1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-03 06:13:13 +02:00
Commit Graph

10056 Commits

Author SHA1 Message Date
Valerie Liu 54a8fc140b restrict-commands: add option 'channel-create' (channel creation) (#285)
* restrict-commands: add option 'channel-create' for managing who may create new channels.
This has been a commonly requested feature with different requested options, I think it makes sense to do it properly from here
2024-06-14 13:05:34 +00:00
Bram Matthys 58646bafbb Reorder some if's and comment them to make sense.
[skip ci]
2024-06-14 14:36:34 +02:00
Bram Matthys 33c6eb0bcf Destroy channel if 0 users and can_join() rejects the user.
Reported by Valware. E.g. if HOOKTYPE_CAN_JOIN rejects the join
when it is a new channel.

( And yeah... +P channels are not destroyed... handled in
  sub1_from_channel() -> HOOKTYPE_CHANNEL_DESTROY already. )
2024-06-14 14:28:11 +02:00
Bram Matthys 57f93a1ffa Write some initial release notes
[skip ci]
2024-06-14 11:21:27 +02:00
Bram Matthys 9e1fa65a46 Make locop only able to REHASH local server and not remote ones.
As reported in https://bugs.unrealircd.org/view.php?id=6414
2024-06-14 11:15:23 +02:00
Bram Matthys 5897bc2282 Add ./Config -h / -help
Suggested by hnj in https://bugs.unrealircd.org/view.php?id=6417
[skip ci]
2024-06-14 10:50:00 +02:00
Bram Matthys c37dc9334b Attempt to fix KICK OperOverride message if you are not +o but have +h/+a/+q.
There was an incorrect OperOverride message if you were had +h, +a or +q
and was kicking someone that you should normally be able to (without override).

This requires quite a bit of further testing, though, it's so easy to get
this wrong. The FIXME still stands to fix this for good some day.

Reported by Valware in https://bugs.unrealircd.org/view.php?id=6423
2024-06-14 10:45:41 +02:00
Bram Matthys 5e46692bb2 Bump version to 6.1.7-git 2024-06-14 10:00:37 +02:00
Adrian Sandu 2c49668db8 Add option set::tls::certificate-expiry-notification (#286)
This way you can disable the check and notification about TLS certificate expiring. The check is (still) on by default.
2024-06-14 07:57:33 +00:00
henk84 214423564e comment optional, fictional example blocks (#282)
Co-authored-by: Hendrik Jäger <gitcommit@henk.geekmail.org>
2024-06-14 07:27:56 +00:00
henk84 575bbeefd8 remove nonexistant email address in badwords conf (#283)
Co-authored-by: Hendrik Jäger <gitcommit@henk.geekmail.org>
2024-06-14 07:25:32 +00:00
henk84 d98dc2fcc3 Fix comment in example.conf (#281)
fix plural
Co-authored-by: Hendrik Jäger <gitcommit@henk.geekmail.org>
2024-06-14 07:25:04 +00:00
henk84 4ad2a601ac fix comment in modules.optional.conf (#280)
fix repeated preposition
Co-authored-by: Hendrik Jäger <gitcommit@henk.geekmail.org>
2024-06-14 07:24:31 +00:00
alice a77ff1f2c8 Fix OPEROVERRIDE_VERIFY option. (#278)
Reported by hnj in https://bugs.unrealircd.org/view.php?id=6418

Appears to have been introduced as part of the 6.x refactor of secret/private channel modes in 8066c13876

Also adjust message for ERR_OPERSPVERIFY to include channel name.
This is to correspond closer to other similar numerics around this area, as well as agreeing with the definition within modern.
2024-06-14 07:22:19 +00:00
Bram Matthys dd2242b6a8 ** UnrealIRCd 6.1.6 **
The release will be published tomorrow (2024-06-14).
2024-06-13 19:14:28 +02:00
Bram Matthys 89b735f6f2 Update curl-ca-bundle to Mon Mar 11 15:25:27 2024 GMT
https://curl.se/docs/caextract.html
[skip ci]
2024-06-13 18:54:08 +02:00
Bram Matthys e89f3f444c ./Config: import settings from UnrealIRCd 6.1.5
[skip ci]
2024-06-07 18:38:49 +02:00
Bram Matthys f2c92ee4b0 ** UnrealIRCd 6.1.6-rc1 ** 2024-06-07 18:22:48 +02:00
henk84 fdc1cd1902 fix word repetition in operclass.conf (#279) 2024-06-02 14:14:19 +02:00
Bram Matthys 05c946579f Don't put insecure gatewayed/proxied connections in 'tls-users' security group.
For user--proxy--ircserv we don't set +z when user--proxy is not
using SSL/TLS and we should behave the same way with ::tls in
security groups / match items.

