Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
...
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.
(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Simon Arlott
0ae7a89d78
ircd: sslproc: certfp commands have a 9 byte header, not 5 bytes
...
SHA512 hashes were being ignored because the message was too large
2016-04-23 20:52:20 +01:00
William Pitcock
c6098ed357
client: fix up client_release_connids() too, pointed out by lp0
2016-04-23 14:26:01 -05:00
William Pitcock
5c63bfe8b1
client: connid_get() should check MyConnect(), not MyClient().
2016-04-23 14:17:36 -05:00
Simon Arlott
84e3e445aa
mr_server: Report certificate fingerprint mismatches
...
Log the received certificate fingerprint when it causes a server to be
rejected.
2016-04-23 17:37:05 +01:00
Simon Arlott
e7c4cf63bc
authproc: set GOT_ID flag when an ident response is received
2016-04-23 15:41:27 +01:00
staticfox
1729f46eab
authd: Avoid negative array indices
2016-04-22 23:06:42 -04:00
Elizabeth Myers
7445ece1d1
Revert "Implement the netsplit batch type."
...
This needs more work, see
https://github.com/ircv3/ircv3-specifications/issues/253
This reverts commit 2373891299
.
2016-04-16 11:05:00 -05:00
Elizabeth Myers
2373891299
Implement the netsplit batch type.
...
This also lays the groundwork for the netjoin batch type, but that isn't
implemented yet. I don't like how some of this is implemented but it'll
have to do for now...
Compile tested, needs more testing.
2016-04-15 16:50:43 -05:00
Elizabeth Myers
4f2b9a4fd1
Don't use key member of dictionary iter objects after deletion
2016-04-12 09:43:50 -05:00
Elizabeth Myers
9e5c31ea0d
authproc: fix a typo
2016-04-12 09:37:56 -05:00
Elizabeth Myers
5e9a3f8674
Change the way authd configures opm
...
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
2016-04-12 09:36:09 -05:00
Elizabeth Myers
ed5e1d1e41
send: trim a blank line [ci skip]
2016-04-11 11:52:01 -05:00
Elizabeth Myers
7a21fb5b34
s_user: clean up authd checks
2016-04-10 10:02:33 -05:00
Elizabeth Myers
2a104d6641
s_user: enhancements to proxy reporting messages
2016-04-10 09:35:02 -05:00
Elizabeth Myers
d19aab3375
Fix stupid linux warning
2016-04-10 09:22:34 -05:00
Elizabeth Myers
154dc91ef0
Wrap up authd preclient stuff in its own struct
2016-04-10 09:20:51 -05:00
staticfox
02fa4362cd
version.c.SH: Fix build
...
We need stddef.h mainly for NULL
2016-04-09 06:05:08 -04:00
Elizabeth Myers
b14d2bd6ea
Formatting fixes for credits
...
Contributed from jackal^, but fixed up a bit.
2016-04-09 04:55:57 -05:00
Elizabeth Myers
4eafa9e62f
ipv4_from_ipv6: move to librb
2016-04-08 03:49:23 -05:00
Elizabeth Myers
66f7fe673b
Get rid of flags2.
...
It seems to come from an era where long long didn't exist and 64-bit
machines weren't common. 32-bit machines are still common but I can't
imagine this will have much performance impact there.
This "fixes" #179 in title only, but see comments within.
2016-04-07 07:40:55 -05:00
Elizabeth Myers
9057170ce8
Cleanup defaults.h config file.
...
Clean up spaces/tabs mixing mess (bleh), add some defaults for authd
stuff, and get rid of CHARYBDIS_SOMAXCONN (just define SOMAXCONN if it's
available...).
2016-04-07 04:47:48 -05:00
Elizabeth Myers
0a87075b86
modules: fix up display names
2016-04-07 04:15:12 -05:00
Elizabeth Myers
78946542bb
modules: move module loading/unloading commands to dedicated module.
...
There's no reason to really have these in the main ircd anymore, static
modules are dead and aren't coming back.
