Commit graph

585 commits

Author SHA1 Message Date
William Pitcock
ef3ab8e3a5 cap: allow clients to do sasl reauth if they requested sasl and sasl-reauth (ref ircv3/ircv3#103). 2015-02-15 17:11:28 -06:00
Max Teufel
7d33cce8ef m_sasl: add configuration option for the nick of the SASL agent
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
2015-02-14 20:31:25 +01:00
Jilles Tjoelker
483987a464 Explicitly pass the current time to deactivate_conf().
Some places depend on the ban not being destroyed.
2014-09-21 15:02:43 +02:00
Jilles Tjoelker
0f8db0552e channel: Remove write-only field. 2014-05-29 17:41:35 +02:00
Jilles Tjoelker
51452a370b channel: Stop pretending to support per-mode server capabilities.
After a change for dynamic server capabilities, the code to send out mode
changes was changed to use the capabilities belonging to the last mode
being sent out. This does not make sense; therefore, just use no
capabilities and remove supporting infrastructure.
2014-05-29 17:40:16 +02:00
Jilles Tjoelker
72ae8a1f7b Merge branch 'patch-1' of https://github.com/auscompgeek/charybdis 2014-05-29 15:42:47 +02:00
Mantas Mikulėnas
c72f15bcf5 m_version: remove spaces from version string
"to make it machine parseable again", as in ircd-seven commit 03b2176b88a1.
2014-05-06 16:28:23 +03:00
auscompgeek
bd96349c86 strip_colour: Strip '\x0F' (^O, formatting off)
Reported by ssbr on freenode:

chmode +c doesn't strip ^O, which turns off all previous formatting.
This can cause clients that internally use mIRC formatting to render messages weirdly,
e.g. highlighted messages in HexChat: <https://i.imgur.com/eDX8Aif.png>.
2014-04-17 13:12:11 +10:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
Keith Buck
dceac3e4fb conf parsing: Fix memory leaks and clean up code a bit.
Charybdis currently leaks about 45-50k per configuration parse,
including every rehash. This change plugs these leaks by properly
iterating through all conf_parm_t structures to seek all strings that
should be freed and also by freeing the conf_parm_t structures
themselves.

These leaks have been present since the original rewrite of the
configuration parsing system in ircd-ratbox r11953.

Additionally, this change also cleans up and documents the parsing code
a bit.
2014-02-28 17:35:51 +00:00
Jilles Tjoelker
26c6ac3dc7 Simplify module path list, removing strcpy use. 2014-02-23 23:47:27 +01:00
Jilles Tjoelker
77910830e3 Fix various printf arg types. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
a9f1281448 modlist: Fix address display on 64-bit systems. 2014-02-23 22:55:40 +01:00
Rylee Elise Fowler
1870e06ad3 autotools: fix typo relating to ban db 2014-01-31 11:03:54 -05:00
Keith Buck
7f3382fe98 Remove duplicate default-value code.
Default values for default_floodcount and default_ident_timeout are set
in s_conf.c. Remove code that checks for missing values in ircd.c.
Additionally, reset default_ident_timeout to 5 if an invalid value (i.e.
0) is provided.
2013-10-29 09:32:28 +00:00
Jilles Tjoelker
364e59f82a whowas: Use the normal rules for IP visibility.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().

Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
2013-09-14 12:26:32 +02:00
Jilles Tjoelker
2635cc8089 Fix parameter name in header file for show_ip_conf(). 2013-09-14 12:26:24 +02:00
Keith Buck
77d3d2dbaf Remove s_assert definition from ircd_defs.h and add it to its own header.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.

This change also fixes the compile when using --enable-assert=soft.
2013-09-10 06:10:14 +00:00
Elizabeth Myers
3c93d380e0 Add support for multiple forms of blacklist queries using matches.
It supports both literal and last octet matches from the dnsbl.
If matches is not present, the old behaviour is used.
2013-04-20 20:49:11 -05:00
Elizabeth Myers
9d745dbd21 Implement kill-cancelling hook.
With this comes an example module to block the killing of services.

