1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-04 19:23:13 +02:00
Commit Graph

6529 Commits

Author SHA1 Message Date
Bram Matthys 62d62c4e88 channel.set_mode: mode->modes, parameter->parameters 2023-01-07 10:24:26 +01:00
Bram Matthys b2a6f3cfee JSON-RPC: add channel.set_mode 2023-01-07 10:21:19 +01:00
Bram Matthys 14107d88be Add set_channel_topic() and use it from cmd_topic (TOPIC) 2023-01-07 10:16:18 +01:00
Bram Matthys 66d7fb804d JSON-RPC: add channel.set_mode 2023-01-07 09:41:01 +01:00
Bram Matthys 141c4bc64d Use consts in set_channel_mode()
[skip ci]
2023-01-07 09:39:44 +01:00
Bram Matthys 5a32333360 JSON-RPC: show +vhoaq in "channels" in user.* and in "members" in channel.*
as requested in https://bugs.unrealircd.org/view.php?id=6206
And also for channel.get, in "members", include the UID in "id".

This breaks the current format but we don't have many users yet anyway.
Something tells me that will happen more ;)

This also bumps the user and channel RPC modules from 1.0.0 to 1.0.1

In user.get (and currently user.list too) this shows as:

"channels": [
  {
    "name": "#test",
    "level": "o"
  }
]

And in channel.get (not .list) this shows as:
"members": [
  {
    "name": "abc",
    "id": "00129BP02",
    "level": "o"
  },
  {
    "name": "def",
    "id": "001LFMB05"
  }
]
2023-01-05 17:48:08 +01:00
Bram Matthys bef2f428f4 JSON-RPC: Really show *all* channels a user in.
This because for JSON-RPC you expect all accurate data, while in contrast
with JSON logging the channels are just there for convenience and only
show the first X channels, since otherwise the data gets too long
and gets truncated (JSON logging uses channel detail level 0).
2023-01-05 16:54:37 +01:00
Bram Matthys 143b7262cc JSON-RPC: add channel.get which also includes members and +beI lists.
Documented at https://www.unrealircd.org/docs/JSON-RPC:Channel
under "When using the channel.get API call, more details are available"
2023-01-05 16:39:59 +01:00
Bram Matthys ccbd320338 JSON-RPC over Websocket: don't close websocket connections after ~30s,
keep them open, but do a websocket ping/pong to check if the
connection is alive.
This is usually handled by browsers themselves, but if you are using
websockets from a non-browser then you may have to PONG back on
a PING, see https://www.rfc-editor.org/rfc/rfc6455#section-5.5.2
(note that PING-PONG is a requirement there)
2023-01-04 13:55:08 +01:00
Bram Matthys b33628b765 JSON-RPC over Websockets: Fix bug with >64Kb responses.
Eg if there are 10.000 users online and you do user.list.
The old websocket framing assumed no response was >64Kb.

This also creates a new function websocket_create_packet_ex()
2023-01-04 13:10:09 +01:00
Bram Matthys d6a3db4ad2 Add listener::mode so for file sockets you can specify the mode permissions.
Valid choices are 0700, 0770 and 0777, see the documentation at
https://www.unrealircd.org/docs/Listen_block

Unrelated: this also documents the ConfigItem_listen struct in struct.h.
2023-01-04 10:06:39 +01:00
Bram Matthys 8ca6341f38 When someone includes "rpc.modules.default.conf" create a *NIX
socket listening in data/rpc.socket, because why not... only the
ircd user has access to it by default (well, and root).

Don't add the external listener HTTP(S) port by default though,
because not everyone may want that exposed to the outside world.

The default creation of data/rpc.socket can be prevented by a
@define $NO_DEFAULT_RPC_SOCKET "1"
2023-01-03 19:34:04 +01:00
Bram Matthys b5c86981fa JSON-RPC server_ban.add: fix "duration_string" being interpreted totally wrong.
Something like "1h" was intepreted as unixtime 3600 (=expired long ago).
For absolute times there is already "expire_at" (JSON timestamp).

Now, "1h" is properly interpreted as meaning 1 hour from now, as intended.

This bumps the version of rpc/server_ban to 1.0.1.

Reported by armyn.
2023-01-03 10:03:15 +01:00
Bram Matthys 64e5de4c8c ExtBanAdd: Actually enforce conv_param as a required event.
This was documented as optional in include/modules.h but on
https://www.unrealircd.org/docs/Dev:Extended_Bans_API it
was always mentioned as required.
In practice, I know of no module that does not have this,
in UnrealIRCd or third party (doing zero filtering is
quite a bad idea).

