Commit graph

247 commits

Author SHA1 Message Date
Ed Kellett
396edc6fbd authd: substitute * if rewritten user is empty
We remove characters like ^ and ~ from the ident string after checking
if it's valid. If it consisted entirely of those, we'd try to send an
empty string to ircd, which would break the protocol, so don't let that
happen.
2021-06-08 22:09:47 +01:00
Ariadne Conill
3fc0499e77
Mailmap and copyright update for Ariadne 2021-06-01 12:40:02 -04:00
Ed Kellett
6ee7c05cfc
Undo overzealous seddery 2020-10-23 12:57:02 +01:00
Ed Kellett
a6f63a829e
Innovation by sed 2020-10-15 15:52:41 +01:00
Simon Arlott
bc89b788fa
authd: Don't reveal to users how many DNSBLs are configured 2020-07-09 20:53:00 +01:00
Simon Arlott
e658268b22
authd: Fix DNSBL messages 2020-07-09 20:52:24 +01:00
Ariadne Conill
a389de2a25 authd: rename blacklist_provider to dnsbl_provider, change auth notices accordingly 2020-07-05 21:20:34 -06:00
Malcolm Scott
1f9bc066df
Skip any unhandled DNS record type
Currently the DNS resolver handles CNAME by skipping that record in the answer and looking for the subsequent A/AAAA/PTR record.  There are other record types which could be handled in the same way, e.g. DNAME, but their presence currently causes the answer parsing to be abandoned.  A better approach would be to skip *any* other record and just use the first A, AAAA or PTR in the answer, regardless of what comes before it.
2020-05-10 21:00:43 +01:00
Simon Arlott
17809d2db7
librb: Fix type of dst for rb_inet_pton_sock() 2019-08-31 16:10:50 +01:00
Simon Arlott
244f6259de
authd: always use an empty buffer to read ident reply
Otherwise we could read uninitialised data beyond the actual reply
2018-08-12 18:45:05 +01:00
Simon Arlott
bfd95f010b
authd: fix "is provider done" logic in blacklist/opm providers
This fixes #262.
2018-08-12 11:19:44 +01:00
Simon Arlott
c6ad9b0c5f
Add basic SCTP listener support that binds to multiple addresses
This only supports two addresses as the intended use is 1 IPv4 and 1 IPv6
address on a single-homed host, and the only supported configuration of
outgoing connections to other servers is to bind a single IPv4 or IPv6
address.
2017-08-24 20:08:20 +01:00
Simon Arlott
de2934965c
remove RB_IPV6 2017-08-20 12:54:46 +01:00
Simon Arlott
f21ef0cebc
authd: assume all providers are running
Otherwise ident returns without setting itself running causing problems.

Move opm/blacklist before ident/rdns so that they can receive completion
notifications.
2017-08-20 12:54:45 +01:00
Simon Arlott
6b80043eca
remove unused variables 2017-08-04 21:01:29 +01:00
Simon Arlott
de36941445
remove unused variables 2017-08-04 20:02:20 +01:00
Simon Arlott
26acc0c4fd
authd: opm: avoid clang static analysis warning
Remove unused `c` variable.
2017-07-29 22:39:52 +01:00
Simon Arlott
4a9f4dccb8
authd: opm: avoid clang static analysis warning
Remove unused `lookup` variables.
2017-07-29 22:28:52 +01:00
Aaron Jones
d1f8acb0da
authd: don't exit() on OPM duplicate scanner errors, just ignore it
I run into this code even with a single kind of scanner with a single
port, so I'm not even sure how it thinks it already exists.

Perhaps it's being parsed twice, or something similar.

