pissnet/pissircd
1
0
Fork 0
mirror of https://github.com/pissnet/pissircd.git synced 2024-06-05 07:48:44 +01:00
Code Issues Projects Releases Wiki Activity

Commit graph

  • 766055d5c0
         Fix set::ban-setter and set::topic-setter being set to nick-user-host out of the blue. The classic C mistake where = instead of == was written in an if statement... duh. Bram Matthys 2019-03-02 08:49:47 +0100
  • de1548de73
         UnrealIRCd 4.2.2. Bram Matthys 2019-03-01 14:38:44 +0100
  • f599ea02cb
         WHO(X) auto-conversion bug regarding 'a' and 'c' which no longer exist in WHOX. Bram Matthys 2019-03-01 14:34:43 +0100
  • d068cd41ca
         Fix crash in websocket module. Bram Matthys 2019-03-01 14:10:06 +0100
  • d7e5ff82f0
         Update curl-ca-bundle.crt (Wed Jan 23 04:12:09 2019 GMT) Bram Matthys 2019-03-01 13:57:35 +0100
  • e16e2b36d8
         UnrealIRCd 4.2.2-rc2 Bram Matthys 2019-02-11 09:19:38 +0100
  • c6f01aa3f1
         Protect 2 more commands against rogue server to server traffic. Bram Matthys 2019-02-11 08:47:51 +0100
  • 294560f944
         KILL: Not sure if this fixes anything but at least it's less cryptic. Bram Matthys 2019-02-10 17:30:39 +0100
  • 9a0bd31cf8
         Fix unlikely crash if you had a spamfilter targetting away that was only local (so in .conf) and it hit a remote user. Also, re-indent this monster... Bram Matthys 2019-02-10 17:09:48 +0100
  • 1dbef111fb
         Fix crash if receiving malformed server to server traffic (from an authenticated server): TKL deleting a spamfilter with insufficient parameters. Bram Matthys 2019-02-10 17:08:47 +0100
  • 1f03dbdd05
         CHGNAME and SETNAME: if a remote user used a realname that was banned on this server then we could possibly crash. (Fortunately most networks use the same ban realname blocks on all their servers) Bram Matthys 2019-02-10 14:54:28 +0100
  • 3712fad891
         When a server does not use SID's, set empty id as before. This bug was post-rc1, caused by dde8f914fb. Bram Matthys 2019-02-10 14:48:29 +0100
  • 7e444d3b9f
         Fix SJOIN bug in rc1: was using an incorrect buffer when SJSBY was not used, such as in a mixed version scenario. Bram Matthys 2019-02-10 14:43:34 +0100
  • 77d3e844dc
         Fix a bunch of REHASH memory leaks. Bram Matthys 2019-02-10 10:36:20 +0100
  • 7d5c3a1b68
         Fix hang/crash due to commit from yesterday, reported by k4be. (cause: dde8f914fb) Bram Matthys 2019-02-10 09:56:53 +0100
  • c7f00edd9d
         Quicker handshake when using many CAP requests and/or AUTHENTICATE. I was wondering why the handshake took 4 seconds for a client which authenticates using SASL. Turns out that fake lag was kicking in due to the many "CAP req" commands combined with the other handshake stuff. Now the first 15 (or so) "CAP" requests are "free", without fake lag. Bram Matthys 2019-02-09 16:47:24 +0100
  • 78cd122a05
         Allow SASL post-registration. Unfortunately the anope unreal4 protocol module also requires an update to support this. Bram Matthys 2019-02-09 14:39:34 +0100
  • dde8f914fb
         Internal: make UID available early (pre-auth). Bram Matthys 2019-02-09 14:35:48 +0100
  • a740570710
         Fix crash bug (in rc1 only) if ::ssl-options are being used and the outdated SSL protocols/ciphers are being checked. Bram Matthys 2019-02-08 12:02:52 +0100
  • 9c0f1f3505
         Fix OOB read in m_whox. Strange order for a compare, first the 2nd byte, then the 1st byte ;) Anyway, this issue can only be triggered since rc1, no big issue. Bram Matthys 2019-02-06 19:31:10 +0100
  • e443182573
         UnrealIRCd 4.2.2-rc1 Bram Matthys 2019-02-06 16:00:38 +0100
  • 988f64e3b3
         Fix crash when linking (caused by commit from 4 days ago). Bram Matthys 2019-02-06 12:54:37 +0100
