William Pitcock
6e3d57dc6b
cap: remove SASL_REAUTH capability
2015-02-28 01:01:08 -06:00
William Pitcock
51535fcbce
sasl: allow reauth without sasl-reauth capability (since it's being dropped)
2015-02-28 00:48:43 -06:00
William Pitcock
676032301e
move README to markdown.
2015-02-24 20:32:08 -06:00
William Pitcock
74bae4c6ff
remove references to LIBPATH ( closes #26 ).
2015-02-24 20:25:34 -06:00
William Pitcock
654caa84fb
ircd.conf.example: explain DH parameters size better ( closes #68 )
2015-02-18 12:36:00 -06:00
William Pitcock
dd28e3f2a4
Merge pull request #82 from grawity/sasl-send-conn-info
...
m_sasl: send information about the client connection
2015-02-18 12:29:57 -06:00
William Pitcock
95cce5f358
Revert "m_invite: add support for CAP invite-notify"
...
This reverts commit 93eb76cc32
.
2015-02-16 17:50:51 -06:00
William Pitcock
4cb0a93d25
libratbox/gnutls: call gnutls_rnd_refresh() to ensure our PRNG is initialized
2015-02-16 17:40:25 -06:00
William Pitcock
cfa7b5fdb0
rebuild configure
2015-02-16 15:57:14 -06:00
William Pitcock
7585af0f3b
configure: move some OS X toolchain checks around ( closes #40 )
2015-02-16 15:55:36 -06:00
Max Teufel
93eb76cc32
m_invite: add support for CAP invite-notify
...
Specification:
<https://github.com/ircv3/ircv3-specifications/blob/master/extensions/invite-notify-3.2.md >
2015-02-16 15:40:34 -06:00
William Pitcock
c6bc97fdcd
m_sasl: move some struct members around for sasl-reauth
2015-02-16 15:39:36 -06:00
William Pitcock
3a48406b55
cap: fix compile
2015-02-15 17:40:20 -06:00
William Pitcock
ef3ab8e3a5
cap: allow clients to do sasl reauth if they requested sasl and sasl-reauth (ref ircv3/ircv3#103 ).
2015-02-15 17:11:28 -06:00
William Pitcock
0044d40050
cap: add notion of required dependency caps
2015-02-15 17:11:28 -06:00
William Pitcock
ce14240a02
Merge pull request #83 from maxteufel/feature/saslserv_config_option
...
m_sasl: add configuration option for the nick of the SASL agent
2015-02-14 15:23:00 -06:00
Max Teufel
7d33cce8ef
m_sasl: add configuration option for the nick of the SASL agent
...
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
2015-02-14 20:31:25 +01:00
Jilles Tjoelker
f51b72de97
Ignore duplicate USER and PASS.
...
If SASL starts using USER/PASS for unregistered clients, this change stops
users from using one USER/PASS for SASL while using another for connecting.
2015-02-13 23:07:02 +01:00
Mantas Mikulėnas
a3fa9d81a2
m_sasl: send information about the client connection
2015-02-13 22:38:24 +02:00
William Pitcock
9299ce1371
Merge pull request #81 from attilamolnar/master+openssl
...
openssl: Disable session tickets and session caching
2015-02-09 14:59:56 -06:00
Attila Molnar
989652e7a8
openssl: Disable session caching
2015-02-09 21:19:09 +01:00
Attila Molnar
6b6a579925
openssl: Disable session tickets
2015-02-09 21:18:32 +01:00
William Pitcock
bc75c3ae0e
fix target list generation edge case where WALLCHOPS was requested alongside normal users if the source user was not a channel op.
...
from ircd-hybrid r5457
2015-02-09 11:16:06 -06:00
Jilles Tjoelker
22e4a9bc2b
Merge branch 'master+sjoin-deadcode' of https://github.com/attilamolnar/charybdis
2015-01-30 17:54:13 +01:00
Attila Molnar
407094721c
SJOIN: Remove some dead code
2015-01-30 14:42:08 +01:00
Jilles Tjoelker
e9f86e320e
introduce_client(): Remove redundant check for sockhost starting with colon.
...
Other code (inet_ntop6() in libratbox/src/commio.c and
extensions/m_webirc.c) ensures the sockhost does not start with a colon.
Checking only here does not make sense.
Reported by: Attila
2015-01-25 22:11:16 +01:00
Jilles Tjoelker
3881a3ce5d
Don't append a domain to names without dot from reverse lookup.
...
Some code to append "domain" from /etc/resolv.conf to unqualified names (for
server connections) erroneously applied to names from reverse DNS lookups as
well.
The effect was that "domain" from /etc/resolv.conf was appended to
"localhost", even though the DNS server intended "localhost" to be a fully
qualified name.
2015-01-16 23:23:56 +01:00
Aaron Jones
3c80b42532
Allow clients to have a resolved hostname of localhost
...
I slightly changed the patch to match surrounding style.