See also
https://www.unrealircd.org/docs/FAQ#Why_do_users_on_WEBIRC_gateways_not_get_user_mode_+z?

But also applies to other types in the proxy block.
2024-05-20 11:52:23 +02:00
Bram Matthys a11cfde6cd Fix crash if you first REHASH and have a parse error (failed rehash 1) and
then REHASH again but a remote include fails to load (failed rehash 2).

This was reported by multiple (anonymous) people via the crash reporter.
2024-05-20 10:28:33 +02:00
Bram Matthys 9d91f61206 Crule: forgot a context && context->client check. Just in case the
crule is used outside security groups / spamfilter, like in
deny link { }.

Also update the match_realname() since via the extban code it would
use match_esc() which is rather confusing if you have double (or
perhaps even triple) escaping when using this in the conf.
2024-05-20 09:31:29 +02:00
Bram Matthys 899955b47d Crule: forgot match_realname('*xyz*'). Now we should be at 100% :) 2024-05-20 09:11:25 +02:00
Bram Matthys 0e9280e731 Crule: add match_account(), match_country(), match_certfp(). 2024-05-20 09:06:11 +02:00
Bram Matthys 3c3d8a5605 Add user_matches_extended_server_ban() which works similar to
match_user_extended_server_ban except that it works by name/value.

This can then be used by crules or in other mods, like:
user_matches_extended_server_ban(client, "country", "NL");

If the performance impact isn't too bad (of the extra work) then
this prevents duplicate code in the handler for things like
that: account, country, certfp, and whatever we add in the future..
2024-05-20 08:54:53 +02:00
Bram Matthys dbbcba10e3 Let's get rid of this !strlen(arg)
[skip ci]
2024-05-20 08:29:56 +02:00
Bram Matthys 9d166eed26 Some minor tweaks so these can be used in pre-connect-stage.
Otherwise in pre-connect-stage is_identified(), is_webirc()
and is_websocket() will always return false due to the
IsUser() check.

One should always be careful with accessing things in pre-
connect-stage, but in this case the IsLoggedIn() and
moddata_client_get() are safe to use. The former checks
client->user and the latter does not access anything within
client->user at all.
2024-05-20 07:56:07 +02:00
Valerie Liu 14dd3a9038 Crule: add is_identified(), is_websocket() and is_webirc() (#277)
* Update crule.c: add is_identified(), is_websocket() and is_webirc()
* Update RELEASE-NOTES.md
2024-05-20 05:50:07 +00:00
Valerie Liu ca31150291 Update modules.c - Fix small spelling error (#276)
[skip ci]
2024-05-20 05:47:21 +00:00
Bram Matthys f8b435957f Update release notes a bit
[skip ci]
2024-05-19 18:54:03 +02:00
Bram Matthys b07f02fb11 Fix +b ~forward not taking into account +e (ban exemptions).
Reported by rafaelgrether in https://bugs.unrealircd.org/view.php?id=6410
2024-05-19 18:49:33 +02:00
Bram Matthys 229b3a7f1b Fix ~forward checking IsRegNick() instead of IsLoggedIn() 2024-05-19 18:31:38 +02:00
Bram Matthys f89fd3f8f6 Fix crash on Windows when using crules, central spamfilter or central spamreport.
This is the release notes update, the actual fix is in
c3a7ed2c99

[skip ci]
2024-05-15 17:18:12 +02:00
Bram Matthys c3a7ed2c99 These efuncs need to be MODVAR (dllimport) for Windows... 2024-05-15 17:15:32 +02:00
Bram Matthys 35bf78d105 Forgot to mention https://www.unrealircd.org/docs/Dev:Authentication_module
As said, this isn't a proper authentication framework atm, just something
quick for (third) party module coders so they have something that works.
2024-05-13 17:14:08 +02:00
Bram Matthys e12559ad78 Allow modules to provide SASL locally, by hooking into AUTHENTICATE.
Note that this is still a dumb interface and not a real proper
authentication framework.

