Ed Kellett
fff4f76353
Add general::tls_ciphers_oper_only
2020-07-05 23:06:51 +01:00
Mike Quin
09bb659680
add @ prefix to op-moderated (+z) messages to distinguish them from regular channel traffic
2020-07-05 19:09:47 +01:00
Ed Kellett
4e14f9a413
m_alias: Preserve protocol framing characters
2020-07-05 01:15:03 +01:00
Aaron Jones
f598ba3857
ircd/modules.c: complain to foreground if unable to locate module
...
Without this a conftest user has no idea whether the module path
is correct or not.
[ci skip]
2020-07-04 02:14:33 +00:00
Doug Freed
eed4099e07
Actually use modules' declared hook priorities
2020-07-01 19:43:48 +00:00
Ariadne Conill
968dee680f
modularize usermode +R (registered users only)
2020-06-26 11:56:42 -06:00
Aaron Jones
54a7996604
Merge pull request #328 from edk0/capability-put-ownerdata
...
capability: accept new ownerdata for existing caps
2020-06-25 17:35:44 +00:00
Aaron Jones
17dc265c9d
Merge pull request #329 from edk0/reload-by-path
...
Reload modules by path
2020-06-25 17:32:58 +00:00
Aaron Jones
3ef1213be4
Merge pull request #335 from edk0/post-registration-delay
...
Import post_registration_delay from ircd-seven
2020-06-21 12:56:56 +00:00
Aaron Jones
03c167e03b
Merge pull request #330 from edk0/caps-before-init
...
modules: create caps before mapi_register()
2020-06-10 15:03:57 +00:00
Aaron Jones
64e6d3b9cd
Merge pull request #321 from edk0/hook-priorities
...
Simple hook priority system
2020-06-10 14:49:59 +00:00
Ed Kellett
4a8df5edc5
ircd_parser: free the ends of ranges after use
2020-06-07 23:33:59 +01:00
Stephen Bennett
b3a0099139
Rename connect_delay to post_registration_delay. This matches the ircd-ratbox feature, and better describes what it actually is. Also make sure to set localClient->firsttime on registration, so that the delay counts from the right time.
2020-06-07 19:22:36 +01:00
Stephen Bennett
2d6562846f
Initial attempt at the conndelay hack
2020-06-07 19:22:36 +01:00
Ed Kellett
33c0142671
modules: create caps before mapi_register()
2020-06-02 18:35:50 +01:00
Ed Kellett
df7e3dabce
Reload modules by path
2020-06-02 16:17:26 +01:00
Ed Kellett
1e221ac32e
capability: accept new ownerdata for existing caps
2020-06-02 16:14:27 +01:00
Ed Kellett
c6b2dacad4
hook: Use old insertion order for equal priority
2020-05-01 22:22:32 +01:00
Ed Kellett
c500b0bdb5
Add priorities to some hooks
2020-05-01 17:47:14 +01:00
Ed Kellett
91b1278224
Implement hook priorities
2020-05-01 17:44:15 +01:00
Ed Kellett
40e76ac76c
Handle kline_spoof_ip in check_one_kline
2020-04-20 11:10:39 +01:00
Ed Kellett
67e05d5b67
Add an iline flag to match klines by spoof only
2020-04-20 11:10:39 +01:00
Aaron Jones
2c11ccb99e
Merge pull request #313 from edk0/spoof-chban
...
Don't match iline-spoofed IPs for channel bans
2020-04-19 12:11:19 +00:00
Ed Kellett
485d245ec0
Add ipv4-in-ipv6 logic to check_one_kline
2020-04-19 11:53:38 +01:00
Ed Kellett
9274c0f3f4
Align check_one_kline better with find_kline
2020-04-19 11:53:38 +01:00
Ed Kellett
de0673d7ad
Move ipv4-in-ipv6 handling to find_conf_by_address
...
This removes some inconsistencies: first of all it applies to both
CONF_KILL searches by IP in find_address_conf, and secondly it applies
to find_kline, which would have been an edge case before.
2020-04-19 11:53:38 +01:00
Ed Kellett
f53d2f45de
Refactor check_one_kline a tiny bit
2020-04-19 01:45:33 +01:00
Ed Kellett
55ed78dab1
Don't match iline-spoofed IPs for channel bans
2020-04-12 12:35:18 +01:00
Ed Kellett
a7d4a0ab81
Centralise banmask matching logic
2020-04-12 12:35:18 +01:00
Ed Kellett
6cd12661af
reject: reorder to avoid leaks
2020-01-03 17:07:25 +00:00
Ed Kellett
b9c43bc08a
reject: Don't reject for expired K-lines
2020-01-03 16:24:36 +00:00
Aaron Jones
28e12fad3c
Merge pull request #297 from bmwiedemann/date
...
