Commit graph

182 commits

Author SHA1 Message Date
Simon Arlott
b5ad4cdfde
make soft asserts better by allowing them to be used in expressions 2017-07-29 22:39:53 +01:00
Simon Arlott
45285c4a73
librb: rb_lib_loop: avoid clang static analysis warning 2017-07-29 22:39:49 +01:00
Simon Arlott
630c15211d
librb: rb_linebuf_copy_raw: remove unused assignment 2017-07-29 22:28:47 +01:00
Simon Arlott
b0adc7bf97
librb: commio: Must set addrlen before every call to accept()
If an IPv4 connection is dropped by the pre-callback, and there is a
pending IPv6 connection on the same listening socket then the retried
accept() will be unable to populate `st` because `addrlen` will be too
small. Also initialise `st` each time to avoid a clang static analysis
warning.
2017-07-29 22:20:05 +01:00
Aaron Jones
c3abf98286
MbedTLS: Disable TLSv1.0 2016-12-30 17:59:48 +00:00
Aaron Jones
35cd299395
OpenSSL: Disable TLSv1.0
Also some misc other cleanups/additions to bring it in line with the
release/3.5 backend
2016-12-30 17:59:46 +00:00
Aaron Jones
5bcd4c7c60
GNUTLS: Provide a default priority string, disable TLSv1.0 in it
The user can still override this choice with the ssl_cipher_list option
in ircd.conf -- this is the only backend that will allow you to do so.
2016-12-30 17:59:35 +00:00
Aaron Jones
05281d7a0d
TLS backends: Move some library-dependent functions to the proper location
The comment incorrectly stated these were library-agnostic; infact, they
use library-dependent data types or macro names.
2016-11-15 12:16:03 +00:00
Simon Arlott
d8f0b5d763
cppcheck: fix various warnings/errors
[ircd/match.c:316]: (error) Shifting a negative value is undefined behaviour
[librb/src/patricia.c:55]: (error) Shifting a negative value is undefined behaviour
[modules/m_alias.c:64]: (portability) '(void*)message' is of type 'void *'. When using void pointers in calculations, the behaviour is undefined.
[modules/m_time.c:111]: (warning) %u in format string (no. 9) requires 'unsigned int' but the argument type is 'signed int'.
[modules/m_time.c:111]: (warning) %u in format string (no. 10) requires 'unsigned int' but the argument type is 'signed int'.
[librb/src/dictionary.c:819]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[librb/src/radixtree.c:1080]: (warning) %d in format string (no. 3) requires 'int' but the argument type is 'unsigned int'.
[ircd/s_user.c:351] -> [ircd/s_user.c:357]: (warning) Either the condition '0!=source_p' is redundant or there is possible null pointer dereference: source_p.
[extensions/ip_cloaking_3.0.c:109]: (warning, inconclusive) The buffer 'buf' may not be null-terminated after the call to strncpy().
[ircd/chmode.c:256]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_help.c:100]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_knock.c:169]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:628]: (style) Clarify calculation precedence for '&' and '?'.
[modules/m_stats.c:727]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:601]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:704]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:739]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:763]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:768]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:774]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:781]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:786]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:791]: (style) Clarify calculation precedence for '&' and '?'.
[librb/src/radixtree.c:804]: (style) Clarify calculation precedence for '&' and '?'.
[ircd/wsproc.c:372]: (style) Unused variable: len
[modules/core/m_modules.c:382]: (style) Unused variable: i
[modules/m_stats.c:741]: (style) Unused variable: amsg
[ircd/authproc.c:390]: (style) Unused variable: iter
[ircd/authproc.c:391]: (style) Unused variable: client_p
2016-10-28 20:13:36 +01:00
Simon Arlott
01dd3da541
rb_string_to_array: document parv array size 2016-10-22 22:36:47 +01:00
Aaron Jones
42e6fbaa8c
OpenSSL: Adjust ciphersuite order and update documentation 2016-10-18 11:17:41 +00:00
Aaron Jones
98c4aaeaff
MbedTLS: Adjust ciphersuite order and update documentation 2016-10-18 11:16:38 +00:00
Aaron Jones
56fbe141a1
GNUTLS: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
4d89c83c324605b through ecfdcb08e8c2bdd inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the gnutls.c between release/3.5 and release/4.
2016-09-17 17:53:01 +00:00
Aaron Jones
dd066596dc
MbedTLS: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
295c8f7d37bb557 through 265dc4e53c0b24e inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the mbedtls.c between release/3.5 and release/4.
2016-09-17 17:19:31 +00:00
Aaron Jones
73470f0b3c
OpenSSL: Forward-port release/3.5 improvements
The changes made in this file are detailed in release/3.5 commits
1f30c8943bf2ca3 through 92c04c6b9dbdd11 inclusive.

