| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
According to RFC 2812 3.2.3 "Channel mode message" and the examples
there, it looks like clients should use "MODE -k <key>" to unset channel
keys; and that's how other servers and services behave and do expect it.
(But please note that this is NOT the case for "MODE -l"!)
In the end, it doesn't make sense to specify a key when UNsetting it at
all, and different services behave diffrently when clients do not send
the currently set key to unset it - some ignore such calls, for example!
But this implementation is quite relaxed, it accepts any key when
unsetting channel mode "k" and even accepts no key at all. But the reply
will always include an "*" character for every "-k" parameter.
|
|
C99 states that vsnprintf() "returns the number of characters that
would have been printed if the n were unlimited"; but according to the
Linux manual page "glibc until 2.0.6 would return -1 when the output
was truncated" -- so we have to handle both cases ...
|
|
|
|
* 'bug167-WebircIPAnoDNS' of git://arthur.barton.de/ngircd-alex:
WEBIRC: Don't respect hostname when DNS is disabled
|
|
* 'bug165-005-NETWORK' of git://arthur.barton.de/ngircd-alex:
Implement new configuration option "Network"
|
|
|
|
Test functions snprintf(), strlcpy(), strlcat(), vsnprintf() for
correctness, not only existance (which was quite useless, because
if they weren't available, the program could not have been linked
at all ...).
|
|
|
|
|
|
Reported by Toni Spets (hifi - at - jnz - dot - fi).
|
|
The new configuration variable "Network" is used to set the (completely
optional) "network name", to which this instance of the daemon belongs.
When set, this name is used in the ISUPPORT(005) numeric which is sent to
all clients connecting to the server after logging in.
Closes bug #165.
|
|
When DNS lookups are disabled, don't set the hostname received by the
WEBIRC command, but use the IP address instead.
Reported by Toni Spets <toni.spets@iki.fi>, thanks!
Closes bug #167.
|
|
At least AIX 4.3.3 and 5.1 have a broken implementation of getaddrinfo()
which doesn't handle "0" as numeric service correctly. This patch adds
a configure check for this case and changes all calling functions to only
use getaddrinfo() if it "works".
See <http://www.stacken.kth.se/lists/heimdal-discuss/2004-05/msg00059.html>
|
|
|
|
AIX 4.3 dosn't support it, for example.
|
|
|
|
|
|
|
|
|
|
Increase the penalty for a command before checking its arguments. This
makes the handling more consistent and allow us to move more penalties to
Handle_Request().
|
|
This centralizes the penalty handling. It also exposes some commands that
lack it for our attention.
|
|
This will pave the way to other changes and simplifies the entries somewhat.
|
|
This ensures that all errors have a 2 second penalty.
|
|
This helps against brute-force attempts.
|
|
IRC_WriteErrClient() already calls IRC_SetPenalty(). While here convert
some IRC_SetPenalty() + IRC_WriteStrClient() to IRC_WriteErrClient().
|
|
|
|
This fixes the following error when compiling without zlib support:
irc.c: In function ‘Option_String’:
irc.c:487: error: ‘options’ undeclared (first use in this function)
Reported by "der_baer" on #ngircd.
|
|
FreeBSD prior to 10.0 does not automatically stir on fork(). Same with
current NetBSD. If arc4random_stir() is present assume is needed and
call it instead of srand().
|
|
With the introduction of CipherList we could have longer config lines.
Handle up to 1024 bytes and warn if the line will be truncated.
|
|
|
|
If arc4random is present it will be used over the srand/rand interface.
This fixes some warnings in OpenBSD-current.
|
|
|
|
This fixes the following warning on OpenBSD 5.3:
ngircd.o(.text+0xeb4): In function `main':
src/ngircd/ngircd.c:300: warning: strcat() is almost always misused,
please use strlcat()
Thanks to Götz Hoffart for reporting this!
|
|
Kill all clients that match a new GLINE/KLINE mask and genrate apropriate
KILL commands. These KILL commands can be superfluous, but are required
when the IRC Operator isn't allowd to set remote G-Lines or if there are
older servers in the network that don't kill clients on GLINE/KLINE.
Closes bug #156.
|
|
|
|
The old local function Kill_Nick() in irc.c has been an ugly hack. This
patch implements a generic function for killing clients.
Adjust all callers of Kill_Nick() and respect the return code!
|
|
Now invalid prefixes aren't logged no more when originating from an other
server (besides in debug mode), and spoofed prefixes are correctly logged
using LOG_WARNING (from an other server) or LOG_ERR (from a client) levels.
In addition, the log message texts have been adjusted to better reflect
what will happen: commands with invalid prefixes are ignored and logged,
commands with spoofed prefixes will result in the client being disconncted
(regular users) or the command being ignored (other servers).
This cleans up logging of commands related to already KILL'ed clients.
|
|
All places where Client_OperByMe() is used can either be converted to
Client_HasMode(Client, 'o') or Op_Check().
And Op_Check() itself can use the connection handle for deciding whether
the IRC Operator is a local user or not.
|
|
Change "stats L" to show servers and user links and restrict it to
IRC Operators.
|
|
|
|
While here correct some indentation.
|
|
Switch cipher defaults to HIGH:!aNULL:@STRENGTH (OpenSSL) or
SECURE128 (GnuTLS).
|
|
* alex/bug162-SSLCipherList:
Cipher list selection for GnuTLS
ConnSSL_Init_SSL(): correctly set CONN_SSL flag
Cipher list selection for OpenSSL
ConnSSL_InitLibrary(): Code cleanup
|
|
In some error cases conn_id will be left as SERVER_WAIT and
subsequently ignored in Check_Servers(). Ensure conn_id is set to
NONE before returning from New_Server() if we couldn't establish
the connection.
Prompted by a report from gabrielgi-at-gmail-dot-com.
|
|
Without this patch, ngIRCd ignores SSL-related messages and continues
to start up but only listens on plain text communication ports -- and
this most probably isn't what the administrator wanted ...
Closes bug #163.
|
|
This patch implements the missing functionality for cipher list selection
using GnuTLS (our OpenSSL code has this already).
|
|
The CONN_SSL flag must be set before any calls to ConnSSL_Free()!
|
|
This patch introduces the possibility to arbitrarily select ciphers which
should be promoted resp. declined when establishing a SSL connection
with a client by implementing the new configuration option "CipherList".
By default, OpenSSL would accept low and medium strength and RC-4 ciphers,
which nowadays are known to be broken.
This patch only implements the feature for OpenSSL. A GnuTLS counterpart
has to be implemented in another patch ...
Original patch by Bastian <bastian-ngircd@t6l.de>.
Closes bug #162.
|