]>
jfr.im git - solanum.git/log
Valentin Lorentz [Mon, 28 Dec 2015 09:57:17 +0000 (10:57 +0100)]
Remove trailing space in CAP ACK.
Fixes https://github.com/atheme/charybdis/issues/110
William Pitcock [Mon, 28 Dec 2015 07:38:13 +0000 (01:38 -0600)]
whois: cosmetic improvement to opered-as numeric
William Pitcock [Mon, 28 Dec 2015 07:36:40 +0000 (01:36 -0600)]
messages.h: fix numeric 320
William Pitcock [Mon, 28 Dec 2015 07:33:09 +0000 (01:33 -0600)]
whois: list active operator block and privset when appropriate
William Pitcock [Mon, 28 Dec 2015 06:48:46 +0000 (00:48 -0600)]
MODE: allow 'q' banlist queries to bypass flood limits too
William Pitcock [Mon, 28 Dec 2015 06:39:38 +0000 (00:39 -0600)]
version: update general copyright to 2016 since we will probably release later this week
William Pitcock [Mon, 28 Dec 2015 06:31:03 +0000 (00:31 -0600)]
CREDITS: cosmetic updates
William Pitcock [Mon, 28 Dec 2015 06:17:15 +0000 (00:17 -0600)]
NEWS: last pass at updates for 3.5.0
William Pitcock [Mon, 28 Dec 2015 03:21:33 +0000 (21:21 -0600)]
libratbox: don't build arc4random support if mbedtls is present. libratbox r29245
William Pitcock [Mon, 28 Dec 2015 03:19:17 +0000 (21:19 -0600)]
libratbox: fix scoping issue with alloca()'d buffer which could result in undefined behaviour.
this is ported from upstream libratbox r29267
William Pitcock [Sun, 27 Dec 2015 23:08:57 +0000 (17:08 -0600)]
sno_whois: fix resource leak, pointed out by mniip
William Pitcock [Sun, 27 Dec 2015 04:41:09 +0000 (22:41 -0600)]
supported: move ISUPPORT tokens provided by modules to their specific modules:
- m_cmessage: CPRIVMSG/CNOTICE
- m_etrace: ETRACE
- m_knock: KNOCK
- m_services: FNC
- m_who: WHOX
William Pitcock [Sun, 27 Dec 2015 04:23:28 +0000 (22:23 -0600)]
LIST: allow channel display threshold to be configured (closes #109)
Jilles Tjoelker [Thu, 24 Dec 2015 22:00:09 +0000 (23:00 +0100)]
starttls: Update for client fd hash removal.
William Pitcock [Wed, 16 Dec 2015 13:32:12 +0000 (07:32 -0600)]
ssld: check conn->plain_fd when setting conn->plain_fd type to RB_FD_SOCKET
William Pitcock [Sun, 13 Dec 2015 17:38:27 +0000 (11:38 -0600)]
extb_combi: relax recursion and complexity limits now that bancache for unjoined users is fixed
William Pitcock [Sun, 13 Dec 2015 17:25:15 +0000 (11:25 -0600)]
channel: actually store the last checked client pointer
William Pitcock [Sun, 13 Dec 2015 17:22:47 +0000 (11:22 -0600)]
extb_combi: tighten up recursion depth
William Pitcock [Sun, 13 Dec 2015 17:09:15 +0000 (11:09 -0600)]
extb_combi: allow up to 5 children nodes
William Pitcock [Sun, 13 Dec 2015 17:06:04 +0000 (11:06 -0600)]
extb_combi: if there are more nodes than allowed, return EXTBAN_INVALID
William Pitcock [Sun, 13 Dec 2015 16:58:05 +0000 (10:58 -0600)]
extb_combi: try limiting the number of allowed nodes per depth to 3
William Pitcock [Sun, 13 Dec 2015 15:42:12 +0000 (09:42 -0600)]
sslproc: handle ssl_cipher_list being NULL better
William Pitcock [Sun, 13 Dec 2015 14:17:04 +0000 (08:17 -0600)]
channel: actually, use bancache invalidation as the metric for the duplication check
any state change which would cause the duplicate check to change would invalidate bancache as a whole anyway
William Pitcock [Sun, 13 Dec 2015 14:13:52 +0000 (08:13 -0600)]
channel: cache duplicate calls to is_banned() and is_quieted()
William Pitcock [Sun, 13 Dec 2015 13:58:50 +0000 (07:58 -0600)]
sslproc: garbage collect dead ssld resources every minute
William Pitcock [Sun, 13 Dec 2015 13:49:19 +0000 (07:49 -0600)]
extb_combi: implement a recursion guard
Jilles Tjoelker [Sat, 12 Dec 2015 23:22:21 +0000 (00:22 +0100)]
Reduce clean_nick() code duplication further.
