The build tests were failing for tkldb save & restore. Cause was this:
if (tkl->ptr.serverban->match)
^ this is wrong.. because it doesn't check if tkl is a server ban
So it could be tkl->ptr.spamfilter->whatever_is_at_that_memory_offset
which is non-NULL.
Could have updated the code to an if (IsServerBan... && tkl->..etc..)
but decided to ditch this needless code altogether.
As this wasn't needed at all since it already skips config-based.
And all mask items bans are config-based.
One of those rare cases where trying to be extra careful actually
causes a fuckup.
Hmm... we should probably use json_expand_tkl() differently for match items
instead of returning "<match-item>" literally. Consider this a TODO item :D
This only happens for config-based bans that can't be removed anyway, so..
This so you can get the same spamreport data to your own custom system.
It works similar to set::central-blocklist::url but then on a
spamreport { } basis which is better, since then you can still
submit to UnrealIRCd central spamreport too.
So you can have two blocks:
spamreport unrealircd { type central-spamreport; }
spamreport custom { type central-spamreport; url 'https://www.example.org/xyz'; }
And then a /SPAMREPORT or 'report;' action will report it to BOTH.
Requested by Chris
* restrict-commands: add option 'channel-create' for managing who may create new channels.
This has been a commonly requested feature with different requested options, I think it makes sense to do it properly from here
Reported by Valware. E.g. if HOOKTYPE_CAN_JOIN rejects the join
when it is a new channel.
( And yeah... +P channels are not destroyed... handled in
sub1_from_channel() -> HOOKTYPE_CHANNEL_DESTROY already. )
There was an incorrect OperOverride message if you were had +h, +a or +q
and was kicking someone that you should normally be able to (without override).
This requires quite a bit of further testing, though, it's so easy to get
this wrong. The FIXME still stands to fix this for good some day.
Reported by Valware in https://bugs.unrealircd.org/view.php?id=6423
Reported by hnj in https://bugs.unrealircd.org/view.php?id=6418
Appears to have been introduced as part of the 6.x refactor of secret/private channel modes in 8066c13876
Also adjust message for ERR_OPERSPVERIFY to include channel name.
This is to correspond closer to other similar numerics around this area, as well as agreeing with the definition within modern.
crule is used outside security groups / spamfilter, like in
deny link { }.
Also update the match_realname() since via the extban code it would
use match_esc() which is rather confusing if you have double (or
perhaps even triple) escaping when using this in the conf.
Otherwise in pre-connect-stage is_identified(), is_webirc()
and is_websocket() will always return false due to the
IsUser() check.
One should always be careful with accessing things in pre-
connect-stage, but in this case the IsLoggedIn() and
moddata_client_get() are safe to use. The former checks
client->user and the latter does not access anything within
client->user at all.
Note that this is still a dumb interface and not a real proper
authentication framework.
This adds HOOKTYPE_SASL_AUTHENTICATE and HOOKTYPE_SASL_MECHS and
also provides 3 functions: sasl_succeeded(), sasl_failed() and
a helper function decode_authenticate_plain() for AUTHENTICATE PLAIN.
* Add more [Crule](https://www.unrealircd.org/docs/Crule) functions:
* `is_tls()` returns true if the client is using SSL/TLS
* `in_security_group('known-users')` returns true if the user is in the
specified [security group](https://www.unrealircd.org/docs/Security-group_block).
* `match_mask('*@*.example.org')` or `match_mask('*.example.org')`
returns true if client matches mask.
* `match_ip('192.168.*')` or with CIDR like `match_ip('192.168.0.0/16')`
returns true if IP address of client matches.
And update release notes:
* Add more [Crule](https://www.unrealircd.org/docs/Crule) functions:
* `is_away()` returns true if the client is currently away
* `has_user_mode('x')` returns true if all the user modes are set on the
client.
* `has_channel_mode('x')` can be used for spamfilters with a destination
channel, such as messages: it returns true if all specified channel modes
are set on the channel.
This adds two new functions to Crule:
- `has_umode()` which expects a parameter of one or more mode chars, returns true (1) if all of them match, otherwise returns false (0)
- `is_away()` which expects no parameter which simply matches whether the user is set as away as a boolean
or require authentication { } block.
And the connecting user would get a message every second, which was
a bit floody ;D.
Repoerted by GHF in https://bugs.unrealircd.org/view.php?id=6375
This fixes a bug where if you run ./Config with 'auto' file descriptors,
and then have an unusually low 'ulimit -n' of like 150, you would end up
with a negative amount of file descriptors available for use.
This fix moves it from compile-time setting of reserved fd's to runtime
setting.
All this is wrong, by the way, but that is for another major overhaul,
at least this bug is fixed now :D
https://github.com/unrealircd/unrealircd/pull/265 by Valware
"This is an IRCv3 extension which lets clients opt-out of receiving /names on join.
This is useful for bots on large channels who do not need to know who is in the channel.
Specification: https://ircv3.net/specs/extensions/no-implicit-names"
+ module rename from 'no-implicit-names-cap' to 'no-implicit-names'
(simply because no other modules has that -cap suffix)
+ update to Makefile.windows
Calling spamfilter for TAGMSG makes no sense as the text is "" (empty) :D
If you want to filter message tags, have a look at spamfilter type 'T',
which filters individual message-tags (not just the ones in TAGMSG but
also for PRIVMSG and NOTICE).
[skip ci]
Previously the same code caused no problem, but then
2fcb5b4669 changed the read buffer
size to 16384.
Since then (6.1.2.x) the webserver_handle_request_header() function
was sometimes cutting 1 byte off the packet due to sizeof(netbuf)-1
which was 16383 bytes. We now no longer use a fixed value and
allocate memory dynamically on the heap.
This fixes the bug that I was seeing but this change still needs
serious extra testing as it may affect websockets and RPC!