pissnet/pissircd
1
0
Fork 0
mirror of https://github.com/pissnet/pissircd.git synced 2025-05-05 21:15:05 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Commit graph

  • 2e1e9a0b91
         Load extbans/msgbypass from modules.optional.conf Bram Matthys 2017-11-19 17:19:35 +01:00
  • eb205e04cc
         Make types future-proof. Fix ~m case for +M. BypassMessageRestrictionType -> BypassChannelMessageRestrictionType BYPASS_MSG_* -> BYPASS_CHANMSG_* Bram Matthys 2017-11-19 17:12:28 +01:00
  • 1b2b28e6c6
         New ban exception ~m:type:mask - allows bypassing of message restrictions. Valid types are: 'external' (bypass +n), moderated (bypass +m/+M), 'filter' (bypass +G), 'color' (bypass +S/+c) and 'notice' (bypass +T). Some examples: * Let LAN users bypass +m: +e ~m:moderated:*!*@192.168.* * Make GitHub commit bot bypass +n: +e ~m:external:*!*@ipmask * Allow a services account to use color: +e ~m:color:~a:ColorBot Bram Matthys 2017-11-19 16:40:39 +01:00
  • dd6f67a266
         Send errors regarding invalid bans (if available). Fix case where conv_param() returns NULL (ban rejected) causing is_ok() function not to be called so the user never sees the error. We now try to call the is_ok after conv_param returns NULL. So not really an API change, more like a fix. Bram Matthys 2017-11-18 19:15:44 +01:00
  • b046b86a6e
         Way to customize the reject connection messages. Bram Matthys 2017-11-17 11:13:11 +01:00
  • e1af5ae6c5
         Move AllowClient/check_client/check_init to m_nick module (apparently one of the previous commits was partial) Bram Matthys 2017-11-17 10:45:54 +01:00
  • d13c7b20d0
         Code cleanups in AllowClient and register_user Bram Matthys 2017-11-17 10:37:45 +01:00
  • 7b7f492b71
         Move AllowClient/check_client/check_init to m_nick module Bram Matthys 2017-11-17 10:06:44 +01:00
  • cb6a118c4d
         antirandom sample conf: remove confusing phrase that doesn't apply Bram Matthys 2017-11-15 11:49:46 +01:00
  • 3c0db9c72f
         Move HOOKTYPE_SECURE_CONNECT hook and mode setting up a bit. Bram Matthys 2017-11-13 17:02:05 +01:00
  • cd7d3f0cc6
         Rephrase. Still too long, though. Bram Matthys 2017-11-13 17:00:36 +01:00
  • 527fa9818c
         UnrealIRCd will no longer give +z to users on WEBIRC gateways, unless the WEBIRC gateway gives us some assurance that the client<->webirc gateway connection is also secure (eg: https). Bram Matthys 2017-11-13 16:47:22 +01:00
  • 512c8fb000
         Move the place where we set umode +z (secure). Needed for next. Bram Matthys 2017-11-13 15:54:18 +01:00
  • 31688fbae8
         Update version to 4.0.17-devel to reflect development status. Bram Matthys 2017-11-13 08:25:00 +01:00
  • 07f056c1a4
         Add reference to https://www.unrealircd.org/docs/IRCOp_guide Bram Matthys 2017-11-13 08:17:28 +01:00
  • d8470bb902
         AppVeyor: needs both unrar and unzip Bram Matthys 2017-11-12 08:08:41 +01:00
  • f86cf68548
         UnrealIRCd 4.0.16 Bram Matthys 2017-11-12 07:59:11 +01:00
  • 1425583bed
         Zip file now. Does this work? Bram Matthys 2017-11-11 11:06:48 +01:00
  • 1070e43141
         Windows: update dependencies (libs). Bram Matthys 2017-11-11 11:04:51 +01:00
  • 7d6d33a5bc
         Update c-ares to 1.13.0 (20-jun-2017) Bram Matthys 2017-11-11 09:57:35 +01:00
  • 67396c808d
         Update release notes Bram Matthys 2017-11-10 19:48:32 +01:00
  • 69264175e7
         Update conf/ssl/curl-ca-bundle.crt (Wed Sep 20 03:12:05 2017 GMT) Bram Matthys 2017-11-10 19:12:39 +01:00
  • 1e059ca0e4
         Update to PCRE2 10.30 (14-August-2017) Bram Matthys 2017-11-10 19:05:36 +01:00
  • 6b35aa35a8
         Delete UnrealIRCd 3.2.x changelogs (they are in git anyway) Bram Matthys 2017-11-10 18:58:21 +01:00
  • c5e38b9272
         UnrealIRCd 4.0.16-rc1 Bram Matthys 2017-10-29 12:16:43 +01:00
