Commit graph

855 commits

Author SHA1 Message Date
Keith Buck
df0c70dd1f mr_server: Handle certificate validation errors.
When certificate validation fails, the certificate fingerprint won't be
calculated, resulting in an attempt to format NULL into a log line
showing the fingerprint. Instead, add a different error message for
missing fingerprint (i.e. validation failed).
2016-12-09 10:08:47 +00:00
Keith Buck
fbd3e77eac m_rehash: Require admin privileges for REHASH SSLD.
This change enforces admin privileges for the REHASH SSLD command, as
originally intended.
2016-12-04 22:15:29 +00:00
Simon Arlott
ab6a27d184
Fix cross compile for Windows 2016-12-04 20:21:07 +00:00
Simon Arlott
e2d5ffd5dd
echo-message should work for privmsg/notice to another user
Build the same message but send it to the local client first,
so that the echo-message capability works. But don't do it when
sending a message to yourself.
2016-11-23 21:59:43 +00:00
Simon Arlott
5bc95eaf4a
Use const hook data where possible
core/m_nick.c: In function `change_remote_nick':
core/m_nick.c:745: warning: assignment discards qualifiers from pointer target type
2016-10-30 12:36:50 +00:00
Simon Arlott
d8f0b5d763
cppcheck: fix various warnings/errors
[ircd/match.c:316]: (error) Shifting a negative value is undefined behaviour
[librb/src/patricia.c:55]: (error) Shifting a negative value is undefined behaviour
[modules/m_alias.c:64]: (portability) '(void*)message' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[modules/m_time.c:111]: (warning) %u in format string (no. 9) requires 'unsigned int' but the argument type is 'signed int'.
[modules/m_time.c:111]: (warning) %u in format string (no. 10) requires 'unsigned int' but the argument type is 'signed int'.
[librb/src/dictionary.c:819]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[librb/src/radixtree.c:1080]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[ircd/s_user.c:351] -> [ircd/s_user.c:357]: (warning) Either the condition '0!=source_p' is redundant or there is possible null pointer dereference: source_p.
[extensions/ip_cloaking_3.0.c:109]: (warning, inconclusive) The buffer 'buf' may not be null-terminated after the call to strncpy().
[ircd/chmode.c:256]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_help.c:100]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_knock.c:169]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:628]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:727]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:601]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:704]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:739]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:763]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:768]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:774]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:781]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:786]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:791]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:804]: (style) Clarify calculation precedence for '&' and '?'.
[ircd/wsproc.c:372]: (style) Unused variable: len
[modules/core/m_modules.c:382]: (style) Unused variable: i
[modules/m_stats.c:741]: (style) Unused variable: amsg
[ircd/authproc.c:390]: (style) Unused variable: iter
[ircd/authproc.c:391]: (style) Unused variable: client_p
2016-10-28 20:13:36 +01:00
Aaron Jones
23f5c31719
SASL: Relax rate limiting for failures a little
Begin at 8 seconds after 2 failures and up to ~4 minutes
2016-10-02 14:13:02 +00:00
Xenthys
46ef49c390
SASL: rate-limit after the 2nd failed attempt (m_sasl.c) 2016-10-02 03:57:11 +02:00
Aaron Jones
c6d884e877
whois: check target is an oper before assuming they have a privset
The CHALLENGE functionality will set opername but not privset --
if an oper performs a WHOIS on someone currently half-way through
a challenge we will perform a NULL dereference.

Related to ircd-seven commit d7b05f7583babf6
2016-09-20 13:47:55 +00:00
William Pitcock
01978a2c8c supported: add chantypes_update() 2016-09-16 13:49:02 -05:00
William Pitcock
a4840ff1d8 Merge pull request #217 from Xenthys/release/4
m_grant.c - fixed remote grant support
2016-09-15 22:06:40 -07:00
Stephen Bennett
f32b9ebd63 Add hooks for local and remote nick changes 2016-09-16 00:04:16 -05:00
Xenthys
89aef424e9 m_grant.c - fixed remote grant support 2016-09-10 17:54:13 +02:00
Aaron Jones
ac88154f94
SASL: Disallow beginning : and space anywhere in AUTHENTICATE parameter
This is a FIX FOR A SECURITY VULNERABILITY. All Charybdis users must
apply this fix if you support SASL on your servers, or unload m_sasl.so
in the meantime.
2016-09-03 17:29:53 +00:00
William Pitcock
f8f5ff705a m_grant: convert jevolk's rewritten version to AV2 2016-08-05 23:37:05 -05:00
Jason Volk
17f925817e m_grant: rewrite. 2016-07-26 22:40:26 -07:00
Jason Volk
b5cfad0319 Core modules cannot be unloaded, otherwise bad things happen.
Additionally some information is logged and passed to the operator
conducting a MODRESTART.
2016-06-21 17:42:36 -07:00
William Pitcock
2185c50aad m_modules: use new module api 2016-06-18 00:59:15 -05:00
William Pitcock
397ec4d171 invite: do not send duplicate invite messages (closes #194) 2016-06-16 20:21:18 -05:00
Aaron Jones
0982871a99
strcpy: mass-migrate to strlcpy where appropriate 2016-05-15 03:58:44 +00:00
Aaron Jones
7de13f7e5e
starttls: Allow command usage with backends other than OpenSSL 2016-05-14 00:26:03 +00:00
Simon Arlott
4ad9738d7a
m_alias: correctly construct string to be sent 2016-05-12 19:45:27 +01:00
Simon Arlott
da20854e83
random_ping: stop producing negative values that become 16 chars 2016-05-02 21:14:16 +01:00
Elizabeth Myers
f4d828ef96 m_alias: restore old behaviour of joining all parameters.
There are two important caveats here, however:

1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.
2016-05-01 03:48:00 -05:00
Simon Arlott
896370cc3e
m_stats: don't try to access bl_stats if it doesn't exist 2016-04-30 13:18:48 +01:00
Simon Arlott
4fbb736202
ssld: add a callback when the connection is opened
This allows us to wait until we have the fingerprint information before
continuing with a server connect process.
2016-04-24 11:48:35 +01:00
Simon Arlott
3085734104
m_stats: display certificate fingerprint in STATS C 2016-04-24 01:06:51 +01:00
Simon Arlott
00039dcddd
m_alias: store a copy of alias->name as it will be freed on a rehash 2016-04-24 00:09:12 +01:00
Simon Arlott
84e3e445aa
mr_server: Report certificate fingerprint mismatches
Log the received certificate fingerprint when it causes a server to be
rejected.
2016-04-23 17:37:05 +01:00
Simon Arlott
b49efe577c
mr_server: Handle unknown error codes
As mr_server is a module, it could potentially receive an unknown
error code from check_server().
2016-04-23 17:37:04 +01:00
Elizabeth Myers
7445ece1d1
Revert "Implement the netsplit batch type."
This needs more work, see
https://github.com/ircv3/ircv3-specifications/issues/253

This reverts commit 2373891299.
2016-04-16 11:05:00 -05:00
Elizabeth Myers
2373891299
Implement the netsplit batch type.
This also lays the groundwork for the netjoin batch type, but that isn't
implemented yet. I don't like how some of this is implemented but it'll
have to do for now...

Compile tested, needs more testing.
2016-04-15 16:50:43 -05:00
Elizabeth Myers
5e9a3f8674
Change the way authd configures opm
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
2016-04-12 09:36:09 -05:00
Mantas Mikulėnas
9d07a42d7a
m_sasl: rate-limit SASL REAUTH usage 2016-04-11 21:45:10 +03:00
Mantas Mikulėnas
834579cecd
m_sasl: fix coding style 2016-04-11 20:12:31 +03:00
Mantas Mikulėnas
37289346cd
m_sasl: temporarily reject clients after many failed attempts 2016-04-11 20:02:09 +03:00
Elizabeth Myers
e34368b1bc modules/m_set: booleanify. 2016-04-10 10:11:03 -05:00
Elizabeth Myers
4eafa9e62f ipv4_from_ipv6: move to librb 2016-04-08 03:49:23 -05:00
Elizabeth Myers
66f7fe673b Get rid of flags2.
It seems to come from an era where long long didn't exist and 64-bit
machines weren't common. 32-bit machines are still common but I can't
imagine this will have much performance impact there.

This "fixes" #179 in title only, but see comments within.
2016-04-07 07:40:55 -05:00
Elizabeth Myers
78946542bb modules: move module loading/unloading commands to dedicated module.
There's no reason to really have these in the main ircd anymore, static
modules are dead and aren't coming back.

To ensure people don't do something hopelessly retarded, this is a core
module.
2016-04-07 04:00:25 -05:00
Elizabeth Myers
95b0324658 m_stats: use macros to clean up generating the stats table 2016-04-07 03:27:50 -05:00
Elizabeth Myers
999c42bad8 Remove useless alias_entry hits member 2016-04-06 11:47:13 -05:00
Elizabeth Myers
0d7e4d311a m_stats: don't list alias entries twice. 2016-04-06 11:45:55 -05:00
Elizabeth Myers
9620c6d61c m_alias: fix an assert 2016-04-06 11:43:19 -05:00
Elizabeth Myers
cef7dfc56c m_alias: fix build with --enable-assert 2016-04-06 07:57:20 -05:00
Elizabeth Myers
dd598516c8 m_alias: minor cleanup 2016-04-06 07:33:36 -05:00
Elizabeth Myers
b663a8070f Move alias handling into a dedicated module.
Not yet tested, caveat emptor!

