1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-03 16:03:12 +02:00
Commit Graph

6785 Commits

Author SHA1 Message Date
Bram Matthys 3a0d8fc06c Fix another reputation issue: reputation not showing in WHOIS when
a remote user has just connected (could take up to 5 minutes) and
a fix required for previous commit for connthrottle.
2019-05-11 14:15:52 +02:00
Bram Matthys 7a7266bc2f Bump connthrottle version from 1.1 to 1.2 2019-05-11 14:02:42 +02:00
Bram Matthys 64c8096361 Fix connthrottle module counting non-local connecting registered users
always as new users (regardless of reputation), causing the protection
to kick in too quickly for the poor new users. This was noticeable
after for example one server died and new users reconnecting massively
to the remaining servers. Reported by Lord.
2019-05-11 13:58:07 +02:00
Bram Matthys 9f8e73dca7 Make CAP commands case sensitive.
Suggested by Koragg in https://bugs.unrealircd.org/view.php?id=5263
2019-05-10 08:57:16 +02:00
Bram Matthys 872ebca6fa Don't forward PASS to services if the user is already logged in via SASL.
Reported by westor in https://bugs.unrealircd.org/view.php?id=5264
2019-05-10 08:49:40 +02:00
Vitor Luis 92ceb129da Helpop update (#81)
Update help.conf with soft actions and changed *:Lines to be *-Lines which goes more accordingly with the new rewording in UnrealIRCd IRC messages.
2019-05-04 14:45:33 +02:00
Bram Matthys b0d3476176 HELPOP: Update MKPASSWD documentation 2019-05-04 13:47:07 +02:00
Bram Matthys 09d31d8ded Enhance WHOX->WHO auto-conversion for +s serv.er.name, reported by k4be. 2019-05-03 13:15:17 +02:00
Bram Matthys 8a6cbfaaf0 Show linking error messages if these happen during the handshake and we
have already fully authenticated the server (but when it technically is
not fully linked as a server yet, eg post-EAUTH but pre-SERVER).

Also, send ERRORs to junk snomask from untrusted sources. After all,
the junk snomask is precisely there to enable briefly to debug issues.
In case of link errors we always advice to check BOTH sides of the link
as an IRCOp, and this advice still stands. This may just help a little
for people who do not follow our advice.
2019-05-02 09:30:15 +02:00
Bram Matthys 5b63d28e2a Improve error messages in case of failed server linking due to mixed
password types (eg: plaintext on one side, spkifp on the other side).
Refer to https://www.unrealircd.org/docs/FAQ#auth-fail-mixed

