]>
jfr.im git - solanum.git/log
William Pitcock [Sun, 1 May 2016 00:20:12 +0000 (19:20 -0500)]
Revert "authd: change to lists instead of dictionaries for various things"
This reverts commit
49fd293f200e3ecdd5665e62c6fdc18f33a9cdd1 .
Aaron Jones [Sat, 30 Apr 2016 21:45:16 +0000 (21:45 +0000)]
[openssl] Forward-port some more cleanups from fixes to 3.5
Simon Arlott [Sat, 30 Apr 2016 16:06:21 +0000 (17:06 +0100)]
authd: don't decrement refcount twice when accepting the client
Simon Arlott [Sat, 30 Apr 2016 12:18:48 +0000 (13:18 +0100)]
m_stats: don't try to access bl_stats if it doesn't exist
Simon Arlott [Sat, 30 Apr 2016 12:18:06 +0000 (13:18 +0100)]
authd_check: don't try to update bl_stats if it doesn't exist
This can happen if all the blacklists are removed and then authd
sends a blacklisted response for a client.
Simon Arlott [Sat, 30 Apr 2016 12:11:06 +0000 (13:11 +0100)]
authproc: don't try to delete bl_stats if it hasn't been created
Simon Arlott [Sat, 30 Apr 2016 10:15:03 +0000 (11:15 +0100)]
librb: shutdown() listening sockets pending close() so that listeners can be reopened reliably
Elizabeth Myers [Sat, 30 Apr 2016 06:58:42 +0000 (01:58 -0500)]
opm: use rb_dlinkDelete instead of rb_dlinkFindDelete.
Elizabeth Myers [Sat, 30 Apr 2016 06:56:06 +0000 (01:56 -0500)]
authd: change to lists instead of dictionaries for various things
Iteration is the primary thing done on these, so using a dictionary
doesn't help a lot. Furthermore (and most importantly), they are not
safe to delete from.
William Pitcock [Sat, 30 Apr 2016 06:18:42 +0000 (01:18 -0500)]
librb: rb_path_to_self(): use sysctl(2) interface on freebsd/dragonfly
Elizabeth Myers [Sat, 30 Apr 2016 06:11:08 +0000 (01:11 -0500)]
authproc: don't delete during iteration, this is not safe.
William Pitcock [Sat, 30 Apr 2016 05:58:39 +0000 (00:58 -0500)]
librb: linebuf: don't reinvent rb_dlinkAddTailAlloc().
Elizabeth Myers [Sat, 30 Apr 2016 05:46:18 +0000 (00:46 -0500)]
authd: don't try to do anything on exit, it's too precarious
William Pitcock [Sat, 30 Apr 2016 00:52:19 +0000 (19:52 -0500)]
tools: fix stub rb_strcasecmp() build
William Pitcock [Fri, 29 Apr 2016 23:59:32 +0000 (18:59 -0500)]
ircd: Channel.bants is not a serial but a timestamp.
Previously, the IRCd would increment bants instead of resyncing the timestamp, causing the potential of
false negatives from the bancache system.
Simon Arlott [Thu, 28 Apr 2016 21:00:54 +0000 (22:00 +0100)]
librb: close FDs when they're freed (outside of select handler)
Aaron Jones [Fri, 29 Apr 2016 16:28:18 +0000 (16:28 +0000)]
Mention another RFC with regard to deprecating plaintext
Aaron Jones [Fri, 29 Apr 2016 16:26:52 +0000 (16:26 +0000)]
[openssl] More improvements to the backend
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes #186)
* Don't try to set options / ciphers etc on a NULL CTX
* Clean up ifdef indentation
* Fix DH parameters memory leak
Simon Arlott [Fri, 29 Apr 2016 06:42:12 +0000 (07:42 +0100)]
openssl: set ciphers on client connections too
Simon Arlott [Fri, 29 Apr 2016 06:35:43 +0000 (07:35 +0100)]
sslproc: don't send updated config to dead/shutdown sslds
They might be running older versions of the SSL library that
doesn't support the key type or ciphers being configured.