Some slight alterations are necessary; librb instead of libratbox,
snprintf() instead of rb_snprintf(), etc. Also, release/4 has
offline certificate digesting functionality. For more insight,
simply diff the openssl.c between release/3.5 and release/4.
2016-09-17 17:03:21 +00:00
Aaron Jones
c4acd427ac
MbedTLS: Misc backend cleanups
This is a forward-port of release/3.5 commit 566f4678

* Add generic direction enum for negotiation setup.

* Rename a rather long wrapper function to a shorter one consistent with
  what it does.

* Rework context setup function.

* Don't check for handshake state before beginning handshaking.

  The old backend began a handshake and then stepped into the callback
  function if it was interrupted; the current one just jumps right into
  it, so there is no need to check if it has previously succeeded,
  because it hasn't been attempted yet.

* Add missing errno assignment to one of the handshake wrappers.

* Don't bother checking if SSL_P(F) is NULL when we already checked if
  F->ssl is NULL -- this should be impossible.

* Don't bother checking if SSL_C(F) is NULL -- this was a no-op.

* Change the socket send and recv functions to not peer into a foreign
  ratbox structure -- use the correct function to get the socket fd.

* Rewrap some lines and function arguments.

Other backends will be brought into line with this backend soon.

This will enable easier maintenance of the backends, by reducing the
diffs between them, which should make different behaviour easier to
spot.
2016-09-10 08:51:09 +00:00
Aaron Jones
73c486c7a5
MbedTLS: Treat 0 bytes read/written to socket properly
At the moment, if a link quits in just the right (wrong [1]) way,
the quit reason will resemble:

    <-- foo (~bar@baz) has quit (Read error: (-0x0) )

This should resolve that.

[1] Peers should send a close_notify alert before abruptly shutting
    down their socket. This will result in a sane quit message:

    <-- foo (~bar@baz) has quit (Read error: (-0x7880) SSL -
    The peer notified us that the connection is going to be closed)

[ci skip]
2016-09-09 01:47:18 +00:00
Aaron Jones
7272518795
MbedTLS: Initial attempt to port release/3.5 commit 89d4c468 to this branch 2016-09-04 03:50:29 +00:00
Simon Arlott
1315fd5920
librb: set sockaddr port to 0 in success path
Instead of only in the failure path, which causes
all sorts of annoying server connection failures
when we try to repeatedly reuse the same port.
2016-09-03 14:36:17 +01:00
Aaron Jones
94f114641c
OpenSSL: Initialise if LibreSSL
LibreSSL's definition of OPENSSL_VERSION_NUMBER bites us in the ass,
*again*.
2016-09-01 19:29:47 +00:00
Aaron Jones
572c2d4b05
OpenSSL: Initialise one context at a time
If initialising the server context fails, but the client one succeeds,
we will not only leak memory, but the error message reported for
initialising the server context might not make sense, because we
initialise the client context after and that could erase or change the
list of queued errors.

This scenario is considered rare. Nevertheless, we now initialise the
client context after *successfully* initialising the server context.
2016-08-30 10:30:17 +00:00
Aaron Jones
31145ea0b3
TLS Backends: Harmomise the rb_ssl_get_cipher() function
The GNUTLS backend reports the version in use for the client as well
as its ciphersuite -- do the same for the other 2 backends.
2016-08-20 04:16:33 +01:00
Aaron Jones
4906854293
GNUTLS: Avoid null dereference in constructing ciphersuite 2016-08-19 20:26:43 +00:00
Aaron Jones
6971019a09
GNUTLS: Cleanup fingerprint generation
Removes intermediate buffer, properly check return values
2016-08-19 19:14:40 +00:00
Aaron Jones
add3f90b9f
openssl: Avoid use-after-free when rehashing fails to load new files
Commit cf12678 introduced a fix for issue #186 by freeing the old SSL_CTX
structure before constructing a new one, which could disconnect existing
clients otherwise.

Unfortunately, the freeing is done first, which means that if setting up
a new structure fails for any reason, there will be no usable structures
left, but they are still referenced.

