]>
jfr.im git - solanum.git/log
Jilles Tjoelker [Sun, 16 Feb 2014 15:06:01 +0000 (16:06 +0100)]
libratbox: Fix undefined behaviour advancing pointer beyond end of array.
The C standard does not allow constructing pointers beyond one past the end
of an array. Therefore, if size is an unsigned type (size_t), then
buf + size is never less than buf.
Clang on 32-bit took advantage of the undefined behaviour, causing
segfaults.
Lightly tested.
William Pitcock [Sat, 8 Feb 2014 19:02:16 +0000 (13:02 -0600)]
Merge pull request #46 from grawity/sasl-mechlist
sasl: send RPL_SASLMECHS
William Pitcock [Sat, 8 Feb 2014 18:40:35 +0000 (18:40 +0000)]
ssld: force the control buffer to be unsigned bytes except in special circumstances
This has the side effect of fixing GnuTLS.
William Pitcock [Sat, 8 Feb 2014 18:35:24 +0000 (18:35 +0000)]
libratbox: regenerate autotools files
William Pitcock [Sat, 8 Feb 2014 18:34:49 +0000 (18:34 +0000)]
libratbox/gnutls: add gnutls v3 api compatibility without breaking v2
Rylee Elise Fowler [Fri, 31 Jan 2014 16:03:54 +0000 (11:03 -0500)]
autotools: fix typo relating to ban db
Jilles Tjoelker [Thu, 16 Jan 2014 23:23:09 +0000 (00:23 +0100)]
Remove an unused variable.
Jilles Tjoelker [Thu, 16 Jan 2014 23:22:47 +0000 (00:22 +0100)]
Avoid wrong detection of redundant/duplicate auth blocks with auth_user.
If there was more than one user= per auth block, the check for redundant
or duplicate auth blocks did not take auth_user into account.
Jilles Tjoelker [Wed, 15 Jan 2014 21:25:26 +0000 (22:25 +0100)]
openssl: Improve security using options recommanded by Argure.
Note that these are not available in old versions of OpenSSL (like FreeBSD
9.x base OpenSSL), so allow them to be missing.
A side effect may be slightly higher CPU consumption and network traffic.
Jilles Tjoelker [Wed, 15 Jan 2014 21:13:47 +0000 (22:13 +0100)]
openssl: Use cipher list suggested by Argure.
Jilles Tjoelker [Wed, 15 Jan 2014 21:09:57 +0000 (22:09 +0100)]
openssl: Fix compiler warning.
Jilles Tjoelker [Wed, 15 Jan 2014 20:50:08 +0000 (21:50 +0100)]
openssl: Set some sort of session id context.
Without a session id context and if client certificates are used, OpenSSL
fails the handshake if an attempt is made to reuse an old session. Various
clients could not reconnect after a disconnection because of this.
See https://bugzilla.mozilla.org/show_bug.cgi?id=858394#c34 for a bug
report.
Mantas Mikulėnas [Sun, 12 Jan 2014 19:17:34 +0000 (21:17 +0200)]
doc/ts6-protocol: Correct the mode letter for termination
Keith Buck [Sun, 12 Jan 2014 01:38:48 +0000 (01:38 +0000)]
bandb: Don't attempt to write to a NULL helper.
Mantas Mikulėnas [Sat, 11 Jan 2014 22:18:58 +0000 (00:18 +0200)]
sasl: send RPL_SASLMECHS
William Pitcock [Fri, 27 Dec 2013 13:13:08 +0000 (05:13 -0800)]
Merge pull request #42 from Argure/genssl
Use sha-512 rather than deprecated sha-1; generate a csr
Keith Buck [Sun, 22 Dec 2013 02:55:32 +0000 (18:55 -0800)]
Merge pull request #45 from somasonic/master
Fix grammatical error in extensions/chm_sslonly.c
Andrew [Thu, 12 Dec 2013 04:08:12 +0000 (04:08 +0000)]
Fix grammatical error
William Pitcock [Sat, 30 Nov 2013 19:55:01 +0000 (19:55 +0000)]
libratbox/openssl: check that ECDHE is really available on redhat derivatives (closes #43)
Keith Buck [Wed, 27 Nov 2013 09:23:20 +0000 (09:23 +0000)]
INSTALL: Fix documentation for assert configure options.
