pissircd

pissnet/pissircd

Fork 0

mirror of https://github.com/pissnet/pissircd.git synced 2024-06-05 07:48:44 +01:00

Commit graph

Select branches

Hide pull requests

piss-test

piss52

piss60

pissnet

unreal52

unreal60

#1

#10

#11

#12

#13

#14

#15

#16

#17

#18

#19

#2

#20

#21

#22

#23

#24

#25

#26

#27

#28

#29

#3

#30

#31

#32

#33

#34

#35

#36

#37

#38

#39

#4

#40

#41

#42

#43

#44

#45

#46

#47

#48

#49

#5

#50

#51

#52

#53

#54

#55

#56

#57

#58

#6

#7

#8

#9

ffe6877fbe Clean up unnecessary stuff Travis McArthur 2015-05-30 22:13:15 -0400
58bd3cf60b Preparations for #4356 (experimental / on-going): * add general matching framework (aMatch type, unreal_match_xxx functions) * change spamfilter { } block syntax * add support for simple wildcard matching (non-regex, just '?' and '*') This is the initial commit so the new lib is not in yet, 'regex' is not functional (but 'posix' and 'simple' are working), linking has not been fully tested and no warnings are printed yet. IOTW: work in progress! Bram Matthys 2015-05-30 21:11:11 +0200
39c3a03d14 found some more old webtv stuff. Bram Matthys 2015-05-27 18:05:04 +0200
a109bdb0f6 Rip out the final remains of WebTV (/MSG IRC ..) & change handling of VERSION replies for ban version { }. Bram Matthys 2015-05-27 18:00:16 +0200
542ef1acbb move aJFlood * stuff from core to jointhrottle module, using ModData. (as per TODO) Bram Matthys 2015-05-27 17:33:53 +0200
822f27f34c Remove "We will loose all flood counters!" message upon /REHASH. Bram Matthys 2015-05-27 10:41:45 +0200
9b9a35a155 Send numeric 396 on host changes Zoddo 2015-05-26 23:39:18 +0200
1f805a247b Add link to https://www.unrealircd.org/docs/Upgrading_from_3.2.x in (likely 3.2.x conf) errors. Bram Matthys 2015-05-25 17:16:19 +0200
bcbc3fd082 Fix crash with new block (that's 1..). Reported by dg (#4353). Bram Matthys 2015-05-25 16:59:48 +0200
efdefc4eb8 mute non-SSL warning for localhost (won't bother about other cases) Bram Matthys 2015-05-25 13:14:44 +0200
04727556c7 Show warning if non-SSL. Improve link error (on authentication failure). Auto-convert link::incoming::mask from like '1.2.3.4' to '*@1.2.3.4'. Bram Matthys 2015-05-25 13:06:18 +0200
db97b23bcb move to a single password entry in link block: "password in link block should be plaintext OR should be the SSL fingerprint of the remote link (=better)" Bram Matthys 2015-05-25 10:54:05 +0200
a1b3b9e1b9 quickly fix ssl ;) Bram Matthys 2015-05-25 10:27:39 +0200
8049136379 Restructure the entire link { } block (#4032). Initial commit (missing autoconnect, ssl, etc). Bram Matthys 2015-05-25 10:19:15 +0200
0a42cedf77 Bounce links that have their clock too far out of sync (#4214). Currently set at 1 minute. TODO: make configurable. This only works with newer servers as it relies on PROTOCTL TS=xyz very early in the synch. Bram Matthys 2015-05-24 16:16:31 +0200
c2ca896dea Add new flag MOD_OPT_PERM_RELOADABLE. Can be used instead of MOD_OPT_PERM if you want to permit re-loading but not complete un-loading of your module. This way you get the benefits of being able to upgrade code on-the-fly but can still disallow the user to do something potentially unwise. Bram Matthys 2015-05-23 20:43:31 +0200
1e8c2c0141 dead_link() can now deal with cases where it's called more than 1 time for the same (soon-to-be-dead) client Bram Matthys 2015-05-23 20:08:34 +0200
d386650f49 set throttling to 3 per 60 seconds by default (in case you have no set::throttle block) Bram Matthys 2015-05-23 19:08:37 +0200
3623ebae05 Add protection against SSL Renegotiation attacks (#4046). Reported by seraph. Also expose dead_link() to modules, IOTW: make it non-static. Bram Matthys 2015-05-23 19:04:41 +0200
c66d213748 Module coders: HOOKTYPE_RAWPACKET_IN: third argument is now int * rather than int so you can change the length (and readbuf is of 8K size, so should be plenty). Requested by s0beit in #4250. Bram Matthys 2015-05-23 17:47:47 +0200
