William Pitcock
d44660305f
update NEWS documenting availability of combination extbans
2015-12-10 02:28:52 -06:00
William Pitcock
98c645cadb
document extb_combi and extb_hostmask bans ( closes #74 )
2015-12-10 02:27:08 -06:00
William Pitcock
e2a9fa9cab
extenions: add a $m: extban (ref #74 )
2015-12-10 02:25:22 -06:00
William Pitcock
4ef511ebb8
import marienz's extb_combi module (ref #74 )
2015-12-10 02:20:58 -06:00
William Pitcock
7801d174d7
Revert "extban: implement helper functions for stackable extbans (part 1) (ref #74 )"
...
This reverts commit 304bd0d095
.
2015-12-10 02:19:21 -06:00
William Pitcock
304bd0d095
extban: implement helper functions for stackable extbans (part 1) (ref #74 )
2015-12-10 01:33:30 -06:00
William Pitcock
202d496644
override: only engage override code if we're needing to authorize a WRITE to a channel's state ( closes #65 )
2015-12-10 01:00:32 -06:00
William Pitcock
c7708a0994
ssld: update for protocol changes
2015-12-08 14:26:26 -06:00
William Pitcock
509088aaee
update NEWS to note that CertFP methods are now configurable
2015-12-07 01:52:16 -06:00
William Pitcock
13d8f0edba
allow certfp method to be configured
2015-12-07 01:49:30 -06:00
William Pitcock
772c95cc7a
ssld: we only will continue supporting one fingerprint method at a time
2015-12-07 01:21:26 -06:00
William Pitcock
fced7b416b
Merge branch 'master' of github.com:atheme/charybdis
2015-12-07 01:15:00 -06:00
Elizabeth Myers
e6bbb41030
Add ability to change CertFP hash.
...
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:14:02 -06:00
Elizabeth Myers
c33349ec21
Add ability to change CertFP hash.
...
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:11:12 -06:00
William Pitcock
653e3ca512
update copyright on NEWS (haha)
2015-12-05 07:18:35 -06:00
William Pitcock
354fd35126
update README
2015-12-05 07:09:52 -06:00
William Pitcock
6a49a3432f
update NEWS a little more
2015-12-05 07:07:01 -06:00
William Pitcock
a7433e330a
m_message: use same behaviour for +R users as +g users ( closes #96 )
2015-12-05 06:48:38 -06:00
William Pitcock
677d3cb1a3
mbedtls: implement rb_get_ssl_certfp()
2015-12-05 06:37:04 -06:00
William Pitcock
bbccb09a90
newconf: TLS listener ports should always be defer_accept
...
TLS clients are required to send ClientHello upon connection, the server may not reply with ServerHello until this has happened
2015-12-04 22:53:04 -06:00
William Pitcock
493897d67c
mbedtls: use server certificate for client mode too
2015-12-04 22:42:10 -06:00
William Pitcock
162a91d6ed
mbedtls: make client mode work too
2015-12-04 22:41:02 -06:00
William Pitcock
539d912b95
libratbox: fix up mbedtls backend
2015-12-04 00:01:40 -06:00
William Pitcock
fab6f9e80e
libratbox: gnutls: we want to pass F, not F->fd to rb_listen()
2015-12-03 22:38:54 -06:00
William Pitcock
cd492e44b5
libratbox: initial cut at an mbedtls implementation, which will replace openssl and gnutls backends in charybdis 3.6
...
notably, it presently is lacking CertFP support, but everything else is implemented
2015-12-03 22:32:33 -06:00
William Pitcock
6f57a957b0
libratbox: prepare build system for mbed tls backend
2015-12-03 18:37:32 -06:00
William Pitcock
7f2cc0eacb
Revert "supported: remove TARGMAX, nothing really uses it, and the information conveyed is useless anyway"
...
This reverts commit ff2f68e617
.