Closes #166
2016-04-06 07:27:50 -05:00
Elizabeth Myers
900683650a Static modules are dead, remove this. 2016-04-06 06:30:58 -05:00
Elizabeth Myers
f956cb0f1f Use rb_* versions of nonportable string functions 2016-04-05 05:39:59 -05:00
Elizabeth Myers
fc9013d6b0 Don't send original error message if we're already on the channel we're forwarding to
Closes #55
2016-04-04 03:08:52 -05:00
Elizabeth Myers
c0483ac17b boolify calls to rehash 2016-04-03 01:53:34 -05:00
Elizabeth Myers
0ed0a9fe0a Move m_locops module to extensions.
Many networks do not use local ops and therefore should not be required
to have this around all the time.
2016-04-02 05:20:30 -05:00
Elizabeth Myers
7b4d1de38d Merge branch 'master' into authd-framework 2016-03-28 14:44:47 -05:00
Elizabeth Myers
d3f6b80867 Replace s_auth/blacklist stuff with authd calls
This also does a lot of surgery on the conf system to reconfigure authd.

/!\ WARNING! ACHTUNG! ADVERTENCIA! ATTENTION! AVVERTIMENTO! /!\
This code has not been run-time tested yet (though it compiles)!
2016-03-28 02:11:16 -05:00
Matt Ullman
aa7eff28f2 hash.c: Save some more bytes 2016-03-27 06:29:10 -04:00
William Pitcock
de7cf7e009 ircd: client: substantially rework the connid registry system
now connid's are allocated on demand and clients may have as many connid's as necessary.
this allows us to build chains of helpers while ensuring the ircd properly tracks and GCs the resources.
2016-03-25 19:50:29 -05:00
William Pitcock
704279e429 starttls: use the client connid instead of the FD for opening the channel with ssld 2016-03-24 20:33:54 -05:00
William Pitcock
4d8cfacd95 ircd: start staging for relocatable paths 2016-03-24 18:45:28 -05:00
Elizabeth Myers
fea4e2d2a8 modules: libircd depends on librb, so no need to include it.
This triggers multiple inclusion warnings on Solaris also.
2016-03-23 13:59:45 -05:00
Elizabeth Myers
79435744c7 common.h: raison d'être is gone, so out it goes.
Fold whatever was left into ircd_defs.h
2016-03-23 09:33:56 -05:00
Elizabeth Myers
82236a2a65 IRCD_BUFSIZE is redundant with BUFSIZE, so kill it. 2016-03-23 09:22:55 -05:00
Elizabeth Myers
ab31d2b07e Send YES/NO to Davy Jones's Locker. 2016-03-23 08:52:32 -05:00
Elizabeth Myers
2fc6772ee1 typedef-ify rb_radixtree for consistency. 2016-03-23 08:32:22 -05:00
Elizabeth Myers
4177311e6e Change struct Dictionary(*) to rb_dictionary(_\1).
This cleans things up a slightly and puts the dictionary stuff in its
own namespace.
2016-03-23 08:09:58 -05:00
Elizabeth Myers
56f84dedf7 DICTIONARY_FOREACH → RB_DICTIONARY_FOREACH
This is in librb and therefore should be prefixed.
2016-03-23 07:45:44 -05:00
Matt Ullman
66769bc1f8 More cleanup 2016-03-23 00:11:26 -04:00
Matt Ullman
e23126c83b Cleanup warnings 2016-03-21 22:28:41 -04:00
Matt Ullman
ceabbbbf3c m_cap: Remove CLEAR subcommand as per v3 specs 2016-03-21 00:29:07 -04:00
William Pitcock
032ef5ef9e modules: more GET_SS_FAMILY() checking 2016-03-20 04:46:50 -05:00
William Pitcock
2d77d121a3 m_stats: win32 fixes 2016-03-20 02:19:36 -05:00
William Pitcock
1859e9d7d7 ircd: remove basically entirely pointless ServerInfo.hub (closes #167) 2016-03-19 23:05:07 -05:00
Elizabeth Myers
9b8e9eb321 config.h delenda est 2016-03-19 19:14:26 -05:00
Elizabeth Myers
fe4224394e Can IGNORE_BOGUS_TS at the behest of @kaniini and @jilest 2016-03-19 18:55:13 -05:00
William Pitcock
bfc44622c8 ircd: do not shadow internal openssl symbol "ssl_ok" (yeah, i know) 2016-03-19 00:57:32 -05:00
William Pitcock
f2d5cea00a modules: remove explicit CPRIVMSG/CNOTICE, this has been obsolete for a long time 2016-03-10 02:13:43 -06:00
Elizabeth Myers
3ec1db3785 m_error: use strncasecmp, not strcmp 2016-03-09 18:53:08 -06:00
Elizabeth Myers
788e2d592c m_stats: eliminate special casing of calling the stats L handler. 2016-03-09 17:19:16 -06:00
Mantas Mikulėnas
6f39a80ec6 authd, m_stats: fix command table sizes
There are 256 possible byte values.
2016-03-09 18:15:42 +02:00
Elizabeth Myers
6445c1cf0b rehash: don't restart authd for DNS reloads
This could lead to pretty nasty things, like losing DNS (and in the
future, ident) queries. That's a Bad Thing™.
2016-03-09 03:46:04 -06:00
Elizabeth Myers
5c1dbc3cc3 Fix m_xline [ci skip] 2016-03-09 02:10:23 -06:00
Elizabeth Myers
f66f0baa67 More bool conversions 2016-03-09 02:00:40 -06:00
Elizabeth Myers
05b77c613f m_close: remove dangling return [ci skip] 2016-03-09 01:45:01 -06:00
Elizabeth Myers
b8b72cbdf1 m_chghost: convert more stuff to bool [ci skip] 2016-03-09 01:44:20 -06:00
Elizabeth Myers
550e851c5e Merge branch 'master' of github.com:charybdis-ircd/charybdis into elizafox-cleanups 2016-03-09 01:41:10 -06:00
Elizabeth Myers
3c7d6fcce7 Message handlers should return void.
Also fix up some return values and stuff to use bool (or void if
nothing). I just did it whilst I was here.

