Commit graph

167 commits

Author SHA1 Message Date
Doug Freed
71325a9801 librb/helper: call rb_clear_cloexec on child fds 2021-01-26 00:03:48 -05:00
Doug Freed
1cad0654b7 librb: call rb_set_cloexec in rb_setup_fd 2021-01-26 00:03:48 -05:00
Doug Freed
34a2afbc28 librb: add rb_{set,clear}_cloexec 2021-01-26 00:03:48 -05:00
Ed Kellett
c07751a50d Remove hardcoded TLSv1 disables 2020-11-01 04:07:24 +00:00
Ed Kellett
a6f63a829e
Innovation by sed 2020-10-15 15:52:41 +01:00
Ed Kellett
ad516b7d47
librb/event: Don't leak event names on completion 2020-04-19 14:22:18 +01:00
Simon Arlott
400e650809
librb: Fix nossl 2019-09-15 12:33:56 +01:00
Simon Arlott
b7660ea49d
librb: Fix nossl 2019-09-15 11:43:52 +01:00
Simon Arlott
8679c0fe3c
Fix Clang 6 compiler warnings 2019-09-15 11:28:48 +01:00
Simon Arlott
4b7abcfb7d
librb: Avoid unused variable warning 2019-09-15 11:13:54 +01:00
Simon Arlott
53aeb0305a
librb: Specify -Wno-unused-parameter 2019-09-15 11:12:44 +01:00
Simon Arlott
c4c1bf3b79
librb: Fix GCC 8 warning; 640 bytes should be enough 2019-09-15 10:25:25 +01:00
Aaron Jones
f7f1c50494
Support ECDH X25519 for TLSv1.3 (OpenSSL 1.1.1) 2019-09-08 14:00:24 +00:00
Ed Kellett
3576d1b482
librb/event: delete indirectly via a dead flag
This avoids an issue where deleting an event inside the handler of a
different event puts the event iteration in an invalid state.
2019-09-07 14:50:42 +01:00
Simon Arlott
17809d2db7
librb: Fix type of dst for rb_inet_pton_sock() 2019-08-31 16:10:50 +01:00
Aaron Jones
8d93dd76ad
MbedTLS: Support ChaCha20-Poly1305 in TLSv1.2+ 2018-08-13 22:35:20 +00:00
Simon Arlott
30053ab982
gcc7 fixes: make fallthrough explicit 2018-01-19 23:26:03 +00:00
Aaron Jones
e081bf2988
libratbox/src/mbedtls.c: check public/private keys match 2018-01-06 16:05:48 +00:00
Simon Arlott
268044ea40
Add workaround for Linux SCTP_I_WANT_MAPPED_V4_ADDR bug on older kernels 2017-08-24 20:08:22 +01:00
Simon Arlott
6003ce763c
Add outgoing SCTP connect support 2017-08-24 20:08:21 +01:00
Simon Arlott
c6ad9b0c5f
Add basic SCTP listener support that binds to multiple addresses
This only supports two addresses as the intended use is 1 IPv4 and 1 IPv6
address on a single-homed host, and the only supported configuration of
outgoing connections to other servers is to bind a single IPv4 or IPv6
address.
2017-08-24 20:08:20 +01:00
Simon Arlott
589dbf4d0f
rb_connect: use SO_ERROR 2017-08-24 20:08:19 +01:00
Simon Arlott
9caecc9348
rb_inet_pton_sock: initialise sockaddr to zero 2017-08-24 20:08:19 +01:00
Simon Arlott
de2934965c
remove RB_IPV6 2017-08-20 12:54:46 +01:00
Simon Arlott
fa2367e3f3
librb: remove zstring
rb_zstring_serialized leaks memory while doing nothing with its
arguments... nothing is using zstring so remove it
2017-08-06 18:40:24 +01:00
Simon Arlott
1272b289e6
librb: dictionary_add mishandles replacing elements
This can only happen with soft asserts otherwise it will crash instead.