NOTE: this will not cancel remote kills. Those are still accepted, per
the TS 6 specification.
2013-04-20 01:07:55 -05:00
William Pitcock
6f7b36d5d0 Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
2013-02-21 05:46:04 -06:00
William Pitcock
3dae60ef47 cache: use rb_strdup() instead of a static buffer for cache lines.
BUFSIZE limitation is retained as there is no need to remove it, as all lines must be smaller than it
due to RFC1459 message requirements.
2013-01-15 16:24:33 -06:00
Jilles Tjoelker
22cae20f02 server: Make sure CAP_CAP and CAP_TS6 are non-zero.
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.

A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
2012-12-18 17:03:59 +01:00
William Pitcock
1cf9ef50cd numeric: add 744 (ERR_TOPICLOCK) to list so we don't step on inspircd 2012-10-13 17:50:12 +00:00
Keith Buck
5bd79c2c56 res.c: Try other servers if errors or corrupt replies are encountered.
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.

Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
2012-10-09 05:58:02 +00:00
William Pitcock
c4e81ae9e9 m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification 2012-09-22 19:31:55 -05:00
William Pitcock
538d4d6188 m_cap: add 'tls' core capability 2012-09-22 14:15:45 -05:00
William Pitcock
3e54d7bfb0 Define RPL_STARTTLS. 2012-09-22 14:04:57 -05:00
Keith Buck
7d60375446 Add new conf_read_start and conf_read_end hooks. 2012-05-21 20:22:07 +00:00
Keith Buck
62cf5b4036 Call the privmsg_channel hook for part messages too. 2012-04-07 03:03:07 +00:00
William Pitcock
f30a5ee4c4 Remove MODE_NOCTCP from core, in favor of chm_noctcp. 2012-03-31 22:48:36 -05:00
William Pitcock
67aeaba593 Remove MODE_NOCOLOR from core, replacing it with modules/chm_nocolour.so. 2012-03-31 22:26:45 -05:00
William Pitcock
ca4c2a86ee Add support for hookifying PRIVMSG/NOTICE.
This will allow us to modularize message processing, e.g. having new modules to manipulate
channel and private messages in new ways.

Yes: it can be used to intercept messages, but such modules are already out in the wild for
charybdis anyway -- so this doesn't really change anything there.

If you are changing the text, then it is your responsibility to provide a pointer to a new
buffer.  This buffer should be statically allocated and stored in your module's BSS segment.
We will not, and cannot, free your buffer in core, so dynamically allocated buffers will
cause a memory leak.

This will allow us to simplify m_message considerably, by moving channel mode logic out to
their own modules.
2012-03-31 21:23:01 -05:00
Keith Buck
330692a1f2 Add option to immediately apply nick RESVs by FNC'ing. 2012-03-25 01:34:45 +00:00
William Pitcock
02270e9602 Add listen::defer_accept option for controlling usage of TCP_DEFER_ACCEPT option. 2012-03-17 10:00:39 -05:00
Jilles Tjoelker
57b1cd5f6b strip_colour: Prefer IsDigit to isdigit.
Unlike isdigit, IsDigit can safely be applied to 'char's.
Arguments to isdigit needs a character cast to 'unsigned char' or EOF.
2012-03-15 00:58:56 +01:00
Jilles Tjoelker
aba43ba823 When stripping colour/control codes, also strip \004.
Some clients such as irssi interpret \004 as colour or other markup.
2012-03-15 00:17:40 +01:00
Nathan Phillip Brink
9f9b7042fb Run autoconf and autoheader. 2012-03-01 03:49:35 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
Jilles Tjoelker
f8e43a0b8f Remove dummies, given that ratelimit already broke the ABI once.
As with ratelimit, ircd/modules before and after this commit
are incompatible, but not detected as such.
2012-02-21 21:02:20 +01:00
William Pitcock
63a0ed0604 numeric: reserve RPL_SASLMECHS (908) 2012-02-21 09:15:15 -06:00
Jilles Tjoelker
d42e6915cf Pace aways.
This becomes important because of away-notify sending aways to common
channels much like nick changes (which are also paced).

