Aaron Jones
9d6b870d7b
[Documentation] Increase bitlength recommendation for DH parameters
...
Also clarify the behaviour of TLS backends and the consequences for
not providing any parameters at all.
[ci skip]
2016-05-05 04:20:16 +00:00
Aaron Jones
70a70462e5
[Documentation] Reflect that ssl_private_key is now optional
...
[ci skip]
2016-05-05 04:20:07 +00:00
Simon Arlott
7380ded584
ircd.conf.example: use certfp_method = spki_sha256
...
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate
are really impractical and people need to stop using them.
2016-04-25 23:52:18 +01:00
Simon Arlott
dc986b5468
sslproc: prefix SPKI certfp types to distinguish them from CERT
2016-04-25 20:12:27 +01:00
Simon Arlott
d4214e9445
ircd: server connection configuration
...
Fix the server connection configuration so that it can simultaneously
handle a hostname/IPv4/IPv6 for connecting and a hostname/IPv4/IPv6
for binding. Maintains backwards compatibility for matching a hostname
with a mask.
Multiple host/vhost entries can be specified and the last value for
each address family is stored. Hostnames that resolve automatically
overwrite the IP address.
Server connections can now be made to either IPv4 or IPv6 at random
as well as preferring a specific address family.
2016-04-24 17:06:24 +01:00
Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
...
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.
(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Mantas Mikulėnas
3bb3dcf7f5
doc: fix whitespace in example configs [ci skip]
2016-04-23 17:57:07 +03:00
Elizabeth Myers
a2b7ef92a1
Make directions more clear for disabling OPM
2016-04-11 11:26:15 -05:00
Elizabeth Myers
cfb9253671
Update warnings in the opm default configs [ci skip]
2016-04-02 23:42:23 -05:00
Elizabeth Myers
4dbed1ed61
conf: in OPM, it's listen_port, not port. [ci skip]
2016-04-02 19:53:24 -05:00
Elizabeth Myers
eb0814b3cb
opm: add support for HTTPS CONNECT proxies.
...
TBD: do we need an SSL listener for these?
2016-04-02 18:38:21 -05:00
Elizabeth Myers
0ed0a9fe0a
Move m_locops module to extensions.
...
Many networks do not use local ops and therefore should not be required
to have this around all the time.
2016-04-02 05:20:30 -05:00
Elizabeth Myers
9bba0f6143
opm: add adjustable timeout values
2016-04-02 03:33:27 -05:00
Elizabeth Myers
fabe8b94c5
Add HTTP CONNECT proxy scanning
2016-04-02 03:11:30 -05:00
Elizabeth Myers
81a05933bf
add proxy_exempt to conf files
2016-04-02 02:49:38 -05:00
Elizabeth Myers
51fa2ab8a3
opm: allow scanners to be configurable
2016-04-02 02:29:48 -05:00
Elizabeth Myers
8275e2700d
Add opm stuff to default configs
2016-04-01 04:11:04 -05:00
Elizabeth Myers
f105844aad
StaticBox is dead, so let's not reference it in the conf files.
2016-04-01 03:45:45 -05:00
Matt Ullman
5c0df0e743
doc: Cleanup trailing whitespace
2016-03-29 10:09:52 -04:00
Aaron Jones
ed2efe7664
Add extb_usermode module to example configuration files
...
[ci skip]
2016-03-28 03:29:57 +01:00
Aaron Jones
6c5fa2f6b3
Document extb_usermode module
...
[ci skip]
2016-03-28 03:28:12 +01:00
William Pitcock
1859e9d7d7
ircd: remove basically entirely pointless ServerInfo.hub ( closes #167 )
2016-03-19 23:05:07 -05:00
Elizabeth Myers
0e1f366732
reference.conf: fix me being an incompetent fuckwit.
...
Blind search and replace ruined this file. Remember to check your
regexes, people.
2016-03-12 20:27:37 -06:00
Elizabeth Myers
9abdcf1c64
modules: can .la suffix.
...
.la archives are prohibited by most Linux distributions because they
clutter up the linker. They may get caught up as victims in scripts that
purge .la files. Besides, .la files don't matter for simple loadable
modules on most systems.
