Ed Kellett
57657a33a3
Document kline_spoof_ip
2020-04-20 11:10:39 +01:00
Ed Kellett
40e76ac76c
Handle kline_spoof_ip in check_one_kline
2020-04-20 11:10:39 +01:00
Ed Kellett
67e05d5b67
Add an iline flag to match klines by spoof only
2020-04-20 11:10:39 +01:00
Aaron Jones
30193794a1
Merge pull request #317 from edk0/leak
...
librb/event: Don't leak event names on completion
2020-04-19 14:25:14 +00:00
Ed Kellett
ad516b7d47
librb/event: Don't leak event names on completion
2020-04-19 14:22:18 +01:00
Aaron Jones
2c11ccb99e
Merge pull request #313 from edk0/spoof-chban
...
Don't match iline-spoofed IPs for channel bans
2020-04-19 12:11:19 +00:00
Aaron Jones
dd9796d65d
Merge pull request #314 from jesopo/message-handler-comment
...
rectify comment for Message handler indexes
2020-04-19 12:06:16 +00:00
jesopo
b2ee72e448
remove LAST in comment too; it's a bit pointless
2020-04-19 13:05:01 +01:00
Aaron Jones
60445f51d0
Merge pull request #315 from edk0/check-kline
...
Make K-line checking more consistent
2020-04-19 11:57:08 +00:00
Ed Kellett
485d245ec0
Add ipv4-in-ipv6 logic to check_one_kline
2020-04-19 11:53:38 +01:00
Ed Kellett
9274c0f3f4
Align check_one_kline better with find_kline
2020-04-19 11:53:38 +01:00
Ed Kellett
de0673d7ad
Move ipv4-in-ipv6 handling to find_conf_by_address
...
This removes some inconsistencies: first of all it applies to both
CONF_KILL searches by IP in find_address_conf, and secondly it applies
to find_kline, which would have been an edge case before.
2020-04-19 11:53:38 +01:00
Ed Kellett
f53d2f45de
Refactor check_one_kline a tiny bit
2020-04-19 01:45:33 +01:00
jesopo
310f88cfb1
rectify comment for Message handler indexes
2020-04-19 00:01:29 +01:00
Ed Kellett
55ed78dab1
Don't match iline-spoofed IPs for channel bans
2020-04-12 12:35:18 +01:00
Ed Kellett
a7d4a0ab81
Centralise banmask matching logic
2020-04-12 12:35:18 +01:00
Aaron Jones
baef55657e
Merge pull request #311 from qaisjp/patch-2
...
readme: fix macOS instructions
2020-03-15 22:14:26 +00:00
Qais Patankar
c0d82abefc
readme: fix macOS instructions
2020-03-15 22:06:42 +00:00
Aaron Jones
6cfb19943a
extensions/extb_ssl.c: make certfp parameter case-insensitive
...
I had the idea that maybe these should be case-sensitive because some
encodings (like Base-64) are. But it turns out it's better to
prioritise not breaking existing configurations / channel mode lists,
and just revisit this in future maybe.
[ci skip]
2020-01-28 20:48:23 +00:00
Aaron Jones
e0a8d121fa
extensions/extb_ssl.c: port e0f1c3b5bc6c55b88938 & 5572f43834b93b898ea0
...
Reported-by: Opal Hart <opal@wowana.me>
2020-01-28 20:37:39 +00:00
Simon Arlott
155ecb7a7a
tests: Check sendto_wallops_flags works with format strings
2020-01-11 16:26:10 +00:00
Aaron Jones
b50e5b28d4
Merge pull request #308 from edk0/with-asan
...
Add --with-asan to build with asan
2020-01-10 15:36:06 +00:00
Ed Kellett
30a14c5884
Link asan in a clang-friendly way
2020-01-10 15:32:35 +00:00
Ed Kellett
6d17463554
Add --with-asan to build with asan
2020-01-06 23:46:44 +00:00
Aaron Jones
673fd77dd1
Merge pull request #304 from edk0/reject-expired
...
reject: Don't reject for expired K-lines
2020-01-03 17:33:10 +00:00
Ed Kellett
6cd12661af
reject: reorder to avoid leaks
2020-01-03 17:07:25 +00:00
Ed Kellett
b9c43bc08a
reject: Don't reject for expired K-lines
2020-01-03 16:24:36 +00:00
Aaron Jones
6cac5cce0f
Merge pull request #302 from edk0/sasl-usercloak
...
