Commit graph

3929 commits

Author SHA1 Message Date
Aaron Jones
1e7342d0f4
[mbedtls] Various fixes and improvements
* Move certificate, key, DH parameters and configuration to heap
  (Documentation states that setting new configuration, e.g.
   during a rehash, is unsupported while connections using that
   configuration are active)

  This is the same approach as the fix for #186

  Refcount these structures so as to not introduce a memory leak

  On rehash, it will use new structures only if there are no
  errors in constructing them

* Make fingerprint generation work for TLS connections

  See the comments in the newly created file for an explanation

* Fix memory leak when generating a fingerprint from a file

* Add better error-reporting (strings in addition to numbers)
  where possible

* Coalesce several connection memory allocations into one function

* Reduce boilerplate where possible (Charybdis targets C99)

* Support private key being in certificate file, and having no
  DH parameters file

* Correct erroneous closing comment
2016-05-05 03:47:57 +00:00
Aaron Jones
c40eede13b
[TLS Backends] Make version strings more useful and consistent 2016-05-05 03:47:46 +00:00
Aaron Jones
0fe9dd4119
[TLS Backends] Allow absense of private key file
Use the certificate file instead
2016-05-05 03:47:33 +00:00
Aaron Jones
4d83a4d92d
[sslproc] Allow absense of private key file
Backends can then assume that the private key is in the certificate file
2016-05-05 03:47:18 +00:00
Aaron Jones
f831e92603
Fix possible crash when DH parameters are not provided
This has ssld calling strlen() on a NULL value

[ci ckip]
2016-05-03 17:49:00 +00:00
Simon Arlott
da20854e83
random_ping: stop producing negative values that become 16 chars 2016-05-02 21:14:16 +01:00
Simon Arlott
84d0b55e76
authd: fix reference far off the end of the array on shutdown
When authd has no more input it tries to reject all current clients with
an id of UINT32_MAX.
2016-05-01 11:51:07 +01:00
Simon Arlott
2f598dacdd
authd: remove unused variable id from accept_client 2016-05-01 11:51:06 +01:00
Simon Arlott
075d4d569e
authd: allocate the correct size of auth_client_data
If there are holes in the auth_providers ID numbers, the array allocated
based on list length won't be large enough to handle all the IDs.

(auth->data could be converted to a dlink_list)
2016-05-01 11:51:05 +01:00
Simon Arlott
a5f52774bb
authd: Only use refcount for reference counting
Use providers_active for provider activity tracking.
2016-05-01 11:31:05 +01:00
Simon Arlott
2392770f4d
authd: fix auth->cid type sizes
* long is too small on 32-bit systems, use unsigned long long if we want
  to check for out of range values
* UINT32_MAX is a valid cid, and 0 isn't
* make auth->cid a uint32_t not uint16_t
2016-05-01 11:12:34 +01:00
Simon Arlott
a4da4fe574
authd: fix memory leak in start_auth 2016-05-01 10:59:22 +01:00
Simon Arlott
9f928dc532
authd: don't call cancel_providers recursively
Also check that they haven't been cancelled while starting up.
2016-05-01 10:53:34 +01:00
Simon Arlott
d955cd9f97
authd: use a list for auth_providers
We only need to iterate over this small fixed size list, so
dictionary iteration will be less efficient.
2016-05-01 10:49:12 +01:00
Elizabeth Myers
f4d828ef96 m_alias: restore old behaviour of joining all parameters.
There are two important caveats here, however:

