1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-02 13:33:13 +02:00
Commit Graph

3139 Commits

Author SHA1 Message Date
Bram Matthys 07b2fbb35e - Windows: When trying to load a module (DLL) windows can give us the
mysterious error 'The specified module could not be found' even though the
  file exists. This usually means that it depends on another DLL, but
  apparently Microsoft decided not to mention that in the error message.
  We now append some small text when such an error happens, saying that it
  could be because of a missing dependency. Reported by Phil.
2010-11-17 18:25:56 +00:00
Bram Matthys 28c19679b2 changelog edit: one SHUN less ;P 2010-11-16 19:40:08 +00:00
Bram Matthys 643355b387 - Added set::options::allow-insane-bans which makes it possible to set
really broad bans such as *@*.xx. Needless to say this can be very
  dangerous. Reported and patch provided by Stealth (#0003963).
2010-11-15 16:23:02 +00:00
Bram Matthys 779444448c - Clarified the difference between 'except ban' (which exempts from KLINE
and ZLINE) and 'except tkl' (which can exempt from GLINE, GZLINE, SHUN,
  QLINE, GQLINE and SHUN). Reported by Digerati (#0002535).
- Added except tkl::type 'all', which exempts from all TKL types (except
  KLINE).
2010-11-15 16:14:20 +00:00
Bram Matthys d107a4a6a8 - Added '/REHASH -global' command which will rehash all servers on the
network. You can also specify options like '/REHASH -global -motd' to
  rehash only the MOTD/RULES/etc. Just like /REHASH <servername> this is a
  NetAdmin-only command. This command is fully backwards compatible with
  older UnrealIRCd version in the sense that it will also REHASH old
  Unreal's. Suggested by 'P' in #0001522.
2010-11-15 15:50:52 +00:00
Bram Matthys d5167c69ad update credits/bugid of install as service vs enccert 2010-11-15 14:11:46 +00:00
Bram Matthys da0d21fe57 - Little tweak to +Z: when the last insecure user parts and the channel is
set +Z (secure), the parting user saw the MODE too, which was silly.
  Reported by Robby22 (#0003720).
2010-11-15 14:00:57 +00:00
Bram Matthys 372fbe7af9 - Win32 installer: Make it so a user can no longer accidentally check both
'install as service' and 'encrypt SSL certificate', as they are
  incompatible (a service cannot ask a user to enter a password).
- Win32 installer: Fixed long outstanding problem with some Vista / Windows 7
  installations, which has to do with file permissions of the Unreal3.2
  folder. Symptoms were error messages such as:
  Unable to create file 'tmp/10D9D743.commands.dll': Permission denied
  But also failing to create SSL certificates, nothing being logged, etc.
  This is now fixed by setting write access on the Unreal3.2 folder to the
  user running the install, unless the user chooses not to use this new
  option (it can be unchecked), in which case the user is warned that he
  should take care of this himself.
  Reported by various persons, special thanks to Bock and goldenwolf for
  helping us to track down this issue (#0003943).
2010-11-15 13:41:04 +00:00
Bram Matthys a2137bda71 local chanmode, chan mode +Z, operoverride with key 'override', sorting HELPOP CHMODES, fishy timestamps:
- Some small updates to the extended channel mode system: it now has minimal
  support for 'local channel modes'. This is really only meant for channel
  mode +Z (upcase z), see next.
- Added Channel Mode Z which indicates if a channel is 'secure' or not.
  This mode works in conjunction with +z (lower case z).
  If +z is set ('only secure users may join'), then the IRCd scans to see
  if everyone in the channel is connected through SSL. If so, then the
  channel is set +Z as well ('channel is secure').
  Whenever an insecure user manages to join, the channel is -Z. And whenever
  all insecure users leave, the channel is set +Z.
  The 'insecure user being present in a +z channel' can be because:
  - An IRCOp joined the channel, and he's not secure
  - When servers link together and a user on the other side is not secure
    This only happens on net merge (equal time stamp).
    On different time stamp, we still kick insecure users on the new side.
  - At the time when +z is set, there are insecure users present.
  This feature was implemented after a heavy discussion in bug #3720 by fez
  and others, and was suggested by Stealth.
  Tech note: +Z/-Z is handled locally by each server. Any attempt to
  remotely set +Z/-Z (eg: by services) will be ignored.
- As mentioned above, +z can now be set even if any insecure users are
  present. Previously, this was not permitted. Now, as soon as the last
  non-SSL user leaves, the channel will be set +Z.
- An oper not connected through SSL previously had to /INVITE himself
  to a channel and then /JOIN the channel with the key 'override'.
  This 'override' key is no longer required, a simple JOIN will suffice.
- Sorted channel modes in /HELPOP ?CHMODES
- Re-enabled 'fishy timestamp' errors in MODE. For some reason this was
  commented out, even though the (more annoying and less useful) code in
  JOIN was enabled so that did not make a lot of sense. It also now logs to
  ircd.log (or whatever you configure). This enables people to easier find
  the cause of any timestamp issues (which usually is badly coded services).