c6fea92257 Port fix #4318 from 3.2.x: For services who allow you to log in by account name but still allow you to use a different nick: when you're logged in you are now considered registered as far as channel mode +M (only registered users may speak and +R (only registered users may join) are concerned. Same for user mode +R (only allow private messages from registered users). Tech: whenever services set SVID and it's not * and does not start with a number, then we consider this user to be 'logged in'. Whenever a user is set +r (s)he is also considered 'logged in'. This way it's compatible with both older and new services and doesn't introduce security issues with older services using servicetimestamp for nick tracking or other means. This issue was reported by ShawnSmith (#4318). Bram Matthys 2015-05-23 17:06:44 +0200
29f4d5d540 './unreal mkpasswd' now has 3 possible syntaxes: 1) No arguments: UnrealIRCd will prompt you to enter a password and hash it with the bcrypt algorithm. This is the recommended method. 2) One argument: It will hash the provided password with bcrypt 3) Two arguments: It will use the hashing algorithm of your choice (1st arg) to hash the provided password (2nd arg) We recommend to use syntax #1 as bcrypt is the best algorithm available and by using the prompt the password won't end up in your bash history (or whatever shell you use) and can't be snooped by other people with a shell on the same machine (by looking at the process list) Bram Matthys 2015-05-23 16:49:11 +0200
d5caf06ec5 bcrypt password hashing is now implemented (#4335). Not yet documented. Bram Matthys 2015-05-23 16:38:48 +0200
56911cad3c Fix windows packager: removed an #endif and removed references to Changes Bram Matthys 2015-05-23 16:18:11 +0200
d8858458a4 fix win32 build now Changes is gone. Hmm. need to clean this up. Bram Matthys 2015-05-23 16:16:32 +0200
6e48ddf3f9 add autodetect for AUTHTYPE_SSL_CLIENTCERTFP Bram Matthys 2015-05-23 15:19:44 +0200
4a38d0c838 make auth-type optional for passwords in config (#4334). Now you can just add password "$ZaJw56to$uSEc[etc..]"; to your configuration file without needing an explicit { md5; }; or { sha1; };. Naturally you can still specify an auth-type if you want to, and for types like 'sslclientcert' it's still required. Bram Matthys 2015-05-23 15:07:37 +0200
10af800c43 ./createchangelog is no longer used Bram Matthys 2015-05-23 14:20:58 +0200
d12b6962a5 convert to more understandable code Bram Matthys 2015-05-23 09:50:45 +0200
6e886d8dac whoops.. final cleanup. really. Bram Matthys 2015-05-23 09:31:20 +0200
af551ba491 more cleanups in src/auth.c, and don't require 'para' in Auth_Check() if we don't use it (eg: client certs) Bram Matthys 2015-05-23 09:27:21 +0200
8e43418775 get rid of win32-dependent code, not needed anymore as we have (Open)SSL on Windows as well Bram Matthys 2015-05-23 09:17:21 +0200
bd65916b5a more cleanups for AUTHENABLE_* Bram Matthys 2015-05-23 09:15:24 +0200
5c0e2b59e1 cleanup part I: remove #ifdef's for AUTHENABLE_*, as all of them will be available now we require (Open)SSL Bram Matthys 2015-05-23 09:11:28 +0200
4ca497ffef Merge pull request #26 from dboyz/auth-certfp Bram Matthys 2015-05-23 09:00:59 +0200
fd4acdc832 Document MD server command (module data / meta data). Bram Matthys 2015-05-21 19:37:23 +0200
a8f2e08ef8 Initialize variable and some fixes (don't blindly copy paste) dboyz 2015-05-21 11:00:06 +0800
0361248fc3 Provisional code to authenticate based on certfp based on moddata dboyz 2015-05-21 09:25:14 +0800
2dc8cb9e84 Allow win32 SSL inconsistencies Fix issue in previous commit Travis McArthur 2015-05-20 02:57:14 -0400
aea09603a4 Remove USE_SSL macro and associated code We no longer support non-SSL builds, remove related code Travis McArthur 2015-05-20 02:48:34 -0400
229bcca996 Remove Custom MD5 Implementation We no longer support builds without OpenSSL - consequently we have no reason to keep our custom MD5 implementation, and probably shouldn't keep it around Travis McArthur 2015-05-20 02:25:46 -0400
