Bram Matthys
2509482e02
Update UnrealIRCd version
2018-09-28 09:31:35 +02:00
Bram Matthys
147ae3012b
Get rid of about a million (now) useless casts and some re-indenting.
2018-04-22 10:29:36 +02:00
Bram Matthys
66143927e0
In /STATS S display throttling as anti-flood::connect-flood, as that
...
is the new name (since about 2 years).
2017-10-08 09:12:46 +02:00
Bram Matthys
3d38adff4f
Rename config.h setting CLIENT_FLOOD to DEFAULT_RECVQ since that is what
...
it is. You should simply set a class::recvq instead of changing this
in config.h.
2017-10-07 09:29:47 +02:00
Bram Matthys
885e474211
Removed option in config.h to disable NO_FLOOD_AWAY. You can already
...
tweak or disable this via set::anti-flood::away-flood.
2017-10-07 09:25:45 +02:00
Bram Matthys
b757d2eff0
Show set::sasl-server in '/STATS set'. Suggested by Gottem ( #0004997 ).
2017-09-06 08:44:12 +02:00
Bram Matthys
0da1fdb2d2
Fix possible crash in /STATS due to change from yesterday.
...
Other than that, some minor style and real things.
2017-09-02 08:27:55 +02:00
Bram Matthys
aa829bce12
New option link::verify-certificate [yes|no]. This will cause UnrealIRCd
...
to validate the certificate of the link, making sure that:
1) The certificate is issued by a trusted Certificate Authority (CA).
2) The name on the certificate matches the name of the link block.
Some things still need to be done: documentation, more testing, and
using the X509_check_host() function when available.
2017-09-01 17:10:29 +02:00
Bram Matthys
6d7be72f2b
Remove ssl option 'no-self-signed'. Use 'verify-certificate' instead.
...
Nobody used this option and it only caused the following confusing
(and potentially insecure) behavior:
Previously if you had 'verify-certificate' enabled then the certificate
would be checked, BUT if it was a self-signed certificate (and thus
not passing verify-cert) it was STILL allowed unless you also
specified the 'no-self-signed' option. This might be correct as per
documentation but is way too confusing for the user.
Now you simply have to choose whether you verify the certificate or
not. No special handling for self-signed certificates.
2017-09-01 08:55:01 +02:00
Bram Matthys
d53d46fce4
Add set::plaintext-policy block by which you can warn or deny user connections,
...
ircop /OPER attempts and incoming server linking attempts from connections
that are not encrypted with SSL/TLS.
Documentation: https://www.unrealircd.org/docs/Set_block#set::plaintext-policy
2017-08-16 19:39:28 +02:00
Bram Matthys
aae0971cf4
Add the ability to set specific ssl options in listen blocks and link blocks.
...
This allows you to for example specify a specific certificate/key on an
serversonly port and in link block (a self-signed 10 year valid certificate)
and use a short-lived (XX day) Let's Encrypt certificate on the other ports.
And several other uses, of course.
2016-12-29 08:37:15 +01:00
Bram Matthys
51b52f1767
Merge pull request #49 from grawity/ssl
...
Add an option to hide the notices about TLS parameters and fingerprint (set::options::no-connect-ssl-info)
2016-05-09 10:11:55 +02:00
Bram Matthys
8d562ededb
Remove support for EGD (Entropy Gathering Daemon). Nobody uses this and it only causes issues with LibreSSL.
2016-04-03 15:15:12 +02:00
Mantas MikulÄ—nas
e818ab1a16
Add an option to hide the notices about TLS parameters
2016-03-09 00:25:33 +02:00
Mantas MikulÄ—nas
5e9a74f0fd
Do not require set::services-server
...
Some places were already treating it as optional.
2016-03-09 00:25:05 +02:00
Bram Matthys
bf1e1502ba
Use #include "unrealircd.h" in all modules ( #4516 ).
2016-03-04 13:02:06 +01:00
Bram Matthys
1e25578c42
Add ability to hide quit messages of *LINEd users. Suggested by Aubrey, patch mostly from Zoddo ( #3993 ).
2016-02-29 14:22:49 +01:00
Bram Matthys
7610fbcea2
/STATS P (port): Show whether the listener is IPv4 or IPv6. Improve rest of the output as well.
2015-12-29 20:18:14 +01:00
Bram Matthys
8b45169f82
Get rid of $Id$ in /MODULE (version) output. Just report as "4.0"
2015-10-11 18:18:31 +02:00
Bram Matthys
a843cec6bc
like I said
2015-07-29 17:41:14 +02:00
Bram Matthys
09895c67f1
set::stats-server is optional, however if it was missing then if an oper did '/STATS S' the ircd would crash.
2015-07-29 16:03:45 +02:00
Bram Matthys
e627d3682c
pass by ref instead of pass by value for chmode_str()
2015-07-29 16:03:25 +02:00
Bram Matthys
0bcc8494b7
Fix some FIXME's. Remove unused set::dns::nameserver (actually it was a fallback if /etc/resolv.conf etc failed but.. well.. not anymore!)
