Commit graph

849 commits

Author SHA1 Message Date
Jilles Tjoelker
0894d18b87 blacklist: Make the snote more like the +c one. 2014-03-07 21:55:43 +01:00
Keith Buck
48e409767f Add DNSBL snotes for snomask +r. 2014-03-05 08:12:22 +00:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
Keith Buck
00533129dc s_conf: Don't leak log file paths when loading default conf
This change prevents the log file paths from being leaked when
rehashing. Additionally, fname_killlog was added to two places where it
was previously forgotten.
2014-03-03 04:12:07 +00:00
Keith Buck
010c4fbdc5 s_conf: Don't leak strings when loading default conf
This change prevents conf strings from being leaked when resetting the
conf to default prior to a rehash. Additionally, some default strings
are now rb_strdup'd into the ConfigFileEntry structure after loading the
conf so that they aren't allocated and then immediately freed by the
conf loading process.
2014-03-03 03:58:40 +00:00
Keith Buck
023c36ae22 newconf.c: Remove end-of-line whitespace. 2014-03-03 01:43:33 +00:00
Keith Buck
e12981c028 conf parsing: Fix freeing section names upon section end. 2014-03-03 01:43:33 +00:00
Keith Buck
1d39324556 Fix a couple more string leaks. 2014-03-02 22:05:30 +00:00
Jilles Tjoelker
f1709d5ac8 sslproc: Add missing break, still allowing zlib when ssl cannot be set up. 2014-03-02 21:58:38 +01:00
Jilles Tjoelker
0e717d8eb4 log_client_name: Remove MASK_IP case.
The MASK_IP case in log_client_name() was broken (because of a missing
break, it behaved as HIDE_IP). However, log_client_name() with MASK_IP
does not make sense anyway and is not used.
2014-03-02 21:54:29 +01:00
Jilles Tjoelker
40173bcbb3 listener: Move error messages to something visible by default.
If a listening port cannot be opened, send error messages to opers with
snomask +s and ircd.log, instead of snomask +d and the ioerror log, which
both are usually disabled.

Also, restore information about what listener is having problems. This
was lost when report_error() was replaced.
2014-03-01 19:05:55 +01:00
Keith Buck
dceac3e4fb conf parsing: Fix memory leaks and clean up code a bit.
Charybdis currently leaks about 45-50k per configuration parse,
including every rehash. This change plugs these leaks by properly
iterating through all conf_parm_t structures to seek all strings that
should be freed and also by freeing the conf_parm_t structures
themselves.

These leaks have been present since the original rewrite of the
configuration parsing system in ircd-ratbox r11953.

