1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-05 00:33:13 +02:00
Commit Graph

3111 Commits

Author SHA1 Message Date
Bram Matthys ebd39f4144 First import these as-is from third/ to track history properly (not compilable)
[skip ci]
2023-11-24 07:26:54 +01:00
Bram Matthys fe8e8e1274 Via JSON-RPC one could place a gzline on ident@host, which is invalid.
The effect it had was actually *@host, so ident@* became *@* -grin-.

Was caused by add=0 at the server_ban_parse_mask() causing a check
not to happen. Fixed now.

Reported by Jellis in https://bugs.unrealircd.org/view.php?id=6358
2023-11-24 07:14:23 +01:00
Valerie Liu 7b9aacd609 Fix accidental truncation in SREPLY (#257) 2023-11-20 15:30:08 +00:00
Valerie Liu 8c0243182c Fix server notice about setting -Z, it was sent from the SID instead of server name (#263) 2023-11-20 15:28:23 +00:00
k4be fb6711c671 Improve MONITOR/WATCH extensibility.
The `watch-check` function now has a new argument which can be used to pass data to watch_notify callbacks.
New `watch_add` and `watch_del` hooks are called whenever new entries are created or removed.
New `monitor_notification` hook is called whenever a RPL_MONONLINE or RPL_MONOFFLINE is being sent, so a module can add its own notification besides it.
2023-11-19 14:01:16 +01:00
Bram Matthys e84e2b30d2 Forward SPAMREPORT command to the server that the target user is on.
That is, if a nick is specified. For an IP address obviously we won't.

This is needed later for when unrealircd api SPAMREPORT becomes
available, since remote servers don't have all the info.

Side-effect is that, if you only configured one server to do
spamreporting, that won't work anymore. But that is an unusual
case anyway, and now unsupported :D.
2023-11-12 17:29:35 +01:00
Bram Matthys 7649520f63 Fix HOOKTYPE_IS_HANDSHAKE_FINISHED not called at two places where
register_user() is called.
2023-10-23 19:02:03 +02:00
Bram Matthys 5b7e375213 Limit operclass name to a-zA-Z0-9_- and use the same validation in ~operclass extban.
This fixes the issue where +e/+I ~operclass:name gets cut off if the
name contains any digits.

Reported by BlackBishop in https://bugs.unrealircd.org/view.php?id=6353

Also, we previously allowed any characters in the operclass, which is not
a great idea.
2023-10-23 09:51:01 +02:00
Bram Matthys 9a6a06b63f Split resolver channel into two: client & dnsbl 2023-10-11 18:08:26 +02:00
Bram Matthys 25d1bdfbf5 Make central spamfilters show in STATS spamfilter as "-centralspamfilter-"
rather than "-config-". Suggested by Lord255.
[skip ci]
2023-10-06 08:29:19 +02:00
Bram Matthys 45002eeb6f Fix STATS output for config-based spamfilters with reasons with spaces.
For config-based spamfilters, the reason was not escaped, meaning that
spaces and underscores did not work as expected.
For example, in "STATS spamfilter" the spaces were displayed as-is
which means that the numeric output was not really parsable.

Apparently this bug exists since UnrealIRCd 5 already...
2023-10-06 07:36:26 +02:00
Bram Matthys 25d5a2ac64 Fix possible crash on SETNAME with spamfilter 'u'.
[skip ci]
2023-10-06 07:19:04 +02:00
Bram Matthys 3d9233baab Fix tkldb storing (and restoring) central spamfilters.
These should not be in tkldb, just like config-based spamfilters are not.
2023-10-06 07:08:22 +02:00
Bram Matthys 43240e4557 Don't allow central spamfilter without 'reason' 2023-10-06 07:00:44 +02:00
Bram Matthys 8398c8cd8d Don't crash when reading spamfilters from tkldb that don't compile (anymore).
For example, because of a different version of PCRE2, or because of the switch
from non-UTF8 to UTF8 (or vice versa) which disallows certain byte sequences.
2023-10-05 17:37:06 +02:00
Bram Matthys 088d2595d5 Fix crash on REHASH with crule (such as spamfilter::rule).
This happens when !, || or && are used, though the exact requirements
for the crash may also require a function with arguments.

Reported by BlackBishop.
2023-10-04 10:14:09 +02:00
Bram Matthys 311f7397f5 Fix NULL pointer crash due to reputation code changes from yesterday 2023-09-18 09:19:53 +02:00
Bram Matthys b234e13358 Don't bump reputation scores anymore for users who are in no channels or
when they are only in channel(s) with very low member counts.

