vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
3238 commits 2 branches 0 tags 40 MiB
Commit graph

366 commits

Author SHA1 Message Date
Simon Arlott d4214e9445
ircd: server connection configuration 
Fix the server connection configuration so that it can simultaneously
handle a hostname/IPv4/IPv6 for connecting and a hostname/IPv4/IPv6
for binding. Maintains backwards compatibility for matching a hostname
with a mask.

Multiple host/vhost entries can be specified and the last value for
each address family is stored. Hostnames that resolve automatically
overwrite the IP address.

Server connections can now be made to either IPv4 or IPv6 at random
as well as preferring a specific address family.
 2016-04-24 17:06:24 +01:00
Simon Arlott 65f43a4fc4
ircd: Don't try to connect to servers that we know have an invalid fingerprint 
This just causes an unnecessary link/squit on the other server.
 2016-04-24 11:49:21 +01:00
Simon Arlott 4fbb736202
ssld: add a callback when the connection is opened 
This allows us to wait until we have the fingerprint information before
continuing with a server connect process.
 2016-04-24 11:48:35 +01:00
Simon Arlott 5c317f1313
ircd: parse: add asserts for improper use of mod_add_cmd/mod_del_cmd 2016-04-23 23:56:41 +01:00
Simon Arlott e8de2bfaf0
modules: add missing break 2016-04-23 23:37:38 +01:00
Simon Arlott 558744e520
ircd: do nothing in client_release_connids if !MyConnect 2016-04-23 23:25:25 +01:00
Simon Arlott cc02bdf3a6
ircd: fix assert in client_release_connids 
The connection may have already been closed and MyConnect cleared.

It's only a bug if the connection somehow has connids but is not
our connection.
 2016-04-23 23:22:01 +01:00
Simon Arlott cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512 
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.

(The same fingerprint is also used by DANE)
 2016-04-23 22:51:05 +01:00
Simon Arlott 0ae7a89d78
ircd: sslproc: certfp commands have a 9 byte header, not 5 bytes 
SHA512 hashes were being ignored because the message was too large
 2016-04-23 20:52:20 +01:00
William Pitcock c6098ed357 client: fix up client_release_connids() too, pointed out by lp0 2016-04-23 14:26:01 -05:00
William Pitcock 5c63bfe8b1 client: connid_get() should check MyConnect(), not MyClient(). 2016-04-23 14:17:36 -05:00
Simon Arlott 84e3e445aa
mr_server: Report certificate fingerprint mismatches 
Log the received certificate fingerprint when it causes a server to be
rejected.
 2016-04-23 17:37:05 +01:00
Simon Arlott e7c4cf63bc
authproc: set GOT_ID flag when an ident response is received 2016-04-23 15:41:27 +01:00
staticfox 1729f46eab
authd: Avoid negative array indices 2016-04-22 23:06:42 -04:00
Elizabeth Myers 7445ece1d1
Revert "Implement the netsplit batch type." 
This needs more work, see
https://github.com/ircv3/ircv3-specifications/issues/253

This reverts commit 2373891299.
 2016-04-16 11:05:00 -05:00
Elizabeth Myers 2373891299
Implement the netsplit batch type. 
This also lays the groundwork for the netjoin batch type, but that isn't
implemented yet. I don't like how some of this is implemented but it'll
have to do for now...

