1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-03 21:43:13 +02:00
Commit Graph

1460 Commits

Author SHA1 Message Date
Bram Matthys 858aaa774a 'SVSMODE Nick -t' does not remove vhost (while MODE 'MODE Nick -t' does)
Reported by The_Myth in https://bugs.unrealircd.org/view.php?id=5111
2018-09-07 10:50:00 +02:00
Bram Matthys aa3e66bb5b We now use standard formatted messages for all K-Lines, G-Lines and
any other bans that will cause the user to be disconnected.
For technical details see the banned_client() function.

It's likely I made some mistakes somewhere => testing required!!
2018-09-05 16:24:08 +02:00
Bram Matthys 107d8ccf6a * A new require sasl { } block which allows you to force users on the
specified hostmask to use SASL. Any unauthenticated users matching
  the specified hostmask are are rejected.
  See https://www.unrealircd.org/docs/Require_sasl_block
Feature suggestion: https://bugs.unrealircd.org/view.php?id=5107
2018-09-05 11:34:48 +02:00
Bram Matthys c4760cc83c Add more soft actions. The full list is available on
https://www.unrealircd.org/docs/Actions
Also, some minor cleanups / simplifications.
2018-09-05 09:39:44 +02:00
Bram Matthys c8c0199095 Fix potential bug if there are both soft and hard tkl's matching the user.
Add soft-shun. Use IsLoggedIn() to detect logged in to services status
rather than repeating the more elaborate if ... isdigit...svid.. etc.. stuff.
2018-09-04 21:08:48 +02:00
Bram Matthys aa45ce11cc ..and the necessary stuff for softbans in the blacklist module. 2018-09-03 20:18:23 +02:00
Bram Matthys b2be1009a0 Second parameter to find_tkline_match() can now be used to skip
soft ban checking. Necessary for blacklist module.
2018-09-03 19:55:48 +02:00
Bram Matthys 1d42ccd973 DNSBL: Fix possible problem where multiple blacklists are not processed.
Also fix a memory leak triggered in some circumstances.
2018-09-03 19:31:27 +02:00
Bram Matthys 1eb09484f1 Add 'soft-kline' and 'soft-gline' to ban actions (more information soon)
If you don't know what ban actions are, they are listed here:
https://www.unrealircd.org/docs/Actions
2018-09-03 17:24:23 +02:00
Bram Matthys 5f116cc64e Part one of soft gline/kline (more information will follow) 2018-09-03 17:07:22 +02:00
Bram Matthys 2537fb5e1c extbans/textban was not working properly on words with dots
Reported by The_Myth in https://bugs.unrealircd.org/view.php?id=4909
2018-09-02 21:55:57 +02:00
Bram Matthys d3dba63f56 AntiRandom: The module will now (by default) exempt WEBIRC gateways
from antirandom checking because they frequently cause false positives.
This new behavior can be disabled via:
set { antirandom { except-webirc no; }; };
Suggested by The_Myth in https://bugs.unrealircd.org/view.php?id=5007
2018-09-02 12:34:03 +02:00
Bram Matthys 5f597c0b08 Sync 'webirc' status of a client with the rest of the network (via ModData).
Also necessary for upcoming commit..
2018-09-02 12:16:45 +02:00
Bram Matthys cab8ea7066 * Potential crash issue when concurrently checking DNSBL for the WEBIRC
gateway and the spoofed host.
2018-09-02 12:16:15 +02:00
Bram Matthys b1b73e0e56 * Localhost connections are considered secure, so these can be used even
if you have a plaintext-policy of 'deny' or 'warn'. (This was already
  the case for servers, but now also for users and opers)
https://bugs.unrealircd.org/view.php?id=5108
2018-09-02 11:24:19 +02:00
Bram Matthys 93957fc7ee blacklist module: also check the ip of WEBIRC users.
Suggested by jesopo (#0005098).
