Travis McArthur
a72ce0017e
Add additional TKL checks
2015-06-01 02:34:13 -04:00
Travis McArthur
d640ca84ee
G:line uses operclass along-side classic system
2015-06-01 02:16:04 -04:00
Travis McArthur
3b98eac4a9
Remove unnecessary gotos
2015-05-31 21:46:32 -04:00
Travis McArthur
ffe6877fbe
Clean up unnecessary stuff
2015-05-30 22:14:45 -04:00
Bram Matthys
58bd3cf60b
Preparations for #4356 (experimental / on-going):
...
* add general matching framework (aMatch type, unreal_match_xxx functions)
* change spamfilter { } block syntax
* add support for simple wildcard matching (non-regex, just '?' and '*')
This is the initial commit so the new lib is not in yet, 'regex' is not
functional (but 'posix' and 'simple' are working), linking has not been
fully tested and no warnings are printed yet. IOTW: work in progress!
2015-05-30 21:11:11 +02:00
Bram Matthys
a109bdb0f6
Rip out the final remains of WebTV (/MSG IRC ..) & change handling of VERSION replies for ban version { }.
2015-05-27 18:00:16 +02:00
Bram Matthys
542ef1acbb
move aJFlood * stuff from core to jointhrottle module, using ModData. (as per TODO)
2015-05-27 17:33:53 +02:00
Bram Matthys
822f27f34c
Remove "We will loose all flood counters!" message upon /REHASH.
2015-05-27 10:41:45 +02:00
Bram Matthys
efdefc4eb8
mute non-SSL warning for localhost (won't bother about other cases)
2015-05-25 13:14:44 +02:00
Bram Matthys
04727556c7
Show warning if non-SSL. Improve link error (on authentication failure). Auto-convert link::incoming::mask from like '1.2.3.4' to '*@1.2.3.4'.
2015-05-25 13:06:18 +02:00
Bram Matthys
db97b23bcb
move to a single password entry in link block:
...
"password in link block should be plaintext OR should be the SSL fingerprint of the remote link (=better)"
2015-05-25 10:54:05 +02:00
Bram Matthys
8049136379
Restructure the entire link { } block ( #4032 ). Initial commit (missing autoconnect, ssl, etc).
2015-05-25 10:19:15 +02:00
Bram Matthys
0a42cedf77
Bounce links that have their clock too far out of sync ( #4214 ). Currently set at 1 minute. TODO: make configurable.
...
This only works with newer servers as it relies on PROTOCTL TS=xyz very early in the synch.
2015-05-24 16:16:31 +02:00
Bram Matthys
c2ca896dea
Add new flag MOD_OPT_PERM_RELOADABLE. Can be used instead of MOD_OPT_PERM if
...
you want to permit re-loading but not complete un-loading of your module.
This way you get the benefits of being able to upgrade code on-the-fly but
can still disallow the user to do something potentially unwise.
2015-05-23 20:43:31 +02:00
Bram Matthys
3623ebae05
Add protection against SSL Renegotiation attacks ( #4046 ). Reported by seraph.
...
Also expose dead_link() to modules, IOTW: make it non-static.
2015-05-23 19:04:41 +02:00
Bram Matthys
c6fea92257
Port fix #4318 from 3.2.x:
...
For services who allow you to log in by account name but still allow you to
use a different nick: when you're logged in you are now considered
registered as far as channel mode +M (only registered users may speak and
+R (only registered users may join) are concerned. Same for user mode +R
(only allow private messages from registered users).
Tech: whenever services set SVID and it's not * and does not start with a
number, then we consider this user to be 'logged in'.
Whenever a user is set +r (s)he is also considered 'logged in'.
This way it's compatible with both older and new services and doesn't
introduce security issues with older services using servicetimestamp
for nick tracking or other means.
This issue was reported by ShawnSmith (#4318 ).
2015-05-23 17:06:44 +02:00
Bram Matthys
4a38d0c838
make auth-type optional for passwords in config ( #4334 ).
...
Now you can just add password "$ZaJw56to$uSEc[etc..]"; to your configuration file without needing an explicit { md5; }; or { sha1; };.
Naturally you can still specify an auth-type if you want to, and for types like 'sslclientcert' it's still required.
2015-05-23 15:07:37 +02:00
Bram Matthys
d12b6962a5
convert to more understandable code
2015-05-23 09:50:45 +02:00
Bram Matthys
bd65916b5a
more cleanups for AUTHENABLE_*
2015-05-23 09:15:24 +02:00
Travis McArthur
aea09603a4
Remove USE_SSL macro and associated code
...
We no longer support non-SSL builds, remove related code
2015-05-20 02:48:34 -04:00
Travis McArthur
229bcca996
Remove Custom MD5 Implementation
...
