Commit graph

3125 commits

Author SHA1 Message Date
Aaron Jones
f831e92603
Fix possible crash when DH parameters are not provided
This has ssld calling strlen() on a NULL value

[ci ckip]
2016-05-03 17:49:00 +00:00
Simon Arlott
da20854e83
random_ping: stop producing negative values that become 16 chars 2016-05-02 21:14:16 +01:00
Simon Arlott
84d0b55e76
authd: fix reference far off the end of the array on shutdown
When authd has no more input it tries to reject all current clients with
an id of UINT32_MAX.
2016-05-01 11:51:07 +01:00
Simon Arlott
2f598dacdd
authd: remove unused variable id from accept_client 2016-05-01 11:51:06 +01:00
Simon Arlott
075d4d569e
authd: allocate the correct size of auth_client_data
If there are holes in the auth_providers ID numbers, the array allocated
based on list length won't be large enough to handle all the IDs.

(auth->data could be converted to a dlink_list)
2016-05-01 11:51:05 +01:00
Simon Arlott
a5f52774bb
authd: Only use refcount for reference counting
Use providers_active for provider activity tracking.
2016-05-01 11:31:05 +01:00
Simon Arlott
2392770f4d
authd: fix auth->cid type sizes
* long is too small on 32-bit systems, use unsigned long long if we want
  to check for out of range values
* UINT32_MAX is a valid cid, and 0 isn't
* make auth->cid a uint32_t not uint16_t
2016-05-01 11:12:34 +01:00
Simon Arlott
a4da4fe574
authd: fix memory leak in start_auth 2016-05-01 10:59:22 +01:00
Simon Arlott
9f928dc532
authd: don't call cancel_providers recursively
Also check that they haven't been cancelled while starting up.
2016-05-01 10:53:34 +01:00
Simon Arlott
d955cd9f97
authd: use a list for auth_providers
We only need to iterate over this small fixed size list, so
dictionary iteration will be less efficient.
2016-05-01 10:49:12 +01:00
Elizabeth Myers
f4d828ef96 m_alias: restore old behaviour of joining all parameters.
There are two important caveats here, however:

1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.
2016-05-01 03:48:00 -05:00
William Pitcock
998b6ec513 stage for charybdis 4-beta1. 2016-04-30 19:58:14 -05:00
William Pitcock
9cd0063a2c librb: fix commio build on win32 2016-04-30 19:33:31 -05:00
William Pitcock
b585278b32 authd: provider: make refcounting system less fragile 2016-04-30 19:26:02 -05:00
William Pitcock
a71b65b15c Revert "authd: change to lists instead of dictionaries for various things"
This reverts commit 49fd293f20.
2016-04-30 19:20:12 -05:00
Aaron Jones
92404a1a98
[openssl] Forward-port some more cleanups from fixes to 3.5 2016-04-30 21:45:16 +00:00
Simon Arlott
3b0b4037d0
authd: don't decrement refcount twice when accepting the client 2016-04-30 17:06:21 +01:00
Simon Arlott
896370cc3e
m_stats: don't try to access bl_stats if it doesn't exist 2016-04-30 13:18:48 +01:00
Simon Arlott
3c5f720c6f
authd_check: don't try to update bl_stats if it doesn't exist
This can happen if all the blacklists are removed and then authd
sends a blacklisted response for a client.
2016-04-30 13:18:06 +01:00
Simon Arlott
4573f8f2fb
authproc: don't try to delete bl_stats if it hasn't been created 2016-04-30 13:11:06 +01:00
Simon Arlott
8a29e7cd1e
librb: shutdown() listening sockets pending close() so that listeners can be reopened reliably 2016-04-30 11:36:28 +01:00
Elizabeth Myers
c767c58b2a
opm: use rb_dlinkDelete instead of rb_dlinkFindDelete. 2016-04-30 01:59:05 -05:00
Elizabeth Myers
49fd293f20
authd: change to lists instead of dictionaries for various things
Iteration is the primary thing done on these, so using a dictionary
doesn't help a lot. Furthermore (and most importantly), they are not
safe to delete from.
2016-04-30 01:59:05 -05:00
William Pitcock
d71787ab69 librb: rb_path_to_self(): use sysctl(2) interface on freebsd/dragonfly 2016-04-30 01:19:08 -05:00
Elizabeth Myers
e7c4ecd5b1
authproc: don't delete during iteration, this is not safe. 2016-04-30 01:11:56 -05:00
William Pitcock
a2bfe0f88e librb: linebuf: don't reinvent rb_dlinkAddTailAlloc(). 2016-04-30 00:59:08 -05:00
Elizabeth Myers
9f7f75295c
authd: don't try to do anything on exit, it's too precarious 2016-04-30 00:46:18 -05:00
William Pitcock
5a775221d2 tools: fix stub rb_strcasecmp() build 2016-04-29 19:52:19 -05:00
William Pitcock
b5f3e5e5e8 ircd: Channel.bants is not a serial but a timestamp.
Previously, the IRCd would increment bants instead of resyncing the timestamp, causing the potential of
false negatives from the bancache system.
2016-04-29 18:59:32 -05:00
Simon Arlott
ff0414c856 librb: close FDs when they're freed (outside of select handler) 2016-04-29 16:19:08 -05:00
Aaron Jones
fed4fc59bc
Mention another RFC with regard to deprecating plaintext 2016-04-29 16:28:18 +00:00
Aaron Jones
cf12678be5
[openssl] More improvements to the backend
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes #186)
* Don't try to set options / ciphers etc on a NULL CTX
* Clean up ifdef indentation
* Fix DH parameters memory leak
2016-04-29 16:26:52 +00:00
Simon Arlott
f9014791da
openssl: set ciphers on client connections too 2016-04-29 07:42:12 +01:00
Simon Arlott
1cdf323be9
sslproc: don't send updated config to dead/shutdown sslds
They might be running older versions of the SSL library that
doesn't support the key type or ciphers being configured.
2016-04-29 07:35:43 +01:00
Simon Arlott
036cafaaaf
sslproc: reset ssld_wait/spin_count when explicitly requested to restart ssld 2016-04-28 22:25:36 +01:00
Aaron Jones
6a7ea191a7
[mbedtls] correct printf argument count
[ci skip]
2016-04-27 22:11:19 +00:00
Aaron Jones
b28c26d965
Partially revert previous commit
The OpenSSL backend is the only one that assigns a non-constant
value to the length variable. Use the correct type for its
pointer and cast instead.

