1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-08 15:13:13 +02:00
Commit Graph

126 Commits

Author SHA1 Message Date
Travis McArthur 3b98eac4a9 Remove unnecessary gotos 2015-05-31 21:46:32 -04:00
Bram Matthys 58bd3cf60b Preparations for #4356 (experimental / on-going):
* add general matching framework (aMatch type, unreal_match_xxx functions)
* change spamfilter { } block syntax
* add support for simple wildcard matching (non-regex, just '?' and '*')
This is the initial commit so the new lib is not in yet, 'regex' is not
functional (but 'posix' and 'simple' are working), linking has not been
fully tested and no warnings are printed yet. IOTW: work in progress!
2015-05-30 21:11:11 +02:00
Bram Matthys 28c2e83cc4 actually call moddata_free_client() :) 2015-05-18 16:48:24 +02:00
Adam 996c084d6f Fix secureonly 2014-08-26 10:46:45 -04:00
Travis McArthur ec294b1373 Fix build for clang 2014-07-05 12:47:03 -07:00
Heero 4956d01e34 Add +D/+d and remove +u
Permits users to add +D mode to hide join/part notifications except for +vohaq
until a user speaks
[#2906] Reported by Tranqer
2014-06-04 01:13:22 -07:00
Bram Matthys 101d2dd6a3 Big 3.4.x commit containing bug fixes and enhancements. Modularizing
user & channel modes. Fixing Windows build. Etc..
2014-05-11 20:56:02 +02:00
William Pitcock 63b56b04fb - clean up exit_client() more 2013-05-24 20:56:04 +00:00
William Pitcock 751306f3e3 - refactor exit_client() 2013-05-24 20:44:20 +00:00
William Pitcock afdf5d780a - Replace ircsprintf() with bounds-checking ircsnprintf(), patch from FalconKirtaran. (#4208) 2013-05-21 06:26:52 +00:00
William Pitcock b02069f944 - Generate UIDs for local clients. 2013-05-20 22:00:24 +00:00
William Pitcock 61fe014771 - Remove sendto_server_butone() and friends, now everything uses sendto_server(). (#4202)
Patch from FalconKirtaran.
2013-05-20 01:21:45 +00:00
William Pitcock befbb8b691 - Replace sendto_serv_butone_quit() with 2013-05-19 22:16:34 +00:00
William Pitcock 67669c0299 - core: remove references to sendto_serv_butone_token() and friends 2013-05-14 01:26:41 +00:00
William Pitcock 2903ca4bad - Fix state corruption in NOQUIT code due to API changes. 2013-05-09 01:39:23 +00:00
William Pitcock 2ea5301896 - Rework the listener system to not use Client table entries. 2012-11-25 02:46:39 +00:00
William Pitcock 33bffb336f - Use lists instead of looping on LastSlot in a few places. 2012-11-24 21:19:32 +00:00
William Pitcock 275b4f507d - Replace oper_fdlist with oper_list. 2012-11-24 20:45:11 +00:00
William Pitcock 024ef23ec6 - Move serv_fdlist accounting over to new server_list. 2012-11-24 19:56:10 +00:00
William Pitcock f09b1ac4d4 - Rename aClient.client_list to aClient.client_node to avoid confusion 2012-11-21 23:03:28 +00:00
William Pitcock 9853fa54f4 - Rework the client management code to use a circular queue and set of
circular queues for hashtable.
2012-11-21 22:49:32 +00:00
William Pitcock ab5e766d9c - Replace calls to strncpyzt() macro with more secure strlcpy().
This was done using Coccinelle, the semantic patch was:

  @@
  expression src, dst, len;
  @@

  - strncpyzt(src, dst, len);
  + strlcpy(src, dst, len);
2012-11-21 03:22:29 +00:00
William Pitcock 856be31a8d - Exorcize HTM (heavy traffic mode) from Unreal.
This is partially for the sake of Stskeeps, even though he left the
  project long ago, but mainly so we can work towards dynamic ticks in
  the event loop while guaranteeing latencies for connected clients,
  even with fakelag.
2012-11-05 05:49:04 +00:00
Bram Matthys dddc8f07e4 PROTOCTL EAUTH/SERVERS/new linking protocol:
- Server protocol: added PROTOCTL EATH=servername, which allows us to
  authenticate the server very early in the handshake process. That way,
  certain commands and PROTOCTL tokens can 'trust' the server.
  See doc/technical/protoctl.txt for details.
