Commit graph

73 commits

Author SHA1 Message Date
Ed Kellett
1cf798beb1 Add secure{} blocks 2020-10-31 16:00:02 +00:00
Ed Kellett
7c7065b07e Add class::max_autoconn configuration 2020-10-18 20:03:05 +01:00
Ed Kellett
7d9e8e9d77
Add error handling to parse_netmask() 2020-07-26 22:03:06 +01:00
Ariadne Conill
303e85c59e remove callerid definitions 2020-07-09 16:06:33 -06:00
Simon Arlott
ac09f70838
Merge remote-tracking branch 'ophion/upstream/dnsbl-rename' 2020-07-09 20:53:38 +01:00
Aaron Jones
e241d7979c
Merge pull request #346 from edk0/opmod-as-statusmsg
Port opmod_send_cprivmsg from ircd-seven, sans naming mistake
2020-07-06 10:52:15 +00:00
Janik Kleinhoff
04e5ed6c57
Make 5614c9e6f0b (opmod as fake statusmsg) optional
This adds a channel { ... } option, opmod_send_statusmsg, disabled by
default for compatibility reasons.
2020-07-06 10:36:35 +01:00
Ariadne Conill
7f24f506e0 newconf: deprecate blacklist{} blocks, replace with dnsbl{} blocks. 2020-07-05 21:20:32 -06:00
Ariadne Conill
3321eef45a ircd: rename DNSBL entries from blacklist to dnsbl_entry. 2020-07-05 21:20:31 -06:00
Ed Kellett
fff4f76353
Add general::tls_ciphers_oper_only 2020-07-05 23:06:51 +01:00
Ariadne Conill
968dee680f modularize usermode +R (registered users only) 2020-06-26 11:56:42 -06:00
Stephen Bennett
b3a0099139
Rename connect_delay to post_registration_delay. This matches the ircd-ratbox feature, and better describes what it actually is. Also make sure to set localClient->firsttime on registration, so that the delay counts from the right time. 2020-06-07 19:22:36 +01:00
Stephen Bennett
2d6562846f
Initial attempt at the conndelay hack 2020-06-07 19:22:36 +01:00
Ed Kellett
67e05d5b67
Add an iline flag to match klines by spoof only 2020-04-20 11:10:39 +01:00
Ed Kellett
9914c013b4
Add general::hide_tkdline_duration 2019-12-31 01:56:01 +00:00
Ed Kellett
b674a619eb
Add extensions/drain
This takes the simplest possible approach: load the module and you're in
drain mode.
2019-09-14 21:13:11 +01:00
Ed Kellett
1123eefcb0
Rework oper hiding
As it stands, oper hiding is rather messy and inconsistent. Add
SeesOper(target, source), which is true iff target should appear as an
oper to source. If I haven't missed something, all commands that reveal
oper status now use the same logic.

general::hide_opers_in_whois is a special case, and affects /whois only.

general::hide_opers is introduced, and has the same effect as giving
everyone oper:hidden. All commands that reveal oper status respect both.
2019-09-12 23:14:15 +01:00
Simon Arlott
17809d2db7
librb: Fix type of dst for rb_inet_pton_sock() 2019-08-31 16:10:50 +01:00
Ed Kellett
6ca9ff0ea1
Remove unused kline_delay config option 2019-04-27 14:53:04 +01:00
Aaron Jones
c87c8e5bfe
newconf: remove plaintext listeners warning
Closes #270

