Keith Buck [Fri, 21 Feb 2014 09:17:29 +0000 (09:17 +0000)]
Remove SSL_OP_NO_COMPRESSION from openssl initialization.
SSL_OP_NO_COMPRESSION was presumably added in an attempt to prevent
information leakage in a manner similar to recent attacks on HTTPS.
However, assuming that IRC is vulnerable to the same class of attacks is
incorrect: the behavior of the IRC protocol (a single long-running
connection) is not the same as that of HTTPS (multiple ephemeral
connections). HTTPS's use of ephemeral connections means that certain
assumptions can be made about the contents of the compression
algorithm's dictionaries and the content exchanged between the client
and server (e.g. the content being nearly the same for each connection),
which is not true for IRC. Additionally, they rely on the attacker being
able to coerce the client into creating many HTTPS connections (and
resending some secret token belonging to the user, along with
attacker-controlled data) each time, none of which is possible with IRC.
Lastly, since compression is no longer performed, this option will
result in leaking the lengths of messages transmitted to and from the
client. This option does reduce CPU utilization on Charybdis servers but
also increases bandwidth consumed.
Jilles Tjoelker [Sun, 16 Feb 2014 15:06:01 +0000 (16:06 +0100)]
libratbox: Fix undefined behaviour advancing pointer beyond end of array.
The C standard does not allow constructing pointers beyond one past the end
of an array. Therefore, if size is an unsigned type (size_t), then
buf + size is never less than buf.
Clang on 32-bit took advantage of the undefined behaviour, causing
segfaults.
Jilles Tjoelker [Wed, 15 Jan 2014 20:50:08 +0000 (21:50 +0100)]
openssl: Set some sort of session id context.
Without a session id context and if client certificates are used, OpenSSL
fails the handshake if an attempt is made to reuse an old session. Various
clients could not reconnect after a disconnection because of this.
See https://bugzilla.mozilla.org/show_bug.cgi?id=858394#c34 for a bug
report.
Sam Dodrill [Fri, 15 Nov 2013 04:34:42 +0000 (23:34 -0500)]
helpfiles: fix spelling, grammar remove old information
What is done here:
1. All the outdated configuration flag information has been removed and
replaced with the more current information.
2. Spellchecking has been done on all helpfiles and the actual errors
have been fixed.
Keith Buck [Tue, 29 Oct 2013 09:07:19 +0000 (09:07 +0000)]
Remove duplicate default-value code.
Default values for default_floodcount and default_ident_timeout are set
in s_conf.c. Remove code that checks for missing values in ircd.c.
Additionally, reset default_ident_timeout to 5 if an invalid value (i.e.
0) is provided.
Mantas Mikulėnas [Wed, 23 Oct 2013 11:39:51 +0000 (14:39 +0300)]
libratbox/crypt: fix difference from glibc in sha256_crypt()
rb_crypt() was generating different SHA256 ($5$) hashes than glibc,
making hashes generated with charybdis unusable in ratbox and other
software, and vice versa.
Jilles Tjoelker [Sun, 6 Oct 2013 17:39:06 +0000 (19:39 +0200)]
Use RFC5737 and RFC3849 addresses in example confs.
There are IPv4 and IPv6 ranges reserved for documentation and example code;
use these to minimize the risk if someone accidentally uses an unmodified
example conf.
Add the flags (auth{} spoof, dynamic spoof) to struct Whowas and add a
show_ip_whowas().
Normal users now see IPs of unspoofed users, and remote opers can see IPs
behind dynamic spoofs. Also, general::hide_spoof_ips is now applied when
the IP is shown, not when the client exits.
For one, [draft-brocklesby-irc-isupport-02][1] already defines "ascii" as the
default value. According to section 2 ("Except as
explicitly stated in its definition, a parameter should not be sent
unless it changes this default value, or the default value is vague,
badly defined, or differs between IRC server implementations"), there is
no point in sending it.
For another, [version 03 of the same draft][2] removes CHARSET ("It was
found to be unworkable; a correct specification could not be devised to
represent its meaning across implementations."), and the token is not
present at all in [draft-hardy-irc-isupport-00][3].
Keith Buck [Tue, 10 Sep 2013 05:35:56 +0000 (05:35 +0000)]
Remove s_assert definition from ircd_defs.h and add it to its own header.
s_assert requires some higher-level functionality that shouldn't be
present in ircd_defs.h. ircd_defs.h is used by ssld, which has no notion
of logging or sending IRC messages. Additionally, some of the headers
s_assert depends on result in conflicting definitions in ssld.c.
This change also fixes the compile when using --enable-assert=soft.
doc: Example configuration renamed to ircd.conf.example
This is to follow the precident set by Atheme's atheme.conf.example file. Since the ircd now fails to start on a non-existant configuration file, seeing that message would make one know where to look.
join: Fix messages about join failures such as banned.
This was broken by 6f7b36d5d0f8a6429c625d825d3277670cdb25e7 in February
2013, as join failures are the only situation where a non-trivial
numeric is passed through from other code to be sent to a client. Fix it
by porting more code from ircd-ratbox 3.1.
Removed redundant and buggy code that caused segmentation faults. Also deprecated by operspy support for LIST. Referencing commit Ponychat/shadowircd@162195279af339f6a7bfccc92c0f03c4b68d28c2