This fix moves the freeing to the end of the function, using intermediate
new variables in the meantime. This problem was discovered while testing
against OpenSSL 1.1.0 RC6.
2016-08-12 13:34:13 +00:00
William Pitcock
2e29fd422d librb: remove one more VMS detritius 2016-06-19 21:47:59 -05:00
William Pitcock
0268efc78c librb: we have no plans to support VMS 2016-06-19 21:47:23 -05:00
William Pitcock
cfb1020589 librb: dictionaries which use integer keys may use 0 legitimately 2016-06-17 23:29:11 -05:00
Aaron Jones
499612f19e
mbedtls backend: indicate reason for TLS session termination
[ci skip]
2016-06-12 11:33:41 +00:00
Aaron Jones
47a66e154f
librb: silence some fairly harmless compiler warnings
These include warnings about "break" statements that will never be
executed (because they are after "return" statements), unused macros
(lost to code refactoring or never even used in the first place),
functions that call abort() or loop indefinitely but aren't marked with
the "noreturn" attribute, and use of variables possibly uninitialised
(a false positive).
2016-06-01 20:54:11 +00:00
Aaron Jones
d5ad6015c5
openssl: use snprintf(3) instead of rb_snprintf() 2016-06-01 18:04:43 +00:00
Aaron Jones
1490b52e19
openssl: More LibreSSL compatibility
LibreSSL does not have the new version macros & functions that OpenSSL
1.1.0 implements. This causes a compile-time failure against LibreSSL.

Further, the runtime function for returning the library version returns
the wrong number (the hardcoded constant number SSLEAY_VERSION_NUMBER
aka OPENSSL_VERSION_NUMBER, instead of LIBRESSL_VERSION_NUMBER).

Add more ifdef soup to remedy the situation.
2016-06-01 17:55:53 +00:00
Aaron Jones
3057f91d98
openssl: change how we load DH parameters
The code already assumes the presence of fopen(3) and errno, and, by
extension, fclose(3) and strerror(3), so just use those instead of the
BIO wrappers.

Additionally, don't fail to initialise if the DH file does exist but
parsing it fails, as per the pre-existing comment about them being
optional.
2016-05-25 21:46:34 +00:00
Simon Arlott
7c7cf006ca
librb: define UINT32_MAX for FreeBSD 4.8 2016-05-12 12:43:16 +01:00
Simon Arlott
87f7632760
librb: support rb_path_to_self on FreeBSD 4.8 2016-05-12 12:43:15 +01:00
Aaron Jones
1e7342d0f4
[mbedtls] Various fixes and improvements
* Move certificate, key, DH parameters and configuration to heap
  (Documentation states that setting new configuration, e.g.
   during a rehash, is unsupported while connections using that
   configuration are active)

  This is the same approach as the fix for #186

  Refcount these structures so as to not introduce a memory leak

  On rehash, it will use new structures only if there are no
  errors in constructing them

* Make fingerprint generation work for TLS connections

  See the comments in the newly created file for an explanation

* Fix memory leak when generating a fingerprint from a file

* Add better error-reporting (strings in addition to numbers)
  where possible

* Coalesce several connection memory allocations into one function

* Reduce boilerplate where possible (Charybdis targets C99)

* Support private key being in certificate file, and having no
  DH parameters file

* Correct erroneous closing comment
2016-05-05 03:47:57 +00:00
Aaron Jones
c40eede13b
[TLS Backends] Make version strings more useful and consistent 2016-05-05 03:47:46 +00:00
Aaron Jones
0fe9dd4119
[TLS Backends] Allow absense of private key file
Use the certificate file instead
2016-05-05 03:47:33 +00:00
William Pitcock
9cd0063a2c librb: fix commio build on win32 2016-04-30 19:33:31 -05:00
Aaron Jones
92404a1a98
[openssl] Forward-port some more cleanups from fixes to 3.5 2016-04-30 21:45:16 +00:00
Simon Arlott
8a29e7cd1e
librb: shutdown() listening sockets pending close() so that listeners can be reopened reliably 2016-04-30 11:36:28 +01:00
William Pitcock
d71787ab69 librb: rb_path_to_self(): use sysctl(2) interface on freebsd/dragonfly 2016-04-30 01:19:08 -05:00
William Pitcock
a2bfe0f88e librb: linebuf: don't reinvent rb_dlinkAddTailAlloc(). 2016-04-30 00:59:08 -05:00
William Pitcock
5a775221d2 tools: fix stub rb_strcasecmp() build 2016-04-29 19:52:19 -05:00
Simon Arlott
ff0414c856 librb: close FDs when they're freed (outside of select handler) 2016-04-29 16:19:08 -05:00
Aaron Jones
cf12678be5
[openssl] More improvements to the backend
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes #186)
* Don't try to set options / ciphers etc on a NULL CTX
* Clean up ifdef indentation
* Fix DH parameters memory leak
2016-04-29 16:26:52 +00:00
Simon Arlott
f9014791da
openssl: set ciphers on client connections too 2016-04-29 07:42:12 +01:00
Aaron Jones
6a7ea191a7
[mbedtls] correct printf argument count
[ci skip]
2016-04-27 22:11:19 +00:00
Aaron Jones
b28c26d965
Partially revert previous commit
The OpenSSL backend is the only one that assigns a non-constant
value to the length variable. Use the correct type for its
pointer and cast instead.