2018-06-11 08:53:34 +02:00
Bram Matthys cd6d7a2bb7 Add allow::options::sasl (or require-sasl) to require SASL authentication
as suggested in https://bugs.unrealircd.org/view.php?id=5098
The allow block documentation has been updated, including an example at
the end of the page - https://www.unrealircd.org/docs/Allow_block
2018-06-11 08:22:29 +02:00
Bram Matthys 46a60ec795 Fix OOB read (1 byte to the left) 2018-06-11 08:05:14 +02:00
Bram Matthys 8b988622cd Fix memory leak in channel mode +f 2018-06-11 08:04:10 +02:00
Bram Matthys e456f621ef Fix OOB read in extended bans handling.
(Bug caused by commit dd6f67a266)
2018-06-11 08:02:35 +02:00
Bram Matthys 8efcd684d3 Fix /SPAMFILTER add having the regex syntax check backwards.
(Not too surprising when add is 0 and delete is 1)
Not fatal, as error was still handled & send, but it went to
all opers instead of just the one person adding it..
2018-05-01 15:22:39 +02:00
Bram Matthys 3a97bc29da Fix bug 2 due to code cleanup yesterday... 2018-04-23 08:50:34 +02:00
Bram Matthys 47e2975f01 Fix crash number 1 due to latest changes (TOPIC). 2018-04-22 19:38:29 +02:00
Bram Matthys 31409b19a5 Removed useless/unused * (pointer dereference) in increment 2018-04-22 18:06:10 +02:00
Bram Matthys 33db0bf73e Get rid of a number of clang warnings. 2018-04-22 17:06:31 +02:00
Bram Matthys 992bed3c7a Similar to previous commit, change: alter HOOKTYPE_MODE_DEOP function:
-int hooktype_mode_deop(aClient *sptr, aClient *victim, aChannel *chptr, u_int what, char modechar, long my_access, char **badmode);
+int hooktype_mode_deop(aClient *sptr, aClient *victim, aChannel *chptr, u_int what, int modechar, long my_access, char **badmode);
.. this to get rid of a compiler warning and potential problem.
2018-04-22 16:09:10 +02:00
Bram Matthys 4f0f8478cc Update HOOKTYPE_CHANNEL_SYNCED to get rid of compiler warning.
Can't safely use shorts with variable argument functions I think,
or maybe only with reduced type checking which is not what we want.
-void hooktype_channel_synced(aChannel *chptr, unsigned short merge, unsigned short removetheirs, unsigned short nomode);
+void hooktype_channel_synced(aChannel *chptr, int merge, int removetheirs, int nomode);
2018-04-22 16:02:13 +02:00
Bram Matthys bb4758f321 Add strldup() and safestrldup(), reducing ridiculous amount of code in
m_pass and m_topic.c when duplicating strings with a length limit.
+/* strldup(str,max) copies a string and ensures the new buffer
+ * is at most 'max' size, including nul byte. The syntax is pretty
+ * much identical to strlcpy() except that the buffer is newly
+ * allocated.
+ * If you wonder why not use strndup() instead?
+ * I feel that mixing code with strlcpy() and strndup() would be
+ * rather confusing since strlcpy() assumes buffer size including
+ * the nul byte and strndup() assumes without the nul byte and
+ * will write one character extra. Hence this strldup(). -- Syzop
+ */
2018-04-22 15:40:21 +02:00
Bram Matthys 6990b7d9a6 Mass-replace MyMalloc with MyMallocEx, even if it's unnecessary.
Replace century-old custom functions with C standard funcs,
such as AllocCpy -> strdup.
2018-04-22 14:55:07 +02:00
Bram Matthys 61f40a59a7 Remove unused events.h 2018-04-22 14:36:21 +02:00
Bram Matthys 9a1a4f13a4 Remove sjoin.h (was included but contents were unused) 2018-04-22 14:32:28 +02:00
Bram Matthys d5d446c38d More code cleanups to get rid of useless casts and other useless
structures such as:
-       lp->value.cp = (char *)MyMalloc(strlen(mask) + 1);
-       (void)strcpy(lp->value.cp, mask);
+       lp->value.cp = strdup(mask);
2018-04-22 14:28:22 +02:00
Bram Matthys 680715b1b5 Partially rewrite send_channel_modes() (+helper functions).
