Commit graph

359 commits

Author SHA1 Message Date
Ed Kellett
2f68b6e203
Document the remaining new privs 2020-08-04 22:58:31 +01:00
Ed Kellett
58a490f9a4
Add oper:testline 2020-08-04 22:58:30 +01:00
Ed Kellett
6d5be11fb1
Add oper:privs 2020-08-04 22:58:30 +01:00
Ed Kellett
1cd6639a35
Add auspex:oper 2020-08-04 22:58:30 +01:00
Ed Kellett
80303ab70e
chm_staff: use oper:cmodes, don't check op status 2020-08-04 22:58:30 +01:00
Ed Kellett
d4f7eb4ce6
Replace most checks for +o with oper:general
I'm preparing to PR a succession of privs changes with the ultimate goal
of severely limiting the scope of the binary oper/user dichotomy and
move conceptually distinct oper functions into their own privs.

Accomplishing this is a non-trivial task, and can wait, but it's
inconvenient now to have such functions enabled by the same mechanism
that grants any privs at all--so I'm moving all of them to a
transitional priv with the intention of eroding that later.
2020-08-04 22:58:30 +01:00
Simon Arlott
ac09f70838
Merge remote-tracking branch 'ophion/upstream/dnsbl-rename' 2020-07-09 20:53:38 +01:00
Aaron Jones
e241d7979c
Merge pull request #346 from edk0/opmod-as-statusmsg
Port opmod_send_cprivmsg from ircd-seven, sans naming mistake
2020-07-06 10:52:15 +00:00
Janik Kleinhoff
04e5ed6c57
Make 5614c9e6f0b (opmod as fake statusmsg) optional
This adds a channel { ... } option, opmod_send_statusmsg, disabled by
default for compatibility reasons.
2020-07-06 10:36:35 +01:00
Ariadne Conill
043f2c9063 example config: dnsbl{} block change, update explanation comment a bit 2020-07-05 21:20:33 -06:00
Ed Kellett
fff4f76353
Add general::tls_ciphers_oper_only 2020-07-05 23:06:51 +01:00
Stephen Bennett
b3a0099139
Rename connect_delay to post_registration_delay. This matches the ircd-ratbox feature, and better describes what it actually is. Also make sure to set localClient->firsttime on registration, so that the delay counts from the right time. 2020-06-07 19:22:36 +01:00
Stephen Bennett
1bb7964378
Add connect_delay to example and reference configs 2020-06-07 19:22:36 +01:00
Ed Kellett
d691b63be2
Document invite hooks 2020-04-30 18:17:00 +01:00
Ed Kellett
57657a33a3
Document kline_spoof_ip 2020-04-20 11:10:39 +01:00
Ed Kellett
6292d72bbf
Add hide_tkdline_duration to documentation .confs 2019-12-31 01:56:05 +00:00
Ed Kellett
ed3ca2ff16
Propagate OPER
Move opername and privset storage to struct User, so it can exist for
remote opers.

On /oper and when bursting opers, send:

    :foo OPER opername privset

which sets foo's opername and privset. The contents of the privset on
remote servers come from the remote server's config, so the potential
for confusion exists if these do not match.

If an oper's privset does not exist on a server that sees it, it will
complain, but create a placeholder privset. If the privset is created by
a rehash, this will be reflected properly.

/privs is udpated to take an optional argument, the server to query, and
is now local by default:

    /privs [[nick_or_server] nick]
2019-09-13 10:08:27 +01:00
Simon Arlott
912d118fa2
Merge branch 'check-one-kline' of https://github.com/edk0/charybdis into edk0-check-one-kline 2019-08-31 15:05:11 +01:00
Aaron Jones
e2a0687835
Correct OPM port configuration variables
[ci skip]
2019-07-07 19:35:58 +01:00
Ed Kellett
6ca9ff0ea1
Remove unused kline_delay config option 2019-04-27 14:53:04 +01:00
Simon Arlott
1b81e34a55
doc: there is no _static directory 2018-08-12 09:37:50 +01:00
Simon Arlott
f2fa7bd2ab
Merge pull request #263 from anarcat/extban-doc
point users towards HELP EXTBAN for inline help
2018-08-12 09:26:58 +01:00
Antoine Beaupré
f5bd632497
point to the CMODE help page for more modes 2018-08-12 09:23:12 +01:00
Antoine Beaupré
15e0fce707
fix more headings 2018-08-12 09:23:10 +01:00
Antoine Beaupré
0f04574db1
fix two headings to be toplevel 2018-08-12 09:23:09 +01:00
Antoine Beaupré
3eea7d371e
do not hardcode theme 2018-08-12 09:22:59 +01:00
Antoine Beaupré
9546ba08e1
config.rst review 2018-08-12 09:22:58 +01:00
Antoine Beaupré
1e04a8dd8c
review commands.rst style 2018-08-12 09:22:56 +01:00
Antoine Beaupré
b12af1dbb1
fix style in ucommands.rst 2018-08-12 09:22:55 +01:00
Antoine Beaupré
e48d102ca3
fix syntax warning 2018-08-12 09:22:53 +01:00
Antoine Beaupré
316531aefb
fix ucommands.rst style 2018-08-12 09:22:50 +01:00
Antoine Beaupré
b44a51d470
review umodes.rst 2018-08-12 09:22:48 +01:00
Antoine Beaupré
90a29f9ab4
review oprivs.rst style 2018-08-12 09:22:46 +01:00
Antoine Beaupré
5d963f8352
review cmodes.rst style 2018-08-12 09:22:43 +01:00
Antoine Beaupré
4245facd2e
some styling
turn all +flags into preformatted flags, fix admonitions
2018-08-12 09:22:26 +01:00
Antoine Beaupré
a0bd1cc026
ignore build results 2018-08-12 09:20:34 +01:00
Antoine Beaupré
8a7d33db3e
fix duplicate headings, remove duplicate ToC 2018-08-12 09:20:32 +01:00
Antoine Beaupré
8380f40a78
merge two index pages 2018-08-12 09:20:20 +01:00
Antoine Beaupré
2ae078d87b
convert SGML guide to RST
the rationale behind switching away from SGML/Docbook is the following:

 * SGML is hard to edit for humans
 * the output is not much prettier
 * the toolchain is not well supported and missing from the build
 * the build is not hooked into anywhere, no automation

the reason why RST was chosen:

 * it allows for a strong structure like Docbook
 * the theme from Read The Docs is pretty
 * it also supports mobile devices
 * sphinx can easily output to PDF and ePUB formats
 * RST is plaintext that can be easily edited and diff'd
 * RST can be automatically built by ReadTheDocs and the toolchain is
   readily available
 * the output is also parsed by Github so documentation can be read
   straight from GH

the reason why Markdown was not chosen:

 * the current strong structure would be hard to replicate
 * markdown is not standardized and output varies according to the
   implementation

the docs were converted with Pandoc, using the following commands:

    mkdir oper-guide
    for source in sgml/oper-guide/*.sgml; do
        pandoc --toc -s -f docbook -t rst $source -o oper-guide/$(basename $source .sgml).rst
    done
    cd oper-guide
    sphinx-quickstart
    git add *.rst make.bat conf.py
    git add -f Makefile
    git rm -r ../sgml

[merged from d4214e9445: doc/sgml/oper-guide/config.sgml]
2018-08-12 09:15:13 +01:00
Aaron Jones
3cc262f006
doc/reference.conf: clarify that server link fingerprints aren't optional
[ci skip]
2017-11-04 07:41:54 +00:00
Simon Arlott
0ee833da4a
m_sasl: indicate client connection type for SASL 2017-08-09 22:04:11 +01:00
Aaron Jones
28f877462d
Documentation: Comment-out the OPM block and its options by default
The feature is not yet stable and is causing several issues.
2016-12-28 23:41:32 +00:00
Aaron Jones
a49b954f98
reference.conf: Use proper IPv6 RFC Documentation Range Subnet
[ci skip]
2016-11-27 20:51:06 +00:00
Aaron Jones
4381284e72
reference.conf: document that SPKI is supported in version 3.5 now 2016-11-15 12:36:01 +00:00
William Pitcock
087555a00f ircd: introduce 'no-export' links
Links that are 'no-export' are not distributed to the rest of the IRC network (including local peers).
This provides a core primitive for 'anycasting' services (but the actual issue of synchronizing data in
a services package is left to the authors of the services package).
2016-09-16 17:18:55 -05:00
Aaron Jones
6621472435
reference.conf: Document fingerprint generation
[ci skip]
2016-07-16 05:42:09 +00:00
William Pitcock
be2447b850 config: document websocket options 2016-05-14 17:24:20 -05:00
James Lu
cdc31cc55f doc: add extensions/chm_nonotice to example confs 2016-05-11 21:39:42 -07:00
Aaron Jones
9d6b870d7b
[Documentation] Increase bitlength recommendation for DH parameters
Also clarify the behaviour of TLS backends and the consequences for
not providing any parameters at all.