Additionally, this change also cleans up and documents the parsing code
a bit.
2014-02-28 17:35:51 +00:00
Jilles Tjoelker
e8cfec47c6 ircd_parser: Fix whitespace errors. 2014-02-28 15:51:52 +01:00
Jilles Tjoelker
a1f7ec5be0 server: Use rb_strlcpy() instead of strcpy().
An overflow should be impossible here, but be paranoid.
2014-02-24 00:04:11 +01:00
Jilles Tjoelker
26c6ac3dc7 Simplify module path list, removing strcpy use. 2014-02-23 23:47:27 +01:00
Jilles Tjoelker
b84e58f905 Fix use after free. 2014-02-23 23:46:57 +01:00
Jilles Tjoelker
12edf3e3d2 conf: Remove dead store. 2014-02-23 23:04:52 +01:00
Jilles Tjoelker
77910830e3 Fix various printf arg types. 2014-02-23 23:01:59 +01:00
Jilles Tjoelker
a9f1281448 modlist: Fix address display on 64-bit systems. 2014-02-23 22:55:40 +01:00
Jilles Tjoelker
1e170010e7 modules: Fix bad sizeofs. 2014-02-23 22:39:42 +01:00
Jilles Tjoelker
5ef68b1398 Replace double semicolons with single; place null statement on its own line.
No functional change is intended.
2014-02-23 22:23:34 +01:00
Jilles Tjoelker
43f45e81fb conf: Do not leak memory when modules::module is already loaded. 2014-02-23 22:20:43 +01:00
Jilles Tjoelker
b45b2daef9 startup: Check return value of open /dev/null. Don't fclose stdin/stdout/stderr.
Open /dev/null for standard fds earlier, so a failure can be reported.
Do not fclose stdin/stdout/stderr but just overwrite the fds with
/dev/null.
2014-02-23 21:51:19 +01:00
Jilles Tjoelker
071e376d9e Remove an unused variable. 2014-01-17 00:23:09 +01:00
Jilles Tjoelker
0c2ea0c3ce Avoid wrong detection of redundant/duplicate auth blocks with auth_user.
If there was more than one user= per auth block, the check for redundant
or duplicate auth blocks did not take auth_user into account.
2014-01-17 00:22:47 +01:00
Keith Buck
c8729b08fb bandb: Don't attempt to write to a NULL helper. 2014-01-12 01:38:48 +00:00
Keith Buck
7f3382fe98 Remove duplicate default-value code.
Default values for default_floodcount and default_ident_timeout are set
in s_conf.c. Remove code that checks for missing values in ircd.c.
Additionally, reset default_ident_timeout to 5 if an invalid value (i.e.
0) is provided.
2013-10-29 09:32:28 +00:00
Jilles Tjoelker
364e59f82a whowas: Use the normal rules for IP visibility.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().

Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
2013-09-14 12:26:32 +02:00
Jilles Tjoelker
f1fe7b4b28 Merge branch 'isupport-charset' of github.com:grawity/charybdis 2013-09-13 22:34:11 +02:00
Keith Buck
7fc09bc4f0 Abort blacklist queries at the same time as auth queries.
This fixes an assert(MyConnect(...)) being hit in
register_local_user(...).
2013-09-12 08:23:59 +00:00
Mantas Mikulėnas
e1a9785abe Remove CHARSET=ascii from ISUPPORT
For one, [draft-brocklesby-irc-isupport-02][1] already defines "ascii" as the
default value. According to section 2 ("Except as
explicitly stated in its definition, a parameter should not be sent
unless it changes this default value, or the default value is vague,
badly defined, or differs between IRC server implementations"), there is
no point in sending it.

For another, [version 03 of the same draft][2] removes CHARSET ("It was
found to be unworkable;  a correct specification could not be devised to
represent its meaning across implementations."), and the token is not
present at all in [draft-hardy-irc-isupport-00][3].

[1]: https://tools.ietf.org/html/draft-brocklesby-irc-isupport-02#section-3.17
[2]: https://tools.ietf.org/html/draft-brocklesby-irc-isupport-03#section-4.8
[3]: https://tools.ietf.org/html/draft-hardy-irc-isupport-00
2013-09-11 01:20:56 +03:00
Keith Buck
77d3d2dbaf Remove s_assert definition from ircd_defs.h and add it to its own header.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.

This change also fixes the compile when using --enable-assert=soft.
2013-09-10 06:10:14 +00:00
Quora Dodrill
2c0450fb60 src/s_conf: Avoid re-inventing the wheel 2013-08-14 15:45:35 -07:00
Quora Dodrill
a576a0fe64 src/s_conf: More detailed error messages conforming to POSIX errno
When the configuration file is unreadable or not existing, charybdis will now report the POSIX error message from the failed call. This is a compromise between the behavior in f951460ae9 and f6f049070e.
2013-08-14 15:30:15 -07:00
Jilles Tjoelker
7ddd614cd3 Ensure consistent indexing into user_modes independent on signedness of char. 2013-08-14 23:49:59 +02:00
Quora Dodrill
f951460ae9 src/s_conf: Moved error notification to proper place
Previously it was in src/ircd.c, but accroding to jilles, this is a better place for the notification.