According to jilles, the return value used to signify whether or not the
client had exited. This was error-prone and was fixed a long, long time
ago, but the return value was left int for historical reasons.

Since the return type is not used (and has no clear use case anyway),
it's safe to just get rid of it.
2016-03-09 01:37:03 -06:00
Elizabeth Myers
eeabf33a7c Move module description headers to the top
This is cleaner.

Note this was broken out of a much larger piece of work I did, so if
there's any problems, I apologise!
2016-03-09 01:29:41 -06:00
Andrew Wilcox
959f5f368b core/m_error: Be consistent in strncmp usage 2016-03-09 01:08:23 -06:00
Elizabeth Myers
6287d57fa9 s_user: clean up return types and can YES/NO. 2016-03-08 05:06:29 -06:00
Elizabeth Myers
07554369bd Detect stdbool.h and add conformant shims if it isn't available
Charybdis requires C99 already, so it's high time we start using
stdbool. I've converted a few pieces of code already.

A lot of the old code that uses YES/NO should probably be updated too
because that's fucking hideous.
2016-03-08 04:54:04 -06:00
Elizabeth Myers
b3b7401f13 Remove another silly outdated comment [ci skip] 2016-03-08 04:40:46 -06:00
Elizabeth Myers
1235d6848f m_svinfo: remove outdated comment 2016-03-08 04:40:19 -06:00
Elizabeth Myers
963c3faa43 m_stats: kill O(n) lookup on stats. 2016-03-08 04:38:42 -06:00
Elizabeth Myers
55799c6b4d dns: prune worthless function. 2016-03-08 03:25:21 -06:00
Elizabeth Myers
8a26cd1973 dns: clean up awful hacks.
We now have a resolver cache which we init on startup.
2016-03-08 03:22:25 -06:00
Elizabeth Myers
394b8dde17 authd: allow querying the list of DNS servers.
This was an asston of pain, and it still feels "dirty" as it introduces
an async call where there normally wouldn't be one. Better
implementation more than welcome.
2016-03-08 02:53:25 -06:00
Elizabeth Myers
b8e9ac5f5f AV2 description: forgot this one too 2016-03-07 04:13:01 -06:00
Elizabeth Myers
f45f4143f6 m_starttls: fix fucked-up merge 2016-03-07 03:15:50 -06:00
Elizabeth Myers
684725edf5 m_starttls: port to AV2 caps stuff 2016-03-07 03:15:00 -06:00
Elizabeth Myers
fc939ca58f Merge pull request #161 from awilfox/av2desc
Add AV2 descriptions to all modules P-X
2016-03-07 03:10:51 -06:00
Andrew Wilcox
893806a6ea modules: Add AV2 description to m_xline 2016-03-07 02:54:54 -06:00