2010-11-13 19:23:05 +00:00
binki 4237409031 - And another m_nopost makefile.win32 fix. 2010-10-27 20:32:15 +00:00
Bram Matthys 81dd721ed1 - Updated doc/compiling_win32.txt with current free MS SDK information,
patch from goldenwolf.
2010-10-24 12:43:21 +00:00
Bram Matthys 028f6ff83b - Fix missing OperOverride notices for +u and +L if not chanowner, reported
by Mareo (#0003358), partial patch from DJ.
2010-10-22 13:08:25 +00:00
Bram Matthys 77bc5ab29d - Document spamfilter 'warn' action in unreal32docs. 2010-10-16 09:14:43 +00:00
binki e95ef070d1 - Add m_nopost to makefile.win32 in the hopes that it may work (#3961). 2010-09-30 22:50:30 +00:00
Bram Matthys ed8b8da20b - Fixed braindamage in stacked bans. 2010-09-25 11:21:37 +00:00
binki 08f86d9b2e - Always display the real host of successful OPERing up. Reported by Josh. (#3950) 2010-09-20 12:30:59 +00:00
binki 574ebf6eed - Fix ordering of `9. FAQ'' and `10. Modules'' in HTML docs. 2010-09-20 00:33:31 +00:00
Bram Matthys bf40486341 reworded... as it was already showing the proper error in many cases... but not all :p 2010-09-19 14:34:20 +00:00
Bram Matthys 63dd326113 - SSL errors are now more descriptive. 'Underlying syscall error' is now
gone and shows the actual (surprise!) underlying syscall error.
  Reported by vonitsanet, patch from ohnobinki (#0003157).
2010-09-19 14:26:47 +00:00
Bram Matthys 17c97c8442 - Fixed notices to opers about server delinks not being broadcasted to all
other servers if they were on SSL links. Reported by chotaire (#0003957).
2010-09-19 14:10:43 +00:00
Bram Matthys d717e0fc62 Clarify relationship between nopost and NOSPOOF (in Changelog) 2010-09-19 11:33:13 +00:00
binki 1a01e725c7 - Add the m_nopost module written by syzop and compile it into
commands.so. This module was written to help IRCd maintainers deal
  with some sort of ``XPS'' attack in which javascript-initiated HTTP
  POST form submissions were able to act as dummy IRC bots. These
  simple bots were the cause of much spam. (#3893)
- Add a modules section to the documentation. This was created to put
  all documentation specific to the m_post module in one, easy to find
  place. The documentation on m_post is likely incomplete, however.
2010-09-15 16:22:25 +00:00
binki 1605db3ced - Document the badword block more explicitly and clearly. (#3959) 2010-09-15 16:09:34 +00:00
Bram Matthys bcd89f7db8 - Reverted an IPv6/Config fix I did on July 17. Reported by chotaire (#3958). 2010-09-08 15:17:46 +00:00
Bram Matthys b83f096e48 - Fixed another compile problem on QNX, reported by chotaire (#3955 too).
- Fixed incorrect messages regarding clock going backwards on QNX 6 and
  later, reported by chotaire (#0003956).
2010-09-08 11:07:22 +00:00
binki a744b9b212 - Don't use sys/errno.h, as it's not POSIX and breaks on QNX-6.5.0. (#3955) 2010-09-07 15:39:47 +00:00
binki 9643607334 - Fix segfault by checking if RESTRICT_USERMODES is NULL in the code for bug #3329. 2010-08-25 04:36:28 +00:00
binki c144008217 - Fix /msg IRC WHOIS response for persons with secure connections. (#3947) 2010-08-24 16:46:29 +00:00
binki 36c0bdde2e - Remove snomasks upon deopering when it seems like the user shouldn't have snomasks. (#3329) 2010-08-20 11:15:22 +00:00
binki 9f823be20b - Warn users against running UnrealIRCd as root without setting IRC_USER. (#3053 reported by Stealth) 2010-08-20 11:10:00 +00:00
binki 964bb656c7 - Prepend a `0' to the begining of --with-permission, working around a Mac OS X bug and hiding the fact that chmod()'s params are octal from users. (#3189) 2010-08-19 00:58:24 +00:00
binki e473fbc44c - Actually initialize m_starttls when it's included into commands.so. 2010-08-16 17:00:42 +00:00
Bram Matthys 6dcb276f8d - Get rid of any setsockopt(IPV6_V6ONLY) errors in ircd.log (#3944).
(oh and yeah I removed the prototype of our_crc32 which is totally unrelated...)
2010-08-16 09:31:04 +00:00
binki d012c49f1b - Install ircdcron scripts. (#2620)
- Autogenerate ircdcron/ircd.cron based on ./configure settings.
