1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-05 20:53:12 +02:00
Commit Graph

7395 Commits

Author SHA1 Message Date
Bram Matthys 17037b0694 Fix build failing if DNS is not working. Building UnrealIRCd should never fail
because it has no internet access, like when fetching the repository
(modules.list file) of 3rd party modules.

Previously I had..
url_start_async(request);
synchronous_http_request_in_progress = 1;
.. which worked fine for the "cannot connect case", like port blocked
or timeout connecting. But if DNS fails then the step of setting
synchronous_http_request_in_progress = -1 (so failed) already happens
during the url_start_async(request); call, and then the line after it
sets 'synchronous_http_request_in_progress = 1;' so we miss that it
failed and wait in the I/O loop forever.
Simply swapping the two lines of code fixes this.

The other change is that when running the ModuleManager in "make" we should
ignore the exit code. I probably broke that while refactoring and adding
non-zero exit codes in de modulemanager past few months for this release.
2026-02-25 14:58:11 +01:00
Bram Matthys bd1ccde9c3 ** UnrealIRCd 6.2.3-rc2 ** 2026-02-25 08:28:20 +01:00
Bram Matthys 3a96bdf6ec Add set::allow-setident (default: 'no'), set::allow-setname ('yes')
Two new settings that control the use of `SETIDENT` and `SETNAME`:
* [set::allow-setident](https://www.unrealircd.org/docs/Set_block#set::allow-setident)
  now defaults to 'no'. Previously all users were allowed to change their
  ident (taking into account
  [set::allow-userhost-change](https://www.unrealircd.org/docs/Set_block#set::allow-userhost-change)
  restrictions).
* [set::allow-setname])(https://www.unrealircd.org/docs/Set_block#set::allow-setname)
  has a default of 'yes' which matches older UnrealIRCd versions (no change).
  Perhaps some admins who use controlled (web)chats may want to set this
  to 'no' if users are not supposed to change their realname/gecos.
  This is probably rare, but they have the option now.
2026-02-23 08:58:39 +01:00
Bram Matthys 014925496b Forgot a few more of those [1] that need to be []
(see previous commit)
2026-02-22 16:24:55 +01:00
Bram Matthys 7d45e69fd2 Use C99 flexible array members, like name[], instead of name[1]
in NameList, Tag, Watch and HistoryLogLine.
This does mean the allocation routines need a +1 everywhere, but
I think I got all of them. I also don't see them being used directly
in such a way in 3rd party modules (which is logical, as they
should use the API and not allocate such structs directly).

Also, SpamExcept has been removed as it was not used anywhere.
2026-02-22 16:11:41 +01:00
Bram Matthys 19d17832fe Remove set::restrict-extendedbans as it didn't work. Simply don't load
the particular extended ban module if you don't want it.

For example, if you include the default modules.default.conf and, say,
you don't want ~quiet extbans then you add this in your unrealircd.conf:

blacklist-module "extbans/quiet";
2026-02-22 13:07:57 +01:00
Bram Matthys 6933e1839b Update extban_conv_param_nuh_or_extban() to use MAXBANLEN
instead of arbitrary 256 and such. Also makes it so other people
reading this code will understand better that MAXBANLEN is the
real limit here and not 256 (which is never reached because
the cut off already happens at 200).
2026-02-22 12:42:44 +01:00
Bram Matthys d38a106879 Enforce MAXBANLEN (which is MODEBUFLEN) at some more places.
This shouldn't be needed except for some corner cases, like if some
third party module does not limit their stuff properly, in S2S
or if channeldb contains some weird long entry or something.
2026-02-22 12:38:01 +01:00
Bram Matthys ac86029a61 Make convert_regular_ban() and extban_conv_param_nuh() consistently
allow bans of NICKLEN+USERLEN+HOSTLEN+3. Previously NICKLEN was
ommitted for some reason, which also explains why this ban-
simplification-routine exists in the first place. I think we can
make it use this full n!u@h space. Especially since we already allow
this for bans like ~quiet (the full n!u@h) and other extbans can be
quite long as well, it no longer makes sense to limit it here.

Small detail: in extban_conv_param_nuh() we used +32 which i think
is from the times when we had to deal with prefixes like ~quiet,
which is no longer the case, this routine is only about the final
suffix after the last : in a ban.
2026-02-22 11:58:15 +01:00
Bram Matthys 979f44bde4 Linking: upon duplicate server we could SQUIT the wrong one.
This would cause a bit of a mess, that usually would be resolved a few
seconds later, but still a mess. I had this on irc*.unrealircd.org
myself when rerouting a server from a backup-hub to primary-hub
a few months ago.
2026-02-22 11:37:09 +01:00
Bram Matthys d79161019a Clear client->local->proto for users.
This is not an issue now in all code paths, but if someone accidentally uses
SupportXYZ() without checking IsServer() then it would be an issue.

