| Age | Commit message (Collapse) | Author |
|---|
|
This requires keeping track of currently active certificates, so those
are stored separately, along with a reference counter, and discarded
when they are no longer in use.
|
|
|
|
|
|
Fix the handling of legacy "Key" and "MaxUsers" [Channel] settings:
- Activate them before evaluating the "Modes" parameter, to allow the
latter to override those legacy options.
- Enforce setting the respective +k/+l mode(s) to support the legacy
"Mode = kl" notation, which was valid but is an invalid MODE string:
key and limit are missing! So set them manually when "k" or "l" are
detected in the first MODE parameter.
- Sort modes +kl alphabetically, adjust test suite accordingly.
|
|
|
|
|
|
Allow setting arbitrary channel modes in the config file.
Closes #55.
|
|
Most probably this doesn't make any difference to any client, but it
seems correct. See <http://www.irc.org/tech_docs/005.html> for details.
|
|
Fix the following Clang "LeakSanitizer" error (which isn't quite
relevant in this test program, but anyway):
ERROR: LeakSanitizer: detected memory leaks
Direct leak of 7 byte(s) in 1 object(s) allocated from:
#0 0x7f8c4d022810 in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
#1 0x5601a801491a in Check_strtok_r (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x291a)
#2 0x5601a8014d77 in main (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x2d77)
#3 0x7f8c4c69009a in __libc_start_main ../csu/libc-start.c:308
SUMMARY: AddressSanitizer: 7 byte(s) leaked in 1 allocation(s).
FAIL: portabtest
|
|
|
|
|
|
Return with exit code 0 ("no error") when "--help" or "--version" was
used (this resulted in exit code 1, "error" before).
And exit with code 2 ("command line error") for all invalid command
line options, and show the error message on stderr (message was printed
to stdout before, and exit code was 1, "generic error").
This new behaviour is more in line with the GNU "coding standards",
see <https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html>.
|
|
|
|
|
|
Previously, each server would cloak every user's hostmask. The problem
is that if a network has more than one server, then a user's hostmask
would get cloaked twice. This patch ensures that a server only cloaks
the hostmask if it has not yet been cloaked (the period indicates it's
still an IP address).
Closes #228.
|
|
Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph
Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!
|
|
This includes:
- "Real name" of a client (4th filed of the USER command).
- Server info text ("Info" configuration option).
- Admin info texts and email address ("AdminInfo1", "AdminInfo2" and
"AdminEmail" configuration options).
- Network name ("Network" configuration option).
The limit was 64 bytes before ...
Closes #258.
|
|
Don't exit during runtime (REHASH command, HUP signal), because the
server name can't be changed in this case anyway and the new invalid
name will be ignored.
|
|
- Show name of configuration file at the beginning of start up.
- Add a message when ngIRCd is ready, including its host name.
- Show name of configuration file on REHASH (SIGHUP), too.
- Change level of "done message" to NOTICE, like "starting" & "ready".
- Initialize IO functions before channels, connections, clients, ...
|
|
|
|
This option configures the maximum penalty time increase in seconds, per
penalty event. Set to -1 for no limit (the default), 0 to disable
penalties altogether. ngIRCd doesn't use penalty increases higher than 2
seconds during normal operation, so values higher than 1 rarely make
sense.
Disabling (or reducing) penalties can greatly speed up "make check" runs
for example, see below, but are mostly a debugging feature and normally
not meant to be used on production systems!
Some example timings running "make check" from my macOS workstation:
- MaxPenaltyTime not set: 4:41,79s
- "MaxPenaltyTime = 1": 3:14,71s
- "MaxPenaltyTime = 0": 25,46s
Closes #249.
|
|
|
|
For example:
* src/ngircd/irc-login.c:102:21: Implicit conversion loses integer
precision: 'int' to 'char'
* src/ngircd/conn.c:1084:9: Implicit conversion turns floating-point
number into integer: 'double' to 'bool'
* src/tool/tool.c:85:10: Implicit conversion loses integer precision:
'int' to 'char'
|
|
Found by Xcode/Clang code analyzer. No functional changes.
|
|
According to an IRCv3 extension, the 5th parameter can be used for extra
flags that are fine to ignore for now, but limiting WEBIRC params to 4
causes a syntax error.
See https://github.com/ircv3/ircv3-ideas/issues/12 for more information.
This closes #247.
|
|
|
|
When ngIRCd failed to spawn a new resolver subprocess, the connection
structure was still marked as "SERVER_WAIT", and no new attempt to
connect to this server was made.
Thanks to Robert Obermeier for reporting this bug!
Closes #243.
|
|
This patch fixes a "use after free" bug which is hit while processing
ERROR commands while a new client is logging into the server, which
leads to only the CLIENT structure becoming freed, but not the
CONNECTION structure, too. And this leads to the daemon accessing the
already freed CLIENT structure later on ...
So now IRC_ERROR() uses the correct function Conn_Close() to correctly
free both structures.
The CONNECTION structure is cleaned up later on, and the freed CLIENT
structure can't be overwritten during normal operations, therefore this
bug normally can't crash (DoS) the service -- but you can easily hit it
when using the GCC option "-fsanitize=address", or run ngIRCd with
Valgrind.
