Commit graph

1905 commits

Author SHA1 Message Date
Alex Iadicicco
011e38be79 mkpasswd: Prompt for password twice 2014-04-04 16:46:44 -07:00
Douglas Freed
cea0689e80 Fix const qualifier on raw_mask
Fixes compilation warning about losing const qualifier in assignment to
non-const variable

(cherry picked from commit 6d9c3f50944e1da3bf3a1be6454f85d6d6f7ab37)
2014-03-09 19:13:25 +01:00
Jilles Tjoelker
0c5e50f430 Fix format string type mismatch in src/capability.c.
The type 'long' was correct on most machines but not according to the C
standard and Windows 64-bit.
2014-03-09 19:11:54 +01:00
Jilles Tjoelker
e3cb855407 Restore trailing whitespace in sqlite3 amalgamation.
Stripping the whitespace from the upstream-maintained sqlite3 code just
causes merge conflicts with no benefit.
2014-03-09 17:54:26 +01:00
Jilles Tjoelker
5457b10278 Fix fd leak if /dev/urandom can be opened but not read. 2014-03-09 14:54:45 +01:00
Jilles Tjoelker
72cc5a995f Add first cut at 3.5.0 NEWS. [ci skip] 2014-03-07 23:07:02 +01:00
Jilles Tjoelker
0894d18b87 blacklist: Make the snote more like the +c one. 2014-03-07 21:55:43 +01:00
William Pitcock
9e7c930672 Merge pull request #53 from ShadowNinja/clarify_U+R
Clarify UMODE +R help text
2014-03-06 09:59:37 -06:00
Keith Buck
48e409767f Add DNSBL snotes for snomask +r. 2014-03-05 08:12:22 +00:00
Jilles Tjoelker
0455e7a927 Remove snotes on +r about GET/PUT/POST commands.
The server notice "HTTP Proxy disconnected: [<user>@<host>]" is
confusing and not particularly useful.
2014-03-04 23:02:40 +01:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
Keith Buck
00533129dc s_conf: Don't leak log file paths when loading default conf
This change prevents the log file paths from being leaked when
rehashing. Additionally, fname_killlog was added to two places where it
was previously forgotten.
2014-03-03 04:12:07 +00:00
Keith Buck
010c4fbdc5 s_conf: Don't leak strings when loading default conf
This change prevents conf strings from being leaked when resetting the
conf to default prior to a rehash. Additionally, some default strings
are now rb_strdup'd into the ConfigFileEntry structure after loading the
conf so that they aren't allocated and then immediately freed by the
conf loading process.
2014-03-03 03:58:40 +00:00
Keith Buck
9e26f0008b libratbox openssl: Don't leak EC_KEY structures. 2014-03-03 01:43:33 +00:00
Keith Buck
023c36ae22 newconf.c: Remove end-of-line whitespace. 2014-03-03 01:43:33 +00:00
Keith Buck
e12981c028 conf parsing: Fix freeing section names upon section end. 2014-03-03 01:43:33 +00:00
Jilles Tjoelker
fea6157df0 Avoid possible null dereference. 2014-03-03 00:02:10 +01:00
Keith Buck
1d39324556 Fix a couple more string leaks. 2014-03-02 22:05:30 +00:00
Jilles Tjoelker
ee2d4c2d9d commio: Properly zero a struct msghdr.
This bug is probably not noticeable because all specified fields are
initialized later.
2014-03-02 22:12:19 +01:00
Jilles Tjoelker
e053adc87e commio: Explicitly ignore return value from setsockopt(TCP_DEFER_ACCEPT). 2014-03-02 22:09:08 +01:00
Jilles Tjoelker
f1709d5ac8 sslproc: Add missing break, still allowing zlib when ssl cannot be set up. 2014-03-02 21:58:38 +01:00
Jilles Tjoelker
0e717d8eb4 log_client_name: Remove MASK_IP case.
The MASK_IP case in log_client_name() was broken (because of a missing
break, it behaved as HIDE_IP). However, log_client_name() with MASK_IP
does not make sense anyway and is not used.
2014-03-02 21:54:29 +01:00
Jilles Tjoelker
b222b6a05a findforwards: Don't compare array to NULL as this is always true. 2014-03-02 21:47:36 +01:00
Jilles Tjoelker
40173bcbb3 listener: Move error messages to something visible by default.
If a listening port cannot be opened, send error messages to opers with
snomask +s and ircd.log, instead of snomask +d and the ioerror log, which
both are usually disabled.

Also, restore information about what listener is having problems. This
was lost when report_error() was replaced.
2014-03-01 19:05:55 +01:00
Jilles Tjoelker
4229cef34c doc/extban: Correct description of EXTBAN token in 005.
The change from EXTBAN=$:<types> to EXTBAN=$,<types> was made later on
and the documentation was not adjusted.
2014-03-01 18:16:40 +01:00
Keith Buck
dceac3e4fb conf parsing: Fix memory leaks and clean up code a bit.
Charybdis currently leaks about 45-50k per configuration parse,
including every rehash. This change plugs these leaks by properly
iterating through all conf_parm_t structures to seek all strings that
should be freed and also by freeing the conf_parm_t structures
themselves.