Anyway, long story short: this also means we can remove some
(flawed) logic in src/api-extban.c in case conv_param was
NULL, which raised a compiler warning:

api-extban.c: In function ‘extban_conv_param_nuh_or_extban’:
cc1: error: function may return address of local variable [-Werror=return-local-addr]
api-extban.c:382:14: note: declared here
  382 |         char tmpbuf[USERLEN + NICKLEN + HOSTLEN + 32];
      |              ^~~~~~
2023-01-01 09:51:07 +01:00
Bram Matthys 75368e462a ** UnrealIRCd 6.0.5 ** 2022-12-29 10:07:19 +01:00
Bram Matthys 895bbd3a35 When authprompt kicks in and the session timeouts, show the original ban reason
from the *LINE (or other ban type).
Eg /GLINE %*@192.168.* 0 :Please authenticate using SASL
would now, if the user has authprompt enabled and the connection times
out, exit the client after ~30 secs with "Please authenticate using SASL",
instead of "Registration timeout" (pre 6.0.5-rc2) or
the generic "Account required to login" (6.0.5-rc2).
This to help clients and users who do not type or display anything.

This is an enhancement to https://bugs.unrealircd.org/view.php?id=6202

This also fixes a bug in 6.0.5-rc2 where "Registration timeout" was
always showing up as "Account required to connect", even if there
was no softban or authprompt intervention at all.
2022-12-26 10:21:59 +01:00
Bram Matthys 7897782747 *** UnrealIRCd 6.0.5-rc2 *** 2022-12-23 08:52:41 +01:00
Valerie Pond 58e83bbe58 Another fix for set::authentication-prompt::enabled 'no' being ignored (#245) 2022-12-21 16:21:30 +00:00
Bram Matthys eca0035e8d Actually fix previous-previous-commit cdd0e4116d 2022-12-21 10:09:23 +01:00
Bram Matthys eab827688d Fix RPC spamfilter.* (and tkl.*?) not going through fully net-wide
due to bogus sender.
[skip ci]
2022-12-21 10:06:23 +01:00
Bram Matthys cdd0e4116d RPC spamfilter.add: convert reason to underscores internally when adding 2022-12-21 09:57:53 +01:00
Bram Matthys 9b1c24c2fa When timing out on authprompt, error with "Account required to connect".
More ideally it would show the full *LINE reason but that is something
for a later release. Inspired by https://bugs.unrealircd.org/view.php?id=6202

This also fixes a silly typo that prevents compiling btw :D
2022-12-21 09:31:47 +01:00
Valerie Pond 7dedbf1a69 Fix set::authentication-prompt::enabled 'no' being ignored (#243) 2022-12-21 08:01:47 +00:00
Valerie Pond d4dbf62781 Fix link warning about moddata creationtime (#233)
This lets servers share their own creation time. See https://bugs.unrealircd.org/view.php?id=6193
2022-12-21 07:54:55 +00:00
Bram Matthys 2ff03be8a0 Log who actually initiated a /CONNECT (both local and remote).
Reported by Noisytoot in https://github.com/unrealircd/unrealircd/pull/244
2022-12-21 08:50:17 +01:00
ZarTek @ CREOLE b53f23416d Unrealircd to UnrealIRCd 2022-12-14 15:24:19 +00:00
ZarTek @ CREOLE 67ec21f4e9 unreal to unrealircd 2022-12-14 15:24:19 +00:00
Bram Matthys 037f9d6dcf Add internal timeout to unrealircdctl, just in case UnrealIRCd hangs.
This because we will soon use that script for 'start' too...
[skip ci]
2022-12-12 14:54:07 +01:00
Bram Matthys 165639a007 Fix ExtBanAdd() for bans that are registered in both MOD_TEST and MOD_INIT
leading to duplicates. The effect was that in the 005 EXTBAN= string some
letters showed up twice like EXTBAN=~,aacfjmnpqrrtCCGGOSST.
Reported by jesse in https://bugs.unrealircd.org/view.php?id=6199
2022-12-10 10:39:51 +01:00
Bram Matthys 6ae5c9d77f Fix leak of 1 file descriptor per /REHASH (the control socket).
In "/STATS P" one additional UNIX control socket appeared after
each "/REHASH". Reported by jesse.
2022-12-07 12:33:12 +01:00
Bram Matthys bb0a50d839 ** UnrealIRCd 6.0.5-rc1 ** 2022-12-07 08:53:44 +01:00
Bram Matthys 36a8949d59 Fix "/STATS o" returning (null) items when advanced matching criteria
are being used. This also applies to similar use in some other /STATS
like tld blocks.