Simon Arlott [Thu, 28 Apr 2016 21:22:37 +0000 (22:22 +0100)]
sslproc: reset ssld_wait/spin_count when explicitly requested to restart ssld
Aaron Jones [Wed, 27 Apr 2016 22:11:19 +0000 (22:11 +0000)]
[mbedtls] correct printf argument count
[ci skip]
Aaron Jones [Wed, 27 Apr 2016 21:49:55 +0000 (21:49 +0000)]
Partially revert previous commit
The OpenSSL backend is the only one that assigns a non-constant
value to the length variable. Use the correct type for its
pointer and cast instead.
[ci skip]
Aaron Jones [Wed, 27 Apr 2016 21:43:54 +0000 (21:43 +0000)]
[TLS backends] Miscellaneous fixes
* Certificate fingerprint length functions return an "int", so use an
int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
Simon Arlott [Wed, 27 Apr 2016 21:03:49 +0000 (22:03 +0100)]
openssl: don't allow certificates outside the validity period
Simon Arlott [Wed, 27 Apr 2016 20:16:29 +0000 (21:16 +0100)]
epoll: don't try to read from closed FDs
Aaron Jones [Wed, 27 Apr 2016 16:17:33 +0000 (16:17 +0000)]
[openssl] support ECDHE on more than one curve when possible
Simon Arlott [Tue, 26 Apr 2016 19:58:16 +0000 (20:58 +0100)]
mkfingerprint: use certfp method names from certfp.h
Simon Arlott [Tue, 26 Apr 2016 19:21:23 +0000 (20:21 +0100)]
add mkfingerprint program
Simon Arlott [Tue, 26 Apr 2016 19:19:59 +0000 (20:19 +0100)]
certfp: Move method name/prefix strings to a separate header file
Simon Arlott [Tue, 26 Apr 2016 19:28:12 +0000 (20:28 +0100)]
librb: gnutls: check return value of fread()
Simon Arlott [Mon, 25 Apr 2016 22:52:18 +0000 (23:52 +0100)]
ircd.conf.example: use certfp_method = spki_sha256
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate
are really impractical and people need to stop using them.
Simon Arlott [Mon, 25 Apr 2016 22:21:38 +0000 (23:21 +0100)]
getopt: don't modify argv as it breaks restart()
Simon Arlott [Mon, 25 Apr 2016 21:27:57 +0000 (22:27 +0100)]
modules: use exit(EXIT_FAILURE) on failure
This will allow service process monitoring to recognise the difference
between a shutdown and an error of a -foreground ircd, because only
/DIE (or SIGINT) will exit with return code 0.
Simon Arlott [Mon, 25 Apr 2016 20:35:58 +0000 (21:35 +0100)]
authd: wait until the ssl connection is "open" before reading
It's useful to allow authd to run in parallel with ssl negotiation,
but if the ssld connection has plaintext data ready for reading
there's a race condition between authd calling read_packet() and
ssl_process_certfp() storing the certificate fingerprint. This
scenario would be bad for a server connecting because fingerprint
verification will fail.
Allow either operation to complete first, but wait until
ssl_process_open_fd() calls the ssl open callback before calling
read_packet().
Simon Arlott [Mon, 25 Apr 2016 20:12:44 +0000 (21:12 +0100)]
sslproc: simplify ssl open callback
Don't use the librb callback type as we're always passing client_p.
Provide a return value so that the connect handler can exit_client()
and the accept handler can opt to use the default dead handler.