[ci skip]
2016-05-05 04:20:16 +00:00
Aaron Jones
70a70462e5
[Documentation] Reflect that ssl_private_key is now optional
[ci skip]
2016-05-05 04:20:07 +00:00
Simon Arlott
7380ded584
ircd.conf.example: use certfp_method = spki_sha256
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate
are really impractical and people need to stop using them.
2016-04-25 23:52:18 +01:00
Simon Arlott
dc986b5468
sslproc: prefix SPKI certfp types to distinguish them from CERT 2016-04-25 20:12:27 +01:00
Simon Arlott
d4214e9445
ircd: server connection configuration
Fix the server connection configuration so that it can simultaneously
handle a hostname/IPv4/IPv6 for connecting and a hostname/IPv4/IPv6
for binding. Maintains backwards compatibility for matching a hostname
with a mask.

Multiple host/vhost entries can be specified and the last value for
each address family is stored. Hostnames that resolve automatically
overwrite the IP address.

Server connections can now be made to either IPv4 or IPv6 at random
as well as preferring a specific address family.
2016-04-24 17:06:24 +01:00
Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.

(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Mantas Mikulėnas
3bb3dcf7f5
doc: fix whitespace in example configs [ci skip] 2016-04-23 17:57:07 +03:00
Elizabeth Myers
a2b7ef92a1 Make directions more clear for disabling OPM 2016-04-11 11:26:15 -05:00
Elizabeth Myers
cfb9253671 Update warnings in the opm default configs [ci skip] 2016-04-02 23:42:23 -05:00
Elizabeth Myers
4dbed1ed61 conf: in OPM, it's listen_port, not port. [ci skip] 2016-04-02 19:53:24 -05:00
Elizabeth Myers
eb0814b3cb opm: add support for HTTPS CONNECT proxies.
TBD: do we need an SSL listener for these?
2016-04-02 18:38:21 -05:00
Elizabeth Myers
0ed0a9fe0a Move m_locops module to extensions.
Many networks do not use local ops and therefore should not be required
to have this around all the time.
2016-04-02 05:20:30 -05:00
Elizabeth Myers
9bba0f6143 opm: add adjustable timeout values 2016-04-02 03:33:27 -05:00
Elizabeth Myers
fabe8b94c5 Add HTTP CONNECT proxy scanning 2016-04-02 03:11:30 -05:00
Elizabeth Myers
81a05933bf add proxy_exempt to conf files 2016-04-02 02:49:38 -05:00
Elizabeth Myers
51fa2ab8a3 opm: allow scanners to be configurable 2016-04-02 02:29:48 -05:00
Elizabeth Myers
8275e2700d Add opm stuff to default configs 2016-04-01 04:11:04 -05:00
Elizabeth Myers
f105844aad StaticBox is dead, so let's not reference it in the conf files. 2016-04-01 03:45:45 -05:00
Matt Ullman
5c0df0e743 doc: Cleanup trailing whitespace 2016-03-29 10:09:52 -04:00
Aaron Jones
ed2efe7664
Add extb_usermode module to example configuration files
[ci skip]
2016-03-28 03:29:57 +01:00
Aaron Jones
6c5fa2f6b3
Document extb_usermode module
[ci skip]
2016-03-28 03:28:12 +01:00
William Pitcock
1859e9d7d7 ircd: remove basically entirely pointless ServerInfo.hub (closes #167) 2016-03-19 23:05:07 -05:00
Elizabeth Myers
0e1f366732 reference.conf: fix me being an incompetent fuckwit.
Blind search and replace ruined this file. Remember to check your
regexes, people.
2016-03-12 20:27:37 -06:00
Elizabeth Myers
9abdcf1c64 modules: can .la suffix.
.la archives are prohibited by most Linux distributions because they
clutter up the linker. They may get caught up as victims in scripts that
purge .la files. Besides, .la files don't matter for simple loadable
modules on most systems.

