1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-06 23:03:13 +02:00
Commit Graph

38 Commits

Author SHA1 Message Date
Bram Matthys 6c0ebb5bd3 Protection against linking race conditions is back again (IOTW: allow very rapid re-linking), but only if your network is fully 3.4.x (actually: current git unreal34 or later)
Re-implemented PROTOCTL SERVERS= which nenolod ripped out (#4355).
Add 2nd argument to PROTOCTL EAUTH=servername,unrealprotocol
Change UnrealProtocol from 2350 to 2351
2015-07-10 21:57:13 +02:00
Bram Matthys e8dfb284a1 Replace parv[0] with sptr->name. Don't use parv[0] anymore.
I went through all 500+ of them by hand as to avoid introducing bugs... we'll see ;)
2015-07-10 12:17:05 +02:00
Bram Matthys 2f8cb55e47 Add extended SWHOIS support. Allows multiple swhoises and tracking of who/what set the swhois.
Added swhois_add / swhois_delete functions which also take care of broadcasting
New remove_oper_privileges() function, will move the rest to use this (svsnoop svsmode etc)
Not finished yet...
2015-07-09 16:26:52 +02:00
Bram Matthys fe14e21175 Update all MOD_TEST/MOD_INIT/MOD_LOAD/MOD_UNLOAD calls to new format 2015-07-08 18:02:19 +02:00
Bram Matthys 422b339be1 In 2003 I added PROTOCTL CHANMODES= so other servers (and services) could
easily deal with "parameter eating" of unknown channel modes.
Now, 12 years later, finally added the code to do this.
This prevents some (serious) desynching if you have a parameter-eating
channel mode on one server and not on the other.
Obviously, you should always try to have the same featureset on all
servers, but sometimes this is not possible, like when upgrading..
2015-07-04 19:25:27 +02:00
Bram Matthys 58bd3cf60b Preparations for #4356 (experimental / on-going):
* add general matching framework (aMatch type, unreal_match_xxx functions)
* change spamfilter { } block syntax
* add support for simple wildcard matching (non-regex, just '?' and '*')
This is the initial commit so the new lib is not in yet, 'regex' is not
functional (but 'posix' and 'simple' are working), linking has not been
fully tested and no warnings are printed yet. IOTW: work in progress!
2015-05-30 21:11:11 +02:00
Bram Matthys db97b23bcb move to a single password entry in link block:
"password in link block should be plaintext OR should be the SSL fingerprint of the remote link (=better)"
2015-05-25 10:54:05 +02:00
Bram Matthys 8049136379 Restructure the entire link { } block (#4032). Initial commit (missing autoconnect, ssl, etc). 2015-05-25 10:19:15 +02:00
Bram Matthys 0a42cedf77 Bounce links that have their clock too far out of sync (#4214). Currently set at 1 minute. TODO: make configurable.
This only works with newer servers as it relies on PROTOCTL TS=xyz very early in the synch.
2015-05-24 16:16:31 +02:00
Bram Matthys 101d2dd6a3 Big 3.4.x commit containing bug fixes and enhancements. Modularizing
user & channel modes. Fixing Windows build. Etc..
2014-05-11 20:56:02 +02:00
William Pitcock cea686b7fa - more reliably ensure we induce FLUSH_BUFFER on SID collision 2013-05-21 01:49:27 +00:00
William Pitcock f9259bf5a5 - avoid corrupting SID hashtable on collision. 2013-05-21 01:36:19 +00:00
William Pitcock 13351e550a - Add PROTO_SID, so that SID/UID messages can be sent with sendto_server(). 2013-05-21 01:16:01 +00:00
William Pitcock 3c38cd42e3 - protoctl: parse SID= token 2013-05-21 00:58:46 +00:00
William Pitcock b413848524 - TOK_FOO removal pass 2 2013-05-19 21:40:45 +00:00
William Pitcock ca86485927 - Remove token parameter from CommandAdd(). 2013-05-19 21:27:26 +00:00
William Pitcock b2214aba9f - Remove SJB64 stuff, patch from FalconKirtaran (#4190). 2013-05-19 08:09:02 +00:00
William Pitcock c41ca43145 - Remove ziplinks support, patch from FalconKirtaran. (#4189) 2013-05-16 06:36:13 +00:00
William Pitcock 2b54f0b617 - m_protoctl: ignore SERVERS= token 2013-05-09 00:56:02 +00:00
William Pitcock 39c117a695 - Remove numerics from server protocol, part 1 2013-05-09 00:25:02 +00:00
Bram Matthys 61cfb5ac3e - Windows: Fix strange linking bug. Outgoing connects from a Windows
IRCd caused a garbled SERVER protocol message, causing 'cannot find
  server' errors and killing of users. Reported by Sunkat (#4183).