Side effect: hurt and monitor now allow nicks starting with a digit.
William Pitcock [Sat, 12 Dec 2015 15:24:37 +0000 (09:24 -0600)]
map: make flatten_links dump a flattened map instead of blocking it (closes #48)
based on my patches in shadowircd legacy (4.0)
William Pitcock [Sat, 12 Dec 2015 14:42:03 +0000 (08:42 -0600)]
monitor: ensure monitored nicknames are valid (ref. elemental-ircd/elemental-ircd#187)
William Pitcock [Sat, 12 Dec 2015 14:41:09 +0000 (08:41 -0600)]
clean up some code duplication when checking nicks for validity
William Pitcock [Sat, 12 Dec 2015 14:19:58 +0000 (08:19 -0600)]
gnutls: fix typo
William Pitcock [Sat, 12 Dec 2015 14:03:59 +0000 (08:03 -0600)]
gnutls: allow priorities to be configured
William Pitcock [Sat, 12 Dec 2015 13:50:48 +0000 (07:50 -0600)]
ssl: allow cipher list to be overridden (closes #67)
William Pitcock [Sat, 12 Dec 2015 11:20:51 +0000 (05:20 -0600)]
client: use sequential connection ids for ssld connections in ssld RPC, instead of the file descriptor
this avoids race conditions when a file descriptor is reused and an ssld worker has not acked that the previous
connection was closed, which results in the new client being kicked.
William Pitcock [Sat, 12 Dec 2015 10:51:43 +0000 (04:51 -0600)]
ssld: use uint64_t explicitly when we want 64-bit counters
William Pitcock [Sat, 12 Dec 2015 10:50:35 +0000 (04:50 -0600)]
ssld: fix a type warning pointed out by clang
William Pitcock [Sat, 12 Dec 2015 10:50:15 +0000 (04:50 -0600)]
ssld: take inbuf/outbuf out of global scope, since its unnecessary
William Pitcock [Sat, 12 Dec 2015 06:33:46 +0000 (00:33 -0600)]
newconf: fix error message on channel::autochanmodes
William Pitcock [Fri, 11 Dec 2015 21:56:33 +0000 (15:56 -0600)]
libratbox: import zstring functions
William Pitcock [Fri, 11 Dec 2015 21:36:53 +0000 (15:36 -0600)]
implement configurable channel modes (closes #31)
While functionally compatible with the implementation in ElementalIRCd, our approach is different,
specifically pre-calculating the bitmask at config load time. This is more efficient, and allows us
to report errors as part of the configuration phase.
William Pitcock [Fri, 11 Dec 2015 18:14:34 +0000 (12:14 -0600)]
config.h.dist: resync with config.h (closes #14)
William Pitcock [Fri, 11 Dec 2015 14:36:21 +0000 (08:36 -0600)]
libratbox: implement nossl variants of rb_get_ssl_certfp() and rb_get_ssl_cipher()
William Pitcock [Fri, 11 Dec 2015 14:32:19 +0000 (08:32 -0600)]
ssld: enable sending SSL cipher information if available
William Pitcock [Fri, 11 Dec 2015 14:32:02 +0000 (08:32 -0600)]
libratbox: implement rb_get_ssl_cipher()
William Pitcock [Fri, 11 Dec 2015 14:20:11 +0000 (08:20 -0600)]
WHOIS: use cipher string if available
William Pitcock [Fri, 11 Dec 2015 14:19:50 +0000 (08:19 -0600)]
sslproc: set Client.localClient.cipher_string if sent by ssld
William Pitcock [Fri, 11 Dec 2015 05:44:31 +0000 (23:44 -0600)]
sslproc: likewise
William Pitcock [Fri, 11 Dec 2015 05:40:24 +0000 (23:40 -0600)]
ssld: integrate some cleanups from ratbox 3.1
William Pitcock [Thu, 10 Dec 2015 08:28:52 +0000 (02:28 -0600)]
update NEWS documenting availability of combination extbans
William Pitcock [Thu, 10 Dec 2015 08:27:08 +0000 (02:27 -0600)]
document extb_combi and extb_hostmask bans (closes #74)
William Pitcock [Thu, 10 Dec 2015 08:25:22 +0000 (02:25 -0600)]
extenions: add a $m: extban (ref #74)
William Pitcock [Thu, 10 Dec 2015 08:20:58 +0000 (02:20 -0600)]
import marienz's extb_combi module (ref #74)
William Pitcock [Thu, 10 Dec 2015 08:19:21 +0000 (02:19 -0600)]
Revert "extban: implement helper functions for stackable extbans (part 1) (ref #74)"
This reverts commit
304bd0d095917d8dffca8567768e4cada4a8748b .