68b4f42a52 Merge pull request #24 from dboyz/auth_findtype-fix Travis McArthur 2015-05-19 10:51:31 -0700
6b7776cb1c Fix core from parse_v4_netmask parsing invalid cidrs Adam 2014-08-06 04:10:03 -0400
bc02d95f33 Ignore svsnicks when the new nick is the same as the old one Adam 2014-08-26 10:37:05 -0400
09c71fc5f9 Make auth_findtype case insensitive dboyz 2015-05-20 00:42:32 +0800
b17245d9a1 remove hate from Makefile Bram Matthys 2015-05-19 17:41:51 +0200
cafaebff3f update release notes & delete Changes file Bram Matthys 2015-05-19 17:41:23 +0200
4b8d5ac3ba Always build with OpenSSL. NON-SSL builds are no longer supported. Bram Matthys 2015-05-19 17:32:37 +0200
32aeb1fa6c ModData: only broadcast changes if sync==1. Fix return value of moddata_client_set(). Bram Matthys 2015-05-19 12:00:12 +0200
b7d11d3e0f Get rid of implicit declarations due to missing header file(s), now including unrealircd.h instead. Bram Matthys 2015-05-19 11:57:04 +0200
0391987147 update release notes for alpha2 Bram Matthys 2015-05-19 11:51:03 +0200
9da1988375 change version to 3.4-alpha2 Bram Matthys 2015-05-19 11:27:44 +0200
5ff5e01aa2 Rename moddata_client_XXX_string to moddata_client_XXX Bram Matthys 2015-05-19 11:22:11 +0200
7ad4b6db67 Module coders: introduce moddata_client_set_string() and moddata_client_get_string(). Will document later in ModData wiki page (which does not exist yet). Bram Matthys 2015-05-18 17:15:02 +0200
222c780d64 broadcast cert fingerprint on connect Bram Matthys 2015-05-18 17:01:04 +0200
e8888bae53 Update windows makefile to build modules/certfp Bram Matthys 2015-05-18 16:53:26 +0200
f9fb628aed Implemented certificate fingerprint: available through /WHOIS and synch'ed network-wide (via ModData system). Thanks to DBoyz and Nath (#4136) for the contributed patches. Initial commit (but it works). Bram Matthys 2015-05-18 16:48:41 +0200
28c2e83cc4 actually call moddata_free_client() :) Bram Matthys 2015-05-18 16:48:24 +0200
fa38dbf9e6 Added HOOKTYPE_WHOIS. May later be replaced by a more advanced system. Bram Matthys 2015-05-18 16:45:31 +0200
6f4ea900c1 Fixed pointer confusing in ModData system and made UnrealIRCd free all client ModData structures on client exit. Bram Matthys 2015-05-18 16:42:01 +0200
347609d958 Fix uninitalized read @ censor Bram Matthys 2015-05-18 16:26:57 +0200
d927dd3cd0 Delete old leftovers: newnet, ircdreg, rehash, killircd. Reported by katsklaw (#4342) and others. Bram Matthys 2015-05-18 12:58:04 +0200
a5dc160024 Self-signed certificates generated with 'make pem' are now 4096 bits and valid for 10 years. Also use SHA256 for signing. Bram Matthys 2015-05-18 12:24:55 +0200
b7e579df89 Self-signed certificates generated with 'make pem' are now 4096 bits and valid for 10 years. Also use SHA256 for signing. Bram Matthys 2015-05-18 12:22:23 +0200
8f7886d9c7 init_ctx_client() was accidentally setting options on ctx_server. Reported by Jobe (#4346). Bram Matthys 2015-05-18 12:12:24 +0200
1f9f12660a init_ctx_client() was accidentally setting options on ctx_server. Reported by Jobe (#4346). Bram Matthys 2015-05-18 12:06:49 +0200
af0e823116 Fix out-of-bounds read in parse_.._netmask. Reported by dg (#4349). Function was sometimes reading 1 byte before the actual string. Bram Matthys 2015-05-18 11:37:43 +0200
5d42ac844f [0004349] Fix OOB read - reported by dg Verified it doesn't appear to be security issue Travis McArthur 2015-05-17 12:24:02 -0400
fb58482c4b [0004348] Reported by janicez - Fix G:line cmd Parsing of commands based on permissions was incorret - if a command was not a user facing command explicitly, it would be denied for a user, furthermore if it was a server issuing the command, and it also was an oper command, it would be denied for similar reasons - corret parsing now in place. Travis McArthur 2015-05-14 02:06:50 -0400
1ea14aa2ea Merge pull request #20 from asterIRC/unreal34 Travis McArthur 2015-04-30 12:28:30 -0700
