Rip out ns_access and related code.

This is wildly insecure and has been disabled by default for at
least a decade.

3 files changed, 10 insertions, 56 deletions

diff --git a/data/anope.example.conf b/data/anope.example.conf
index 3333f178b..93ae9c317 100644
--- a/data/anope.example.conf
+++ b/data/anope.example.conf
@@ -766,9 +766,9 @@ log
  *  memoserv/info                 - Can see any information with /MEMOSERV INFO
  *  memoserv/set-limit            - Can set the limit of max stored memos on any user and channel
  *  memoserv/no-limit             - Can send memos through limits and throttles
- *  nickserv/access               - Can modify other users access and certificate lists
  *  nickserv/alist                - Can see the channel access list of other users
  *  nickserv/auspex               - Can see any information with /NICKSERV INFO
+ *  nickserv/cert                 - Can modify other certificate lists
  *  nickserv/confirm              - Can confirm other users nicknames
  *  nickserv/drop                 - Can drop other users nicks
  *  nickserv/recover              - Can recover other users nicks
@@ -789,10 +789,10 @@ log
  *
  *   nickserv/getemail         nickserv/suspend       nickserv/ajoin           nickserv/list
  *
- *   nickserv/saset/autoop     nickserv/saset/email   nickserv/saset/greet     nickserv/saset/password
- *   nickserv/saset/display    nickserv/saset/kill    nickserv/saset/language  nickserv/saset/message
- *   nickserv/saset/private    nickserv/saset/secure  nickserv/saset/url       nickserv/saset/noexpire
- *   nickserv/saset/keepmodes  nickserv/saset/neverop
+ *   nickserv/saset/autoop   nickserv/saset/display    nickserv/saset/email    nickserv/saset/greet
+ *   nickserv/saset/kill     nickserv/saset/keepmodes  nickserv/saset/language  nickserv/saset/message
+ *   nickserv/saset/neverop  nickserv/saset/noexpire   nickserv/saset/password  nickserv/saset/private
+ *   nickserv/saset/url
  *
  *   hostserv/set            hostserv/del           hostserv/list
  *
diff --git a/data/chanserv.example.conf b/data/chanserv.example.conf
index b4ad0aad8..d9b218da2 100644
--- a/data/chanserv.example.conf
+++ b/data/chanserv.example.conf
@@ -76,8 +76,6 @@ module
 	 *                     access level or superior
 	 * -     cs_private: Hide the channel from ChanServ's LIST command
 	 * -     restricted: Kick/ban users who are restricted from the channel
-	 * -      cs_secure: Enable channel security, requiring the user to be identified with NickServ in
-	 *                     order to be considered for being on the access list of the channel
 	 * -      secureops: Only allow operator status to be given if the user is on the access list
 	 * -  securefounder: Only allow the real founder of the channel to drop the channel, change its
 	 *                     password, or change the founder or successor
@@ -93,10 +91,10 @@ module
 	 *                   to be a registered nick, otherwise the channel will be dropped.
 	 * -           none: No defaults
 	 *
-	 * This directive is optional, if left blank, the options will default to keeptopic, peace, cs_secure,
+	 * This directive is optional, if left blank, the options will default to keeptopic, peace,
 	 * securefounder, and signkick. If you really want no defaults, use "none" by itself as the option.
 	 */
-	defaults = "keeptopic peace cs_secure securefounder signkick"
+	defaults = "keeptopic peace securefounder signkick"
 
 	/*
 	 * The maximum number of channels which may be registered to a single nickname.
diff --git a/data/nickserv.example.conf b/data/nickserv.example.conf
index fee1003df..ddc9a8ca8 100644
--- a/data/nickserv.example.conf
+++ b/data/nickserv.example.conf
@@ -96,8 +96,6 @@ module
 	 *                    option and the killprotect option must be specified with this one
 	 * -    kill_immed: Kill nick immediately if not identified, this one overrides both the killprotect
 	 *                    and kill_quick options and the killprotect option must be specified with this one
-	 * -     ns_secure: Enable nickname security, requiring the nick's password before any operations
-	 *                    can be done on it
 	 * -    ns_private: Hide the nick from NickServ's LIST command
 	 * -    hide_email: Hide the nick's e-mail address from NickServ's INFO command
 	 * -     hide_mask: Hide the nick's last or current user@host from NickServ's INFO command
@@ -112,10 +110,10 @@ module
 	 *                  to be enabled as well
 	 * - ns_keep_modes: Enables keepmodes, which retains user modes across sessions
 	 *
-	 * This directive is optional, if left blank, the options will default to ns_secure, memo_signon, and
+	 * This directive is optional, if left blank, the options will default to memo_signon, and
 	 * memo_receive. If you really want no defaults, use "none" by itself as the option.
 	 */
-	defaults = "killprotect ns_secure ns_private hide_email hide_mask memo_signon memo_receive autoop"
+	defaults = "killprotect ns_private hide_email hide_mask memo_signon memo_receive autoop"
 