  • f92a6fec79
         Release notes: clarify flood limit in older versions @skip-ci Bram Matthys 2019-02-06 12:17:47 +0100
  • 70a9a6f6b2
         Added INVITE and KNOCK flood protection (command rate limiting). set::anti-flood::invite-flood defaults to 4 per 60 seconds. set::anti-flood::knock-flood defaults to 4 per 120 seconds. Bram Matthys 2019-02-06 12:00:51 +0100
  • 57f97a5a43
         Removed a debugging message and fixed TARGMAX being broken after a REHASH. Bram Matthys 2019-02-06 09:24:31 +0100
  • 1e1f750b44
         New set::max-targets-per-command which configures the maximum number of targets accepted for a command, eg /MSG nick1,nick2,nick3,nick4 hi. Also changed the following defaults (previously hardcoded): * PRIVMSG from 20 to 4 targets, to counter /amsg spam * NOTICE from 20 to 1 target, to counter /anotice spam * KICK from 1 to 4 targets, to make it easier for channel operators to quickly kick a large amount of spambots See https://www.unrealircd.org/docs/Set_block#set::max-targets-per-command Bram Matthys 2019-02-04 17:51:09 +0100
  • 1e6d8ea536
         Fix compile problem due to previous commit. Bram Matthys 2019-02-04 14:42:17 +0100
  • 9f4296d648
         New set::anti-flood::max-concurrent-conversations which configures the maximum number of conversations a user can have with other users at the same time. Until now this was hardcoded at limiting /MSG and /INVITE to 20 different users in a 15 second period. The new default is 10 users, which serves as a protection measure against spambots. See https://www.unrealircd.org/docs/Set_block#maxcc for more details. Bram Matthys 2019-02-04 09:52:08 +0100
  • 7153468081
         UnrealIRCd will now warn if your ulines { } are matching UnrealIRCd servers. See https://www.unrealircd.org/docs/FAQ#WARNING:_Bad_ulines Bram Matthys 2019-02-02 08:37:50 +0100
  • be50ef4a1e
         Get rid of warning on-boot "Channel modes changed at runtime" Bram Matthys 2019-02-02 07:53:07 +0100
  • f9415e1a91
         m_whox: now accept and transform most classic UnrealIRCd WHO requests such as "WHO +s serv.er.name" to "WHO serv.er.name s". It also does advanced transformation such as "WHO -m z" to "WHO -z m" **copy paste from comment in code** Flag a: user is away << no longer exists Flag c <channel>: user is on <channel> << no longer exists Flag g <gcos/realname>: user has string <gcos> in his/her GCOS << now called 'r' Flag h <host>: user has string <host> in his/her hostname << no change Flag i <ip>: user has string <ip> in his/her IP address << no change Flag m <usermodes>: user has <usermodes> set << behavior change Flag n <nick>: user has string <nick> in his/her nickname << no change Flag s <server>: user is on server <server> << no change Flag u <user>: user has string <user> in his/her username << no change Behavior flags: Flag M: check for user in channels I am a member of << no longer exists Flag R: show users' real hostnames << no change (re-added) Flag I: show users' IP addresses << no change (re-added) **end of paste** Of course we cannot convert 100% from classic UnrealIRCd WHO to WHOX-style because things like "WHO +m r" could mean either "search for +m in realname" (WHOX) or "search for +r in modes" (classic). In cases like this we assume WHOX, so to not break any WHOX compatibility. Bram Matthys 2019-02-01 17:46:59 +0100
  • eecd29bdc8
         WHOX: adaptions for UnrealIRCd part 1: * No longer require a ! prefix for ircops to see users * "WHO *" is no longer different than the rest (previously in m_whox would only list users on 1st channel) Neither is part of the WHOX specs. Bram Matthys 2019-02-01 15:21:53 +0100
  • 52e72c2ed9