2013-04-04 23:07:04 +02:00
William Pitcock 9806ec28e9 - Remove support for negotiating TOKEN support.
At present, the TOKEN support is kept in place.
2013-02-22 02:48:47 -06:00
William Pitcock 424d7afba7 - Remove all references to add_Command(). (#3177) 2012-12-26 19:57:35 -06:00
William Pitcock ab5e766d9c - Replace calls to strncpyzt() macro with more secure strlcpy().
This was done using Coccinelle, the semantic patch was:

  @@
  expression src, dst, len;
  @@

  - strncpyzt(src, dst, len);
  + strlcpy(src, dst, len);
2012-11-21 03:22:29 +00:00
William Pitcock 5360e2ffa5 - Add support for server-enforced mode locks (MLOCK).
This allows the IRCd to enforce MLOCKs that are set by services, which
  eliminates clashes between users setting modes and services enforcing
  it's mlock on channels. (#3055)
2012-05-04 12:47:59 +02:00
binki 2a6a4b31ff - Fixed a few trivial compilation warnings. 2010-06-29 03:00:34 +00:00
Bram Matthys 8e26c4b540 linking bug & ipv6 thing (the latter is completely untested):
- IPv6: it seems some recent Linux dists decided to make IPv6 sockets
  IPv6-only, instead of accepting both IPv4&IPv6 on them like until now.
  FreeBSD (and other *BSD's) already did that move a few years back,
  requiring server admins to sysctl.
  We now make use of a new option to explicitly disable "IPv6-only".
  This should work fine on Linux.
  Whether it provides a complete solution for FreeBSD, I don't know, testing
  is welcome! In theory setting net.inet6.ip6.v6only to 0 should no longer
  be needed, but you might still need to enable ipv6_ipv4mapping.
- Fix stupid issue where current CVS would no longer link TO an earlier
  Unreal server (eg: outgoing connect to a 3.2.8 hub). Reported by ohnobinki
  (#0003901).
2010-04-25 19:14:55 +00:00
Bram Matthys 9259ddee06 - Added set::uhnames setting which can be used to disable uhnames by setting
it to 'no', the default is 'yes' (on). Requested by Robin (#0003885) as
  UHNAMES may increase the time of the nick list being loaded from 1 to 4
  seconds when joining several channels with more than 1000 users. As this
  problem is only present on some networks, we keep UHNAMES enabled by
  default.
2010-01-12 18:30:36 +00:00
Bram Matthys dddc8f07e4 PROTOCTL EAUTH/SERVERS/new linking protocol:
- Server protocol: added PROTOCTL EATH=servername, which allows us to
  authenticate the server very early in the handshake process. That way,
  certain commands and PROTOCTL tokens can 'trust' the server.
  See doc/technical/protoctl.txt for details.
- Server protocol: between new Unreal servers we now do the handshake a
  little bit different, so it waits with sending the SERVER command until
  the first PROTOCTL is received. Needed for next.
- Server protocol: added PROTOCTL SERVERS=1,2,3,4,etc by which a server can
  inform the other server which servers (server numeric, actually) it has
  linked. See doc/technical/protoctl.txt and next for details.
- When our server was trying to link to some server, and at the same time
  another server was also trying to link with us, this would lead to a
  server collision: the server would link (twice) ok at first, but then a
  second later or so both would quit with 'Server Exists' with quite some
  mess as a result. This isn't unique to Unreal, btw.
  This happened more often when you had a low connfreq in your link blocks
  (aka: quick reconnects), or had multiple hubs on autoconnect (with same
  connfreq), or when you (re)started all servers at the same time.
  This should now be solved by a new server handshake design, which detects
  this race condition and solves it by closing one of the two (or more)
  connections to avoid the issue.
  This also means that it should now be safe to have multiple hubs with low
  connfreq's (eg: 10s) without risking that your network falls apart.
  This new server handshake (protocol updates, etc) was actually quite some
  work, especially for something that only happened sporadically. I felt it
  was needed though, because (re)linking stability is extremely important.
  This new feature/design/fix requires extensive testing.
  This feature can be disabled by: set { new-linking-protocol 0; };
2010-01-01 19:49:06 +00:00
Bram Matthys 291bc5c8c3 - #0002833 reported and patched by tabrisnet, implementing UHNAMES
[Backport, only slightly modified for speed]
2008-08-19 12:43:54 +00:00
Bram Matthys 8607d950b7 - Made the IRCd calculate the cloaked host only once upon connect, and store (cache) it.
- When checking if a user is banned, we always check the cloakhost too. Previously we could
  not do this if the user had a /VHOST (=a minority of the cases, but still...). In short,
  this is some extra protection to combat ban evasion.
