Commit graph

897 commits

Author SHA1 Message Date
Aaron Jones
4d12e65469 extensions/invite_notify: make the NOTICE optional, configurable
This adds a configuration option that determines whether the NOTICE is
sent to clients that do not support the IRCv3 invite-notify capability.

Requested by LiberaChat MGM.
2023-11-08 13:12:49 +00:00
Aaron Jones
642c73dddb ircd/listener: return a fatal TLS alert for early rejected TLS clients
This is in furtherance of commit 3fdf26aa19 which added
functionality to reply with a TLS record layer alert for D-Lined TLS
clients. It turns out that there are other plaintext error messages
in this same function that should receive the same treatment.

Also move another error string to a variable and use a compile-time
optimised-out strlen for it too, to use the same approach as an
existing error string.

Finally, use a different alert (internal_error) for the case where
IRCd is simply unable to accept more connections.
2023-11-07 23:52:41 +00:00
Doug Freed
c1b01bf5ec client: refactor del_all_accepts to allow skipping own accept list
This allows reusing this function for other uses that just need to
remove this client from others' accept lists on nick change and not have
duplicates of this code everywhere
2023-11-06 17:31:44 +00:00
Eric Mertens
460e793274
Replace RPL_WHOISTEXT(337) with RPL_WHOISSPECIAL(320) (#419)
Reasons:
* 337 conflicts with other IRCds use as RPL_ENDOFINVITELIST
* 320 is commonly used for extra human-readable information
2023-10-03 16:35:52 -07:00
David Schultz
d1c028f212
Warn opers about unresponsive servers 2023-06-13 09:13:42 -05:00
Aaron Jones
fbc97166a6
authd: fix crash/restart breaking DNSBL lookups (#394)
authd child processes are only told about configured DNSBLs when the
configuration is being parsed.

This is bad, because when authd crashes or is killed, IRCd will restart
it, but will not tell it about any configured DNSBLs until IRCd is next
rehashed.

We already have a dictionary that stores configured DNSBLs (for hit
statistics for `STATS n'), so store the additional needed fields in
that structure, and loop over that dictionary's entries when authd is
restarted, sending the fields just as if the configuration were being
reloaded.

Reported-By: @Unit193
2023-01-11 01:28:32 +00:00
Tobias Geerinckx-Rice
32d37a1660 strip_colour: Strip '\x11' (monospace) and '\x1e' (strikethrough)
Also clarify the comment: this function strips more than just colours.
2023-01-03 05:08:29 -06:00
JailBird
6f4dfd9c78 Remove the unused COMPRESSED flag and stats handler
- Null "compress" handler left as-is in newconf.c
2022-12-22 16:23:00 -06:00
Tobias Geerinckx-Rice
d03347cbb6 Note that messages caught in +g/+G are discarded 2022-10-26 14:08:07 -04:00
David Schultz
01fb744c40
Add umode +I to allow users to hide their idle time (#220) 2022-08-30 16:49:43 -04:00
jailbird777
3c586ccf3e
Remove ancient portability code (#361)
Remove portability code for systems that don't follow at least SUSv3.
This fairly closely aligns with ISO C99, which solanum already requires.
2022-08-24 20:53:52 -04:00
jailbird777
8e9a741832 OpenSSL 3.0 compatibility
Edited by @aaronmdjones:

- Correct some data types and casts

- Minor style fixups (e.g. we put * on the variable name not the type)

- librb/src/openssl.c:

  - Defer call of BIO_free(3ssl) to the end of the conditional block
    to avoid having calls to it in multiple paths

  - Check the return value of SSL_CTX_set0_tmp_dh_pkey(3ssl) because if
    it fails then we must use EVP_PKEY_free(3ssl) to avoid a memory leak

    This could fail if, for example, the user supplied DSA parameters
    in the DH parameters file instead.

- ircd/newconf.c:

  - Check whether OSSL_DECODER_CTX_new_for_pkey(3ssl) was able to parse
    the given CHALLANGE public key as a valid RSA public key, and then
    check whether OSSL_DECODER_from_bio(3ssl) actually loads it
    successfully

- ircd/s_newconf.c:

  - Use EVP_PKEY_free(3ssl) instead of OPENSSL_free(3ssl) on EVP_PKEY
    pointers; this will avoid inadvertent memory leaks if the EVP_PKEY
    structure contains any dynamically-allocated child members

- modules/m_challenge.c:

  - Unconditionally use EVP(3ssl) to generate the SHA-1 digest of the
    random challenge; this API has been around for a very long time and
    is available in all supported versions of OpenSSL

  - Add lots of error checking to all steps of the process

Tested against 1.1.1 and 3.0; both with missing and provided DH parameters
(which works as you'd expect; the server will not negotiate a DHE cipher
without them), and CHALLENGE, including missing keys or keys of the wrong
type (e.g. when you supply an EdDSA key instead of an RSA key).

This does break compatibility with OpenSSL 1.1.0 and below, which are now
all end-of-life and unsupported anyway.