         Update reference to RELEASE-NOTES.old (link used wrong branch) Bram Matthys 2019-02-01 14:27:07 +0100
  • 1790efd05d
         The message sent to users upon *LINE can now be adjusted completely via set::reject-message::kline and set::reject-message::gline. See https://www.unrealircd.org/docs/Set_block#set::reject-message Suggested by k4be in https://bugs.unrealircd.org/view.php?id=5198 Bram Matthys 2019-02-01 14:25:52 +0100
  • ff9ca3c8ef
         Add 005 token DEAF=d Bram Matthys 2019-01-31 17:47:06 +0100
  • a999b305a5
         Remove 005 CMDS= token, which was an unnecessary abstraction and was not picked up by any other IRCd. The 005 tokens KNOCK MAP USERIP are now used instead. We do not announce STARTTLS in 005 anymore as this is way too late (post-handshake, sensitive info already sent and/or received). Not to mention STARTTLS is not the preferred method to setup a secure connection in the first place. Module coders: this means CommandAdd() with M_ANNOUNCE should no longer be used. If a 3rd party module does use it, then UnrealIRCd will now raise a warning. In a later UnrealIRCd version the flag is likely to be removed completely so would cause a compile error. (I doubt any module uses this anyway... but still..) Bram Matthys 2019-01-31 17:34:07 +0100
  • 6cbd2744d7
         * The default maximum topic length has been increased from 307 to 360. * You can now set more custom limits. The default settings are shown below: set { topic-length 360; /* maximum: 360 */ away-length 307; /* maximum: 360 */ quit-length 307; /* maximum: 395 */ kick-length 307; /* maximum: 360 */ }; * A new 005 token has been added: QUITLEN. Works similar to KICKLEN. Bram Matthys 2019-01-30 17:50:17 +0100
  • 41239119f8
         Update release notes a bit. Bram Matthys 2019-01-30 16:54:56 +0100
  • 88030c63fb
         1) Simplify dealing with isupport (numeric 005) stuff from the config code. There's now no longer a difference between a rehash or boot. 2) Other cleanups in s_conf.c as well. Looks better now. 3) Sort the 005 tokens alphabetically. Enforcing some other 'logical order' was futile and this makes things consistent between rehashes. Bram Matthys 2019-01-30 16:42:19 +0100
  • 98fca7979f
         Code cleanup: internally rename iConf.nicklen to .nick_length to match the convention that set::some-name is called iConf.some_name Bram Matthys 2019-01-30 10:49:44 +0100
  • 5eaa711969
         Update release notes to reflect current state. Bram Matthys 2019-01-28 16:06:59 +0100
  • d085fb09c1
         Three new config items to make topic and ban setter nick!user@host and to control synchronization of the +beI setter across server links (that is, the feature just introduced one commit ago): set { topic-setter [nick|nick-user-host]; /* nick = default */ ban-setter [nick|nick-user-host]; /* nick = default */ ban-setter-sync [yes|no]; /* yes = default */ }; This also means that --with-topicisnuhost / TOPIC_NICK_IS_NUHOST is now removed, since this now goes via set::topic-setter. Bram Matthys 2019-01-28 15:41:44 +0100
  • 874d99e0eb
         For +beI lists the 'set by' and 'set at' information is now synchronized when servers link. Thus, you can see the real setter and time also after a netsplit (/mode #channel b). This, unlike before, when setby was name.of.server and time was the time of the synch. This requires the entire network to run UnrealIRCd 4.2.2 or later. Suggested by k4be in https://bugs.unrealircd.org/view.php?id=5183 Technical details: the PROTOCTL token to enable this is "SJSBY" and see https://www.unrealircd.org/docs/Server_protocol:SJOIN_command for more information, in particular the last section there. Bram Matthys 2019-01-28 14:36:41 +0100
  • 4aa2d47deb
