Commit graph

608 commits

Author SHA1 Message Date
William Pitcock
8f05076d50 sasl: making the sasl capability actually sticky seems incompatible with broken implementations, so we make it just a formality instead. 2015-03-01 00:22:50 -06:00
William Pitcock
c23902ae00 sasl: fix null deref on remote client exit 2015-03-01 00:01:24 -06:00
William Pitcock
8bb9594bf3 sasl: ircv3 wg decided sasl capability should be sticky (ref ircv3/ircv3-specifications#103) 2015-02-28 01:12:25 -06:00
Max Teufel
1b54aa5c3b src/channel: add support for IRCv3.2 userhost-in-names 2015-02-28 01:06:38 -06:00
William Pitcock
6e3d57dc6b cap: remove SASL_REAUTH capability 2015-02-28 01:01:08 -06:00
William Pitcock
51535fcbce sasl: allow reauth without sasl-reauth capability (since it's being dropped) 2015-02-28 00:48:43 -06:00
William Pitcock
dd28e3f2a4 Merge pull request #82 from grawity/sasl-send-conn-info
m_sasl: send information about the client connection
2015-02-18 12:29:57 -06:00
William Pitcock
95cce5f358 Revert "m_invite: add support for CAP invite-notify"
This reverts commit 93eb76cc32.
2015-02-16 17:50:51 -06:00
Max Teufel
93eb76cc32 m_invite: add support for CAP invite-notify
Specification:
<https://github.com/ircv3/ircv3-specifications/blob/master/extensions/invite-notify-3.2.md>
2015-02-16 15:40:34 -06:00
William Pitcock
c6bc97fdcd m_sasl: move some struct members around for sasl-reauth 2015-02-16 15:39:36 -06:00
William Pitcock
3a48406b55 cap: fix compile 2015-02-15 17:40:20 -06:00
William Pitcock
ef3ab8e3a5 cap: allow clients to do sasl reauth if they requested sasl and sasl-reauth (ref ircv3/ircv3#103). 2015-02-15 17:11:28 -06:00
William Pitcock
0044d40050 cap: add notion of required dependency caps 2015-02-15 17:11:28 -06:00
Max Teufel
7d33cce8ef m_sasl: add configuration option for the nick of the SASL agent
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
2015-02-14 20:31:25 +01:00
Jilles Tjoelker
f51b72de97 Ignore duplicate USER and PASS.
If SASL starts using USER/PASS for unregistered clients, this change stops
users from using one USER/PASS for SASL while using another for connecting.
2015-02-13 23:07:02 +01:00
Mantas Mikulėnas
a3fa9d81a2 m_sasl: send information about the client connection 2015-02-13 22:38:24 +02:00
William Pitcock
bc75c3ae0e fix target list generation edge case where WALLCHOPS was requested alongside normal users if the source user was not a channel op.
from ircd-hybrid r5457
2015-02-09 11:16:06 -06:00
Attila Molnar
407094721c SJOIN: Remove some dead code 2015-01-30 14:42:08 +01:00
Jilles Tjoelker
2a17ae5483 ban: Fix build breakage.
A normal 'make' did not rebuild m_ban.c even though dependencies had
changed.
2014-09-21 18:28:24 +02:00
Jilles Tjoelker
dc336d1a63 server: Remove two dead stores. 2014-09-21 15:16:56 +02:00
Jilles Tjoelker
483987a464 Explicitly pass the current time to deactivate_conf().
Some places depend on the ban not being destroyed.
2014-09-21 15:02:43 +02:00
Keith Buck
8db50c03e6 BAN: Don't schedule check_klines for 0 seconds in the future.
When receiving bans from a bursting server, if kline_delay is set to 0
(the default), rb_event_addonce will be called to schedule an event for
0 seconds in the future. While this works fine for the fallback
rb_event_run function, the epoll implementation ends up scheduling a
timerfd for the event in the past, which is then never executed.

While fixing this, I also made rb_event_add and rb_event_addonce reject
attempts to add events scheduled for 0 seconds in the future; they're
instead rewritten to run 1 second in the future.
2014-08-17 09:06:01 +00:00
Jilles Tjoelker
b733b9faf4 SJOIN: Fix crash when both mode parameter and UID list are missing.
Closes #63
2014-08-15 17:10:24 +02:00
Mantas Mikulėnas
c72f15bcf5 m_version: remove spaces from version string
"to make it machine parseable again", as in ircd-seven commit 03b2176b88a1.
2014-05-06 16:28:23 +03:00
Mantas Mikulėnas
0f4ed4058d m_version: display charybdis version in /version
Otherwise it just crashes when /version is used.

