Commit graph

3615 commits

Author SHA1 Message Date
Elizabeth Myers
9d745dbd21 Implement kill-cancelling hook.
With this comes an example module to block the killing of services.

NOTE: this will not cancel remote kills. Those are still accepted, per
the TS 6 specification.
2013-04-20 01:07:55 -05:00
Alex Iadicicco
fda96b89dc m_nick: Reject nicks with '~' in them, rather than cutting at the '~'
The behavior of cutting at the first '~' is confusing at first, and
looks too much like a bug.
2013-04-17 17:27:27 -07:00
Jilles Tjoelker
90e3d1b7e1 Update .depend files. 2013-03-23 23:32:46 +01:00
Jilles Tjoelker
ce782b68fe Don't send ERR_NICKCOLLISION to a user that will not be killed. 2013-03-23 22:57:28 +01:00
William Pitcock
6f7b36d5d0 Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
2013-02-21 05:46:04 -06:00
Jilles Tjoelker
2ebef8d925 whois: Fix UID leak.
The second parameter of WHOIS is always a nick.
2013-02-14 23:45:22 +01:00
William Pitcock
2db1f25df5 Atheme is not responsible for the mental health changes of IRC operators using charybdis. 2013-02-03 14:06:13 -06:00
Jilles Tjoelker
e0c7937a9f UID/EUID: Add server's SID to invalid UID error message. 2013-02-03 20:31:52 +01:00
Jilles Tjoelker
561d7efc44 UID/EUID: Check that the UID starts with the server's SID.
If not, the local link that sent the command is broken, as with
syntactically invalid UIDs.
2013-02-03 19:38:46 +01:00
Jilles Tjoelker
9cbf72447c stats l: Don't care about away status. 2013-02-03 19:33:31 +01:00
Jilles Tjoelker
1c1d47e279 Merge branch 'mailmap' of github.com:grawity/forks.charybdis 2013-02-03 19:31:06 +01:00
Jilles Tjoelker
e69375f3ac Cope with rb_crypt() returning NULL. 2013-02-02 00:54:32 +01:00
Jilles Tjoelker
df2516e6d8 whowas: Abort listing if 90% of sendq is in use. 2013-02-02 00:50:03 +01:00
Jilles Tjoelker
4e4a5fcc61 Skip cidr checking for hostmask.c entries with negative cidrlen.
They will be treated as hostmasks only. In the case of dlines they will
be rejected as invalid.

hostmask.c entries such as dlines, klines and auth blocks can only be
added by opers or via ircd.conf.
2013-01-29 23:43:20 +01:00
Jilles Tjoelker
441da2f245 Also restrict cidrlen for testmask/masktrace (match_ips()). 2013-01-29 23:31:39 +01:00
Jilles Tjoelker
4dbd5e07ad Skip cidr checking for bans with negative or too large cidrlen.
Upto some length, such bans could match the exact IP address.

Obtained from: ircd-ratbox (androsyn)
2013-01-29 23:29:34 +01:00
William Pitcock
3dae60ef47 cache: use rb_strdup() instead of a static buffer for cache lines.
BUFSIZE limitation is retained as there is no need to remove it, as all lines must be smaller than it
due to RFC1459 message requirements.
2013-01-15 16:24:33 -06:00
Jilles Tjoelker
b6e02c25b5 starttls: Don't send ERR_STARTTLS after successful STARTTLS. 2013-01-05 15:09:17 +01:00
Jilles Tjoelker
fce4df5473 server: Show the missing CAPABs when rejecting a server. 2013-01-02 21:00:18 +01:00
Jilles Tjoelker
22b24f637d server: Move required CAPAB check after authentication and add snote and log. 2013-01-02 20:07:28 +01:00
Mantas Mikulėnas
62c87179ef Add a Git .mailmap
...to make `git shortlog -es` look nicer.
2013-01-02 01:46:36 +02:00
Jilles Tjoelker
f09c28e18f reference.conf: Correct description of general::client_exit.
It prefixes with "Quit: ", not "Client exit: ".
2013-01-01 18:07:37 +01:00
William Pitcock
ac0707aa61 m_capab: fix a possible remote crash triggered by the CAPAB parsing code. 2012-12-31 13:13:05 -06:00
William Pitcock
d7e4ed772f capability: handle NULL passed to capability_get(). 2012-12-31 13:01:09 -06:00
Jilles Tjoelker
ce4fa4477b server: Simplify some code now ENCAP is mandatory. 2012-12-19 17:42:49 +01:00
Jilles Tjoelker
856df9a3c4 server: Remove code to send recursive QUITs/SQUITs for non-QS servers.
Now that QS is required, this code can no longer be activated.
2012-12-19 15:06:49 +01:00
Jilles Tjoelker
58b60c20cb server: As per the TS6 spec, require QS and ENCAP capabilities. 2012-12-19 14:53:06 +01:00
Jilles Tjoelker
22cae20f02 server: Make sure CAP_CAP and CAP_TS6 are non-zero.
A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.