This adds HOOKTYPE_SASL_AUTHENTICATE and HOOKTYPE_SASL_MECHS and
also provides 3 functions: sasl_succeeded(), sasl_failed() and
a helper function decode_authenticate_plain() for AUTHENTICATE PLAIN.
2024-05-13 13:23:59 +02:00
Bram Matthys 01a441de84 Add crule functions: is_tls(), in_security_group(), match_mask(), match_ip()
* Add more [Crule](https://www.unrealircd.org/docs/Crule) functions:
  * `is_tls()` returns true if the client is using SSL/TLS
  * `in_security_group('known-users')` returns true if the user is in the
    specified [security group](https://www.unrealircd.org/docs/Security-group_block).
  * `match_mask('*@*.example.org')` or `match_mask('*.example.org')`
    returns true if client matches mask.
  * `match_ip('192.168.*')` or with CIDR like `match_ip('192.168.0.0/16')`
    returns true if IP address of client matches.
2024-05-06 10:06:07 +02:00
Bram Matthys e59e8c99f4 Whoops. Accidentially committed a debug line.
[skip ci]
2024-05-06 10:01:14 +02:00
Bram Matthys e9da1a867b Using @if with a variable like @if $VAR == "something" was always false.
Reported by BlackBishop.

This rename free_config_defines() to init_config_defines and calls it from
config_read_start() so caller doesn't have to think about it.
2024-05-06 09:22:53 +02:00
Bram Matthys 45717d44f4 Fix typo in release notes
[skip ci]
2024-05-05 17:37:07 +02:00
Bram Matthys 576af06857 Remove default security group tls-and-known-users. 2024-05-05 17:34:23 +02:00
Bram Matthys f83967c582 Bump URL_MEMORY_BACKED_CHUNK_SIZE from 128 to 8192 as intended.
This to avoid doing too many realloc() calls (at theexpense of
some wasted bytes, but that should be acceptable nowadays).
2024-05-03 14:34:09 +02:00
Bram Matthys 1d3c5a49a9 Get rid of confusing "REHASH -all" as "REHASH" already does the same.
And this is easily mistaken with "REHASH -global" which rehashes all
the IRC servers on the network.

In fact, who knows some year(s) from now we may map "REHASH -all"
to "REHASH -global", but... not yet...
2024-05-03 14:10:27 +02:00
Bram Matthys fb2381b1ad Deal better with lack of an internet connection when booting the first time.
* When booting for the first time (without any cached files) the IRCd
  downloads GeoIP.dat. If that fails, e.g. due to lack of internet connectivity,
  we now show a warning and continue booting instead of it being a hard error.
  Note that we already dealt with this properly after the file has been cached
  (so after first download), see "What if your web server is down" in
  [Remote includes](https://www.unrealircd.org/docs/Remote_includes#What_if_your_web_server_is_down).
2024-05-03 13:04:16 +02:00
Bram Matthys a24e53c096 Move from -D_FORTIFY_SOURCE=2 to -D_FORTIFY_SOURCE=3
and use -O2 when compiling with ASan instead of -O1
(the near-last question in ./Config).
2024-05-02 09:02:42 +02:00
Bram Matthys 5a17e55120 Bump version to 6.1.6-git 2024-05-01 18:25:10 +02:00
Bram Matthys f2aaeb3215 Add sponsorship info to GitHub sidebar 2024-04-26 07:43:05 +02:00
Bram Matthys bed50dcced Fix bullet points on release notes
[skip ci]
2024-04-22 12:43:30 +02:00
Bram Matthys 728069879f ** UnrealIRCd 6.1.5 ** 2024-04-22 12:19:50 +02:00
Bram Matthys 74a9569b4e Fix two typos in example.es.conf that prevent it from working
[skip ci]
2024-04-12 18:21:32 +02:00