Commit graph

3563 commits

Author SHA1 Message Date
PrgmrBill
0ab8263ff0 Adds SSL only channel mode
Adds +S channel mode - Only users connected via SSL may join the channel while this mode is set. Users already in the channel are not affected.
2015-03-17 14:57:55 -04:00
William Pitcock
aaaf9faf1d cap: sasl is now enforced as sticky again 2015-03-10 08:21:46 -05:00
William Pitcock
eafae32681 cap: chase ircv3.2 interpretation of sticky/ack-required caps (basically dropping support other than serverside enforcement of stickyness)
change request @ ircv3/ircv3-specifications#122
2015-03-10 08:21:10 -05:00
William Pitcock
27403553b5 Merge pull request #86 from rnjohnson18/patch-1
Change example.conf to ircd.conf.example
2015-03-08 19:22:49 -05:00
rnjohnson18
3514f17e98 Change example.conf to ircd.conf.example 2015-03-08 19:16:36 -05:00
William Pitcock
3b1e0380ce charybdis 3.5.0 rc1. 2015-03-08 15:26:31 -05:00
Mantas Mikulėnas
6fb9f21449 sasl: reformat the other messages consistently 2015-03-06 17:19:16 +02:00
Mantas Mikulėnas
1cae2411d7 sasl: adjust 'H' message following commit 7d33cce8ef 2015-03-06 17:18:54 +02:00
Jilles Tjoelker
9279ad6461 Fix some compiler warnings about signed/unsigned comparison. 2015-03-01 23:46:20 +01:00
Jilles Tjoelker
4f0d2b588b conf: Correct message when serverinfo::nicklen is set too low (<9). 2015-03-01 16:12:12 +01:00
Jilles Tjoelker
dafbd7faba cap-notify: Fix possible crash on 64-bit systems.
find_named_client() was called without a prototype and therefore the
pointer could be truncated.
2015-03-01 15:00:52 +01:00
Jilles Tjoelker
bed692ca0e send: sendto_local_clients_with_capability() needn't use serial
sendto_local_clients_with_capability() sends to a subset of the list of
local clients and cannot visit the same client multiple times like
sendto_channel_flags() and sendto_common_channels_local() can.
2015-03-01 14:55:57 +01:00
Max Teufel
bbce62d2aa m_cap: do not allow sasl CAP when the agent is offline 2015-03-01 03:30:19 -06:00
William Pitcock
9f09e25b63 charybdis 3.5.0-test1. 2015-03-01 01:09:34 -06:00
William Pitcock
bb2a50509a config: further EGD removal 2015-03-01 01:06:58 -06:00
William Pitcock
e861902fd9 libratbox: remove RB_PRNG_EGD in its entirety (closes #85) 2015-03-01 01:05:14 -06:00
William Pitcock
125652041b cap-notify: implement cap-notify for sasl service (closes #84) 2015-03-01 00:58:40 -06:00
William Pitcock
984d80c988 cap-notify: add sendto_local_clients_with_capability() (ref #84) 2015-03-01 00:44:34 -06:00
William Pitcock
13de708352 cap-notify: add cap-notify cap 2015-03-01 00:26:23 -06:00
William Pitcock
8f05076d50 sasl: making the sasl capability actually sticky seems incompatible with broken implementations, so we make it just a formality instead. 2015-03-01 00:22:50 -06:00
William Pitcock
c23902ae00 sasl: fix null deref on remote client exit 2015-03-01 00:01:24 -06:00
William Pitcock
8bb9594bf3 sasl: ircv3 wg decided sasl capability should be sticky (ref ircv3/ircv3-specifications#103) 2015-02-28 01:12:25 -06:00
Max Teufel
1b54aa5c3b src/channel: add support for IRCv3.2 userhost-in-names 2015-02-28 01:06:38 -06:00
William Pitcock
6e3d57dc6b cap: remove SASL_REAUTH capability 2015-02-28 01:01:08 -06:00
William Pitcock
51535fcbce sasl: allow reauth without sasl-reauth capability (since it's being dropped) 2015-02-28 00:48:43 -06:00
William Pitcock
676032301e move README to markdown. 2015-02-24 20:32:08 -06:00
William Pitcock
74bae4c6ff remove references to LIBPATH (closes #26). 2015-02-24 20:25:34 -06:00
William Pitcock
