1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-04 12:13:13 +02:00
Commit Graph

3100 Commits

Author SHA1 Message Date
Bram Matthys 25d5a2ac64 Fix possible crash on SETNAME with spamfilter 'u'.
[skip ci]
2023-10-06 07:19:04 +02:00
Bram Matthys 3d9233baab Fix tkldb storing (and restoring) central spamfilters.
These should not be in tkldb, just like config-based spamfilters are not.
2023-10-06 07:08:22 +02:00
Bram Matthys 43240e4557 Don't allow central spamfilter without 'reason' 2023-10-06 07:00:44 +02:00
Bram Matthys 8398c8cd8d Don't crash when reading spamfilters from tkldb that don't compile (anymore).
For example, because of a different version of PCRE2, or because of the switch
from non-UTF8 to UTF8 (or vice versa) which disallows certain byte sequences.
2023-10-05 17:37:06 +02:00
Bram Matthys 088d2595d5 Fix crash on REHASH with crule (such as spamfilter::rule).
This happens when !, || or && are used, though the exact requirements
for the crash may also require a function with arguments.

Reported by BlackBishop.
2023-10-04 10:14:09 +02:00
Bram Matthys 311f7397f5 Fix NULL pointer crash due to reputation code changes from yesterday 2023-09-18 09:19:53 +02:00
Bram Matthys b234e13358 Don't bump reputation scores anymore for users who are in no channels or
when they are only in channel(s) with very low member counts.

This because some typical bot/drone behavior is not to join any channels.
This kinda forces them to expose themselves a bit more (and if they don't,
they don't get more reputation).

The downside is for the unusual case where a legit chatter would be on
the network but not joining any channels, but that is rare. In any case,
this setting can be adjusted if that is typical or more normal behavior
on your network :D.

* The [reputation score](https://www.unrealircd.org/docs/Reputation_score)
  of connected users (actually IP's) is increased every 5 minutes. We still
  do this, but only for users who are at least in one channel that has 3
  or more members. This setting is tweakable via
  [set::reputation::score-bump-timer-minimum-channel-members](https://www.unrealircd.org/docs/Set_block#set::reputation).
  Setting this to 0 means to bump scores also for people who are in no
  channels at all, which was the behavior in previous UnrealIRCd versions.
2023-09-17 11:47:34 +02:00
Bram Matthys 4e070b8034 Use client:set:reputation oper privilege for latest change
[skip ci]
2023-09-17 09:58:21 +02:00
Bram Matthys f3538f07d9 Support setting of reputation via /REPUTATION <nick|ip> <value>
Useful for testing and.. well.. perhaps other things.
2023-09-17 09:55:59 +02:00
Bram Matthys 97630b4717 Allow setting reputation in https://www.unrealircd.org/docs/Actions via
action { set REPUTATION--; } and similar.

Also enhancement to reputation S2S traffic, to support decreasing:
  *
+ * Since UnrealIRCd 6.0.2+ there is now also asterisk-score-asterisk:
+ * :server REPUTATION 1.2.3.4 *2*
+ * The leading asterisk means no reply will be sent back, ever, and the
+ * trailing asterisk will mean it is a "FORCED SET", which means that
+ * servers should set the reputation to that value, even if it is lower.
+ * This way reputation can be reduced and the reducation can be synced
+ * across servers, which was not possible before 6.0.2.
+ *

So if you are actually decreasing reputation, you need all servers on
6.0.2 or higher for it to work properly, otherwise the other servers
don't decrease it, and next connect the highest wins again, etc.
2023-09-17 09:39:55 +02:00
Bram Matthys 55eaa7bbea Add set::blacklist::recheck-time 'never' to disable rechecking and document
this and blacklist::recheck.
2023-09-09 11:20:32 +02:00
Bram Matthys ddf6dea22d Add blacklist::recheck to skip a dnsbl from rechecks.
Suggested by BlackBishop in https://bugs.unrealircd.org/view.php?id=6307
2023-09-09 11:09:01 +02:00
Bram Matthys bcc07b1591 Integrate third/blacklistrecheck functionality (set::blacklist::recheck-time)
https://www.unrealircd.org/docs/Set_block#set::blacklist::recheck-time
2023-09-06 16:31:55 +02:00
Bram Matthys 89b2d91084 In HOOKTYPE_PRE_CHANMSG the mtags is now a MessageTag **,
so a pointer-to-a-pointer rather than a pointer, to allow stripping
message tags by modules. Needed for a module from Valware.
2023-08-19 17:26:14 +02:00
Bram Matthys d63a8cf2d5 Show who actually tried to use a banned nick.
Reported by Amiga600 in https://bugs.unrealircd.org/view.php?id=6300
Inspired by patch from Valware in https://github.com/unrealircd/unrealircd/pull/255
2023-08-19 12:17:00 +02:00
Bram Matthys 2665cec73b Fix crash when ~security-group:securitygroup is used in conf (so old style
in eg ban user::mask).
Reported by BlackBishop in https://bugs.unrealircd.org/view.php?id=6319
2023-07-26 12:45:49 +02:00
Bram Matthys 50753b4678 Make central spamfilters require an 'id', and ignore for non-central.
At least for now...
2023-07-21 12:26:02 +02:00
Bram Matthys cd19198e3b Spamfilter fixes: prevent actions that are currently config-only from
being added by other servers and being able to spread to areas of
which the code is currently not ready for ('set', 'report', 'stop').
2023-07-20 14:50:40 +02:00
Bram Matthys e54382fe95 Use (*errors)++ consistently.
This fixes one bug from yesterday in securitygroup.c:258,
fixes 2 (harmless) warnings and other than that just style.
2023-07-17 09:03:03 +02:00
Bram Matthys 937236126f Add new spamfilter type 'raw' which matches against a raw command/protocol line.
SPAMFILTER add -simple R block - Hi_there! LIST*

