Simon Arlott
5ce6360b72
ircd: send: these buffers can be static
2017-07-29 23:24:23 +01:00
Simon Arlott
b6f271b2aa
m_cap: Fix CAP LS generation
...
The `caplen` variable was unused, so the cap to be output wasn't considered
when determining whether or not it would fit.
2017-07-29 22:46:11 +01:00
Simon Arlott
2100c58d09
librb: rb_rawbuf_length: do something if soft assert fails
...
correct the value of rb->len
2017-07-29 22:46:10 +01:00
Simon Arlott
108699df3c
tests: add msgbuf_unparse tests
2017-07-29 22:46:09 +01:00
Simon Arlott
17ea888046
tests: add substitution_parse tests
2017-07-29 22:46:09 +01:00
Simon Arlott
05a16d98e1
tests: add msgbuf_parse tests
2017-07-29 22:46:08 +01:00
Simon Arlott
f3564f47f4
msgbuf: correctly split buffers into IRCv3 tags and RFC1459 message data
2017-07-29 22:46:07 +01:00
Simon Arlott
9f46eae691
linebuf: increase buffer size to accommodate IRCv3 tags
2017-07-29 22:46:06 +01:00
Simon Arlott
8fe5ef5a23
tests: add C TAP harness
2017-07-29 22:46:05 +01:00
Simon Arlott
33ded5fc57
librb: remove unnecessary NULL from the end of rb_string_to_array output
2017-07-29 22:46:04 +01:00
Simon Arlott
86432f8f86
ircd: attach_conf: avoid clang static analysis warning
...
In the impossible scenario where ClassPtr(aconf) is NULL, reject the
client instead of dereferencing the NULL pointer.
2017-07-29 22:45:58 +01:00
Simon Arlott
b5ad4cdfde
make soft asserts better by allowing them to be used in expressions
2017-07-29 22:39:53 +01:00
Simon Arlott
3ec3b44c7e
wsockd: avoid clang static analysis warning
...
Don't set `x = 0` twice.
2017-07-29 22:39:53 +01:00
Simon Arlott
26acc0c4fd
authd: opm: avoid clang static analysis warning
...
Remove unused `c` variable.
2017-07-29 22:39:52 +01:00
Simon Arlott
07807ce8b0
ircd: send_to_channel_flags: avoid clang static analysis warning
...
Set current_capmask and then use it, instead of referencing target_p->localClient->caps again.
This makes the purpose of current_capmask a bit clearer.
2017-07-29 22:39:50 +01:00
Simon Arlott
d856535edd
ircd: sendto_one_notice: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:39:49 +01:00
Simon Arlott
45285c4a73
librb: rb_lib_loop: avoid clang static analysis warning
2017-07-29 22:39:49 +01:00
Simon Arlott
209c57fbbf
ssld: avoid clang static analysis warning
...
Don't set `x = 0` twice.
2017-07-29 22:39:48 +01:00
Simon Arlott
0d6da1a9c1
ircd: sendto_one_numeric: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:28:53 +01:00
Simon Arlott
4a9f4dccb8
authd: opm: avoid clang static analysis warning
...
Remove unused `lookup` variables.
2017-07-29 22:28:52 +01:00
Simon Arlott
b9a6f1e5a1
ircd: get_or_create_channel: avoid clang static analysis warning
...
Use `len` after setting it.
2017-07-29 22:28:51 +01:00
Simon Arlott
f660af2155
ssld: avoid clang static analysis warning
2017-07-29 22:28:50 +01:00
Simon Arlott
0ded533dbc
ircd: sendto_one_prefix: avoid clang static analysis warning
...
target_p->from can't be NULL, and if it is then get_id(..., target_p)
dereferences it later in the function anyway
2017-07-29 22:28:49 +01:00
Simon Arlott
6c1e15a432
exit_remote_server: avoid clang static analysis warning
...
if IsServer(source_p) then the following must be all non-NULL:
->serv
->servptr
->servptr->serv
Remove unnecessary and inconsistent pointer checks.
2017-07-29 22:28:48 +01:00
Simon Arlott
630c15211d
librb: rb_linebuf_copy_raw: remove unused assignment
2017-07-29 22:28:47 +01:00
Simon Arlott
ab5fc9c032
ircd: hostmask: avoid clang static analysis warning
...
arec->Mask.ipa.bits is unused if arec->masktype == HM_HOST
2017-07-29 22:27:23 +01:00
Simon Arlott
b0adc7bf97
librb: commio: Must set addrlen before every call to accept()
...
If an IPv4 connection is dropped by the pre-callback, and there is a
pending IPv6 connection on the same listening socket then the retried
accept() will be unable to populate `st` because `addrlen` will be too
small. Also initialise `st` each time to avoid a clang static analysis
warning.
2017-07-29 22:20:05 +01:00
Simon Arlott
8467fd9caf
ircd: listener: Document check_reject() behaviour
2017-07-29 22:20:04 +01:00
Simon Arlott
23e722ea21
wsockd: Initialise ws_frame_hdr_t before using it
...