This changes a patch made in adef4da10c and amended in 65d921173c and f6f049070e.
2013-08-14 14:28:11 -07:00
Quora Dodrill
f6f049070e src/ircd: fix -configfile argument 2013-07-10 08:44:27 -07:00
Quora Dodrill
65d921173c src/ircd: Missed case where ircd.conf is unreadable to the ircd 2013-07-09 20:16:04 -07:00
Quora Dodrill
adef4da10c src/ircd: Die if the configuration file does not exist 2013-07-09 20:04:45 -07:00
Elizabeth Myers
e232f35c63 Blacklist: fix accidentally clobbering previous filters 2013-04-21 11:10:57 -05:00
Elizabeth Myers
3c93d380e0 Add support for multiple forms of blacklist queries using matches.
It supports both literal and last octet matches from the dnsbl.
If matches is not present, the old behaviour is used.
2013-04-20 20:49:11 -05:00
Jilles Tjoelker
90e3d1b7e1 Update .depend files. 2013-03-23 23:32:46 +01:00
William Pitcock
6f7b36d5d0 Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
2013-02-21 05:46:04 -06:00
William Pitcock
2db1f25df5 Atheme is not responsible for the mental health changes of IRC operators using charybdis. 2013-02-03 14:06:13 -06:00
Jilles Tjoelker
e69375f3ac Cope with rb_crypt() returning NULL. 2013-02-02 00:54:32 +01:00
Jilles Tjoelker
4e4a5fcc61 Skip cidr checking for hostmask.c entries with negative cidrlen.
They will be treated as hostmasks only. In the case of dlines they will
be rejected as invalid.

hostmask.c entries such as dlines, klines and auth blocks can only be
added by opers or via ircd.conf.
2013-01-29 23:43:20 +01:00
Jilles Tjoelker
441da2f245 Also restrict cidrlen for testmask/masktrace (match_ips()). 2013-01-29 23:31:39 +01:00
Jilles Tjoelker
4dbd5e07ad Skip cidr checking for bans with negative or too large cidrlen.
Upto some length, such bans could match the exact IP address.

Obtained from: ircd-ratbox (androsyn)
2013-01-29 23:29:34 +01:00
William Pitcock
3dae60ef47 cache: use rb_strdup() instead of a static buffer for cache lines.
BUFSIZE limitation is retained as there is no need to remove it, as all lines must be smaller than it
due to RFC1459 message requirements.
2013-01-15 16:24:33 -06:00
William Pitcock
d7e4ed772f capability: handle NULL passed to capability_get(). 2012-12-31 13:01:09 -06:00
Jilles Tjoelker
ce4fa4477b server: Simplify some code now ENCAP is mandatory. 2012-12-19 17:42:49 +01:00
Jilles Tjoelker
856df9a3c4 server: Remove code to send recursive QUITs/SQUITs for non-QS servers.
Now that QS is required, this code can no longer be activated.
2012-12-19 15:06:49 +01:00
Jilles Tjoelker
58b60c20cb server: As per the TS6 spec, require QS and ENCAP capabilities. 2012-12-19 14:53:06 +01:00
Jilles Tjoelker
22cae20f02 server: Make sure CAP_CAP and CAP_TS6 are non-zero.
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.

A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
2012-12-18 17:03:59 +01:00
Jilles Tjoelker
6387b5ad44 Fix a crash with testline, introduced with the "underlying ipv4" feature. 2012-10-15 02:09:07 +02:00
Keith Buck
5bd79c2c56 res.c: Try other servers if errors or corrupt replies are encountered.
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.

Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
2012-10-09 05:58:02 +00:00
William Pitcock
deb24d2b31 reslib: remove advertising clause, which was dropped as a requirement by the copyright holder.
(See http://svnweb.freebsd.org/base/head/COPYRIGHT?view=co).
Closes #5.
2012-09-29 17:08:40 -05:00
William Pitcock
c4e81ae9e9 m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification 2012-09-22 19:31:55 -05:00
William Pitcock
3e54d7bfb0 Define RPL_STARTTLS. 2012-09-22 14:04:57 -05:00
Jilles Tjoelker
8d20b088f9 In capability_get(), if a capability is not found, return 0 instead of all-ones.
Returning all-ones will set all caps if an unknown cap name is passed.
2012-07-03 19:16:31 +02:00
Jilles Tjoelker
33b214fa42 Fix capability_index_list(), used e.g. in /stats ? capability output. 2012-07-03 19:15:25 +02:00
Jilles Tjoelker
89fd463e59 Add needed space between "TS6" or "SSL" and capabs from CAPAB in /stats ?. 2012-07-03 19:11:15 +02:00
Jilles Tjoelker
f3b3ad0b07 chmode: Allow mode queries on mlocked modes.
Check mlock at the same point where chanops are checked (except for
querying a +e/+I list) and abstract this check into a function.

In particular, /mode #channel f is now again allowed if +f is mlocked.
2012-06-19 00:33:29 +02:00
Jilles Tjoelker
294d32bf16 If umode +D or +g are oper-only, don't advertise them in 005. 2012-05-27 22:46:24 +02:00
Keith Buck
c46a4ecd97 Move marking of services entirely to m_services.c; mark all services when m_services loads and unmark them when it unloads. 2012-05-21 21:03:56 +00:00
Keith Buck
7d60375446 Add new conf_read_start and conf_read_end hooks. 2012-05-21 20:22:07 +00:00
William Pitcock
f30a5ee4c4 Remove MODE_NOCTCP from core, in favor of chm_noctcp. 2012-03-31 22:48:36 -05:00
William Pitcock
67aeaba593 Remove MODE_NOCOLOR from core, replacing it with modules/chm_nocolour.so. 2012-03-31 22:26:45 -05:00
William Pitcock
ca4c2a86ee Add support for hookifying PRIVMSG/NOTICE.
This will allow us to modularize message processing, e.g. having new modules to manipulate
channel and private messages in new ways.

Yes: it can be used to intercept messages, but such modules are already out in the wild for
charybdis anyway -- so this doesn't really change anything there.

If you are changing the text, then it is your responsibility to provide a pointer to a new
buffer.  This buffer should be statically allocated and stored in your module's BSS segment.
We will not, and cannot, free your buffer in core, so dynamically allocated buffers will
cause a memory leak.

This will allow us to simplify m_message considerably, by moving channel mode logic out to
their own modules.
2012-03-31 21:23:01 -05:00
Jilles Tjoelker
34616c3be1 change_nick_user_host: Only send +n snotes about local clients. 2012-03-27 00:46:50 +02:00
Keith Buck
ae4ce45f2e change_nick_user_host: Send nick change notices to SNO_NCHANGE opers when change_nick_user_host is called to only change nick. 2012-03-25 01:59:20 +00:00
Keith Buck
07d3283f38 RESV FNC: Sign off/on monitor, and don't try to FNC users that already have a UID nick. 2012-03-25 01:49:34 +00:00
Keith Buck
330692a1f2 Add option to immediately apply nick RESVs by FNC'ing. 2012-03-25 01:34:45 +00:00
Keith Buck
521f9d63a9 client.c: Fix spelling/grammar in comments. 2012-03-18 01:28:55 +00:00
Keith Buck
bc4dea6937 target change: Propagate restricted addresses. 2012-03-18 01:18:57 +00:00
William Pitcock
02270e9602 Add listen::defer_accept option for controlling usage of TCP_DEFER_ACCEPT option. 2012-03-17 10:00:39 -05:00
Nathan Phillip Brink
80e49b4ca8 Run make depend. 2012-03-01 03:51:33 +00:00
Nathan Phillip Brink
96b8a6edce Fix bandb's interaction with --enable-fhs-paths by storing ban.db in the correct directory, pkglocalstatedir. 2012-03-01 03:39:54 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
Nathan Phillip Brink
414c5f7d9b Fix parallel compilation issue when building lexer/parser. 2012-02-28 04:36:00 +00:00
William Pitcock
63a0ed0604 numeric: reserve RPL_SASLMECHS (908) 2012-02-21 09:15:15 -06:00
Jilles Tjoelker
d42e6915cf Pace aways.
This becomes important because of away-notify sending aways to common
channels much like nick changes (which are also paced).