dad74daf0e Merge pull request #18 from dboyz/patch-2 Travis McArthur 2015-04-29 18:07:20 -0700
a6403e09b3 Uh. Well, I noticed a compilation error in the Git alpha, decided to mess with permanent.c, noticed that delayjoin.c didn't really work properly, modified delayjoin.c to send hosts with unhiding users, and here you have, a pull request from your worst nightmare. Unreal3.4 2015-04-29 20:14:45 +0000
18c617bb35 Modules can now simply include "unrealircd.h" rather than include various files in a specific order and risk missing one. Bram Matthys 2015-04-25 13:36:05 +0200
8caec780e4 modules can now simply include "unrealircd.h" rather than include various files in a specific order and risk missing ones.. Bram Matthys 2015-04-25 13:34:29 +0200
7be77080ea Add missing include, fixes compile error Daniel Tan 2015-04-24 18:31:45 +0800
4f59d6dbe7 Merge pull request #17 from dboyz/patch-1 Travis McArthur 2015-04-22 00:27:18 -0700
42214ebdf3 Add missing permission error message as reported in rabbitircd dboyz 2015-04-22 07:44:53 +0800
3b25ba5aed Fix build with LibreSSL / Detect missing RAND_egd. Patch from Bernard Spil. Bram Matthys 2015-04-06 10:44:56 +0200
506870ec86 In m_svsnick the HOOKTYPE_LOCAL_NICKCHANGE is called later than in m_nick, this means that if you hook this in a module and then send something from the hooked function to other servers it may cause a KILL from another server since the nick may already be changed (Ghost kill). For example if you send a MODE or something else. Subsequent kill chasing would cause the victim to be killed. Bram Matthys 2015-04-06 10:16:30 +0200
e535637621 Merge pull request #15 from Sp1l/unreal34 Travis McArthur 2015-03-10 07:51:36 -0700
07e707ae5b Fix build with LibreSSL Bernard Spil 2015-03-10 11:55:37 +0100
82781bc3a9 Merge pull request #11 from Adam-/master+svsnick Travis McArthur 2014-08-26 08:12:28 -0700
6c159756b4 Merge pull request #12 from Adam-/unreal34+secureinitializers Travis McArthur 2014-08-26 08:12:02 -0700
996c084d6f Fix secureonly Adam 2014-08-26 10:46:45 -0400
0602bf1991 Ignore svsnicks when the new nick is the same as the old one Adam 2014-08-26 10:37:05 -0400
8035168d5f Move TKL checking back into run loop Travis McArthur 2014-08-24 09:43:40 -0700
3c42268604 Fix typo in config - oops Travis McArthur 2014-08-23 23:01:24 -0700
496826f42c Make floodprot perm Modules that take parameters to chanmodes cannot be unloaded at this time, we probably want to investigate adding this capability in the future so we can do dynamic updates of those modules Travis McArthur 2014-08-22 21:36:15 -0700
b0f6a9e50c Add travis-ci config Travis McArthur 2014-08-21 08:47:00 -0700
cea0a16bd0 Remove failure case if ircd not booted and logging fails Modules or other resources could call ircd_log even if we are not fully booted, and we need to not fail in that situation, instead we should just emit the same warnings we usually do. Travis McArthur 2014-08-18 08:25:35 -0700
786b650f9c Add additional recursion checking/fix recursion checking Travis McArthur 2014-08-18 07:52:04 -0700
c780691c43 Reported by Adam-, add recursion checking to ircd_log Travis McArthur 2014-08-17 21:12:28 -0700
7eae9f8ffd Merge pull request #10 from Adam-/master+cidr Travis McArthur 2014-08-14 12:47:20 -0700
53616c9ec5 Fix core from parse_v4_netmask parsing invalid cidrs Adam 2014-08-06 04:10:03 -0400
e365d9a721 Merge pull request #9 from hyperi0n/patch-1 Travis McArthur 2014-08-01 11:16:57 -0700
ef05be9430 add missing ; in listen block hyperi0n 2014-08-01 19:22:41 +0200
5a7358a227 Merge pull request #8 from Adam-/unreal34+uid Travis McArthur 2014-08-01 07:41:56 -0700
5a90859cee Don't allow changing sid from rehash. Adam 2014-07-30 11:31:19 -0400
be37004c25 Merge pull request #6 from Adam-/unreal34+ssl Travis McArthur 2014-07-29 15:05:52 -0700
640961201d Merge pull request #7 from Adam-/unreal34+warning Travis McArthur 2014-07-29 15:02:37 -0700