A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).
2012-12-18 17:03:59 +01:00
Jilles Tjoelker
71eb2bb99b server: Fix required capabilities check if there is more than one capability. 2012-12-18 16:37:21 +01:00
William Pitcock
5fd2dd9556 genssl: use DH params length of 2048 to appease the weechat idiots 2012-11-19 21:12:30 +00:00
William Pitcock
4cbed3b849 extensions/m_roleplay: merge in darkmyst changes 2012-11-04 03:35:58 +00:00
Jilles Tjoelker
8ff07125c3 starttls: Explicitly reject starttls if TLS is not configured or not compiled in. 2012-11-03 15:50:43 +01:00
Jilles Tjoelker
c1cddb36c0 starttls: Don't corrupt the FD hash.
Altering localClient->F without updating the FD hash leaves the struct
Client in the FD hash indefinitely which causes a crash later if the
struct is reused for a remote client. It also prevents error messages
from ssld showing up on IRC properly.
2012-11-03 00:49:10 +01:00
William Pitcock
e5149d6169 Add module which restricts unauthenticated users from doing anything as channel op. 2012-11-01 06:48:40 +00:00
Jilles Tjoelker
6387b5ad44 Fix a crash with testline, introduced with the "underlying ipv4" feature. 2012-10-15 02:09:07 +02:00
William Pitcock
1cf9ef50cd numeric: add 744 (ERR_TOPICLOCK) to list so we don't step on inspircd 2012-10-13 17:50:12 +00:00
Keith Buck
5bd79c2c56 res.c: Try other servers if errors or corrupt replies are encountered.
Currently, the resolver treats SERVFAIL, NOTIMP, and REFUSED queries the
same as NXDOMAIN, but this really should not be the case. Instead, if
the DNS server errors on our request or provides an invalid request, try
another server.

Also, count DNS server errors in addition to timeouts and avoid these
undesirable servers.
2012-10-09 05:58:02 +00:00
William Pitcock
373d6d79e3 libratbox/crypt: remove blowfish support since it has the stupid advertising clause 2012-09-29 17:28:04 -05:00
William Pitcock
deb24d2b31 reslib: remove advertising clause, which was dropped as a requirement by the copyright holder.
(See http://svnweb.freebsd.org/base/head/COPYRIGHT?view=co).
Closes #5.
2012-09-29 17:08:40 -05:00
Jilles Tjoelker
f8cdda0573 help: Document whowas limit parameter. 2012-09-28 23:14:56 +02:00
William Pitcock
c4e81ae9e9 m_starttls: handle error condition with ERR_STARTTLS (691) numeric per tls-3.2 specification 2012-09-22 19:31:55 -05:00
William Pitcock
21f715a9a3 m_starttls: new module implementing ircv3 tls-3.1 optional extension 2012-09-22 16:30:01 -05:00
William Pitcock
538d4d6188 m_cap: add 'tls' core capability 2012-09-22 14:15:45 -05:00
William Pitcock
3e54d7bfb0 Define RPL_STARTTLS. 2012-09-22 14:04:57 -05:00
William Pitcock
4727c0f586 m_stats: apply same logic to anonymous /stats l as /stats p 2012-09-18 20:01:53 -05:00
William Pitcock
e82bda18a5 m_stats: add optional constraint checking function pointer to stats_l_list(). 2012-09-18 19:55:49 -05:00
Kiyoshi Aman
55a06c8910 GIT-Access: Our repos are on github now, so let's say so. 2012-08-20 06:25:21 -04:00
Keith Buck
0d0f34c322 chm_nonotice: Ignore CTCP and send ERR_CANNOTSENDTOCHAN if a message is being blocked. 2012-07-31 06:37:33 +00:00
William Pitcock
f0c778d701 Merge pull request #2 from TheChrisAM/patch-1
Adding auth_user documentation for auth {} blocks.
2012-07-30 10:00:49 -07:00
Jilles Tjoelker
2b121c81f5 reference.conf: Extend documentation for max_number in server classes. 2012-07-28 15:31:44 +02:00