Import extensions/sasl_usercloak from ircd-seven
2020-01-02 20:31:06 +00:00
Aaron Jones
28e12fad3c
Merge pull request #297 from bmwiedemann/date
...
Set EXTERNAL_BUILD_TIMESTAMP from SOURCE_DATE_EPOCH
2020-01-02 20:29:13 +00:00
Aaron Jones
1a7927bb87
Merge pull request #303 from edk0/modreload-uaf
...
modules: fix use-after-free when reloading
2020-01-02 17:24:44 +00:00
Aaron Jones
cd39eef71e
Merge pull request #301 from edk0/reject-free-fix-fix
...
Remove from the list of propagated bans on expiry
2020-01-02 17:24:25 +00:00
Ed Kellett
6aa5c725ff
modules: fix use-after-free when reloading
2020-01-02 16:45:15 +00:00
Ed Kellett
b44f6669d8
sasl_usercloak: fix typo in format string
...
thanks @ProgVal
2020-01-02 16:29:23 +00:00
Ed Kellett
cdeca37ec3
sasl_usercloak: make the magic string more specific
...
Require '/account' at the end of the spoof, rather than
'account' anywhere.
2020-01-02 16:15:51 +00:00
Ed Kellett
5d5603b6ef
sasl_usercloak: modernize
2020-01-02 16:15:50 +00:00
Ed Kellett
11ae52095f
Remove duplicated notify_banned_client
2020-01-02 03:36:34 +00:00
Ed Kellett
5958d6b99b
sasl_usercloak: check K-lines after host change
2020-01-02 03:36:34 +00:00
Ed Kellett
40c4d9d85b
Revert "recheck users after applying SASL account cloaks"
...
This reverts commit 4d401d3c60019cf96b07a012106cab9678b7a79d.
2020-01-02 03:36:34 +00:00
Ed Kellett
5aeeea187e
recheck users after applying SASL account cloaks
...
(so K-lines on them will take effect properly)
2020-01-02 03:36:34 +00:00
Stephen Bennett
dae6f5dbee
Make sasl_usercloak.so update the original host, as well as the visible host if it hasn't already changed. Allows for the sasl spoof to be used to override services ones in some circumstances.
2020-01-02 03:36:34 +00:00
Stephen Bennett
271ddd99d7
Be sure to zero out host buffer before using it
2020-01-02 03:36:34 +00:00
Stephen Bennett
721410d575
Add sasl_usercloak module, to allow injecting SASL account name into a user's host on connection
2020-01-02 03:36:24 +00:00
Ed Kellett
0a7faba63d
Remove from the list of propagated bans on expiry
...
Fixes a use-after-free introduced in 548e31d3b
, which fixed a related
use-after-free introduced in a9536f755
.
2020-01-02 00:03:06 +00:00
Aaron Jones
b21c1403c6
Merge pull request #300 from edk0/reject-free-fix
...
Fix a use-after-free introduced in #298
2020-01-01 08:57:52 +00:00
Ed Kellett
548e31d3bd
Fix a place aconfs could be freed while referenced
...
(not a bug until a9536f755
since bans were not referenced before)
2020-01-01 08:51:53 +00:00
Aaron Jones
5eb10743f9
Merge pull request #299 from edk0/tkline-reason
...
Add config option to hide durations of temporary K/D-lines
2019-12-31 08:00:24 +00:00
Aaron Jones
008a1b9d8d
Merge pull request #298 from edk0/rejectcache
...
Remember and send reasons for rejectcache rejections
2019-12-31 07:59:56 +00:00
Ed Kellett
6292d72bbf
Add hide_tkdline_duration to documentation .confs
2019-12-31 01:56:05 +00:00
Ed Kellett
9914c013b4
Add general::hide_tkdline_duration
2019-12-31 01:56:01 +00:00
Ed Kellett
a9536f755c
reject: Remember and send reasons for rejections
...
rejectcache entries can now use either a K-line aconf or a static
string as a reason. This will be sent in a 465 numeric before the usual
ERROR. In the case of K-lines, it resembles the 465 you would have been
sent without being rejected:
; nc -s 127.6.6.6 127.0.0.1 5000
:staberinde.local 465 * :You are banned from this server- Temporary
K-line 4320 min. - abc123 (2019/12/31 01.07)
ERROR :Closing Link: (*** Banned (cache))
; nc -s 127.128.0.0 127.0.0.1 5000
:staberinde.local 465 * :You are not authorised to use this server.
ERROR :Closing Link: (*** Banned (cache))
2019-12-31 01:35:31 +00:00