Simon Arlott [Mon, 25 Apr 2016 19:38:33 +0000 (20:38 +0100)]
openssl: accept more certificate verify errors as valid
Simon Arlott [Mon, 25 Apr 2016 19:19:48 +0000 (20:19 +0100)]
conf: require certificate fingerprint for SSL connections
Simon Arlott [Mon, 25 Apr 2016 19:12:27 +0000 (20:12 +0100)]
sslproc: prefix SPKI certfp types to distinguish them from CERT
Simon Arlott [Mon, 25 Apr 2016 18:22:10 +0000 (19:22 +0100)]
sslproc: send the certftp method on rehash
Simon Arlott [Mon, 25 Apr 2016 18:20:45 +0000 (19:20 +0100)]
sslproc: use global ServerInfo configuration
There's no need to pass information around that sslproc already has access
to, so use ServerInfo directly. Remove the extra NULL checks as these are
already performed before setting ircd_ssl_ok = true.
Simon Arlott [Mon, 25 Apr 2016 18:12:47 +0000 (19:12 +0100)]
sslproc: include ssl_cipher_list in length check before sending configuration to ssld
Simon Arlott [Mon, 25 Apr 2016 18:02:03 +0000 (19:02 +0100)]
ssld: remove init_prng command
This is no longer configurable so it's redundant.
Simon Arlott [Sun, 24 Apr 2016 16:41:44 +0000 (17:41 +0100)]
ircd: don't send ERR_NOTREGISTERED to servers
Sending messages after SERVER but before zlib is established breaks
outgoing connections. If the other server is misbehaving then ignore
its messages.
Simon Arlott [Sun, 24 Apr 2016 16:11:20 +0000 (17:11 +0100)]
librb: remove socklen parameter from rb_connect_tcp
Simon Arlott [Sun, 24 Apr 2016 16:05:05 +0000 (17:05 +0100)]
ircd: server connection configuration
Fix the server connection configuration so that it can simultaneously
handle a hostname/IPv4/IPv6 for connecting and a hostname/IPv4/IPv6
for binding. Maintains backwards compatibility for matching a hostname
with a mask.
Multiple host/vhost entries can be specified and the last value for
each address family is stored. Hostnames that resolve automatically
overwrite the IP address.
Server connections can now be made to either IPv4 or IPv6 at random
as well as preferring a specific address family.
Simon Arlott [Sun, 24 Apr 2016 10:49:21 +0000 (11:49 +0100)]
ircd: Don't try to connect to servers that we know have an invalid fingerprint
This just causes an unnecessary link/squit on the other server.
Simon Arlott [Sun, 24 Apr 2016 10:48:35 +0000 (11:48 +0100)]
ssld: add a callback when the connection is opened
This allows us to wait until we have the fingerprint information before
continuing with a server connect process.
Simon Arlott [Sun, 24 Apr 2016 09:39:16 +0000 (10:39 +0100)]
ssld: send cipher/certfp before proxying any plaintext traffic
Simon Arlott [Sat, 23 Apr 2016 23:29:11 +0000 (00:29 +0100)]
m_stats: display certificate fingerprint in STATS C
Simon Arlott [Sat, 23 Apr 2016 23:09:12 +0000 (00:09 +0100)]
m_alias: store a copy of alias->name as it will be freed on a rehash
Simon Arlott [Sat, 23 Apr 2016 22:56:41 +0000 (23:56 +0100)]
ircd: parse: add asserts for improper use of mod_add_cmd/mod_del_cmd
Simon Arlott [Sat, 23 Apr 2016 22:35:27 +0000 (23:35 +0100)]
modules: add missing break
Simon Arlott [Sat, 23 Apr 2016 22:25:25 +0000 (23:25 +0100)]
ircd: do nothing in client_release_connids if !MyConnect
Simon Arlott [Sat, 23 Apr 2016 22:21:47 +0000 (23:21 +0100)]
ircd: fix assert in client_release_connids
The connection may have already been closed and MyConnect cleared.
It's only a bug if the connection somehow has connids but is not
our connection.
Simon Arlott [Sat, 23 Apr 2016 21:51:05 +0000 (22:51 +0100)]
ssld: Add new certfp_methods spki_sha256 and spki_sha512
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.