Jilles Tjoelker [Fri, 22 Nov 2013 22:48:38 +0000 (23:48 +0100)]
Merge branch 'fix-sha256-crypt' of https://github.com/grawity/charybdis
Jilles Tjoelker [Fri, 22 Nov 2013 22:41:15 +0000 (23:41 +0100)]
help: Fix some required oper privileges.
Jilles Tjoelker [Fri, 22 Nov 2013 22:34:54 +0000 (23:34 +0100)]
help: Remove mention of remote commands that do not actually work.
Patrick Godschalk [Mon, 18 Nov 2013 23:59:08 +0000 (00:59 +0100)]
Just use 4k RSA certificates while at it
Patrick Godschalk [Mon, 18 Nov 2013 23:49:01 +0000 (00:49 +0100)]
Use sha-512 rather than deprecated sha-1; generate a csr
William Pitcock [Fri, 15 Nov 2013 12:26:39 +0000 (04:26 -0800)]
Merge pull request #41 from lyska/master
helpfiles: fix spelling, grammar remove old information
Sam Dodrill [Fri, 15 Nov 2013 04:34:42 +0000 (23:34 -0500)]
helpfiles: fix spelling, grammar remove old information
What is done here:
1. All the outdated configuration flag information has been removed and
replaced with the more current information.
2. Spellchecking has been done on all helpfiles and the actual errors
have been fixed.
Keith Buck [Tue, 29 Oct 2013 09:07:19 +0000 (09:07 +0000)]
Remove duplicate default-value code.
Default values for default_floodcount and default_ident_timeout are set
in s_conf.c. Remove code that checks for missing values in ircd.c.
Additionally, reset default_ident_timeout to 5 if an invalid value (i.e.
0) is provided.
Jilles Tjoelker [Fri, 25 Oct 2013 15:49:58 +0000 (17:49 +0200)]
override: Remove umode +p when deopering.
Keith Buck [Fri, 25 Oct 2013 05:39:55 +0000 (05:39 +0000)]
Revert "Add m_override.c - an improved override module."
This reverts commit
f00a55e9a1005f488b3b8d8be358bcee4c975fde .
Keith Buck [Tue, 22 Oct 2013 08:50:15 +0000 (08:50 +0000)]
Add m_override.c - an improved override module.
Mantas Mikulėnas [Wed, 23 Oct 2013 11:39:51 +0000 (14:39 +0300)]
libratbox/crypt: fix difference from glibc in sha256_crypt()
rb_crypt() was generating different SHA256 ($5$) hashes than glibc,
making hashes generated with charybdis unusable in ratbox and other
software, and vice versa.
Jilles Tjoelker [Sun, 6 Oct 2013 17:39:06 +0000 (19:39 +0200)]
Use RFC5737 and RFC3849 addresses in example confs.
There are IPv4 and IPv6 ranges reserved for documentation and example code;
use these to minimize the risk if someone accidentally uses an unmodified
example conf.
Keith Buck [Mon, 23 Sep 2013 09:34:30 +0000 (09:34 +0000)]
Fix parameter counts for me_dline and me_undline.
Jilles Tjoelker [Sat, 14 Sep 2013 10:26:32 +0000 (12:26 +0200)]
whowas: Use the normal rules for IP visibility.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().
Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
Jilles Tjoelker [Sat, 14 Sep 2013 10:26:24 +0000 (12:26 +0200)]
Fix parameter name in header file for show_ip_conf().
Jilles Tjoelker [Fri, 13 Sep 2013 20:34:11 +0000 (22:34 +0200)]
Merge branch 'isupport-charset' of github.com:grawity/charybdis
Jilles Tjoelker [Fri, 13 Sep 2013 20:29:26 +0000 (22:29 +0200)]
Enable remote WHOWAS queries.
On ircd-seven, this will allow remote opers to see certain hidden IPs.
Keith Buck [Thu, 12 Sep 2013 08:21:50 +0000 (08:21 +0000)]
Abort blacklist queries at the same time as auth queries.
This fixes an assert(MyConnect(...)) being hit in
register_local_user(...).