1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.
2016-05-01 03:48:00 -05:00
William Pitcock
998b6ec513 stage for charybdis 4-beta1. 2016-04-30 19:58:14 -05:00
William Pitcock
9cd0063a2c librb: fix commio build on win32 2016-04-30 19:33:31 -05:00
William Pitcock
b585278b32 authd: provider: make refcounting system less fragile 2016-04-30 19:26:02 -05:00
William Pitcock
a71b65b15c Revert "authd: change to lists instead of dictionaries for various things"
This reverts commit 49fd293f20.
2016-04-30 19:20:12 -05:00
Aaron Jones
92404a1a98
[openssl] Forward-port some more cleanups from fixes to 3.5 2016-04-30 21:45:16 +00:00
Simon Arlott
3b0b4037d0
authd: don't decrement refcount twice when accepting the client 2016-04-30 17:06:21 +01:00
Simon Arlott
896370cc3e
m_stats: don't try to access bl_stats if it doesn't exist 2016-04-30 13:18:48 +01:00
Simon Arlott
3c5f720c6f
authd_check: don't try to update bl_stats if it doesn't exist
This can happen if all the blacklists are removed and then authd
sends a blacklisted response for a client.
2016-04-30 13:18:06 +01:00
Simon Arlott
4573f8f2fb
authproc: don't try to delete bl_stats if it hasn't been created 2016-04-30 13:11:06 +01:00
Simon Arlott
8a29e7cd1e
librb: shutdown() listening sockets pending close() so that listeners can be reopened reliably 2016-04-30 11:36:28 +01:00
Elizabeth Myers
c767c58b2a
opm: use rb_dlinkDelete instead of rb_dlinkFindDelete. 2016-04-30 01:59:05 -05:00
Elizabeth Myers
49fd293f20
authd: change to lists instead of dictionaries for various things
Iteration is the primary thing done on these, so using a dictionary
doesn't help a lot. Furthermore (and most importantly), they are not
safe to delete from.
2016-04-30 01:59:05 -05:00
William Pitcock
d71787ab69 librb: rb_path_to_self(): use sysctl(2) interface on freebsd/dragonfly 2016-04-30 01:19:08 -05:00
Elizabeth Myers
e7c4ecd5b1
authproc: don't delete during iteration, this is not safe. 2016-04-30 01:11:56 -05:00
William Pitcock
a2bfe0f88e librb: linebuf: don't reinvent rb_dlinkAddTailAlloc(). 2016-04-30 00:59:08 -05:00
Elizabeth Myers
9f7f75295c
authd: don't try to do anything on exit, it's too precarious 2016-04-30 00:46:18 -05:00
William Pitcock
5a775221d2 tools: fix stub rb_strcasecmp() build 2016-04-29 19:52:19 -05:00
William Pitcock
b5f3e5e5e8 ircd: Channel.bants is not a serial but a timestamp.
Previously, the IRCd would increment bants instead of resyncing the timestamp, causing the potential of
false negatives from the bancache system.
2016-04-29 18:59:32 -05:00
Simon Arlott
ff0414c856 librb: close FDs when they're freed (outside of select handler) 2016-04-29 16:19:08 -05:00
Aaron Jones
fed4fc59bc
Mention another RFC with regard to deprecating plaintext 2016-04-29 16:28:18 +00:00
Aaron Jones
cf12678be5
[openssl] More improvements to the backend
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes #186)
* Don't try to set options / ciphers etc on a NULL CTX
* Clean up ifdef indentation
* Fix DH parameters memory leak
2016-04-29 16:26:52 +00:00
Simon Arlott
f9014791da
openssl: set ciphers on client connections too 2016-04-29 07:42:12 +01:00
Simon Arlott
1cdf323be9
sslproc: don't send updated config to dead/shutdown sslds
They might be running older versions of the SSL library that
doesn't support the key type or ciphers being configured.
2016-04-29 07:35:43 +01:00
Simon Arlott
036cafaaaf
sslproc: reset ssld_wait/spin_count when explicitly requested to restart ssld 2016-04-28 22:25:36 +01:00
Aaron Jones
6a7ea191a7
[mbedtls] correct printf argument count
[ci skip]
2016-04-27 22:11:19 +00:00
Aaron Jones
b28c26d965
Partially revert previous commit
The OpenSSL backend is the only one that assigns a non-constant
value to the length variable. Use the correct type for its
pointer and cast instead.

[ci skip]
2016-04-27 21:49:55 +00:00
Aaron Jones
e3760ba710
[TLS backends] Miscellaneous fixes
* Certificate fingerprint length functions return an "int", so use an
  int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
2016-04-27 21:45:19 +00:00
Simon Arlott
d6acb43769
openssl: don't allow certificates outside the validity period 2016-04-27 22:03:49 +01:00
Simon Arlott
c53b6ef2cc
epoll: don't try to read from closed FDs 2016-04-27 21:16:29 +01:00
Aaron Jones
b1f0549361
[openssl] support ECDHE on more than one curve when possible 2016-04-27 16:17:33 +00:00
Simon Arlott
f590c59d5c
mkfingerprint: use certfp method names from certfp.h 2016-04-26 20:58:16 +01:00
Simon Arlott
0346918701
add mkfingerprint program 2016-04-26 20:49:03 +01:00
Simon Arlott
f018ed844d
certfp: Move method name/prefix strings to a separate header file 2016-04-26 20:33:18 +01:00
Simon Arlott
31646e89ba
librb: gnutls: check return value of fread() 2016-04-26 20:33:17 +01:00
Simon Arlott
7380ded584
ircd.conf.example: use certfp_method = spki_sha256
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate
are really impractical and people need to stop using them.
2016-04-25 23:52:18 +01:00