Closes: #60
2014-05-06 16:27:03 +03:00
Jilles Tjoelker
bf77c3a1ef info: Change N-line to connect block. 2014-04-27 15:33:09 +02:00
Jilles Tjoelker
0455e7a927 Remove snotes on +r about GET/PUT/POST commands.
The server notice "HTTP Proxy disconnected: [<user>@<host>]" is
confusing and not particularly useful.
2014-03-04 23:02:40 +01:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
Keith Buck
00533129dc s_conf: Don't leak log file paths when loading default conf
This change prevents the log file paths from being leaked when
rehashing. Additionally, fname_killlog was added to two places where it
was previously forgotten.
2014-03-03 04:12:07 +00:00
Jilles Tjoelker
fea6157df0 Avoid possible null dereference. 2014-03-03 00:02:10 +01:00
Jilles Tjoelker
299e25a630 SIGNON: Do not send uninitialized data if login name starts with '*'. 2014-02-28 15:48:07 +01:00
Jilles Tjoelker
f76ca17848 stats c: Simplify construction of flags string.
Perhaps this avoids false positives in static analysis.
2014-02-24 00:10:42 +01:00
Jilles Tjoelker
77910830e3 Fix various printf arg types. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
29c451d0ce part: Fix constness issue with part hook. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
8a4b837775 m_services: Make sure to return a value from the modinit function. 2014-02-22 17:45:42 +01:00
Mantas Mikulėnas
dbd8ca2bf6 sasl: send RPL_SASLMECHS 2014-01-12 00:29:32 +02:00
Keith Buck
b647efa045 Fix parameter counts for me_dline and me_undline. 2013-09-23 09:34:30 +00:00
Jilles Tjoelker
364e59f82a whowas: Use the normal rules for IP visibility.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().

Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
2013-09-14 12:26:32 +02:00
Jilles Tjoelker
7a9a9000b7 Enable remote WHOWAS queries.
On ircd-seven, this will allow remote opers to see certain hidden IPs.
2013-09-13 22:29:26 +02:00
Keith Buck
77d3d2dbaf Remove s_assert definition from ircd_defs.h and add it to its own header.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.

This change also fixes the compile when using --enable-assert=soft.
2013-09-10 06:10:14 +00:00
Jilles Tjoelker
35bfe0e644 join: Fix messages about join failures such as banned.
This was broken by 6f7b36d5d0 in February
2013, as join failures are the only situation where a non-trivial
numeric is passed through from other code to be sent to a client. Fix it
by porting more code from ircd-ratbox 3.1.
2013-07-07 23:50:20 +02:00
Jilles Tjoelker
b2c208be09 m_info: Correct description of general::client_exit like in example confs.
Reported by:	jackal
2013-06-16 11:35:04 +02:00
Jilles Tjoelker
373a04393b kill: Improve comment about kill hook. 2013-04-27 16:55:45 +02:00
Elizabeth Myers
9d745dbd21 Implement kill-cancelling hook.
With this comes an example module to block the killing of services.