So, what we do now instead is just use the platform suffix detected by
libtool.
2016-03-12 20:10:46 -06:00
William Pitcock
f2d5cea00a
modules: remove explicit CPRIVMSG/CNOTICE, this has been obsolete for a long time
2016-03-10 02:13:43 -06:00
Elizabeth Myers
a5c46d31e4
Ginormous docs cleanup.
...
Purge a lot of really old and obsolete documents, and merge some together
where possible. Lots of efnet docs and the old ircd-ratbox manpage (lol)
was purged.
Reorganise everything nice and neatly as possible. Things describing
features can be found in features/, and some more technical documents
were moved to techinical/.
Old credits file was consolidated into credits-past.txt, and a reference
was added to it in the credits.
2016-03-05 22:39:50 -06:00
William Pitcock
9ea48ec30a
remove presupplied autotools files
2016-03-05 17:47:48 -06:00
William Pitcock
c678fbc08b
ircd: remove broken USE_IODEBUG_HOOKS knob and related code
2016-02-20 12:02:49 -06:00
Valerii Iatsko
5203cba5ce
Remove libratbox's snprintf.c, update related ircd code
2016-02-10 02:25:32 +01:00
William Pitcock
71c955336e
ircd: add general::hide_opers_in_whois to simulate ircd-seven operhide
2016-01-15 13:38:40 -06:00
William Pitcock
4d21f1e8e0
extensions/helpops: new module, implementing a helpops system.
...
if loaded, this module takes over /stats p, and displays people who are umode +H.
to get umode +H, one must have the "usermode:helpops" permission.
2016-01-14 08:08:40 -06:00
William Pitcock
14482679ce
ircd: channel: implement an option to strip color codes from channel topics
2016-01-13 17:05:41 -06:00
William Pitcock
e118f2d431
extensions/chm_operpeace: new module which disallows kicking of operators on select channels
2016-01-13 16:52:56 -06:00
William Pitcock
88c48be58c
extensions/sno_globalnickchange: import from ircd-seven
2016-01-12 07:10:39 -06:00
William Pitcock
15feac531c
ircd: implement support for remote module load/unload/etc commands
2016-01-12 00:37:54 -06:00
William Pitcock
cc7ae51cdc
Allow remote DIE and RESTART (from ircd-seven)
2016-01-12 00:04:54 -06:00
William Pitcock
a4721f5e9f
ircd: implement EXTENDCHANS, based on ircd-seven (with some improvements from chatircd)
2016-01-11 23:32:23 -06:00
William Pitcock
fe749d3709
ircd: implement GRANT subsystem based on ircd-seven
2016-01-11 23:02:03 -06:00
William Pitcock
9e45a5ca19
buildsystem: further cleanup
2016-01-08 07:01:00 -06:00
William Pitcock
f0718c93d5
configure: use correct path for libltdl
2016-01-08 06:50:01 -06:00
William Pitcock
5164a68650
buildsystem: update Makefile.in's
2016-01-08 05:20:32 -06:00
Aaron Jones
d8c4154da2
Fix LTDL conditional, remove some unnecessary and/or ugly configure tests
2016-01-07 17:15:55 +00:00
William Pitcock
d76258f559
modules: revert lt_dlopenext() change
2016-01-06 01:57:24 -06:00
William Pitcock
79b525052b
doc: fix make install
2016-01-06 01:34:41 -06:00
William Pitcock
30da589e9e
modules: use lt_dlopenext() to make the config look nicer
2016-01-06 01:33:33 -06:00
William Pitcock
2a19fc3f57
general: remove last vestiges of static modules support (this hasn't ever actually worked...)
2016-01-06 01:28:20 -06:00
William Pitcock
0fa09b8024
documentation updates for libltdl
2016-01-05 21:41:03 -06:00
William Pitcock
c52df12552
buildsystem: convert to automake + libtool
2016-01-05 21:20:25 -06:00
William Pitcock
d513218a9e
LIST: allow channel display threshold to be configured ( closes #109 )
2015-12-26 22:23:28 -06:00
William Pitcock
c1725bda3c
ssl: allow cipher list to be overridden ( closes #67 )
2015-12-12 07:50:48 -06:00