Commit graph

917 commits

Author SHA1 Message Date
Quora Dodrill
2c0450fb60 src/s_conf: Avoid re-inventing the wheel 2013-08-14 15:45:35 -07:00
Quora Dodrill
a576a0fe64 src/s_conf: More detailed error messages conforming to POSIX errno
When the configuration file is unreadable or not existing, charybdis will now report the POSIX error message from the failed call. This is a compromise between the behavior in f951460ae9 and f6f049070e.
2013-08-14 15:30:15 -07:00
Jilles Tjoelker
7ddd614cd3 Ensure consistent indexing into user_modes independent on signedness of char. 2013-08-14 23:49:59 +02:00
Quora Dodrill
f951460ae9 src/s_conf: Moved error notification to proper place
Previously it was in src/ircd.c, but accroding to jilles, this is a better place for the notification.

This changes a patch made in adef4da10c and amended in 65d921173c and f6f049070e.
2013-08-14 14:28:11 -07:00
Quora Dodrill
f6f049070e src/ircd: fix -configfile argument 2013-07-10 08:44:27 -07:00
Quora Dodrill
65d921173c src/ircd: Missed case where ircd.conf is unreadable to the ircd 2013-07-09 20:16:04 -07:00
Quora Dodrill
adef4da10c src/ircd: Die if the configuration file does not exist 2013-07-09 20:04:45 -07:00
Elizabeth Myers
e232f35c63 Blacklist: fix accidentally clobbering previous filters 2013-04-21 11:10:57 -05:00
Elizabeth Myers
3c93d380e0 Add support for multiple forms of blacklist queries using matches.
It supports both literal and last octet matches from the dnsbl.
If matches is not present, the old behaviour is used.
2013-04-20 20:49:11 -05:00
Jilles Tjoelker
90e3d1b7e1 Update .depend files. 2013-03-23 23:32:46 +01:00
William Pitcock
6f7b36d5d0 Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
2013-02-21 05:46:04 -06:00
William Pitcock
2db1f25df5 Atheme is not responsible for the mental health changes of IRC operators using charybdis. 2013-02-03 14:06:13 -06:00
Jilles Tjoelker
e69375f3ac Cope with rb_crypt() returning NULL. 2013-02-02 00:54:32 +01:00
Jilles Tjoelker
4e4a5fcc61 Skip cidr checking for hostmask.c entries with negative cidrlen.
They will be treated as hostmasks only. In the case of dlines they will
be rejected as invalid.

hostmask.c entries such as dlines, klines and auth blocks can only be
added by opers or via ircd.conf.
2013-01-29 23:43:20 +01:00
Jilles Tjoelker
441da2f245 Also restrict cidrlen for testmask/masktrace (match_ips()). 2013-01-29 23:31:39 +01:00
Jilles Tjoelker
4dbd5e07ad Skip cidr checking for bans with negative or too large cidrlen.
Upto some length, such bans could match the exact IP address.

Obtained from: ircd-ratbox (androsyn)
2013-01-29 23:29:34 +01:00
William Pitcock
3dae60ef47 cache: use rb_strdup() instead of a static buffer for cache lines.
BUFSIZE limitation is retained as there is no need to remove it, as all lines must be smaller than it
due to RFC1459 message requirements.
2013-01-15 16:24:33 -06:00
William Pitcock
d7e4ed772f capability: handle NULL passed to capability_get(). 2012-12-31 13:01:09 -06:00
Jilles Tjoelker
ce4fa4477b server: Simplify some code now ENCAP is mandatory. 2012-12-19 17:42:49 +01:00
Jilles Tjoelker
856df9a3c4 server: Remove code to send recursive QUITs/SQUITs for non-QS servers.
Now that QS is required, this code can no longer be activated.
2012-12-19 15:06:49 +01:00
Jilles Tjoelker
58b60c20cb server: As per the TS6 spec, require QS and ENCAP capabilities. 2012-12-19 14:53:06 +01:00
Jilles Tjoelker
22cae20f02 server: Make sure CAP_CAP and CAP_TS6 are non-zero.
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.

A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
2012-12-18 17:03:59 +01:00
Jilles Tjoelker
6387b5ad44 Fix a crash with testline, introduced with the "underlying ipv4" feature. 2012-10-15 02:09:07 +02:00
Keith Buck
5bd79c2c56 res.c: Try other servers if errors or corrupt replies are encountered.
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.

Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
2012-10-09 05:58:02 +00:00
William Pitcock
deb24d2b31 reslib: remove advertising clause, which was dropped as a requirement by the copyright holder.
(See http://svnweb.freebsd.org/base/head/COPYRIGHT?view=co).
Closes #5.
2012-09-29 17:08:40 -05:00
William Pitcock
c4e81ae9e9 m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification 2012-09-22 19:31:55 -05:00
William Pitcock
3e54d7bfb0 Define RPL_STARTTLS. 2012-09-22 14:04:57 -05:00
Jilles Tjoelker
8d20b088f9 In capability_get(), if a capability is not found, return 0 instead of all-ones.
Returning all-ones will set all caps if an unknown cap name is passed.
2012-07-03 19:16:31 +02:00
Jilles Tjoelker
33b214fa42 Fix capability_index_list(), used e.g. in /stats ? capability output. 2012-07-03 19:15:25 +02:00
Jilles Tjoelker
89fd463e59 Add needed space between "TS6" or "SSL" and capabs from CAPAB in /stats ?. 2012-07-03 19:11:15 +02:00
Jilles Tjoelker
f3b3ad0b07 chmode: Allow mode queries on mlocked modes.
Check mlock at the same point where chanops are checked (except for
querying a +e/+I list) and abstract this check into a function.

In particular, /mode #channel f is now again allowed if +f is mlocked.
2012-06-19 00:33:29 +02:00
Jilles Tjoelker
294d32bf16 If umode +D or +g are oper-only, don't advertise them in 005. 2012-05-27 22:46:24 +02:00
Keith Buck
c46a4ecd97 Move marking of services entirely to m_services.c; mark all services when m_services loads and unmark them when it unloads. 2012-05-21 21:03:56 +00:00
Keith Buck
7d60375446 Add new conf_read_start and conf_read_end hooks. 2012-05-21 20:22:07 +00:00
William Pitcock
f30a5ee4c4 Remove MODE_NOCTCP from core, in favor of chm_noctcp. 2012-03-31 22:48:36 -05:00
William Pitcock
67aeaba593 Remove MODE_NOCOLOR from core, replacing it with modules/chm_nocolour.so. 2012-03-31 22:26:45 -05:00
William Pitcock
ca4c2a86ee Add support for hookifying PRIVMSG/NOTICE.
This will allow us to modularize message processing, e.g. having new modules to manipulate
channel and private messages in new ways.

Yes: it can be used to intercept messages, but such modules are already out in the wild for
charybdis anyway -- so this doesn't really change anything there.

If you are changing the text, then it is your responsibility to provide a pointer to a new
buffer.  This buffer should be statically allocated and stored in your module's BSS segment.
We will not, and cannot, free your buffer in core, so dynamically allocated buffers will
cause a memory leak.

This will allow us to simplify m_message considerably, by moving channel mode logic out to
their own modules.
2012-03-31 21:23:01 -05:00
Jilles Tjoelker
34616c3be1 change_nick_user_host: Only send +n snotes about local clients. 2012-03-27 00:46:50 +02:00
Keith Buck
ae4ce45f2e change_nick_user_host: Send nick change notices to SNO_NCHANGE opers when change_nick_user_host is called to only change nick. 2012-03-25 01:59:20 +00:00
Keith Buck
07d3283f38 RESV FNC: Sign off/on monitor, and don't try to FNC users that already have a UID nick. 2012-03-25 01:49:34 +00:00
Keith Buck
330692a1f2 Add option to immediately apply nick RESVs by FNC'ing. 2012-03-25 01:34:45 +00:00
Keith Buck
521f9d63a9 client.c: Fix spelling/grammar in comments. 2012-03-18 01:28:55 +00:00
Keith Buck
bc4dea6937 target change: Propagate restricted addresses. 2012-03-18 01:18:57 +00:00
William Pitcock
02270e9602 Add listen::defer_accept option for controlling usage of TCP_DEFER_ACCEPT option. 2012-03-17 10:00:39 -05:00
Nathan Phillip Brink
80e49b4ca8 Run make depend. 2012-03-01 03:51:33 +00:00
Nathan Phillip Brink
96b8a6edce Fix bandb's interaction with --enable-fhs-paths by storing ban.db in the correct directory, pkglocalstatedir. 2012-03-01 03:39:54 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
Nathan Phillip Brink
414c5f7d9b Fix parallel compilation issue when building lexer/parser. 2012-02-28 04:36:00 +00:00
William Pitcock
63a0ed0604 numeric: reserve RPL_SASLMECHS (908) 2012-02-21 09:15:15 -06:00
Jilles Tjoelker
d42e6915cf Pace aways.
This becomes important because of away-notify sending aways to common
channels much like nick changes (which are also paced).