These leaks have been present since the original rewrite of the
configuration parsing system in ircd-ratbox r11953.

Additionally, this change also cleans up and documents the parsing code
a bit.
2014-02-28 17:35:51 +00:00
Jilles Tjoelker
e8cfec47c6 ircd_parser: Fix whitespace errors. 2014-02-28 15:51:52 +01:00
Jilles Tjoelker
299e25a630 SIGNON: Do not send uninitialized data if login name starts with '*'. 2014-02-28 15:48:07 +01:00
Jilles Tjoelker
6993ae2760 libratbox: Abort if the restart callback returns. 2014-02-28 00:53:13 +01:00
Jilles Tjoelker
f76ca17848 stats c: Simplify construction of flags string.
Perhaps this avoids false positives in static analysis.
2014-02-24 00:10:42 +01:00
Jilles Tjoelker
3cbcc11195 commio: Add error string for SSL trouble. 2014-02-24 00:06:19 +01:00
Jilles Tjoelker
a1f7ec5be0 server: Use rb_strlcpy() instead of strcpy().
An overflow should be impossible here, but be paranoid.
2014-02-24 00:04:11 +01:00
Jilles Tjoelker
26c6ac3dc7 Simplify module path list, removing strcpy use. 2014-02-23 23:47:27 +01:00
Jilles Tjoelker
b84e58f905 Fix use after free. 2014-02-23 23:46:57 +01:00
Jilles Tjoelker
12edf3e3d2 conf: Remove dead store. 2014-02-23 23:04:52 +01:00
Jilles Tjoelker
77910830e3 Fix various printf arg types. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
29c451d0ce part: Fix constness issue with part hook. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
a9f1281448 modlist: Fix address display on 64-bit systems. 2014-02-23 22:55:40 +01:00
Jilles Tjoelker
1e170010e7 modules: Fix bad sizeofs. 2014-02-23 22:39:42 +01:00
Jilles Tjoelker
5ef68b1398 Replace double semicolons with single; place null statement on its own line.
No functional change is intended.
2014-02-23 22:23:34 +01:00
Jilles Tjoelker
43f45e81fb conf: Do not leak memory when modules::module is already loaded. 2014-02-23 22:20:43 +01:00
Jilles Tjoelker
f9960c0262 extensions/mkpasswd: Do not leak /dev/random fd. 2014-02-23 22:18:44 +01:00
Jilles Tjoelker
899b05d387 balloc: Fix memory leak when get_block() fails. 2014-02-23 22:14:47 +01:00
Jilles Tjoelker
e3a3eb92a4 bantool: Close .conf files when done reading.
Not very many files are read, so leaving them open is not a major issue.
2014-02-23 22:10:34 +01:00
Jilles Tjoelker
a6b29d3ed4 extensions/roleplay: Fix memory leak on every use. 2014-02-23 22:01:04 +01:00
Jilles Tjoelker
b45b2daef9 startup: Check return value of open /dev/null. Don't fclose stdin/stdout/stderr.
Open /dev/null for standard fds earlier, so a failure can be reported.
Do not fclose stdin/stdout/stderr but just overwrite the fds with
/dev/null.
2014-02-23 21:51:19 +01:00
Jilles Tjoelker
0391874cc7 webirc: Check validity of given IP. 2014-02-23 21:14:09 +01:00
Jilles Tjoelker
a5de4edefd doc/ts6-protocol: Document ETB message (EOPMOD capab). 2014-02-22 17:45:42 +01:00
Jilles Tjoelker
8a4b837775 m_services: Make sure to return a value from the modinit function. 2014-02-22 17:45:42 +01:00
Keith Buck
784ce5c1cc Remove SSL_OP_NO_COMPRESSION from openssl initialization.
SSL_OP_NO_COMPRESSION was presumably added in an attempt to prevent
information leakage in a manner similar to recent attacks on HTTPS.
However, assuming that IRC is vulnerable to the same class of attacks is
incorrect: the behavior of the IRC protocol (a single long-running
connection) is not the same as that of HTTPS (multiple ephemeral
connections). HTTPS's use of ephemeral connections means that certain
assumptions can be made about the contents of the compression
algorithm's dictionaries and the content exchanged between the client
and server (e.g. the content being nearly the same for each connection),
which is not true for IRC. Additionally, they rely on the attacker being
able to coerce the client into creating many HTTPS connections (and
resending some secret token belonging to the user, along with
attacker-controlled data) each time, none of which is possible with IRC.
Lastly, since compression is no longer performed, this option will
result in leaking the lengths of messages transmitted to and from the
client. This option does reduce CPU utilization on Charybdis servers but
also increases bandwidth consumed.
2014-02-21 09:17:29 +00:00