Compile tested, needs more testing.
 2016-04-15 16:50:43 -05:00
Elizabeth Myers 4f2b9a4fd1
Don't use key member of dictionary iter objects after deletion 2016-04-12 09:43:50 -05:00
Elizabeth Myers 9e5c31ea0d
authproc: fix a typo 2016-04-12 09:37:56 -05:00
Elizabeth Myers 5e9a3f8674
Change the way authd configures opm 
It's a bit of a hack, but better than before. Rather than rehashing
(which could get us into an endless loop), we now segregate the
configuration phase (creating entries ircd-side in case we restart authd
later) and sending phases (when configure_authd() is called). Since we
have to call configure_authd() no matter what (to send timeouts etc.)
and we have to send this data to configure authd anyway, and sending
duplicate data is bad, this is the only way I can think of for now.
 2016-04-12 09:36:09 -05:00
Elizabeth Myers ed5e1d1e41 send: trim a blank line [ci skip] 2016-04-11 11:52:01 -05:00
Elizabeth Myers 7a21fb5b34 s_user: clean up authd checks 2016-04-10 10:02:33 -05:00
Elizabeth Myers 2a104d6641 s_user: enhancements to proxy reporting messages 2016-04-10 09:35:02 -05:00
Elizabeth Myers d19aab3375 Fix stupid linux warning 2016-04-10 09:22:34 -05:00
Elizabeth Myers 154dc91ef0 Wrap up authd preclient stuff in its own struct 2016-04-10 09:20:51 -05:00
staticfox 02fa4362cd version.c.SH: Fix build 
We need stddef.h mainly for NULL
 2016-04-09 06:05:08 -04:00
Elizabeth Myers b14d2bd6ea Formatting fixes for credits 
Contributed from jackal^, but fixed up a bit.
 2016-04-09 04:55:57 -05:00
Elizabeth Myers 4eafa9e62f ipv4_from_ipv6: move to librb 2016-04-08 03:49:23 -05:00
Elizabeth Myers 66f7fe673b Get rid of flags2. 
It seems to come from an era where long long didn't exist and 64-bit
machines weren't common. 32-bit machines are still common but I can't
imagine this will have much performance impact there.

This "fixes" #179 in title only, but see comments within.
 2016-04-07 07:40:55 -05:00
Elizabeth Myers 9057170ce8 Cleanup defaults.h config file. 
Clean up spaces/tabs mixing mess (bleh), add some defaults for authd
stuff, and get rid of CHARYBDIS_SOMAXCONN (just define SOMAXCONN if it's
available...).
 2016-04-07 04:47:48 -05:00
Elizabeth Myers 0a87075b86 modules: fix up display names 2016-04-07 04:15:12 -05:00
Elizabeth Myers 78946542bb modules: move module loading/unloading commands to dedicated module. 
There's no reason to really have these in the main ircd anymore, static
modules are dead and aren't coming back.

To ensure people don't do something hopelessly retarded, this is a core
module.
 2016-04-07 04:00:25 -05:00
Elizabeth Myers 999c42bad8 Remove useless alias_entry hits member 2016-04-06 11:47:13 -05:00
Elizabeth Myers a19097baa4 ircd: load modules after conf files 
The alias module depends on this
 2016-04-06 07:43:45 -05:00
Elizabeth Myers b663a8070f Move alias handling into a dedicated module. 
Not yet tested, caveat emptor!