Set EXTERNAL_BUILD_TIMESTAMP from SOURCE_DATE_EPOCH
2020-01-02 20:29:13 +00:00
Aaron Jones
1a7927bb87
Merge pull request #303 from edk0/modreload-uaf
...
modules: fix use-after-free when reloading
2020-01-02 17:24:44 +00:00
Ed Kellett
6aa5c725ff
modules: fix use-after-free when reloading
2020-01-02 16:45:15 +00:00
Ed Kellett
0a7faba63d
Remove from the list of propagated bans on expiry
...
Fixes a use-after-free introduced in 548e31d3b
, which fixed a related
use-after-free introduced in a9536f755
.
2020-01-02 00:03:06 +00:00
Ed Kellett
548e31d3bd
Fix a place aconfs could be freed while referenced
...
(not a bug until a9536f755
since bans were not referenced before)
2020-01-01 08:51:53 +00:00
Aaron Jones
5eb10743f9
Merge pull request #299 from edk0/tkline-reason
...
Add config option to hide durations of temporary K/D-lines
2019-12-31 08:00:24 +00:00
Ed Kellett
9914c013b4
Add general::hide_tkdline_duration
2019-12-31 01:56:01 +00:00
Ed Kellett
a9536f755c
reject: Remember and send reasons for rejections
...
rejectcache entries can now use either a K-line aconf or a static
string as a reason. This will be sent in a 465 numeric before the usual
ERROR. In the case of K-lines, it resembles the 465 you would have been
sent without being rejected:
; nc -s 127.6.6.6 127.0.0.1 5000
:staberinde.local 465 * :You are banned from this server- Temporary
K-line 4320 min. - abc123 (2019/12/31 01.07)
ERROR :Closing Link: (*** Banned (cache))
; nc -s 127.128.0.0 127.0.0.1 5000
:staberinde.local 465 * :You are not authorised to use this server.
ERROR :Closing Link: (*** Banned (cache))
2019-12-31 01:35:31 +00:00
Bernhard M. Wiedemann
1b0319448c
Set EXTERNAL_BUILD_TIMESTAMP from SOURCE_DATE_EPOCH
...
to make the package build reproducible by default without
everyone having to discover the custom variable.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
This code assigns the plain integer to keep the code simple.
Otherwise we would have to deal with differences between GNU date
and BSD date or include extra build deps like perl or python.
2019-12-06 18:32:46 +01:00
Ed Kellett
7b6410135b
m_modules: make modreload work like restart
...
/modrestart used to be implemented as a normal command and could crash
when used remotely because it would reload m_encap, which was on the
call stack at the time. This was fixed in 41390bfe5f
. However,
/modreload has exactly the same problem, so I'm giving it the
same treatment.
Incidentally: This bug was first discovered in ircd-seven, where the
`/mod*` commands themselves live in the core, so m_encap was the only way
the crash could happen (and it didn't most of the time, because m_encap
would only be moved if you got unlucky). But `/mod*` are in modules in
charybdis, so /modrestart would have unloaded the code it was in the
middle of executing. With that in mind, I'm not sure how it ever
appeared to work.
2019-11-17 18:01:51 +00:00
Aaron Jones
a52d84f723
Merge pull request #293 from edk0/webirc
...
m_webirc: improve TLS handling
2019-10-22 16:17:33 +00:00
Ed Kellett
d6c813780f
m_webirc: respect ircv3's secure
option
2019-10-20 18:17:34 +01:00
Ed Kellett
c4e6888ef7
Recheck umodes for opers after rehash
2019-10-06 21:56:13 +01:00
Simon Arlott
e52893db93
Fix GCC 8 compiler warnings
2019-09-15 10:57:53 +01:00
Simon Arlott
b3a987ed15
ircd: Use a larger buffer for ilog() buf2
2019-09-15 10:41:33 +01:00
Simon Arlott
e89a399f94
ircd: Zero out the global_client_list
...
Otherwise we unconditionally add "me" to it twice in some unit tests,
which results in a loop in the list.
2019-09-15 10:22:26 +01:00
Ed Kellett
b674a619eb
Add extensions/drain
...
This takes the simplest possible approach: load the module and you're in
drain mode.
2019-09-14 21:13:11 +01:00
Ed Kellett
ed3ca2ff16
Propagate OPER
...
Move opername and privset storage to struct User, so it can exist for
remote opers.
On /oper and when bursting opers, send:
:foo OPER opername privset
which sets foo's opername and privset. The contents of the privset on
remote servers come from the remote server's config, so the potential
for confusion exists if these do not match.
If an oper's privset does not exist on a server that sees it, it will
complain, but create a placeholder privset. If the privset is created by
a rehash, this will be reflected properly.