Closes #357
2022-08-25 00:36:47 +00:00
Jess Porter
fdd8cad93f
EBMASK capab, to burst BMASK metadata (#354) 2022-08-20 01:35:54 +01:00
Doug Freed
860187d028 chm_regmsg: don't duplicate nick in 415
sendto_one_numeric already includes the nick, so there's no need to 
duplicate it. OFTC does not.
2022-07-11 23:35:25 -04:00
Matthew Martin
5c01fc8bd7 Cast time_t to long long when printing 2022-07-01 03:43:36 -04:00
Eric Mertens
48a06ae3d7
Add description parameter to auth blocks (#327) 2022-04-14 14:39:45 -07:00
Ed Kellett
ba95896969 Make valid_temp_time overflow-resistant 2022-04-13 01:09:27 +01:00
Ed Kellett
7a246575e5 remove some header dependencies on client.h 2022-03-06 22:51:19 +00:00
Valerie Pond
08b7b6bd7e just a stray colon where it wasn't meant to have :) 2021-10-26 20:32:15 -05:00
Ed Kellett
1788e55713 Support *mask* and !*mask* in LIST 2021-10-19 23:33:48 +01:00
jesopo
be52c4c062
add SNO_BANNED, snote for it on client k/x-line rejection (#242)
* add SNO_BANNED, snote for it on client k/x-line rejection

* add snomask help file line for SNO_BANNED
2021-08-11 17:08:31 +01:00
Ariadne Conill
e2ade30437 listener: refactor to use rb_dlink like the other lists in ircd 2021-07-31 00:05:59 -04:00
Melissa Draper
e4a62bbc85 Create configurations for user-facing messages within registration (#238) 2021-07-29 21:44:23 -04:00
Melissa Draper
05bc814d83 Create configurable client rejection message for SASL only (#236) 2021-07-29 21:44:23 -04:00
Melissa Draper
875fed0168
Update NUMERIC_STR_435 to be more human-readable and mention quiets 2021-07-29 21:40:16 -04:00
Ariadne Conill
81531536aa
Remove ziplinks (#218) 2021-06-26 17:45:52 +01:00
Eric Mertens
4d8088c386
Allow auth{} to apply extra umodes (#202)
Allow auth{} to apply extra umodes

Co-authored-by: Doug Freed <dwfreed@mtu.edu>
Co-authored-by: Ed Kellett <e@kellett.im>
2021-06-12 11:04:33 -07:00
Ed Kellett
ce376a21cc Keep propagated bans in a dictionary, not a list 2021-06-08 21:57:43 +01:00
Ed Kellett
b5f46fda92 Delete RPL_WHOISSPECIAL 2021-06-05 20:21:45 +01:00
Ariadne Conill
3fc0499e77
Mailmap and copyright update for Ariadne 2021-06-01 12:40:02 -04:00
Mike Quin
f47785bca2
Use plain language in +r/+R error messages (#169) 2021-05-29 00:41:25 +01:00
Ed Kellett
3ff5a12e75
Allow temporary K-lines to extend shorter ones (#142)
* Temp K-lines may extend shorter temp K-lines

* /unkline removes multiple matching K-lines

* K-lines remove any temp K-lines they're replacing
2021-04-27 14:45:04 +01:00
Ed Kellett
dfeba65563 Add channel::ip_bans_through_vhost 2021-04-26 17:51:55 +01:00
Ed Kellett
e6e26343c3
Reword ERR_ALREADYREGISTERED (#145) 2021-04-17 18:48:53 +00:00
Ed Kellett
92fa29ce37
channel: flood warnings for privmsg, not notice (#147) 2021-04-17 18:43:59 +00:00
David Schultz
f8838806ef
make VERSION not include sid (#118) 2021-04-10 15:19:27 +01:00
Ed Kellett
181410f218 Make privilegeset_privs more const 2021-03-01 15:45:03 +00:00
Ed Kellett
9962f62577 privilegeset_diff: return things in a struct 2021-03-01 15:45:03 +00:00
Ed Kellett
8b8320596c privilege: factor out a null check 2021-03-01 15:45:03 +00:00
Ed Kellett
8aadf0ce46 Track and inform modules of privset changes 2021-03-01 15:45:03 +00:00
jess
fdd4857c1d
/accept list should track nick changes when you share channels (#96)
* move has_common_channel to s_user.c

* don't remove clients from /accept on NICK when there's a common channel

Co-authored-by: Ed Kellett <e@kellett.im>
2021-01-24 21:00:34 -08:00
Eric Mertens
0ba1da5910
Add +R channel mode module requiring services account to chat (#102)
* Add +R channel mode module requiring services account to chat

* Use void* in hook argument

* move chm_regmsg from modules to extensions

* generate error message when module fails to load
2021-01-24 05:13:03 -08:00
jess
40ecb85a1d
add ConfigFileEntry.oper_secure_only, to require TLS to oper up (#76) 2020-11-18 14:29:08 +00:00
Ed Kellett
6485005214 Get rid of hub_mask/leaf_mask 2020-11-14 18:22:08 +00:00
Ed Kellett
e5e814b3db Use opernames not servernames for remote opers 2020-11-13 23:30:04 +00:00
Doug Freed
fcdc666b42 m_privs: refactor to use multiline 2020-11-12 19:18:01 -05:00
Doug Freed
8efff56fdf send: add sendto_one_multiline_* API
Allows simplifying multiline wrapping for multiple usages, like CAP
LS/LIST, NAMES, and WHOIS channel listing
2020-11-12 19:18:01 -05:00
Ed Kellett
63ab1dd609 Add general::stats_l_oper_only 2020-11-08 19:38:19 +00:00
Eric Mertens
d295a3986d
Stop using chm_nosuch as a sentinel value (#53)
Remove chmode compat modules

This removes the need for chm_nosuch as well. Unknown mode detection happens in mode parsing now.
2020-11-08 09:50:17 -08:00
Ed Kellett
6ac21a70e2 Add general::hidden_caps 2020-11-08 14:08:38 +00:00