will not be called. This is used, for example, by m_cap when the CAP LS
handshake is still in progress. Modules can add their own requirements
as they see fit.
Note that, as for (CAP) functionality, this adds nothing new, it just
implements it in a cleaner way, rather than all over the place,
like in UnrealIRCd 4.x.
Such a variable suggests that we will never read past that, but that
is not the case, since we (correctly) assume that the buffer is
NUL terminated, which is ensured by dbuf_getmsg().
The 'length' is still available for informational purposes, to avoid
strlen()'s at various places.
Hm, I guess length can cause the same confusion as bufend, but still..
I like it better :D
This also includes buffer modifications to have a larger read buffer
and IRCv3 implementations (partial or not) for:
labeled-response, msgid, server-time, batch and account-tag.
As said, it is the initial and partial implementation.
There are still various FIXME's and TODO's, the API of various
functions may still change (actually that is true for the next
months, even) and some stuff is currently in the core that will
be moved to modules.
usually the fast badwords system is used instead)
* Code deduplication in src/modules/{chanmodes,usermodes}/censor.c
to src/match.c -- which may be moved later again to efuncs.
* Add --without-tre:
This means USE_TRE will be enabled by default right now
but if using --without-tre it will be undef'ed. This so we
can prepare for the TRE phase-out in 2020.
* Remove include/badwords.h, put contents in include/struct.h
The new question in ./Config now defaults to 'auto' (both for new installs
and for upgrades). You can still specify a manual limit but it is no longer
recommended.
A MAXCONNECTIONS of 'auto' means - at present - that UnrealIRCd will try
to set a limit of 8192. This is quite a bump from the original 1024.
On systems where this is not possible we will simply use the highest amount
possible, such as 4096 on many systems, or 1024.
In fact, we now no longer error when MAXCONNECTIONS is higher than the
'ulimit -n' limit but will adjust ourselves to the limit.
Only if the effective limit is below 100 we will print out a fatal error
since running in such a scenario is highly discouraged.
The reason for this change is that nowadays with drone attacks we may need
to be able to handle more concurrent sockets. Also, many Linux distro's
have a default setting of unlimited or 4096 nowadays, out of the box.
For people packaging UnrealIRCd (not end-users):
The ./configure --with-fd-setsize=xx option was removed and the
optional(!!) --with-maxconnections=xx option has been added.
We recommend you NOT to pass this option. Not passing it means that
the previously mentioned 'auto' mode will be used, which is likely
best for most users.
Module coders:
Although it is unlikely you accessed the 'MAXCLIENTS' variable,
if you did, it is now called 'maxclients' (lowercase) since it is
adjusted at runtime and no longer a macro.
encouraged to use CMD_OVERRIDE_FUNC(override_xyz) rather than declaring
the function themselves. This works similar to CMD_FUNC(somecmd).
Example:
/* Forward declaration */
CMD_OVERRIDE_FUNC(override_xyz);
[..]
MOD_LOAD(somemodule)
{
CmdoverrideAdd(modinfo->module, "XYZ", override_xyz);
[..]
CMD_OVERRIDE_FUNC(override_xyz)
{
/* Do something useful here */
Previously various information was only available for directly attached
servers, since it is communicated via PROTOCTL.
Now, we will also communicate information about leafs behind us.
IRCOps can use the /SINFO command to see these server features.
Services codes don't need to do anything, or at least are not expected
to do anything. They can still receive the information and do something
with it, of course...
Read the following technical documentation for full information,
as it will outline very specific rules for using the command S2S:
https://www.unrealircd.org/docs/Server_protocol:SINFO_command
of targets accepted for a command, eg /MSG nick1,nick2,nick3,nick4 hi.
Also changed the following defaults (previously hardcoded):
* PRIVMSG from 20 to 4 targets, to counter /amsg spam
* NOTICE from 20 to 1 target, to counter /anotice spam
* KICK from 1 to 4 targets, to make it easier for channel operators
to quickly kick a large amount of spambots
See https://www.unrealircd.org/docs/Set_block#set::max-targets-per-command
(actually still need to write the documentation)
There's now no longer a difference between a rehash or boot.
2) Other cleanups in s_conf.c as well. Looks better now.
3) Sort the 005 tokens alphabetically. Enforcing some other 'logical order'
was futile and this makes things consistent between rehashes.
For module coders this adds some new functions, such as IsupportSet,
IsupportSetFmt and IsupportDelByName. I'll document them later.
when servers link. Thus, you can see the real setter and time also after
a netsplit (/mode #channel b). This, unlike before, when setby was
name.of.server and time was the time of the synch.
This requires the entire network to run UnrealIRCd 4.2.2 or later.
