd/m_cap.c b/ircd/m_cap.c
index 2443c42f714d9f0046b470f9b177234e359b4717..a2cc79947d45ba41f0a1719a183685c6edc64002 100644 (file)
--- a/ircd/m_cap.c
+++ b/ircd/m_cap.c
@@ -260,10 +260,15 @@ cap_ack(struct Client *sptr, const char *caplist)
        (neg ? HasCap(sptr, cap->cap) : !HasCap(sptr, cap->cap))) /* uh... */
       continue;
 
-    if (neg) /* set or clear the active capability... */
+    if (neg) { /* set or clear the active capability... */
+      if (cap->flags & CAPFL_STICKY)
+        continue; /* but don't clear sticky capabilities */
       CapClr(cli_active(sptr), cap->cap);
-    else
+    } else {
+      if (cap->flags & CAPFL_PROHIBIT)
+        continue; /* and don't set prohibited ones */
       CapSet(cli_active(sptr), cap->cap);
+    }
   }
 
   return 0;