654caa84fb ircd.conf.example: explain DH parameters size better (closes #68) 2015-02-18 12:36:00 -06:00
William Pitcock
dd28e3f2a4 Merge pull request #82 from grawity/sasl-send-conn-info
m_sasl: send information about the client connection
2015-02-18 12:29:57 -06:00
William Pitcock
95cce5f358 Revert "m_invite: add support for CAP invite-notify"
This reverts commit 93eb76cc32.
2015-02-16 17:50:51 -06:00
William Pitcock
4cb0a93d25 libratbox/gnutls: call gnutls_rnd_refresh() to ensure our PRNG is initialized 2015-02-16 17:40:25 -06:00
William Pitcock
cfa7b5fdb0 rebuild configure 2015-02-16 15:57:14 -06:00
William Pitcock
7585af0f3b configure: move some OS X toolchain checks around (closes #40) 2015-02-16 15:55:36 -06:00
Max Teufel
93eb76cc32 m_invite: add support for CAP invite-notify
Specification:
<https://github.com/ircv3/ircv3-specifications/blob/master/extensions/invite-notify-3.2.md>
2015-02-16 15:40:34 -06:00
William Pitcock
c6bc97fdcd m_sasl: move some struct members around for sasl-reauth 2015-02-16 15:39:36 -06:00
William Pitcock
3a48406b55 cap: fix compile 2015-02-15 17:40:20 -06:00
William Pitcock
ef3ab8e3a5 cap: allow clients to do sasl reauth if they requested sasl and sasl-reauth (ref ircv3/ircv3#103). 2015-02-15 17:11:28 -06:00
William Pitcock
0044d40050 cap: add notion of required dependency caps 2015-02-15 17:11:28 -06:00
William Pitcock
ce14240a02 Merge pull request #83 from maxteufel/feature/saslserv_config_option
m_sasl: add configuration option for the nick of the SASL agent
2015-02-14 15:23:00 -06:00
Max Teufel
7d33cce8ef m_sasl: add configuration option for the nick of the SASL agent
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
2015-02-14 20:31:25 +01:00
Jilles Tjoelker
f51b72de97 Ignore duplicate USER and PASS.
If SASL starts using USER/PASS for unregistered clients, this change stops
users from using one USER/PASS for SASL while using another for connecting.
2015-02-13 23:07:02 +01:00
Mantas Mikulėnas
a3fa9d81a2 m_sasl: send information about the client connection 2015-02-13 22:38:24 +02:00
William Pitcock
9299ce1371 Merge pull request #81 from attilamolnar/master+openssl
openssl: Disable session tickets and session caching
2015-02-09 14:59:56 -06:00
Attila Molnar
989652e7a8 openssl: Disable session caching 2015-02-09 21:19:09 +01:00
Attila Molnar
6b6a579925 openssl: Disable session tickets 2015-02-09 21:18:32 +01:00
William Pitcock
bc75c3ae0e fix target list generation edge case where WALLCHOPS was requested alongside normal users if the source user was not a channel op.
from ircd-hybrid r5457
2015-02-09 11:16:06 -06:00
Jilles Tjoelker
22e4a9bc2b Merge branch 'master+sjoin-deadcode' of https://github.com/attilamolnar/charybdis 2015-01-30 17:54:13 +01:00
Attila Molnar
407094721c SJOIN: Remove some dead code 2015-01-30 14:42:08 +01:00
Jilles Tjoelker
e9f86e320e introduce_client(): Remove redundant check for sockhost starting with colon.
Other code (inet_ntop6() in libratbox/src/commio.c and
extensions/m_webirc.c) ensures the sockhost does not start with a colon.
Checking only here does not make sense.

Reported by:	Attila
2015-01-25 22:11:16 +01:00
Jilles Tjoelker
3881a3ce5d Don't append a domain to names without dot from reverse lookup.
Some code to append "domain" from /etc/resolv.conf to unqualified names (for
server connections) erroneously applied to names from reverse DNS lookups as
well.

The effect was that "domain" from /etc/resolv.conf was appended to
"localhost", even though the DNS server intended "localhost" to be a fully
qualified name.
2015-01-16 23:23:56 +01:00