Aaron Jones [Sun, 11 Jul 2021 10:50:57 +0000 (10:50 +0000)]
ns_fregister, ns_forbid: do proper account name validity checks
The is_valid_nick() function will return false for all of the characters
that were being tested here, and there's no good reason to only test the
first character. Furthermore, we should be rejecting a lot more invalid
characters, such as period (.)
Aaron Jones [Wed, 10 Mar 2021 09:20:08 +0000 (09:20 +0000)]
Transition to independent build system and configure checks
Having to duplicate configure tests in all supported Atheme release and
development branches, to enable contrib modules to be built reliably on
all of our supported platforms, was quickly becoming untenable.
Move the checks to contrib's own configure script, which necessitates
importing some build system things from Atheme proper.
This will not be backported to Atheme 7.1 or earlier; those versions are
no longer supported. If this submodule is bumped in those branches, the
contrib modules will no longer build, and make will likely fail.
Aaron Jones [Tue, 9 Mar 2021 08:41:44 +0000 (08:41 +0000)]
ns_mxcheck & ns_mxcheck_async: fix usage of res_query(3)
Most platforms have these as enums, which are converted to int (for use
as arguments) by the compiler automatically. However, some platforms do
not have these as enums, and use macros to define their values instead.
The former platforms also have those macros to define them in terms of
the corresponding enum, so use the macros instead of the enums for
broader compatibility, defining them in terms of their enums when they
don't exist.
glibc2 and musl have enums and compatibility macros, uclibc and
uclibc-ng have enums only, and OpenBSD libc has macros only.
Aaron Jones [Sat, 7 Dec 2019 03:29:56 +0000 (03:29 +0000)]
dnsbl.c: fix loading on v7.3+
Due to atheme/atheme@ff79e69ba30f5790426b this module will no longer
work on Atheme version 7.3+. However, all is not lost, as this module
was ported to Atheme proper in that version anyway, where it does
continue to work. Load that module instead.
Aaron Jones [Sun, 10 Mar 2019 18:59:50 +0000 (18:59 +0000)]
Adapt for Atheme v7.3 codebase header file changes
The atheme.h in v7.3 includes all headers necessary, so we should only
include other Atheme headers if we are building for v7.2 or lower; not
only is including them pointless, but they no longer exist at the old
paths as of Atheme commit 81323dfcaa240ac5ca48
Aaron Jones [Sun, 29 Jul 2018 02:37:42 +0000 (02:37 +0000)]
os_akillnicklist.c: various improvements
- Declare and assign variables at the same time when possible
- Test whether a K-Line has already been sent before doing any lookups
- Don't continue to do more lookups if we already have a match
The `os_klinechan.c` module is quite handy to deal with bad users, but
it is a little specific in the way it works. It bans the full
user@host hostmask and does so for a single day. For prolonged
botnet attacks, this is not very practical.
This patch broadens the banned hostmask to cover *all* users on the
attacker's IP address, so that rotating the username is not sufficient
to bypass the ban. This means more possible collateral damage, but I
think it's a good tradeoff considering we use this module to deal with
botnet attacks, for which we ban whole networks anyways.
Also, the timeout was hardcoded to one day. That seems awfully short
when dealing with prolonged attacks. Instead of hardcoding another
value, let's reuse the value from `SET KLINETIME` so that opers can
actually customize that setting.
Aaron Jones [Sat, 30 Jun 2018 21:24:58 +0000 (21:24 +0000)]
sasl_blacklist.c: several small improvements
- This module only works with Atheme v7.3, so if building against
a lesser version, compile a stub module that complains about
this instead of creating a compilation failure
This would have bit us if we ever bumped modules/contrib/ to
HEAD in the Atheme release/7.2 branch
- Use libathemecore memory allocator for storing new config
entries with an intrusive node so that we don't have to check
if mowgli_node_add() fails (or segfault otherwise)
- Make private variables compilation-unit-static
- Put function names on their own line
- Sprinkle some const-correctness everywhere
- Perform a service_find("saslserv") only once, on startup, and
error out if it fails
- Depend on saslserv/main so that we are reloaded if it is
Otherwise, given the above, mod_deinit() would call
del_conf_item() on a stale pointer and probably segfault
- Collapse 2 almost identical functions for processing config
entries into 1 function
- Collapse multiple instances of clearing a mowgli_list_t into 1
function which does the same
- Indicate which configuration block the parameters are in when
reporting errors with the configuration file
- Avoid some potential NULL dereferences
- Conform to Atheme v7.3 coding style (line wrapping, etc)
Aaron Jones [Sat, 30 Jun 2018 17:59:31 +0000 (17:59 +0000)]
os_pingspam.c: a few fixups
- Remove unnecessary forward declarations
This requires moving some functions around
- Make private variables compilation-unit-static
- Use bool instead of int for a boolean variable
- Apply atheme/atheme@e1df27b9fbecc2267baa
- Mark unused variable in mod_deinit
Aaron Jones [Sat, 30 Jun 2018 16:28:52 +0000 (16:28 +0000)]
ircd_announceserv.c: a few fixups
- Remove unnecessary forward declarations
- Remove unnecessary return statement from end of function
- Make private variables compilation-unit-static
- Make a private function compilation-unit-static
- Apply atheme/atheme@e1df27b9fbecc2267baa
Aaron Jones [Sat, 30 Jun 2018 16:04:18 +0000 (16:04 +0000)]
backtrace.c: complete re-write
- Use sigaction() instead of signal() to establish signal handlers
This also gets us more information about what caused the signal
Portability signal(2)
The only portable use of signal() is to set a signal's disposition to
SIG_DFL or SIG_IGN. The semantics when using signal() to establish a
signal handler vary across systems (and POSIX.1 explicitly permits
this variation); *do not use it for this purpose*.
- Intercept SIGBUS, SIGFPE and SIGILL in addition to SIGSEGV
- Log to a dedicated file if possible to minimise the amount of additional
work we perform after receipt of a fatal abnormal signal; stderr otherwise
Note in particular we don't slog() because that may end up going down the
socket to the IRCd and we can't be sure that e.g. the fault wasn't in a
protocol module or something along those lines where attempting to do this
would result in a further fault
- Abort after logging the problem because continuing on is dangerous
- Try to enable coredumps on modinit if possible, and complain otherwise
When we abort at the end of the signal handler, a coredump may be generated
- Block all signals during execution of the signal handler
- Restore the previous signal dispositions on moddeinit
- Compile the module itself even if the platform does not support it
This will always result in a module with a MAPI header, which will just
complain on load that it is not usable if on the wrong platform
Aaron Jones [Fri, 2 Mar 2018 22:15:56 +0000 (22:15 +0000)]
Makefile: clean up
- Remove unnecessary VCS header detritus
- Indent LIBS assignment to line up with the others
- List source files explicitly
This prevents the modification of any one file from causing
make(1) to recompile all modules, and results in a deterministic
build order.
The downside is that if a new module is added, the Makefile will
have to be edited too; but this is no different to the Makefile
for any other module subdirectory in Atheme proper, and is hardly
a burden.