Though it is more useful in complex spamfilter rules in the conf, presumably.
2023-07-16 19:47:43 +02:00
Bram Matthys 3e2f668f10 Revert antimixedutf8 changes from earlier, back to 6.1.1(.1) version again. 2023-07-16 17:27:47 +02:00
Bram Matthys b272b6700a Add security-group::rule support, see https://www.unrealircd.org/docs/Crule 2023-07-16 12:09:01 +02:00
Bram Matthys 59c6c99ba3 spamfilter::rule: add destination('#xyz') support (supports wildcards) 2023-07-16 11:29:53 +02:00
Bram Matthys 13bb09aa4b crule: add inchannel('#xyz'), and inchannel('@#needopshere') works too 2023-07-16 11:22:02 +02:00
Bram Matthys b1d0a05638 Make 'channel' work in security groups. 2023-07-16 11:06:42 +02:00
Bram Matthys 9b11366a8e crule: code cleanups / conform a bit more to unrealircd style 2023-07-16 10:52:03 +02:00
Bram Matthys b325f88795 crule/spamfilter: pass text in crule context, not used yet, but could
be useful in some future crule function.
[skip ci]
2023-07-16 10:46:39 +02:00
Bram Matthys 2beefcd2ee crule: remove CR_DEBUG, bump some limits and remove collapse() call 2023-07-16 10:40:11 +02:00
Bram Matthys 08cb0fc05d Move crule to a module, so we can hot-patch if needed in the future.
This is a mandatory module to load, and included in modules.default.conf.

This also meant that the crule_test() etc efunctions are available
before running config test routines, so we now have a flag for
early efuncs. I guess we could consider doing that for all efuncs
though, so not sure if this flag is really needed.
2023-07-16 10:33:25 +02:00
Bram Matthys cdc14569a9 Warn on plaintext oper::password in conf and even go as far as
generating the password hashes and suggesting using those.

This also starts the initial work on set::best-practices
https://www.unrealircd.org/docs/Set_block#set::best-practices
with hashed-passwords as the first setting there.
2023-07-15 19:02:31 +02:00
Bram Matthys 202665ec87 For watch away notification, a user who is away could change their nick,
and that nick could be on someones watch list. In such a case we
should not only send RPL_LOGON but also a RPL_GONEAWAY.

Reported by Khaled and fix suggested by Khaled & Sadie.
2023-07-15 16:47:55 +02:00
Bram Matthys 934b0b1ea1 WATCH away notification: fix RPL_GONEAWAY and RPL_REAWAY not being sent
due to wrong event name being used. Noticed this bug in U6 (and
this bug does not exist in U5) after being pointed at watch away
notification again.
2023-07-15 16:41:21 +02:00
Bram Matthys a153a2cce3 Change definition of parse_ban_action_config(), was too easy to leak memory.
Often you have default values for the config, and then a subsequent config
parsing run would overwrite the return value (= memory leak), merging/appending
would make no sense either, so it would force a free in all code before
calling us, well... let's just deal with it ourselves instead then ;)
2023-07-14 08:08:47 +02:00
Bram Matthys c2419e0f40 Implement spamreport::rate-limit 2023-07-11 20:19:00 +02:00
Bram Matthys e9716d3ce6 Fix compile problem on Windows
[skip ci]
2023-07-11 16:26:35 +02:00
Bram Matthys 2440714d13 Fix tkldb crash, had to do with stealing references. 2023-07-11 14:46:19 +02:00
Bram Matthys 4c3d2a6d6d Fix write bug in tkldb and add spamfilter::action stop.
The spamfilter::action stop ill prevent processing other spamfilters.
This would normally be a bit unusual, and potentially dangerous when you
do exclude things this way, but can be useful in some circumstances.