Mantas Mikulėnas [Tue, 10 Sep 2013 21:57:48 +0000 (00:57 +0300)]
Remove CHARSET=ascii from ISUPPORT
For one, [draft-brocklesby-irc-isupport-02][1] already defines "ascii" as the
default value. According to section 2 ("Except as
explicitly stated in its definition, a parameter should not be sent
unless it changes this default value, or the default value is vague,
badly defined, or differs between IRC server implementations"), there is
no point in sending it.
For another, [version 03 of the same draft][2] removes CHARSET ("It was
found to be unworkable; a correct specification could not be devised to
represent its meaning across implementations."), and the token is not
present at all in [draft-hardy-irc-isupport-00][3].
[1]: https://tools.ietf.org/html/draft-brocklesby-irc-isupport-02#section-3.17
[2]: https://tools.ietf.org/html/draft-brocklesby-irc-isupport-03#section-4.8
[3]: https://tools.ietf.org/html/draft-hardy-irc-isupport-00
Keith Buck [Tue, 10 Sep 2013 05:35:56 +0000 (05:35 +0000)]
Remove s_assert definition from ircd_defs.h and add it to its own header.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.
This change also fixes the compile when using --enable-assert=soft.
William Pitcock [Fri, 6 Sep 2013 18:44:18 +0000 (11:44 -0700)]
Merge pull request #33 from Argure/master
Enable use of ECDHE in Charybdis on OpenSSL versions that support this.
Patrick Godschalk [Fri, 6 Sep 2013 18:05:49 +0000 (20:05 +0200)]
Have OpenSSL version check use cpp
Quora [Wed, 4 Sep 2013 17:14:08 +0000 (10:14 -0700)]
Merge pull request #34 from grawity/monitor-help
Document MONITOR in /help
Mantas Mikulėnas [Wed, 4 Sep 2013 16:16:09 +0000 (19:16 +0300)]
Document MONITOR in /help
Patrick Godschalk [Tue, 3 Sep 2013 12:23:13 +0000 (14:23 +0200)]
Add notice about ECC/ECDHE in OpenSSL.
Patrick Godschalk [Tue, 3 Sep 2013 12:16:57 +0000 (14:16 +0200)]
Set ECDHE on OpenSSL 1.00+.
Quora Dodrill [Sat, 24 Aug 2013 14:41:00 +0000 (09:41 -0500)]
doc: fix name of sample config again
Alex Iadicicco [Sat, 24 Aug 2013 03:11:22 +0000 (20:11 -0700)]
extensions/m_roleplay: Properly transmit source name.
Quora Dodrill [Wed, 14 Aug 2013 22:45:35 +0000 (15:45 -0700)]
src/s_conf: Avoid re-inventing the wheel
Quora Dodrill [Wed, 14 Aug 2013 22:26:29 +0000 (15:26 -0700)]
src/s_conf: More detailed error messages conforming to POSIX errno
When the configuration file is unreadable or not existing, charybdis will now report the POSIX error message from the failed call. This is a compromise between the behavior in
f951460ae991e2e8defb9638f8ee508283705cbb and
f6f049070e240d0ce637e9e3ac4fba4148b9725d .
Jilles Tjoelker [Wed, 14 Aug 2013 21:49:22 +0000 (23:49 +0200)]
Ensure consistent indexing into user_modes independent on signedness of char.
Quora Dodrill [Wed, 14 Aug 2013 21:28:11 +0000 (14:28 -0700)]
src/s_conf: Moved error notification to proper place
Previously it was in src/ircd.c, but accroding to jilles, this is a better place for the notification.
This changes a patch made in
adef4da10c65696fb9b79ffa797615770fd53abf and amended in
65d921173c6e3aa4f30dd78561d3a6f5d5f4cf31 and
f6f049070e240d0ce637e9e3ac4fba4148b9725d .
Quora Dodrill [Wed, 14 Aug 2013 16:54:57 +0000 (09:54 -0700)]
libratbox/openssl: Fix possible memory leak with SSL certificate fingerprints
Quora Dodrill [Wed, 14 Aug 2013 16:54:18 +0000 (09:54 -0700)]
Revert "libratbox/openssl: Fix possible memory leak with SSL dertificate fingerprints"
This reverts commit
6ecd598ec079ebd184ab1e1e594b849e65c08507 .