Marking as unaway is not limited (but obviously only does something if the
user was away before). To allow users to fix typos in away messages, two
aways are allowed in sequence if away has not been used recently.
2012-02-18 16:32:57 +01:00
Keith Buck
e88a1f1b15 Add ratelimit for high-bandwidth commands. 2012-02-18 03:54:44 +00:00
Keith Buck
c5bbc60375 Add away-notify client capability. 2012-02-14 14:15:44 +00:00
William Pitcock
a16910aa4e capability: add capability_index_stats() for getting statistics about the capability broker system 2012-02-04 21:27:43 -06:00
William Pitcock
885cd603b5 capability: add global list of capability indexes, and name all capability indexes 2012-02-04 21:16:40 -06:00
Jilles Tjoelker
bde42c6063 Don't shadow the name "index". 2012-02-04 15:15:26 +01:00
William Pitcock
f01f67f0ad capability: add capability_require(). 2012-02-04 02:00:33 -06:00
William Pitcock
346fba9252 Migrate capability negotiation code to new dynamic capability management API.
This needs a lot of testing, obviously.
2012-02-04 01:47:46 -06:00
William Pitcock
ec3a9055f2 capability: add capability_index_mask() which calculates old CAP_MASK 2012-02-04 00:39:53 -06:00
William Pitcock
5e773521a9 capability: add capability_index_list() to build a list of capabilities given an index and mask 2012-02-04 00:36:42 -06:00
William Pitcock
64b56afd8c Add a new dynamic capability manager.
Specifically, what this capability manager does, is map keywords to
calculated bitmasks.  These bitmasks are allocated at runtime, so that
the any managed capability index can be manipulated by modules.

Modules should call capability_orphan() when orphaning capabilities.  This
makes it so that bitmasks aren't reallocated, except for cases where the
capability is the same.
2012-02-04 00:05:13 -06:00
Jilles Tjoelker
fe74401bf0 Add one more const. 2012-01-08 16:25:34 +01:00
Jilles Tjoelker
d9af501aa8 Fix a warning about const with forward channels. 2012-01-08 16:23:18 +01:00
Jilles Tjoelker
ae52fe0ff7 Show underlying IPv4 in a remote whois. 2012-01-08 15:51:48 +01:00
Jilles Tjoelker
524a5b3ac7 Add code to get IPv4 addresses from 6to4 and Teredo IPv6 addresses.
It is not used yet.
2012-01-08 15:51:44 +01:00
Jilles Tjoelker
be0365e152 Add an error message if a ban mask is invalid.
This is given if the ban mask is too long, it is an invalid extban or the
forward channel is invalid and no other message has been given about that.
2011-12-18 23:24:22 +01:00
William Pitcock
b583faf970 Add support for customizing the usable nick length.
This adds a new ISUPPORT token, NICKLEN_USABLE which is strictly an informative value.
NICKLEN is always the maximum runtime NICKLEN supported by the IRCd, as other servers may
have their own usable NICKLEN settings.  As NICKLEN_USABLE is strictly informative, and
NICKLEN is always the maximum possible NICKLEN, any clients which depend on NICKLEN for
memory preallocation will be unaffected by runtime changes to NICKLEN_USABLE.

