Commit graph

2465 commits

Author SHA1 Message Date
Martin Weinelt
f5f2190b40 add default.nix 2020-07-28 23:13:35 +02:00
ManiacTwister
529e8705c2 Merge remote-tracking branch 'upstream/release/3.5' into hackint/3.5 2020-03-01 18:15:35 +01:00
Aaron Jones
fca7f870c8
extensions/extb_ssl.c: make certfp parameter case-insensitive
I had the idea that maybe these should be case-sensitive because some
encodings (like Base-64) are. But it turns out it's better to
prioritise not breaking existing configurations / channel mode lists,
and just revisit this in future maybe.

[ci skip]
2020-01-28 20:47:04 +00:00
Aaron Jones
5572f43834
extensions/extb_ssl.c: clean up this logic
This should also be using strcmp(3), not irccmp().
No practical consequence (yet), it just makes more sense.
2020-01-28 20:35:42 +00:00
Aaron Jones
905508885b
Support ECDH X25519 for TLSv1.3 (OpenSSL 1.1.1) 2019-09-08 13:57:53 +00:00
Aaron Jones
88fbca25d0
Charybdis 3.5.7 2019-08-31 19:11:05 +00:00
Simon Arlott
a74ee5d2c7
Revert "ircd: Fix umode orphan scheme."
This reverts commit c1fc044c35.
2019-08-31 15:06:30 +01:00
Simon Arlott
24b8fd0063
m_sasl: Don't process authentication messages if SASL has been aborted 2019-06-08 22:07:36 +01:00
Aaron Jones
a589946b42
Revert "m_sasl: Don't process authentication messages if SASL has been aborted"
SASL does not work with this commit in the tree.

This reverts commit f44a0d7ea2.
2019-06-08 20:59:36 +00:00
Simon Arlott
f44a0d7ea2
m_sasl: Don't process authentication messages if SASL has been aborted 2019-02-23 13:19:13 +00:00
Aaron Jones
358a73c8d5
Merge branch fakelist into release/3.5 2018-11-26 21:24:34 +00:00
Aaron Jones
3c36726f83
src/newconf.c: fakechannel: guard against repeated config options
Also correct another minor memory leak
2018-11-26 21:23:51 +00:00
ManiacTwister
9a10251fd5 Fixed syntax error 2018-11-26 22:10:11 +01:00
ManiacTwister
d7aec4702a Initialize fakechan topic to NULL, allocate an empty string if not overridden 2018-11-26 22:03:42 +01:00
ManiacTwister
908f1c30c4 Proper range for fakechannel user count 2018-11-26 20:13:37 +01:00
ManiacTwister
cee332ab83 Use irccmp instead of strcasecmp for fakechannels 2018-11-26 20:13:20 +01:00
ManiacTwister
0ca3cf0d91 Disable fakechannels by default 2018-11-26 20:13:00 +01:00
ManiacTwister
590a46b165 Fixed fakechannel removal 2018-11-26 20:12:44 +01:00
ManiacTwister
23e6d4ed73 Check if users_max is less than users_min 2018-11-26 20:12:04 +01:00
ManiacTwister
6d01464fc5 Allow fakechannels with 0 users 2018-11-26 20:11:37 +01:00
ManiacTwister
a4e5c2fa61 Added fakechannels to /LIST 2018-11-21 20:19:41 +01:00
ManiacTwister
074e23e4e2 Added SNI support (OpenSSL) 2018-11-21 20:03:48 +01:00
ManiacTwister
0b79494ec9 Added fakechannels to /LIST 2018-10-27 21:47:25 +02:00
ManiacTwister
d89ff1897d Check if ssl_cipher_list is set 2018-10-27 20:59:42 +02:00
ManiacTwister
bec08a8364 Allow fd limit change when rehashing 2018-10-27 20:59:02 +02:00
ManiacTwister
ef70f680c5 Add commit sha1 to charybdis version 2018-10-27 20:53:52 +02:00
Aaron Jones
a034b14fbf
charybdis 3.5.6 2018-08-26 18:50:21 +00:00
Aaron Jones
cc34e7543a
libratbox/src/mbedtls_ratbox.h: remove unnecessary inclusion 2018-08-26 18:50:08 +00:00
Simon Arlott
3ea954da3a
m_nick/m_sasl/m_user: restore check for mixing of client and server protocol 2018-08-15 22:48:08 +01:00
Simon Arlott
28caceba33
m_pass: store unverified SID in preClient for use in m_server 2018-08-15 22:48:07 +01:00
Aaron Jones
4f8ad92ab4
MbedTLS: Support ChaCha20-Poly1305 in TLSv1.2+ 2018-08-13 22:34:16 +00:00
Simon Arlott
151c4614a0
authd: always use an empty buffer to read ident reply
Otherwise we could read uninitialised data beyond the actual reply
2018-08-12 18:57:15 +01:00
Simon Arlott
03f04cd80e
m_sasl: check if the agent is present after every client_exit
When a server disconnects the client_exit hook will only be called once
but there could be multiple servers and clients behind that server.

