Jilles Tjoelker
2ebef8d925
whois: Fix UID leak.
...
The second parameter of WHOIS is always a nick.
2013-02-14 23:45:22 +01:00
William Pitcock
2db1f25df5
Atheme is not responsible for the mental health changes of IRC operators using charybdis.
2013-02-03 14:06:13 -06:00
Jilles Tjoelker
e0c7937a9f
UID/EUID: Add server's SID to invalid UID error message.
2013-02-03 20:31:52 +01:00
Jilles Tjoelker
561d7efc44
UID/EUID: Check that the UID starts with the server's SID.
...
If not, the local link that sent the command is broken, as with
syntactically invalid UIDs.
2013-02-03 19:38:46 +01:00
Jilles Tjoelker
9cbf72447c
stats l: Don't care about away status.
2013-02-03 19:33:31 +01:00
Jilles Tjoelker
1c1d47e279
Merge branch 'mailmap' of github.com:grawity/forks.charybdis
2013-02-03 19:31:06 +01:00
Jilles Tjoelker
e69375f3ac
Cope with rb_crypt() returning NULL.
2013-02-02 00:54:32 +01:00
Jilles Tjoelker
df2516e6d8
whowas: Abort listing if 90% of sendq is in use.
2013-02-02 00:50:03 +01:00
Jilles Tjoelker
4e4a5fcc61
Skip cidr checking for hostmask.c entries with negative cidrlen.
...
They will be treated as hostmasks only. In the case of dlines they will
be rejected as invalid.
hostmask.c entries such as dlines, klines and auth blocks can only be
added by opers or via ircd.conf.
2013-01-29 23:43:20 +01:00
Jilles Tjoelker
441da2f245
Also restrict cidrlen for testmask/masktrace (match_ips()).
2013-01-29 23:31:39 +01:00
Jilles Tjoelker
4dbd5e07ad
Skip cidr checking for bans with negative or too large cidrlen.
...
Upto some length, such bans could match the exact IP address.
Obtained from: ircd-ratbox (androsyn)
2013-01-29 23:29:34 +01:00
William Pitcock
3dae60ef47
cache: use rb_strdup() instead of a static buffer for cache lines.
...
BUFSIZE limitation is retained as there is no need to remove it, as all lines must be smaller than it
due to RFC1459 message requirements.
2013-01-15 16:24:33 -06:00
Jilles Tjoelker
b6e02c25b5
starttls: Don't send ERR_STARTTLS after successful STARTTLS.
2013-01-05 15:09:17 +01:00
Jilles Tjoelker
fce4df5473
server: Show the missing CAPABs when rejecting a server.
2013-01-02 21:00:18 +01:00
Jilles Tjoelker
22b24f637d
server: Move required CAPAB check after authentication and add snote and log.
2013-01-02 20:07:28 +01:00
Mantas Mikulėnas
62c87179ef
Add a Git .mailmap
...
...to make `git shortlog -es` look nicer.
2013-01-02 01:46:36 +02:00
Jilles Tjoelker
f09c28e18f
reference.conf: Correct description of general::client_exit.
...
It prefixes with "Quit: ", not "Client exit: ".
2013-01-01 18:07:37 +01:00
William Pitcock
ac0707aa61
m_capab: fix a possible remote crash triggered by the CAPAB parsing code.
2012-12-31 13:13:05 -06:00
William Pitcock
d7e4ed772f
capability: handle NULL passed to capability_get().
2012-12-31 13:01:09 -06:00
Jilles Tjoelker
ce4fa4477b
server: Simplify some code now ENCAP is mandatory.
2012-12-19 17:42:49 +01:00
Jilles Tjoelker
856df9a3c4
server: Remove code to send recursive QUITs/SQUITs for non-QS servers.
...
Now that QS is required, this code can no longer be activated.
2012-12-19 15:06:49 +01:00
Jilles Tjoelker
58b60c20cb
server: As per the TS6 spec, require QS and ENCAP capabilities.
2012-12-19 14:53:06 +01:00
Jilles Tjoelker
22cae20f02
server: Make sure CAP_CAP and CAP_TS6 are non-zero.
...
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.
A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
2012-12-18 17:03:59 +01:00
Jilles Tjoelker
71eb2bb99b
server: Fix required capabilities check if there is more than one capability.