Also, unrelated to the above, don't say "Bad password?" if the
password type is not of type plaintext, since it would be confusing.
2019-05-02 08:55:22 +02:00
Bram Matthys 377fa25244 UnrealIRCd 4.2.3 2019-04-30 09:23:44 +02:00
Bram Matthys f9bbeaa6ca [nopost] Send these harmless kill messages to the junk snomask.
Nowadays these are pretty much never proxy attacks. Only scanners and
crawlers trying HTTP commands on IRC connections.. which isn't even that
weird anymore since people tend to open up port 443 for SSL/TLS IRC
to bypass firewall restrictions.
2019-04-28 12:12:53 +02:00
Bram Matthys d3f061bbd9 Updates to example.tr.conf and help.tr.conf by Serkan
[skip ci]
2019-04-28 11:48:11 +02:00
Bram Matthys 8bbc136a66 Updates to help.tr.conf by Serkan 2019-04-27 12:51:27 +02:00
Bram Matthys cc15cd63de [reputation] Disable benchmark, config error should be warning. 2019-04-25 09:56:35 +02:00
Bram Matthys 9bd4f25af5 Handle FLUSH_BUFFER gracefully (only matters in rare cases, such
as in the case of malformed server traffic).
2019-04-22 14:37:37 +02:00
Bram Matthys 15ea9a9347 UnrealIRCd 4.2.3-rc1 2019-04-22 08:25:26 +02:00
Bram Matthys d6e285bdfc AppVeyor: replace wget with curl, since wget mysteriously fails.
[skip travis]
2019-04-22 07:42:04 +02:00
Bram Matthys b1944284bd Trace appveyor issue...
[skip travis]
2019-04-22 07:33:16 +02:00
Bram Matthys 1ada6c09f1 Make clang happy 2019-04-22 07:28:05 +02:00
Bram Matthys 4234400e22 Add 'reputation' and 'connthrottle' modules to fight drones.
See https://www.unrealircd.org/docs/Connthrottle
2019-04-22 07:11:25 +02:00
Bram Matthys 81e2099f7b We already checked for the openssl library but if the openssl binary was
not found then this was not treated as a fatal error. Now it is, since
you will fail later in the installation process when a certificate file
is being made (resulting in mysterious 'req: command not found' errors).
Also, improve the error message both for the missing openssl library
and openssl binary case.
2019-04-15 18:56:11 +02:00
Bram Matthys f3bd95fa42 Create some preliminary release notes.
[skip ci]
2019-04-14 14:12:06 +02:00
Bram Matthys 2ba65ed35c Move previous release notes to doc/RELEASE-NOTES.old
[skip ci]
2019-04-14 13:47:11 +02:00
Bram Matthys 11c6604aeb Print out clear warning/error if using an old spamfilter.conf.
For example for Windows users, or for *NIX users where the automated
patching of the spamfilter.conf did not work.
I've tried to make the error message as clear and big as possible
and the wiki article as clear as possible as to what the user needs
to do. Not much more I can do.... :)
2019-04-14 13:45:11 +02:00
Bram Matthys 4e75af79fa 'make install' will now upgrade the spamfilter.conf examples from
'posix' to 'regex' if the user is using the exact same spamfilter.conf
that shipped with UnrealIRCd 4.x until now. Otherwise, we do not
update anything. Also, custom spamfilters in this file are not touched.
Let's hope this will apply to most of our users to ensure that they
will have no or less issues with the 'posix' to 'regex' conversion
process.
2019-04-14 13:01:31 +02:00
Bram Matthys 3ba5153362 Abort when using list functions on structs with incorrect order.
This is mostly to guard 3rd party module writers against making
such a mistake. Up to now such a mistake would silently corrupt
memory without warning or error. That is, until you crashed :D.
2019-04-14 11:01:20 +02:00
Bram Matthys 570c59b2b2 Bump UNREAL_VERSION_TIME.
[skip ci]
2019-04-12 11:01:15 +02:00
Bram Matthys 3aa5048300 Improve error message if someone uses set::something literally in the
configuration file.
Also, make (global)'unknown directive' errors fatal, as they should be.
2019-04-07 17:09:12 +02:00
Bram Matthys 9d7354147d Add two blacklist blocks in example conf: DroneBL and EFnet RBL. 2019-04-05 21:06:50 +02:00
Bram Matthys 5c30d1af6d * Badword blocks now use PCRE2 if using regex at all (rare,
usually the fast badwords system is used instead)
* Code deduplication in src/modules/{chanmodes,usermodes}/censor.c
  to src/match.c -- which may be moved later again to efuncs.
* Add --without-tre:
  This means USE_TRE will be enabled by default right now
  but if using --without-tre it will be undef'ed. This so we
  can prepare for the TRE phase-out in 2020.
* Remove include/badwords.h, put contents in include/struct.h
2019-04-05 18:19:23 +02:00
Bram Matthys 9e69cd722d Remove unused regex support in antirandom 2019-04-05 16:27:07 +02:00
Bram Matthys 422f76a723 Fix very minor memleak introduced about 2-3 weeks ago. 2019-04-04 19:24:23 +02:00
Bram Matthys f111b5c1ad Update spamfilter.conf: convert some to 'simple' matchers and make clear
that these are just old examples from the year 2005.
Also, no longer include spamfilter.conf from the example*conf by
default as they do not contain any useful spamfilters nowadays.
2019-04-04 18:31:59 +02:00
Bram Matthys 05c4cb5e8f Replace match-type 'posix' with 'regex' in example spamfilter.conf.
Note that I should probably check if they still work now.. ;)
2019-04-02 21:04:40 +02:00
Bram Matthys 83372cc2c8 Bump example.conf server sendq from 5M to 20M. 2019-04-02 20:34:39 +02:00
Bram Matthys bd05cf8e58 Stop accepting /SPAMFILTER add -posix. You should really use PCRE2 by now.
Similarly, raise a warning for spamfilter { } blocks in the configuration
with match-type 'posix'.
See: https://www.unrealircd.org/docs/FAQ#spamfilter-posix-deprecated
2019-04-02 20:33:03 +02:00
Bram Matthys ee342d9b84 Re-indent set_mode and use new paracount_for_chanmode(). 2019-03-27 16:59:42 +01:00
Bram Matthys 8b222a1ed2 -Wno-empty-body 2019-03-27 14:00:35 +01:00
Bram Matthys b2307af8ec Get rid of "unknown option -Wno-invalid-source-encoding" warning when there
is another warning being triggered.
-copy paste comment from configure.ac-
We check for the -Woption even though we are going to use -Wno-option.
This is due to the following (odd) gcc behavior:
"When an unrecognized warning option is requested (e.g.,
 -Wunknown-warning), GCC emits a diagnostic stating that the option is not
 recognized.  However, if the -Wno- form is used, the behavior is slightly
 different: no diagnostic is produced for -Wno-unknown-warning unless
 other diagnostics are being produced.  This allows the use of new -Wno-
 options with old compilers, but if something goes wrong, the compiler
 warns that an unrecognized option is present."
Since we don't want to use any unrecognized -Wno-option, we test for
-Woption instead.
2019-03-27 13:44:29 +01:00
Bram Matthys e7de6cf3a4 Fix compile issue and report error when unable to write to pid file
(data/unrealircd.pid by default).
2019-03-27 13:26:30 +01:00
Bram Matthys dd2af3b31c Enable additional compiler warnings. Update code to conform to these
new standards, possible to compile with -Werror with them.
2019-03-27 09:03:30 +01:00
Bram Matthys 5a38d8ed75 Fix misleading indentation. 2019-03-25 18:37:05 +01:00
Bram Matthys 6d3a98653e The maximum number of clients (MAXCONNECTIONS) no longer defaults to 1024.
The new question in ./Config now defaults to 'auto' (both for new installs
and for upgrades). You can still specify a manual limit but it is no longer
recommended.
A MAXCONNECTIONS of 'auto' means - at present - that UnrealIRCd will try
to set a limit of 8192. This is quite a bump from the original 1024.
On systems where this is not possible we will simply use the highest amount
possible, such as 4096 on many systems, or 1024.
In fact, we now no longer error when MAXCONNECTIONS is higher than the
'ulimit -n' limit but will adjust ourselves to the limit.
Only if the effective limit is below 100 we will print out a fatal error
since running in such a scenario is highly discouraged.
The reason for this change is that nowadays with drone attacks we may need
to be able to handle more concurrent sockets. Also, many Linux distro's
have a default setting of unlimited or 4096 nowadays, out of the box.

