Bram Matthys
c8a67f9436
Update curl-ca-bundle to Wed Jun 7 03:12:05 2017. Remove CACERT.
2017-08-15 11:48:48 +02:00
Bram Matthys
c7457434c4
..
2017-08-10 09:37:38 +02:00
Bram Matthys
77f8b9ed5a
Build fix for cap/sts on Windows
2017-08-10 09:36:18 +02:00
Bram Matthys
74d5f380dd
A /REHASH from a WebSocket connection would cause a crash (requires
...
IRCOp privileges). This is a rather technical issue, we now simply
reject the rehash. See comments in code for more information.
2017-08-10 09:02:05 +02:00
Bram Matthys
18202a0f73
Fix "ban too broad" checking. Reported by Gottem in #4961 .
...
* The 'ban too broad' checking was broken. This permitted glines such
as 192.168.0.0/1 being set. Now it rejects CIDR of /15 and lower.
To disable this safety measure you can (still) use:
set { options { allow-insane-bans; }; };
2017-08-10 08:30:54 +02:00
Bram Matthys
f5b29ed7de
Add modules/cap directory to Windows installer.
2017-08-10 07:54:01 +02:00
Bram Matthys
8ccf5700f1
Prepare for 4.0.13-rc1
2017-08-10 07:46:17 +02:00
Bram Matthys
d222a18286
Fix "simple" spamfilters being synched as "posix" during server linking.
...
This was due to lack of TKLEXT2 support in the m_tkl_synch() code.
2017-08-10 07:07:37 +02:00
Bram Matthys
69a2e7d994
Whoops. This code cleanup screwed up STS. Should work now.
2017-08-09 19:11:28 +02:00
Bram Matthys
6c539c8566
Bump Websocket module version to 1.0.0
2017-08-09 18:12:03 +02:00
Bram Matthys
06aa2ad79a
Websocket module: don't send CR/LF in outgoing frames and don't require
...
CR/LF in incoming frames (simply ignore them if they are present).
2017-08-09 18:00:44 +02:00
Bram Matthys
ab3e65a76f
Load cap/sts module by default (only active if set::ssl::sts-policy is set).
2017-08-09 15:49:03 +02:00
Bram Matthys
455420afc1
SNI-specific sts-policy is now possible. (As recommended by IRCv3 draft spec)
2017-08-09 15:39:52 +02:00
Bram Matthys
0f612a3b30
SNI: Fix for wildcard certificates
2017-08-09 15:20:38 +02:00
Bram Matthys
84776eeeb2
Add support for draft/sts http://ircv3.net/specs/core/sts-3.3.html
...
Docs: https://www.unrealircd.org/docs/Set_block#set::ssl::sts-policy::port
Example:
set {
ssl {
certificate "ssl/server.cert.pem";
key "ssl/server.key.pem";
sts-policy {
port 6697;
duration 180d;
};
};
};
IMPORTANT: Only use this if you know what STS is and what the
implications are. The most important things being A) set a correct
port and B) you need a 'real' SSL certificate and not a self-signed
certificate.
More documentation may follow at another place.
2017-08-09 14:16:03 +02:00
Bram Matthys
1cc6dd3d5b
Add Makefile and placeholder module.
2017-08-09 13:30:52 +02:00
Bram Matthys
6500af6ba5
* Use free_ssl_options from generic conf.
...
* Actually free ssl_options in free_ssl_options.
2017-08-09 13:27:50 +02:00
Bram Matthys
ea651384f8
Add groundwork for draft/sts (more to follow)
...
Module coders:
* The cap->visible(void) callback function is now cap->visible(aClient *)
* There is a new cap->parameter(aClient *) callback function.
* Various updates to subfunctions to pass 'sptr' (due to the above),
including clicap_find(sptr, ...)
* New CLICAP_FLAGS_UNREQABLE flag
Other:
* There is a new (src/)modules/cap directory containing the sts module,
well.. once I commit it :D
2017-08-09 13:21:36 +02:00
Bram Matthys
b2129205f9
Added support for the "Server Name Indication" (SNI) SSL/TLS extension.
...
See https://www.unrealircd.org/docs/Sni_block
Requested in #4380 by Eman.
2017-08-09 12:00:04 +02:00
Bram Matthys
590e345b8d
./autogen.sh (see previous commits)
2017-07-07 18:15:47 +02:00
Bram Matthys
e6a52ec919
Merge pull request #69 from binki/unreal40-moregitignore
...
Add src/Makefile (built) to .gitignore
2017-07-07 13:57:27 +02:00
Bram Matthys
0a8cd1347e
Merge pull request #68 from binki/without-privatelibdir
...
Support --without-privatelibdir for packagers.
2017-07-07 13:57:06 +02:00
Nathan Phillip Brink
6591e6bcee
Do not try to delete libcares when not using PRIVATELIBDIR.