Marking as unaway is not limited (but obviously only does something if the
user was away before). To allow users to fix typos in away messages, two
aways are allowed in sequence if away has not been used recently.
2012-02-18 16:32:57 +01:00
Keith Buck
e88a1f1b15 Add ratelimit for high-bandwidth commands. 2012-02-18 03:54:44 +00:00
Jilles Tjoelker
7f0fc87d3c Include forward channels when bursting bans to servers.
Obtained from:	ircd-seven (spb)
2012-02-16 23:36:05 +01:00
Keith Buck
c5bbc60375 Add away-notify client capability. 2012-02-14 14:15:44 +00:00
Keith Buck
3e910a1847 chmode.c: Fix bug in printing removed bans. 2012-02-06 16:38:10 +00:00
William Pitcock
a16910aa4e capability: add capability_index_stats() for getting statistics about the capability broker system 2012-02-04 21:27:43 -06:00
William Pitcock
885cd603b5 capability: add global list of capability indexes, and name all capability indexes 2012-02-04 21:16:40 -06:00
Jilles Tjoelker
bde42c6063 Don't shadow the name "index". 2012-02-04 15:15:26 +01:00
William Pitcock
8bedf01d19 capability: store capability bit entries with actual bit numbers, instead of as an expanded mask
This makes accounting of number of bits allocated easier.  Specifically, the amount of allocated
bits is computed by doing (index->highest_bit - 1) in code.
2012-02-04 05:23:15 -06:00
William Pitcock
e915e51f4d capability: don't use DictionaryIter internals.
it's just ugly now that we're providing our own copies of keys.
2012-02-04 05:13:04 -06:00
William Pitcock
e679e38906 capability: do not use strings provided by modules for keyword index, instead duplicate the keyword. 2012-02-04 04:47:37 -06:00
William Pitcock
f01f67f0ad capability: add capability_require(). 2012-02-04 02:00:33 -06:00
William Pitcock
0582290f21 capability: missed one 2012-02-04 01:58:07 -06:00
William Pitcock
5058c8ebce capability: change CapabilityIndex.orphaned to (CapabilityIndex.flags & CAP_ORPHANED)
This makes it possible to add other flags to capabilities.
2012-02-04 01:55:11 -06:00
William Pitcock
346fba9252 Migrate capability negotiation code to new dynamic capability management API.
This needs a lot of testing, obviously.
2012-02-04 01:47:46 -06:00
William Pitcock
ec3a9055f2 capability: add capability_index_mask() which calculates old CAP_MASK 2012-02-04 00:39:53 -06:00
William Pitcock
5e773521a9 capability: add capability_index_list() to build a list of capabilities given an index and mask 2012-02-04 00:36:42 -06:00
William Pitcock
64b56afd8c Add a new dynamic capability manager.
Specifically, what this capability manager does, is map keywords to
calculated bitmasks.  These bitmasks are allocated at runtime, so that
the any managed capability index can be manipulated by modules.

Modules should call capability_orphan() when orphaning capabilities.  This
makes it so that bitmasks aren't reallocated, except for cases where the
capability is the same.
2012-02-04 00:05:13 -06:00
William Pitcock
481b443b4d Missed a few -Wformat-security warnings. 2012-01-25 13:24:04 -06:00
William Pitcock
32ea9d3d83 Fix some warnings when using -Wformat-security on Alpine. 2012-01-25 13:22:56 -06:00
Jilles Tjoelker
1c60de9757 Check +bq against underlying IPv4 as well.
As with k/dlines, exceptions (here +eI) are not checked.
2012-01-08 16:39:11 +01:00
Jilles Tjoelker
fe74401bf0 Add one more const. 2012-01-08 16:25:34 +01:00
Jilles Tjoelker
d9af501aa8 Fix a warning about const with forward channels. 2012-01-08 16:23:18 +01:00
Jilles Tjoelker
a14de124d6 Remove code duplication between is_banned() and is_quieted(). 2012-01-08 16:21:07 +01:00
Jilles Tjoelker
d006b551c8 Check k/dlines against underlying IPv4 as well. 2012-01-08 15:51:48 +01:00
Jilles Tjoelker
ae52fe0ff7 Show underlying IPv4 in a remote whois. 2012-01-08 15:51:48 +01:00
Jilles Tjoelker
524a5b3ac7 Add code to get IPv4 addresses from 6to4 and Teredo IPv6 addresses.
It is not used yet.
2012-01-08 15:51:44 +01:00
Jilles Tjoelker
be0365e152 Add an error message if a ban mask is invalid.
This is given if the ban mask is too long, it is an invalid extban or the
forward channel is invalid and no other message has been given about that.
2011-12-18 23:24:22 +01:00
Jilles Tjoelker
f2edb2be59 Disallow '$' in forward targets only, rather than all channel names. 2011-12-11 16:56:37 +01:00
Jilles Tjoelker
e238d01db9 If use_forward is off, ignore forwarding bans rather than stripping the channel.
We do not want to set $r:* if $r:*$* was requested.
2011-12-10 17:17:13 +01:00
Jilles Tjoelker
5efa7ef677 Do not allow forward channels for +qeI, as in ircd-seven. 2011-12-10 00:58:08 +01:00
Jilles Tjoelker
e1dc9e549f Apply the same restrictions to ban forwarding as to +f. 2011-12-10 00:45:57 +01:00
Jilles Tjoelker
0c7303213e Move checks for forward channels to a separate function.
No functional change is intended.
2011-12-10 00:40:07 +01:00
Jilles Tjoelker
0ea417c4a4 Disallow $ in usernames as this may cause problems with ban forwarding. 2011-12-06 00:01:59 +01:00
Jilles Tjoelker
ca8ff4830b Force nicklen (all flavours) to be at least 9. 2011-11-29 23:41:18 +01:00
William Pitcock
c68d30f70b Switch to ircu NICKLEN/MAXNICKLEN semantics.
Clients should use MAXNICKLEN for preallocation, and NICKLEN should be treated as
informative.
2011-11-29 16:24:48 -06:00
William Pitcock
a83486bfe6 Remove nicklen_set barrier.
Since serverinfo::nicklen only controls NICKLEN_USABLE, we do not need to have a
barrier here.
2011-11-29 16:19:37 -06:00
William Pitcock
7b42eab627 Make sure ConfigFileEntry.nicklen follows the same semantics as real NICKLEN.
Otherwise, truncation would be one byte too short on nick changes.
2011-11-29 16:16:38 -06:00
William Pitcock
b583faf970 Add support for customizing the usable nick length.
This adds a new ISUPPORT token, NICKLEN_USABLE which is strictly an informative value.
NICKLEN is always the maximum runtime NICKLEN supported by the IRCd, as other servers may
have their own usable NICKLEN settings.  As NICKLEN_USABLE is strictly informative, and
NICKLEN is always the maximum possible NICKLEN, any clients which depend on NICKLEN for
memory preallocation will be unaffected by runtime changes to NICKLEN_USABLE.