(cherry picked from commit 0b06270fd6266c85d19e008efcd039605daf59d0)
2015-01-16 21:38:42 +01:00
Jilles Tjoelker
74b2fb72db
pretty_mask(): Stop temporarily modifying the passed mask entirely.
2015-01-15 23:45:02 +01:00
Jilles Tjoelker
f4e893b515
pretty_mask(): Use explicit lengths instead of temporarily writing '\0'.
...
This is slightly simpler and should fix Coverity warnings.
2015-01-15 23:38:50 +01:00
Jilles Tjoelker
7db54a1f97
libratbox: Fix sizeof in two memsets.
...
This fixes a compiler warning. The necessary fields of the struct sigevent
were initialized so there was no problem.
Submitted by: Aaron (via IRC)
Reviewed by: Attila
2015-01-15 23:38:50 +01:00
Jilles Tjoelker
1c864688bb
linebuf: Fix possible memory corruption when receiving many CR/LF.
...
The last byte of balloc.c's block pointer could be changed from 10 or 13 to
0. On amd64, this is not possible. On i386, this is possible and usually
causes a crash soon.
2014-11-05 21:42:35 +01:00
William Pitcock
5d4a99540b
Merge pull request #73 from Argure/master
...
Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-ca...
2014-11-05 04:52:50 -06:00
William Pitcock
070d8da8eb
Merge pull request #75 from attilamolnar/master+nullcharfix
...
Fix sending null char after ERROR when the server is full
2014-11-04 23:26:40 -06:00
Attila Molnar
76d82c19ad
Fix sending null char after ERROR when the server is full
2014-11-04 21:57:37 +01:00
Patrick Godschalk
d072eb2350
Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-capable clients that still depend on SSLv23 handshake
2014-10-26 13:15:30 +01:00
Jilles Tjoelker
2a17ae5483
ban: Fix build breakage.
...
A normal 'make' did not rebuild m_ban.c even though dependencies had
changed.
2014-09-21 18:28:24 +02:00
Jilles Tjoelker
36e50ccfa5
tools: Remove Hybrid 6 conversion tools.
...
Hybrid 6 is old enough that the conversion tools can go away now.
They are for I and K lines; the ircd.conf converter was already removed.
This removes compiler/analyzer warnings about these tools.
2014-09-21 18:20:39 +02:00
Jilles Tjoelker
624d779127
bandb: Don't apply empty ban list when bandb starts sending bans.
...
When bandb sends the ban list, it first sends 'C', then all bans and
finally 'F'. Only when 'F' is sent is ircd supposed to apply the bans.
Because of a missing break, 'C' also did 'F', clearing the ircd active
permanent bans until bandb sent 'F'.
The effect is pretty limited because having bandb send the ban list via
/rehash bans is uncommon and most bans will be enforced when reset.
2014-09-21 18:09:18 +02:00
Jilles Tjoelker
8c04f89623
libratbox: Add comment that case fallthrough is deliberate.
2014-09-21 17:44:34 +02:00
Jilles Tjoelker
367f61444a
Gitignore vim swap files.
2014-09-21 16:58:06 +02:00
Jilles Tjoelker
5f1db61bdf
server: Don't read beyond the bounds of ServerInfo.ip and ServerInfo.ip6.
2014-09-21 16:57:38 +02:00
Jilles Tjoelker
dc336d1a63
server: Remove two dead stores.
2014-09-21 15:16:56 +02:00
Jilles Tjoelker
483987a464
Explicitly pass the current time to deactivate_conf().
...
Some places depend on the ban not being destroyed.
2014-09-21 15:02:43 +02:00
Jilles Tjoelker
2196b1825d
Fix crash when there are two blacklist hosts without intervening reason.
...
This is invalid configuration; the first host is supposed to be ignored.
2014-09-21 14:42:14 +02:00
William Pitcock
ed5d7eb122
Merge pull request #70 from grobe0ba/master
...
Remove incorrect comment regarding location of functions in src/modules.c
2014-09-09 10:19:35 -05:00
Byron Grobe
e8d7921a08
Removed comment from src/modules.c that states certain function were moved into a file that no longer exists. (Circa ~2002)
2014-09-09 08:13:42 +00:00
Mantas Mikulėnas
423d875b7f
doc/sasl.txt: forgot to wrap lines and sort references
2014-09-08 22:37:40 +03:00
Mantas Mikulėnas
f3319b3b2e
doc/sasl.txt: drop dead links, add links to IRCv3 spec and relevant SASL RFCs
2014-09-08 22:27:36 +03:00
Jilles Tjoelker
aea6c4f9e6
chmode: Check mlock when a local oper changes cmode +L/+P.
...
This check was erroneously removed when fixing /mode #channel f when +f is
mlocked. Mlock checks were restricted to the places requiring chanops
(other than viewing +eI lists); cmode +L/+P do not require chanops, but
still constitute a mode change that must be checked against mlock.
2014-08-18 00:26:38 +02:00