Commit graph

3156 commits

Author SHA1 Message Date
Jilles Tjoelker
572488e029 If the sasl mechanism is EXTERNAL, send the certfp in the initial S message. 2011-04-04 00:59:20 +02:00
Jilles Tjoelker
f62f94b094 Back out AUTHENTICATE EXTERNAL so I can do it differently.
The current approach is fundamentally broken as it allows
anyone in that knows the certfp and uses an old ircd as
their server.
2011-04-04 00:44:07 +02:00
Jilles Tjoelker
1b19fe8b5e Revert "sasl: remove checks for impossible conditions".
This check is not impossible and can be triggered by
sending a PASS command like a server would send first.

This backs out changeset 8cba4464feec.
2011-03-31 23:26:26 +02:00
William Pitcock
27126f911d sasl: first attempt at ircv3.1 AUTHENTICATE EXTERNAL support 2011-03-31 00:35:58 -05:00
William Pitcock
d8c45202e3 sasl: remove checks for impossible conditions 2011-03-31 00:18:32 -05:00
Stephen Bennett
e6e54763d9 Make flood control settings configurable by those who know exactly what they're doing.
From ircd-seven git changeset 29aa4203150337925a4f5c6e7da47be5394c2125 .
2011-03-27 16:35:26 -04:00
Jilles Tjoelker
e732a57bd1 Cope with OPENSSL_VERSION_NUMBER not being a long.
Contrary to the documentation, this is the case on recent FreeBSD at least.
2011-03-20 18:46:32 +01:00
William Pitcock
8e00d87838 bantool: _XOPEN_SOURCE should die in a fire 2011-03-17 10:45:57 -05:00
Jilles Tjoelker
b19d3c5186 Style: use a consistent order for the _C constants. 2011-03-31 00:05:42 +02:00
Stephen Bennett
94d86632dc Disallow mIRC italics in channel names when disable_fake_channels 2011-03-30 11:30:47 +01:00
Stephen Bennett
5fabe51369 Don't allow +Z to be set by default_umodes 2011-03-11 13:12:40 +00:00
William Pitcock
29bb66b12d Add Elizacat to contributors. 2011-02-27 15:48:05 -06:00
Elizabeth Jennifer Myers
0a1e77c27c Support IPv6 blacklists. Also add a conf file option allowing the use of IPv4, IPv6, or both for a blacklist.
Although few blacklists currently support IPv6 lookups, they will likely begin to do so in the near future as more net trash begins using IPv6.
2011-02-27 16:38:05 -05:00
Elizabeth Jennifer Myers
6493f05d8c m_challenge: fix use of undefined behaviour.
GCC does what we expect, but other compilers could do just about anything.
2011-02-22 12:00:45 -05:00
Elizabeth Jennifer Myers
f4b52a0ad3 can_send: properly initalise moduledata. 2011-02-13 09:50:25 -05:00
Jilles Tjoelker
0d165b5262 override: Apply floodcount to override sends.
This avoids strange behaviour where quieting an override
oper lets them send more, and matches ircd-seven.
2011-02-06 15:50:58 +01:00
Elizabeth Jennifer Myers
f171dafb59 Add endian test to autoconf and convert crypt to use it. 2011-01-24 21:03:00 -05:00
Jilles Tjoelker
462ae9d7a5 Fix memory leak of operator certfp fields. 2011-01-25 00:39:07 +01:00
Elizabeth Jennifer Myers
ed45dfe676 newconf: fix a warning 2011-01-23 16:56:36 -05:00
Elizabeth Jennifer Myers
63c7a68e19 newconf: fix certificate fingerprint auth.
yy_oper->certfp was not copied into yy_tmpoper->certfp, thus the information was lost and certfp auth was never really working, since the string was always empty.
2011-01-23 16:12:32 -05:00
Elizabeth Jennifer Myers
48dc39f771 Add blowfish to libratbox crypt.
Also change u_int*_t to uint*_t whilst I'm here.
2011-01-17 05:01:11 -05:00
Jilles Tjoelker
26e9dd93ad Remove nickTS from extended-join. 2011-01-11 00:26:15 +01:00
Jilles Tjoelker
e2b507ac41 Fix extended-join not sending any joins at all.
Note that IsCapable(x, NOCAPS) always returns true.
2011-01-11 00:26:05 +01:00
Jilles Tjoelker
2fb0796158 hunt_server: Disallow wildcarded nicknames.
Any hunted parameter with wildcards is now assumed
to be a server, never a user.

