chunked encoding stuff is copied from the modulemanager and #if'd out.
The non-chunked is not OK yet either, as it must check the Content-Length,
while we currently assume a single packet == the complete request.
This is start_of_normal_client_handshake() by default, but is
start_of_control_client_handshake() for the control channel
(for './unrealircd rehash' and such). Previously that was hardcoded.
It is also used by the RPC code now.
Things like setting the client->status to CLIENT_STATUS_CONTROL
and list_add(&client->lclient_node, &control_list);
This does mean that we now add clients earlier to the unknown list,
even ones that are going to be control sockets and clients that are
going to be z-lined etc, but it should be a minimal performance hit
since it are just 1-4 insertions in a circular list.
At the same time it makes the code more cleaner and more maintainable
especially with all the "special cases" and such that are there now
and will only become more and more...
This makes other code safer as well since they can assume that if the
client is local (client->local) that the listener (client->local->listener)
is non-NULL and safe to access until the client is completely destroyed.
These deal with set::anti-flood::everyone::connect-flood and
set::max-unknown-connections-per-ip respectively.
This adds a new hook HOOKTYPE_ACCEPT, that is mostly meant for internal
usage by UnrealIRCd. Most module coders will want to use the existing
hook HOOKTYPE_HANDSHAKE instead.
This also gets of check_banned() which is now spread over the individual
modules (eg: checking banned is done in tkl on HOOKTYPE_ACCEPT and
HOOKTYPE_IP_CHANGE).
This should be:
security-group Syzop { certfp "1234etc."; }
As this is wrong:
security-group Syzop { mask { certfp "1234etc."; } }
Reported by Han`.
This also makes us throw a config error on the wrong case.
no longer expand shorter versions of a variable. It previously had some
unintended form of magic autocomplete where $serv was handled the same
way as if it was $server. This could cause issues in the long run when
variables are added and the meaning of the short form changes.
Reported by westor in https://bugs.unrealircd.org/view.php?id=6123
but it seems there were still a couple left. These are now gone as well.
There seem to be no issues with the ones that were left, but it is just
too easy to get it wrong. Declaring buf in function now. This should be
faster anyway, since it is located on nearby memory (stack).
Inspired by previous find from westor (c708a99955c034e842f913479cc597d87b311394).
if the oper block permits, the user does not have to send "OPER xyz".
Eg:
security-group Syzop { certfp "xyz"; }
oper Syzop {
auto-login yes;
mask { security-group Syzop; }
operclass netadmin-with-override;
class opers;
}
Then, if you connect with SSL with that certificate fingerprint,
you become IRCOp automatically.
and other selectors in 'mask'. This allows for things like:
security-group Syzop { certfp "xyz"; }
oper Syzop {
mask { security-group Syzop; }
operclass netadmin-with-override;
class opers;
}
except ban {
mask { security-group Syzop; }
type all;
}
allow {
mask { security-group Syzop; }
class special;
maxperip 32;
}
etc...
We do error on the obvious case of mask * and mask *@* when no password
is set, but otherwise try not to stop all cases of user stupidity
(there are just too many...).
Reported by ZarTek-Creole in https://bugs.unrealircd.org/view.php?id=6114
We now call HOOKTYPE_LOCAL_CHANMODE on the modes we set in modes-on-join,
where 'client' is '&me'. Should be fine, as we already did the same for
+P modes (indirectly) in channeldb.
Bram Matthys