Reported by darkex in https://bugs.unrealircd.org/view.php?id=6189
2022-12-07 08:30:52 +01:00
Bram Matthys 7bab7144ed Send empty batch on CHATHISTORY request for a user (non-channel),
which makes it similar behavior to channels that are not +H.
2022-12-07 08:15:41 +01:00
Valentin Lorentz 7bacf25845 Add ACCOUNTEXTBAN ISUPPORT token
To support the draft IRCv3 spec: https://github.com/ircv3/ircv3-specifications/pull/464
2022-12-07 07:00:35 +00:00
Bram Matthys 36d9e8e720 RPC spamfilter.*: fix validations not working due to changes yesterday 2022-12-06 17:20:29 +01:00
Bram Matthys fe8661da3d RPC: implement spamfilter.del and spamfilter.get 2022-12-05 15:41:09 +01:00
Bram Matthys 61e68d65da Update a comment
[skip ci]
2022-12-05 14:51:22 +01:00
Bram Matthys d9ac4cac07 Add RPC 'rpc.info': returns list of RPC methods, RPC module name and version.
This can be useful for checking if a server supports something and what
format it expects or returns things, etc.
2022-12-05 14:48:14 +01:00
Bram Matthys ee1f8d84a0 Require TLSv1.2 or later and require a modern cipher with forward secrecy.
This also fixes a bug with OpenSSL 3.x where, when the ircd was
configured to still allow old TLSv1.0 / TLSv1.1, it would still
only allow TLSv1.2+.

But, as said, allowing TLSv1.0/TLSv1.1 is now no longer the default.

See release notes for more information or the documentation at
https://www.unrealircd.org/docs/TLS_Ciphers_and_protocols
2022-11-27 17:04:22 +01:00
Bram Matthys c756c87be2 Update blacklist::reason changing the $variables there.
This changes the work of commit 2cf60f66a3.
    $ip: IP address of the banned user
    $server: name of the IRC server
    $blacklist: name of the blacklist block (eg. xyz for blacklist xyz { })
    $dnsname: the blacklist::dns::name
    $dnsreply: DNS reply code

Previously there was a $name which was ambigious in the sense that
it could mean blacklist name or dns name, now we simply avoid using
$name altogether and use $dnsname and (new) $blacklist.
2022-11-18 12:25:30 +01:00
Ron Nazarov 4999ae408c Add TLINE command
Suggested by PeGaSuS in https://bugs.unrealircd.org/view.php?id=6174
2022-11-18 08:53:36 +00:00
Valerie Pond 1a4b701776 SVSLOGIN: Move to its own file
Moved SVSLOGIN command to its own file.
2022-11-14 07:43:43 +00:00
alice b3f0165773 Adjust tkl too broad ban detection to avoid banning too-wide IPv6 masks.
This adjusts the test to disallow a ban on *@*:*:*:*:*, to bring it into line with similar behaviour for IPv4.
2022-11-14 07:23:55 +00:00
westor 2cf60f66a3 Add on blacklist module two extra variables
Added the ability to specify `$name` and `$reply` variables on ban reason,

`$name` would be filled with blacklist dns name data
`$reply` would be filled with blacklist dns reply data.
2022-11-14 07:21:45 +00:00
Valentin Lorentz b01caa945f Use stable 'extended-monitor' capability name
https://ircv3.net/specs/extensions/extended-monitor was ratified
yesterday: https://github.com/ircv3/ircv3-specifications/pull/508
2022-11-14 07:19:43 +00:00
Valentin Lorentz a7716f8981 Add support for the stable 'bot' mtag
https://ircv3.net/specs/extensions/bot-mode was ratified a few months ago
(https://github.com/ircv3/ircv3-specifications/pull/495)

This commit keeps the draft mtag in addition to the stable one, for now.
2022-11-14 07:19:21 +00:00
Bram Matthys 2d61cded0d Show jansson library version in boot screen and elsewhere IF library version
is 2.13 or newer, as this requires jansson_version_str().

And no, we don't use macro's (eg JANSSON_MAJOR_VERSION). We never do that for
any of the displayed library versions (OpenSSL, libsodium, c-ares, curl, etc)
as macro's only reflect the compile-time library version and not runtime,
and thus are misleading... which can be especially problematic in case of a
security issue. So good that jansson added this function.
2022-11-04 14:16:50 +01:00
Bram Matthys 7a5f83e0b6 Make REHASH always asynchronous (done in the main loop).
This means it is safe to REHASH from modules now, which means
issuing a REHASH from a websocket connection is now possible.
2022-11-04 12:43:02 +01:00
Bram Matthys c3824ad47d Fix potentially sending invalid data over websockets on REHASH.
This makes websocket_common unload last (and near-last: rpc & websocket)
and makes us call Mod_Init for these three modules first.
This way, the period where the websocket handler is unavailable is kept
to a minimum.

This also renames the ModuleSetOptions option MOD_OPT_UNLOAD_PRIORITY
to MOD_OPT_PRIORITY since it dynamically changes the module priority
in the list. For 6.x compatibility, MOD_OPT_UNLOAD_PRIORITY can still
be used.
2022-11-04 10:54:53 +01:00
Bram Matthys 3de3087c95 Fix read-after-free when linking in a server (that is fully authenticated)
when there is already another established link with a server with the same name.
For example, when there is a network issue and the "old server" is still
waiting to be timed out and the "new server" is already linking in.
2022-10-01 08:48:44 +02:00