Marking as unaway is not limited (but obviously only does something if the
user was away before). To allow users to fix typos in away messages, two
aways are allowed in sequence if away has not been used recently.
2012-02-18 16:32:57 +01:00
Keith Buck
e88a1f1b15 Add ratelimit for high-bandwidth commands. 2012-02-18 03:54:44 +00:00
Jilles Tjoelker
7f0fc87d3c Include forward channels when bursting bans to servers.
Obtained from:	ircd-seven (spb)
2012-02-16 23:36:05 +01:00
Keith Buck
c5bbc60375 Add away-notify client capability. 2012-02-14 14:15:44 +00:00
Keith Buck
3e910a1847 chmode.c: Fix bug in printing removed bans. 2012-02-06 16:38:10 +00:00
William Pitcock
a16910aa4e capability: add capability_index_stats() for getting statistics about the capability broker system 2012-02-04 21:27:43 -06:00
William Pitcock
885cd603b5 capability: add global list of capability indexes, and name all capability indexes 2012-02-04 21:16:40 -06:00
Jilles Tjoelker
bde42c6063 Don't shadow the name "index". 2012-02-04 15:15:26 +01:00
William Pitcock
8bedf01d19 capability: store capability bit entries with actual bit numbers, instead of as an expanded mask
This makes accounting of number of bits allocated easier.  Specifically, the amount of allocated
bits is computed by doing (index->highest_bit - 1) in code.
2012-02-04 05:23:15 -06:00
William Pitcock
e915e51f4d capability: don't use DictionaryIter internals.
it's just ugly now that we're providing our own copies of keys.
2012-02-04 05:13:04 -06:00
William Pitcock
e679e38906 capability: do not use strings provided by modules for keyword index, instead duplicate the keyword. 2012-02-04 04:47:37 -06:00
William Pitcock
f01f67f0ad capability: add capability_require(). 2012-02-04 02:00:33 -06:00
William Pitcock
0582290f21 capability: missed one 2012-02-04 01:58:07 -06:00
William Pitcock
5058c8ebce capability: change CapabilityIndex.orphaned to (CapabilityIndex.flags & CAP_ORPHANED)
This makes it possible to add other flags to capabilities.
2012-02-04 01:55:11 -06:00
William Pitcock
346fba9252 Migrate capability negotiation code to new dynamic capability management API.
This needs a lot of testing, obviously.
2012-02-04 01:47:46 -06:00
William Pitcock
ec3a9055f2 capability: add capability_index_mask() which calculates old CAP_MASK 2012-02-04 00:39:53 -06:00
William Pitcock
5e773521a9 capability: add capability_index_list() to build a list of capabilities given an index and mask 2012-02-04 00:36:42 -06:00
William Pitcock
64b56afd8c Add a new dynamic capability manager.
Specifically, what this capability manager does, is map keywords to
calculated bitmasks.  These bitmasks are allocated at runtime, so that
the any managed capability index can be manipulated by modules.

Modules should call capability_orphan() when orphaning capabilities.  This
makes it so that bitmasks aren't reallocated, except for cases where the
capability is the same.
2012-02-04 00:05:13 -06:00
William Pitcock
481b443b4d Missed a few -Wformat-security warnings. 2012-01-25 13:24:04 -06:00