1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-09 11:33:13 +02:00
Commit Graph

92 Commits

Author SHA1 Message Date
Bram Matthys 2509482e02 Update UnrealIRCd version 2018-09-28 09:31:35 +02:00
Bram Matthys 147ae3012b Get rid of about a million (now) useless casts and some re-indenting. 2018-04-22 10:29:36 +02:00
Bram Matthys 66143927e0 In /STATS S display throttling as anti-flood::connect-flood, as that
is the new name (since about 2 years).
2017-10-08 09:12:46 +02:00
Bram Matthys 3d38adff4f Rename config.h setting CLIENT_FLOOD to DEFAULT_RECVQ since that is what
it is. You should simply set a class::recvq instead of changing this
in config.h.
2017-10-07 09:29:47 +02:00
Bram Matthys 885e474211 Removed option in config.h to disable NO_FLOOD_AWAY. You can already
tweak or disable this via set::anti-flood::away-flood.
2017-10-07 09:25:45 +02:00
Bram Matthys b757d2eff0 Show set::sasl-server in '/STATS set'. Suggested by Gottem (#0004997). 2017-09-06 08:44:12 +02:00
Bram Matthys 0da1fdb2d2 Fix possible crash in /STATS due to change from yesterday.
Other than that, some minor style and real things.
2017-09-02 08:27:55 +02:00
Bram Matthys aa829bce12 New option link::verify-certificate [yes|no]. This will cause UnrealIRCd
to validate the certificate of the link, making sure that:
1) The certificate is issued by a trusted Certificate Authority (CA).
2) The name on the certificate matches the name of the link block.
Some things still need to be done: documentation, more testing, and
using the X509_check_host() function when available.
2017-09-01 17:10:29 +02:00
Bram Matthys 6d7be72f2b Remove ssl option 'no-self-signed'. Use 'verify-certificate' instead.
Nobody used this option and it only caused the following confusing
(and potentially insecure) behavior:
Previously if you had 'verify-certificate' enabled then the certificate
would be checked, BUT if it was a self-signed certificate (and thus
not passing verify-cert) it was STILL allowed unless you also
specified the 'no-self-signed' option. This might be correct as per
documentation but is way too confusing for the user.
Now you simply have to choose whether you verify the certificate or
not. No special handling for self-signed certificates.
2017-09-01 08:55:01 +02:00
Bram Matthys d53d46fce4 Add set::plaintext-policy block by which you can warn or deny user connections,
ircop /OPER attempts and incoming server linking attempts from connections
that are not encrypted with SSL/TLS.
Documentation: https://www.unrealircd.org/docs/Set_block#set::plaintext-policy
2017-08-16 19:39:28 +02:00
Bram Matthys aae0971cf4 Add the ability to set specific ssl options in listen blocks and link blocks.
This allows you to for example specify a specific certificate/key on an
serversonly port and in link block (a self-signed 10 year valid certificate)
and use a short-lived (XX day) Let's Encrypt certificate on the other ports.
And several other uses, of course.
2016-12-29 08:37:15 +01:00
Bram Matthys 51b52f1767 Merge pull request #49 from grawity/ssl
Add an option to hide the notices about TLS parameters and fingerprint (set::options::no-connect-ssl-info)
2016-05-09 10:11:55 +02:00
Bram Matthys 8d562ededb Remove support for EGD (Entropy Gathering Daemon). Nobody uses this and it only causes issues with LibreSSL. 2016-04-03 15:15:12 +02:00
Mantas MikulÄ—nas e818ab1a16 Add an option to hide the notices about TLS parameters 2016-03-09 00:25:33 +02:00
Mantas MikulÄ—nas 5e9a74f0fd Do not require set::services-server
Some places were already treating it as optional.
2016-03-09 00:25:05 +02:00
Bram Matthys bf1e1502ba Use #include "unrealircd.h" in all modules (#4516). 2016-03-04 13:02:06 +01:00
Bram Matthys 1e25578c42 Add ability to hide quit messages of *LINEd users. Suggested by Aubrey, patch mostly from Zoddo (#3993). 2016-02-29 14:22:49 +01:00
Bram Matthys 7610fbcea2 /STATS P (port): Show whether the listener is IPv4 or IPv6. Improve rest of the output as well. 2015-12-29 20:18:14 +01:00
Bram Matthys 8b45169f82 Get rid of $Id$ in /MODULE (version) output. Just report as "4.0" 2015-10-11 18:18:31 +02:00
Bram Matthys a843cec6bc like I said 2015-07-29 17:41:14 +02:00
Bram Matthys 09895c67f1 set::stats-server is optional, however if it was missing then if an oper did '/STATS S' the ircd would crash. 2015-07-29 16:03:45 +02:00
Bram Matthys e627d3682c pass by ref instead of pass by value for chmode_str() 2015-07-29 16:03:25 +02:00
Bram Matthys 0bcc8494b7 Fix some FIXME's. Remove unused set::dns::nameserver (actually it was a fallback if /etc/resolv.conf etc failed but.. well.. not anymore!) 2015-07-29 13:09:26 +02:00
Bram Matthys 2a53499610 Get rid of useless DLLFUNC prefixes (at places where they were not needed) 2015-07-25 20:23:37 +02:00
Bram Matthys fd375ee284 Use CMD_FUNC() everywhere 2015-07-25 20:22:44 +02:00
Bram Matthys 13fffa4e1a split all the local client stuff to acptr->local. makes it a lot easier to catch bugs.
