Aaron Jones [Tue, 5 May 2015 17:25:42 +0000 (17:25 +0000)]
pbkdf2v2: Save CPU cycles in the verifying case
libathemecore has been verified to handle NULL return from crypt
providers correctly - so start returning NULL in pbkdf2v2 in the
case of trying to verify hashes that were not produced by itself
Janik Kleinhoff [Thu, 28 Mar 2019 03:39:35 +0000 (03:39 +0000)]
protocol/ircd-seven: Consider +O for is_ircop() check
This allows users with +O but not +o to use privileges gated behind the
needoper flag; additionally, privileges from the "ircop" operclass will
now apply to them.
Various other checks may consider them opered, but services by default
do not grant special access to IRC operators, so this shouldn't impact
much (if anything).
Janik Kleinhoff [Thu, 8 Feb 2018 14:01:08 +0000 (14:01 +0000)]
Update libmowgli-2 snapshot
We mostly need 12c57bf to keep things building on systems without SSLv3
support in OpenSSL. The other bug fixes are easily verified to not make
things any more broken than before.
Shockk [Mon, 9 Feb 2015 20:40:22 +0000 (20:40 +0000)]
scripting/perl: Forward compatibility for hooks
Currently the perl script to generate the hooks for the perl API must be
updated whenever a new hook is added, either to support the hook or to
explicitly unsupport it, as doing neither results in a compilation error
of the generated file perl_hooks.c.
This patch updates the script to prevent hooks from being added to the
hooks list if the argument type is unsupported and emits a warning if
the hook has not been explicitly marked as unsupported.
Joseph Price [Mon, 2 Nov 2015 09:55:11 +0000 (09:55 +0000)]
Remove leading spaces from example setpass command
Apparently some users have been pasting the entire line into their client and end up sending their intended new password to their current channel. Hopefully this change will help stop that.
Alter several modules to use `numsvcmembers` in `struct channel`, instead of inferring or guessing how many services users should be on the channel.
A number of bugs have been corrected, mostly caused by incorrect checking of emptying channels:
- chanserv/main: not kicking users who create channels that are MLOCK'd +i if a botserv bot is present
- groupserv/main/hooks: permission changes not taking effect immediately if a botserv bot is present
- chanserv/sync: rare crash caused by use-after-free when removing the last non-services user from a channel
Add a field to channel structure to track the number of internal clients in the channel. This will make it easier to determine if removing a user will cause the channel to become empty (since, in practice, services users will often part channels when the last normal user leaves)
Janik Kleinhoff [Sat, 31 Jan 2015 00:04:49 +0000 (00:04 +0000)]
helpserv/services: skip BotServ bots
Fixes atheme/atheme#445; botserv bots are useless clutter in a list
meant for users looking for help, and the instruction to use
/msg service help doesn't apply to them either.
Shockk [Sun, 18 Jan 2015 04:19:14 +0000 (04:19 +0000)]
protocol: Fail extban check if mask contains space
In certain circumstances, the mask string passed into is_extban can
contain space(s) and currently there is no validation in any protocol
module implementing extbans that the input mask indeed contains no
spaces. An example circumstance is ChanServ's BAN command. The following
command will cause ChanServ to set a ban on the first mask due to how
the MODE command works, but fail to add the ban to Atheme itself due to
the mask being the full rest of the string as opposed to just a single
word.
`/msg ChanServ BAN #channel $a:mask1 $a:mask2`
This patch adds a simple strchr check for the space character to each
extban check, fixing the issue outlined above.
Aaron Jones [Sat, 17 Jan 2015 16:04:14 +0000 (16:04 +0000)]
Implement better PBKDF2 hashing for passwords
This version embeds the PRF and iteration count into the crypt()-like
strings it generates, meaning that you can change these defaults in
the module at a later date without invalidating all of your current
hashes. You can also extend it with new PRFs for this reason.
The usage of sscanf(3) in this module is consistent with ISO C89 and
there is a comment in the source file reminding people not to change
the format strings carelessly.
Shockk [Fri, 16 Jan 2015 07:35:21 +0000 (07:35 +0000)]
groupserv: Fix inconsistencies in bold text usage
This patch fixes inconsistencies in the usage of bold text wrapping
around group names in user response messages, adding the appropriate
control codes to any GroupServ user response messages that are missing
them.
Shockk [Fri, 16 Jan 2015 06:53:58 +0000 (06:53 +0000)]
groupserv: Fix inconsistencies with FLAGS
At present, a GroupServ FLAGS command issued on an account with flags in
the group in question, without a change in flags, does not invoke
command_fail with the fault_nochange fault reason.
Additionally, if a FLAGS command is issued on an account that does not
exist in the group in question, ultimately without any flags being
applied, the account is still added to the group access list. If a FLAGS
command meeting these criteria is issued a second time on the same
account, the account is removed from the group access list as is
expected for an account no longer holding flags in the group.
This patch fixes both issues described above, the latter of which was
first addressed by @Renegade334 in #432.
Shockk [Wed, 14 Jan 2015 20:35:07 +0000 (20:35 +0000)]
groupserv: Fix incorrect behaviour for flags +*
In the GroupServ flags parser, asterisk is handled by setting the flags
to GA_ALL. This does not preserve flags that are not part of GA_ALL,
such as the founder flag. As a result, a sole founder of a group cannot
set flags +* on themselves.
This patch amends gs_flags_parser to preserve existing flags on +*
except for GA_BAN.
Shockk [Wed, 14 Jan 2015 18:04:26 +0000 (18:04 +0000)]
groupserv: Rewrite flags parser to use ga_flags
Currently the GroupServ flags parser is hardcoded for each flag. While this may
be faster than looping through ga_flags--debatable, as compilers can
probably optimize a loop over compile-time data--problems can arise from
adding a new GroupServ flag without also remembering to hardcode that
flag into the flags parser.
This patch replaces the hardcoded clauses in the flags parser switch
block with a loop across the elements of ga_flags to determine the
correct flag value for the specified flag character.
As users can now generate keys without an external tool, add a command
to dump its public key. (Also useful for verifying that keys generated
*with* external tools are supported – in particular, Crypt::PK::ECC
currently does not support named parameters.)
Janik Kleinhoff [Fri, 2 Jan 2015 14:24:01 +0000 (14:24 +0000)]
nickserv/set_accountname: disallow change if RESTRICTed
As with vHost changes, account name changes can be abused for ban
evasion on ircds with accountname-based bans (as well as making it
harder for channel operators to identify a trouble user), so allow
RESTRICT to disallow these.
Janik Kleinhoff [Thu, 25 Dec 2014 11:17:58 +0000 (11:17 +0000)]
nickserv/{enforce,ghost}: respect frozen accounts
This further avoids allowing access of frozen accounts, most critically
in the case of the NickServ REGAIN command which would otherwise allow
logging in to a frozen account.
Shockk [Mon, 22 Dec 2014 19:52:39 +0000 (19:52 +0000)]
Fix NickServ ACC command short descrption
All command short descriptions returned by `/msg NickServ HELP COMMANDS` end with a period except for the ACC command. This pull request simply fixes a grammatical inconsistency in the project.
projects / irc / freenode / atheme.git / log