- Server protocol: between new Unreal servers we now do the handshake a
  little bit different, so it waits with sending the SERVER command until
  the first PROTOCTL is received. Needed for next.
- Server protocol: added PROTOCTL SERVERS=1,2,3,4,etc by which a server can
  inform the other server which servers (server numeric, actually) it has
  linked. See doc/technical/protoctl.txt and next for details.
- When our server was trying to link to some server, and at the same time
  another server was also trying to link with us, this would lead to a
  server collision: the server would link (twice) ok at first, but then a
  second later or so both would quit with 'Server Exists' with quite some
  mess as a result. This isn't unique to Unreal, btw.
  This happened more often when you had a low connfreq in your link blocks
  (aka: quick reconnects), or had multiple hubs on autoconnect (with same
  connfreq), or when you (re)started all servers at the same time.
  This should now be solved by a new server handshake design, which detects
  this race condition and solves it by closing one of the two (or more)
  connections to avoid the issue.
  This also means that it should now be safe to have multiple hubs with low
  connfreq's (eg: 10s) without risking that your network falls apart.
  This new server handshake (protocol updates, etc) was actually quite some
  work, especially for something that only happened sporadically. I felt it
  was needed though, because (re)linking stability is extremely important.
  This new feature/design/fix requires extensive testing.
  This feature can be disabled by: set { new-linking-protocol 0; };
2010-01-01 19:49:06 +00:00
Bram Matthys 5daa5216ac - Added some countermeasures against crash-on-boot, #0003725 and #0003653,
reported by Ablom2008 and mist26.
2008-12-22 16:17:17 +00:00
Bram Matthys 1b587dcbff - #0002844 reported by RandomNumber: make spamfilter actions case insensitive 2007-04-30 19:45:44 +00:00
Bram Matthys ac79932314 - Kick non-SSL users when the channel turns out to be +z during netmerge, reported by
Ron2K (#0002942).
(patch 90% by Trocotronic)
2006-09-15 12:29:01 +00:00
Bram Matthys e265c08729 - Module coders: For cloaking, added a new callback type CALLBACKTYPE_CLOAK_EX (which replaces
CALLBACKTYPE_CLOAK). This passes 'aClient *sptr, char *host' instead of only 'char *host'
  to the cloaking module, which can be useful if you need to cloak on something other than
  IP/host. Suggested by fez (#0002275).
  Module may still provide only CALLBACKTYPE_CLOAK though, in fact this is what the official
  cloaking module does. So no updating of cloaking modules needed.
  A side-effect of this "extra cloaking" callback is that we needed to change make_virthost()
  which now has an extra parameter in front, and another side-effect is that calling the
  CALLBACKTYPE_CLOAK may not work since only *_EX might be available. To my knowledge there
  are very few modules (only 1 I know) that will have a problem due to this, so sounds like
  an affordable tradeoff.
2006-04-29 14:49:36 +00:00
Bram Matthys 8607d950b7 - Made the IRCd calculate the cloaked host only once upon connect, and store (cache) it.
- When checking if a user is banned, we always check the cloakhost too. Previously we could
  not do this if the user had a /VHOST (=a minority of the cases, but still...). In short,
  this is some extra protection to combat ban evasion.
- Performance of is_banned() *slightly* improved (just 1-2 usec, but 7 usec if no bans).
- [Module coders] For extban routines, we now offer a routine extban_is_banned_helper(buf)
  which can be used instead of the ban_realhost/etc static chars stuff, see
  extban_modeq_is_banned for a (real-life) example of how this is used.
- [Services coders!] Added PROTOCTL CLK (requires NICKv2) which adds an extra field in the
  NICK command (when a user connects) right before the infofield (gecos).
  The added field contains the cloaked host, that is: the masked host if +x would have been
  set. This field is ALWAYS sent, regardless of whether the user is actually +x or not.
  Services can then store this field in memory, to know the host of the user if the user
  is set +x (+x-t). This is a (better) alternative to PROTOCTL VHP, with no race conditions,
  and avoids some other VHP problems.
  VHP will stay supported though... so it's not mandatory to switch over.
2006-04-16 23:27:56 +00:00
Bram Matthys 35a8c00214 - When OPEROVERRIDE_VERIFY is enabled, we now allow opers to still join any channels listed
in set::auto-join or set::oper-auto-join, even if they are +s/+p. Suggested by ultrotter
  (#0002644).
2005-10-15 23:26:57 +00:00
Bram Matthys eddb406807 - Removed all old resolver code and switched over to c-ares (+our caching routines).