The default NICKLEN is 50; the default serverinfo::nicklen in the config file is set to
30, which is the NICKLEN presently used on StaticBox.
2011-11-29 16:10:21 -06:00
Jilles Tjoelker
0cce01d388 Fix -Wformat errors found in ircd-ratbox.
We cannot use -Wformat meaningfully but ircd-ratbox trunk can.
2011-11-13 00:22:09 +01:00
Stephen Bennett
a695b0e40e Apply extended-join client cap to QJM joins 2011-11-12 14:41:01 +00:00
Jilles Tjoelker
d74fa5b502 Prefer PATH_MAX to non-standard MAXPATHLEN. 2011-10-28 16:45:18 +02:00
Jilles Tjoelker
c55b2782fc Properly update 004/005 when a rehash changes use_forward. 2011-10-25 00:38:27 +02:00
Stephen Bennett
717f809762 Don't treat +r specially when displaying supported channel modes.
This used to be only advertised if a service was linked, which made
sense in ratbox when +r was only settable if services were available.
Now, however, +r is always available and so should always be advertised.
2011-10-24 19:59:31 +01:00
Jilles Tjoelker
db6b1735cf ilog_error: Avoid overwriting errno before sending it to opers. 2011-10-21 23:21:22 +02:00
Jilles Tjoelker
894325fe41 Force client_flood_burst_rate and client_flood_burst_rate to at least rfc1459 values (5). 2011-10-04 22:16:01 +02:00
Jilles Tjoelker
5a72f20c2c Limit sent_parsed to the highest possible value in the current config.
After a configuration change (or deoper with no_oper_flood) sent_parsed
might be way higher than allow_read, so that the user would have to wait
a long time before the server responds. Avoid this.
2011-10-04 01:08:12 +02:00
Jilles Tjoelker
a75bf40dad Fix weirdness with client_flood_burst_rate and client_flood_burst_max.
They are now in messages, even if client_flood_message_time is not 1.

If client_flood_message_time is not 1 (by default it is), this needs a
configuration change to maintain the same behaviour.
2011-10-04 00:57:49 +02:00
Jilles Tjoelker
d182b85454 Minor cleanup to command throttling code:
* Deduce allow_read from the client's state (IsFloodDone) rather than
   storing it in LocalUser.
 * Fix the documentation (in oper /info), however strange
   client_flood_burst_rate and client_flood_burst_max may seem, that is
   how they currently work.
2011-10-04 00:46:00 +02:00
Jilles Tjoelker
f9dda63969 Disable LocalUser.actually_read (write-only field). 2011-10-04 00:25:22 +02:00
Jilles Tjoelker
c598ff7b04 Fold client_flood_burst_rate check into MAX_FLOOD_BURST.
The original definition of floodgrace was MAX_FLOOD_BURST lines per second.
A second check for another number of lines per second makes no sense.
2011-10-04 00:21:19 +02:00
Jilles Tjoelker
41ca4cac35 Enforce the average allowed send rate is at least the one allowed by rfc1459. 2011-10-04 00:13:53 +02:00
Jilles Tjoelker
1aa35c8af1 Make sure to check the length of a ban mask before removing a forward channel.
Otherwise a line might be truncated later, leading to desyncs.
2011-09-25 16:25:17 +02:00
Jilles Tjoelker
2da6f6ebd7 Put back use_forward. 2011-09-25 16:22:29 +02:00
Jilles Tjoelker
93fbe9c349 Fix double-free when removing a ban.
del_id() should not free the ban anymore, its caller does that now.
2011-09-14 00:52:56 +02:00
Jilles Tjoelker
f890420014 Ensure all signals keep working after a SIGINT restart.
After setting up signal handlers, unmask the signals we care about
(installed handlers for).