/privs is udpated to take an optional argument, the server to query, and
is now local by default:
/privs [[nick_or_server] nick]
2019-09-13 10:08:27 +01:00
Ed Kellett
1123eefcb0
Rework oper hiding
...
As it stands, oper hiding is rather messy and inconsistent. Add
SeesOper(target, source), which is true iff target should appear as an
oper to source. If I haven't missed something, all commands that reveal
oper status now use the same logic.
general::hide_opers_in_whois is a special case, and affects /whois only.
general::hide_opers is introduced, and has the same effect as giving
everyone oper:hidden. All commands that reveal oper status respect both.
2019-09-12 23:14:15 +01:00
Ed Kellett
28cc8bb924
Deferred capability notifications from modules
...
Reloading modules sends CAP DEL followed by an immediate CAP NEW:
:staberinde.local CAP * DEL :account-tag
:staberinde.local CAP * NEW :account-tag
This isn't very nice. /modrestart is particularly bad. In order to avoid
doing this, we remember the capability set at the beginning of module
operations, compare that with the set afterwards, and report only the
differences with CAP {DEL,NEW}.
2019-09-07 14:59:33 +01:00
Simon Arlott
ac4365f5a4
ircd: remove debug
2019-08-31 16:36:41 +01:00
Simon Arlott
17809d2db7
librb: Fix type of dst for rb_inet_pton_sock()
2019-08-31 16:10:50 +01:00
Simon Arlott
a006add93c
check_one_kline: Fix compiler warning
2019-08-31 15:31:45 +01:00
Simon Arlott
b18dba6da8
Document the process shared by check_one_kline() and find_kline()
2019-08-31 15:05:20 +01:00
Simon Arlott
912d118fa2
Merge branch 'check-one-kline' of https://github.com/edk0/charybdis into edk0-check-one-kline
2019-08-31 15:05:11 +01:00
Simon Arlott
5a15b97696
Revert "ircd: Fix umode orphan scheme."
...
This reverts commit c1fc044c35
.
2019-08-31 14:43:34 +01:00
Ed Kellett
6ca9ff0ea1
Remove unused kline_delay config option
2019-04-27 14:53:04 +01:00
Ed Kellett
9834d3d5ba
Remove unused kline delay machinery
2019-04-27 14:51:27 +01:00
Ed Kellett
10df26d08f
Add check_one_kline, expose notify_banned_client
2019-04-27 14:47:28 +01:00
Aaron Jones
c87c8e5bfe
newconf: remove plaintext listeners warning
...
Closes #270
[ci skip]
2019-03-27 19:29:55 +00:00
Simon Arlott
15b05f95f0
m_sasl: check if the agent is present after every client_exit
...
When a server disconnects the client_exit hook will only be called once
but there could be multiple servers and clients behind that server.
After any client exits, check if the agent is still present.
2018-08-12 12:50:43 +01:00
Chris West (Faux)
26c5df4b1e
YESNO options are of type bool, not int
2018-03-23 16:46:38 +00:00
Simon Arlott
fe5fc851aa
gcc7 fixes: NICKLEN -> NAMELEN
...
Use NAMELEN instead of NICKLEN when accessing Client->name because it
could in theory be a HOSTLEN length string.
2018-01-19 23:26:20 +00:00
Simon Arlott
acd941bfed
ircd: use correct buffer sizes
...
This fixes an issue with truncated SJOINs.
2018-01-18 21:33:41 +00:00
Simon Arlott
6003ce763c
Add outgoing SCTP connect support
2017-08-24 20:08:21 +01:00
Simon Arlott
c6ad9b0c5f
Add basic SCTP listener support that binds to multiple addresses
...
This only supports two addresses as the intended use is 1 IPv4 and 1 IPv6
address on a single-homed host, and the only supported configuration of
outgoing connections to other servers is to bind a single IPv4 or IPv6
address.
2017-08-24 20:08:20 +01:00
Simon Arlott
365e13662e
exit_unknown_client: don't delete servers from the client hash
...
Outgoing servers are not added to the client hash until they reach
IsServer() status, so if they're unknown when they exit then don't
attempt to delete them.
2017-08-24 20:08:18 +01:00
Simon Arlott
4ce1cac4b9
s_serv: connect using both IPv4 and IPv6 if unspecified
2017-08-22 21:55:12 +01:00
Simon Arlott
de2934965c
remove RB_IPV6
2017-08-20 12:54:46 +01:00
Simon Arlott
4b1cce65ed
ircd: send tags on every message
...
Simplify linebuf by introducing fsnprint to manage a list of printfs.
Add a msgbuf unparse cache for send functions that loop.