William Pitcock [Thu, 10 Dec 2015 07:33:30 +0000 (01:33 -0600)]
extban: implement helper functions for stackable extbans (part 1) (ref #74)
William Pitcock [Thu, 10 Dec 2015 07:00:32 +0000 (01:00 -0600)]
override: only engage override code if we're needing to authorize a WRITE to a channel's state (closes #65)
William Pitcock [Tue, 8 Dec 2015 20:26:26 +0000 (14:26 -0600)]
ssld: update for protocol changes
William Pitcock [Mon, 7 Dec 2015 07:52:16 +0000 (01:52 -0600)]
update NEWS to note that CertFP methods are now configurable
William Pitcock [Mon, 7 Dec 2015 07:49:30 +0000 (01:49 -0600)]
allow certfp method to be configured
William Pitcock [Mon, 7 Dec 2015 07:21:26 +0000 (01:21 -0600)]
ssld: we only will continue supporting one fingerprint method at a time
William Pitcock [Mon, 7 Dec 2015 07:15:00 +0000 (01:15 -0600)]
Merge branch 'master' of github.com:atheme/charybdis
Elizabeth Myers [Wed, 27 May 2015 21:46:46 +0000 (16:46 -0500)]
Add ability to change CertFP hash.
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
Elizabeth Myers [Wed, 27 May 2015 21:46:46 +0000 (16:46 -0500)]
Add ability to change CertFP hash.
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
William Pitcock [Sat, 5 Dec 2015 13:18:35 +0000 (07:18 -0600)]
update copyright on NEWS (haha)
William Pitcock [Sat, 5 Dec 2015 13:09:52 +0000 (07:09 -0600)]
update README
William Pitcock [Sat, 5 Dec 2015 13:07:01 +0000 (07:07 -0600)]
update NEWS a little more
William Pitcock [Sat, 5 Dec 2015 12:48:38 +0000 (06:48 -0600)]
m_message: use same behaviour for +R users as +g users (closes #96)
William Pitcock [Sat, 5 Dec 2015 12:37:04 +0000 (06:37 -0600)]
mbedtls: implement rb_get_ssl_certfp()
William Pitcock [Sat, 5 Dec 2015 04:53:04 +0000 (22:53 -0600)]
newconf: TLS listener ports should always be defer_accept
TLS clients are required to send ClientHello upon connection, the server may not reply with ServerHello until this has happened
William Pitcock [Sat, 5 Dec 2015 04:42:10 +0000 (22:42 -0600)]
mbedtls: use server certificate for client mode too
William Pitcock [Sat, 5 Dec 2015 04:41:02 +0000 (22:41 -0600)]
mbedtls: make client mode work too
William Pitcock [Fri, 4 Dec 2015 06:01:40 +0000 (00:01 -0600)]
libratbox: fix up mbedtls backend
William Pitcock [Fri, 4 Dec 2015 04:38:54 +0000 (22:38 -0600)]
libratbox: gnutls: we want to pass F, not F->fd to rb_listen()
William Pitcock [Fri, 4 Dec 2015 04:32:33 +0000 (22:32 -0600)]
libratbox: initial cut at an mbedtls implementation, which will replace openssl and gnutls backends in charybdis 3.6
notably, it presently is lacking CertFP support, but everything else is implemented
William Pitcock [Fri, 4 Dec 2015 00:37:32 +0000 (18:37 -0600)]
libratbox: prepare build system for mbed tls backend
William Pitcock [Fri, 20 Nov 2015 05:10:36 +0000 (23:10 -0600)]
Revert "supported: remove TARGMAX, nothing really uses it, and the information conveyed is useless anyway"
This reverts commit
ff2f68e617bb5bcaddfdaa5e4e29348a95d147ff .
William Pitcock [Fri, 20 Nov 2015 04:53:55 +0000 (22:53 -0600)]
cap: implement ircv3.2 chghost cap
William Pitcock [Fri, 20 Nov 2015 04:43:45 +0000 (22:43 -0600)]
send: add negation argument to sendto_common_channels_local() and friends
William Pitcock [Thu, 19 Nov 2015 23:13:04 +0000 (17:13 -0600)]
parse: handle_encap(): remove parv[0] initialization, anything using parv[0] should crash the ircd
William Pitcock [Thu, 19 Nov 2015 23:12:07 +0000 (17:12 -0600)]
modules/m_resv: update comments since parv[0] is not used anymore
William Pitcock [Mon, 16 Nov 2015 21:01:57 +0000 (15:01 -0600)]
supported: remove TARGMAX, nothing really uses it, and the information conveyed is useless anyway
Jilles Tjoelker [Sat, 14 Nov 2015 23:20:14 +0000 (00:20 +0100)]
monitor: Show 005 entry only if m_monitor.so is actually loaded.
