1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-04 16:33:12 +02:00
Commit Graph

3060 Commits

Author SHA1 Message Date
Bram Matthys 4df6ed7f9a Get rid of duplicate "spamfilter hit" code. 2023-07-11 11:42:06 +02:00
Bram Matthys f277880fb3 Add set::central-spamfilter::limit-ban-action and ::limit-ban-time
to limit actions to limit-ban-action as the highest, and limit
ban times to limit-ban-time the highest, see
https://www.unrealircd.org/docs/Central_Spamfilter

This also changes highest_spamfilter_action() to highest_ban_action().
2023-07-11 10:17:51 +02:00
Bram Matthys 15b9255b0e Add spamfilter::except as an alternative for spamfilter::rule and upd rls notes 2023-07-10 12:12:25 +02:00
Bram Matthys c18c79e88b Add spamfilter hits and hits for exempted users.
* This means we always run spamfilters, even if users are exempts
* This way we can gather hits for exempted users on individual
  spamfilter entries, and possibly detect false positives
  (which relies on the assumption that those users are innocent)
* The hit counters are shown in in RPL_STATSSPAMF and also
  exposed via the JSON-RCP API.
* This commit also adds set::central-spamfilter::except but more
  on that later since i still want to set a default for that in
  a future commit.
* This also changes take_action() to take flags and adds the
  option TAKE_ACTION_SIMULATE_USER_ACTION which i intended to
  use but didn't in the end... not sure if i should keep it :D
2023-07-10 11:30:51 +02:00
Bram Matthys d25fdeb950 Some more BanAction fixes/improvements:
* stats S one thingy (multi-actions)
* STATS spamfilter (multi-actions)
* warn w/user target ('u') if using multi-actions
* moving some code
2023-07-09 16:27:40 +02:00
Bram Matthys e26ff1e9cf Add antimixedutf8::action warn handling, and fix generic handling in git version. 2023-07-09 16:20:42 +02:00
Bram Matthys 51a97602ee Fix antirandom::action warn handling in current git.
Reported by Han`.
2023-07-09 16:12:19 +02:00
Bram Matthys 9e2232ef72 For DroneBL spam submissions use "Content-Type: text/xml".
This also bumps the request size limit a bit.
2023-07-09 14:03:35 +02:00
Bram Matthys a68fa03ab5 Fix some small memory leaks on REHASH and fix compile warning w/gcc. 2023-07-09 13:39:00 +02:00
Bram Matthys 3250c7c0b4 Add some temporary safety mechanism if too many HTTP(S) requests in progress.
Will allow tweaking in config later. This is separate from rate-limit btw,
which also still needs to be done.
2023-07-09 13:21:16 +02:00
Bram Matthys dec9aa0341 Reporting spam to DroneBL now works, see https://www.unrealircd.org/docs/Spamreport_block
This uses the RPC2 API. Tested with staging.

Note that there are likely some bugs here or there, like memory leaks,
but the functionality is there.

Also still need to implement various stuff, including spamreport::rate-limit
2023-07-09 13:07:29 +02:00
Bram Matthys 2b14ee3de5 Prepare for future spamfilter::match -> spamfilter::match-string
[skip ci]
2023-07-08 20:14:25 +02:00
Bram Matthys 5d65e4a400 Rename place_host_ban() to take_action() since it is not only about banning... 2023-07-08 19:54:40 +02:00
Bram Matthys 8f4a19978a Deal properly with multi actions in spamfilter (untested) 2023-07-08 19:48:15 +02:00
Bram Matthys 64f57ae243 Add spamfilter::action report (work in progress) 2023-07-08 19:24:15 +02:00
Bram Matthys bee2853ded Add spamreport::type dronebl, actually reports to unrealircd.org atm for testing 2023-07-08 18:13:14 +02:00
Bram Matthys 38771b6761 Spamreport: implement POST requests 2023-07-08 16:46:21 +02:00
Bram Matthys 7741065518 Probably helps if i add src/modules/spamreport.c as well 2023-07-08 15:36:10 +02:00
Bram Matthys def77c4d52 Initial work on spamreport { } block. Not really useful yet.
Early commit before i make it actually work and implement the rest
and hunting for memory leaks etc...
2023-07-08 15:35:08 +02:00
Bram Matthys 01dd042089 Add support for spamfilter::id (currently not used or displayed anywhere)
For config-file only atm.
2023-07-08 12:34:21 +02:00
Bram Matthys 1006292681 Initial work on central spamfilter with auto refreshing URL / rules 2023-07-07 18:43:29 +02:00
Bram Matthys c8c2657904 Fix build problem with current git due to HOOKTYPE_PLACE_HOST_BAN mismatch 2023-07-07 10:58:06 +02:00
Bram Matthys d998846c64 Support setting tags via spamfilter { } blocks 2023-07-06 18:25:43 +02:00
Bram Matthys 6bbcdfd1b3 Add spamfilter::rule (preconditions), add context to crule parser,
and add the first functions: online_time() and reputation().