2012-12-18 16:37:21 +01:00
William Pitcock
5fd2dd9556
genssl: use DH params length of 2048 to appease the weechat idiots
2012-11-19 21:12:30 +00:00
William Pitcock
4cbed3b849
extensions/m_roleplay: merge in darkmyst changes
2012-11-04 03:35:58 +00:00
Jilles Tjoelker
8ff07125c3
starttls: Explicitly reject starttls if TLS is not configured or not compiled in.
2012-11-03 15:50:43 +01:00
Jilles Tjoelker
c1cddb36c0
starttls: Don't corrupt the FD hash.
...
Altering localClient->F without updating the FD hash leaves the struct
Client in the FD hash indefinitely which causes a crash later if the
struct is reused for a remote client. It also prevents error messages
from ssld showing up on IRC properly.
2012-11-03 00:49:10 +01:00
William Pitcock
e5149d6169
Add module which restricts unauthenticated users from doing anything as channel op.
2012-11-01 06:48:40 +00:00
Jilles Tjoelker
6387b5ad44
Fix a crash with testline, introduced with the "underlying ipv4" feature.
2012-10-15 02:09:07 +02:00
William Pitcock
1cf9ef50cd
numeric: add 744 (ERR_TOPICLOCK) to list so we don't step on inspircd
2012-10-13 17:50:12 +00:00
Keith Buck
5bd79c2c56
res.c: Try other servers if errors or corrupt replies are encountered.
...
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.
Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
2012-10-09 05:58:02 +00:00
William Pitcock
373d6d79e3
libratbox/crypt: remove blowfish support since it has the stupid advertising clause
2012-09-29 17:28:04 -05:00
William Pitcock
deb24d2b31
reslib: remove advertising clause, which was dropped as a requirement by the copyright holder.
...
(See http://svnweb.freebsd.org/base/head/COPYRIGHT?view=co ).
Closes #5 .
2012-09-29 17:08:40 -05:00
Jilles Tjoelker
f8cdda0573
help: Document whowas limit parameter.
2012-09-28 23:14:56 +02:00
William Pitcock
c4e81ae9e9
m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification
2012-09-22 19:31:55 -05:00
William Pitcock
21f715a9a3
m_starttls: new module implementing ircv3 tls-3.1 optional extension
2012-09-22 16:30:01 -05:00
William Pitcock
538d4d6188
m_cap: add 'tls' core capability
2012-09-22 14:15:45 -05:00
William Pitcock
3e54d7bfb0
Define RPL_STARTTLS.
2012-09-22 14:04:57 -05:00
William Pitcock
4727c0f586
m_stats: apply same logic to anonymous /stats l as /stats p
2012-09-18 20:01:53 -05:00
William Pitcock
e82bda18a5
m_stats: add optional constraint checking function pointer to stats_l_list().
2012-09-18 19:55:49 -05:00
Kiyoshi Aman
55a06c8910
GIT-Access: Our repos are on github now, so let's say so.
2012-08-20 06:25:21 -04:00
Keith Buck
0d0f34c322
chm_nonotice: Ignore CTCP and send ERR_CANNOTSENDTOCHAN if a message is being blocked.
2012-07-31 06:37:33 +00:00
William Pitcock
f0c778d701
Merge pull request #2 from TheChrisAM/patch-1
...
Adding auth_user documentation for auth {} blocks.
2012-07-30 10:00:49 -07:00
Jilles Tjoelker
2b121c81f5
reference.conf: Extend documentation for max_number in server classes.
2012-07-28 15:31:44 +02:00
William Pitcock
a85566b151
sigio: use siginfo_t instead of struct siginfo, per glibc commit r4efeffc1d5
2012-07-25 10:34:50 -05:00
Jilles Tjoelker
bdad42f050
tools/smoketest.sh: Remove DNSBL external dependency.
2012-07-14 14:51:55 +02:00
Jilles Tjoelker
96d5791220
tools: Add a simple test script.
...
It compiles and runs ircd, verifying if some aspects of PRIVMSG work.
2012-07-14 13:50:55 +02:00
Jilles Tjoelker
8d20b088f9
In capability_get(), if a capability is not found, return 0 instead of all-ones.
...
Returning all-ones will set all caps if an unknown cap name is passed.
2012-07-03 19:16:31 +02:00
Jilles Tjoelker
33b214fa42
Fix capability_index_list(), used e.g. in /stats ? capability output.
2012-07-03 19:15:25 +02:00