vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
2080 commits 2 branches 0 tags 40 MiB
Commit graph

2080 commits

This branch
This branch
All branches
Author SHA1 Message Date
Aaron Jones cb266283f8 libratbox/openssl: Set explicit cipher list for the client context aswell 
This is in furtherance of commits 9799bea4 and 1f384464 and addresses
any potential vulnerability to LogJam <https://weakdh.org/>
 2015-05-20 16:41:34 +00:00
Aaron Jones c86f11da1c Fix regression introduced by previous commit 
I really shouldn't copy and paste code.
 2015-05-20 10:39:04 +00:00
Aaron Jones a4c8c82703 Tidy up OpenSSL options code, support new version-agnostic client and server APIs 2015-05-20 02:27:59 +00:00
Jail Bird 29c92cf95f Spring cleaning redux: 
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls

Thanks Jilles!
 2015-04-20 00:55:20 -05:00
Aaron Jones 32fb589528 Misc code cleanups 
* src/packet.c: Remove a dead store
* src/res.c: Remove a dead store
* src/sslproc.c: Remove a dead store
* src/sslproc.c: Don't call the same accessor twice

These silence some fairly harmless compiler warnings
 2015-03-27 23:07:20 +00:00
Aaron Jones cf3b152547 INFO: Be easier on human eyes 2015-03-26 14:47:36 -05:00
Aaron Jones c9b5cd623b Remove network_desc configuration option, never actually used anywhere 2015-03-26 14:46:54 -05:00
William Pitcock c7e38ca917 Merge pull request #92 from aaronmdjones/master 
Use accessor function for certificate fingerprint, allow fingerprint generation for chained unknown roots
 2015-03-24 12:31:24 -05:00
Aaron Jones 614502a63c Generate fingerprints for chained certificates with an unknown root 2015-03-24 05:25:38 +00:00
Aaron Jones d3806d0503 Use X509_digest() instead of memcpy() to obtain cert fingerprint 
This will continue to work even if the OpenSSL developers make the
X509* structure opaque, the current approach will not.
 2015-03-24 05:22:25 +00:00
William Pitcock 7dade6a811 cap: missed a spot on =sticky caps removal 2015-03-22 21:08:05 -05:00
William Pitcock c021aafd66 ircd manpage: remove references to ircd.conf(5) (closes #91) 2015-03-22 16:42:11 -05:00
William Pitcock a8b4d6d6b5 Merge pull request #90 from aaronmdjones/master 
Update ciphersuite string to prohibit RC4
 2015-03-22 16:36:04 -05:00
Aaron Jones 1f384464fa Update ciphersuite string to prohibit RC4 
This is in accordance with RFC 7465
<https://tools.ietf.org/html/rfc7465>

