1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-07 01:23:12 +02:00
Commit Graph

4284 Commits

Author SHA1 Message Date
Bram Matthys 8efcd684d3 Fix /SPAMFILTER add having the regex syntax check backwards.
(Not too surprising when add is 0 and delete is 1)
Not fatal, as error was still handled & send, but it went to
all opers instead of just the one person adding it..
2018-05-01 15:22:39 +02:00
Bram Matthys 04b3dd24f8 Set default ECDH(E) curves to be X25519:secp521r1:secp384r1:prime256v1 with
the following remarks:
* We only set these curves if SSL_CTX_set1_curves_list() is available
  (OpenSSL 1.0.2 or later, LibreSSL 2.5.1 or later)
* The X25519 curve is only added if it is available (OpenSSL 1.1.0+)
2018-04-27 20:08:47 +02:00
Bram Matthys fa9bdcd7df Move detection of SSL_CTX_set1_curves_list to autoconf (CHECK_SSL_CTX_SET1_CURVES_LIST) 2018-04-27 19:27:19 +02:00
Bram Matthys 3809168992 Improve comments in source code to better explain what's going on.
..and so nobody makes the same mistake.
2018-04-27 18:10:17 +02:00
Bram Matthys a6a4196af9 Add set::ssl::ecdh-curve so you can force one or more ECDH(E) curves.
This requires OpenSSL 1.0.2 or newer (released on 22 Jan 2015).
Also fix a bug with OpenSSL 1.1.0+ where - due to removal of an API
function - we accidentally forced curve P-256 rather than automatic
selection. That sucks because the automatic selection (since 1.0.2+)
allows supporting multiple curves and selecting the highest one.
2018-04-27 17:59:53 +02:00
Bram Matthys 3a97bc29da Fix bug 2 due to code cleanup yesterday... 2018-04-23 08:50:34 +02:00
Bram Matthys 47e2975f01 Fix crash number 1 due to latest changes (TOPIC). 2018-04-22 19:38:29 +02:00
Bram Matthys 31409b19a5 Removed useless/unused * (pointer dereference) in increment 2018-04-22 18:06:10 +02:00
Bram Matthys ecf260dfc2 Only use -Wl,-export-dynamic while linking unrealircd or modules. 2018-04-22 17:36:04 +02:00
Bram Matthys 1c2da25573 Handle return value for truncate() - only for debugging anyway.. 2018-04-22 17:35:36 +02:00
Bram Matthys 33db0bf73e Get rid of a number of clang warnings. 2018-04-22 17:06:31 +02:00
Bram Matthys 992bed3c7a Similar to previous commit, change: alter HOOKTYPE_MODE_DEOP function:
-int hooktype_mode_deop(aClient *sptr, aClient *victim, aChannel *chptr, u_int what, char modechar, long my_access, char **badmode);
+int hooktype_mode_deop(aClient *sptr, aClient *victim, aChannel *chptr, u_int what, int modechar, long my_access, char **badmode);
.. this to get rid of a compiler warning and potential problem.
2018-04-22 16:09:10 +02:00
Bram Matthys 4f0f8478cc Update HOOKTYPE_CHANNEL_SYNCED to get rid of compiler warning.
Can't safely use shorts with variable argument functions I think,
or maybe only with reduced type checking which is not what we want.
-void hooktype_channel_synced(aChannel *chptr, unsigned short merge, unsigned short removetheirs, unsigned short nomode);
+void hooktype_channel_synced(aChannel *chptr, int merge, int removetheirs, int nomode);
2018-04-22 16:02:13 +02:00
Bram Matthys bb4758f321 Add strldup() and safestrldup(), reducing ridiculous amount of code in
m_pass and m_topic.c when duplicating strings with a length limit.
+/* strldup(str,max) copies a string and ensures the new buffer
+ * is at most 'max' size, including nul byte. The syntax is pretty
+ * much identical to strlcpy() except that the buffer is newly
+ * allocated.
