we do this by removing the uname usage everywhere: it is not actually
used at runtime at all.
we keep the timestamp, because it is actually used in user_welcome()
but allow it to be overriden.
ideally, that timestamp would be completely removed, but I am not sure
what to put in its place, or if it would break some mysterious RFC (or
client!) if we remove that announcement.
Add REHASH SSLD (admins only) that starts new sslds and marks the
existing ones as inactive until all their clients disconnect.
Very useful whenever the SSL library has a vulnerability because
new connections can use a new version of the library without
disconnecting existing clients/servers.
Add STATS S (admins only) to list ssld processes, status, and client
count.
The sendq limit is now soft, now we halt processing if a sendq is exceeded, until it is sufficiently drained.
This allows us to implement SAFELIST and other floody commands without hacks.
RPL_ADMINME is a response the client receives using the ADMIN command.
Charybdis used to implement a non-standard version of this.
The RFC 1459 standard [1] says in section "6.2 Command responses.":
256 RPL_ADMINME
"<server> :Administrative info"
This commit corrects the behavior to follow the standard.
[1]: https://tools.ietf.org/html/rfc1459
this avoids race conditions when a file descriptor is reused and an ssld worker has not acked that the previous
connection was closed, which results in the new client being kicked.
While functionally compatible with the implementation in ElementalIRCd, our approach is different,
specifically pre-calculating the bitmask at config load time. This is more efficient, and allows us
to report errors as part of the configuration phase.
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls
Thanks Jilles!
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
After a change for dynamic server capabilities, the code to send out mode
changes was changed to use the capabilities belonging to the last mode
being sent out. This does not make sense; therefore, just use no
capabilities and remove supporting infrastructure.
Reported by ssbr on freenode:
chmode +c doesn't strip ^O, which turns off all previous formatting.
This can cause clients that internally use mIRC formatting to render messages weirdly,
e.g. highlighted messages in HexChat: <https://i.imgur.com/eDX8Aif.png>.
Charybdis currently leaks about 45-50k per configuration parse,
including every rehash. This change plugs these leaks by properly
iterating through all conf_parm_t structures to seek all strings that
should be freed and also by freeing the conf_parm_t structures
themselves.
These leaks have been present since the original rewrite of the
configuration parsing system in ircd-ratbox r11953.
Additionally, this change also cleans up and documents the parsing code
a bit.
Default values for default_floodcount and default_ident_timeout are set
in s_conf.c. Remove code that checks for missing values in ircd.c.
Additionally, reset default_ident_timeout to 5 if an invalid value (i.e.
0) is provided.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().
Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.
This change also fixes the compile when using --enable-assert=soft.
With this comes an example module to block the killing of services.
NOTE: this will not cancel remote kills. Those are still accepted, per
the TS 6 specification.
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.
A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.
Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
This will allow us to modularize message processing, e.g. having new modules to manipulate
channel and private messages in new ways.
Yes: it can be used to intercept messages, but such modules are already out in the wild for
charybdis anyway -- so this doesn't really change anything there.
If you are changing the text, then it is your responsibility to provide a pointer to a new
buffer. This buffer should be statically allocated and stored in your module's BSS segment.
We will not, and cannot, free your buffer in core, so dynamically allocated buffers will
cause a memory leak.
This will allow us to simplify m_message considerably, by moving channel mode logic out to
their own modules.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.
Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.
Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
This becomes important because of away-notify sending aways to common
channels much like nick changes (which are also paced).
Marking as unaway is not limited (but obviously only does something if the
user was away before). To allow users to fix typos in away messages, two
aways are allowed in sequence if away has not been used recently.
Specifically, what this capability manager does, is map keywords to
calculated bitmasks. These bitmasks are allocated at runtime, so that
the any managed capability index can be manipulated by modules.
Modules should call capability_orphan() when orphaning capabilities. This
makes it so that bitmasks aren't reallocated, except for cases where the
capability is the same.