The default NICKLEN is 50; the default serverinfo::nicklen in the config file is set to
30, which is the NICKLEN presently used on StaticBox.
2011-11-29 16:10:21 -06:00
Stephen Bennett
a695b0e40e Apply extended-join client cap to QJM joins 2011-11-12 14:41:01 +00:00
Jilles Tjoelker
d74fa5b502 Prefer PATH_MAX to non-standard MAXPATHLEN. 2011-10-28 16:45:18 +02:00
Jilles Tjoelker
d182b85454 Minor cleanup to command throttling code:
* Deduce allow_read from the client's state (IsFloodDone) rather than
   storing it in LocalUser.
 * Fix the documentation (in oper /info), however strange
   client_flood_burst_rate and client_flood_burst_max may seem, that is
   how they currently work.
2011-10-04 00:46:00 +02:00
Jilles Tjoelker
f9dda63969 Disable LocalUser.actually_read (write-only field). 2011-10-04 00:25:22 +02:00
Jilles Tjoelker
c598ff7b04 Fold client_flood_burst_rate check into MAX_FLOOD_BURST.
The original definition of floodgrace was MAX_FLOOD_BURST lines per second.
A second check for another number of lines per second makes no sense.
2011-10-04 00:21:19 +02:00
Jilles Tjoelker
2da6f6ebd7 Put back use_forward. 2011-09-25 16:22:29 +02:00
Elizabeth Jennifer Myers
765d839d3c Port ircd-seven banfowards to charybdis.
nenolod gave the thumbs-up to port ircd-seven banfowards to charybdis to spb
for a while, and people have asked about it. Might as well do it since it's a
slow weekend.

Note that as a side effect use_forward is removed from the config and
unconditionally enabled!
2011-08-12 20:33:10 -04:00
Elizabeth Jennifer Myers
7eec45bc9d Back out chanroles.
While what chanroles are trying to accomplish is a good idea, it is
apparently unclear this is the proper way to do it. Until we figure out
the exact way we wish to do this, it should be reverted for now.
2011-07-07 21:24:14 -04:00
William Pitcock
f3bfe2c271 chanroles: instead of checking for chanop + CHANROLE_UNSET combination, grant a default set of flags.
this allows ops with zero effective privilege.
2011-07-06 15:12:46 -05:00
William Pitcock
ae79dab6ae chanroles: grant initial set of flags to people added to a channel with CHFL_CHANOP.
this allows us to, later on, add a hook that will enable us to disable channel ops entirely
without causing permissions revocation.
2011-07-06 15:00:32 -05:00
Elizabeth Jennifer Myers
8aabb973c0 Implement chanroles, as discussed with nenolod.
The theory behind this is that services sends an ENCAP * GRANT #channel
UID :+flagspec message specifying the chanroles the user has. They are
mapped into flag bits and applied to the membership of the user. They
then are restricted or permitted to what they can do based on the
permissions mask regardless of rank.

For backwards compatibility, the default permission bit (without a GRANT
statement) allows a user to to anything an existing op can do ONLY if
they are an op.