When handling SIGINT, the kernel adds SIGHUP and SIGINT to the signal
mask (as requested in sigaction()); if execve() is called from the
signal handler, this change is persistent.
2011-08-31 01:04:40 +02:00
Elizabeth Jennifer Myers
25ea5d2fac Fix git fuckery.
Apparently my tree got horribly corrupted.
2011-08-12 21:27:52 -04:00
Elizabeth Jennifer Myers
73d0f900c0 chmode: fix construct_cflags_strings.
Accidentally ported too much from ircd-seven. Fix this.
2011-08-12 21:09:13 -04:00
Elizabeth Jennifer Myers
765d839d3c Port ircd-seven banfowards to charybdis.
nenolod gave the thumbs-up to port ircd-seven banfowards to charybdis to spb
for a while, and people have asked about it. Might as well do it since it's a
slow weekend.

Note that as a side effect use_forward is removed from the config and
unconditionally enabled!
2011-08-12 20:33:10 -04:00
Jilles Tjoelker
2a483a807d Remove a stale comment. 2011-08-07 22:04:16 +02:00
Elizabeth Jennifer Myers
7eec45bc9d Back out chanroles.
While what chanroles are trying to accomplish is a good idea, it is
apparently unclear this is the proper way to do it. Until we figure out
the exact way we wish to do this, it should be reverted for now.
2011-07-07 21:24:14 -04:00
Elizabeth Jennifer Myers
e794d39a80 Add client interface for GRANT.
TODO: implement notifications of grant privilege changes to the target.
2011-07-06 17:25:26 -04:00
William Pitcock
f3bfe2c271 chanroles: instead of checking for chanop + CHANROLE_UNSET combination, grant a default set of flags.
this allows ops with zero effective privilege.
2011-07-06 15:12:46 -05:00
William Pitcock
ae79dab6ae chanroles: grant initial set of flags to people added to a channel with CHFL_CHANOP.
this allows us to, later on, add a hook that will enable us to disable channel ops entirely
without causing permissions revocation.
2011-07-06 15:00:32 -05:00
Elizabeth Jennifer Myers
6d8ec56083 Add chanroles to isupport so clients know it exists. 2011-07-06 13:50:36 -04:00
Elizabeth Jennifer Myers
8aabb973c0 Implement chanroles, as discussed with nenolod.
The theory behind this is that services sends an ENCAP * GRANT #channel
UID :+flagspec message specifying the chanroles the user has. They are
mapped into flag bits and applied to the membership of the user. They
then are restricted or permitted to what they can do based on the
permissions mask regardless of rank.

For backwards compatibility, the default permission bit (without a GRANT
statement) allows a user to to anything an existing op can do ONLY if
they are an op.

Todo: make CHANROLE_STATUS work (the ability to apply +ov to people),
which is at the moment controlled by CHANROLE_MODE.
2011-07-06 13:46:22 -04:00
Keith Buck
ab894d74fe Add target change spam notice. 2011-05-16 15:29:09 -07:00
William Pitcock
8bd1c8a19a branding: denote custom branding in ircd -version 2011-05-08 09:11:50 -05:00
William Pitcock
f5493691ed branding: if CUSTOM_BRANDING is defined, display charybdis version in /info
(based on ircd-seven rebrand patch)
2011-05-08 09:06:19 -05:00
Jilles Tjoelker
b19d3c5186 Style: use a consistent order for the _C constants. 2011-03-31 00:05:42 +02:00
Stephen Bennett
94d86632dc Disallow mIRC italics in channel names when disable_fake_channels 2011-03-30 11:30:47 +01:00
Stephen Bennett
e6e54763d9 Make flood control settings configurable by those who know exactly what they're doing.
From ircd-seven git changeset 29aa4203150337925a4f5c6e7da47be5394c2125 .
2011-03-27 16:35:26 -04:00
Stephen Bennett
5fabe51369 Don't allow +Z to be set by default_umodes 2011-03-11 13:12:40 +00:00
Elizabeth Jennifer Myers
0a1e77c27c Support IPv6 blacklists. Also add a conf file option allowing the use of IPv4, IPv6, or both for a blacklist.
Although few blacklists currently support IPv6 lookups, they will likely begin to do so in the near future as more net trash begins using IPv6.
2011-02-27 16:38:05 -05:00
Elizabeth Jennifer Myers
f4b52a0ad3 can_send: properly initalise moduledata. 2011-02-13 09:50:25 -05:00
Jilles Tjoelker
462ae9d7a5 Fix memory leak of operator certfp fields. 2011-01-25 00:39:07 +01:00
Elizabeth Jennifer Myers
ed45dfe676 newconf: fix a warning 2011-01-23 16:56:36 -05:00
Elizabeth Jennifer Myers
63c7a68e19 newconf: fix certificate fingerprint auth.
yy_oper->certfp was not copied into yy_tmpoper->certfp, thus the information was lost and certfp auth was never really working, since the string was always empty.
2011-01-23 16:12:32 -05:00
Jilles Tjoelker
26e9dd93ad Remove nickTS from extended-join. 2011-01-11 00:26:15 +01:00
Jilles Tjoelker
e2b507ac41 Fix extended-join not sending any joins at all.
Note that IsCapable(x, NOCAPS) always returns true.
2011-01-11 00:26:05 +01:00
Jilles Tjoelker
2fb0796158 hunt_server: Disallow wildcarded nicknames.
Any hunted parameter with wildcards is now assumed
to be a server, never a user.

