the default certificate/key (conf/tls/server.cert.pem) even when that
cert is valid and issued by a trusted CA (like Let's Encrypt).
You would get such an incorrect "best practices advice" on-boot, but
(fortunately) not on each subsequent REHASH.
This was because the TLS system was not yet initialized completely at
the time of the best practices checks, ctx_server was NULL. This is
now solved by re-ordering some function calls.
This does change some win_error() and config_load_failed() stuff for
Windows so I hope that's okay.
Reported by Bun-Bun.
Make match_spamfilter use the clictx->textanalysis->deconfused rather than
calculating its own. The latter will probably disappear altogether.
Unrelated but also fixed: properly set e->unicode_blocks.
Better to have this all in one place. Though, must admit, the
config checking is still in src/conf.c and a bit of a hassle to move.
Some testing may be wise to see if everything still works ;)
but was removed several years ago. I think this is a better place.
This also removes doc/Donation which was out of date and probably
not many people knew about it at all.
[skip ci]
Reported by BlackBishop.
This rename free_config_defines() to init_config_defines and calls it from
config_read_start() so caller doesn't have to think about it.
This fixes a bug where if you run ./Config with 'auto' file descriptors,
and then have an unusually low 'ulimit -n' of like 150, you would end up
with a negative amount of file descriptors available for use.
This fix moves it from compile-time setting of reserved fd's to runtime
setting.
All this is wrong, by the way, but that is for another major overhaul,
at least this bug is fixed now :D
This is the start of "be more friendly to TLS users with disconnect
error messages" from https://bugs.unrealircd.org/view.php?id=5532
As that bug explains:
Consider doing the SSL/TLS handshake even for throttling errors and such
when the (reject) connection rate is below a certain amount per second. If
it is higher than a certain rate, then fall back to the original behavior to
reject the user instantly without handshake or looking at any data.
Rationale: the current/original behavior is there so the ircd can handle
floods, both in terms of traffic and in terms of CPU usage (the SSL/TLS
handshake is quite costly after all). The downside of the current behavior
is that TLS users don't see the error message, usually. This feature
request tries to find a middle ground.
Still a TODO item:
* We don't detect high rates yet, so we only do this new behavior atm
and not yet the old behavior during high connection rates.
* Verify that error messages/behavior hasn't changed (too) much,
like the throttling and the banning disconnect messages.
Reported by westor in https://bugs.unrealircd.org/view.php?id=6104
The code was there but the order of which the checks were done was
wrong, so first it was checking which CAP's were unloaded and after
that it was unloading the CAP, instead of the other way around.
Also renamed the function to clicap_check_for_changes()
to be consistent with other runtime change detection functions
like extcmodes_check_for_changes(), umodes_check_for_changes()
and charsys_check_for_changes().
from the *LINE (or other ban type).
Eg /GLINE %*@192.168.* 0 :Please authenticate using SASL
would now, if the user has authprompt enabled and the connection times
out, exit the client after ~30 secs with "Please authenticate using SASL",
instead of "Registration timeout" (pre 6.0.5-rc2) or
the generic "Account required to login" (6.0.5-rc2).
This to help clients and users who do not type or display anything.
This is an enhancement to https://bugs.unrealircd.org/view.php?id=6202
This also fixes a bug in 6.0.5-rc2 where "Registration timeout" was
always showing up as "Account required to connect", even if there
was no softban or authprompt intervention at all.
More ideally it would show the full *LINE reason but that is something
for a later release. Inspired by https://bugs.unrealircd.org/view.php?id=6202
This also fixes a silly typo that prevents compiling btw :D
is 2.13 or newer, as this requires jansson_version_str().
And no, we don't use macro's (eg JANSSON_MAJOR_VERSION). We never do that for
any of the displayed library versions (OpenSSL, libsodium, c-ares, curl, etc)
as macro's only reflect the compile-time library version and not runtime,
and thus are misleading... which can be especially problematic in case of a
security issue. So good that jansson added this function.
rehash errors such as error: set::geoip-classic::ipv6-database:
cannot open file "/home/xxxx/unrealircd/data/https://www.unrealircd...
and possibly even a crash.