Also correct the key exchange mechanism strings; these should be
prefixed with 'k'.
 2015-03-22 06:14:39 +00:00
PrgmrBill bba82e6026 Updates format to match help/users/umode 
Instead of adding a new section I made it look like the example from help/users/umode.
 2015-03-17 16:39:25 -04:00
PrgmrBill 027c425c78 Adds a new section for extension channel modes 
Adds new section - "FROM EXTENSIONS". These channel modes may not be available if the related extension is not loaded.
 2015-03-17 15:19:14 -04:00
PrgmrBill 4e358381fb Wraps long lines + adds TLS 
- Fixes long line by wrapping
- Adds TLS as charybdis now has SSL_OP_NO_SSLv3
 2015-03-17 15:06:56 -04:00
PrgmrBill 0ab8263ff0 Adds SSL only channel mode 
Adds +S channel mode - Only users connected via SSL may join the channel while this mode is set. Users already in the channel are not affected.
 2015-03-17 14:57:55 -04:00
William Pitcock aaaf9faf1d cap: sasl is now enforced as sticky again 2015-03-10 08:21:46 -05:00
William Pitcock eafae32681 cap: chase ircv3.2 interpretation of sticky/ack-required caps (basically dropping support other than serverside enforcement of stickyness) 
change request @ ircv3/ircv3-specifications#122
 2015-03-10 08:21:10 -05:00
William Pitcock 27403553b5 Merge pull request #86 from rnjohnson18/patch-1 
Change example.conf to ircd.conf.example
 2015-03-08 19:22:49 -05:00
rnjohnson18 3514f17e98 Change example.conf to ircd.conf.example 2015-03-08 19:16:36 -05:00
William Pitcock 3b1e0380ce charybdis 3.5.0 rc1. 2015-03-08 15:26:31 -05:00
Mantas Mikulėnas 6fb9f21449 sasl: reformat the other messages consistently 2015-03-06 17:19:16 +02:00
Mantas Mikulėnas 1cae2411d7 sasl: adjust 'H' message following commit 7d33cce8ef 2015-03-06 17:18:54 +02:00
Jilles Tjoelker 9279ad6461 Fix some compiler warnings about signed/unsigned comparison. 2015-03-01 23:46:20 +01:00
Jilles Tjoelker 4f0d2b588b conf: Correct message when serverinfo::nicklen is set too low (<9). 2015-03-01 16:12:12 +01:00
Jilles Tjoelker dafbd7faba cap-notify: Fix possible crash on 64-bit systems. 
find_named_client() was called without a prototype and therefore the
pointer could be truncated.
 2015-03-01 15:00:52 +01:00
Jilles Tjoelker bed692ca0e send: sendto_local_clients_with_capability() needn't use serial 
sendto_local_clients_with_capability() sends to a subset of the list of
local clients and cannot visit the same client multiple times like
sendto_channel_flags() and sendto_common_channels_local() can.
 2015-03-01 14:55:57 +01:00
Max Teufel bbce62d2aa m_cap: do not allow sasl CAP when the agent is offline 2015-03-01 03:30:19 -06:00
William Pitcock 9f09e25b63 charybdis 3.5.0-test1. 2015-03-01 01:09:34 -06:00
William Pitcock bb2a50509a config: further EGD removal 2015-03-01 01:06:58 -06:00
William Pitcock e861902fd9 libratbox: remove RB_PRNG_EGD in its entirety (closes #85) 2015-03-01 01:05:14 -06:00
William Pitcock 125652041b cap-notify: implement cap-notify for sasl service (closes #84) 2015-03-01 00:58:40 -06:00
William Pitcock 984d80c988 cap-notify: add sendto_local_clients_with_capability() (ref #84) 2015-03-01 00:44:34 -06:00
William Pitcock 13de708352 cap-notify: add cap-notify cap 2015-03-01 00:26:23 -06:00
William Pitcock 8f05076d50 sasl: making the sasl capability actually sticky seems incompatible with broken implementations, so we make it just a formality instead. 2015-03-01 00:22:50 -06:00
William Pitcock c23902ae00 sasl: fix null deref on remote client exit 2015-03-01 00:01:24 -06:00
William Pitcock 8bb9594bf3 sasl: ircv3 wg decided sasl capability should be sticky (ref ircv3/ircv3-specifications#103) 2015-02-28 01:12:25 -06:00
Max Teufel 1b54aa5c3b src/channel: add support for IRCv3.2 userhost-in-names 2015-02-28 01:06:38 -06:00
William Pitcock 6e3d57dc6b cap: remove SASL_REAUTH capability 2015-02-28 01:01:08 -06:00
William Pitcock 51535fcbce sasl: allow reauth without sasl-reauth capability (since it's being dropped) 2015-02-28 00:48:43 -06:00
William Pitcock 676032301e move README to markdown. 2015-02-24 20:32:08 -06:00
William Pitcock 74bae4c6ff remove references to LIBPATH (closes #26). 2015-02-24 20:25:34 -06:00
William Pitcock 654caa84fb ircd.conf.example: explain DH parameters size better (closes #68) 2015-02-18 12:36:00 -06:00
William Pitcock dd28e3f2a4 Merge pull request #82 from grawity/sasl-send-conn-info 
m_sasl: send information about the client connection
 2015-02-18 12:29:57 -06:00
William Pitcock 95cce5f358 Revert "m_invite: add support for CAP invite-notify" 
This reverts commit 93eb76cc32.
 2015-02-16 17:50:51 -06:00
William Pitcock 4cb0a93d25 libratbox/gnutls: call gnutls_rnd_refresh() to ensure our PRNG is initialized 2015-02-16 17:40:25 -06:00
William Pitcock cfa7b5fdb0 rebuild configure 2015-02-16 15:57:14 -06:00
William Pitcock 7585af0f3b configure: move some OS X toolchain checks around (closes #40) 2015-02-16 15:55:36 -06:00