Thanks a lot to Joseph Bisch <joseph.bisch@gmail.com> for discovering
and reporting this issue!
|
|
This prevents the channel from becoming flooded by unecessary TOPIC
update messages, that can happen when IRC services try to enforce a
certain topic but which is already set (at least on the local server),
for example. Therefore still forward it to all servers, but don't inform
local clients (still update setter and timestamp information, though!)
|
|
|
|
Update user mode "C" handling ("Only users that share a channel are
allowed to send messages") to behave like user mode "b" ("block private
messages and notices") and therefore allow messages from servers, services,
and IRC Operators, too.
Change proposed by "wowaname" in #ngircd, thanks!
|
|
|
|
|
|
When compiling without "working getaddrinfo()", the "af" parameter of
ForwardLookup() is unused by that function. Mark it as such!
This prevents the following compiler warning:
resolve.c:235:56: warning: unused parameter ‘af’
[-Wunused-parameter]
|
|
When compiling ngIRCd without support for SSL and without support for
ZLIB, gcc outputs the following warning:
irc.c:493:9: warning: variable ‘options’ set but not used
[-Wunused-but-set-variable]
Fix it by providing a dummy function in this case.
|
|
This should fix the following compiler warning:
resolve.c:113:1: warning: ‘Get_Error’ defined but not used
[-Wunused-function]
Which can happen, because the logic of commit 543f44bf isn't sufficient:
Get_Error() is only used when neither HAVE_WORKING_GETADDRINFO nor
HAVE_GETNAMEINFO are set ...
Enhances 543f44bf.
Closes #241.
|
|
In the end, service clients behave like regular users, therefore IRC
operators and servers should be able to KILL them: for example to
resolve nick collisions.
This is related to #238.
|
|
This prevents clients from killing IRC services, for example.
Closes #238.
Closes #239.
|
|
The usage of Get_Error is guarded by "ifdef h_errno" in this file, the
definition of this function should follow the same rules.
Fixes a build error when cross-compiling:
https://github.com/ngircd/ngircd/issues/223
|
|
The daemon only enlarged its connection pool when accepting new client
connections, not when establishing new outgoing server links.
Thanks to Lukas Braun (k00mi) for reporting this!
In addition this patch streamlines the connection pool allocation, so
that there is only one place in the code allocating the pool: the now
updated Socket2Index() function. The name doesn't quite fit, but this
existing and today quite useless function (because the mapping from
socket number to connection index is 1:1 today) already became called
in almost all relevant code paths, so I decided to reuse it to keep the
patch small ...probably we want to fix the naming in a second patch?
Closes #231.
|
|
|
|
|
|
Don't wait for the peer to close the connection. This allows us to
forward the ERROR mesage in the network, instead of the very generic
"client closed connection" message.
|
|
|
|
And log this event to the &SERVER channel, too.
|
|
|
|
Explicitely forbid remote servers to modify "x-lines" (G-LINES) when the
"AllowRemoteOper" configuration option isn't set, even when the command
seems to originate from the remote server itself: this prevents GLINE's
to become set during server handshake in this case (what wouldn't be
possible during regular runtime when a remote IRC Op sends the command)
and what can't be undone by IRC Ops later on (because of the missing
"AllowRemoteOper" option) ...
|
|
At the moment, ngIRCd fails to build against OpenSSL 1.1 since the
configure check probes for the SSL_library_init symbol which was
removed, but probing for a different function availabe in both versions
solves that problem: SSL_new().
And as SSL_library_init is no longer needed, the patch boils down to
probing SSL_new to assert libssl is available, and disabling the
SSL_library_init invokation from OpenSSL 1.1 on, see also another
application[1] (NSCA-ng) that did pretty much the same.
Patch was compile-tested on both Debian jessie (OpenSSL 1.0.2) and
stretch (OpenSSL 1.1).
[1] <https://www.nsca-ng.org/cgi-bin/repository/nsca-ng/commit/?id=8afc22031ff174f02caad4afc83fa5dff2c29f8a>
(Patch by Christoph, commit message cherry-picked from the email thread
on the mailing list by Alex. Thanks!)
|
|
This fixes the following correct -Wmisleading-indentation warning
messages of gcc 6.2:
irc-write.c: In function ‘IRC_SendWallops’:
irc-write.c:521:4: warning: this ‘if’ clause does not guard...
irc-write.c:524:5: note: ...this statement, but the latter is
misleadingly indented as if it is guarded by the ‘if’
irc-write.c:526:4: warning: this ‘if’ clause does not guard... []
irc-write.c:529:5: note: ...this statement, but the latter is
misleadingly indented as if it is guarded by the ‘if’
irc-info.c: In function ‘IRC_STATS’:
irc-info.c:895:3: warning: this ‘else’ clause does not guard...
irc-info.c:897:4: note: ...this statement, but the latter is
misleadingly indented as if it is guarded by the ‘else’
No functional changes, the code has been correct, but the indentation
was wrong ...
|
|
This is useful when ./configure hasn't been run but some source code
linters are run in an editor, for example.
|