vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
3652 commits 2 branches 0 tags 40 MiB
Commit graph

303 commits

Author SHA1 Message Date
Ed Kellett a7d4a0ab81
Centralise banmask matching logic 2020-04-12 12:35:18 +01:00
Aaron Jones 6cfb19943a
extensions/extb_ssl.c: make certfp parameter case-insensitive 
I had the idea that maybe these should be case-sensitive because some
encodings (like Base-64) are. But it turns out it's better to
prioritise not breaking existing configurations / channel mode lists,
and just revisit this in future maybe.

[ci skip]
 2020-01-28 20:48:23 +00:00
Aaron Jones e0a8d121fa
extensions/extb_ssl.c: port e0f1c3b5bc6c55b88938 & 5572f43834b93b898ea0 
Reported-by: Opal Hart <opal@wowana.me>
 2020-01-28 20:37:39 +00:00
Ed Kellett b44f6669d8
sasl_usercloak: fix typo in format string 
thanks @ProgVal
 2020-01-02 16:29:23 +00:00
Ed Kellett cdeca37ec3
sasl_usercloak: make the magic string more specific 
Require '/account' at the end of the spoof, rather than
'account' anywhere.
 2020-01-02 16:15:51 +00:00
Ed Kellett 5d5603b6ef
sasl_usercloak: modernize 2020-01-02 16:15:50 +00:00
Ed Kellett 11ae52095f
Remove duplicated notify_banned_client 2020-01-02 03:36:34 +00:00
Ed Kellett 5958d6b99b
sasl_usercloak: check K-lines after host change 2020-01-02 03:36:34 +00:00
Ed Kellett 40c4d9d85b
Revert "recheck users after applying SASL account cloaks" 
This reverts commit 4d401d3c60019cf96b07a012106cab9678b7a79d.
 2020-01-02 03:36:34 +00:00
Ed Kellett 5aeeea187e
recheck users after applying SASL account cloaks 
(so K-lines on them will take effect properly)
 2020-01-02 03:36:34 +00:00
Stephen Bennett dae6f5dbee
Make sasl_usercloak.so update the original host, as well as the visible host if it hasn't already changed. Allows for the sasl spoof to be used to override services ones in some circumstances. 2020-01-02 03:36:34 +00:00
Stephen Bennett 271ddd99d7
Be sure to zero out host buffer before using it 2020-01-02 03:36:34 +00:00
Stephen Bennett 721410d575
Add sasl_usercloak module, to allow injecting SASL account name into a user's host on connection 2020-01-02 03:36:24 +00:00
Aaron Jones 58a7048006
Merge pull request #287 from edk0/filter 
Add extensions/filter (port from ircd-seven)
 2019-10-22 18:33:51 +00:00
Ed Kellett 09784400f2
filter: avoid a memory leak per @amdj 2019-10-22 18:44:19 +01:00
Aaron Jones a52d84f723
Merge pull request #293 from edk0/webirc 
m_webirc: improve TLS handling
 2019-10-22 16:17:33 +00:00
Aaron Jones 9e6c36d571
Merge pull request #294 from edk0/deny-webirc-auth 
m_webirc: deny using webirc. as a real auth block
 2019-10-22 16:16:36 +00:00
Ed Kellett 8ffc517321
m_webirc: deny using webirc. as a real auth block 2019-10-20 18:41:39 +01:00
Ed Kellett cccda2ff2f
m_webirc: it's "TLS" to you 2019-10-20 18:18:32 +01:00
Ed Kellett 11ef0e2b98
m_webirc: don't bail out when denying 'secure' 2019-10-20 18:18:32 +01:00
Ed Kellett a6b97b7d88
m_webirc: const-correctness 2019-10-20 18:18:27 +01:00
Ed Kellett d6c813780f
m_webirc: respect ircv3's secure option 2019-10-20 18:17:34 +01:00
Ed Kellett ab4420cbbe
m_webirc: enforce need_ssl 2019-10-20 18:17:33 +01:00
Ed Kellett e5742a172b
override: don't spam about (un)setting the mode 
We will spam about any uses of it, so this just seems like extra noise.
 2019-10-06 22:28:19 +01:00
Ed Kellett 0cbb1ba9f0
filter: explicit type conversion 2019-10-06 19:41:06 +01:00
Ed Kellett eb06afc3fa
filter: correct type for modinit 2019-10-06 19:24:35 +01:00
Ed Kellett 9fe8bccba0
Fix build when hyperscan is missing 2019-10-06 19:24:34 +01:00
Ed Kellett a8f402e909
filter: use AV2 2019-10-06 19:24:34 +01:00
Ed Kellett 344af24c2f
filter: add DROP and ABORT 2019-10-06 19:24:34 +01:00
Ed Kellett dc141aad45
filter: require an extra "+" before data 
This disambiguates it from control commands
 2019-10-06 19:24:33 +01:00
Ed Kellett 8692240f51
filter: add modes to disable incoming filters 2019-10-06 19:24:33 +01:00
Ed Kellett 649bda6d5d
filter: make the kill reason more honest 2019-10-06 19:24:32 +01:00
Ed Kellett d928bc7af3
filter: send the failure response only on PRIVMSG 2019-10-06 19:24:32 +01:00
Ed Kellett 744ac30804
filter: match in two passes, before and after stripping 2019-10-06 19:24:32 +01:00
Ed Kellett fccc6d5669
filter: move to extensions 2019-10-06 19:24:31 +01:00
Simon Arlott e52893db93
Fix GCC 8 compiler warnings 2019-09-15 10:57:53 +01:00
Janik Kleinhoff a0d1df9f38
extensions/drain: remove superfluous includes 2019-09-14 21:13:11 +01:00
Ed Kellett b674a619eb
Add extensions/drain 
This takes the simplest possible approach: load the module and you're in
drain mode.
 2019-09-14 21:13:11 +01:00
Ed Kellett ed3ca2ff16
Propagate OPER 
Move opername and privset storage to struct User, so it can exist for
remote opers.