2015-07-29 13:09:26 +02:00
Bram Matthys
2a53499610
Get rid of useless DLLFUNC prefixes (at places where they were not needed)
2015-07-25 20:23:37 +02:00
Bram Matthys
fd375ee284
Use CMD_FUNC() everywhere
2015-07-25 20:22:44 +02:00
Bram Matthys
13fffa4e1a
split all the local client stuff to acptr->local. makes it a lot easier to catch bugs.
...
If the IRCd crashes then it's likely not by this change but rather an existing issue that was previously gone unnoticed.
2015-07-19 12:48:18 +02:00
Bram Matthys
bbb121383b
Add who-may-execute-this in many CommandAdd()'s. Trying to remove all "unspecified" (0) ones... hopefully I made no mistake in this ;)
...
Update remote-permission check in ValidatePermissionsForPath to check at least IsOper.. may save us from some serious mistakes ;)
2015-07-12 15:32:11 +02:00
Bram Matthys
e8dfb284a1
Replace parv[0] with sptr->name. Don't use parv[0] anymore.
...
I went through all 500+ of them by hand as to avoid introducing bugs... we'll see ;)
2015-07-10 12:17:05 +02:00
Travis McArthur
fc38b1336a
Update security in m_stats
2015-07-09 13:39:08 -07:00
Travis McArthur
2450909c26
Change name of OperEval...
2015-07-09 12:31:45 -07:00
Bram Matthys
fe14e21175
Update all MOD_TEST/MOD_INIT/MOD_LOAD/MOD_UNLOAD calls to new format
2015-07-08 18:02:19 +02:00
Travis McArthur
752a34011d
Remove IsAnOper
2015-07-06 18:09:37 -07:00
Travis McArthur
b4e353d6e2
Refactor m_stats permission
2015-07-05 12:04:39 -07:00
Bram Matthys
bf56672249
remove set::hosts. use oper::vhost instead.
2015-06-26 09:22:33 +02:00
Bram Matthys
0f2af3f506
current 3.4.x git is really bleeding edge now, come back in a day or so:
...
* remove netadmin, services-admin, admin, co-admin.
* remove all oper flags (there are some placeholders for the next... <24hrs..)
* ADMINCHAT and NACHAT are gone, since admin & netadmin no longer exist
* SVSO used oper flags, but this no longer exists, SVSO removed. maybe later we can add some sort of replacement.. maybe..
* re-style the m_oper code a bit
2015-06-25 22:26:53 +02:00
Bram Matthys
e49563fc7c
Ugly oper::from::userhost is now oper::mask, vhost::from::userhost is now vhost::mask.
...
Coders: added generic mask functions: unreal_mask_match(), unreal_add_masks() and unreal_delete_masks().
These deal with one or multiple masks and do all the work for you ;)
2015-06-03 09:57:24 +02:00
Bram Matthys
8049136379
Restructure the entire link { } block ( #4032 ). Initial commit (missing autoconnect, ssl, etc).
2015-05-25 10:19:15 +02:00
Travis McArthur
aea09603a4
Remove USE_SSL macro and associated code
...
We no longer support non-SSL builds, remove related code
2015-05-20 02:48:34 -04:00
Bram Matthys
ee00bb2801
oh come on...
2014-07-20 21:26:36 +02:00
Travis McArthur
ec294b1373
Fix build for clang
2014-07-05 12:47:03 -07:00
Heero
e75cb1709d
[4246] Add set::link::bind-ip option to set default bind ip for link blocks
2014-06-03 23:39:30 -07:00
Bram Matthys
101d2dd6a3
Big 3.4.x commit containing bug fixes and enhancements. Modularizing
...
user & channel modes. Fixing Windows build. Etc..
2014-05-11 20:56:02 +02:00
William Pitcock
17f2ac31c5
- warning fixes
2013-05-24 23:13:32 +00:00
William Pitcock
afdf5d780a
- Replace ircsprintf() with bounds-checking ircsnprintf(), patch from FalconKirtaran. ( #4208 )
2013-05-21 06:26:52 +00:00
William Pitcock
d8d3156f43
- dbuf vestige cleanup: missed a spot
2013-05-20 16:39:34 +00:00
William Pitcock
b413848524
- TOK_FOO removal pass 2
2013-05-19 21:40:45 +00:00
William Pitcock
ca86485927
- Remove token parameter from CommandAdd().
2013-05-19 21:27:26 +00:00
William Pitcock
c41ca43145
- Remove ziplinks support, patch from FalconKirtaran. ( #4189 )
2013-05-16 06:36:13 +00:00
William Pitcock
4b9370b0a3
- Remove references to hunt_server_token() in modules.
2013-05-13 22:03:07 +00:00
William Pitcock
c47c75f103
- parser: remove TokenHash and related code
2013-05-13 04:35:00 +00:00