The initial boot of UnrealIRCd, however, was always fine, this only
happened when rehashing.
It also seemed to occur more with ftp:// includes or at least with
multiple parallel includes, that may or may not have different or
more latency. In any case it seemed to affect some remote includes
setups semi-consistently, and others not at all.
The root cause was a complex code path causing a read-after-free.
We now use a simplified code path which can no longer cause this.
The only downside is that rehashing may be delayed up to an extra
250ms (quarter of a second), but that should hardly be noticeable,
if at all.
Issue reported by Bun-Bun.
is done behind-the-scenes (the command is still ./unrealircd mkpasswd).
For Windows users it finally means they can generate passwords via the CLI
using: unrealircdctl mkpasswd pwdhere
"./unrealircd reloadtls" and there is now also a "./unrealircd status"
The output is colorized if the terminal supports it (just like on the
boot screen) and also the exit status is 0 for success and non-0 for
failure. The purpose of all this is that you can easily detect rehash
errors on the command line.
These three commands communicate to UnrealIRCd via the new control
UNIX socket, which is in ~/data/unrealircd.ctl.
This also does a lot of other stuff because we now have an internal
tool called bin/unrealircdctl which is called by ./unrealircd for
some of the commands to communicate to the unrealircd.ctl socket.
Later on more of the existing functionality may be moved to that
tool and we may also provide it on Windows in CLI mode so people
have more of the same functionality as on *NIX.
For example if the 1st DNS resolver is refusing or ignoring requests.
We forgot to call unrealdns_timeout() in the waiting loop, so DNS requests
never timed out and c-ares didn't try the 2nd/3rd server either.
Issue reported by Elodie.
That is, until the first REHASH happened, after that all is good.
This was caused by update_throttling_timer_settings() being
called before init_throttling().
This is work in progress. It current lacks a number of features
that we would like to have, but most of them are relatively easy
now that most of the work has been done:
1) Support for caching based on timestamps, like curl ("not modified")
2) IPv6 support
3) HTTP redirects (with limit)
4) Timeouts for connect and reads (15 / 45 for curl atm)
5) HTTP downgrades
6) Chunked transfer encoding
7) Verify openssl hostname check
8) SNI
9) Ideally some progressbar for large transfers such as the geoip db
(for cURL too by the way)
And.. finally we should use this stuff from the modulemanager so we
don't have duplicate code.
as it REQUESTS to rehash the server, but it may not be done immediately.
And making it void makes sure nobody relies on some sort of return
value which will differ between with vs without remote includes.
Also get rid of sig and loop.rehash_save_sig, as a NULL client
already indicates the same (or at least does so now).
not used by 3rd party authors):
* conf_start() -> config_read_start()
* conf_check_complete() -> is_config_read_finished()
* load_conf() -> config_read_file()
* config_test() -> config_test_blocks()
* config_run() -> config_run_blocks()
* init_conf() -> config_test()
* run_configuration() -> config_run()
This so things look like:
if (config_read_start() < 0)
exit(-1);
while (!is_config_read_finished())
; // do something
if (config_test(1) == 0)
config_run();
always compiled in, both regardless of cURL support or not.
Obviously the cURL functions are not available without cURL and there
are now some #ifdef USE_LIBCURL in url.c
This also fixes the current build to work without cURL
asynchronous on start, which is achieved by this 1st commit.
For this to work, the init_conf() stuff has been split to an
earlier call to conf_start() and then a loop where you can
check for conf_check_complete().
This means init_conf() no longer calls load_conf, as that
is moved to conf_start() and conf_check_complete().
Thus, init_conf() is now only called when all includes are in the
linked list 'conf_include'.
This is work in progress and breaks:
1) rehashes
2) compiling without curl
3) possibly cached remote includes
Without this, I think otherwise we need too many checks everywhere
for the IsMe() case. And this behavior matches me.direction which
also points to &me.
Then again, will doing it this way cause issues? We will see...
Bram Matthys