The more interesting stuff will follow later...
2023-07-06 16:14:26 +02:00
Bram Matthys 656ea105da First go at multi actions... 2023-07-06 11:51:55 +02:00
Bram Matthys f636e114a8 Update antimixedutf8 with a complete list of UTF8 blocks, counter more spam. 2023-07-05 17:21:17 +02:00
Bram Matthys 8d50efd29e Fix documentation confusing regarding rpc-user::match vs ::mask.
Only match was working earlier, and for now both are accepted,
like everywhere else. Reported by BlackBishop.

Also, added a missing check for unknown rpc-user items, so a
proper "Unknown directive" error is thrown.
(this missing check made the first issue worse)
2023-06-30 15:20:10 +02:00
Bram Matthys 0cc800e736 Fix crash on invalid badword { } block in config file (one without type) 2023-06-27 18:31:53 +02:00
Val Lorentz d5ceb664bc Add 'history_delete' method to HistoryBackend (#253)
This will allow modules to implement deletion of specific messages
(unlike history_destroy, which removes the entire history of a channel)
2023-06-17 16:10:10 +00:00
Bram Matthys 7bce73a697 Some changes to HOOKTYPE_RECONFIGURE_WEB_LISTENER hack from earlier,
that was added late in 6.1.1 development to fix a crash with removing
websocket listeners. Now replaced with a generic HOOKTYPE_CONFIG_LISTENER
that is not only called for removed listeners, but for all listeners.
2023-06-17 18:04:12 +02:00
Bram Matthys 4b23596b4c Code cleanup: some strncmp -> str_starts_with* replaces (less chance of mistakes) 2023-06-17 17:50:37 +02:00
Bram Matthys cca19fa7f0 Fix maxperip bug when using a WEBIRC proxy/gateway with IPv4 vs IPv6 mismatch.
(more info to follow)

This also adds "/stats maxperip" for debugging purposes (ircop-only).

[skip ci]
2023-06-16 18:03:03 +02:00
Bram Matthys fd7a715e17 Don't use slow socket closing (w/TLS handshake) for (G)ZLINE.
The whole point of (G)ZLINEs is that it rejects instantly upon
accept, that's what makes them different from KLINE/GLINE.

Commit 89075e532a made it
accidentally use the slow path for this as well.
2023-06-07 15:14:00 +02:00
Val Lorentz a94884c6a9 Mention that hbm_return_after actually implements BETWEEN (#252) 2023-06-04 07:58:57 +00:00
Bram Matthys 0816cf79bc TOPIC does not need CMD_BIGLINES anymore after commit
c32ff22a3e
[skip ci]
2023-05-31 07:33:08 +02:00
Bram Matthys bb419b95d1 Remove set::maxbanlength as it is not useful and only confusing.
https://www.unrealircd.org/docs/Set_block#set::maxbanlength
2023-05-28 20:25:02 +02:00
Bram Matthys e3262c6bd8 Change default for set::topic-setter and set::ban-setter to 'nick-user-host',
previously it was set to 'nick'