2010-08-16 02:29:34 +00:00
binki 7272715cec - Upgrade to tre-0.8.0, adding hack similar to the one for c-ares to ensure that the bundled tre is compiled against even when a system libtre is installed. (#3916) 2010-08-16 02:09:51 +00:00
binki 2d10ab189d - IPv6 clones detection support (#2321). allow::ipv6-clone-mask determines the number of bits used when comparing two IPv6 addresses to determine if allow::maxperip is exceeded. This allows an admin to recognize that most IPv6 blocks are allocated to individuals, who might each get a /64 IPv6 block. set::default-ipv6-clone-mask defaults to 64 and provides default value for the allow blocks. 2010-08-15 04:44:16 +00:00
Bram Matthys fae4629c46 un-hi 2010-08-14 18:35:32 +00:00
Bram Matthys a71a1a394f teh hi 2010-08-14 18:35:05 +00:00
Bram Matthys 75d4fecb4b ..This is actually an update of earlier code from CVS, but now it works ok:..
- Added support for "stacked" extbans. Put simply this allows extban combinations
  such as ~q:~c:#test to only silence users on #test, for example. This feature
  is enabled by default, but can be disabled during ./Config -advanced.
  This feature was suggested by Shining Phoenix (#0003193), was then coded
  by aquanight for U3.3, and later on backported and partially redone by Syzop.
  Module coders:
  In an extban ~x:~y:something where we call ~x the 1st, and ~y the 2nd extban:
  Since stacked extbans only makes sense where the 1st one is an action
  extended ban like ~q/~n/~j, most modules won't have to be changed, as
  their extban never gets extended (just like ~c:~q: makes no sense).
  However, you may still want to indicate in some cases that the extban your
  module introduces also shouldn't be used as 2nd extban.
  For example with a textban extban ~T it makes no sense to have ~n:~T.
  The module can indicate this by setting EXTBOPT_NOSTACKCHILD in
  the ExtbanInfo struct used by ExtbanAdd().
  For completeness I note that action modifier extbans are indicated by
  EXTBOPT_ACTMODIFIER. However, note that we currently assume all such
  extbans use the extban_is_ok_nuh_extban and extban_conv_param_nuh_or_extban
  functions. If you don't use these and use EXTBOPT_ACTMODIFIER, then things
  will go wrong with regards to stack-counting.
  Module coders should also note that stacked extbans are not available if
  DISABLE_STACKED_EXTBANS is defined.
- Added extended ban ~R:<nick>, which only matches if <nick> is a registered
  user (has identified to services). This is really only useful in ban
  exemptions, like: +e ~R:Nick would allow Nick to go through all bans if he
  has identified to NickServ. This is often safer than using +e n!u@h.
- Added Extended Invex. This is very much like extended bans, in fact it
  supports some of the same flags. Syntax: +I ~character:mask
  Currently supported are: ~c (channel), ~r (realname) and ~R (registered).
  This can be useful when setting a channel invite only (+i) and then
  setting invite exceptions such as +I ~c:#chan (or even ~c:+#chan), while
  still being able to ban users.
  Because action modifiers (~q/~n/~j) make no sense here, extended invex
  stacking (+I ~a:~b:c) makes no sense either, and is not supported.
  Suggested by DanPMK (#0002817), parts based on patch from ohnobinki.
  Module coders: set EXTBOPT_INVEX in the ExtbanInfo struct used by
  ExtbanAdd() to indicate that your extban may also be used in +I.
- Invex (+I) now always checks cloaked hosts as well. Just like with bans,
  it checks them also when the user is not currently cloaked (eg: did -x, or
  is currently using some VHOST).
- Fixed client desynch caused by (un)banning, reported by Sephiroth (#2837).
2010-08-14 18:27:19 +00:00
Bram Matthys d8b2069bce - Make extended bans documentation more clear by splitting the extbans in
two groups: one that specifies ban actions (~q/~n/~j) and one that
  introduces new criteria (~c/~r). Also added documentation for ~R which
  does not exist yet, but will soon...
2010-08-13 11:44:24 +00:00
Bram Matthys aaa52b3443 - Uniform naming for 'stacked extbans' in Changelog/etc. 2010-08-13 10:18:27 +00:00
binki f584875279 - Remove extras/c-ares before each time c-ares is compiled. 2010-08-11 03:53:46 +00:00
binki a6c7bb1043 - Force compilation with bundled c-ares to statically link using more sed hackery in configure.ac. 2010-08-06 03:59:57 +00:00
binki 901b9c272a Make that c-ares-1.6.0. 2010-08-04 01:38:30 +00:00
binki e540730751 - Upgraded c-ares to 1.7.3. API seems compatible with c-ares-1.6.3. (#3932) 2010-08-04 01:36:11 +00:00
binki 0a34af8720 - Define intptr_t in win32's setup.h. (#3939) 2010-08-04 00:03:40 +00:00
binki 94c2b58366 - Fix a few compiler warnings with some double-casting and another const. (#3939) 2010-08-03 23:57:44 +00:00
binki a1d076367e - Fix src/Makefile's lack of depencencies for module.c, related to #3938. 2010-08-03 17:06:05 +00:00
binki 889dd73f15 I forgot a bug number again; extban ~j is for (#3192). 2010-07-22 12:33:09 +00:00
binki 46668768cf - Add an extban of the schema +b ~j:*diff | less@* which _only_ prevents a user from joining a channel. 2010-07-22 12:32:06 +00:00