+ * If you wonder why not use strndup() instead?
+ * I feel that mixing code with strlcpy() and strndup() would be
+ * rather confusing since strlcpy() assumes buffer size including
+ * the nul byte and strndup() assumes without the nul byte and
+ * will write one character extra. Hence this strldup(). -- Syzop
+ */
2018-04-22 15:40:21 +02:00
Bram Matthys 6990b7d9a6 Mass-replace MyMalloc with MyMallocEx, even if it's unnecessary.
Replace century-old custom functions with C standard funcs,
such as AllocCpy -> strdup.
2018-04-22 14:55:07 +02:00
Bram Matthys 61f40a59a7 Remove unused events.h 2018-04-22 14:36:21 +02:00
Bram Matthys 9a1a4f13a4 Remove sjoin.h (was included but contents were unused) 2018-04-22 14:32:28 +02:00
Bram Matthys d5d446c38d More code cleanups to get rid of useless casts and other useless
structures such as:
-       lp->value.cp = (char *)MyMalloc(strlen(mask) + 1);
-       (void)strcpy(lp->value.cp, mask);
+       lp->value.cp = strdup(mask);
2018-04-22 14:28:22 +02:00
Bram Matthys 680715b1b5 Partially rewrite send_channel_modes() (+helper functions).
Although this is only used by servers lacking SJOIN/SJOIN3 so
is of limited use. Still.. got rid of the most ridiculous casts.
2018-04-22 13:51:37 +02:00
Bram Matthys 147ae3012b Get rid of about a million (now) useless casts and some re-indenting. 2018-04-22 10:29:36 +02:00
Bram Matthys 8d7d6d7c4c Get rid of compiler warning 2018-04-22 09:50:13 +02:00
Bram Matthys 6ef9a83c97 Surely this can use the generic #include "unrealircd.h" instead?
Avoids sendto_realops() warning.
2018-04-22 09:48:12 +02:00
Bram Matthys 5044013dd5 Make m_ircops use RPL_TEXT rather than conflicting numeric.
The output of /IRCOPS isn't meant to be client parsable anyway (which
can be seen by the use of bold text and such), so using a generic
numeric rather than wasting two others seems sensible.
Reported by The_Myth in #5066.
2018-04-22 09:42:14 +02:00
Bram Matthys a7bcb637b7 Fix small memory leak if not passing the weak cipher config test (DES/3DES..)
Reported by Sky-Dancer (#5078).
2018-04-22 09:37:06 +02:00
Bram Matthys a235b35633 This code can be a lot simpler, duh. Reported by Sky-Dancer (#5078). 2018-04-22 09:35:05 +02:00
Bram Matthys 04ca88cc1e Fix bug in blacklist module with multiple replies for the same IP.
We only parsed the first A record reply, so if the blacklist returned
multiple results /and/ you would not have all those types in your
blacklist { } block then you could miss a hit (false negative).
2018-04-22 09:04:14 +02:00
Bram Matthys ad9ca5e449 Add support for checking IPv6 addresses in blacklists.
Suggested by k4be (#5040).
2018-04-22 08:30:02 +02:00
Bram Matthys 9b1a79a191 And again a Windows compile fix (hm how did this happen.. :D) 2018-04-21 20:35:54 +02:00
Bram Matthys 4e1e7d6674 Fix windows compile problem due to previous changes. 2018-04-21 20:31:41 +02:00
Bram Matthys f0092fef4e Properly report failure of fork(). Reported by mbw (#5087). 2018-04-21 20:27:53 +02:00
Bram Matthys 74009b88ba Cleanup of init_sys(): remove old stuff for ancient OS's.
On *NIX now always redirect stdin, stdout and stderr to /dev/null for
safety and to prevent any ssh hanging as reported by mbw (#5087).
This code needs some testing on non-Linux though it should be all
POSIX, unless I missed something... :)
2018-04-21 20:12:23 +02:00
Bram Matthys 894491fa32 Change numeric 008 format which reports snomask.