Quora Dodrill [Wed, 14 Aug 2013 16:49:04 +0000 (09:49 -0700)]
libratbox/openssl: Fix possible memory leak with SSL dertificate fingerprints
William Pitcock [Sat, 20 Jul 2013 07:14:14 +0000 (07:14 +0000)]
bandb: do not blindly pass a buffer to a function that takes a format string (closes #27)
Quora Dodrill [Fri, 19 Jul 2013 19:47:15 +0000 (12:47 -0700)]
Merge pull request #32 from anarcat/gnutls-restore
rerun aclocal to include pkg.m4
Antoine Beaupré [Thu, 18 Jul 2013 00:26:47 +0000 (20:26 -0400)]
rerun aclocal to include pkg.m4
this also updates aclocal from 1.11.1 to 1.11.6
Quora Dodrill [Wed, 10 Jul 2013 15:44:27 +0000 (08:44 -0700)]
src/ircd: fix -configfile argument
Quora Dodrill [Wed, 10 Jul 2013 03:16:04 +0000 (20:16 -0700)]
src/ircd: Missed case where ircd.conf is unreadable to the ircd
Quora Dodrill [Wed, 10 Jul 2013 03:04:45 +0000 (20:04 -0700)]
src/ircd: Die if the configuration file does not exist
Quora Dodrill [Wed, 10 Jul 2013 03:01:16 +0000 (20:01 -0700)]
doc: Example configuration renamed to ircd.conf.example
This is to follow the precident set by Atheme's atheme.conf.example file. Since the ircd now fails to start on a non-existant configuration file, seeing that message would make one know where to look.
Jilles Tjoelker [Sun, 7 Jul 2013 21:49:33 +0000 (23:49 +0200)]
join: Fix messages about join failures such as banned.
This was broken by
6f7b36d5d0f8a6429c625d825d3277670cdb25e7 in February
2013, as join failures are the only situation where a non-trivial
numeric is passed through from other code to be sent to a client. Fix it
by porting more code from ircd-ratbox 3.1.
Jilles Tjoelker [Sun, 16 Jun 2013 09:35:04 +0000 (11:35 +0200)]
m_info: Correct description of general::client_exit like in example confs.
Reported by: jackal
William Pitcock [Mon, 10 Jun 2013 16:23:16 +0000 (09:23 -0700)]
Merge pull request #30 from anarcat/gnutls-restore
Gnutls restore
Antoine Beaupré [Mon, 10 Jun 2013 16:19:02 +0000 (12:19 -0400)]
Revert "libratbox: Remove broken gnutls support."
This reverts commit
f2d58c6d72a1735b28ef95566fbd26bb0736246d .
Antoine Beaupré [Mon, 10 Jun 2013 16:18:43 +0000 (12:18 -0400)]
Revert "Remove more gnutls references."
This reverts commit
6a25507e90c2b2f934724e8eb278e9782acac923 .
Jilles Tjoelker [Sat, 8 Jun 2013 11:46:02 +0000 (13:46 +0200)]
Rerun autoconf for genssl change.
William Pitcock [Thu, 6 Jun 2013 00:11:20 +0000 (17:11 -0700)]
Merge pull request #28 from anarcat/master
rename genssl to genssl.sh
Antoine Beaupré [Wed, 5 Jun 2013 05:49:19 +0000 (01:49 -0400)]
rename genssl.sh to genssl
Alex Iadicicco [Wed, 15 May 2013 07:27:40 +0000 (00:27 -0700)]
Mention channel name parameter to SJOIN in ts6-protocol.txt
Jilles Tjoelker [Sat, 27 Apr 2013 15:00:10 +0000 (17:00 +0200)]
Rename m_nokillservices.so to no_kill_services.so per the naming scheme.
Jilles Tjoelker [Sat, 27 Apr 2013 14:55:45 +0000 (16:55 +0200)]
kill: Improve comment about kill hook.
Jilles Tjoelker [Sat, 27 Apr 2013 14:55:26 +0000 (16:55 +0200)]
nokillservices: Use ircu numeric instead of a notice.