This only affects the MONITOR=<max> entry, not TARGMAX=...,MONITOR:
which is harder to modify from a module.
Aaron Jones [Sun, 25 Oct 2015 15:59:16 +0000 (15:59 +0000)]
[libratbox] Remove an unused random function
Nothing in the Charybdis or libratbox code calls rb_get_pseudo_random
and under OpenSSL it uses RAND_pseudo_bytes() which is both dangerous
and removed in OpenSSL version 1.1.0.
Aaron Jones [Fri, 23 Oct 2015 16:08:15 +0000 (16:08 +0000)]
Improve the versions of TLS used for server to server linking
When building against current OpenSSL (<= 1.0.2) or old LibreSSL
(< 2.2.2) the server will use TLSv1.0 only when connecting to other
servers.
This patch corrects that.
Aaron Jones [Fri, 23 Oct 2015 16:05:33 +0000 (16:05 +0000)]
Use new TLS method APIs with new LibreSSL
OpenBSD 5.8 includes LibreSSL 2.2.2, which finally brings the API up to
what they claim it is by implementing the new TLS client and server
method APIs. Therefore, in furtherance of commits
a4c8c827 and
1a4e224a
we can build with the new APIs if building against (real) OpenSSL 1.1.0
or LibreSSL 2.2.2.
Reported-by: Juuso Lapinlampi <redacted>
William Pitcock [Thu, 15 Oct 2015 23:05:38 +0000 (18:05 -0500)]
Merge pull request #106 from awilfox/master
Fix MONITOR C
Andrew Wilcox [Thu, 15 Oct 2015 22:13:49 +0000 (17:13 -0500)]
monitor: don't use already-freed pointer, unlike the moronic atheme developers
Andrew Wilcox [Thu, 15 Oct 2015 22:12:11 +0000 (17:12 -0500)]
Revert "remove MONITOR for now pending a complete rewrite"
This reverts commit
87fa262fec3149bff8daf9552b9df7f38a973890 .
William Pitcock [Thu, 15 Oct 2015 14:39:48 +0000 (09:39 -0500)]
remove MONITOR for now pending a complete rewrite
William Pitcock [Mon, 12 Oct 2015 00:32:31 +0000 (19:32 -0500)]
monitor: additional cleanup pointed out by mr_flea
William Pitcock [Mon, 12 Oct 2015 00:11:01 +0000 (19:11 -0500)]
monitor: additional cleanups, and add a missing free_monitor() in m_monitor
William Pitcock [Sun, 11 Oct 2015 23:48:53 +0000 (18:48 -0500)]
monitor: fix the resource leak properly, unlike the moronic elemental-ircd developers
Jilles Tjoelker [Thu, 1 Oct 2015 20:54:29 +0000 (22:54 +0200)]
Fix build on glibc (no strlcpy).
Jilles Tjoelker [Sun, 20 Sep 2015 13:20:05 +0000 (15:20 +0200)]
Use new info when sending away-notify after QJM.
Jilles Tjoelker [Fri, 22 May 2015 19:42:36 +0000 (21:42 +0200)]
s_conf: Split out a function.
Jilles Tjoelker [Fri, 22 May 2015 19:42:10 +0000 (21:42 +0200)]
kqueue: Remove unnecessary cast.
Jilles Tjoelker [Thu, 5 Mar 2015 23:41:51 +0000 (00:41 +0100)]
Remove the unneeded username parameter to register_local_user().
Jilles Tjoelker [Sun, 13 Sep 2015 20:56:14 +0000 (22:56 +0200)]
Check CIDR ban IP address for validity.
Otherwise, we compare to uninitialized stack data. This is wrong but seems
harmless.
Closes #103
William Pitcock [Sat, 8 Aug 2015 22:41:32 +0000 (18:41 -0400)]
Merge pull request #101 from Elizafox/master
Relocate report_Klines to proper home
Elizabeth Myers [Sat, 8 Aug 2015 22:25:29 +0000 (17:25 -0500)]
Relocate report_Klines to proper home
This function is not used anywhere else but m_stats, so should be put
there.
Mantas Mikulėnas [Tue, 14 Jul 2015 09:50:37 +0000 (12:50 +0300)]
Merge pull request #100 from Mkaysi/readme
Update NEWS & README.md