On /oper and when bursting opers, send:

    :foo OPER opername privset

which sets foo's opername and privset. The contents of the privset on
remote servers come from the remote server's config, so the potential
for confusion exists if these do not match.

If an oper's privset does not exist on a server that sees it, it will
complain, but create a placeholder privset. If the privset is created by
a rehash, this will be reflected properly.

/privs is udpated to take an optional argument, the server to query, and
is now local by default:

    /privs [[nick_or_server] nick]
 2019-09-13 10:08:27 +01:00
Aaron Jones 95c84a44fd
Merge pull request #277 from edk0/helpops 
Fix various bugs in extensions/helpops
 2019-09-07 14:57:30 +00:00
Aaron Jones a9118e5b81
Merge pull request #278 from edk0/override 
Fix various bugs in extensions/override
 2019-09-07 14:26:01 +00:00
Ed Kellett dbeda234e6
override: always check oper:override 
It's possible to have the oper:override privilege removed by /grant.
/grant triggers an empty umode change event to allow privileged umodes
to be set or removed, so checking for oper:override on all umode changes
(and not just ones where +o or +p is changed) allows us to remove +p
when necessary.
 2019-09-07 15:06:39 +01:00
Ed Kellett 6637a54728
override: don't leak the old expiry timer list 2019-09-07 15:06:39 +01:00
Ed Kellett cc75db3f3f
override: start timers for +p clients on modinit 
Reloading override previously would have the effect of cancelling +p
expiry. With this change, reloading the module just refreshes the
timers, so expiry is delayed a bit rather than forgotten entirely.
 2019-09-07 15:06:39 +01:00
Ed Kellett 5339043003
helpops: remove +H if usermode:helpops is lost 2019-09-07 15:04:05 +01:00
Ed Kellett 0c5dd86cfc
helpops: handle the helper list properly on reload 
Free the whole list on unload rather than leaking it, and initialise it
to the list of people with +H on load.
 2019-09-07 15:04:05 +01:00
Ed Kellett 6c639159b0
helpops: fix umode handling 
construct_umodebuf() can change the char->flag mapping (to restore an
orphaned mode). I don't love the use of a fake constant, so I think the
cleanest solution here is just to index user_modes with a macro for the
umode letter.
 2019-09-07 15:04:05 +01:00
Ed Kellett ead77e93aa
override: move kick immunity to its own module 2019-09-07 14:53:21 +01:00
Simon Arlott 17809d2db7
librb: Fix type of dst for rb_inet_pton_sock() 2019-08-31 16:10:50 +01:00
Simon Arlott fe5fc851aa
gcc7 fixes: NICKLEN -> NAMELEN 
Use NAMELEN instead of NICKLEN when accessing Client->name because it
could in theory be a HOSTLEN length string.
 2018-01-19 23:26:20 +00:00