Elizabeth Myers [Sat, 27 Apr 2013 10:17:05 +0000 (05:17 -0500)]
Update my email address
Elizabeth Myers [Sat, 27 Apr 2013 10:07:04 +0000 (05:07 -0500)]
Forgot this -.-
Elizabeth Myers [Sat, 27 Apr 2013 09:59:57 +0000 (04:59 -0500)]
Fix minor comment munging from sed being a piece of shit
Elizabeth Myers [Sat, 27 Apr 2013 09:57:44 +0000 (04:57 -0500)]
Include messages.h for macro form_str in select extensions
Elizabeth Myers [Sat, 27 Apr 2013 09:57:31 +0000 (04:57 -0500)]
Fix format string generation
Elizabeth Myers [Sun, 21 Apr 2013 16:10:19 +0000 (11:10 -0500)]
Blacklist: fix accidentally clobbering previous filters
William Pitcock [Sun, 21 Apr 2013 03:24:25 +0000 (20:24 -0700)]
Merge pull request #20 from quora-wings/master
Makefile.in updated
Quora [Sun, 21 Apr 2013 03:18:51 +0000 (20:18 -0700)]
Makefile.in updated
Elizabeth Myers [Sun, 21 Apr 2013 02:23:27 +0000 (21:23 -0500)]
Remove last vestige of halfops from this module.
How this was in here for this long is well beyond me. This must be old
hybrid code or something.
Elizabeth Myers [Sun, 21 Apr 2013 01:52:34 +0000 (20:52 -0500)]
Tweak docs.
Also, last commit fixes #16. :p
Elizabeth Myers [Sat, 20 Apr 2013 21:17:29 +0000 (16:17 -0500)]
Add support for multiple forms of blacklist queries using matches.
It supports both literal and last octet matches from the dnsbl.
If matches is not present, the old behaviour is used.
William Pitcock [Sat, 20 Apr 2013 21:12:24 +0000 (14:12 -0700)]
Merge pull request #19 from quora-wings/master
m_olist is not needed with operspy support for LIST
Quora [Sat, 20 Apr 2013 20:59:27 +0000 (13:59 -0700)]
Removed redundant and buggy code that caused segmentation faults. Also deprecated by operspy support for LIST. Referencing commit Ponychat/shadowircd@
162195279af339f6a7bfccc92c0f03c4b68d28c2
Elizabeth Myers [Sat, 20 Apr 2013 06:14:54 +0000 (01:14 -0500)]
Add m_nokillservices to documentation
Elizabeth Myers [Sat, 20 Apr 2013 06:07:55 +0000 (01:07 -0500)]
Implement kill-cancelling hook.
With this comes an example module to block the killing of services.
NOTE: this will not cancel remote kills. Those are still accepted, per
the TS 6 specification.
Alex Iadicicco [Thu, 18 Apr 2013 00:27:27 +0000 (17:27 -0700)]
m_nick: Reject nicks with '~' in them, rather than cutting at the '~'
The behavior of cutting at the first '~' is confusing at first, and
looks too much like a bug.
Jilles Tjoelker [Sat, 23 Mar 2013 22:32:46 +0000 (23:32 +0100)]
Update .depend files.
Jilles Tjoelker [Sat, 23 Mar 2013 21:57:28 +0000 (22:57 +0100)]
Don't send ERR_NICKCOLLISION to a user that will not be killed.
William Pitcock [Thu, 21 Feb 2013 11:44:16 +0000 (05:44 -0600)]
Mostly enable support for checking format strings with -Wformat.
Basically derived from Ratbox 3.1.
Jilles Tjoelker [Thu, 14 Feb 2013 22:45:22 +0000 (23:45 +0100)]
whois: Fix UID leak.
The second parameter of WHOIS is always a nick.
William Pitcock [Sun, 3 Feb 2013 20:06:13 +0000 (14:06 -0600)]
Atheme is not responsible for the mental health changes of IRC operators using charybdis.
Jilles Tjoelker [Sun, 3 Feb 2013 19:31:03 +0000 (20:31 +0100)]
UID/EUID: Add server's SID to invalid UID error message.
Jilles Tjoelker [Sun, 3 Feb 2013 18:38:46 +0000 (19:38 +0100)]
UID/EUID: Check that the UID starts with the server's SID.
If not, the local link that sent the command is broken, as with
syntactically invalid UIDs.
Jilles Tjoelker [Sun, 3 Feb 2013 18:33:31 +0000 (19:33 +0100)]
stats l: Don't care about away status.
Jilles Tjoelker [Sun, 3 Feb 2013 18:31:06 +0000 (19:31 +0100)]
Merge branch 'mailmap' of github.com:grawity/forks.charybdis