[ci skip]
2016-04-27 21:49:55 +00:00
Aaron Jones
e3760ba710
[TLS backends] Miscellaneous fixes
* Certificate fingerprint length functions return an "int", so use an
  int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
2016-04-27 21:45:19 +00:00
Simon Arlott
d6acb43769
openssl: don't allow certificates outside the validity period 2016-04-27 22:03:49 +01:00
Simon Arlott
c53b6ef2cc
epoll: don't try to read from closed FDs 2016-04-27 21:16:29 +01:00
Aaron Jones
b1f0549361
[openssl] support ECDHE on more than one curve when possible 2016-04-27 16:17:33 +00:00
Simon Arlott
f590c59d5c
mkfingerprint: use certfp method names from certfp.h 2016-04-26 20:58:16 +01:00
Simon Arlott
0346918701
add mkfingerprint program 2016-04-26 20:49:03 +01:00
Simon Arlott
f018ed844d
certfp: Move method name/prefix strings to a separate header file 2016-04-26 20:33:18 +01:00
Simon Arlott
31646e89ba
librb: gnutls: check return value of fread() 2016-04-26 20:33:17 +01:00
Simon Arlott
7380ded584
ircd.conf.example: use certfp_method = spki_sha256
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate
are really impractical and people need to stop using them.
2016-04-25 23:52:18 +01:00
Simon Arlott
5adde7a4ed
getopt: don't modify argv as it breaks restart() 2016-04-25 23:32:18 +01:00
Simon Arlott
c173a8ad44
modules: use exit(EXIT_FAILURE) on failure
This will allow service process monitoring to recognise the difference
between a shutdown and an error of a -foreground ircd, because only
/DIE (or SIGINT) will exit with return code 0.
2016-04-25 22:27:57 +01:00
Simon Arlott
762468f85d
authd: wait until the ssl connection is "open" before reading
It's useful to allow authd to run in parallel with ssl negotiation,
but if the ssld connection has plaintext data ready for reading
there's a race condition between authd calling read_packet() and
ssl_process_certfp() storing the certificate fingerprint. This
scenario would be bad for a server connecting because fingerprint
verification will fail.

Allow either operation to complete first, but wait until
ssl_process_open_fd() calls the ssl open callback before calling
read_packet().
2016-04-25 21:43:21 +01:00
Simon Arlott
53789fddda
sslproc: simplify ssl open callback
Don't use the librb callback type as we're always passing client_p.

Provide a return value so that the connect handler can exit_client()
and the accept handler can opt to use the default dead handler.
2016-04-25 21:12:44 +01:00