c.f. issue #229
2016-12-19 04:57:58 +00:00
Jason Volk
7c003d84bc authd: Fix use after reference count decrement. 2016-08-05 13:08:16 -06:00
Elizabeth Myers
8b0392ca39
Fix stupid compiler errors by my stupidity and tiredness 2016-06-27 19:37:02 -05:00
Elizabeth Myers
cec81c7978
blacklist: add blacklist_cancel_none 2016-06-27 19:36:52 -05:00
Elizabeth Myers
1db45f312a
blacklist: add return statement. d'oh. 2016-06-27 19:36:44 -05:00
Elizabeth Myers
c47e4958e9
blacklist: fix precedence lossage 2016-06-27 19:36:35 -05:00
Elizabeth Myers
02e4674001
blacklist: if no blacklists were checked, properly terminate query. 2016-06-27 19:36:24 -05:00
Elizabeth Myers
d52762b2a9
build_rdns: minor cleanup 2016-06-27 19:36:10 -05:00
Elizabeth Myers
c12d9cd3b2
blacklist: tweak message for timeout 2016-06-27 19:35:51 -05:00
Elizabeth Myers
f16493f468
blacklist: give different messages for cancellation and timeout 2016-06-27 19:35:32 -05:00
Aaron Jones
856440bcb3
authd/res: make function used only within this unit static, remove unused macros 2016-06-01 20:32:12 +00:00
Aaron Jones
656c85d090
authd/provider: remove shadowed double variable decl 2016-06-01 20:29:35 +00:00
Aaron Jones
2a7e1da947
authd/authd: a function that calls exit(3) should be marked noreturn 2016-06-01 20:27:19 +00:00
Aaron Jones
b143df9ac4
minor spring cleaning: remove/relocate duplicate/unused includes & macros
[ci skip]
2016-05-14 23:29:33 +00:00
Simon Arlott
84d0b55e76
authd: fix reference far off the end of the array on shutdown
When authd has no more input it tries to reject all current clients with
an id of UINT32_MAX.
2016-05-01 11:51:07 +01:00
Simon Arlott
2f598dacdd
authd: remove unused variable id from accept_client 2016-05-01 11:51:06 +01:00
Simon Arlott
075d4d569e
authd: allocate the correct size of auth_client_data
If there are holes in the auth_providers ID numbers, the array allocated
based on list length won't be large enough to handle all the IDs.

(auth->data could be converted to a dlink_list)
2016-05-01 11:51:05 +01:00
Simon Arlott
a5f52774bb
authd: Only use refcount for reference counting
Use providers_active for provider activity tracking.
2016-05-01 11:31:05 +01:00
Simon Arlott
2392770f4d
authd: fix auth->cid type sizes
* long is too small on 32-bit systems, use unsigned long long if we want
  to check for out of range values
* UINT32_MAX is a valid cid, and 0 isn't
* make auth->cid a uint32_t not uint16_t
2016-05-01 11:12:34 +01:00
Simon Arlott
a4da4fe574
authd: fix memory leak in start_auth 2016-05-01 10:59:22 +01:00
Simon Arlott
9f928dc532
authd: don't call cancel_providers recursively
Also check that they haven't been cancelled while starting up.
2016-05-01 10:53:34 +01:00
Simon Arlott
d955cd9f97
authd: use a list for auth_providers
We only need to iterate over this small fixed size list, so
dictionary iteration will be less efficient.
2016-05-01 10:49:12 +01:00
William Pitcock
b585278b32 authd: provider: make refcounting system less fragile 2016-04-30 19:26:02 -05:00
William Pitcock
a71b65b15c Revert "authd: change to lists instead of dictionaries for various things"
This reverts commit 49fd293f20.
2016-04-30 19:20:12 -05:00
Simon Arlott
3b0b4037d0
authd: don't decrement refcount twice when accepting the client 2016-04-30 17:06:21 +01:00
Elizabeth Myers
c767c58b2a
opm: use rb_dlinkDelete instead of rb_dlinkFindDelete. 2016-04-30 01:59:05 -05:00
Elizabeth Myers
49fd293f20
authd: change to lists instead of dictionaries for various things
Iteration is the primary thing done on these, so using a dictionary
doesn't help a lot. Furthermore (and most importantly), they are not
safe to delete from.
2016-04-30 01:59:05 -05:00
Elizabeth Myers
9f7f75295c
authd: don't try to do anything on exit, it's too precarious 2016-04-30 00:46:18 -05:00
Simon Arlott
5ad62c80ee
librb: remove socklen parameter from rb_connect_tcp 2016-04-24 17:11:20 +01:00
staticfox
1729f46eab
authd: Avoid negative array indices 2016-04-22 23:06:42 -04:00
Elizabeth Myers
5e9a3f8674
Change the way authd configures opm
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
2016-04-12 09:36:09 -05:00
Elizabeth Myers
0807c97e69 elide messages about not checking blacklists or scanning for proxies 2016-04-07 09:45:12 -05:00