1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-10 18:43:13 +02:00
Commit Graph

978 Commits

Author SHA1 Message Date
Travis McArthur a72ce0017e Add additional TKL checks 2015-06-01 02:34:13 -04:00
Travis McArthur d640ca84ee G:line uses operclass along-side classic system 2015-06-01 02:16:04 -04:00
Travis McArthur 3b98eac4a9 Remove unnecessary gotos 2015-05-31 21:46:32 -04:00
Travis McArthur ffe6877fbe Clean up unnecessary stuff 2015-05-30 22:14:45 -04:00
Bram Matthys 58bd3cf60b Preparations for #4356 (experimental / on-going):
* add general matching framework (aMatch type, unreal_match_xxx functions)
* change spamfilter { } block syntax
* add support for simple wildcard matching (non-regex, just '?' and '*')
This is the initial commit so the new lib is not in yet, 'regex' is not
functional (but 'posix' and 'simple' are working), linking has not been
fully tested and no warnings are printed yet. IOTW: work in progress!
2015-05-30 21:11:11 +02:00
Bram Matthys a109bdb0f6 Rip out the final remains of WebTV (/MSG IRC ..) & change handling of VERSION replies for ban version { }. 2015-05-27 18:00:16 +02:00
Bram Matthys 542ef1acbb move aJFlood * stuff from core to jointhrottle module, using ModData. (as per TODO) 2015-05-27 17:33:53 +02:00
Bram Matthys 822f27f34c Remove "We will loose all flood counters!" message upon /REHASH. 2015-05-27 10:41:45 +02:00
Bram Matthys efdefc4eb8 mute non-SSL warning for localhost (won't bother about other cases) 2015-05-25 13:14:44 +02:00
Bram Matthys 04727556c7 Show warning if non-SSL. Improve link error (on authentication failure). Auto-convert link::incoming::mask from like '1.2.3.4' to '*@1.2.3.4'. 2015-05-25 13:06:18 +02:00
Bram Matthys db97b23bcb move to a single password entry in link block:
"password in link block should be plaintext OR should be the SSL fingerprint of the remote link (=better)"
2015-05-25 10:54:05 +02:00
Bram Matthys 8049136379 Restructure the entire link { } block (#4032). Initial commit (missing autoconnect, ssl, etc). 2015-05-25 10:19:15 +02:00
Bram Matthys 0a42cedf77 Bounce links that have their clock too far out of sync (#4214). Currently set at 1 minute. TODO: make configurable.
This only works with newer servers as it relies on PROTOCTL TS=xyz very early in the synch.
2015-05-24 16:16:31 +02:00
Bram Matthys c2ca896dea Add new flag MOD_OPT_PERM_RELOADABLE. Can be used instead of MOD_OPT_PERM if
you want to permit re-loading but not complete un-loading of your module.
This way you get the benefits of being able to upgrade code on-the-fly but
can still disallow the user to do something potentially unwise.
2015-05-23 20:43:31 +02:00
Bram Matthys 3623ebae05 Add protection against SSL Renegotiation attacks (#4046). Reported by seraph.
Also expose dead_link() to modules, IOTW: make it non-static.
2015-05-23 19:04:41 +02:00
Bram Matthys c6fea92257 Port fix #4318 from 3.2.x:
For services who allow you to log in by account name but still allow you to
use a different nick: when you're logged in you are now considered
registered as far as channel mode +M (only registered users may speak and
+R (only registered users may join) are concerned. Same for user mode +R
(only allow private messages from registered users).
Tech: whenever services set SVID and it's not * and does not start with a
      number, then we consider this user to be 'logged in'.
      Whenever a user is set +r (s)he is also considered 'logged in'.
      This way it's compatible with both older and new services and doesn't
      introduce security issues with older services using servicetimestamp
      for nick tracking or other means.
This issue was reported by ShawnSmith (#4318).
2015-05-23 17:06:44 +02:00
Bram Matthys 4a38d0c838 make auth-type optional for passwords in config (#4334).
Now you can just add password "$ZaJw56to$uSEc[etc..]"; to your configuration file without needing an explicit { md5; }; or { sha1; };.
Naturally you can still specify an auth-type if you want to, and for types like 'sslclientcert' it's still required.