Also allow the full topic length for the nick-user-host case, now that
we have BIGLINES support. For non-BIGLINES-servers this could mean a
potential cutoff of the last 20 characters of the topic, which is why we
restricted it to 340 instead of 360 for nick-user-host previously, but
that is really only in the corner case / worst case, like with max NICKLEN,
max USERLEN, max HOSTLEN, max CHANNELLEN, etc... i think we can live
with that small "problem" until all servers upgrade.
2023-05-28 17:54:44 +02:00
Bram Matthys 82dd83f7dc Use BIGLINES in RRPC when possible (and deal with splitting up again
when it is not possible, mixed server scenario).
Now a big RRPC response like server.module_list for a remote server
(44KB) fits in only 3 lines, instead of almost 100 lines.
2023-05-28 16:11:38 +02:00
Bram Matthys 2fcb5b4669 * Server to server lines can now be 16384 bytes in size when
`PROTOCTL BIGLINES` is set. This will allow us to do things more
  efficiently and possibly raise some other limits in the future.
  This 16k is the size of the complete line, including sender,
  message tags, content and \r\n. Also, in server-to-server traffic
  we now allow 30 parameters (MAXPARA*2).
  The original input size limits for non-servers remain the same: the
  complete line can be 4k+512, with the non-mtag portion limit set
  at 512 bytes (including \r\n), and MAXPARA is still 15 as well.
* I chose 16k because I don't want to first raise it to like 8k
  and then realize later that 16k would be better and raise it again.
* To receive BIGLINES in a command, you need to `CommandAdd()` with
  flags `CMD_BIGLINES`, without it you still get regular 512 max.
  This is so, because a lot of the code does not expect longer than
  512 bytes lines or in parameters, so we can gradually change that
  (where needed).
2023-05-28 15:06:32 +02:00
Bram Matthys 5e64991296 Fix CHATHISTORY BETWEEN accidentally including a message too much
Reported by progval in https://bugs.unrealircd.org/view.php?id=5952
2023-05-28 11:08:46 +02:00
Bram Matthys a4d7ca022e Update CHATHISTORY AROUND to include middle message
Reported by progval in https://bugs.unrealircd.org/view.php?id=5953
2023-05-28 10:15:51 +02:00
Val Lorentz f768b34050 chathistory: Advertize MSGREFTYPES ISUPPORT token (#251)
https://ircv3.net/specs/extensions/chathistory#isupport-tokens

The spec says they should be 'in order of decreasing preference'.
As currently the only backend is in-memory, this doesn't matter so I
picked `msgid` first (as it's less ambiguous); but this can be revisited
later if/when adding a backend which is more efficient with timestamps.
2023-05-28 05:57:36 +00:00
Bram Matthys 1a8653de19 Fix require module not working on one side, sending SMOD too early.
Has to do with running HOOKTYPE_SERVER_CONNECT too soon, before
introducing ourselves to the other side. This bug was created in
commit ddf639836b so exists in
all UnrealIRCd 6 versions (-beta1 and up).

The hook call is now moved further down.
2023-05-27 19:14:27 +02:00
Bram Matthys cf5808dc44 Error on listen::options::websocket::forward and tell to use proxy { } block.
[skip ci]
2023-05-26 14:36:20 +02:00
Bram Matthys a7cf24c45d Mention new https://www.unrealircd.org/docs/Proxy_block in release notes
and also for safety when redoing DNS and ident due to IP change,
we now:
ClearIdentLookupSent(client);
ClearIdentLookup(client);
ClearDNSLookup(client);
2023-05-26 14:26:26 +02:00
Bram Matthys fb54d4a2c6 Replace do_parse_forwarded_header() and set WEB(client)->forwarded
depending on what we get from the proxy, so it can be used later
in the websocket module for setting the user secure or not
(the latter similar to what k4be already did in the old code).
2023-05-26 13:31:01 +02:00
Bram Matthys d2f45fcaaf Move webserver proxy handling from the websocket to the webserver module.
This now requires a proxy { } block -- docs follow soon

This uses part of k4be's code still, to do the parsing,
so still only "Forwarded" and quick workaround for bug
when for=XXX is the final item.
2023-05-26 13:05:30 +02:00
Bram Matthys c537a72c10 Make proxy::mask and webirc::mask a generic mask item almost all
others in the config - https://www.unrealircd.org/docs/Mask_item
2023-05-26 12:39:11 +02:00
Bram Matthys 9aafdb7f9c Move handling of webirc { } block into new proxy { } block (allow the old name)
This is untested, as I'm first working on the rest...
2023-05-26 12:23:51 +02:00
Bram Matthys c2d465c5dd Move chunk of code from start_of_normal_client_handshake() to
a function called start_dns_and_ident_lookup(). This can then
be easily called from other places as well, like the code k4be
did in src/modules/websocket.c to handle proxies.

Side-effect is that ident lookups would now be done, if we are
configured to do so, for forwarded webirc stuff (not that I
think many people use that feature at the moment...).
2023-05-26 11:24:01 +02:00