  • 704487e124
         Fix numerous crash bugs in server to server code. In 3.2.x we didn't fix these bugs since servers are trusted and should send correct commands. In 4.0.x we changed this so we would fix them when we come across such issues at normal priority (not consider them security issues). I now took it a step further and actively checked/looked for these issues and a bunch of them were found. Almost all are NULL pointer dereferences, with some exceptions. * S2S: MODE: check conv_param return value (NULL ptr crash) * S2S: MODE: floodprot: More checks (NULL ptr crash) * S2S: MODE: OOB write of NULL (write NULL past last element in an array) * S2S: NICK: old compat fixes (NULL ptr crash) * S2S: PROTOCTL: Check for double SID= * S2S: SERVER: require at least 3 parameters (NULL ptr crash) * S2S: SJOIN: require at least 3 parameters (NULL ptr crash) * S2S: SJOIN: Fix OOB read (read 1 byte past buffer) * S2S: TKL: validate set_at and expire_at (NULL ptr crash) * S2S: TKL: require at least 9 parameters for spamf, not 8 (NULL ptr crash) * S2S: TKL: ignore invalid spamfilter matching type (remove abort() call) * S2S: TOPIC: querying for topic is not permitted (NULL ptr crash) * S2S: UID: require 12 parameters (NULL ptr crash) * S2S: WATCH: this is not a server command (NULL ptr crash) * Fix OOB read (1 byte beyond string) for timevals. This was reachable from config code, TKL (S2S) and /*LINE (Oper). In practice no crash. * MODE: make code less confusing (effectively no change) * TRACE: remove strange output in case of 0 lines of output * Fix unimportant memory leak on boot (#4713, reported by dg) * Fix small memory leak upon 'DNS i' (oper only command) * Always work on a copy in clean_ban_mask(). This fixes a bug that could result in a strlcpy(buf, buf, sizeof(buf)). So, overlapping strings, which is undefined behavior. Bram Matthys 2017-10-29 11:20:52 +01:00
  • d574183825
         Travis-CI: Use CPPFLAGS instead of CFLAGS Bram Matthys 2017-10-23 16:52:28 +02:00
  • 0dadba5482
         Travis-CI: Use -DFAKELAG_CONFIGURABLE for tests. From 300 to 30s. Bram Matthys 2017-10-23 16:37:22 +02:00
  • 52a7478bd0
         Comment it out like this so we can use -D Bram Matthys 2017-10-23 16:37:00 +02:00
  • 1dfcac9794
         Travis-CI: Blah. Bram Matthys 2017-10-23 14:14:58 +02:00
  • 0318edbad0
         Reinstall git during run-tests (may have been removed earlier in 'local-curl' test) Bram Matthys 2017-10-23 13:42:16 +02:00
  • cec74b0208
         Use MAKE="make -j3" to make ./Config run faster as well. Bram Matthys 2017-10-23 12:38:57 +02:00
  • 13740a7d13
         Travis-CI: Generate TLS certificate during test build (needed for testing further on) Bram Matthys 2017-10-23 12:34:41 +02:00
  • 821ad6ec06
         Add some clear marker between compile tests and other tests Bram Matthys 2017-10-23 12:05:33 +02:00
  • 5f3f6aa827
         Travis-CI: run-tests: install 'rake' Bram Matthys 2017-10-23 12:02:52 +02:00
  • e1590fc8bc
         Run make with -j3. Add +x to extras/build-tests/nix/run-tests (:D) Bram Matthys 2017-10-23 11:53:50 +02:00
  • 866a060533
         Use 'set -e' and try to run test framework Bram Matthys 2017-10-23 11:49:06 +02:00
  • b23a3ff7b9
         Travis-CI: path changes Bram Matthys 2017-10-23 11:16:05 +02:00
  • 4dc5324e57
         Travis-CI: cleanup / new dir structure Bram Matthys 2017-10-23 11:13:05 +02:00
  • 77234b2b8d
         API change for HOOKTYPE_PRE_INVITE and fix #5023: * API change for HOOKTYPE_PRE_INVITE: (aClient *sptr, aClient *target, aChannel *chptr, int *override) Modules must now send the error message instead of only returning HOOK_DENY. Also check for operoverride and set *override=1. Bram Matthys 2017-10-23 10:07:33 +02:00
  • d11484c2cf