Reasons:
* fewer match() calls
* do not disclose existing nicknames
* more intuitive behaviour for CONNECT

m_trace has a copy of some hunt_server logic in it
(for the RPL_TRACELINK reply), so adjust that too.
2011-01-08 17:47:05 +01:00
Keith Buck
4c3f066ab8 Move list-related isupport items to the list module itself. 2011-01-06 00:40:08 -08:00
Keith Buck
096570b9f8 Add topic TS and channel TS constraints for /LIST. 2011-01-05 21:15:36 -08:00
Keith Buck
bb55ebebe9 Implement operspy for /LIST. 2011-01-05 18:57:27 -08:00
Jilles Tjoelker
fa0e215255 Tweak previous commit to avoid problems with OMODE.
Do not allow a user to op themselves if they are
already opped, as "already opped" could be because
of OMODE's hack which will be unconditionally
reverted after the mode change.

Also, this matches old behaviour for users not
being able to generate mode changes redundantly
opping themselves.

Note that this change should only be taken advantage
of if all servers run patched code. Otherwise, mode
changes will be silently dropped and a desync
results.
2010-12-31 02:43:16 +01:00
William Pitcock
402cce0b9c Remove stupid hybrid-esque 'impossible to op yourself' hack.
Who the fuck thought that check was a good idea?
2010-12-30 19:21:14 -06:00
Stephen Bennett
0c512421c5 Add default for disable_local_channels. Missed this last time. 2010-12-21 20:53:39 +00:00
Stephen Bennett
341f971efa Bring across disable_local_channels config option from ircd-seven 2010-12-21 20:38:04 +00:00
William Pitcock
92052a5c24 Add extended-join client capability.
The extended-join client capability extends the JOIN message with information clients typically
query using WHO including accountname, signon TS and realname.
2010-12-16 00:24:54 -06:00
William Pitcock
99cca61ed6 Add sendto_channel_local_with_capability(). 2010-12-16 00:19:24 -06:00
William Pitcock
27912fd4ff Add send_channel_join(). 2010-12-16 00:09:29 -06:00
William Pitcock
7a948bdaa7 Add capability parameter to sendto_common_channels_local() and sendto_common_channels_local_butone(). 2010-12-15 22:55:05 -06:00
Jilles Tjoelker
0b2b2f7753 Remove redundant prototypes in src/ircd_lexer.l.
These seem unnecessary and may cause problems because they
are wrong in some cases.

A comment says these were needed for GCC 3.3. If you are
still using this compiler, check this and if it breaks,
some other approach is needed.
2010-12-15 21:49:47 +01:00
William Pitcock
96d2612765 Don't bother running the get_channel_access hook if the client is not really on the channel. 2010-12-14 23:04:11 -06:00
William Pitcock
b697041e2a Don't bother running the can_send() hook if we're not on the channel. 2010-12-14 22:57:23 -06:00
William Pitcock
c8f269066c Correct error message involving no fingerprint credentials or password credentials being available. 2010-12-14 21:25:44 -06:00
William Pitcock
ff0cc1e616 Add support for linking using SSL certificate fingerprints as the link credential rather than the traditional server-password pair. 2010-12-13 23:14:00 -06:00
William Pitcock
e06988c6de Fix regressions in can_send() caused by hooking it for override and modularized channel modules. 2010-12-11 20:21:47 -06:00
B.Greenham
15484f02bd Move flood_attack_channel to channel.c so it can be used outside m_message.c 2010-12-09 18:29:56 -05:00
William Pitcock
3c52f289b1 Actually make get_channel_access() public. 2010-12-07 00:12:36 -06:00
William Pitcock
0aa36c5f0f Add can_send hook. 2010-12-07 00:09:46 -06:00
William Pitcock
8bb19bd7ab Make the can_join hook more flexible. 2010-12-06 23:52:44 -06:00
William Pitcock
749d8c11dd Add a hook for get_channel_access(). 2010-12-06 22:57:28 -06:00
William Pitcock
83b72f917a chmode: Remove chm_regonly, a vestige from ratbox which doesn't apply to native charybdis networks. 2010-12-06 22:46:37 -06:00
William Pitcock
85a206d3e0 Use %u instead of %d. 2010-12-04 23:13:35 -06:00
William Pitcock
5d21ef5098 blacklist: Remove the sscanf() for the IPv4 blacklist check.
From ratbox r27061 (androsyn).
2010-12-04 23:11:04 -06:00
JD Horelick
eac04554fd Fix some various warnings.
Some from ShadowIRCd, one from ircd-seven.
2010-11-14 16:51:27 -05:00
William Pitcock
819dd2d287 parse(): make reentrant 2010-10-24 21:02:32 -05:00
Jilles Tjoelker
01b7a527a3 Show the services login name in WHOWAS.
The numeric is the same (330) as used in WHOIS.