(The same fingerprint is also used by DANE)
Simon Arlott [Sat, 23 Apr 2016 21:46:25 +0000 (22:46 +0100)]
ssld: cipher commands don't have any fds
Simon Arlott [Sat, 23 Apr 2016 21:45:13 +0000 (22:45 +0100)]
librb: mbedtls: fix rb_get_ssl_certfp()
Add missing break statements.
Return the hash length on success.
Simon Arlott [Sat, 23 Apr 2016 21:13:03 +0000 (22:13 +0100)]
librb: fix mbedtls library order
libmbedtls depends on libmbedx509 and libmbedcrypto
libmbedx509 depends on libmbedcrypto
They have to be specified in the correct order for the GNU linker to work.
Simon Arlott [Sat, 23 Apr 2016 19:52:20 +0000 (20:52 +0100)]
ircd: sslproc: certfp commands have a 9 byte header, not 5 bytes
SHA512 hashes were being ignored because the message was too large
Simon Arlott [Sat, 23 Apr 2016 19:46:26 +0000 (20:46 +0100)]
ssld: certfp change commands don't have any fds
William Pitcock [Sat, 23 Apr 2016 19:26:01 +0000 (14:26 -0500)]
client: fix up client_release_connids() too, pointed out by lp0
William Pitcock [Sat, 23 Apr 2016 19:17:09 +0000 (14:17 -0500)]
client: connid_get() should check MyConnect(), not MyClient().
Simon Arlott [Sat, 23 Apr 2016 16:32:24 +0000 (17:32 +0100)]
mr_server: Report certificate fingerprint mismatches
Log the received certificate fingerprint when it causes a server to be
rejected.
Simon Arlott [Sat, 23 Apr 2016 16:30:59 +0000 (17:30 +0100)]
mr_server: Handle unknown error codes
As mr_server is a module, it could potentially receive an unknown
error code from check_server().
Mantas Mikulėnas [Sat, 23 Apr 2016 14:57:07 +0000 (17:57 +0300)]
doc: fix whitespace in example configs [ci skip]
Simon Arlott [Sat, 23 Apr 2016 14:41:27 +0000 (15:41 +0100)]
authproc: set GOT_ID flag when an ident response is received
staticfox [Sat, 23 Apr 2016 03:06:42 +0000 (23:06 -0400)]
authd: Avoid negative array indices
Elizabeth Myers [Sat, 16 Apr 2016 16:05:00 +0000 (11:05 -0500)]
Revert "Implement the netsplit batch type."
This needs more work, see
https://github.com/ircv3/ircv3-specifications/issues/253
This reverts commit
23738912993a8debf007542c51aeff79588e35ca .
Elizabeth Myers [Fri, 15 Apr 2016 21:50:43 +0000 (16:50 -0500)]
Implement the netsplit batch type.
This also lays the groundwork for the netjoin batch type, but that isn't
implemented yet. I don't like how some of this is implemented but it'll
have to do for now...
Compile tested, needs more testing.