         Add build status badge for Windows (AppVeyor) Bram Matthys 2017-10-23 09:00:14 +02:00
  • 8981b87c72
         Update libressl paths for VS2017 (or actually current unreal w/o rollback for vs2012) Bram Matthys 2017-10-22 18:11:24 +02:00
  • 8a17f5aad2
         I've stopped trying to understand this. Apparently there's a difference between sed 3.x and sed 4.x Bram Matthys 2017-10-22 17:11:45 +02:00
  • a55aa2a39a
         1) From double escaping to single escaping, such joy. 2) Use 'iscc' rather than 'compil32' since the latter pops up a dialog box which blocks the entire build process. 3) Apparently the VS2017 image has a broken VS2012 since it bails on winsock.h. So try to use different images for both builds. Bram Matthys 2017-10-22 16:41:23 +02:00
  • a9a94652ec
         Be consistent when setting WINVER. This fixes a compile issue with Visual Studio 2017. Bram Matthys 2017-10-22 16:23:52 +02:00
  • 7527de3820
         Silence rar extraction stuff - way too noisy Bram Matthys 2017-10-22 16:18:50 +02:00
  • 81e8ef3b49
         Tell AppVeyor to use VS2017 image, apparently not the default. Bram Matthys 2017-10-22 16:17:40 +02:00
  • 1a434963b7
         Duh 3 Bram Matthys 2017-10-22 16:11:24 +02:00
  • b3480c3b42
         Duh 2 Bram Matthys 2017-10-22 16:07:32 +02:00
  • a6049add32
         Duh. Bram Matthys 2017-10-22 16:06:54 +02:00
  • 99f9d1aa7c
         AppVeyor: restructuring, add vs2017 target, .. Bram Matthys 2017-10-22 16:02:48 +02:00
  • b941b184f0
         Let's try an environment (build config) Bram Matthys 2017-10-22 14:47:38 +02:00
  • e505a4b99c
         Something tells me error checking won't work in batch files without this.. Bram Matthys 2017-10-22 14:41:54 +02:00
  • 5510f6dc0d
         Ah no. Bram Matthys 2017-10-22 14:38:19 +02:00
  • 25864b9cb6
         Nevermind, use external batch file. Bram Matthys 2017-10-22 14:34:41 +02:00
  • 5ec84b1629
         Try 5001 Bram Matthys 2017-10-22 14:31:54 +02:00
  • 593cacbc90
         Hm CRLF shit? Bram Matthys 2017-10-22 14:28:23 +02:00
  • 40d8fe9376
         Initial appveyor file for automated Windows build. Bram Matthys 2017-10-22 14:25:54 +02:00
  • 6ab81ab7b4
         Fix bug caused by 5124e60b7c a few days ago: channel MODE without parameters being sent when force-rejoin is in use. Bram Matthys 2017-10-18 17:39:54 +02:00
  • d67de82786
         Add extra 6 second fake lag penalty on /INVITE. Bram Matthys 2017-10-18 15:56:06 +02:00
  • 5bedeaa9bf
         Set cptr->name after EAUTH. Fixes bug #4915 reported by Eman: missing server name in link rejection message (clock mismatch). Bram Matthys 2017-10-18 15:43:13 +02:00
  • f8cab0d093
         isupport does not update maxbans. Reported by dyfrgi (#4882). Bram Matthys 2017-10-18 15:22:33 +02:00
  • a716e3ccaa
         The default oper snomask now includes 'S' (spamfilter notices). Bram Matthys 2017-10-18 15:11:12 +02:00
  • 70b64c2ad8
         If you have any blacklist { } block then UnrealIRCd will set an set::handshake-delay of 2 seconds by default. This will allow (most) DNSBL checking to be finished before the user comes online, while still allowing a smooth user experience. If your DNS(BL) is slow then you could raise this setting slightly. Bram Matthys 2017-10-18 15:03:12 +02:00
  • e4f4336f15
         Add set::handshake-delay https://www.unrealircd.org/docs/Set_block#set::handshake-delay Bram Matthys 2017-10-18 14:57:35 +02:00
  • b56c5b985f
         This check is already present in parse_client_queued() Bram Matthys 2017-10-18 14:31:35 +02:00
  • 3aa6adcbfc
         Rename 'draft/sts' to 'sts'. Bram Matthys 2017-10-17 18:12:13 +02:00
  • 98b4832b27
         clarify Bram Matthys 2017-10-12 20:18:24 +02:00
  • c2d80028b3
         Update release notes to reflect latest changes. Bram Matthys 2017-10-12 20:16:42 +02:00
  • 307243ff7a