This should get rid of some annoying untracable (and usually rare) crashbugs in the
  old resolver. Besides that, it makes things look more clean and understandable.
  This should be the fix for the following bugids (all the same issue): #2499, #2551, #2558,
  #2559, #2603, #2642, #2502, #2501, #2618, #2616.
  Feedback and testing is very much welcomed (syzop@unrealircd.com).
2005-10-10 14:32:12 +00:00
Bram Matthys f535167cf9 - Added 'warn' target which is basically the same as 'block' except it does not block ;).
It also sends a numeric to the user saying the command has been processed, but a copy
  has been sent to ircops. I feel this is a good idea for privacy reasons (anti-spy),
  though I don't know how users will react to this. If you are using this on your network
  and get users bothering you about it (or before that ;p), it's probably a good idea
  to explain it somewhere on your site or FAQ :).
  Example usage:
   /spamfilter add p warn - Testing_mirc_decode_filter \$decode\(.*\)
  [WARNING] The numeric text is likely to change in the next few weeks (early-cvs-commit).
- If a class block was removed and any other blocks would be referencing the class block
  (such as: allow::class, oper::class, link::class), then this would cause a crash.
  Reported by Mike_ (#0002646).
2005-09-25 21:49:19 +00:00
Bram Matthys 3cb4be0ad6 TYPO! 2005-09-05 18:24:18 +00:00
Bram Matthys 1be36fc0dd get rid of "please report!" in operator count bug thing.. we had enough responses :). The code itself still warns&corrects though... 2005-09-04 22:10:06 +00:00
Bram Matthys b340844aed - Fixed ~c not working properly with * and ?'s in channel names.. Now you just need to
escape them like in all bans (eg: to ban #* you need to +b ~c:#\*). As an additional
  bonus, real wildcards are now accepted and processed (eg: +b ~c:#*sex*, just don't
  forget to specify the #). Reported by PhantasyX (#2605).
- Sidenote on above: ~c:*chan* is not supported (use ~c:#*chan* instead) because it would
  cause "hidden bans", therefore it now prints a message (which is useful anyway), but
  does accept such remote bans. In 3.2.5 or so we could enable support for it, it's
  not that important though... ;)
- Added ifdefs for mass closing of file descriptors on start, can now be disabled by
  adding -DNOCLOSEFD as a compile option. Useful for valgrind w/--db-attach=yes, mpatrol,
  and some other debugging tools (not useful for anyone normally running a server).
- Fixed a read-after-free: sptr->serv->aconf was freed but not NULL'ed in exit_client,
  causing close_connection to read from it (when deciding on doing a quick reconnect).
  Could have caused a crash, although nobody ever reported one...
- Removed useless strncpyzt with dest==src.
2005-08-19 15:14:30 +00:00
Bram Matthys 4a69b08291 fixed incorrect badword { } causing a crash 2005-03-14 16:09:30 +00:00
Bram Matthys d3a0bb92f6 - Added channelmode +j (jointhrottle), syntax: /mode #chan +j X:Y, and then it will
throttle the number of joins per-user to X in Y seconds. Idea from Angrywolf (who
  wrote a module that did this before). This might need some more testing :).
  It's enabled by default but can be #undef'ed in include/config.h (line 449).
2005-02-12 00:05:08 +00:00
Bram Matthys 1a655c11ca - Added spamfilter topic support ('t' in /spamfilter, or 'topic' in conf), suggested
by Z3l3zT (#0001929).
2005-02-04 01:05:42 +00:00
codemastr fb0802a22b Corrected numerous -Wall warnings 2004-11-04 21:42:34 +00:00
Bram Matthys e6156b4604 - Added spamfilter 'away' ('a') target (#0002057). 2004-10-11 18:46:53 +00:00
Bram Matthys fae77f21ec - Module coders: Added HOOKTYPE_REMOTE_JOIN, HOOKTYPE_REMOTE_PART, HOOKTYPE_REMOTE_KICK (all
work just the same as the HOOKTYPE_LOCAL_* variants).
- Module coders: HOOKTYPE_REMOTE_CONNECT is now also called during net-merge. You can use
  IsSynched(sptr->srvptr) to find out if it's called due to a net merge (0) or a connect (1).
- Added spamfiler 'user' (u) target. This regex is checked against nick!user@host:realname
  when a user connects. This makes it easy to ban drones with simple patterns.