This takes at most half a megabyte of memory (large network, 30 char nicks).
2010-08-29 22:30:54 +02:00
Jilles Tjoelker
5b383ce060 Move RPL_WHOISLOGGEDIN to sendto_one_numeric(). 2010-08-29 22:29:17 +02:00
William Pitcock
a63f7af7bb Note that can_join() is not remote-user safe. 2010-08-29 14:07:44 -05:00
Jilles Tjoelker
717238d2a2 Add target change for channels.
This has a separate enabling option channel::channel_target_change.

It applies to PRIVMSG, NOTICE and TOPIC by unvoiced unopped non-opers.

The same slots are used for channels and users.
2010-08-29 01:26:00 +02:00
Jilles Tjoelker
6917ed0eba Send only one ERR_MLOCKRESTRICTED per MODE command.
This agrees with other error messages from MODE.
2010-08-24 23:03:23 +02:00
Jilles Tjoelker
2fb6379693 Change ERR_MLOCKRESTRICTED to 742 as 735-739 seem for MONITOR extensions. 2010-08-24 22:51:20 +02:00
William Pitcock
6fb6bd15ae Enforce TS rules on MLOCKs. 2010-08-23 20:22:59 -05:00
William Pitcock
01ed04abaf Send numeric 735 on MLOCK policy-restricted mode changes that are ignored. 2010-08-23 19:04:46 -05:00
William Pitcock
32de9f4e67 Add ERR_MLOCKRESTRICTED (735) to reflect bounces caused by MLOCK. 2010-08-23 18:59:32 -05:00
Elly
3645ce9869 Change oper-up message. 2010-08-22 23:21:38 -04:00
Jilles Tjoelker
f5455d2cd5 Tweak auto-accept:
* does not apply to NOTICE (as those may well be automated)
* mirrors +g behaviour so that no useless accept entries are added for services
* respects max_accept, if it would be exceeded the message is dropped with numeric 494
* check moved up so this is checked before floodcount/tgchange
2010-07-04 17:14:56 +02:00
Jilles Tjoelker
15f92147c7 Make number_per_ident actually apply to unidented connections as well,
as documented in reference.conf.

Noticed by: spb
2010-06-09 21:22:47 +02:00
Stephen Bennett
c71a6e3bed Branch merge 2010-05-02 21:36:32 +01:00
Stephen Bennett
3b8a6350f8 Backed out changeset c57955c5225e
Now that MLOCK is no longer stored as a struct Mode, this is unnecessary.
2010-05-02 21:29:22 +01:00
Stephen Bennett
6b8db2daf2 Allow the final parameter of MLOCK to be empty, to remove an existing mlock 2010-05-02 20:42:46 +01:00
Stephen Bennett
78e6b731e4 Rework ircd-side MLOCK enforcement: instead of trying to track modes locked on or off, instead keep a simple list of mode letters that are locked, and reject any change to those modes. 2010-04-30 22:01:21 +01:00
Jilles Tjoelker
0a01ecfa85 Fix crash if identify_service/identify_command were not specified in ircd.conf. 2010-04-18 13:54:03 +02:00
JD Horelick
944b0584ea Change config option for ident_timeout to default_ident_timeout as jilles
recommended.
2010-04-05 16:29:11 -04:00
JD Horelick
0ffb810660 Add a configuration option for ident_timeout. 2010-04-05 15:28:44 -04:00
Jilles Tjoelker
19716b9fd6 New custom channel mode API allowing reloading such modules.
Additionally, attempting to use too many modes or two times
the same letter is now detected and prevented.

Modules now request that a channel mode be added/orphaned,
instead of ugly manipulation from which that request had
to be guessed.