So, what we do now instead is just use the platform suffix detected by
libtool.
2016-03-12 20:10:46 -06:00
William Pitcock
f2d5cea00a modules: remove explicit CPRIVMSG/CNOTICE, this has been obsolete for a long time 2016-03-10 02:13:43 -06:00
Elizabeth Myers
a5c46d31e4 Ginormous docs cleanup.
Purge a lot of really old and obsolete documents, and merge some together
where possible. Lots of efnet docs and the old ircd-ratbox manpage (lol)
was purged.

Reorganise everything nice and neatly as possible. Things describing
features can be found in features/, and some more technical documents
were moved to techinical/.

Old credits file was consolidated into credits-past.txt, and a reference
was added to it in the credits.
2016-03-05 22:39:50 -06:00
William Pitcock
9ea48ec30a remove presupplied autotools files 2016-03-05 17:47:48 -06:00
William Pitcock
c678fbc08b ircd: remove broken USE_IODEBUG_HOOKS knob and related code 2016-02-20 12:02:49 -06:00
Valerii Iatsko
5203cba5ce Remove libratbox's snprintf.c, update related ircd code 2016-02-10 02:25:32 +01:00
William Pitcock
71c955336e ircd: add general::hide_opers_in_whois to simulate ircd-seven operhide 2016-01-15 13:38:40 -06:00
William Pitcock
4d21f1e8e0 extensions/helpops: new module, implementing a helpops system.
if loaded, this module takes over /stats p, and displays people who are umode +H.
to get umode +H, one must have the "usermode:helpops" permission.
2016-01-14 08:08:40 -06:00
William Pitcock
14482679ce ircd: channel: implement an option to strip color codes from channel topics 2016-01-13 17:05:41 -06:00
William Pitcock
e118f2d431 extensions/chm_operpeace: new module which disallows kicking of operators on select channels 2016-01-13 16:52:56 -06:00
William Pitcock
88c48be58c extensions/sno_globalnickchange: import from ircd-seven 2016-01-12 07:10:39 -06:00
William Pitcock
15feac531c ircd: implement support for remote module load/unload/etc commands 2016-01-12 00:37:54 -06:00
William Pitcock
cc7ae51cdc Allow remote DIE and RESTART (from ircd-seven) 2016-01-12 00:04:54 -06:00
William Pitcock
a4721f5e9f ircd: implement EXTENDCHANS, based on ircd-seven (with some improvements from chatircd) 2016-01-11 23:32:23 -06:00
William Pitcock
fe749d3709 ircd: implement GRANT subsystem based on ircd-seven 2016-01-11 23:02:03 -06:00
William Pitcock
9e45a5ca19 buildsystem: further cleanup 2016-01-08 07:01:00 -06:00
William Pitcock
f0718c93d5 configure: use correct path for libltdl 2016-01-08 06:50:01 -06:00
William Pitcock
5164a68650 buildsystem: update Makefile.in's 2016-01-08 05:20:32 -06:00
Aaron Jones
d8c4154da2 Fix LTDL conditional, remove some unnecessary and/or ugly configure tests 2016-01-07 17:15:55 +00:00
William Pitcock
d76258f559 modules: revert lt_dlopenext() change 2016-01-06 01:57:24 -06:00
William Pitcock
79b525052b doc: fix make install 2016-01-06 01:34:41 -06:00
William Pitcock
30da589e9e modules: use lt_dlopenext() to make the config look nicer 2016-01-06 01:33:33 -06:00
William Pitcock
2a19fc3f57 general: remove last vestiges of static modules support (this hasn't ever actually worked...) 2016-01-06 01:28:20 -06:00
William Pitcock
0fa09b8024 documentation updates for libltdl 2016-01-05 21:41:03 -06:00
William Pitcock
c52df12552 buildsystem: convert to automake + libtool 2016-01-05 21:20:25 -06:00
William Pitcock
d513218a9e LIST: allow channel display threshold to be configured (closes #109) 2015-12-26 22:23:28 -06:00
William Pitcock
c1725bda3c ssl: allow cipher list to be overridden (closes #67) 2015-12-12 07:50:48 -06:00
William Pitcock
63eb8567cb implement configurable channel modes (closes #31)
While functionally compatible with the implementation in ElementalIRCd, our approach is different,
specifically pre-calculating the bitmask at config load time.  This is more efficient, and allows us
to report errors as part of the configuration phase.
2015-12-11 15:36:53 -06:00
William Pitcock
98c645cadb document extb_combi and extb_hostmask bans (closes #74) 2015-12-10 02:27:08 -06:00