This because some typical bot/drone behavior is not to join any channels.
This kinda forces them to expose themselves a bit more (and if they don't,
they don't get more reputation).

The downside is for the unusual case where a legit chatter would be on
the network but not joining any channels, but that is rare. In any case,
this setting can be adjusted if that is typical or more normal behavior
on your network :D.

* The [reputation score](https://www.unrealircd.org/docs/Reputation_score)
  of connected users (actually IP's) is increased every 5 minutes. We still
  do this, but only for users who are at least in one channel that has 3
  or more members. This setting is tweakable via
  [set::reputation::score-bump-timer-minimum-channel-members](https://www.unrealircd.org/docs/Set_block#set::reputation).
  Setting this to 0 means to bump scores also for people who are in no
  channels at all, which was the behavior in previous UnrealIRCd versions.
2023-09-17 11:47:34 +02:00
Bram Matthys 4e070b8034 Use client:set:reputation oper privilege for latest change
[skip ci]
2023-09-17 09:58:21 +02:00
Bram Matthys f3538f07d9 Support setting of reputation via /REPUTATION <nick|ip> <value>
Useful for testing and.. well.. perhaps other things.
2023-09-17 09:55:59 +02:00
Bram Matthys 97630b4717 Allow setting reputation in https://www.unrealircd.org/docs/Actions via
action { set REPUTATION--; } and similar.

Also enhancement to reputation S2S traffic, to support decreasing:
  *
+ * Since UnrealIRCd 6.0.2+ there is now also asterisk-score-asterisk:
+ * :server REPUTATION 1.2.3.4 *2*
+ * The leading asterisk means no reply will be sent back, ever, and the
+ * trailing asterisk will mean it is a "FORCED SET", which means that
+ * servers should set the reputation to that value, even if it is lower.
+ * This way reputation can be reduced and the reducation can be synced
+ * across servers, which was not possible before 6.0.2.
+ *

So if you are actually decreasing reputation, you need all servers on
6.0.2 or higher for it to work properly, otherwise the other servers
don't decrease it, and next connect the highest wins again, etc.
2023-09-17 09:39:55 +02:00
Bram Matthys 55eaa7bbea Add set::blacklist::recheck-time 'never' to disable rechecking and document
this and blacklist::recheck.
2023-09-09 11:20:32 +02:00
Bram Matthys ddf6dea22d Add blacklist::recheck to skip a dnsbl from rechecks.
Suggested by BlackBishop in https://bugs.unrealircd.org/view.php?id=6307
2023-09-09 11:09:01 +02:00
Bram Matthys bcc07b1591 Integrate third/blacklistrecheck functionality (set::blacklist::recheck-time)
https://www.unrealircd.org/docs/Set_block#set::blacklist::recheck-time
2023-09-06 16:31:55 +02:00
Bram Matthys 89b2d91084 In HOOKTYPE_PRE_CHANMSG the mtags is now a MessageTag **,
so a pointer-to-a-pointer rather than a pointer, to allow stripping
message tags by modules. Needed for a module from Valware.
2023-08-19 17:26:14 +02:00
Bram Matthys d63a8cf2d5 Show who actually tried to use a banned nick.
Reported by Amiga600 in https://bugs.unrealircd.org/view.php?id=6300
Inspired by patch from Valware in https://github.com/unrealircd/unrealircd/pull/255
2023-08-19 12:17:00 +02:00
Bram Matthys 2665cec73b Fix crash when ~security-group:securitygroup is used in conf (so old style
in eg ban user::mask).
Reported by BlackBishop in https://bugs.unrealircd.org/view.php?id=6319
2023-07-26 12:45:49 +02:00
Bram Matthys 50753b4678 Make central spamfilters require an 'id', and ignore for non-central.
At least for now...
2023-07-21 12:26:02 +02:00
Bram Matthys cd19198e3b Spamfilter fixes: prevent actions that are currently config-only from
being added by other servers and being able to spread to areas of
which the code is currently not ready for ('set', 'report', 'stop').
2023-07-20 14:50:40 +02:00
Bram Matthys e54382fe95 Use (*errors)++ consistently.
This fixes one bug from yesterday in securitygroup.c:258,
fixes 2 (harmless) warnings and other than that just style.
2023-07-17 09:03:03 +02:00
Bram Matthys 937236126f Add new spamfilter type 'raw' which matches against a raw command/protocol line.
SPAMFILTER add -simple R block - Hi_there! LIST*