         Show (previously hidden) umode -r to user on nickchange. Reported by Mewsito (#4949). Bram Matthys 2017-10-11 18:25:58 +02:00
  • 1d659296c2
         Fix Windows compile problem Bram Matthys 2017-10-11 17:33:39 +02:00
  • b7b8e41ac4
         CAP chghost: also send CHGHOST message to "self" (impacted user) https://github.com/ircv3/ircv3-specifications/issues/324 Bram Matthys 2017-10-11 10:29:00 +02:00
  • df5ed0884e
         Use spkifp instead of sslclientcertfp in example conf. Add example link block for services (but reject if user does not change the default password) Bram Matthys 2017-10-09 15:10:37 +02:00
  • 9e1160b74f
         Add './unrealircd spkifp' which will output the SPKI fingerprint along with the exact password section to use in the link block on the other side of the link. Also used in tutorial now at https://www.unrealircd.org/docs/Tutorial:_Linking_servers Bram Matthys 2017-10-09 14:59:19 +02:00
  • 55e4c8ea03
         Tell admins to verify the SSL/TLS certificates of their server links. https://www.unrealircd.org/docs/Link_verification This is only outputted if both sides are 4.0.16+ so we can use spkifp and use the same instruction on both sides of the link. (If we would do it for previous versions then we would only give half of the instructions to the users, which makes no sense) Bram Matthys 2017-10-09 14:17:35 +02:00
  • 16faccb777
         Add support for 'spki' authtype. Example: password "AHMYBevUxXKU/S3pdBSjXP4zi4VOetYQQVJXoNYiBR0=" { spkifp; }; This value will stay the same even for new SSL/TLS certificates, as long as the key stays the same. This can be useful in case of Let's Encrypt (if you use a tool that keeps the same key, that is, certbot does not at the moment). Suggested by grawity (#5014). Bram Matthys 2017-10-09 12:28:08 +02:00
  • 75ab9a766c
         Dumdeedum Bram Matthys 2017-10-08 18:21:43 +02:00
  • f2603cdc49
         When booting the IRCd and the log is full (log::maxfilesize), the IRCd would not write the appropriate 'Max file size reached' message to the old log file. Reported by NoMiaus (#4919). Bram Matthys 2017-10-08 18:19:16 +02:00
  • abd7354bbb
         A common complaint is that spamfilters are hard to remove. Well, no more! There is now '/spamfilter del' which will output all spamfilter along with the appropriate command to delete each spamfilter (by unique ID). This way it should be easy for anyone to delete an existing spamfilter. Bram Matthys 2017-10-08 17:09:28 +02:00
  • 16f71e8360
         Add option: set { ban-include-username yes; }; which will make bans places by spamfilters (and some other systems) to be placed not on *@ip but rather on user@ip. Note that this won't work for ZLINE/GZLINE since no ident/username lookups are done in such cases. Bit of a niche feature but okay.. Bram Matthys 2017-10-08 15:44:42 +02:00
  • 1b6d49a9dc
         Add set { cloak-method ip; }; which will make cloaking only be done on the IP and thus result in an XX.YY.ZZ.IP cloaked host. This so you can have "IP cloaking" without disabling DNS lookups. GLINES on hosts still work and IRCOps (and yourself) can still see the host in /WHOIS. Requested in 4957 by Gottem and The_Myth. Bram Matthys 2017-10-08 15:14:57 +02:00
  • 66143927e0
         In /STATS S display throttling as anti-flood::connect-flood, as that is the new name (since about 2 years). Bram Matthys 2017-10-08 09:12:46 +02:00
  • b52b82f8a5
         Tweaks Bram Matthys 2017-10-07 21:42:41 +02:00
  • ee2435689c
         Some initial work on release notes for 4.0.16. Bram Matthys 2017-10-07 21:36:22 +02:00
  • 87815ad397