In the past we used client->local->proto for client flags as well, but this
has been split off to client->local->caps a while ago.

I guess we should rename client->local->proto to something more server-ish
in a later major release to indicate this as well.
2026-02-22 10:37:01 +01:00
Bram Matthys 371cb487b9 Fix missing "return;" in "Bad ulines" rejection of a server. 2026-02-22 10:00:32 +01:00
Bram Matthys 43da14f7c6 Get rid of old confusing comment in src/parse.c regarding commands with 0 flags
if (cmptr->flags != 0) { /* temporary until all commands are updated */

But that is impossible, as CommandAdd()->CommandAddInternal() already has:

if (!flags)
{
        config_error("CommandAdd(): Could not add command '%s': flags are 0", cmd);

And this is the case since commit ceb04cc3eb
from July 15, 2015.
2026-02-22 08:05:18 +01:00
Bram Matthys 059abc4b56 "STATS fdtable" is mostly for debugging. Simplify read/write handler display
and callback data in non-DEBUGMODE. Also because exposing pointers like
this can defeat ASLR. These STATS are oper-only though, but hey, defense in
depth... and the pointer values don't make sense to non-devs anyway,
so why show them in the first place.
2026-02-21 19:41:56 +01:00
Bram Matthys b467e4e147 JSON-RPC: Fix missing mtag issued by in user.part
We use mtag_add_issued_by() to prepare it but then pass NULL
in do_cmd() so it was basically useless.

Also compile fix for previous (forgot to git ammend)
2026-02-21 16:22:36 +01:00
Bram Matthys ec4ccbde82 Fix memory leak on JSON-RPC log.send and fix a small auth url parse thing.
Actually that auth url method is not documented, we should probably remove it.
2026-02-21 16:18:34 +01:00
Bram Matthys b93cb14623 Fix crash due to fix from a few hours ago (5580b294f4) 2026-02-21 16:04:50 +01:00
Bram Matthys d22f65364c Make duplicate deny link::rule items an error.
(as otherwise using duplicated generates only a warning and could memleak)
2026-02-21 14:57:41 +01:00
Bram Matthys f81fd965ea Mask item or security-group: add check for duplicate rule / exclude-rule 2026-02-21 14:55:13 +01:00
Bram Matthys b55a4b84e0 Blacklist hit with a soft ban action: fix memory leak if multiple hits occur.
So, if the IP was on multiple blacklists.
2026-02-21 14:43:41 +01:00
Bram Matthys 8740774d25 Not important but.. this did not free element 255. 2026-02-21 14:01:29 +01:00
Bram Matthys f20b62ea3b Fix memory leak on blacklist hit if using soft bans 2026-02-21 13:59:10 +01:00
Bram Matthys fae9dacf5d Fix some small REHASH leaks: tld->channel, link->connect_ip,
allow->server (last one is very rare).
2026-02-21 13:56:30 +01:00
Bram Matthys 28a8bee041 Don't use 'client' in CENTRAL_BLOCKLIST_ERROR, prolly copy-paste error.
Not really important as it is not part of the normal log message (only JSON).
2026-02-21 13:49:26 +01:00
Bram Matthys f59b937f3b Fix leak if central-blocklist returns "error" JSON string (very rare) 2026-02-21 13:45:47 +01:00
Bram Matthys 5580b294f4 Fix memory leak if using spamfilter::except. 2026-02-21 13:20:17 +01:00
Bram Matthys be479aa890 The buffer in spamfilter_build_user_string() was too small causing cut off.
This affects the spamfilter 'u' target. It didn't overflow but was cut off,
potentially causing a NON-MATCH where it could have been a MATCH instead.
2026-02-21 13:18:30 +01:00
Bram Matthys 2ac09de148 Fix central spamfilter with "stop" action, due to using same &var twice. 2026-02-21 13:13:15 +01:00
Bram Matthys 6130c1b5ae Update Windows build because library package with cURL changed
due to switch to 'cmake'. This is for unrealircd-libraries-6.2.3.zip from
https://www.unrealircd.org/docs/Windows_external_libraries_for_UnrealIRCd
2026-01-31 14:35:55 +01:00
Bram Matthys bb4d1b528f ** UnrealIRCd 6.2.2-rc1 **
(Actually the Windows build is still building :D)
2026-01-31 09:44:57 +01:00
Bram Matthys c24424bb50 JSON-RPC: throttle.set did not do anything
Reported by adator in https://bugs.unrealircd.org/view.php?id=6608
2026-01-30 07:39:37 +01:00
Bram Matthys bd1e25d017 Slightly raise default set::handshake-timeout from 30 to 40 seconds. 2026-01-28 09:44:49 +01:00
Bram Matthys 91d5114a1e Whitespace fix
[skip ci]
2026-01-28 09:38:39 +01:00
Bram Matthys 728807d233 Set SSL_OP_NO_RX_CERTIFICATE_COMPRESSION by default.
Every time compression has been used in TLS it has been a source of
trouble. We don't care about such optimizations anyway since connections
are long-lived in IRC. We are not some kind of webserver where every
millisecond counts.
2026-01-27 19:31:25 +01:00
Bram Matthys e083852e86 Create separate resolver channel resolver_channel_https for HTTPS requests.
This one has DNS caching enabled[*], which makes sense for this case.