- Performance of is_banned() *slightly* improved (just 1-2 usec, but 7 usec if no bans).
- [Module coders] For extban routines, we now offer a routine extban_is_banned_helper(buf)
  which can be used instead of the ban_realhost/etc static chars stuff, see
  extban_modeq_is_banned for a (real-life) example of how this is used.
- [Services coders!] Added PROTOCTL CLK (requires NICKv2) which adds an extra field in the
  NICK command (when a user connects) right before the infofield (gecos).
  The added field contains the cloaked host, that is: the masked host if +x would have been
  set. This field is ALWAYS sent, regardless of whether the user is actually +x or not.
  Services can then store this field in memory, to know the host of the user if the user
  is set +x (+x-t). This is a (better) alternative to PROTOCTL VHP, with no race conditions,
  and avoids some other VHP problems.
  VHP will stay supported though... so it's not mandatory to switch over.
2006-04-16 23:27:56 +00:00
Bram Matthys fd5c1f778f - Fixed bug in currently unused code, reported by DeadNotBuried (#0002835).
- Modulized NAMES command (can now be upgraded on the fly, if ever needed).
- Added NAMESX support, seeing both mIRC (5.17) and XChat support this. What this does is
  send all rights of all users on the channel in the NAMES reply (eg: @+Syzop if the user is +ov)
  instead of only the highest one (@Syzop in previous example). We only do so if the client
  explicitly requested this via a NAMESX in a PROTOCTL message (eg: 'PROTOCTL NAMESX').
  Note that there is a glitch: since most clients only send the PROTOCTL NAMESX after they
  see NAMESX listed in the 005 announce message this has the effect that if there are
  set::auto-join channels present (where users are automatically joined to by the server) the
  extended NAMES reply will not be sent for those channels, because from the IRC server' point
  of view the join happened before the PROTOCTL and hence it does not know the client wanted
  NAMESX at that point (the result is not catastrophic: the old-style NAMES is sent for those
  channels). Anyway, for all non-autojoin channels this works great. So still worth adding IMO.
  Originally suggested in #0000606.
  Side note: this does not mean we dropped the idea of (also) having a challenge-response
  system for good ;).
2006-02-26 01:06:10 +00:00
Bram Matthys 4d47acdbfd - Made the charsys mismatch during linking a warning instead of an error (temp. fix,
until a good solution is implemented without false positives).
2006-01-14 00:16:40 +00:00
Bram Matthys 97d4be791b - Added NICKCHARS= in PROTOCTL. This indicates which languages are accepted in nicks.
If 2 servers try to link and the allowed nick characters do not fully match, then
  the link will be rejected. Note that this will not prevent you from 3.2.2<->3.2.3/CVS
  charsets mistakes, but only with linking CVS/3.2.3+ servers. Suggested by Troco (#0002360)
  This might need some additional testing, but initial results are positive :).
2005-02-20 22:05:06 +00:00
codemastr c1af4a4516 Added NICKIP 2004-05-27 22:05:58 +00:00
Bram Matthys a573b29a0f - Fixed a bug in individual m_*.so loading, 39 new modules were affected. 2004-02-23 23:14:05 +00:00
Bram Matthys 648d73556c spamfilter improvements
- Fixed a few wrong macro's (ircstrdup/ircfree) in s_conf.c causing
  very weird behavior... This also fixes a bug where set::spamfilter::ban-reason
  would have the value of ban-time.
- Improved spamfilter again.
  - The new syntax is:
    /spamfilter [what] [type] [action] [tkltime] [reason] [regex]
    [tkltime] specifies the duration of any *lines placed by this rule.
    [reason] specifies the *line, kill and/or block reason.. no spaces
    allowed, but '_' will be escaped to a space.
    In both cases you can simply use '-' to skip and use the default.
    Ex: /spamfilter add p block - - Come watch me on my webcam
        /spamfilter add p gline 3h Please_go_to_www.viruscan.xx/
        nicepage/virus=blah Come watch me on my webcam
  - A message is now shown if the msg/notice/dcc is blocked.
  - There are 2 new spamfilter action types:
    'dccblock' will mark the user so (s)he's unable to send any files by DCC.
    'viruschan' will part the user from all channels and join
     set::spamfilter::virus-help-channel (default: #help).
     this action might be improved to do more later.
  - Internal: added EXTTKL PROTOCTL, this determinates if 10 parameters
    instead of 8 are supported for m_tkl (used by spamfilter add).
  This new system needs some testing... :)
2004-02-20 23:28:57 +00:00
codemastr 6648072334 Modulized knock, umode2, squit, protoctl 2004-02-17 00:40:42 +00:00