2015-05-23 15:07:37 +02:00
Bram Matthys d12b6962a5 convert to more understandable code 2015-05-23 09:50:45 +02:00
Bram Matthys bd65916b5a more cleanups for AUTHENABLE_* 2015-05-23 09:15:24 +02:00
Travis McArthur aea09603a4 Remove USE_SSL macro and associated code
We no longer support non-SSL builds, remove related code
2015-05-20 02:48:34 -04:00
Travis McArthur 229bcca996 Remove Custom MD5 Implementation
We no longer support builds without OpenSSL - consequently we have no reason to keep our custom MD5 implementation, and probably shouldn't keep it around
2015-05-20 02:33:48 -04:00
Adam bc02d95f33 Ignore svsnicks when the new nick is the same as the old one 2015-05-19 13:41:51 -04:00
Bram Matthys b7d11d3e0f Get rid of implicit declarations due to missing header file(s), now including unrealircd.h instead. 2015-05-19 11:57:04 +02:00
Bram Matthys 5ff5e01aa2 Rename moddata_client_XXX_string to moddata_client_XXX 2015-05-19 11:22:11 +02:00
Bram Matthys 7ad4b6db67 Module coders: introduce moddata_client_set_string() and moddata_client_get_string(). Will document later in ModData wiki page (which does not exist yet). 2015-05-18 17:15:02 +02:00
Bram Matthys 222c780d64 broadcast cert fingerprint on connect 2015-05-18 17:01:04 +02:00
Bram Matthys f9fb628aed Implemented certificate fingerprint: available through /WHOIS and synch'ed network-wide (via ModData system). Thanks to DBoyz and Nath (#4136) for the contributed patches. Initial commit (but it works). 2015-05-18 16:48:41 +02:00
Bram Matthys fa38dbf9e6 Added HOOKTYPE_WHOIS. May later be replaced by a more advanced system. 2015-05-18 16:45:31 +02:00
Bram Matthys 6f4ea900c1 Fixed pointer confusing in ModData system and made UnrealIRCd free all client ModData structures on client exit. 2015-05-18 16:42:01 +02:00
Bram Matthys 347609d958 Fix uninitalized read @ censor 2015-05-18 16:26:57 +02:00
Unreal3.4 a6403e09b3 Uh. Well, I noticed a compilation error in the Git alpha, decided to mess with permanent.c, noticed that delayjoin.c didn't really work properly, modified delayjoin.c to send hosts with unhiding users, and here you have, a pull request from your worst nightmare. 2015-04-29 20:14:45 +00:00
dboyz 42214ebdf3 Add missing permission error message as reported in rabbitircd
This is the exact commit I made to rabbitircd two years ago. Since the permission error is still missing, why not port it back to unrealircd. :)
2015-04-22 07:44:53 +08:00
Adam 996c084d6f Fix secureonly 2014-08-26 10:46:45 -04:00
Travis McArthur 8035168d5f Move TKL checking back into run loop 2014-08-24 09:43:40 -07:00
Travis McArthur 496826f42c Make floodprot perm
Modules that take parameters to chanmodes cannot be unloaded at this time, we probably want to investigate adding this capability in the future so we can do dynamic updates of those modules
2014-08-22 21:36:15 -07:00
Travis McArthur 640961201d Merge pull request #7 from Adam-/unreal34+warning
Fix a couple of the worst clang warnings
2014-07-29 15:02:37 -07:00
Adam c25442901b Fix a couple of the worst clang warnings 2014-07-29 17:53:19 -04:00
Travis McArthur 54578a5287 Merge pull request #4 from Adam-/unreal34+starttls
Fix abort from STARTTLS
2014-07-29 13:02:49 -07:00
Adam 0920c1e160 Fix abort from STARTTLS 2014-07-29 15:58:38 -04:00
Adam d540adbc7f Just build the cap list once, fix memory leaks
Not sure what this originally was supposed to do, but clicap_find is
normally called multiple times per cap request per client, so this makes
no sense at all.
2014-07-29 15:29:28 -04:00
Travis McArthur 869014ed82 Merge initializer fixes 2014-07-22 06:35:24 -07:00
Travis McArthur f4c68a3a66 Fix initializers 2014-07-22 06:33:33 -07:00
Bram Matthys 20e9da6dff When users connect they will receive a message telling them this IRC Server
software is experimental and that they should report any bugs or problems
on http://bugs.unrealircd.org/
2014-07-22 14:08:05 +02:00
Bram Matthys 8b05f023fa fix no return value being returned from secureonly module: caused windows
version not being able to join any channel...
2014-07-20 21:36:06 +02:00
Bram Matthys 220e0c01e4 fix missing initializers 2014-07-20 21:29:07 +02:00
Bram Matthys ee00bb2801 oh come on... 2014-07-20 21:26:36 +02:00
Bram Matthys 7e1595dacb fix strange re-using of 'i' and uninitialized use of it. 2014-07-20 21:22:04 +02:00
Bram Matthys 7ba2e3214c First attempt at allowing server to boot if SSL is enabled but the
server/client SSL context failed to load (eg: no cert/key file).
2014-07-20 16:50:29 +02:00
Travis McArthur ec294b1373 Fix build for clang 2014-07-05 12:47:03 -07:00
Travis McArthur 63cb121130 Modularize secureonly (+z) 2014-07-04 21:13:08 -07:00