Closes #166
 2016-04-06 07:27:50 -05:00
Elizabeth Myers 2575a78b0e Add hook for when rehash is called. 
This will be used by the future alias module.
 2016-04-06 05:43:54 -05:00
Elizabeth Myers f956cb0f1f Use rb_* versions of nonportable string functions 2016-04-05 05:39:59 -05:00
Elizabeth Myers 731d128990 authd: rework module ID system 
Provider ID's are now assigned dynamically at load-time. To accomodate
this, there is now a lookup system for finding providers by name (all
providers have names as well).
 2016-04-05 04:31:22 -05:00
Elizabeth Myers 3256156aca Announce changed capabilities on module load 
Closes #165
 2016-04-04 02:30:35 -05:00
staticfox 5eb3d7a7c0 modules: Revert mapi_register() to use ints 
modinit() returns either 0 (success) or -1 (failure) so we
can't check for true/false.
 2016-04-03 20:14:36 -04:00
Elizabeth Myers c0483ac17b boolify calls to rehash 2016-04-03 01:53:34 -05:00
Elizabeth Myers aa483e55bd bool-ify modules stuff 2016-04-03 01:51:45 -05:00
Elizabeth Myers 6603175304 Clean up module loading a bit. 2016-04-03 01:21:19 -05:00
Elizabeth Myers ffa79a9516 Use rb_dlink_list_length... == 0, not !rb_dlink_list_length 2016-04-02 22:45:52 -05:00
Elizabeth Myers 34bc7caeae Send enabling message to opm at the end of opm block. 2016-04-02 22:33:19 -05:00
Elizabeth Myers 5c5296c8f8 newconf: delete all proxies on rehash 2016-04-02 22:30:54 -05:00
Elizabeth Myers e2a8228f85 authproc: minor fixes 2016-04-02 20:31:32 -05:00
Elizabeth Myers 8d48aa190b dns: don't use zero ID's 2016-04-02 20:19:37 -05:00
Elizabeth Myers 1d657e0b08 authproc: rehash on authd restart 
This is a hack for now so it gets the config again.
 2016-04-02 20:10:56 -05:00
Elizabeth Myers 3d2fc110e3 authproc: add more API's for opm management 2016-04-02 19:45:27 -05:00
Elizabeth Myers c1f4db3fb7 Tweak some configuration semantics of opm 2016-04-02 19:45:09 -05:00
Elizabeth Myers d9364d2913 authproc: pad leading 0 for localhost IP's 
This avoids misparsing by rb's helper stuff..
 2016-04-02 19:29:16 -05:00
Elizabeth Myers eb0814b3cb opm: add support for HTTPS CONNECT proxies. 
TBD: do we need an SSL listener for these?
 2016-04-02 18:38:21 -05:00
Elizabeth Myers 64fae2607a Rename authd.[ch] on ircd side to authproc.[ch] to prevent shadowing. 2016-04-02 16:44:04 -05:00
Elizabeth Myers b0326abdc9 authd: warn on a bad command 2016-04-02 05:05:28 -05:00
Elizabeth Myers 6d0fafec99 authd: minor cleanups 2016-04-02 04:51:11 -05:00
Elizabeth Myers ae0a058544 authd: clean up command handling with a table 2016-04-02 04:49:01 -05:00
Elizabeth Myers 61d1befa2a authd: fix race on the ircd side. 
The client may have already gone away, so if we can't find the local
cid, don't try to restart authd.
 2016-04-02 03:51:54 -05:00
Elizabeth Myers 6d5edc6f53 authd: when aborting, don't just do read_packet. 2016-04-02 03:46:31 -05:00
Elizabeth Myers 9bba0f6143 opm: add adjustable timeout values 2016-04-02 03:33:27 -05:00
William Pitcock 34b88b6571 ircd: conf: properly calculate the number of wsockd to start 2016-04-02 03:20:16 -05:00
Elizabeth Myers fabe8b94c5 Add HTTP CONNECT proxy scanning 2016-04-02 03:11:30 -05:00
William Pitcock bccb7dedef ircd: wsproc: cleanups 2016-04-02 03:10:01 -05:00
William Pitcock c53ca1e029 ircd: integrate ircd side of wsockd support 2016-04-02 02:56:22 -05:00
Elizabeth Myers fbe8d087e7 Add exempt logic for open proxies 2016-04-02 02:42:11 -05:00
Elizabeth Myers 51fa2ab8a3 opm: allow scanners to be configurable 2016-04-02 02:29:48 -05:00
Elizabeth Myers adfe7b8396 authd: small cleanup 2016-04-02 01:20:49 -05:00