[*] If using c-ares 1.31.0 or later. That version was released in June 2024.
The shipped-with-UnrealIRCd library version is 1.34.6, so qualifies.
However, if using system c-ares (which is automatically the case, if detected)
then many systems don't have it. The first Linux distro versions that qualify:
* Fedora 40
* Debian 13
* Ubuntu 25.04 (non-LTS) and future Ubuntu 26.04 (LTS)
* Etc...
2026-01-26 09:57:07 +01:00
Bram Matthys a887de92ce Add extra safety in register_user() against shunned users. 2026-01-25 12:56:52 +01:00
Bram Matthys 8467969878 Don't show confusing CENTRAL_BLOCKLIST_TIMEOUT when user is shunned.
Previously it showed this warning and said "Allowing user .. in unchecked"
when the user got shunend by CBL. Usually harmless but.. had a report
where it possibly was not (though that was an older UnrealIRCd version).
In any case, confusing, solved now!
2026-01-25 12:54:30 +01:00
Bram Matthys ef75962a70 We now use a non-zero exitcode if ./unrealircd module install ... fails
Reported by ikci in https://bugs.unrealircd.org/view.php?id=6578
2026-01-23 13:15:17 +01:00
Bram Matthys af0f1fdd6b ModuleManager: check version of local module, don't overwrite if it is newer.
This was a long standing requests by devs.

So if third/something is version 1.2.3 in the repository, and you have
src/modules/third/something.c which is version 1.2.4 then neither
'./unrealircd module upgrade' nor './unrealircd module upgrade third/something'
will overwrite the module. It will stay the local 1.2.4 version.
A new status inst/LOCAL was added "module installed, local version is newer
than available online"

The command './unrealircd install third/something' would still (re)install
the online version, though, i think that makes sense.

When working on this I noticed that './unrealircd module upgrade' previously
always recompiled the module, even if it was not updated. This is no longer so.
2026-01-23 11:56:48 +01:00
Bram Matthys 91930e3631 Bleh, just use "*" in ERR_INVALIDMODEPARAM for the param.
Otherwise you get into trouble if client does things like:
MODE #test +l ::a
MODE #test +l :a b c
And I am too lazy to handle these cases :D
2026-01-23 08:48:34 +01:00
Bram Matthys d413959e57 Chanmode +l: when coming from an IRC client, reject <=0 instead of transforming.
Reject it with an ERR_INVALIDMODEPARAM, just like we do for +k.

I think the higher number transforming is fine, but this <=0 transformation
is odd as it almost never is what the user actually intended.

In S2S traffic we still transform, as rejecting there is more problematic,
(causing a desync) and transforming it there is not a major issue, anyway.

Reported by ProgVal in https://bugs.unrealircd.org/view.php?id=6602
2026-01-23 08:45:34 +01:00
Bram Matthys 2dd23d13b7 Silently drop TAGMSG to users who refuse PRIVMSG/NOTICE also (umode +D, +R),
since the message/notice would not make it through either.
This also means someone can no longer iterate through users to see who
is +D/+R by sending a "silent" TAGMSG. (Silent in the sense that the
end-user usually would not have noticed)

Suggested in https://bugs.unrealircd.org/view.php?id=6579 by zw32h (I think)

This also means HOOKTYPE_CAN_SEND_TO_USER now allows you to NOT to
set errmsg, to silently drop a message. Previously we would crash
deliberately on such a situation to enforce that all modules would
set a proper errmsg.
2026-01-23 08:23:22 +01:00
Bram Matthys c2db2715c0 Fix post-registration SASL not working due to change from a few days ago.
(commit 0cf0c0faa2)

This was caused by register_user() being called twice, while it should
only have been called if !IsUser().