We no longer support builds without OpenSSL - consequently we have no reason to keep our custom MD5 implementation, and probably shouldn't keep it around
2015-05-20 02:33:48 -04:00
Adam
bc02d95f33
Ignore svsnicks when the new nick is the same as the old one
2015-05-19 13:41:51 -04:00
Bram Matthys
b7d11d3e0f
Get rid of implicit declarations due to missing header file(s), now including unrealircd.h instead.
2015-05-19 11:57:04 +02:00
Bram Matthys
5ff5e01aa2
Rename moddata_client_XXX_string to moddata_client_XXX
2015-05-19 11:22:11 +02:00
Bram Matthys
7ad4b6db67
Module coders: introduce moddata_client_set_string() and moddata_client_get_string(). Will document later in ModData wiki page (which does not exist yet).
2015-05-18 17:15:02 +02:00
Bram Matthys
222c780d64
broadcast cert fingerprint on connect
2015-05-18 17:01:04 +02:00
Bram Matthys
f9fb628aed
Implemented certificate fingerprint: available through /WHOIS and synch'ed network-wide (via ModData system). Thanks to DBoyz and Nath ( #4136 ) for the contributed patches. Initial commit (but it works).
2015-05-18 16:48:41 +02:00
Bram Matthys
fa38dbf9e6
Added HOOKTYPE_WHOIS. May later be replaced by a more advanced system.
2015-05-18 16:45:31 +02:00
Bram Matthys
6f4ea900c1
Fixed pointer confusing in ModData system and made UnrealIRCd free all client ModData structures on client exit.
2015-05-18 16:42:01 +02:00
Bram Matthys
347609d958
Fix uninitalized read @ censor
2015-05-18 16:26:57 +02:00
Unreal3.4
a6403e09b3
Uh. Well, I noticed a compilation error in the Git alpha, decided to mess with permanent.c, noticed that delayjoin.c didn't really work properly, modified delayjoin.c to send hosts with unhiding users, and here you have, a pull request from your worst nightmare.
2015-04-29 20:14:45 +00:00
dboyz
42214ebdf3
Add missing permission error message as reported in rabbitircd
...
This is the exact commit I made to rabbitircd two years ago. Since the permission error is still missing, why not port it back to unrealircd. :)
2015-04-22 07:44:53 +08:00
Adam
996c084d6f
Fix secureonly
2014-08-26 10:46:45 -04:00
Travis McArthur
8035168d5f
Move TKL checking back into run loop
2014-08-24 09:43:40 -07:00
Travis McArthur
496826f42c
Make floodprot perm
...
Modules that take parameters to chanmodes cannot be unloaded at this time, we probably want to investigate adding this capability in the future so we can do dynamic updates of those modules
2014-08-22 21:36:15 -07:00
Travis McArthur
640961201d
Merge pull request #7 from Adam-/unreal34+warning
...
Fix a couple of the worst clang warnings
2014-07-29 15:02:37 -07:00
Adam
c25442901b
Fix a couple of the worst clang warnings
2014-07-29 17:53:19 -04:00
Travis McArthur
54578a5287
Merge pull request #4 from Adam-/unreal34+starttls
...
Fix abort from STARTTLS
2014-07-29 13:02:49 -07:00
Adam
0920c1e160
Fix abort from STARTTLS
2014-07-29 15:58:38 -04:00
Adam
d540adbc7f
Just build the cap list once, fix memory leaks
...
Not sure what this originally was supposed to do, but clicap_find is
normally called multiple times per cap request per client, so this makes
no sense at all.
2014-07-29 15:29:28 -04:00
Travis McArthur
869014ed82
Merge initializer fixes
2014-07-22 06:35:24 -07:00
Travis McArthur
f4c68a3a66
Fix initializers
2014-07-22 06:33:33 -07:00
Bram Matthys
20e9da6dff
When users connect they will receive a message telling them this IRC Server
...
software is experimental and that they should report any bugs or problems
on http://bugs.unrealircd.org/
2014-07-22 14:08:05 +02:00
Bram Matthys
8b05f023fa
fix no return value being returned from secureonly module: caused windows
...
version not being able to join any channel...
2014-07-20 21:36:06 +02:00
Bram Matthys
220e0c01e4
fix missing initializers
2014-07-20 21:29:07 +02:00
Bram Matthys
ee00bb2801
oh come on...
2014-07-20 21:26:36 +02:00
Bram Matthys
7e1595dacb
fix strange re-using of 'i' and uninitialized use of it.
2014-07-20 21:22:04 +02:00
Bram Matthys
7ba2e3214c
First attempt at allowing server to boot if SSL is enabled but the
...
server/client SSL context failed to load (eg: no cert/key file).
2014-07-20 16:50:29 +02:00
Travis McArthur
ec294b1373
Fix build for clang
2014-07-05 12:47:03 -07:00
Travis McArthur
63cb121130
Modularize secureonly (+z)
2014-07-04 21:13:08 -07:00