NOTE: this will not cancel remote kills. Those are still accepted, per
the TS 6 specification.
2013-04-20 01:07:55 -05:00
Alex Iadicicco
fda96b89dc m_nick: Reject nicks with '~' in them, rather than cutting at the '~'
The behavior of cutting at the first '~' is confusing at first, and
looks too much like a bug.
2013-04-17 17:27:27 -07:00
Jilles Tjoelker
90e3d1b7e1 Update .depend files. 2013-03-23 23:32:46 +01:00
Jilles Tjoelker
ce782b68fe Don't send ERR_NICKCOLLISION to a user that will not be killed. 2013-03-23 22:57:28 +01:00
William Pitcock
6f7b36d5d0 Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
2013-02-21 05:46:04 -06:00
Jilles Tjoelker
2ebef8d925 whois: Fix UID leak.
The second parameter of WHOIS is always a nick.
2013-02-14 23:45:22 +01:00
Jilles Tjoelker
e0c7937a9f UID/EUID: Add server's SID to invalid UID error message. 2013-02-03 20:31:52 +01:00
Jilles Tjoelker
561d7efc44 UID/EUID: Check that the UID starts with the server's SID.
If not, the local link that sent the command is broken, as with
syntactically invalid UIDs.
2013-02-03 19:38:46 +01:00
Jilles Tjoelker
9cbf72447c stats l: Don't care about away status. 2013-02-03 19:33:31 +01:00
Jilles Tjoelker
e69375f3ac Cope with rb_crypt() returning NULL. 2013-02-02 00:54:32 +01:00
Jilles Tjoelker
df2516e6d8 whowas: Abort listing if 90% of sendq is in use. 2013-02-02 00:50:03 +01:00
Jilles Tjoelker
b6e02c25b5 starttls: Don't send ERR_STARTTLS after successful STARTTLS. 2013-01-05 15:09:17 +01:00
Jilles Tjoelker
fce4df5473 server: Show the missing CAPABs when rejecting a server. 2013-01-02 21:00:18 +01:00
Jilles Tjoelker
22b24f637d server: Move required CAPAB check after authentication and add snote and log. 2013-01-02 20:07:28 +01:00
William Pitcock
ac0707aa61 m_capab: fix a possible remote crash triggered by the CAPAB parsing code. 2012-12-31 13:13:05 -06:00
Jilles Tjoelker
71eb2bb99b server: Fix required capabilities check if there is more than one capability. 2012-12-18 16:37:21 +01:00
Jilles Tjoelker
8ff07125c3 starttls: Explicitly reject starttls if TLS is not configured or not compiled in. 2012-11-03 15:50:43 +01:00
Jilles Tjoelker
c1cddb36c0 starttls: Don't corrupt the FD hash.
Altering localClient->F without updating the FD hash leaves the struct
Client in the FD hash indefinitely which causes a crash later if the
struct is reused for a remote client. It also prevents error messages
from ssld showing up on IRC properly.
2012-11-03 00:49:10 +01:00
William Pitcock
c4e81ae9e9 m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification 2012-09-22 19:31:55 -05:00
William Pitcock
21f715a9a3 m_starttls: new module implementing ircv3 tls-3.1 optional extension 2012-09-22 16:30:01 -05:00
William Pitcock
538d4d6188 m_cap: add 'tls' core capability 2012-09-22 14:15:45 -05:00
William Pitcock
4727c0f586 m_stats: apply same logic to anonymous /stats l as /stats p 2012-09-18 20:01:53 -05:00
William Pitcock
e82bda18a5 m_stats: add optional constraint checking function pointer to stats_l_list(). 2012-09-18 19:55:49 -05:00
Jilles Tjoelker
e4ce3b5409 stats R: Make the CPU time display less ugly. 2012-06-04 00:49:59 +02:00
Keith Buck
c46a4ecd97 Move marking of services entirely to m_services.c; mark all services when m_services loads and unmark them when it unloads. 2012-05-21 21:03:56 +00:00
Keith Buck
ec57fe6779 Complain to opers if a server that isn't a service tries to SU/RSFNC/NICKDELAY/SVSLOGIN. 2012-05-21 17:27:02 +00:00
Jilles Tjoelker
69e7a2cdc3 list: Strip colours from channel topics.
This allows in-channel use of coloured topics (or via /topic out of
channel) but leaves channel listings clean.
2012-04-29 00:44:33 +02:00
Keith Buck
62cf5b4036 Call the privmsg_channel hook for part messages too. 2012-04-07 03:03:07 +00:00
Keith Buck
880db619be m_message: Remove some unused variables. 2012-04-03 21:51:09 +00:00
William Pitcock
b8c16fdaba if 0 some things out 2012-04-01 00:09:18 -05:00
William Pitcock
f30a5ee4c4 Remove MODE_NOCTCP from core, in favor of chm_noctcp. 2012-03-31 22:48:36 -05:00
William Pitcock
67aeaba593 Remove MODE_NOCOLOR from core, replacing it with modules/chm_nocolour.so. 2012-03-31 22:26:45 -05:00
William Pitcock
6eb033605c Check for empty string after permutation hooks have run. 2012-03-31 22:18:15 -05:00
William Pitcock
ca4c2a86ee Add support for hookifying PRIVMSG/NOTICE.
This will allow us to modularize message processing, e.g. having new modules to manipulate
channel and private messages in new ways.

Yes: it can be used to intercept messages, but such modules are already out in the wild for
charybdis anyway -- so this doesn't really change anything there.