Elizabeth Myers 6a7bb6f1df authd: more minor cleanups 2016-04-02 01:16:47 -05:00
Elizabeth Myers b1a577f224 ircd/authd: cleanups 2016-04-02 01:05:21 -05:00
Elizabeth Myers 8275e2700d Add opm stuff to default configs 2016-04-01 04:11:04 -05:00
Elizabeth Myers 34f16c467d authd: fix API boo boo 2016-04-01 02:56:03 -05:00
Elizabeth Myers 6da256dc93 authd: remove some whitespace 2016-04-01 02:44:50 -05:00
Elizabeth Myers 4f6119cd40 authd: add API for setting OPM listeners 2016-04-01 02:43:01 -05:00
Elizabeth Myers 7372553dd6 authd: fix compile error 2016-04-01 02:42:50 -05:00
Elizabeth Myers e158281056 authd: properly abort clients who timeout or when the helper restarts 2016-04-01 02:27:48 -05:00
Elizabeth Myers d86692fa44 Add new sockaddr_storage port retrieval/setting macros 
These macros are safe for use on IPv6 and clean up a lot of code.
 2016-03-31 03:00:29 -05:00
Elizabeth Myers bf3ecca24b ircd/listener: un-obsoleteify comments 2016-03-30 03:36:04 -05:00
Elizabeth Myers 4094d2fad5 Remove trailing whitespace from files. 2016-03-29 13:23:27 -05:00
Matt Ullman 2b535500f9 automake: Ensure ircd_parser.h is created 
Fixes random travis explosions
 2016-03-28 21:39:10 -04:00
Elizabeth Myers 7ad083b065 logger: add idebug 
This only does something if debugging is enabled.
 2016-03-28 19:06:31 -05:00
Elizabeth Myers bae7e637de ircd/authd: remove rb_free no longer needed. 2016-03-28 18:19:06 -05:00
Elizabeth Myers 0bb5d3f031 authd: this isn't a list dammit! 2016-03-28 18:13:57 -05:00
Elizabeth Myers 540ae37b96 authd: don't use wild pointer 2016-03-28 18:09:22 -05:00
Elizabeth Myers a6a30cc7b8 ircd/newconf: better IPv4 example 2016-03-28 17:55:54 -05:00
Elizabeth Myers 771dcfad37 newconf: add illustrative examples to comments 2016-03-28 17:54:01 -05:00
Elizabeth Myers 835d456c64 newconf: fix check for IPv6 address length 2016-03-28 17:47:13 -05:00
Elizabeth Myers 3fe0efd55a newconf: change an error to a warning 2016-03-28 17:45:35 -05:00
Elizabeth Myers 50808796e0 authd: It Works, Bitches™ 2016-03-28 16:47:51 -05:00
Elizabeth Myers a9b809c796 ircd_lexer: use correct variable here. 
ircd_paths[IRCD_PATH_ETC] is what's wanted, not IRCD_PATH_ETC.
 2016-03-28 14:58:26 -05:00
Elizabeth Myers 7b4d1de38d Merge branch 'master' into authd-framework 2016-03-28 14:44:47 -05:00
Elizabeth Myers ad04380360 ircd/authd: respect auth_disabled config option 2016-03-28 02:42:20 -05:00
Elizabeth Myers 59d42a9fcb ircd/authd: use proper timeout values for clients 2016-03-28 02:32:05 -05:00
Elizabeth Myers ef0b13b960 ircd/authd: timeout dead authd clients 2016-03-28 02:30:54 -05:00
Elizabeth Myers cc4d393152 ircd/authd: implement client noticing 2016-03-28 02:19:34 -05:00
Elizabeth Myers d3f6b80867 Replace s_auth/blacklist stuff with authd calls 
This also does a lot of surgery on the conf system to reconfigure authd.

/!\ WARNING! ACHTUNG! ADVERTENCIA! ATTENTION! AVVERTIMENTO! /!\
This code has not been run-time tested yet (though it compiles)!
 2016-03-28 02:11:16 -05:00
Matt Ullman 33d43d4fa4 ircd: Move signaled variables to volatile sig_atomic_t 2016-03-27 20:05:38 -04:00
Matt Ullman aa7eff28f2 hash.c: Save some more bytes 2016-03-27 06:29:10 -04:00
Elizabeth Myers 3f7039934f s_auth: remove trailing whitespace at end of usernames. 2016-03-26 19:21:16 -05:00
Elizabeth Myers 938f93f4bc ircd/authd: some comments 2016-03-26 16:44:41 -05:00
Matt Ullman de8b3b7174 sslproc: Remove unused variable 2016-03-26 16:41:36 -04:00
Elizabeth Myers 0a659bf0ab Port notice stuff over from authd-framework-2 and use it. 
This allows things like oper warnings from authd using the W message type
also.
 2016-03-25 21:58:32 -05:00