  For example: '/spamfilter add u gzline 86400 Drone[0-9]+!.+@.+:Drone[0-9]'
  would kill any drones that have both a nick and realname with 'Drone' followed by digits.
2004-10-06 20:33:13 +00:00
Bram Matthys 0597307562 - Fixed bugs regarding HOOKTYPE_SERVER_QUIT: was sometimes called twice and could cause
crashes due read-after-free. Reported by SET (#0001988).
2004-07-22 21:29:48 +00:00
Bram Matthys 5877a32b3b - Fixed "quickly-rehashing + autoconnect linkblocks = crash"-bug. This involved fixing
multiple reference count bugs, one related to sptr->serv->conf, and another one related
  to sptr->serv->class. Both caused problems when someone did a /rehash when a server
  was in the process of connecting (so it might also happen when connfreq was hit and you
  did a /rehash). Original bug was reported by sh0 (#0001872).
2004-06-25 23:50:08 +00:00
Bram Matthys ec338581d9 - Fixed '/stats P' negative usercount bug (#0001691). 2004-06-25 00:15:37 +00:00
Bram Matthys 6ec3822ce1 CmdoverrideAdd, DCCALLOW, allow dcc { }, umode +v change, register_user fix.
- Module coders: if CmdoverrideAdd() is called for an override that is already in place, it
  now sets MODERR_EXISTS as errorcode and returns NULL (previously it added duplicates).
  In the past module coders had many issues with PERM mods... you had to use weird tricks,
  but now you can (and should!) just override on INIT and on HOOKTYPE_REHASH_COMPLETE.
- Moved register_user declaration to h.h, updated call in m_pingpong.c (due new 'ip' field).
- Usermode +v ('receive dcc send rejection notices') is oper-only now for privacy reasons.
- Added dcc allow { }, which allows one to make exceptions over deny dcc { }.
- Added deny dcc::soft and allow dcc::soft item, if set to 'yes' it allows someone
  to explicitly override it per-person via /DCCALLOW (see next).
- Added DCCALLOW system, taken directly from bahamut.
  With this system you can block certain (or all) DCC SENDs and then allow the user to
  'override' this limit for every user he/she trusts via '/DCCALLOW +User'.
  This is an attempt to stop (or at least limit) the spreading of viruses/etc.
  See '/DCCALLOW HELP' for more info.
- Added example dccallow.conf which filters everything except some known
  'safe types' (jpg, jpeg, png, gif, etc). Note that the purpose of this file
  is NOT to get a complete list, rather to limit it to a few 'known safe' entries.
- Added set::maxdccallow: max number of entries of the DCCALLOW list (default: 10).
2004-06-10 02:26:32 +00:00
codemastr c1af4a4516 Added NICKIP 2004-05-27 22:05:58 +00:00
Bram Matthys 6717b75911 minor adjustment. 2004-03-10 01:43:45 +00:00
Bram Matthys 15b52e94b4 - Added '__' -> '_' decoding for spamfilter reason field. 2004-03-10 01:23:58 +00:00
codemastr 3d87f28751 Added check to detect broad /spamfilter masks 2004-03-08 03:38:16 +00:00
Bram Matthys 648d73556c spamfilter improvements
- Fixed a few wrong macro's (ircstrdup/ircfree) in s_conf.c causing
  very weird behavior... This also fixes a bug where set::spamfilter::ban-reason
  would have the value of ban-time.
- Improved spamfilter again.
  - The new syntax is:
    /spamfilter [what] [type] [action] [tkltime] [reason] [regex]
    [tkltime] specifies the duration of any *lines placed by this rule.
    [reason] specifies the *line, kill and/or block reason.. no spaces
    allowed, but '_' will be escaped to a space.
    In both cases you can simply use '-' to skip and use the default.
    Ex: /spamfilter add p block - - Come watch me on my webcam
        /spamfilter add p gline 3h Please_go_to_www.viruscan.xx/
        nicepage/virus=blah Come watch me on my webcam
  - A message is now shown if the msg/notice/dcc is blocked.
  - There are 2 new spamfilter action types:
    'dccblock' will mark the user so (s)he's unable to send any files by DCC.
    'viruschan' will part the user from all channels and join
     set::spamfilter::virus-help-channel (default: #help).
     this action might be improved to do more later.
  - Internal: added EXTTKL PROTOCTL, this determinates if 10 parameters
    instead of 8 are supported for m_tkl (used by spamfilter add).
  This new system needs some testing... :)
2004-02-20 23:28:57 +00:00