Move opername and privset storage to struct User, so it can exist for
remote opers.
On /oper and when bursting opers, send:
:foo OPER opername privset
which sets foo's opername and privset. The contents of the privset on
remote servers come from the remote server's config, so the potential
for confusion exists if these do not match.
If an oper's privset does not exist on a server that sees it, it will
complain, but create a placeholder privset. If the privset is created by
a rehash, this will be reflected properly.
/privs is udpated to take an optional argument, the server to query, and
is now local by default:
/privs [[nick_or_server] nick]
It's possible to have the oper:override privilege removed by /grant.
/grant triggers an empty umode change event to allow privileged umodes
to be set or removed, so checking for oper:override on all umode changes
(and not just ones where +o or +p is changed) allows us to remove +p
when necessary.
Reloading override previously would have the effect of cancelling +p
expiry. With this change, reloading the module just refreshes the
timers, so expiry is delayed a bit rather than forgotten entirely.
construct_umodebuf() can change the char->flag mapping (to restore an
orphaned mode). I don't love the use of a fake constant, so I think the
cleanest solution here is just to index user_modes with a macro for the
umode letter.
This change modifies extb_channel to allow matching users in secret
channels, which prevents trivial ban evasion by setting the target
channel +s. Information leak due to this change is unlikely since the
attacker would have to know that the target channel exists, the name of
the channel (or guess it), have a specific user they wanted to know
whether was in the channel (and not know already), and the target user
would need to have something like autojoin-on-invite enabled (or any of
the other various ways hostname cloaking is attacked).
This change modifies extb_channel to allow matching users in secret
channels, which prevents trivial ban evasion by setting the target
channel +s. Information leak due to this change is unlikely since the
attacker would have to know that the target channel exists, the name of
the channel (or guess it), have a specific user they wanted to know
whether was in the channel (and not know already), and the target user
would need to have something like autojoin-on-invite enabled (or any of
the other various ways hostname cloaking is attacked).
[ircd/match.c:316]: (error) Shifting a negative value is undefined behaviour
[librb/src/patricia.c:55]: (error) Shifting a negative value is undefined behaviour
[modules/m_alias.c:64]: (portability) '(void*)message' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[modules/m_time.c:111]: (warning) %u in format string (no. 9) requires 'unsigned int' but the argument type is 'signed int'.
[modules/m_time.c:111]: (warning) %u in format string (no. 10) requires 'unsigned int' but the argument type is 'signed int'.
[librb/src/dictionary.c:819]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[librb/src/radixtree.c:1080]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[ircd/s_user.c:351] -> [ircd/s_user.c:357]: (warning) Either the condition '0!=source_p' is redundant or there is possible null pointer dereference: source_p.
[extensions/ip_cloaking_3.0.c:109]: (warning, inconclusive) The buffer 'buf' may not be null-terminated after the call to strncpy().
[ircd/chmode.c:256]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_help.c:100]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_knock.c:169]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:628]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:727]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:601]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:704]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:739]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:763]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:768]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:774]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:781]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:786]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:791]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:804]: (style) Clarify calculation precedence for '&' and '?'.
[ircd/wsproc.c:372]: (style) Unused variable: len
[modules/core/m_modules.c:382]: (style) Unused variable: i
[modules/m_stats.c:741]: (style) Unused variable: amsg
[ircd/authproc.c:390]: (style) Unused variable: iter
[ircd/authproc.c:391]: (style) Unused variable: client_p
Using /dev/random for salt generation is pointless -- it can block, and
any extra randomness it would provide (which is debatable) is not needed,
as salts only need to be unique, not unpredictable.
Using /dev/random for salt generation is pointless -- it can block, and
any extra randomness it would provide (which is debatable) is not needed,
as salts only need to be unique, not unpredictable.
extb_usermode and extb_hostmask both use the same extban character
('m'), resulting in only one of the modules being usable (depending
on module load order) and neither one functioning if one of them
is unloaded.
This changes the character for extb_usermode from 'm' to 'u'.
[ci skip]
extb_usermode and extb_hostmask both use the same extban character
('m'), resulting in only one of the modules being usable (depending
on module load order) and neither one functioning if one of them
is unloaded.
This changes the character for extb_usermode from 'm' to 'u'.
[ci skip]
Also fix up some return values and stuff to use bool (or void if
nothing). I just did it whilst I was here.
According to jilles, the return value used to signify whether or not the
client had exited. This was error-prone and was fixed a long, long time
ago, but the return value was left int for historical reasons.
Since the return type is not used (and has no clear use case anyway),
it's safe to just get rid of it.
This module makes SSL required to join any channels except for ones specifically marked insecure.
It is meant to be used in a migration path away from plaintext IRC.
If +H is a separate umode and privilege, there is no reason to have
oper:hidden, which did not work properly anyway since it is not propagated
to other servers.
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls
Thanks Jilles!
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.
This change also fixes the compile when using --enable-assert=soft.