2015-11-19 23:10:36 -06:00
William Pitcock
4a5330bb4d
cap: implement ircv3.2 chghost cap
2015-11-19 22:53:55 -06:00
William Pitcock
583f064fef
send: add negation argument to sendto_common_channels_local() and friends
2015-11-19 22:43:45 -06:00
William Pitcock
8e9e22b4d3
parse: handle_encap(): remove parv[0] initialization, anything using parv[0] should crash the ircd
2015-11-19 17:13:04 -06:00
William Pitcock
e77879b0f6
modules/m_resv: update comments since parv[0] is not used anymore
2015-11-19 17:12:07 -06:00
William Pitcock
ff2f68e617
supported: remove TARGMAX, nothing really uses it, and the information conveyed is useless anyway
2015-11-16 15:01:57 -06:00
Jilles Tjoelker
439bf4db58
monitor: Show 005 entry only if m_monitor.so is actually loaded.
...
This only affects the MONITOR=<max> entry, not TARGMAX=...,MONITOR:
which is harder to modify from a module.
2015-11-15 22:57:23 +01:00
Aaron Jones
0b05d1aad5
[libratbox] Remove an unused random function
...
Nothing in the Charybdis or libratbox code calls rb_get_pseudo_random
and under OpenSSL it uses RAND_pseudo_bytes() which is both dangerous
and removed in OpenSSL version 1.1.0.
2015-10-25 16:04:57 +00:00
Aaron Jones
25f7ee7dd6
Improve the versions of TLS used for server to server linking
...
When building against current OpenSSL (<= 1.0.2) or old LibreSSL
(< 2.2.2) the server will use TLSv1.0 only when connecting to other
servers.
This patch corrects that.
2015-10-23 16:08:15 +00:00
Aaron Jones
3ae24413ca
Use new TLS method APIs with new LibreSSL
...
OpenBSD 5.8 includes LibreSSL 2.2.2, which finally brings the API up to
what they claim it is by implementing the new TLS client and server
method APIs. Therefore, in furtherance of commits a4c8c827
and 1a4e224a
we can build with the new APIs if building against (real) OpenSSL 1.1.0
or LibreSSL 2.2.2.
Reported-by: Juuso Lapinlampi <wub@partyvan.eu>
2015-10-23 16:05:33 +00:00
William Pitcock
172b58fee9
Merge pull request #106 from awilfox/master
...
Fix MONITOR C
2015-10-15 18:05:38 -05:00
Andrew Wilcox
7a40c9a5b4
monitor: don't use already-freed pointer, unlike the moronic atheme developers
2015-10-15 17:32:02 -05:00
Andrew Wilcox
5f8fb56d02
Revert "remove MONITOR for now pending a complete rewrite"
...
This reverts commit 87fa262fec
.
2015-10-15 17:31:55 -05:00
William Pitcock
87fa262fec
remove MONITOR for now pending a complete rewrite
2015-10-15 09:39:48 -05:00
William Pitcock
d09bde15a1
monitor: additional cleanup pointed out by mr_flea
2015-10-11 19:32:31 -05:00
William Pitcock
7485e86073
monitor: additional cleanups, and add a missing free_monitor() in m_monitor
2015-10-11 19:11:01 -05:00
William Pitcock
d5f856c68e
monitor: fix the resource leak properly, unlike the moronic elemental-ircd developers
2015-10-11 18:48:53 -05:00
Jilles Tjoelker
dd64bf8dad
Fix build on glibc (no strlcpy).
2015-10-01 22:55:07 +02:00
Jilles Tjoelker
0e17ce0612
Use new info when sending away-notify after QJM.
2015-09-20 15:20:05 +02:00
Jilles Tjoelker
b4a7304c94
s_conf: Split out a function.
2015-09-13 22:59:03 +02:00
Jilles Tjoelker
df3de4e913
kqueue: Remove unnecessary cast.
2015-09-13 22:59:03 +02:00
Jilles Tjoelker
2125182293
Remove the unneeded username parameter to register_local_user().
2015-09-13 22:59:03 +02:00
Jilles Tjoelker
83e5941c87
Check CIDR ban IP address for validity.
...
Otherwise, we compare to uninitialized stack data. This is wrong but seems
harmless.
Closes #103
2015-09-13 22:59:03 +02:00
William Pitcock
00fda7b7bd
Merge pull request #101 from Elizafox/master
...
Relocate report_Klines to proper home
2015-08-08 18:41:32 -04:00