[ci skip]
2019-03-27 19:29:55 +00:00
Simon Arlott
6003ce763c
Add outgoing SCTP connect support 2017-08-24 20:08:21 +01:00
Simon Arlott
c6ad9b0c5f
Add basic SCTP listener support that binds to multiple addresses
This only supports two addresses as the intended use is 1 IPv4 and 1 IPv6
address on a single-homed host, and the only supported configuration of
outgoing connections to other servers is to bind a single IPv4 or IPv6
address.
2017-08-24 20:08:20 +01:00
Simon Arlott
de2934965c
remove RB_IPV6 2017-08-20 12:54:46 +01:00
William Pitcock
087555a00f ircd: introduce 'no-export' links
Links that are 'no-export' are not distributed to the rest of the IRC network (including local peers).
This provides a core primitive for 'anycasting' services (but the actual issue of synchronizing data in
a services package is left to the authors of the services package).
2016-09-16 17:18:55 -05:00
William Pitcock
e55a9d6abc modules: serious cleanups 2016-06-18 00:52:16 -05:00
Aaron Jones
0982871a99
strcpy: mass-migrate to strlcpy where appropriate 2016-05-15 03:58:44 +00:00
William Pitcock
dcf450702b newconf: ensure wsock and defer_accept are default-to-disable for now, for consistency sake on rehashes 2016-05-14 17:23:51 -05:00
Aaron Jones
fed4fc59bc
Mention another RFC with regard to deprecating plaintext 2016-04-29 16:28:18 +00:00
Simon Arlott
f018ed844d
certfp: Move method name/prefix strings to a separate header file 2016-04-26 20:33:18 +01:00
Simon Arlott
f61d096186
conf: require certificate fingerprint for SSL connections 2016-04-25 20:19:48 +01:00
Simon Arlott
d4214e9445
ircd: server connection configuration
Fix the server connection configuration so that it can simultaneously
handle a hostname/IPv4/IPv6 for connecting and a hostname/IPv4/IPv6
for binding. Maintains backwards compatibility for matching a hostname
with a mask.

Multiple host/vhost entries can be specified and the last value for
each address family is stored. Hostnames that resolve automatically
overwrite the IP address.

Server connections can now be made to either IPv4 or IPv6 at random
as well as preferring a specific address family.
2016-04-24 17:06:24 +01:00
Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.

(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Elizabeth Myers
5e9a3f8674
Change the way authd configures opm
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
2016-04-12 09:36:09 -05:00
Elizabeth Myers
999c42bad8 Remove useless alias_entry hits member 2016-04-06 11:47:13 -05:00
Elizabeth Myers
f956cb0f1f Use rb_* versions of nonportable string functions 2016-04-05 05:39:59 -05:00
Elizabeth Myers
aa483e55bd bool-ify modules stuff 2016-04-03 01:51:45 -05:00
Elizabeth Myers
ffa79a9516 Use rb_dlink_list_length... == 0, not !rb_dlink_list_length 2016-04-02 22:45:52 -05:00
Elizabeth Myers
34bc7caeae Send enabling message to opm at the end of opm block. 2016-04-02 22:33:19 -05:00
Elizabeth Myers
5c5296c8f8 newconf: delete all proxies on rehash 2016-04-02 22:30:54 -05:00
Elizabeth Myers
c1f4db3fb7 Tweak some configuration semantics of opm 2016-04-02 19:45:09 -05:00
Elizabeth Myers
eb0814b3cb opm: add support for HTTPS CONNECT proxies.
TBD: do we need an SSL listener for these?
2016-04-02 18:38:21 -05:00
Elizabeth Myers
9bba0f6143 opm: add adjustable timeout values 2016-04-02 03:33:27 -05:00
Elizabeth Myers
fabe8b94c5 Add HTTP CONNECT proxy scanning 2016-04-02 03:11:30 -05:00
William Pitcock
c53ca1e029 ircd: integrate ircd side of wsockd support 2016-04-02 02:56:22 -05:00
Elizabeth Myers
fbe8d087e7 Add exempt logic for open proxies 2016-04-02 02:42:11 -05:00
Elizabeth Myers
51fa2ab8a3 opm: allow scanners to be configurable 2016-04-02 02:29:48 -05:00
Elizabeth Myers
8275e2700d Add opm stuff to default configs 2016-04-01 04:11:04 -05:00
Elizabeth Myers
a6a30cc7b8 ircd/newconf: better IPv4 example 2016-03-28 17:55:54 -05:00
Elizabeth Myers
771dcfad37 newconf: add illustrative examples to comments 2016-03-28 17:54:01 -05:00
Elizabeth Myers
835d456c64 newconf: fix check for IPv6 address length 2016-03-28 17:47:13 -05:00