Slight changes are needed to modules that provide channel modes.
From the old API, one important function has been made static,
the other important function has been renamed, so loading old
modules should fail safely.
2010-04-01 01:16:16 +02:00
Jilles Tjoelker
803ce385bf Fix various compiler warnings. 2010-03-27 20:09:46 +01:00
Jilles Tjoelker
dca9e55257 Add propagated resvs, like klines and xlines. 2010-03-27 16:13:57 +01:00
Jilles Tjoelker
3cbbfb2556 Add propagated xlines, like klines. 2010-03-16 23:05:50 +01:00
Jilles Tjoelker
1702b69419 Add option general::use_propagated_bans to allow disabling new KLINE.
If this option is yes (default), KLINE by itself sets global (propagated) bans.
If this option is no, KLINE by itself sets a local kline following cluster{},
compatible with 3.2 and older versions.
2010-03-14 17:21:20 +01:00
William Pitcock
f02f338b31 chm_simple(): enforce MLOCK 2010-03-07 23:15:52 -06:00
William Pitcock
8727cbe88a Add propagation of MLOCK state for simple modes.
Special modes like +j can be tracked easily just by adding the necessary
code to parse them to set_channel_mlock().  This will cover propagation
as well.
2010-03-07 23:13:39 -06:00
William Pitcock
b99c9ae0bf Fix order on channel_mlock() call. 2010-03-07 23:12:35 -06:00
William Pitcock
084ecbe030 Add MLOCK message to netjoin burst. 2010-03-07 22:29:34 -06:00
William Pitcock
ec55bec527 Add MLOCK capability token. 2010-03-07 22:25:41 -06:00
William Pitcock
a51c452643 Rename channel_modes() to channel_modes_real(), and use macros to build both the mode list, and the mlock list. 2010-03-07 22:22:14 -06:00
William Pitcock
c59d46e572 Correct 325 (RPL_CHANNELMLOCKIS) numeric. 2010-03-07 21:37:23 -06:00
William Pitcock
dd0f1f5b88 Add RPL_CHANNELMLOCKIS for ircd-side MLOCK enforcement. 2010-03-07 21:35:54 -06:00
William Pitcock
030cdce7d0 Fix construction of the channel mode vector table.
This fixes chm_* modules and should be backported to ircd-seven and charybdis 3.2.
2010-03-07 14:45:42 -06:00
Jilles Tjoelker
778dd56bf2 Show d/kline setter to opers in stats/testline. 2010-03-06 22:37:42 +01:00
Jilles Tjoelker
ee6da53d74 Avoid crash if get_oper_name() somehow gave no {} for local oper. 2010-03-06 16:37:50 +01:00
Jilles Tjoelker
5c2b9eaf48 BAN: Reject bans with insufficient non-wildcard characters.
Such bans are not applied locally, but are propagated normally.
They can only be removed on a server that applies them.

Note that normally KLINE will not accept such bans.
This is mainly for services, differing min_wildcard and
ircd changes.
2010-03-06 01:45:41 +01:00
Jilles Tjoelker
cedb7d05b4 Remove +/- from the BAN message, instead indicating unban with duration=0.
A kline must now last at least one second since its creation time.

Also add better logic for bans that have already expired
when they come in.
2010-03-05 22:51:47 +01:00
Jilles Tjoelker
f54e1a8fd6 Use memmove instead of memcpy where there is overlap (modunload). 2010-03-05 22:05:15 +01:00
Jilles Tjoelker
431a1a2784 Add propagated klines.
A KLINE command without the ON clause now sets a propagated
("global") ban. KLINE commands with the ON clause work as
before.

Propagated klines can only be removed with an UNKLINE command
without the ON clause, and this removes them everywhere.
In fact, they remain in a deactivated state until the latest
expiry ever used for the mask has passed.

Propagated klines are part of the netburst using a new BAN
message and capab. If such a burst has an effect, both the
server name and the original oper are shown in the server
notice.

No checks whatsoever are done on bursted klines at this time.

The system should be extended to XLINE and RESV later.

There is currently no way to list propagated klines,
but TESTLINE works normally.
2010-03-05 18:36:44 +01:00
Jilles Tjoelker
9197bc355e Add code to expire "propagated" bans.
The data structure is very simple: a dlink list of all propagated bans.
2010-03-04 00:21:22 +01:00
Jilles Tjoelker
f9545a9b54 Make struct operhash_entry private. 2010-03-01 01:24:00 +01:00
Jilles Tjoelker
27f616ddf5 Track who set a dline/kline/xline/resv as in ratbox3.
Like in ratbox3, there is no way to query this information
(other than bandb's tables, but they worked before this
commit).
2010-03-01 01:23:22 +01:00
Jilles Tjoelker
3d242eb30f Merge bugfix that also applied to 3.2.x. 2010-02-28 16:45:55 +01:00