and find_user_mode(). That's one array of 256 elements, instead of
iterating a linked list where - if you are unfortunate - one may
need like 26 iterations.
In sendto_channel() we did the check for user mode +T before the
sendflags & SKIP_CTCP, that makes no sense and caused useless CPU.
We now do it the other way around, and also only lookup the user
mode just once (if needed).
The umode_letter_to_handler[] code may crash, it is not well tested
yet, only had two runs so far. Seems to work ok even with REHASH tho,
but have not tested delayed module unloading for example.
to avoid a crash in todays code which was like:
1) exit_client gets called
2) close_connection() sets client->direction to NULL
3) a bit further it calls remove_dependents()
4) a sendto is attempted and the new code accesses
client->direction which is unexpected to be NULL
Actually i should probably trace the cause of the sendto_one()
but that is another story ;)
when it is not possible, mixed server scenario).
Now a big RRPC response like server.module_list for a remote server
(44KB) fits in only 3 lines, instead of almost 100 lines.
`PROTOCTL BIGLINES` is set. This will allow us to do things more
efficiently and possibly raise some other limits in the future.
This 16k is the size of the complete line, including sender,
message tags, content and \r\n. Also, in server-to-server traffic
we now allow 30 parameters (MAXPARA*2).
The original input size limits for non-servers remain the same: the
complete line can be 4k+512, with the non-mtag portion limit set
at 512 bytes (including \r\n), and MAXPARA is still 15 as well.
* I chose 16k because I don't want to first raise it to like 8k
and then realize later that 16k would be better and raise it again.
* To receive BIGLINES in a command, you need to `CommandAdd()` with
flags `CMD_BIGLINES`, without it you still get regular 512 max.
This is so, because a lot of the code does not expect longer than
512 bytes lines or in parameters, so we can gradually change that
(where needed).
This is the start of "be more friendly to TLS users with disconnect
error messages" from https://bugs.unrealircd.org/view.php?id=5532
As that bug explains:
Consider doing the SSL/TLS handshake even for throttling errors and such
when the (reject) connection rate is below a certain amount per second. If
it is higher than a certain rate, then fall back to the original behavior to
reject the user instantly without handshake or looking at any data.
Rationale: the current/original behavior is there so the ircd can handle
floods, both in terms of traffic and in terms of CPU usage (the SSL/TLS
handshake is quite costly after all). The downside of the current behavior
is that TLS users don't see the error message, usually. This feature
request tries to find a middle ground.
Still a TODO item:
* We don't detect high rates yet, so we only do this new behavior atm
and not yet the old behavior during high connection rates.
* Verify that error messages/behavior hasn't changed (too) much,
like the throttling and the banning disconnect messages.
When sending to channel members this will cache full IRC protocol
lines, including message tags and \r\n, for similar clients.
This avoid the need for many mtags_to_string() calls and also
entire parts of sendbuf_to_one() can be skipped as well.
The "Similar clients" cache entries are defined as clients that:
1) Are of the same type: normal local client, ircop local client
or remote client.
2) Have the same CAPs set, that is: we only look at CAPs that actually
have anything to do with message tags ('clicaps_affecting_mtag')
3) Optionally there can be an explicit line_opts. It is not used yet
but could be used when there are different type of lines sent
depending on other criteria, such as chanop status or something
else that doesn't fit in #1 and #2.
They are similar to sendnumeric/sendnumericfmt, but allow an array of message
tags are parameter.
sendnumeric/sendnumericfmt are now shorthands for sendtaggednumeric/sendtaggednumericfmt
which pass NULL as mtags.
Suggested by Chris_dc in https://bugs.unrealircd.org/view.php?id=6252
This uses unrealircd.org/real-quit-reason internally, but is only
exposed to servers, never to users. It results in using that quit
reason for IRCOps, while using the regular quit reason for normal users.
This also adds the MAXLINELENGTH define which is set to 4K+4K+512,
it can be used when you are dealing with complete lines (quite rare
in the code, mostly in socket code and labeled response).
And now also #define READBUFSIZE MAXLINELENGTH
but it is used beyond read buffers, als in write buffers of course.
"./unrealircd reloadtls" and there is now also a "./unrealircd status"
The output is colorized if the terminal supports it (just like on the
boot screen) and also the exit status is 0 for success and non-0 for
failure. The purpose of all this is that you can easily detect rehash
errors on the command line.
These three commands communicate to UnrealIRCd via the new control
UNIX socket, which is in ~/data/unrealircd.ctl.
This also does a lot of other stuff because we now have an internal
tool called bin/unrealircdctl which is called by ./unrealircd for
some of the commands to communicate to the unrealircd.ctl socket.
Later on more of the existing functionality may be moved to that
tool and we may also provide it on Windows in CLI mode so people
have more of the same functionality as on *NIX.
to expose to which users and in what detail.
The default configuration is as follows:
set {
whois-details {
basic { everyone full; }
modes { everyone none; self full; oper full; }
realhost { everyone none; self full; oper full; }
registered-nick { everyone full; }
channels { everyone limited; self full; oper full; }
server { everyone full; }
away { everyone full; }
oper { everyone limited; self full; oper full; }
secure { everyone limited; self full; oper full; }
bot { everyone full; }
services { everyone full; }
reputation { everyone none; self none; oper full; }
geo { everyone none; self none; oper full; }
certfp { everyone full; }
shunned { everyone none; self none; oper full; }
account { everyone full; }
swhois { everyone full; }
idle { everyone limited; self full; oper full; }
}
}
Oh, yeah, and for "secure" this also adds displaying of the TLS cipher
in /WHOIS for ircops and self by default. For all others it is limited
to just "is using a Secure Connection".
This also removes the newly added set::geoip::whois-for-anyone since
it is now configured via set::whois-details::geo.
Module coders: HOOKTYPE_WHOIS changed and you may no longer send
directly to the client from this hook. Instead, you should use
add to the NameValuePrioList, usually via the functions
add_nvplist_numeric() and add_nvplist_numeric_fmt().
For inspiration see bot_whois in src/modules/usermodes/bot.c
and reputation_whois in src/modules/reputation.c
would normally use sendnumeric() instead.
The buildnumeric() function prepares a buffer but does not send it.
It is used in eg CAN_KICK / CAN_SET_TOPIC, where you need to set an
'errbuf' with a full IRC protocol line to reject the request (which
then may or may not be sent depending on operoverride privileges).
We use char *member_modes like we now have at all the other places,
which contains eg "o".
TODO: fix prefix sending rules or remove some if 0'd out code
And not sure if we want to do it entirely this way :D
This already found a few issues.
As a side-effect, this also means you can only use RPL_xxx and
ERR_xxx in the 2nd argument from now on. You can no longer use
a dynamic integer (eg 'reply') at runtime, since then the format
string cannot be checked.
More to follow, after making sure it works on Windows too.
server where the client is (or was) on. Just like we did in UnrealIRCd 5.
Not sure if API-wise and variable-name-wise I want to do it this way,
but whatever...
just like client->user is set if the client is a user.
Rename client->srvptr to client->uplink: this is the uplink that the client
is connected to. If the client is a user then it is set to the server that
the client is connected to, if the client is a server then it is set to the
server that the server is connected to (the.. tadah.. uplink).
For local clients it is always set to &me.
Bram Matthys