         Run test framework with a hub in-between to test command propagation. Bram Matthys 2019-01-28 09:29:44 +0100
  • ed1f47f80a
         Can't stand http:// URLs... Bram Matthys 2019-01-25 20:50:05 +0100
  • 2a3dd0e350
         what is this 'return 0' doing here... Bram Matthys 2019-01-23 16:36:42 +0100
  • ac9463a83f
         Rename hook HOOKTYPE_CAN_SEND_SECURE to HOOKTYPE_SEND_CHANNEL, which is more descriptive and AFAICT nobody uses this hook in a public 3rd party module anyway. Bram Matthys 2019-01-21 17:02:14 +0100
  • 083826ee94
         modules/usermodes/noctcp (+T): 1) only block CTCP's and not CTCP REPLIES, 2) allow IRCOps to bypass user mode +T restrictions. Reported by St3Nl3y, HeXiLeD and Koragg in https://bugs.unrealircd.org/view.php?id=5166 Bram Matthys 2019-01-21 16:55:29 +0100
  • ee20160bc3
         Add another type for HOOKTYPE_CONFIGTEST and HOOKTYPE_CONFIGRUN for CONFIG_LISTEN. This so a module can have custom options in the listen block. Like all other CONFIG_* options you are supposed to return 1 if your module handles this option and 0 if not. From HOOKTYPE_CONFIGTEST you can also return -1 to indicate error for an option that is handled by the module. Note that 'cep' is passed, that is the option for the variable that is being checked, and not the 'ce', the parent of the listen block. If you want to access the parent, then use ce->ce_prevlevel. Bram Matthys 2019-01-21 13:55:20 +0100
  • 7a3ba05c03
         Similar to previous commit, fix resolving of temporary modules (.so files) in crash reports as well... and make them in English, regardless of the users' locale... better for us ;) Bram Matthys 2019-01-21 13:37:52 +0100
  • 6fcacdf148
         Fix './unrealircd backtrace' not working correctly in non-English environments. The script symlinks any missing tmp/xxxx.so's to the real module name but depends on English statements (ugly, yeah, but it works). With a non-English locale this did previously not work so the backtrace was screwed. Bram Matthys 2019-01-21 13:30:15 +0100
  • 41e6d5b7e9
         Fix for strangely formatted 'creation date' if compiled with certain locales. Reported by k4be. Bram Matthys 2019-01-21 13:26:22 +0100
  • bcb667c59e
         New hook HOOKTYPE_WELCOME (aClient *acptr, int after_numeric): allows you to send a message at very specific places during the initial welcome https://www.unrealircd.org/docs/Dev:Hook_API#HOOKTYPE_WELCOME Bram Matthys 2019-01-21 10:12:46 +0100
  • 25ede84a04
         This makes more sense. Also testing announcement bot :D Bram Matthys 2019-01-21 10:10:51 +0100
  • c726df5758
         Travis-CI: The job exceeded the maximum log length, and has been terminated. Fantastic. https://github.com/travis-ci/travis-ci/issues/1382 Bram Matthys 2019-01-18 15:31:14 +0100
  • 013dd06aee
         Travis-CI: End of argh. Bram Matthys 2019-01-18 14:45:55 +0100
  • 3bacb28555
         Travis-CI: no comment Bram Matthys 2019-01-18 14:24:19 +0100
  • 8a9971618f
         Travis-CI: ..or without sudo.. I really love this.. Bram Matthys 2019-01-18 14:05:45 +0100
  • 3e3da94a41
         Travis-CI: new image, have to install bundler again. Bram Matthys 2019-01-18 14:00:00 +0100
  • 4d5e627b27
         Update release notes: * New set::outdated-tls-policy which describes what to do with clients that use outdated SSL/TLS protocols (eg: TLSv1.0) and ciphers. The default settings are to warn in all cases: users connecting, opers /OPER'ing up and servers linking in. The user will see a message telling them to upgrade their IRC client. This should help with migrating such users, since in the future, say one or two years from now, we would want to change the default to only allow TSLv1.2+ with ciphers that provide Forward Secrecy. Instead of rejecting clients without any error message, this provides a way to warn them and give them some time to upgrade their outdated IRC client. https://www.unrealircd.org/docs/Set_block#set::outdated-tls-policy Bram Matthys 2019-01-18 13:38:14 +0100