Reported by ProgVal in https://bugs.unrealircd.org/view.php?id=6606
My BuildBot screen was also all red :D.
2026-01-23 07:48:01 +01:00
Bram Matthys a5f1aa7f34 Print a [BUG] line if register_user() is called twice. Deliberately crash
when running in DEBUGMODE.
2026-01-23 07:42:57 +01:00
Bram Matthys eea4cfa762 Modulemanager: support compile-flags and always look at modulemanager block
1) We now always look at the module { } block even for unmanaged modules
   (so .c files that you put manually in src/modules/third)
2) New module::compile-flags to allow specifying compile flags / libraries / etc.

See https://www.unrealircd.org/docs/Special_module_manager_block_in_source_file

So the new stuff is:

module {
        .....
        // Simple library dependency:
        compile-flags "-lsomelib";
        // Can even use:
        compile-flags "$(mysql_config --cflags) $(mysql_config --libs)";
        .....
}

This was requested long ago by various people.

And yes, this allows shell commands to be executed if the 3rd party indicates so.
The added risk should be small, since the module could do similarly evil stuff at
runtime, unless you compile with a totally different user compared to runtime.
The most common case where compile time vs runtime is completely different would
be for packaging (deb/rpm/whatever), which presumably ship with zero 3rd party
modules, so then there shouldn't be a concern either.

Obviously, for 3rd party modules in the unrealircd-contrib repository we screen
modules to make sure they don't do anything evil: "No malicious code or intent"
in https://www.unrealircd.org/docs/Rules_for_3rd_party_modules_in_unrealircd-contrib
2026-01-19 09:48:37 +01:00
Bram Matthys 34e3469f91 Merge branch 'unreal60_dev' of github.com:unrealircd/unrealircd into unreal60_dev 2026-01-19 09:04:51 +01:00
Bram Matthys 96f4954e2b Compile ALL 3rd party modules through modulemanager, including unmanaged.
This gets rid of src/buildmod and unifies the process a little, which
i need later.

We still compile the 3rd party modules unconditionally and twice (during
both make and make install). Which is a quirk that is in there since U6
and maybe U5 already :D. That's because we don't check if header files
have changed. There was previously a "is the .c file newer than the .so"
in there, though, that is gone now. Anyway, that's something for later.

Another quirk is that we do not halt compile if a 3rd party module fails
to compile. Which was sortof intentional at one point but.. is not ideal,
so will probably changed as well.

Anyway, that's not why i am doing all this stuff right now...
2026-01-19 09:02:53 +01:00
Valerie Liu 1dd6e9b07b Fix indentation in sasl.c return statement (PR #333) 2026-01-18 19:32:11 +01:00
Bram Matthys 0cf0c0faa2 Wait for SASL to complete during handshake (success/fail/timeout).
This is to guard against clients that do like CAP LS 302, NICK, USER,
AUTHENTICATE, CAP END, without waiting for the SASL result.

Previously "CAP END" would abort SASL if the response was not in yet.

Now "CAP END" will cause us to wait for SASL success/fail/timeout
and when that happens we will end the handshake and the user will
come online (or not, if e.g. banned).

In other words, SASL is no longer canceled upon premature CAP END.

And yeah, clients should wait, as is mentioned in
https://ircv3.net/specs/extensions/sasl-3.1
"it is RECOMMENDED to only send CAP END when the SASL exchange is
 completed or needs to be aborted"
But since it is a recommendation and not a hard requirement, we'll
be nice and handle this situation server-side.

Of course, clients could still misbehave then by sending stuff
blindly after CAP END, like JOIN events, without even checking
if they got numeric 001 and so on... so in that sense it shifts
the problem a bit.. but.. at least that type of waiting is
hopefully more common :D
2026-01-18 19:06:59 +01:00
Silent 275f04c76c Fix Y2038 bug on Windows in unreal_setfilemodtime (PR #332)
Int32x32To64 macro internally truncates the arguments to int32,
while time_t is 64-bit on most/all modern platforms.
Therefore, usage of this macro creates a Year 2038 bug.
2026-01-11 07:33:49 +01:00