William Pitcock [Tue, 29 Nov 2011 22:10:21 +0000 (16:10 -0600)]
Add support for customizing the usable nick length.
This adds a new ISUPPORT token, NICKLEN_USABLE which is strictly an informative value.
NICKLEN is always the maximum runtime NICKLEN supported by the IRCd, as other servers may
have their own usable NICKLEN settings. As NICKLEN_USABLE is strictly informative, and
NICKLEN is always the maximum possible NICKLEN, any clients which depend on NICKLEN for
memory preallocation will be unaffected by runtime changes to NICKLEN_USABLE.
The default NICKLEN is 50; the default serverinfo::nicklen in the config file is set to
30, which is the NICKLEN presently used on StaticBox.
Stephen Bennett [Mon, 24 Oct 2011 18:59:31 +0000 (19:59 +0100)]
Don't treat +r specially when displaying supported channel modes.
This used to be only advertised if a service was linked, which made
sense in ratbox when +r was only settable if services were available.
Now, however, +r is always available and so should always be advertised.
Jilles Tjoelker [Mon, 3 Oct 2011 23:08:12 +0000 (01:08 +0200)]
Limit sent_parsed to the highest possible value in the current config.
After a configuration change (or deoper with no_oper_flood) sent_parsed
might be way higher than allow_read, so that the user would have to wait
a long time before the server responds. Avoid this.
Jilles Tjoelker [Mon, 3 Oct 2011 22:46:00 +0000 (00:46 +0200)]
Minor cleanup to command throttling code:
* Deduce allow_read from the client's state (IsFloodDone) rather than
storing it in LocalUser.
* Fix the documentation (in oper /info), however strange
client_flood_burst_rate and client_flood_burst_max may seem, that is
how they currently work.
Jilles Tjoelker [Tue, 30 Aug 2011 23:04:04 +0000 (01:04 +0200)]
Ensure all signals keep working after a SIGINT restart.
After setting up signal handlers, unmask the signals we care about
(installed handlers for).
When handling SIGINT, the kernel adds SIGHUP and SIGINT to the signal
mask (as requested in sigaction()); if execve() is called from the
signal handler, this change is persistent.
nenolod gave the thumbs-up to port ircd-seven banfowards to charybdis to spb
for a while, and people have asked about it. Might as well do it since it's a
slow weekend.
Note that as a side effect use_forward is removed from the config and
unconditionally enabled!
While what chanroles are trying to accomplish is a good idea, it is
apparently unclear this is the proper way to do it. Until we figure out
the exact way we wish to do this, it should be reverted for now.
As jilles pointed out, it is best that the chanserv access list always
remain synced with the grant list. Thus, the ability for clients to set
this is not a good idea unless services knows about the grant, but this
leads to all sorts of messy issues and likely isn't worth it.
William Pitcock [Wed, 6 Jul 2011 20:04:45 +0000 (15:04 -0500)]
chanroles: ENCAP GRANT should work under the assumption that we want to zero out
this makes setting new roles on a user much easier as we're just setting the roles they
should be having, instead of having to try to revoke roles we don't necessarily know
about.
The theory behind this is that services sends an ENCAP * GRANT #channel
UID :+flagspec message specifying the chanroles the user has. They are
mapped into flag bits and applied to the membership of the user. They
then are restricted or permitted to what they can do based on the
permissions mask regardless of rank.
For backwards compatibility, the default permission bit (without a GRANT
statement) allows a user to to anything an existing op can do ONLY if
they are an op.
Todo: make CHANROLE_STATUS work (the ability to apply +ov to people),
which is at the moment controlled by CHANROLE_MODE.
Jilles Tjoelker [Sat, 25 Jun 2011 13:56:22 +0000 (15:56 +0200)]
rsfnc/svslogin: Add server notices for kills.
When we broadcast a KILL message, this generates server notices on all
other servers (assuming the target user exists). Therefore, we should
also send a notice to our local opers.
Allow kick_on_split_riding to protect channels with mlocked keys.
Do kick_on_split_riding if services sends an SJOIN
with a lower TS and a different key. This relies on
services restoring TS (changets option in atheme) and
services not immediately parting after receiving the
KICK, which is the case in recent atheme.
For invite-only channels, still only do
kick_on_split_riding in netbursts. Services is
assumed to handle this itself (atheme does).
yy_oper->certfp was not copied into yy_tmpoper->certfp, thus the information was lost and certfp auth was never really working, since the string was always empty.
Overhaul extensions/m_mkpasswd. It now allows SHA256/SHA512 hashes. DES support is removed, as it is insecure and can be broken on my desktop in about 20 minutes.
Add SHA256/SHA512 support to crypt.c and fix up the MD5 component (it seemed to have been broken). In addition, unconditionally use the libratbox crypt.