  • 425571a8d2
         Update UnrealIRCd version to 4.2.2-dev Bram Matthys 2019-01-18 13:22:58 +0100
  • e82dbdce1a
         Update doc/RELEASE-NOTES.old. Now contains 4.2.0 and 4.2.1 release notes, I forgot the 4.2.0 one earlier.. Bram Matthys 2019-01-18 13:20:28 +0100
  • 4681603c52
         Fix bug where "link-security" was downgraded to level 1 if using 'spkifp'. Bram Matthys 2019-01-18 13:10:51 +0100
  • 778be86c66
         Update HELPOP EXTBANS on ~t (timed bans), ~m (msgbypass) and ~T (textban) since these are loaded by default since UnrealIRCd 4.2.0. Bram Matthys 2019-01-14 15:08:56 +0100
  • f4b432ae94
         Add RC4 and 3DES to set::ssl::outdated-ciphers, in case anyone uses some insecure custom ::ciphers setting, this so RC4 and 3DES still get flagged. Bram Matthys 2019-01-12 11:29:16 +0100
  • 67d691fce9
         * New set::outdated-tls-policy which describes what to do with clients that use outdated SSL/TLS protocols (eg: TLSv1.0) and ciphers. The default settings are to warn in all cases: users connecting, opers /OPER'ing up and servers linking in. The user will see a message telling them to upgrade their IRC client. This should help with migrating such users since in the future, say one or two years from now, we would want to change the default to only allow TSLv1.2+ with ciphers that provide Forward Secrecy. Instead of rejecting clients without any error message, this provides a way to warn them and give them some time to upgrade their outdated IRC client. https://www.unrealircd.org/docs/Set_block#set::outdated-tls-policy Bram Matthys 2019-01-12 11:08:18 +0100
  • 8e7a085474
         AppArmor profile in extras/security/apparmor: no changes but make it clear that this has been tested on Ubuntu 16.04 and Ubuntu 18.04. Bram Matthys 2019-01-12 10:52:05 +0100
  • 5fd673d059
         Rename PLAINTEXT_POLICY_* to POLICY_ (and similarly, the struct, etc) Bram Matthys 2019-01-11 13:21:59 +0100
  • a1d2698ead
         Provide get_ssl_options_for_client() to get the SSLOptions * for a client. Bram Matthys 2019-01-11 13:16:09 +0100
  • b0c8629284
         Travis-CI: remove TLS test for libressl-25 (no longer supported) [skip ci] Bram Matthys 2019-01-11 12:34:43 +0100
  • 72a3a445ee
         Travis-CI: Update OpenSSL and LibreSSL versions * Remove LibreSSL versions that are no longer supported (2.5.x and 2.6.x). * Add LibreSSL 2.8.x (current stable) and 2.9.x (current dev) * OpenSSL releases only had updates in their 'letter suffixes' Bram Matthys 2019-01-11 11:54:13 +0100
  • 9668aaaade
         Travis-CI: Rename .txt files to match $BUILDCONFIG Bram Matthys 2019-01-11 11:42:36 +0100
  • dbeb5af2ea
         Updates to SSL/TLS tests. Bram Matthys 2019-01-11 11:30:40 +0100
  • 227abacdb5
         Hm? Bram Matthys 2019-01-11 10:52:16 +0100
  • 8e1af5f304
         Update SSL/TLS tests and put them in extras/tests/tls Bram Matthys 2019-01-11 10:45:20 +0100
  • 9873382e6b
         Add SSL/TLS tests. Bram Matthys 2019-01-11 10:06:21 +0100
  • 7d68ea0570
         Update default ciphers, or actually only the ones not providing PFS, by preferring AES-256 over AES-128 (in contrast to the Mozilla "intermediate" profile which prefers AES-128). Again, this only affects non-PFS cases, as all modern clients with PFS already had CHACHA20 and AES-256 negotiated. The portion of non-PFS clients should only be few percent, if any. I was actually considering removing non-PFS ciphersuites but it seems a bit early to do so, at least not without more research on affected clients. Bram Matthys 2019-01-11 09:19:44 +0100