Nothing currently uses the return value of rb_dictionary_add.
2017-08-06 18:38:35 +01:00
Simon Arlott
4b1cce65ed
ircd: send tags on every message
Simplify linebuf by introducing fsnprint to manage a list of printfs.
Add a msgbuf unparse cache for send functions that loop.
2017-08-06 16:21:29 +01:00
Aaron Jones
515467e527
mbedtls.c: minor fixups
- Add (void) casts for unused function parameters
- Rearrange member in `struct rb_mbedtls_cfg_context' for data alignment
- Document a `clang-4.0 -Weverything' (-Wcast-qual) diagnostic
- Avoid pointless conversions between positive/negative error codes
- Use capital hexadecimals in error codes and properly cast to
  (unsigned int) for %x/%X
2017-07-30 18:41:32 +01:00
Simon Arlott
e5c434a2df
librb: add rb_snprintf_try_append
For when it might fit, or it might not.
2017-07-30 17:04:06 +01:00
Simon Arlott
8573c3409e
librb: rb_snprinf_append: handle error return value from vsnprintf() 2017-07-30 17:03:30 +01:00
Simon Arlott
7a06833fb4
librb: linebuf: reduce the number of "put" implementations from 4 to 1 2017-07-30 15:51:45 +01:00
Simon Arlott
4c7d1de8f3
librb: linebuf needs to use the buffer limit from msgbuf_unparse_prefix 2017-07-29 23:32:27 +01:00
Simon Arlott
2100c58d09
librb: rb_rawbuf_length: do something if soft assert fails
correct the value of rb->len
2017-07-29 22:46:10 +01:00
Simon Arlott
9f46eae691
linebuf: increase buffer size to accommodate IRCv3 tags 2017-07-29 22:46:06 +01:00
Simon Arlott
33ded5fc57
librb: remove unnecessary NULL from the end of rb_string_to_array output 2017-07-29 22:46:04 +01:00
Simon Arlott
b5ad4cdfde
make soft asserts better by allowing them to be used in expressions 2017-07-29 22:39:53 +01:00
Simon Arlott
45285c4a73
librb: rb_lib_loop: avoid clang static analysis warning 2017-07-29 22:39:49 +01:00
Simon Arlott
630c15211d
librb: rb_linebuf_copy_raw: remove unused assignment 2017-07-29 22:28:47 +01:00
Simon Arlott
b0adc7bf97
librb: commio: Must set addrlen before every call to accept()
If an IPv4 connection is dropped by the pre-callback, and there is a
pending IPv6 connection on the same listening socket then the retried
accept() will be unable to populate `st` because `addrlen` will be too
small. Also initialise `st` each time to avoid a clang static analysis
warning.
2017-07-29 22:20:05 +01:00
Aaron Jones
c3abf98286
MbedTLS: Disable TLSv1.0 2016-12-30 17:59:48 +00:00
Aaron Jones
35cd299395
OpenSSL: Disable TLSv1.0
Also some misc other cleanups/additions to bring it in line with the
release/3.5 backend
2016-12-30 17:59:46 +00:00
Aaron Jones
5bcd4c7c60
GNUTLS: Provide a default priority string, disable TLSv1.0 in it
The user can still override this choice with the ssl_cipher_list option
in ircd.conf -- this is the only backend that will allow you to do so.
2016-12-30 17:59:35 +00:00
Aaron Jones
05281d7a0d
TLS backends: Move some library-dependent functions to the proper location
The comment incorrectly stated these were library-agnostic; infact, they
use library-dependent data types or macro names.
2016-11-15 12:16:03 +00:00
Simon Arlott
d8f0b5d763
cppcheck: fix various warnings/errors
[ircd/match.c:316]: (error) Shifting a negative value is undefined behaviour
[librb/src/patricia.c:55]: (error) Shifting a negative value is undefined behaviour
[modules/m_alias.c:64]: (portability) '(void*)message' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[modules/m_time.c:111]: (warning) %u in format string (no. 9) requires 'unsigned int' but the argument type is 'signed int'.
[modules/m_time.c:111]: (warning) %u in format string (no. 10) requires 'unsigned int' but the argument type is 'signed int'.
[librb/src/dictionary.c:819]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[librb/src/radixtree.c:1080]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[ircd/s_user.c:351] -> [ircd/s_user.c:357]: (warning) Either the condition '0!=source_p' is redundant or there is possible null pointer dereference: source_p.
[extensions/ip_cloaking_3.0.c:109]: (warning, inconclusive) The buffer 'buf' may not be null-terminated after the call to strncpy().
[ircd/chmode.c:256]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_help.c:100]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_knock.c:169]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:628]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:727]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:601]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:704]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:739]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:763]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:768]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:774]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:781]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:786]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:791]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:804]: (style) Clarify calculation precedence for '&' and '?'.
[ircd/wsproc.c:372]: (style) Unused variable: len
[modules/core/m_modules.c:382]: (style) Unused variable: i
[modules/m_stats.c:741]: (style) Unused variable: amsg
[ircd/authproc.c:390]: (style) Unused variable: iter
[ircd/authproc.c:391]: (style) Unused variable: client_p
2016-10-28 20:13:36 +01:00
Simon Arlott
01dd3da541
rb_string_to_array: document parv array size 2016-10-22 22:36:47 +01:00
Aaron Jones
42e6fbaa8c
OpenSSL: Adjust ciphersuite order and update documentation 2016-10-18 11:17:41 +00:00
Aaron Jones
98c4aaeaff
MbedTLS: Adjust ciphersuite order and update documentation 2016-10-18 11:16:38 +00:00
Aaron Jones
56fbe141a1
GNUTLS: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
4d89c83c32 through ecfdcb08e8 inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the gnutls.c between release/3.5 and release/4.
2016-09-17 17:53:01 +00:00
Aaron Jones
dd066596dc
MbedTLS: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
295c8f7d37 through 265dc4e53c inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the mbedtls.c between release/3.5 and release/4.
2016-09-17 17:19:31 +00:00
Aaron Jones
73470f0b3c
OpenSSL: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
1f30c8943b through 92c04c6b9d inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the openssl.c between release/3.5 and release/4.
2016-09-17 17:03:21 +00:00