After any client exits, check if the agent is still present.
2018-08-12 13:06:20 +01:00
Simon Arlott
f515fa9382
doc: build with travis 2018-08-12 10:15:05 +01:00
Simon Arlott
8e02234970
doc: there is no _static directory 2018-08-12 09:42:10 +01:00
Simon Arlott
ccaf2012bd
Merge pull request #263 from anarcat/extban-doc
point users towards HELP EXTBAN for inline help
2018-08-12 09:25:56 +01:00
Antoine Beaupré
6e93b3b153
point users towards HELP EXTBAN for inline help 2018-07-26 16:39:58 -04:00
Aaron Jones
bfffef7436
modules/m_sasl.c: prevent abort_sasl() sending 906 twice 2018-04-06 20:05:48 +00:00
Aaron Jones
11d111c3fa
modules/m_sasl.c: abort session if we receive '*' as data
Otherwise we'd send the * on to services as actual data, which is likely
to fail to decode it (it's not valid Base-64) and reply with an SASL ...
D F which will result in us sending a 904 numeric instead of a 906.

cf. https://github.com/ircv3/ircv3-specifications/pull/298#issuecomment-271336287

Reported-By: James Wheare
2018-04-06 19:45:56 +00:00
Aaron Jones
6c00795284
libratbox/src/mbedtls.c: check public/private keys match 2018-01-06 15:58:30 +00:00
Aaron Jones
412263854f
src/s_user.c: don't send fake MODE for clients who have CHGHOST
Reported-by: Samuel Hoffman <samuelhoffman2@gmail.com>
2017-12-17 03:20:08 +00:00
Aaron Jones
9d80b087cd
doc/reference.conf: clarify that server link fingerprints aren't optional
[ci skip]
2017-11-04 07:42:21 +00:00
Aaron Jones
cf5b56b06b
Update configure from configure.ac 2017-10-23 11:44:04 +00:00
mniip
5ce1252007
configure.ac: Adjust dlopen/dlsym checks
In modern gcc/clang, libasan (the address sanitizer runtime) exports a
weak definition of `dlopen` so that it can intercept certain flags. If
one tried to `./configure` with address sanitizer enabled, this would
cause AC_SEARCH_LIBS to conclude that dlopen doesn't require any link
flags to use. However libasan does not export `dlsym` and this caused
AC_CHECK_FUNC to fail because it didn't try linking with `-ldl`.
2017-10-23 11:43:42 +00:00
Aaron Jones
e1d4ebda4d
modules/static_modules.c.SH: use correct header file
Commit 4016731b1c missed a file.

Reported-by: mniip (Freenode)

[ci skip]
2017-10-15 06:38:33 +00:00
Aaron Jones
c380c2336a Merge pull request #247 from anarcat/cmode-help-pointer
point to the CMODE help page for more modes
2017-08-29 18:21:56 +00:00
Antoine Beaupré
b018538406
point to the CMODE help page for more modes 2017-08-29 09:10:37 -04:00
Simon Arlott
55735d9d7e
exit_unknown_client: don't delete servers from the client hash
Outgoing servers are not added to the client hash until they reach
IsServer() status, so if they're unknown when they exit then don't
attempt to delete them.
2017-08-24 20:09:17 +01:00
Simon Arlott
754c1edf2e
m_sasl: indicate client connection type for SASL 2017-08-13 21:52:04 +01:00
Aaron Jones
a6485efda0
libratbox/src/commio.c: misc cleanups for compiler warnings
commio.c:2244:11: warning: variable length array used [-Wvla]
commio.c:2253:29: warning: comparison of integers of different signs:
                  'unsigned int' and 'int' [-Wsign-compare]

This use of alloca(3) is okay-ish considering the corresponding function
`rb_recv_fd_buf()` already uses it too, for much the same purpose. Also
remove a redundant return statement.
2017-08-04 12:32:58 +00:00