  • dbbe6e7248
         Travis-CI: another attempt Bram Matthys 2019-01-10 20:29:11 +0100
  • 981a5d44b2
         Travis-CI: install specific bundler (wtf?) Bram Matthys 2019-01-06 20:34:16 +0100
  • 2a9b20369b
         Travis-CI: use Ubuntu 16.04 instead of 14.04 ...since 14.04 seems to fail due to an outdated ruby. Bram Matthys 2019-01-06 20:14:04 +0100
  • 8c9e4b8668
         Poison unused parv[] elements that code should never access. The last parv[] array element will be NULL. Accessing any elements after that is undefined, similar to reading past the nul byte of a string. This poison will help catch such bugs. Without this poison your code will also crash, now it just crashes more consistently. Bram Matthys 2019-01-06 19:21:59 +0100
  • dbf7aeb386
         UnrealIRCd 4.2.1.1: compile fix for Debian stretch if you have a version of libargon2 installed that does not provide Argon2id. Bram Matthys 2019-01-03 08:57:59 +0100
  • 4965fc6741
         Fix for systems with libargon2 that don't have Argon2id (Debian 9.6). Apparently Debian stretch has 20160821's version which just falls short. 20161029 already has it included. We'll now use shipped libargon2 for versions below 20161029. Thanks to vectr0n for reporting the issue. Bram Matthys 2019-01-02 19:20:42 +0100
  • c173b17064
         Fix SAJOIN, SAPART and SAMODE not working due to operclass.default.conf using the 'sacmds' permission, when it should actually be 'sacmd'. Reported by Stanley. Bram Matthys 2018-12-28 17:55:32 +0100
  • 5da3ef8889
         UnrealIRCd 4.2.1 (will publish tomorrow) Bram Matthys 2018-12-26 23:06:33 +0100
  • 8b0cad3845
         Fix for 'require authentication' (duh) .. yeah I and others were still using 'require sasl' :D Bram Matthys 2018-12-22 10:36:48 +0100
  • 56568f4033
         Update release notes. This may be final for 4.2.1-rc1. Bram Matthys 2018-12-22 10:12:53 +0100
  • 43de2dd747
         Update release notes Bram Matthys 2018-12-21 18:05:06 +0100
  • 73502ca4b6
         Update help.conf with new WHO status flag 's' (secure) Bram Matthys 2018-12-21 18:03:57 +0100
  • bb7bc90612
         Forgot to update c-ares version in extras/curlinstall.... Bram Matthys 2018-12-21 15:59:51 +0100
  • ad9a1b0b94
         Import settings from UnrealIRCd 4.2.0 [skip ci] Bram Matthys 2018-12-21 15:57:08 +0100
  • e30712f3d4
         Update Windows libraries and the Windows build command for build tests. [skip travis ci] Bram Matthys 2018-12-21 15:42:32 +0100
  • f3f397b066
         Update shipped libs: c-ares to 1.15.0 and PCRE2 to 10.32 Bram Matthys 2018-12-21 15:32:23 +0100
  • f1844e40a5
         Set version to 4.2.1-rc1. The release notes are still likely to change. Bram Matthys 2018-12-21 15:24:12 +0100
  • 54c17aa65d
         Indicate 's' in WHO reply flags if the user is secure (SSL/TLS). Bram Matthys 2018-12-21 14:21:19 +0100
  • bb0530f694
         In the authprompt documentation point the user to (possibly) tweaking the set::handshake-timeout setting as well. Bram Matthys 2018-12-21 13:24:25 +0100
  • 7755d10829
         [authprompt] Suggest /QUOTE AUTH .. instead of /AUTH .. Bram Matthys 2018-12-21 07:58:38 +0100
  • 62e30ec342
         Fix typo in config warning. Bram Matthys 2018-12-21 07:58:12 +0100
  • 267c2f3e56
         Make authprompt work for soft KLINE/GLINE and soft-xx ban actions (in registration phase anyway), as promised earlier in the documentation. Bram Matthys 2018-12-19 17:42:13 +0100
  • 7f8172faef
         Bump fakelag on failed authentication attempt (SASL, real or emulated) Bram Matthys 2018-12-19 17:41:28 +0100