If you are changing the text, then it is your responsibility to provide a pointer to a new
buffer.  This buffer should be statically allocated and stored in your module's BSS segment.
We will not, and cannot, free your buffer in core, so dynamically allocated buffers will
cause a memory leak.

This will allow us to simplify m_message considerably, by moving channel mode logic out to
their own modules.
2012-03-31 21:23:01 -05:00
Keith Buck
bb73e588bc tginfo/certfp ENCAP: Specify the minimum number of parameters instead of checking parc. 2012-03-25 17:04:21 +00:00
Keith Buck
9120d0efb0 m_away: Add missing return value. 2012-03-25 02:47:39 +00:00
Keith Buck
2d537cae88 Remove unused variable cruft. 2012-03-25 02:37:41 +00:00
Keith Buck
330692a1f2 Add option to immediately apply nick RESVs by FNC'ing. 2012-03-25 01:34:45 +00:00
Keith Buck
bc4dea6937 target change: Propagate restricted addresses. 2012-03-18 01:18:57 +00:00
Jilles Tjoelker
494d2b9dd4 Apply special CTCP handling to messages to @/+ channel as well:
* +C cmode blocks CTCPs
 * CTCPs to large channels relax some flood protection to allow all
   answers through.
2012-03-14 23:20:05 +01:00
Jilles Tjoelker
60dd1febe2 Apply colour stripping (cmode +c) to messages to @/+ channel as well. 2012-03-14 23:04:30 +01:00
Jilles Tjoelker
d1316b193b Keep forward channels in sync after a netjoin.
Arbitrarily prefer a forward channel to no forward channel and an
alphabetically higher forward channel to a lower one.

This is a simplistic implementation that generates one MODE message to
local clients for each ban removed (to be replaced).

For simplicity and to avoid amplification of incoming MODE messages,
regular modes may still desync the forward channel of a ban.
2012-03-03 23:45:52 +01:00
Nathan Phillip Brink
80e49b4ca8 Run make depend. 2012-03-01 03:51:33 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
Nathan Phillip Brink
d54e352b45 During installation, don't unconditionally create an empty `modules-old' directory. 2012-02-28 06:40:18 +00:00
Nathan Phillip Brink
f02e3a2628 Use LDFLAGS when compiling extensions or modules. 2012-02-28 04:36:00 +00:00
William Pitcock
dc0fd46236 Ensure AWAY pacing only affects local clients. 2012-02-21 21:09:33 -06:00
Jilles Tjoelker
725403fd7f Don't end the flood grace period with the first AWAY.
This allows clients to restore an away message early in the connection
process without breaking flood grace.
2012-02-18 16:35:31 +01:00
Jilles Tjoelker
d42e6915cf Pace aways.
This becomes important because of away-notify sending aways to common
channels much like nick changes (which are also paced).

Marking as unaway is not limited (but obviously only does something if the
user was away before). To allow users to fix typos in away messages, two
aways are allowed in sequence if away has not been used recently.
2012-02-18 16:32:57 +01:00
Keith Buck
7e132ff005 ratelimit: Add rate-limiting to MOTD, WHO, and remote WHOIS. 2012-02-18 03:56:47 +00:00
Keith Buck
e88a1f1b15 Add ratelimit for high-bandwidth commands. 2012-02-18 03:54:44 +00:00
Jilles Tjoelker
c25a890796 Remove some TS5 code from ms_bmask().
ms_bmask() used to send MODE messages to TS5 servers, but
TS5 support was removed long ago.
2012-02-17 00:36:12 +01:00
Jilles Tjoelker
23f6b63af6 Send forward channel when bans are added/removed because of TS/bursts.
If a netburst adds bans or a channel TS change removes bans, +b/-b modes
are generated. Make sure these contain the forward channel, if any.

This appears also broken in ircd-seven.
2012-02-17 00:09:39 +01:00
Jilles Tjoelker
65b8d06c71 Do not send unchanged away messages to other users via away-notify. 2012-02-14 23:14:42 +01:00
Keith Buck
c5bbc60375 Add away-notify client capability. 2012-02-14 14:15:44 +00:00
Jilles Tjoelker
e5520caf0a Allow opers to do /stats C.
In particular, this allows remote /stats C.
2012-02-11 23:17:04 +01:00
Jilles Tjoelker
ed11b18f0f Allow normal users to do PRIVS on themselves.
This basically shows a subset of the information shown by the notices
on connect like "*** You are exempt from K/X lines".
2012-02-06 23:15:03 +01:00