Although this is only used by servers lacking SJOIN/SJOIN3 so
is of limited use. Still.. got rid of the most ridiculous casts.
2018-04-22 13:51:37 +02:00
Bram Matthys 147ae3012b Get rid of about a million (now) useless casts and some re-indenting. 2018-04-22 10:29:36 +02:00
Bram Matthys 8d7d6d7c4c Get rid of compiler warning 2018-04-22 09:50:13 +02:00
Bram Matthys 5044013dd5 Make m_ircops use RPL_TEXT rather than conflicting numeric.
The output of /IRCOPS isn't meant to be client parsable anyway (which
can be seen by the use of bold text and such), so using a generic
numeric rather than wasting two others seems sensible.
Reported by The_Myth in #5066.
2018-04-22 09:42:14 +02:00
Bram Matthys 04ca88cc1e Fix bug in blacklist module with multiple replies for the same IP.
We only parsed the first A record reply, so if the blacklist returned
multiple results /and/ you would not have all those types in your
blacklist { } block then you could miss a hit (false negative).
2018-04-22 09:04:14 +02:00
Bram Matthys ad9ca5e449 Add support for checking IPv6 addresses in blacklists.
Suggested by k4be (#5040).
2018-04-22 08:30:02 +02:00
Bram Matthys 41b7e1b735 'set::cloak-method ip' not working properly with DNS resolving.
Reported by The_Myth (#5064).
2018-03-07 10:22:24 +01:00
Bram Matthys 5609b36850 Fix crash with OperOverride 2017-12-22 09:48:42 +01:00
Bram Matthys 0a9306ca5b CIDR support in set::antirandom::except-hosts
Or, to be more precise: converted code to use match_user() framework.
2017-12-17 10:06:39 +01:00
Bram Matthys 33ec662205 Remove a junk notice regarding SJOIN 2017-12-17 09:26:19 +01:00
Bram Matthys dc7cb17eff Fix linking problem if only using link::outgoing (and not link::incoming)
which is perfectly legal but caused a confusing error message about
a 'server name mismatch'.
2017-12-13 09:02:32 +01:00
Bram Matthys 079963cdc6 Set prio for HOOKTYPE_CHANNEL_DESTROY to -1mln so other hooks are
called later.
2017-12-06 17:53:26 +01:00
Bram Matthys a07411217f Apparently individual PROTOCTL tokens were limited at 128 chars.
This posed a limitation with utf8 PROTOCTL NICKCHARS=... and
potentially PROTOCTL SERVERS=... if having more than 32 servers.
The limitation has now been removed (buffer length = 512)
2017-12-01 10:00:15 +01:00
Bram Matthys c603cc52b3 Reject link if we have any utf8 charset enabled and other side doesn't. 2017-12-01 09:56:08 +01:00
Bram Matthys 82659cfecc '/SPAMFILTER del <id>' was not working across servers.
This was actually a read-after-free bug (IRCOp-only)
2017-11-30 21:59:30 +01:00
Bram Matthys 40293aaaa7 Move charsys definitions from .h to charsys.c & add some fwd decl 2017-11-27 12:32:14 +01:00
Bram Matthys abaacb6643 Permit 0xa0, if it appears inside UTF8 (via set::allowed-nickchars).
This is the "non breaking space" outside UTF8 and thus was previously
blacklisted. Keeping it blacklisted even if it appears in UTF8 is not
really an option as it means some UTF8 characters can never be used,
like the letter "nun" in Hebrew, and likely others.
2017-11-27 11:41:07 +01:00
Bram Matthys b5b01c5263 Modularize charsys (set::allowed-nickchars). It's still a mandatory
module but at least the code can be updated on the fly (or replaced
with some other secondary alternative module in the future).
src/charsys.c -> src/modules/charsys.c
This also means everyone needs to load the modules/charsys module.
2017-11-27 11:24:25 +01:00