Suggested by k4be in https://bugs.unrealircd.org/view.php?id=5183
Technical details: the PROTOCTL token to enable this is "SJSBY" and see
https://www.unrealircd.org/docs/Server_protocol:SJOIN_command for more
information, in particular the last section there.
that use outdated SSL/TLS protocols (eg: TLSv1.0) and ciphers.
The default settings are to warn in all cases: users connecting,
opers /OPER'ing up and servers linking in. The user will see a message
telling them to upgrade their IRC client.
This should help with migrating such users since in the future, say one
or two years from now, we would want to change the default to only allow
TSLv1.2+ with ciphers that provide Forward Secrecy. Instead of rejecting
clients without any error message, this provides a way to warn them and
give them some time to upgrade their outdated IRC client.
https://www.unrealircd.org/docs/Set_block#set::outdated-tls-policy
We previously introduced the "require sasl" block which allows you to
force users from certain IP addresses to authenticate with their nickname
and password via SASL. We now offer a new experimental module called
'saslemulation' which will help non-SASL users by showing a notice and
asking them to authenticate to their account via /AUTH <user>:<pass>.
See https://www.unrealircd.org/docs/Set_block#set::sasl-emulation
Note that this is work in progress, although the functionality of
already works. Still need to do some cleaning and expand the scope.
And more testing...
any other bans that will cause the user to be disconnected.
For technical details see the banned_client() function.
It's likely I made some mistakes somewhere => testing required!!
m_pass and m_topic.c when duplicating strings with a length limit.
+/* strldup(str,max) copies a string and ensures the new buffer
+ * is at most 'max' size, including nul byte. The syntax is pretty
+ * much identical to strlcpy() except that the buffer is newly
+ * allocated.
+ * If you wonder why not use strndup() instead?
+ * I feel that mixing code with strlcpy() and strndup() would be
+ * rather confusing since strlcpy() assumes buffer size including
+ * the nul byte and strndup() assumes without the nul byte and
+ * will write one character extra. Hence this strldup(). -- Syzop
+ */
On *NIX now always redirect stdin, stdout and stderr to /dev/null for
safety and to prevent any ssh hanging as reported by mbw (#5087).
This code needs some testing on non-Linux though it should be all
POSIX, unless I missed something... :)
listen::ssl-options, sni::ssl-options or link::outgoing::ssl-options
are used. In short: it only reloaded the ones from set::ssl until
now. Bug reported by Mr_Smoke (#5072)
module but at least the code can be updated on the fly (or replaced
with some other secondary alternative module in the future).
src/charsys.c -> src/modules/charsys.c
This also means everyone needs to load the modules/charsys module.
See https://www.unrealircd.org/docs/Nick_Character_Sets
Example: set { allowed-nickchars { latin-utf8; }; };
Important remarks:
* All your servers must be on UnrealIRCd 4.0.17 (or later)
* Most(?) services do not support this, so users using UTF8 nicknames
won't be able to register at NickServ.
* In set::allowed-nickchars you must either choose an utf8 language
or a non-utf8 character set. You cannot combine the two.
* You also cannot combine multiple scripts/alphabets, such as:
latin, greek, cyrillic and hebrew. You must choose one.
* If you are already using set::allowed-nickchars on your network
(eg: 'latin1') then be careful when migrating (to eg: 'latin-utf8'):
* Your clients may still assume non-UTF8
* If users registered nicks with accents or other special characters
at NickServ then they may not be able to access their account
after the migration to UTF8.
[!] Work in progress [!]
password "AHMYBevUxXKU/S3pdBSjXP4zi4VOetYQQVJXoNYiBR0=" { spkifp; };
This value will stay the same even for new SSL/TLS certificates,
as long as the key stays the same. This can be useful in case of
Let's Encrypt (if you use a tool that keeps the same key, that is,
certbot does not at the moment). Suggested by grawity (#5014).
Also make auth type 'sslclientcert' available as 'cert' and
make 'sslclientcertfp' available as 'certfp'.
Fix force-rejoin not working if doing SVSMODE -x/+x (Koragg, #5015).
Note to module coders:
Please use the following procedure in case of an user/host change:
* userhost_save_current(acptr);
* << change username or hostname here (or both) >>
* userhost_changed(acptr);
This function will take care of notifying other clients about
the userhost change, such as doing PART+JOIN+MODE if force-rejoin
is enabled, and sending :xx CHGHOST user host messages to
"CAP chghost" capable clients.
Also, small note to everyone:
If force-rejoin is enabled we will not send the PART+JOIN+MODE to
"CAP chghost" capable clients. Doing so is just a hack to notify
people of a userhost change. "CAP chghost" users can thus benefit
from the reduced noise in this respect.
Bram Matthys