[ci skip]
2016-04-27 21:49:55 +00:00
Aaron Jones
e3760ba710
[TLS backends] Miscellaneous fixes
* Certificate fingerprint length functions return an "int", so use an
  int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
2016-04-27 21:45:19 +00:00
Simon Arlott
d6acb43769
openssl: don't allow certificates outside the validity period 2016-04-27 22:03:49 +01:00
Simon Arlott
c53b6ef2cc
epoll: don't try to read from closed FDs 2016-04-27 21:16:29 +01:00
Aaron Jones
b1f0549361
[openssl] support ECDHE on more than one curve when possible 2016-04-27 16:17:33 +00:00
Simon Arlott
0346918701
add mkfingerprint program 2016-04-26 20:49:03 +01:00
Simon Arlott
31646e89ba
librb: gnutls: check return value of fread() 2016-04-26 20:33:17 +01:00
Simon Arlott
e1f16ce22e
openssl: accept more certificate verify errors as valid 2016-04-25 20:38:39 +01:00
Simon Arlott
5ad62c80ee
librb: remove socklen parameter from rb_connect_tcp 2016-04-24 17:11:20 +01:00
Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.

(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Simon Arlott
7da82465a8
librb: mbedtls: fix rb_get_ssl_certfp()
Add missing break statements.
Return the hash length on success.
2016-04-23 22:45:13 +01:00
Simon Arlott
bf3bcbb5b2
librb: fix mbedtls library order
libmbedtls depends on libmbedx509 and libmbedcrypto
libmbedx509 depends on libmbedcrypto

