Janik Kleinhoff [Wed, 2 May 2018 19:20:25 +0000 (19:20 +0000)]
Add basic implementation of need_auth quarantine
This adds a new flag, need_auth, working similar to need_sasl; however,
instead of rejecting unauthenticated connections entirely, they are
allowed to connect but cannot meaningfully interact with users/channels
other than services or +T clients (see below) until they log in.
This is still a rough implementation that only touches core and a core
module. Specifically, unauthenticated users with need_auth cannot:
- join channels
- /knock channels
- be invited to channels
- message channels
- message users other than services
- receive messages from non-service users
Currently, no restrictions beyond these are applied. This might result
in odd behaviour if need_auth users log out while already joined to
channels. Ideally, services should disallow that.
Additionally, the need_sasl flag causes the above as well as its usual
effect. This will affect users attempting to log out after connecting.
Details on modes / numerics touched:
User mode +V is added (only settable on burst) to implement this.
This allows the need_auth status to be broadcast without requiring any
protocol adjustments, so e.g. services may make use of it.
Numeric 719 is added for being unable to send to +V users.
This appears to be unused so far, and is somewhat close to the +g
numerics which aren't a perfect fit but it could be worse.
(ERR_NOSUCHNICK with a custom message could be acceptable, but at least
irssi has custom handling for this, so users might not see the message.)
User mode +T is added to be able to talk to +V users normally.
This is intended for bots that automatically message users on
connection, and should usually be made an oper-only umode via
configuration.
Services (and server notices) do not require umode +T.
We've been using GitHub for a while. The fact that this was noticed only
now says a lot about how many people actually use the documentation
available in-tree.
Or maybe our in-tree documentation is just bad. Actually, that is
probably why people don't use it.
Commands such as "LIST channel" would formerly be interpreted
as an ELIST command without valid filters, i.e. the entire channel list
would be returned. This is usually not the desired behaviour.
Instead, return a start-of-list numeric, followed by a notice informing
the user their parameters were invalid and an end-of-list numeric.
This sort of mirrors the behaviour exhibited by an attempt to
/list #channel, where #channel does not exist.
Janik Kleinhoff [Sat, 2 Dec 2017 10:51:24 +0000 (10:51 +0000)]
Merge branch 'i-like-cheese'
i-like-cheese has seen production use, as has master. The two branches
have diverged a bit. Merge them while they can still be merged without
inducing major headaches.
(There are no conflicts, but some fixes were duplicated.)
David Precious [Sat, 11 Mar 2017 20:33:46 +0000 (20:33 +0000)]
Link to registration KB entry in 477/486 responses.
When telling the user they can't join a channel / message a user because
they're not identified to services, a link to explain more info seems helpful.
SASL: Disallow beginning : and space anywhere in AUTHENTICATE parameter
This is a FIX FOR A SECURITY VULNERABILITY. All Charybdis users must
apply this fix if you support SASL on your servers, or unload m_sasl.so
in the meantime.
Stephen Bennett [Sat, 12 Nov 2011 15:00:30 +0000 (15:00 +0000)]
Don't treat +r specially when displaying supported channel modes.
This used to be only advertised if a service was linked, which made
sense in ratbox when +r was only settable if services were available.
Now, however, +r is always available and so should always be advertised.
yy_oper->certfp was not copied into yy_tmpoper->certfp, thus the information was lost and certfp auth was never really working, since the string was always empty.
Overhaul extensions/m_mkpasswd. It now allows SHA256/SHA512 hashes. DES support is removed, as it is insecure and can be broken on my desktop in about 20 minutes.
Add SHA256/SHA512 support to crypt.c and fix up the MD5 component (it seemed to have been broken). In addition, unconditionally use the libratbox crypt.