To ensure people don't do something hopelessly retarded, this is a core
module.
2016-04-07 04:00:25 -05:00
Elizabeth Myers
999c42bad8
Remove useless alias_entry hits member
2016-04-06 11:47:13 -05:00
Elizabeth Myers
a19097baa4
ircd: load modules after conf files
...
The alias module depends on this
2016-04-06 07:43:45 -05:00
Elizabeth Myers
b663a8070f
Move alias handling into a dedicated module.
...
Not yet tested, caveat emptor!
Closes #166
2016-04-06 07:27:50 -05:00
Elizabeth Myers
2575a78b0e
Add hook for when rehash is called.
...
This will be used by the future alias module.
2016-04-06 05:43:54 -05:00
Elizabeth Myers
f956cb0f1f
Use rb_* versions of nonportable string functions
2016-04-05 05:39:59 -05:00
Elizabeth Myers
731d128990
authd: rework module ID system
...
Provider ID's are now assigned dynamically at load-time. To accomodate
this, there is now a lookup system for finding providers by name (all
providers have names as well).
2016-04-05 04:31:22 -05:00
Elizabeth Myers
3256156aca
Announce changed capabilities on module load
...
Closes #165
2016-04-04 02:30:35 -05:00
staticfox
5eb3d7a7c0
modules: Revert mapi_register() to use ints
...
modinit() returns either 0 (success) or -1 (failure) so we
can't check for true/false.
2016-04-03 20:14:36 -04:00
Elizabeth Myers
c0483ac17b
boolify calls to rehash
2016-04-03 01:53:34 -05:00
Elizabeth Myers
aa483e55bd
bool-ify modules stuff
2016-04-03 01:51:45 -05:00
Elizabeth Myers
6603175304
Clean up module loading a bit.
2016-04-03 01:21:19 -05:00
Elizabeth Myers
ffa79a9516
Use rb_dlink_list_length... == 0, not !rb_dlink_list_length
2016-04-02 22:45:52 -05:00
Elizabeth Myers
34bc7caeae
Send enabling message to opm at the end of opm block.
2016-04-02 22:33:19 -05:00
Elizabeth Myers
5c5296c8f8
newconf: delete all proxies on rehash
2016-04-02 22:30:54 -05:00
Elizabeth Myers
e2a8228f85
authproc: minor fixes
2016-04-02 20:31:32 -05:00
Elizabeth Myers
8d48aa190b
dns: don't use zero ID's
2016-04-02 20:19:37 -05:00
Elizabeth Myers
1d657e0b08
authproc: rehash on authd restart
...
This is a hack for now so it gets the config again.
2016-04-02 20:10:56 -05:00
Elizabeth Myers
3d2fc110e3
authproc: add more API's for opm management
2016-04-02 19:45:27 -05:00
Elizabeth Myers
c1f4db3fb7
Tweak some configuration semantics of opm
2016-04-02 19:45:09 -05:00
Elizabeth Myers
d9364d2913
authproc: pad leading 0 for localhost IP's
...
This avoids misparsing by rb's helper stuff..
2016-04-02 19:29:16 -05:00
Elizabeth Myers
eb0814b3cb
opm: add support for HTTPS CONNECT proxies.
...
TBD: do we need an SSL listener for these?
2016-04-02 18:38:21 -05:00
Elizabeth Myers
64fae2607a
Rename authd.[ch] on ircd side to authproc.[ch] to prevent shadowing.
2016-04-02 16:44:04 -05:00
Elizabeth Myers
b0326abdc9
authd: warn on a bad command
2016-04-02 05:05:28 -05:00
Elizabeth Myers
6d0fafec99
authd: minor cleanups
2016-04-02 04:51:11 -05:00
Elizabeth Myers
ae0a058544
authd: clean up command handling with a table
2016-04-02 04:49:01 -05:00
Elizabeth Myers
61d1befa2a
authd: fix race on the ircd side.
...
The client may have already gone away, so if we can't find the local
cid, don't try to restart authd.
2016-04-02 03:51:54 -05:00