Todo: make CHANROLE_STATUS work (the ability to apply +ov to people),
which is at the moment controlled by CHANROLE_MODE.
2011-07-06 13:46:22 -04:00
Keith Buck
ab894d74fe Add target change spam notice. 2011-05-16 15:29:09 -07:00
William Pitcock
f5493691ed branding: if CUSTOM_BRANDING is defined, display charybdis version in /info
(based on ircd-seven rebrand patch)
2011-05-08 09:06:19 -05:00
William Pitcock
b6d0720c1c configure: Add --with-custom-branding and --with-custom-version options. 2011-05-08 08:55:32 -05:00
Stephen Bennett
e6e54763d9 Make flood control settings configurable by those who know exactly what they're doing.
From ircd-seven git changeset 29aa4203150337925a4f5c6e7da47be5394c2125 .
2011-03-27 16:35:26 -04:00
Elizabeth Jennifer Myers
0a1e77c27c Support IPv6 blacklists. Also add a conf file option allowing the use of IPv4, IPv6, or both for a blacklist.
Although few blacklists currently support IPv6 lookups, they will likely begin to do so in the near future as more net trash begins using IPv6.
2011-02-27 16:38:05 -05:00
Keith Buck
096570b9f8 Add topic TS and channel TS constraints for /LIST. 2011-01-05 21:15:36 -08:00
Keith Buck
bb55ebebe9 Implement operspy for /LIST. 2011-01-05 18:57:27 -08:00
Stephen Bennett
341f971efa Bring across disable_local_channels config option from ircd-seven 2010-12-21 20:38:04 +00:00
William Pitcock
92052a5c24 Add extended-join client capability.
The extended-join client capability extends the JOIN message with information clients typically
query using WHO including accountname, signon TS and realname.
2010-12-16 00:24:54 -06:00
William Pitcock
99cca61ed6 Add sendto_channel_local_with_capability(). 2010-12-16 00:19:24 -06:00
William Pitcock
27912fd4ff Add send_channel_join(). 2010-12-16 00:09:29 -06:00
William Pitcock
7a7f86d344 Rough implementation of the new account-notify client capability.
This replaces identify-msg in ircd-seven.
2010-12-15 23:04:57 -06:00
William Pitcock
7a948bdaa7 Add capability parameter to sendto_common_channels_local() and sendto_common_channels_local_butone(). 2010-12-15 22:55:05 -06:00
William Pitcock
ff0cc1e616 Add support for linking using SSL certificate fingerprints as the link credential rather than the traditional server-password pair. 2010-12-13 23:14:00 -06:00
B.Greenham
15484f02bd Move flood_attack_channel to channel.c so it can be used outside m_message.c 2010-12-09 18:29:56 -05:00
B.Greenham
87d38e8cf1 Add strip_unprintable, a function that strips all unprintable characters from a string. 2010-12-09 12:02:24 -05:00
William Pitcock
a0626e7ce3 Reorder CHFL flags so that they can be used as ranks. 2010-12-07 00:11:53 -06:00
William Pitcock
6ca4dec95a Extend hook_data_channel_activity moduledata with membership struct. 2010-12-06 22:57:04 -06:00
William Pitcock
83b72f917a chmode: Remove chm_regonly, a vestige from ratbox which doesn't apply to native charybdis networks. 2010-12-06 22:46:37 -06:00
JD Horelick
f26e8b67e2 Remove all the DEFINE's and the random places they were used for the .conf-based ban stuff. 2010-12-04 17:26:14 -05:00
Jilles Tjoelker
01b7a527a3 Show the services login name in WHOWAS.
The numeric is the same (330) as used in WHOIS.

This takes at most half a megabyte of memory (large network, 30 char nicks).
2010-08-29 22:30:54 +02:00
Jilles Tjoelker
717238d2a2 Add target change for channels.
This has a separate enabling option channel::channel_target_change.

It applies to PRIVMSG, NOTICE and TOPIC by unvoiced unopped non-opers.

The same slots are used for channels and users.
2010-08-29 01:26:00 +02:00
Jilles Tjoelker
2fb6379693 Change ERR_MLOCKRESTRICTED to 742 as 735-739 seem for MONITOR extensions. 2010-08-24 22:51:20 +02:00
Stephen Bennett
51269a8737 Merge backout of 8939a7e03d15 2010-08-24 21:31:55 +01:00
Stephen Bennett
0f1ab797e4 Backed out changeset 8939a7e03d15
The code behind this capability was never implemented, and subsequent
discussions have agreed to approach the problem differently. There seems no
reason to continue advertising a capability that does nothing.
2010-08-24 21:30:56 +01:00
William Pitcock
6fb6bd15ae Enforce TS rules on MLOCKs. 2010-08-23 20:22:59 -05:00
William Pitcock
32de9f4e67 Add ERR_MLOCKRESTRICTED (735) to reflect bounces caused by MLOCK. 2010-08-23 18:59:32 -05:00
Jilles Tjoelker
f5455d2cd5 Tweak auto-accept:
* does not apply to NOTICE (as those may well be automated)
* mirrors +g behaviour so that no useless accept entries are added for services
* respects max_accept, if it would be exceeded the message is dropped with numeric 494
* check moved up so this is checked before floodcount/tgchange
2010-07-04 17:14:56 +02:00
William Pitcock
545f0a0f07 strip_colour(): strip ASCII 29 (mIRC 7 italics). 2010-06-19 16:53:56 -05:00
Stephen Bennett
c71a6e3bed Branch merge 2010-05-02 21:36:32 +01:00
Stephen Bennett
3b8a6350f8 Backed out changeset c57955c5225e
Now that MLOCK is no longer stored as a struct Mode, this is unnecessary.
2010-05-02 21:29:22 +01:00