2017-07-06 06:47:49 +00:00
Nathan Phillip Brink
4edcb9226c
Add src/Makefile (built) to .gitignore
2017-07-06 06:19:58 +00:00
Nathan Phillip Brink
2b94733cbe
Support --without-privatelibdir for packagers.
2017-07-06 06:11:21 +00:00
Bram Matthys
7b092f7aeb
Verify certificate when submitting bug report.
2017-06-19 16:28:50 +02:00
Bram Matthys
0c1f299b0b
UnrealIRCd 4.0.12.1 release
2017-06-02 08:56:24 +02:00
Bram Matthys
d27d3760c7
CAP NAK not sent for unrecognised CAPs in all cases. Reported by
...
jwheare (#4958 ).
2017-06-02 08:22:19 +02:00
Bram Matthys
072d8537b8
Prevent /OPER for oper blocks with non-existant operclass, as doing so
...
would only be confusing. Reported by Gottem (#4950 ).
2017-06-02 07:41:44 +02:00
Bram Matthys
7b8f17ef5e
Rename variable (no other changes)
2017-06-02 07:33:15 +02:00
Bram Matthys
6c3c55b4e5
Fix new user mode +Z (secureonlymsg) not working properly across
...
server links. Reported by HeXiLeD (#4953 ).
2017-05-28 09:41:11 +02:00
Bram Matthys
ffc5f0ce44
Update modules.optional.conf
2017-05-13 12:33:37 +02:00
Bram Matthys
2838ef6266
Mark all shipped modules as official (non-3rd-party).
2017-05-13 12:29:05 +02:00
Bram Matthys
50801f5068
Add conf/modules.optional.conf. This loads all additional modules that
...
are not in modules.default.conf.
2017-05-13 12:24:55 +02:00
Bram Matthys
01687486f0
Bump MAXCONNECTIONS for Windows. Due to FD number assignments this
...
value needs to be much higher than the number of clients the IRCd
should be able to hold. The new value is 10k which should allow
at least 1-2k clients.
2017-05-12 17:12:18 +02:00
Bram Matthys
b86419173a
Compile secureonlymsg module on Windows
2017-05-12 17:10:53 +02:00
Bram Matthys
bbf33b62dc
UnrealIRCd will now refuse to run as root, as promised a couple of versions ago.
...
https://www.unrealircd.org/docs/Do_not_run_as_root
2017-05-12 11:42:01 +02:00
Bram Matthys
3dc27370a1
Prepare for UnrealIRCd 4.0.12 release.
2017-05-12 11:24:36 +02:00
Bram Matthys
5e378fb02b
Since 95% of the crash reports are due to bugs in 3rd party modules we now
...
have to discourage people with 3rd party modules loaded from blindly
submitting crash reports.
2017-05-12 10:25:45 +02:00
Bram Matthys
0412c86d17
Update OpenFiles on listener close (not very common, but..)
2017-05-10 17:18:47 +02:00
Bram Matthys
a6f5460ad8
Update OpenFiles upon failed SSL connect to remote server. Reported by Eman ( #4948 ).
2017-05-10 17:03:45 +02:00
Bram Matthys
ee9f8441bc
Bump lag for remote MOTD requests.
2017-04-07 20:06:36 +02:00
Bram Matthys
0035cafdba
Fix server setting +b even if the ban list is full when using +f.
...
Reported by NoMiaus (#4906 ).
2017-03-26 15:48:05 +02:00
Bram Matthys
e62ea1dedd
Module coders: added two functions to search for user modes:
...
has_user_mode(acptr, 'i'): returns 1 / 0
find_user_mode('i'): returns the user mode (as 'long')
extern int has_user_mode(aClient *acptr, char mode);
extern long find_user_mode(char mode);
2017-03-26 15:40:36 +02:00
Bram Matthys
b6f8ddd456
Fix Jumpserver not working for SSL users due to old #ifdef USE_SSL.
...
Reported by NoMiaus (#4907 ).
2017-03-26 15:38:04 +02:00
Bram Matthys
0c6fb46704
Minor code cleanup
2017-03-22 16:32:59 +01:00
Bram Matthys
fcaa69157b
Fix crash when unloading (not reloading) module that uses ModData ( #4903 ).
2017-03-22 10:51:29 +01:00
Bram Matthys
e6a02003f5
Delayjoin (chanmode +D): When people are de-oped we now part 'hidden' users.
...
Prevents client desynch.
2017-03-22 08:25:03 +01:00
Bram Matthys
4c39648b03
Improve source code (setflags -> oldumodes)
2017-03-20 16:18:43 +01:00
Bram Matthys
cd0836572f
Fix /mode nick -t and force-rejoin. Reported by NoMiaus ( #4901 ).
2017-03-20 16:17:23 +01:00