Commit graph

818 commits

Author SHA1 Message Date
Simon Arlott
de36941445
remove unused variables 2017-08-04 20:02:20 +01:00
Simon Arlott
a2a670824c
cap_server_time: check return values of string functions 2017-07-31 07:58:06 +01:00
Simon Arlott
2d5f4d8e7f
cap_server_time: provide time with millisecond resolution 2017-07-30 22:03:23 +01:00
Simon Arlott
3fb264ef49
m_cap: use rn_snprintf_try_append 2017-07-30 18:30:28 +01:00
Simon Arlott
2f0b6f83bd
m_join: remove global variable parabuf 2017-07-29 23:48:55 +01:00
Simon Arlott
95fff33cf6
m_join: remove global variable modebuf 2017-07-29 23:48:54 +01:00
Simon Arlott
b051b0efd9
m_join: remove global variable para 2017-07-29 23:48:53 +01:00
Simon Arlott
7fce9c6d1b
m_join: remove global variable pargs 2017-07-29 23:48:53 +01:00
Simon Arlott
2077757f2a
m_join: remove global variable mbuf 2017-07-29 23:48:52 +01:00
Simon Arlott
b6f271b2aa
m_cap: Fix CAP LS generation
The `caplen` variable was unused, so the cap to be output wasn't considered
when determining whether or not it would fit.
2017-07-29 22:46:11 +01:00
Simon Arlott
169a1c3535
msgbuf: s_assert is not a substitute for proper code
(dns, m_alias, m_stats updated as msgbuf no longer includes s_assert.h)
2017-07-26 19:30:41 +01:00
Simon Arlott
d2b3a2a474
ircd: check_server: don't allow a connection if that would exceed the class limit 2017-07-23 17:38:11 +01:00
Aaron Jones
41390bfe5f
When a remote MODRESTART command is received, it will pass through the
ENCAP module. The ms_encap function is responsible for dispatching the
command handler and then the modules will eventually be reloaded.

However, if the ENCAP module is reloaded to a different address, the
stack now contains the address of a function that no longer exists.

Also, in this version of the IRCd, the module restarting functionality
was located in a function that is itself located in a module, so things
will also go badly if that module is reloaded to a different address,
too.

Return immediately from the command handler and have the event loop
call the function responsible for reloading the modules instead.

c.f. release/3.5 commit db05a36210

Reported-by: mniip (Freenode)
2016-12-28 22:08:14 +00:00
Keith Buck
df0c70dd1f mr_server: Handle certificate validation errors.
When certificate validation fails, the certificate fingerprint won't be
calculated, resulting in an attempt to format NULL into a log line
showing the fingerprint. Instead, add a different error message for
missing fingerprint (i.e. validation failed).
2016-12-09 10:08:47 +00:00
Keith Buck
fbd3e77eac m_rehash: Require admin privileges for REHASH SSLD.
This change enforces admin privileges for the REHASH SSLD command, as
originally intended.
2016-12-04 22:15:29 +00:00
Simon Arlott
ab6a27d184
Fix cross compile for Windows 2016-12-04 20:21:07 +00:00
Simon Arlott
e2d5ffd5dd
echo-message should work for privmsg/notice to another user
Build the same message but send it to the local client first,
so that the echo-message capability works. But don't do it when
sending a message to yourself.
2016-11-23 21:59:43 +00:00
Simon Arlott
5bc95eaf4a
Use const hook data where possible
core/m_nick.c: In function `change_remote_nick':
core/m_nick.c:745: warning: assignment discards qualifiers from pointer target type
2016-10-30 12:36:50 +00:00
Simon Arlott
d8f0b5d763
cppcheck: fix various warnings/errors
[ircd/match.c:316]: (error) Shifting a negative value is undefined behaviour
[librb/src/patricia.c:55]: (error) Shifting a negative value is undefined behaviour
[modules/m_alias.c:64]: (portability) '(void*)message' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[modules/m_time.c:111]: (warning) %u in format string (no. 9) requires 'unsigned int' but the argument type is 'signed int'.
[modules/m_time.c:111]: (warning) %u in format string (no. 10) requires 'unsigned int' but the argument type is 'signed int'.
[librb/src/dictionary.c:819]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[librb/src/radixtree.c:1080]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[ircd/s_user.c:351] -> [ircd/s_user.c:357]: (warning) Either the condition '0!=source_p' is redundant or there is possible null pointer dereference: source_p.
[extensions/ip_cloaking_3.0.c:109]: (warning, inconclusive) The buffer 'buf' may not be null-terminated after the call to strncpy().
[ircd/chmode.c:256]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_help.c:100]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_knock.c:169]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:628]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:727]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:601]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:704]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:739]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:763]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:768]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:774]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:781]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:786]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:791]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:804]: (style) Clarify calculation precedence for '&' and '?'.
[ircd/wsproc.c:372]: (style) Unused variable: len
[modules/core/m_modules.c:382]: (style) Unused variable: i
[modules/m_stats.c:741]: (style) Unused variable: amsg
[ircd/authproc.c:390]: (style) Unused variable: iter
[ircd/authproc.c:391]: (style) Unused variable: client_p
2016-10-28 20:13:36 +01:00
Aaron Jones
23f5c31719
SASL: Relax rate limiting for failures a little
Begin at 8 seconds after 2 failures and up to ~4 minutes
2016-10-02 14:13:02 +00:00
Xenthys
46ef49c390
SASL: rate-limit after the 2nd failed attempt (m_sasl.c) 2016-10-02 03:57:11 +02:00
Aaron Jones
c6d884e877
whois: check target is an oper before assuming they have a privset
The CHALLENGE functionality will set opername but not privset --
if an oper performs a WHOIS on someone currently half-way through
a challenge we will perform a NULL dereference.