Though it is more useful in complex spamfilter rules in the conf, presumably.
2023-07-16 19:47:43 +02:00
Bram Matthys 3e2f668f10 Revert antimixedutf8 changes from earlier, back to 6.1.1(.1) version again. 2023-07-16 17:27:47 +02:00
Bram Matthys b272b6700a Add security-group::rule support, see https://www.unrealircd.org/docs/Crule 2023-07-16 12:09:01 +02:00
Bram Matthys 59c6c99ba3 spamfilter::rule: add destination('#xyz') support (supports wildcards) 2023-07-16 11:29:53 +02:00
Bram Matthys 13bb09aa4b crule: add inchannel('#xyz'), and inchannel('@#needopshere') works too 2023-07-16 11:22:02 +02:00
Bram Matthys b1d0a05638 Make 'channel' work in security groups. 2023-07-16 11:06:42 +02:00
Bram Matthys 9b11366a8e crule: code cleanups / conform a bit more to unrealircd style 2023-07-16 10:52:03 +02:00
Bram Matthys b325f88795 crule/spamfilter: pass text in crule context, not used yet, but could
be useful in some future crule function.
[skip ci]
2023-07-16 10:46:39 +02:00
Bram Matthys 2beefcd2ee crule: remove CR_DEBUG, bump some limits and remove collapse() call 2023-07-16 10:40:11 +02:00
Bram Matthys 08cb0fc05d Move crule to a module, so we can hot-patch if needed in the future.
This is a mandatory module to load, and included in modules.default.conf.

This also meant that the crule_test() etc efunctions are available
before running config test routines, so we now have a flag for
early efuncs. I guess we could consider doing that for all efuncs
though, so not sure if this flag is really needed.
2023-07-16 10:33:25 +02:00
Bram Matthys cdc14569a9 Warn on plaintext oper::password in conf and even go as far as
generating the password hashes and suggesting using those.

This also starts the initial work on set::best-practices
https://www.unrealircd.org/docs/Set_block#set::best-practices
with hashed-passwords as the first setting there.
2023-07-15 19:02:31 +02:00
Bram Matthys 202665ec87 For watch away notification, a user who is away could change their nick,
and that nick could be on someones watch list. In such a case we
should not only send RPL_LOGON but also a RPL_GONEAWAY.

Reported by Khaled and fix suggested by Khaled & Sadie.
2023-07-15 16:47:55 +02:00
Bram Matthys 934b0b1ea1 WATCH away notification: fix RPL_GONEAWAY and RPL_REAWAY not being sent
due to wrong event name being used. Noticed this bug in U6 (and
this bug does not exist in U5) after being pointed at watch away
notification again.
2023-07-15 16:41:21 +02:00
Bram Matthys a153a2cce3 Change definition of parse_ban_action_config(), was too easy to leak memory.
Often you have default values for the config, and then a subsequent config
parsing run would overwrite the return value (= memory leak), merging/appending
would make no sense either, so it would force a free in all code before
calling us, well... let's just deal with it ourselves instead then ;)
2023-07-14 08:08:47 +02:00
Bram Matthys c2419e0f40 Implement spamreport::rate-limit 2023-07-11 20:19:00 +02:00
Bram Matthys e9716d3ce6 Fix compile problem on Windows
[skip ci]
2023-07-11 16:26:35 +02:00
Bram Matthys 2440714d13 Fix tkldb crash, had to do with stealing references. 2023-07-11 14:46:19 +02:00
Bram Matthys 4c3d2a6d6d Fix write bug in tkldb and add spamfilter::action stop.
The spamfilter::action stop ill prevent processing other spamfilters.
This would normally be a bit unusual, and potentially dangerous when you
do exclude things this way, but can be useful in some circumstances.

Stopping only affects the same type of spamfilters (general or central
spamfilters), so they don't interfere.

The tkldb write DB bug had to do with that it was processing
central spamfilters, which should be skipped just like config
based spamfilters were already skipped.
2023-07-11 14:32:11 +02:00
Bram Matthys 32701e6f99 Central spamfilter: don't stop processing on 1 bad spamfilter block. 2023-07-11 13:34:28 +02:00
Bram Matthys 018efd8366 Fix crash in spamfilter { } block handling due to unitialized variable 2023-07-11 12:15:01 +02:00