They have to be specified in the correct order for the GNU linker to work.
2016-04-23 22:13:03 +01:00
Elizabeth Myers
c9b6f58349 Name the fallback strncasecmp properly [ci skip] 2016-04-10 17:28:20 -05:00
Elizabeth Myers
ea3168fff8 whoops, fix a typo 2016-04-10 17:26:09 -05:00
Elizabeth Myers
8b813d3060 Replace my shitty fallbacks with those from FreeBSD 2016-04-10 17:25:32 -05:00
Elizabeth Myers
efc4b18c78 *sigh* comment these out until travis is fixed. 2016-04-10 17:12:42 -05:00
Elizabeth Myers
c5514ce8ee Add these for now until travis actually gets their shit together. 2016-04-10 17:07:33 -05:00
Elizabeth Myers
238db37776 Get rid of install-sh and use shtoolize to create them.
Contributed by jackal^
2016-04-10 16:49:42 -05:00
Elizabeth Myers
9af0d38291 librb: minor adjustments to rb_strcasestr fallback to avoid warnings. 2016-04-10 10:10:46 -05:00
Elizabeth Myers
b376d0fd46 Properly clean up build artifacts.
Author: jackal^ from freenode
2016-04-09 04:55:57 -05:00
Elizabeth Myers
4eafa9e62f ipv4_from_ipv6: move to librb 2016-04-08 03:49:23 -05:00
Elizabeth Myers
508e25a85b librb: add versions of rb_strcasecmp, rb_strncasecmp, and rb_strcasestr.
The first two are POSIX but not standard (Windows has functions that act
like it, so use them), but the latter is non-standard, full stop.
2016-04-05 05:33:43 -05:00
Elizabeth Myers
731d128990 authd: rework module ID system
Provider ID's are now assigned dynamically at load-time. To accomodate
this, there is now a lookup system for finding providers by name (all
providers have names as well).
2016-04-05 04:31:22 -05:00
Elizabeth Myers
0e651b1441 librb: rb_run_event -> rb_run_one_event
This is to avoid confusion with rb_event_run, which does something else.
2016-04-02 23:38:28 -05:00
Elizabeth Myers
f8ef4b8dd6 win32: change from ircd-ratbox-class to charybdis-class 2016-04-02 23:19:38 -05:00
Elizabeth Myers
d86692fa44 Add new sockaddr_storage port retrieval/setting macros
These macros are safe for use on IPv6 and clean up a lot of code.
2016-03-31 03:00:29 -05:00
Elizabeth Myers
7b2c764f59 librb: don't include linux/tcp.h, that's already included 2016-03-31 01:16:34 -05:00
Elizabeth Myers
468ef960f8 opm: don't assume we have netinet/tcp.h
Instead, check for it in librb
2016-03-31 01:08:38 -05:00
William Pitcock
a20190d5ea librb: fix rb_path_to_self() dlinfo variant 2016-03-30 14:33:39 -05:00
Elizabeth Myers
42c5dd7e01 serno.h: remove it with make clean. 2016-03-25 11:47:02 -05:00
William Pitcock
ac2f2189f9 librb: define RB_PATH_SEPARATOR 2016-03-24 18:21:11 -05:00
Elizabeth Myers
491b3b39d5 cleanup: u_long -> unsigned long 2016-03-23 22:03:24 -05:00
Matt Ullman
c056dba233 Remove the rest of the SVN id tags 2016-03-23 20:13:12 -04:00
Matt Ullman
4b11f39115 Move away from BSD data types 2016-03-23 19:11:42 -04:00
Elizabeth Myers
3d1df26cdd librb/ports: ungimp thing. 2016-03-23 12:06:26 -05:00
Elizabeth Myers
3a1f645bed misc solaris fixes 2016-03-23 12:04:46 -05:00
Elizabeth Myers
2fc6772ee1 typedef-ify rb_radixtree for consistency. 2016-03-23 08:32:22 -05:00
Elizabeth Myers
4177311e6e Change struct Dictionary(*) to rb_dictionary(_\1).
This cleans things up a slightly and puts the dictionary stuff in its
own namespace.
2016-03-23 08:09:58 -05:00
Elizabeth Myers
56f84dedf7 DICTIONARY_FOREACH → RB_DICTIONARY_FOREACH
This is in librb and therefore should be prefixed.
2016-03-23 07:45:44 -05:00
Matt Ullman
e23126c83b Cleanup warnings 2016-03-21 22:28:41 -04:00
William Pitcock
87b20cbb75 librb: use readlink(2) on linux for the direct path instead of dlinfo 2016-03-21 21:26:28 -05:00
William Pitcock
b7c7f290c7 librb: provide rb_path_to_self() on windows 2016-03-21 21:20:50 -05:00
William Pitcock
790e4dce4e librb: add rb_path_to_self(), which provides fairly reliable runtime path detection 2016-03-21 21:11:53 -05:00
William Pitcock
36b3cff77f configure: fix msys checks 2016-03-20 22:06:54 -05:00
William Pitcock
e452b26e46 librb: configure: tolerate older msys versions having wrong uname -a output 2016-03-20 22:01:17 -05:00
Elizabeth Myers
98793cc9e4 librb: remove an experiment I had.
This won't really work on 32-bit architectures due to pointer
truncation. In any case, I wasn't planning on using it for this reason,
it was simply something I tinkered with.
2016-03-20 10:28:35 -05:00
William Pitcock
eb55877548 librb: fix socklen_t check 2016-03-20 04:24:30 -05:00
William Pitcock
d24856d228 librb: commio: squelch setsockopt(3) warnings 2016-03-20 04:18:42 -05:00
William Pitcock
fe277230f9 librb: configure: also include ws2tcpip.h 2016-03-20 04:14:28 -05:00
William Pitcock
71b2af0611 acinclude: fix sockaddr_in6 checvk too 2016-03-20 04:10:33 -05:00
William Pitcock
ea83b018b5 librb: acinclude: check for ipv6 on win32 2016-03-20 04:08:12 -05:00
William Pitcock
38b68802a3 librb: rb_lib: undefine any previous errno consts on win32 2016-03-20 03:41:25 -05:00