 	/*
 	 * The minimum length of time between consecutive uses of NickServ's REGISTER command. This
@@ -249,33 +247,6 @@ command_group
 command { service = "NickServ"; name = "HELP"; command = "generic/help"; }
 
 /*
- * ns_access
- *
- * Provides the command nickserv/access.
- *
- * Used for configuring what hosts have access to your account.
- */
-module
-{
-	name = "ns_access"
-
-	/*
-	 * The maximum number of entries allowed on a nickname's access list.
-	 * If not set, the default is 32. This number cannot be set to 0.
-	 */
-	accessmax = 32
-
-	/*
-	 * If set, Anope will add the usermask of registering users to the access list of their
-	 * newly created account. If not set, users will always have to identify to NickServ before
-	 * being recognized, unless they manually add an address to the access list of their account.
-	 * This directive is optional.
-	 */
-	addaccessonreg = no
-}
-command { service = "NickServ"; name = "ACCESS"; command = "nickserv/access"; }
-
-/*
  * ns_ajoin
  *
  * Provides the command nickserv/ajoin.
@@ -530,10 +501,9 @@ command { service = "NickServ"; name = "RESETPASS"; command = "nickserv/resetpas
  *   nickserv/set/kill, nickserv/saset/kill - Used for configuring nickname protection.
  *   nickserv/set/language, nickserv/saset/language - Used for configuring what language services use.
  *   nickserv/set/message, nickserv/saset/message - Used to configure how services send messages to you.
- *   nickserv/set/password, nickserv/saset/password  - Used for changing a users password.
- *   nickserv/set/secure, nickserv/saset/secure - Used for configuring whether a user can identify by simply being recognized by nickserv/access.
  *   nickserv/set/neverop, nickserv/saset/neverop - Used to configure whether a user can be added to access lists
  *   nickserv/saset/noexpire - Used for configuring noexpire, which prevents nicks from expiring.
+ *   nickserv/set/password, nickserv/saset/password  - Used for changing a users password.
  */
 module
 {
@@ -574,9 +544,6 @@ command { service = "NickServ"; name = "SASET MESSAGE"; command = "nickserv/sase
 command { service = "NickServ"; name = "SET PASSWORD"; command = "nickserv/set/password"; }
 command { service = "NickServ"; name = "SASET PASSWORD"; command = "nickserv/saset/password"; permission = "nickserv/saset/password"; }
 
-command { service = "NickServ"; name = "SET SECURE"; command = "nickserv/set/secure"; }
-command { service = "NickServ"; name = "SASET SECURE"; command = "nickserv/saset/secure"; permission = "nickserv/saset/secure"; }
-
 command { service = "NickServ"; name = "SET NEVEROP"; command = "nickserv/set/neverop"; }
 command { service = "NickServ"; name = "SASET NEVEROP"; command = "nickserv/saset/neverop"; permission = "nickserv/saset/neverop"; }
 
@@ -601,17 +568,6 @@ command { service = "NickServ"; name = "SASET URL"; command = "nickserv/saset/mi
 #command { service = "NickServ"; name = "SET MASTODON"; command = "nickserv/set/misc"; misc_description = _("Associate a Mastodon account with your account"); }
 #command { service = "NickServ"; name = "SASET MASTODON"; command = "nickserv/saset/misc"; misc_description = _("Associate a Mastodon account with this account"); permission = "nickserv/saset/mastodon"; group = "nickserv/admin"; }
 
-
-/*
- * ns_status
- *
- * Provides the nickserv/status command.
- *
- * Used to determine if a user is recognized or identified by services.
- */
-module { name = "ns_status" }
-command { service = "NickServ"; name = "STATUS"; command = "nickserv/status"; }
-
 /*
  * ns_suspend
  *