Reasons:
* fewer match() calls
* do not disclose existing nicknames
* more intuitive behaviour for CONNECT

m_trace has a copy of some hunt_server logic in it
(for the RPL_TRACELINK reply), so adjust that too.
2011-01-08 17:47:05 +01:00
Jilles Tjoelker
af9e5b5ef7 Fix compiler warnings. 2011-01-08 17:40:12 +01:00
Keith Buck
4c3f066ab8 Move list-related isupport items to the list module itself. 2011-01-06 00:40:08 -08:00
Elizabeth Jennifer Myers
7600b65f4d Make SHA512 the default for mkpasswd again, as SHA512 support is guaranteed to *always* be in libratbox. 2011-01-06 01:56:47 -05:00
Elizabeth Jennifer Myers
f924ea40a3 Overhaul extensions/m_mkpasswd. It now allows SHA256/SHA512 hashes. DES support is removed, as it is insecure and can be broken on my desktop in about 20 minutes. 2011-01-06 01:41:57 -05:00
Elizabeth Jennifer Myers
08c2568cb9 Add SHA256/SHA512 support to crypt.c and fix up the MD5 component (it seemed to have been broken). In addition, unconditionally use the libratbox crypt. 2011-01-06 01:29:22 -05:00
Lee T. Starnes
69b2e74527 cosmetic fix: Blowfish doesn't use CamelCase 2011-01-05 23:20:04 -06:00
Keith Buck
096570b9f8 Add topic TS and channel TS constraints for /LIST. 2011-01-05 21:15:36 -08:00
Keith Buck
bb55ebebe9 Implement operspy for /LIST. 2011-01-05 18:57:27 -08:00
Keith Buck
9ad393f677 Fix multiple RPL_LISTEND replies when aborting a /LIST. 2011-01-02 00:43:11 -08:00
Jilles Tjoelker
6d61f90fd6 override: Provide an error message if +p may not be set. 2010-12-31 02:43:38 +01:00
Jilles Tjoelker
fa0e215255 Tweak previous commit to avoid problems with OMODE.
Do not allow a user to op themselves if they are
already opped, as "already opped" could be because
of OMODE's hack which will be unconditionally
reverted after the mode change.

Also, this matches old behaviour for users not
being able to generate mode changes redundantly
opping themselves.

Note that this change should only be taken advantage
of if all servers run patched code. Otherwise, mode
changes will be silently dropped and a desync
results.
2010-12-31 02:43:16 +01:00
William Pitcock
402cce0b9c Remove stupid hybrid-esque 'impossible to op yourself' hack.
Who the fuck thought that check was a good idea?
2010-12-30 19:21:14 -06:00
Jilles Tjoelker
1987b5da5b Fix topic changes after 6af636dce2e6. 2010-12-27 17:31:11 +01:00
Stephen Bennett
0c512421c5 Add default for disable_local_channels. Missed this last time. 2010-12-21 20:53:39 +00:00
Stephen Bennett
341f971efa Bring across disable_local_channels config option from ircd-seven 2010-12-21 20:38:04 +00:00
William Pitcock
f56b4e3c07 account-notify spec: with the extended-join capability, doing a WHO on new users is not necessary. 2010-12-16 00:35:12 -06:00
William Pitcock
261e2f9399 Accountname should not be prefixed with a colon to allow future expansion. 2010-12-16 00:32:48 -06:00
William Pitcock
92052a5c24 Add extended-join client capability.
The extended-join client capability extends the JOIN message with information clients typically
query using WHO including accountname, signon TS and realname.
2010-12-16 00:24:54 -06:00
William Pitcock
99cca61ed6 Add sendto_channel_local_with_capability(). 2010-12-16 00:19:24 -06:00
William Pitcock
805cfa5ab2 Use send_channel_join(). 2010-12-16 00:13:42 -06:00
William Pitcock
27912fd4ff Add send_channel_join(). 2010-12-16 00:09:29 -06:00
William Pitcock
a8df2896bb Update specification. 2010-12-15 23:59:47 -06:00
William Pitcock
4f943f99e6 Add specification for the account-notify protocol extension. 2010-12-15 23:38:35 -06:00
William Pitcock
7a7f86d344 Rough implementation of the new account-notify client capability.
This replaces identify-msg in ircd-seven.
2010-12-15 23:04:57 -06:00
William Pitcock
7a948bdaa7 Add capability parameter to sendto_common_channels_local() and sendto_common_channels_local_butone(). 2010-12-15 22:55:05 -06:00
Jilles Tjoelker
0b2b2f7753 Remove redundant prototypes in src/ircd_lexer.l.
These seem unnecessary and may cause problems because they
are wrong in some cases.

A comment says these were needed for GCC 3.3. If you are
still using this compiler, check this and if it breaks,
some other approach is needed.
2010-12-15 21:49:47 +01:00