         Automatically discover SASL server if saslmechlist is sent by services and set::sasl-server is not set by the administrator. Looks like this: *** Services server 'services.test.net' provides SASL authentication, good! I'm setting set::sasl-server to 'services.test.net' internally. Hopefully this will increase SASL availability significantly. That is, once anope and atheme start sending the saslmechlist to us, of course ;) (see commit d6e26d59e5) Bram Matthys 2017-10-07 21:05:49 +02:00
  • 7801dc888d
         Move CAP NEW "sasl" sending to after EOS (End Of Synch) This so saslmechs are properly sent in case of services (re)connect, otherwise the CAP NEW is sent too early when the saslmechs are not known yet. NOTE: This makes sending "EOS" mandatory for any SASL servers. You should be doing this since 14 years ago (it was added in 3.2beta18 in August 2003) so hopefully that is the case. Anope is good anyway :) Bram Matthys 2017-10-07 19:40:39 +02:00
  • d6e26d59e5
         Allow services to set the saslmechlist so it can be used by sasl v3.2. Note to services coders: send something like this: MD client your.services.server saslmechlist :EXTERNAL,PLAIN Bram Matthys 2017-10-07 19:20:06 +02:00
  • 5bd9878413
         Only send CAP parameters (token=aaaaaa) to clients with CAP proto 302 or higher, as per CAP specification. (So use "CAP LS 302" to see them) Bram Matthys 2017-10-07 19:18:21 +02:00
  • 5c7d89a642
         Add support for "CAP extended-join". Bram Matthys 2017-10-07 18:33:25 +02:00
  • 2248699c60
         Fix crash due to previous enhancements. Bram Matthys 2017-10-07 17:25:37 +02:00
  • 5124e60b7c
         Add "CAP chghost" support. Internal recode of userhost changes. Fix force-rejoin not working if doing SVSMODE -x/+x (Koragg, #5015). Bram Matthys 2017-10-07 13:31:30 +02:00
  • 0fd265349a
         Remove HOSTILENAME config.h option since running without it is and has never been supported. Bram Matthys 2017-10-07 09:33:48 +02:00
  • 23ce2eaabe
         It helps if you also update the *.h files to reflect those changes. Duh. Bram Matthys 2017-10-07 09:32:09 +02:00
  • 3d38adff4f
         Rename config.h setting CLIENT_FLOOD to DEFAULT_RECVQ since that is what it is. You should simply set a class::recvq instead of changing this in config.h. Bram Matthys 2017-10-07 09:29:47 +02:00
  • 885e474211
         Removed option in config.h to disable NO_FLOOD_AWAY. You can already tweak or disable this via set::anti-flood::away-flood. Bram Matthys 2017-10-07 09:25:45 +02:00
  • 1a80309314
         Remove strange include/config.h option called CMDLINE_CONFIG which would allow you to use -f even if the IRCd is suid or sgid. This is not anything we or you ever want to permit since this is a major security problem. This setting is now gone. I doubt anyone used it. Bram Matthys 2017-10-07 09:22:32 +02:00
  • 08496ec47b
         Remove various #define's from config.h that don't actually do anything (or are incorrectly documented). Bram Matthys 2017-10-07 09:19:14 +02:00
  • 7a33a2c019
         Move CONNECTTIMEOUT to set::handshake-timeout and clarify the setting at https://www.unrealircd.org/docs/Set_block#set::handshake-timeout Requested by marco500 in #5011. Bram Matthys 2017-10-07 08:45:48 +02:00
  • d6acbf63b0
         Move MAXUNKNOWNCONNECTIONSPERIP to set::max-unknown-connections-per-ip. Rarely tweaked setting, but for those who need it it's easier in the conf. Requested by marco500 (#5011). For documentation of this setting see: https://www.unrealircd.org/docs/Set_block#set::max-unknown-connections-per-ip Bram Matthys 2017-10-07 08:15:52 +02:00
  • 37dbdfeee3
         Bump version to 4.0.16-devel. This version is under development. You should always use https://www.unrealircd.org/ for stable releases. In case you wondered what happened with 4.0.15: that version consists of cherry-picked / backports of the two crash fixes from this 'unreal40' development branch. The current code simply wasn't ready yet for a rushed security release. Bram Matthys 2017-10-01 19:37:29 +02:00