Stopping only affects the same type of spamfilters (general or central
spamfilters), so they don't interfere.

The tkldb write DB bug had to do with that it was processing
central spamfilters, which should be skipped just like config
based spamfilters were already skipped.
2023-07-11 14:32:11 +02:00
Bram Matthys 32701e6f99 Central spamfilter: don't stop processing on 1 bad spamfilter block. 2023-07-11 13:34:28 +02:00
Bram Matthys 018efd8366 Fix crash in spamfilter { } block handling due to unitialized variable 2023-07-11 12:15:01 +02:00
Bram Matthys f333aa0c09 New option set::spamfilter::show-message-content-on-hit:
you can now configure to hide the message content in spamfilter hit
messages. Generally it is very useful to see if a spamfilter hit is
correct or not, so the default is 'always', but it also has privacy
implications so there is now this option to disable it.

Suggested by alice, quite a while ago.

https://www.unrealircd.org/docs/Set_block#set::spamfilter::show-message-content-on-hit

Also as mentioned there:
UnrealIRCd has the following spying countermeasure (for many years) to help
that spamfilters are not abused for spying. When a spamfilter hit happens
that has an action like gline or blocking, it is visible to the user that an
action was taken. There is also the action 'warn', which means: take no
action and only warn IRCOps, that one would be easy to use as a spy tool, so
when this happens and message content was revealed, numeric 659
(RPL_SPAMCMDFWD) is sent to the client to indicate that the message is
allowed through but IRCOps were informed.
With this new set::spamfilter::show-message-content-on-hit feature, when
the message content was hidden due to this setting (eg due to 'never' or
'channel-only'), the warn message will not be sent as there is no need to
inform the user in such a case.
2023-07-11 12:11:26 +02:00
Bram Matthys 4df6ed7f9a Get rid of duplicate "spamfilter hit" code. 2023-07-11 11:42:06 +02:00
Bram Matthys f277880fb3 Add set::central-spamfilter::limit-ban-action and ::limit-ban-time
to limit actions to limit-ban-action as the highest, and limit
ban times to limit-ban-time the highest, see
https://www.unrealircd.org/docs/Central_Spamfilter

This also changes highest_spamfilter_action() to highest_ban_action().
2023-07-11 10:17:51 +02:00
Bram Matthys 15b9255b0e Add spamfilter::except as an alternative for spamfilter::rule and upd rls notes 2023-07-10 12:12:25 +02:00
Bram Matthys c18c79e88b Add spamfilter hits and hits for exempted users.
* This means we always run spamfilters, even if users are exempts
* This way we can gather hits for exempted users on individual
  spamfilter entries, and possibly detect false positives
  (which relies on the assumption that those users are innocent)
* The hit counters are shown in in RPL_STATSSPAMF and also
  exposed via the JSON-RCP API.
* This commit also adds set::central-spamfilter::except but more
  on that later since i still want to set a default for that in
  a future commit.
* This also changes take_action() to take flags and adds the
  option TAKE_ACTION_SIMULATE_USER_ACTION which i intended to
  use but didn't in the end... not sure if i should keep it :D
2023-07-10 11:30:51 +02:00
Bram Matthys d25fdeb950 Some more BanAction fixes/improvements:
* stats S one thingy (multi-actions)
* STATS spamfilter (multi-actions)
* warn w/user target ('u') if using multi-actions
* moving some code
2023-07-09 16:27:40 +02:00
Bram Matthys e26ff1e9cf Add antimixedutf8::action warn handling, and fix generic handling in git version. 2023-07-09 16:20:42 +02:00
Bram Matthys 51a97602ee Fix antirandom::action warn handling in current git.
Reported by Han`.
2023-07-09 16:12:19 +02:00
Bram Matthys 9e2232ef72 For DroneBL spam submissions use "Content-Type: text/xml".
This also bumps the request size limit a bit.
2023-07-09 14:03:35 +02:00
Bram Matthys a68fa03ab5 Fix some small memory leaks on REHASH and fix compile warning w/gcc. 2023-07-09 13:39:00 +02:00
Bram Matthys 3250c7c0b4 Add some temporary safety mechanism if too many HTTP(S) requests in progress.
Will allow tweaking in config later. This is separate from rate-limit btw,
which also still needs to be done.
2023-07-09 13:21:16 +02:00