Stephen Bennett [Wed, 13 Jan 2010 23:54:49 +0000 (23:54 +0000)]
Rename connect_delay to post_registration_delay. This matches the ircd-ratbox feature, and better describes what it actually is. Also make sure to set localClient->firsttime on registration, so that the delay counts from the right time.
Malcolm Scott [Sun, 10 May 2020 20:00:43 +0000 (21:00 +0100)]
Skip any unhandled DNS record type
Currently the DNS resolver handles CNAME by skipping that record in the answer and looking for the subsequent A/AAAA/PTR record. There are other record types which could be handled in the same way, e.g. DNAME, but their presence currently causes the answer parsing to be abandoned. A better approach would be to skip *any* other record and just use the first A, AAAA or PTR in the answer, regardless of what comes before it.
Ed Kellett [Sat, 1 Feb 2020 02:10:33 +0000 (02:10 +0000)]
Fix invite-notify and move it to an extension
The existing approach to invite-notify is deeply flawed--it currently
notifies only the target user's server, and that can't be fixed without
sending notifies for invites that end up not happening.
I'm resolving this by broadcasting a second message, INVITED, from the
target user's server. I'm also pulling it out into an extension while
I'm at it--invite notifies reveal new information, so I don't think
they should be mandatory.
Ed Kellett [Sat, 18 Apr 2020 15:57:22 +0000 (16:57 +0100)]
Move ipv4-in-ipv6 handling to find_conf_by_address
This removes some inconsistencies: first of all it applies to both
CONF_KILL searches by IP in find_address_conf, and secondly it applies
to find_kline, which would have been an edge case before.
Aaron Jones [Tue, 28 Jan 2020 20:46:14 +0000 (20:46 +0000)]
extensions/extb_ssl.c: make certfp parameter case-insensitive
I had the idea that maybe these should be case-sensitive because some
encodings (like Base-64) are. But it turns out it's better to
prioritise not breaking existing configurations / channel mode lists,
and just revisit this in future maybe.
Stephen Bennett [Tue, 2 Feb 2010 21:31:50 +0000 (21:31 +0000)]
Make sasl_usercloak.so update the original host, as well as the visible host if it hasn't already changed. Allows for the sasl spoof to be used to override services ones in some circumstances.
Ed Kellett [Tue, 31 Dec 2019 01:11:45 +0000 (01:11 +0000)]
reject: Remember and send reasons for rejections
rejectcache entries can now use either a K-line aconf or a static
string as a reason. This will be sent in a 465 numeric before the usual
ERROR. In the case of K-lines, it resembles the 465 you would have been
sent without being rejected:
; nc -s 127.6.6.6 127.0.0.1 5000
:staberinde.local 465 * :You are banned from this server- Temporary
K-line 4320 min. - abc123 (2019/12/31 01.07)
ERROR :Closing Link: (*** Banned (cache))
; nc -s 127.128.0.0 127.0.0.1 5000
:staberinde.local 465 * :You are not authorised to use this server.
ERROR :Closing Link: (*** Banned (cache))
Set EXTERNAL_BUILD_TIMESTAMP from SOURCE_DATE_EPOCH
to make the package build reproducible by default without
everyone having to discover the custom variable.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
This code assigns the plain integer to keep the code simple.
Otherwise we would have to deal with differences between GNU date
and BSD date or include extra build deps like perl or python.
Ed Kellett [Sun, 17 Nov 2019 11:15:47 +0000 (11:15 +0000)]
m_modules: make modreload work like restart
/modrestart used to be implemented as a normal command and could crash
when used remotely because it would reload m_encap, which was on the
call stack at the time. This was fixed in 41390bfe5f. However,
/modreload has exactly the same problem, so I'm giving it the
same treatment.
Incidentally: This bug was first discovered in ircd-seven, where the
`/mod*` commands themselves live in the core, so m_encap was the only way
the crash could happen (and it didn't most of the time, because m_encap
would only be moved if you got unlucky). But `/mod*` are in modules in
charybdis, so /modrestart would have unloaded the code it was in the
middle of executing. With that in mind, I'm not sure how it ever
appeared to work.