For people packaging UnrealIRCd (not end-users):
The ./configure --with-fd-setsize=xx option was removed and the
optional(!!) --with-maxconnections=xx option has been added.
We recommend you NOT to pass this option. Not passing it means that
the previously mentioned 'auto' mode will be used, which is likely
best for most users.

Module coders:
Although it is unlikely you accessed the 'MAXCLIENTS' variable,
if you did, it is now called 'maxclients' (lowercase) since it is
adjusted at runtime and no longer a macro.
2019-03-25 15:43:26 +01:00
Bram Matthys ad173cc5d0 Ignore join flood check in channel mode +f when the server just booted.
This new option is called set::modef-boot-delay (default: 75 seconds).
See https://www.unrealircd.org/docs/Set_block#set::modef-boot-delay
2019-03-25 13:27:28 +01:00
Bram Matthys 5b20716e9b [cleanup] floodprot: move set::modef-* handling from core to module. 2019-03-25 13:10:03 +01:00
Bram Matthys 6c837d3ce4 Cleanup _test_operclass config code. 2019-03-25 09:33:59 +01:00
Bram Matthys 9ca53369e7 Lots of config code checks for "if (!cep->ce_varname)" however this is a
condition that will never happen, as it is already handled by the parser.
2019-03-25 09:21:15 +01:00
Bram Matthys 15d77298fe Empty blacklist::dns::type could lead to a crash (config file error).
All the rest are things that "will never happen" or dead code.
2019-03-25 09:04:31 +01:00
Bram Matthys 4490b8744e Use HAVE_RLIMIT instead of FORCE_CORE. And get rid of error message. 2019-03-24 15:50:56 +01:00