2017-08-06 16:21:29 +01:00
Simon Arlott
42ae8ab21f
ircd: check caps for user in sendto_common_channels_local
2017-08-05 22:34:17 +01:00
Simon Arlott
d2b5f4111b
tests: add sendto_* test framework
2017-08-05 14:09:01 +01:00
Simon Arlott
84a3275b7a
ircd: log command in mod_add_cmd/mod_del_cmd error scenarios
2017-08-05 12:29:52 +01:00
Simon Arlott
4212494106
ircd: substitution: fix buffer overrun if variable name is too long
...
Also fix the "ptr = ptr + (pptr - ptr)" aka "ptr = pptr" mess by
removing pptr.
2017-08-05 11:27:02 +01:00
Simon Arlott
de36941445
remove unused variables
2017-08-04 20:02:20 +01:00
Simon Arlott
7a06833fb4
librb: linebuf: reduce the number of "put" implementations from 4 to 1
2017-07-30 15:51:45 +01:00
Simon Arlott
a7fed8715b
Revert "Core modules cannot be unloaded, otherwise bad things happen."
...
This reverts commit b5cfad0319
.
2017-07-29 23:52:06 +01:00
Simon Arlott
4c7d1de8f3
librb: linebuf needs to use the buffer limit from msgbuf_unparse_prefix
2017-07-29 23:32:27 +01:00
Simon Arlott
5ce6360b72
ircd: send: these buffers can be static
2017-07-29 23:24:23 +01:00
Simon Arlott
05a16d98e1
tests: add msgbuf_parse tests
2017-07-29 22:46:08 +01:00
Simon Arlott
f3564f47f4
msgbuf: correctly split buffers into IRCv3 tags and RFC1459 message data
2017-07-29 22:46:07 +01:00
Simon Arlott
33ded5fc57
librb: remove unnecessary NULL from the end of rb_string_to_array output
2017-07-29 22:46:04 +01:00
Simon Arlott
86432f8f86
ircd: attach_conf: avoid clang static analysis warning
...
In the impossible scenario where ClassPtr(aconf) is NULL, reject the
client instead of dereferencing the NULL pointer.
2017-07-29 22:45:58 +01:00
Simon Arlott
07807ce8b0
ircd: send_to_channel_flags: avoid clang static analysis warning
...
Set current_capmask and then use it, instead of referencing target_p->localClient->caps again.
This makes the purpose of current_capmask a bit clearer.
2017-07-29 22:39:50 +01:00
Simon Arlott
d856535edd
ircd: sendto_one_notice: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:39:49 +01:00
Simon Arlott
0d6da1a9c1
ircd: sendto_one_numeric: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:28:53 +01:00
Simon Arlott
b9a6f1e5a1
ircd: get_or_create_channel: avoid clang static analysis warning
...
Use `len` after setting it.
2017-07-29 22:28:51 +01:00
Simon Arlott
0ded533dbc
ircd: sendto_one_prefix: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:28:49 +01:00
Simon Arlott
6c1e15a432
exit_remote_server: avoid clang static analysis warning
...
if IsServer(source_p) then the following must be all non-NULL:
->serv
->servptr
->servptr->serv
Remove unnecessary and inconsistent pointer checks.
2017-07-29 22:28:48 +01:00
Simon Arlott
ab5fc9c032
ircd: hostmask: avoid clang static analysis warning
...
arec->Mask.ipa.bits is unused if arec->masktype == HM_HOST
2017-07-29 22:27:23 +01:00
Simon Arlott
8467fd9caf
ircd: listener: Document check_reject() behaviour
2017-07-29 22:20:04 +01:00
Simon Arlott
a940f54623
sslproc: check number of arguments to zipstats command
2017-07-29 13:32:21 +01:00
Aaron Jones
ed9f6a6565
src/channel.c: don't use the bancache in is_banned()/is_quieted()
...
The bancache will be re-architected onto clients in future for easier
invalidation, but this is a good-enough temporary fix for issue #243
Fixes #243
2017-07-29 13:32:20 +01:00
Simon Arlott
e9f0d740e3
msgbuf: remove unused field parselen
2017-07-27 18:31:08 +01:00
Simon Arlott
fb81421fc7
ircd: substitution: fix NULL termination buffer overrun when the output is too large for the buffer
2017-07-27 18:31:07 +01:00
Simon Arlott
1dfb080874
ircd: substitution: fix overrun with unterminated '}' in format string
...
handle a variable following an unterminated variable better
2017-07-27 18:31:05 +01:00
Simon Arlott
169a1c3535
msgbuf: s_assert is not a substitute for proper code
...
(dns, m_alias, m_stats updated as msgbuf no longer includes s_assert.h)
2017-07-26 19:30:41 +01:00
Simon Arlott
d2b3a2a474
ircd: check_server: don't allow a connection if that would exceed the class limit
2017-07-23 17:38:11 +01:00
Simon Arlott
e3cea4d811
ircd: serv_connect: don't try to connect if that would exceed the class limit
2017-07-23 15:40:00 +01:00