Related to ircd-seven commit d7b05f7583babf6
2016-09-20 13:47:55 +00:00
William Pitcock
01978a2c8c supported: add chantypes_update() 2016-09-16 13:49:02 -05:00
William Pitcock
a4840ff1d8 Merge pull request #217 from Xenthys/release/4
m_grant.c - fixed remote grant support
2016-09-15 22:06:40 -07:00
Stephen Bennett
f32b9ebd63 Add hooks for local and remote nick changes 2016-09-16 00:04:16 -05:00
Xenthys
89aef424e9 m_grant.c - fixed remote grant support 2016-09-10 17:54:13 +02:00
Aaron Jones
ac88154f94
SASL: Disallow beginning : and space anywhere in AUTHENTICATE parameter
This is a FIX FOR A SECURITY VULNERABILITY. All Charybdis users must
apply this fix if you support SASL on your servers, or unload m_sasl.so
in the meantime.
2016-09-03 17:29:53 +00:00
William Pitcock
f8f5ff705a m_grant: convert jevolk's rewritten version to AV2 2016-08-05 23:37:05 -05:00
Jason Volk
17f925817e m_grant: rewrite. 2016-07-26 22:40:26 -07:00
Jason Volk
b5cfad0319 Core modules cannot be unloaded, otherwise bad things happen.
Additionally some information is logged and passed to the operator
conducting a MODRESTART.
2016-06-21 17:42:36 -07:00
William Pitcock
2185c50aad m_modules: use new module api 2016-06-18 00:59:15 -05:00
William Pitcock
397ec4d171 invite: do not send duplicate invite messages (closes #194) 2016-06-16 20:21:18 -05:00
Aaron Jones
0982871a99
strcpy: mass-migrate to strlcpy where appropriate 2016-05-15 03:58:44 +00:00
Aaron Jones
7de13f7e5e
starttls: Allow command usage with backends other than OpenSSL 2016-05-14 00:26:03 +00:00
Simon Arlott
4ad9738d7a
m_alias: correctly construct string to be sent 2016-05-12 19:45:27 +01:00
Simon Arlott
da20854e83
random_ping: stop producing negative values that become 16 chars 2016-05-02 21:14:16 +01:00
Elizabeth Myers
f4d828ef96 m_alias: restore old behaviour of joining all parameters.
There are two important caveats here, however:

1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.
2016-05-01 03:48:00 -05:00
Simon Arlott
896370cc3e
m_stats: don't try to access bl_stats if it doesn't exist 2016-04-30 13:18:48 +01:00
Simon Arlott
4fbb736202
ssld: add a callback when the connection is opened
This allows us to wait until we have the fingerprint information before
continuing with a server connect process.
2016-04-24 11:48:35 +01:00
Simon Arlott
3085734104
m_stats: display certificate fingerprint in STATS C 2016-04-24 01:06:51 +01:00
Simon Arlott
00039dcddd
m_alias: store a copy of alias->name as it will be freed on a rehash 2016-04-24 00:09:12 +01:00
Simon Arlott
84e3e445aa
mr_server: Report certificate fingerprint mismatches
Log the received certificate fingerprint when it causes a server to be
rejected.
2016-04-23 17:37:05 +01:00
Simon Arlott
b49efe577c
mr_server: Handle unknown error codes
As mr_server is a module, it could potentially receive an unknown
error code from check_server().
2016-04-23 17:37:04 +01:00
Elizabeth Myers
7445ece1d1
Revert "Implement the netsplit batch type."
This needs more work, see
https://github.com/ircv3/ircv3-specifications/issues/253

This reverts commit 2373891299.
2016-04-16 11:05:00 -05:00
Elizabeth Myers
2373891299
Implement the netsplit batch type.
This also lays the groundwork for the netjoin batch type, but that isn't
implemented yet. I don't like how some of this is implemented but it'll
have to do for now...

Compile tested, needs more testing.
2016-04-15 16:50:43 -05:00
Elizabeth Myers
5e9a3f8674
Change the way authd configures opm
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
2016-04-12 09:36:09 -05:00
Mantas Mikulėnas
9d07a42d7a
m_sasl: rate-limit SASL REAUTH usage 2016-04-11 21:45:10 +03:00
Mantas Mikulėnas
834579cecd
m_sasl: fix coding style 2016-04-11 20:12:31 +03:00
Mantas Mikulėnas
37289346cd
m_sasl: temporarily reject clients after many failed attempts 2016-04-11 20:02:09 +03:00
Elizabeth Myers
e34368b1bc modules/m_set: booleanify. 2016-04-10 10:11:03 -05:00