If the IRCd crashes then it's likely not by this change but rather an existing issue that was previously gone unnoticed.
2015-07-19 12:48:18 +02:00
Bram Matthys bbb121383b Add who-may-execute-this in many CommandAdd()'s. Trying to remove all "unspecified" (0) ones... hopefully I made no mistake in this ;)
Update remote-permission check in ValidatePermissionsForPath to check at least IsOper.. may save us from some serious mistakes ;)
2015-07-12 15:32:11 +02:00
Bram Matthys e8dfb284a1 Replace parv[0] with sptr->name. Don't use parv[0] anymore.
I went through all 500+ of them by hand as to avoid introducing bugs... we'll see ;)
2015-07-10 12:17:05 +02:00
Travis McArthur fc38b1336a Update security in m_stats 2015-07-09 13:39:08 -07:00
Travis McArthur 2450909c26 Change name of OperEval... 2015-07-09 12:31:45 -07:00
Bram Matthys fe14e21175 Update all MOD_TEST/MOD_INIT/MOD_LOAD/MOD_UNLOAD calls to new format 2015-07-08 18:02:19 +02:00
Travis McArthur 752a34011d Remove IsAnOper 2015-07-06 18:09:37 -07:00
Travis McArthur b4e353d6e2 Refactor m_stats permission 2015-07-05 12:04:39 -07:00
Bram Matthys bf56672249 remove set::hosts. use oper::vhost instead. 2015-06-26 09:22:33 +02:00
Bram Matthys 0f2af3f506 current 3.4.x git is really bleeding edge now, come back in a day or so:
* remove netadmin, services-admin, admin, co-admin.
* remove all oper flags (there are some placeholders for the next... <24hrs..)
* ADMINCHAT and NACHAT are gone, since admin & netadmin no longer exist
* SVSO used oper flags, but this no longer exists, SVSO removed. maybe later we can add some sort of replacement.. maybe..
* re-style the m_oper code a bit
2015-06-25 22:26:53 +02:00
Bram Matthys e49563fc7c Ugly oper::from::userhost is now oper::mask, vhost::from::userhost is now vhost::mask.
Coders: added generic mask functions: unreal_mask_match(), unreal_add_masks() and unreal_delete_masks().
These deal with one or multiple masks and do all the work for you ;)
2015-06-03 09:57:24 +02:00
Bram Matthys 8049136379 Restructure the entire link { } block (#4032). Initial commit (missing autoconnect, ssl, etc). 2015-05-25 10:19:15 +02:00
Travis McArthur aea09603a4 Remove USE_SSL macro and associated code
We no longer support non-SSL builds, remove related code
2015-05-20 02:48:34 -04:00
Bram Matthys ee00bb2801 oh come on... 2014-07-20 21:26:36 +02:00
Travis McArthur ec294b1373 Fix build for clang 2014-07-05 12:47:03 -07:00
Heero e75cb1709d [4246] Add set::link::bind-ip option to set default bind ip for link blocks 2014-06-03 23:39:30 -07:00
Bram Matthys 101d2dd6a3 Big 3.4.x commit containing bug fixes and enhancements. Modularizing
user & channel modes. Fixing Windows build. Etc..
2014-05-11 20:56:02 +02:00
William Pitcock 17f2ac31c5 - warning fixes 2013-05-24 23:13:32 +00:00
William Pitcock afdf5d780a - Replace ircsprintf() with bounds-checking ircsnprintf(), patch from FalconKirtaran. (#4208) 2013-05-21 06:26:52 +00:00
William Pitcock d8d3156f43 - dbuf vestige cleanup: missed a spot 2013-05-20 16:39:34 +00:00
William Pitcock b413848524 - TOK_FOO removal pass 2 2013-05-19 21:40:45 +00:00
William Pitcock ca86485927 - Remove token parameter from CommandAdd(). 2013-05-19 21:27:26 +00:00
William Pitcock c41ca43145 - Remove ziplinks support, patch from FalconKirtaran. (#4189) 2013-05-16 06:36:13 +00:00
William Pitcock 4b9370b0a3 - Remove references to hunt_server_token() in modules. 2013-05-13 22:03:07 +00:00
William Pitcock c47c75f103 - parser: remove TokenHash and related code 2013-05-13 04:35:00 +00:00