Elizabeth Myers [Tue, 12 Apr 2016 14:43:50 +0000 (09:43 -0500)]
Don't use key member of dictionary iter objects after deletion
Elizabeth Myers [Tue, 12 Apr 2016 14:37:56 +0000 (09:37 -0500)]
authproc: fix a typo
Elizabeth Myers [Tue, 12 Apr 2016 14:33:51 +0000 (09:33 -0500)]
Change the way authd configures opm
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
Mantas Mikulėnas [Mon, 11 Apr 2016 19:28:33 +0000 (22:28 +0300)]
Merge pull request #183 from grawity/sasl-fail-throttle-v3
limit failed SASL authentication attempts
Mantas Mikulėnas [Mon, 11 Apr 2016 18:38:43 +0000 (21:38 +0300)]
m_sasl: rate-limit SASL REAUTH usage
Mantas Mikulėnas [Mon, 11 Apr 2016 17:12:31 +0000 (20:12 +0300)]
m_sasl: fix coding style
Mantas Mikulėnas [Fri, 13 Feb 2015 18:13:06 +0000 (20:13 +0200)]
m_sasl: temporarily reject clients after many failed attempts
Elizabeth Myers [Mon, 11 Apr 2016 16:51:51 +0000 (11:51 -0500)]
send: trim a blank line [ci skip]
Elizabeth Myers [Mon, 11 Apr 2016 16:26:15 +0000 (11:26 -0500)]
Make directions more clear for disabling OPM
Elizabeth Myers [Sun, 10 Apr 2016 22:28:20 +0000 (17:28 -0500)]
Name the fallback strncasecmp properly [ci skip]
Elizabeth Myers [Sun, 10 Apr 2016 22:26:09 +0000 (17:26 -0500)]
whoops, fix a typo
Elizabeth Myers [Sun, 10 Apr 2016 22:25:32 +0000 (17:25 -0500)]
Replace my shitty fallbacks with those from FreeBSD
Elizabeth Myers [Sun, 10 Apr 2016 22:15:46 +0000 (17:15 -0500)]
README: put git command in backticks [ci skip]
Elizabeth Myers [Sun, 10 Apr 2016 22:11:57 +0000 (17:11 -0500)]
*sigh* comment these out until travis is fixed.
Elizabeth Myers [Sun, 10 Apr 2016 22:07:33 +0000 (17:07 -0500)]
Add these for now until travis actually gets their shit together.
Elizabeth Myers [Sun, 10 Apr 2016 21:53:40 +0000 (16:53 -0500)]
travis: install shtool.
Elizabeth Myers [Sun, 10 Apr 2016 21:49:42 +0000 (16:49 -0500)]
Get rid of install-sh and use shtoolize to create them.
Contributed by jackal^
Elizabeth Myers [Sun, 10 Apr 2016 15:11:03 +0000 (10:11 -0500)]
modules/m_set: booleanify.
Elizabeth Myers [Sun, 10 Apr 2016 15:10:46 +0000 (10:10 -0500)]
librb: minor adjustments to rb_strcasestr fallback to avoid warnings.
Elizabeth Myers [Sun, 10 Apr 2016 15:02:33 +0000 (10:02 -0500)]
s_user: clean up authd checks
Elizabeth Myers [Sun, 10 Apr 2016 14:35:02 +0000 (09:35 -0500)]
s_user: enhancements to proxy reporting messages
Elizabeth Myers [Sun, 10 Apr 2016 14:23:14 +0000 (09:23 -0500)]
Remove extraneous whitespace [ci skip]
Elizabeth Myers [Sun, 10 Apr 2016 14:22:34 +0000 (09:22 -0500)]
Fix stupid linux warning
Elizabeth Myers [Sun, 10 Apr 2016 14:20:51 +0000 (09:20 -0500)]
Wrap up authd preclient stuff in its own struct
staticfox [Sat, 9 Apr 2016 10:05:08 +0000 (06:05 -0400)]
version.c.SH: Fix build
We need stddef.h mainly for NULL
Elizabeth Myers [Sat, 9 Apr 2016 09:54:56 +0000 (04:54 -0500)]
Formatting fixes for credits
Contributed from jackal^, but fixed up a bit.
Elizabeth Myers [Fri, 8 Apr 2016 15:33:36 +0000 (10:33 -0500)]
Properly clean up build artifacts.
Author: jackal^ from freenode
Elizabeth Myers [Fri, 8 Apr 2016 08:49:23 +0000 (03:49 -0500)]
ipv4_from_ipv6: move to librb
Elizabeth Myers [Thu, 7 Apr 2016 14:45:12 +0000 (09:45 -0500)]
elide messages about not checking blacklists or scanning for proxies
Elizabeth Myers [Thu, 7 Apr 2016 12:48:50 +0000 (07:48 -0500)]
Fix overzealotry in flags fixing.
These flags are for oper confs, not for client flags.