Outgoing messages have uninitialised data from the stack in the 3 reserved
bits of the opcode_rsv_fin value.
2017-07-29 22:20:03 +01:00
Simon Arlott
a940f54623
sslproc: check number of arguments to zipstats command
2017-07-29 13:32:21 +01:00
Aaron Jones
ed9f6a6565
src/channel.c: don't use the bancache in is_banned()/is_quieted()
...
The bancache will be re-architected onto clients in future for easier
invalidation, but this is a good-enough temporary fix for issue #243
Fixes #243
2017-07-29 13:32:20 +01:00
Simon Arlott
be9fb5ac00
Revert "no really, it's dead people"
...
This reverts commit 40ac82e878
.
2017-07-27 18:51:24 +01:00
Simon Arlott
4efe9cf25d
charybdis 4-rc4
2017-07-27 18:47:18 +01:00
Simon Arlott
e9f0d740e3
msgbuf: remove unused field parselen
2017-07-27 18:31:08 +01:00
Simon Arlott
fb81421fc7
ircd: substitution: fix NULL termination buffer overrun when the output is too large for the buffer
2017-07-27 18:31:07 +01:00
Simon Arlott
1dfb080874
ircd: substitution: fix overrun with unterminated '}' in format string
...
handle a variable following an unterminated variable better
2017-07-27 18:31:05 +01:00
Simon Arlott
169a1c3535
msgbuf: s_assert is not a substitute for proper code
...
(dns, m_alias, m_stats updated as msgbuf no longer includes s_assert.h)
2017-07-26 19:30:41 +01:00
Simon Arlott
d2b3a2a474
ircd: check_server: don't allow a connection if that would exceed the class limit
2017-07-23 17:38:11 +01:00
Simon Arlott
e3cea4d811
ircd: serv_connect: don't try to connect if that would exceed the class limit
2017-07-23 15:40:00 +01:00
Simon Arlott
fdfe62e7cc
m_webirc: use rb_inet_ntop_sock to populate sockhost
2017-06-27 21:13:25 +01:00
Simon Arlott
89bb7d65fb
ircd: s_conf: fix use of strlcpy in strip_tabs
...
strlcpy should be called with the size of the destination buffer, not
the length of the source string.
When the source is an empty string, the destination buffer isn't
written at all, resulting in it trying to output uninitialised data.
This could also cause a buffer overflow on very long invalid config
lines.
2017-06-25 19:48:49 +01:00
William Pitcock
40ac82e878
no really, it's dead people
2017-02-27 23:31:49 -06:00
Simon Arlott
fe45fd6105
CREDITS: fix my nickname and update my email address
2017-01-06 21:52:44 +00:00
Aaron Jones
c3abf98286
MbedTLS: Disable TLSv1.0
2016-12-30 17:59:48 +00:00
Aaron Jones
35cd299395
OpenSSL: Disable TLSv1.0
...
Also some misc other cleanups/additions to bring it in line with the
release/3.5 backend
2016-12-30 17:59:46 +00:00
Aaron Jones
5bcd4c7c60
GNUTLS: Provide a default priority string, disable TLSv1.0 in it
...
The user can still override this choice with the ssl_cipher_list option
in ircd.conf -- this is the only backend that will allow you to do so.
2016-12-30 17:59:35 +00:00
Keith Buck
1175ff837d
extensions/extb_channel: Allow matching secret channels.
...
This change modifies extb_channel to allow matching users in secret
channels, which prevents trivial ban evasion by setting the target
channel +s. Information leak due to this change is unlikely since the
attacker would have to know that the target channel exists, the name of
the channel (or guess it), have a specific user they wanted to know
whether was in the channel (and not know already), and the target user
would need to have something like autojoin-on-invite enabled (or any of
the other various ways hostname cloaking is attacked).
2016-12-29 06:21:58 +00:00
Aaron Jones
28f877462d
Documentation: Comment-out the OPM block and its options by default
...
The feature is not yet stable and is causing several issues.
2016-12-28 23:41:32 +00:00
Aaron Jones
41390bfe5f
When a remote MODRESTART command is received, it will pass through the
...
ENCAP module. The ms_encap function is responsible for dispatching the
command handler and then the modules will eventually be reloaded.
However, if the ENCAP module is reloaded to a different address, the
stack now contains the address of a function that no longer exists.
Also, in this version of the IRCd, the module restarting functionality
was located in a function that is itself located in a module, so things
will also go badly if that module is reloaded to a different address,
too.
Return immediately from the command handler and have the event loop
call the function responsible for reloading the modules instead.
c.f. release/3.5 commit db05a36210
Reported-by: mniip (Freenode)
2016-12-28 22:08:14 +00:00
Aaron Jones
6002ccec6b
mkpasswd: avoid strdup(NULL) and the like if rb_crypt() fails
2016-12-20 17:29:37 +00:00