This is for easier parsing of the "MODE yournick" response.
From:
:maintest.test.net 008 testuser :Server notice mask (+kcfjvGqSso)
To:
:maintest.test.net 008 testuser +kcfjvGqSso :Server notice mask
Reported by emerson in #5079.
2018-03-25 13:45:59 +02:00
Bram Matthys 15bf82d3c1 Fix segfault on set { hide-ban-reason; }; reported by Skizzerz (#5052) 2018-03-25 13:41:57 +02:00
Bram Matthys 9f18118f76 Fix './unrealircd reloadtls' not reloading certificates/keys if
listen::ssl-options, sni::ssl-options or link::outgoing::ssl-options
are used. In short: it only reloaded the ones from set::ssl until
now. Bug reported by Mr_Smoke (#5072)
2018-03-25 13:22:19 +02:00
Bram Matthys 41b7e1b735 'set::cloak-method ip' not working properly with DNS resolving.
Reported by The_Myth (#5064).
2018-03-07 10:22:24 +01:00
Bram Matthys 386d2aaf8b Disable timesynch by default.
Built-in time synchronization was added in 2006 when many computers did not
do time synchronization by default. Nowadays nearly all operating systems,
including many Linux distro's, Windows and OS X have time synchronization
enabled out-of-the box.
You can still re-enable the built-in timesynch feature via:
set { timesynch { enable yes; }; };
..but you should really use NTP instead.
2018-03-07 09:40:13 +01:00
Bram Matthys afad280a1d Make NTP packet (used by timesynch) more in-line with existing implementations. 2018-03-07 09:39:20 +01:00
Bram Matthys f4b864c7b8 Update list of time servers 2018-03-07 09:38:19 +01:00
Bram Matthys 2bbdf22d76 Set git version to 4.0.18-devel 2017-12-29 09:34:31 +01:00
Bram Matthys 12848b7dae dead_link() was not sending the error message to the user.
This affected the following errors:
* Max SendQ exceeded
* Excess Flood
* Flood from unknown connection
* SSL Handshake flood detected
* Rejected link without SSL/TLS
* Various errors from the websocket module
* Other errors generated by 3rd party modules
2017-12-29 09:15:11 +01:00
Bram Matthys 3aa13d2bc3 UnrealIRCd 4.0.17 2017-12-22 09:52:24 +01:00
Bram Matthys 5609b36850 Fix crash with OperOverride 2017-12-22 09:48:42 +01:00
Bram Matthys 0a9306ca5b CIDR support in set::antirandom::except-hosts
Or, to be more precise: converted code to use match_user() framework.
2017-12-17 10:06:39 +01:00
Bram Matthys 888b4f549c Be a bit more liberal, used for antirandom backward-compatible. 2017-12-17 10:06:09 +01:00
Bram Matthys 33ec662205 Remove a junk notice regarding SJOIN 2017-12-17 09:26:19 +01:00
Bram Matthys dc7cb17eff Fix linking problem if only using link::outgoing (and not link::incoming)
which is perfectly legal but caused a confusing error message about
a 'server name mismatch'.
2017-12-13 09:02:32 +01:00
Bram Matthys 079963cdc6 Set prio for HOOKTYPE_CHANNEL_DESTROY to -1mln so other hooks are
called later.
2017-12-06 17:53:26 +01:00
Bram Matthys 847d7d9f7d UnrealIRCd 4.0.17-rc1 2017-12-01 10:06:43 +01:00
Bram Matthys a07411217f Apparently individual PROTOCTL tokens were limited at 128 chars.
This posed a limitation with utf8 PROTOCTL NICKCHARS=... and
potentially PROTOCTL SERVERS=... if having more than 32 servers.
The limitation has now been removed (buffer length = 512)
2017-12-01 10:00:15 +01:00
Bram Matthys c603cc52b3 Reject link if we have any utf8 charset enabled and other side doesn't. 2017-12-01 09:56:08 +01:00