vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
2101 commits 2 branches 0 tags 40 MiB
Commit graph

2101 commits

This branch
This branch
All branches
Author SHA1 Message Date
Aaron Jones 3ae24413ca
Use new TLS method APIs with new LibreSSL 
OpenBSD 5.8 includes LibreSSL 2.2.2, which finally brings the API up to
what they claim it is by implementing the new TLS client and server
method APIs. Therefore, in furtherance of commits a4c8c827 and 1a4e224a
we can build with the new APIs if building against (real) OpenSSL 1.1.0
or LibreSSL 2.2.2.

Reported-by: Juuso Lapinlampi <wub@partyvan.eu>
 2015-10-23 16:05:33 +00:00
William Pitcock 172b58fee9 Merge pull request #106 from awilfox/master 
Fix MONITOR C
 2015-10-15 18:05:38 -05:00
Andrew Wilcox 7a40c9a5b4 monitor: don't use already-freed pointer, unlike the moronic atheme developers 2015-10-15 17:32:02 -05:00
Andrew Wilcox 5f8fb56d02 Revert "remove MONITOR for now pending a complete rewrite" 
This reverts commit 87fa262fec.
 2015-10-15 17:31:55 -05:00
William Pitcock 87fa262fec remove MONITOR for now pending a complete rewrite 2015-10-15 09:39:48 -05:00
William Pitcock d09bde15a1 monitor: additional cleanup pointed out by mr_flea 2015-10-11 19:32:31 -05:00
William Pitcock 7485e86073 monitor: additional cleanups, and add a missing free_monitor() in m_monitor 2015-10-11 19:11:01 -05:00
William Pitcock d5f856c68e monitor: fix the resource leak properly, unlike the moronic elemental-ircd developers 2015-10-11 18:48:53 -05:00
Jilles Tjoelker dd64bf8dad Fix build on glibc (no strlcpy). 2015-10-01 22:55:07 +02:00
Jilles Tjoelker 0e17ce0612 Use new info when sending away-notify after QJM. 2015-09-20 15:20:05 +02:00
Jilles Tjoelker b4a7304c94 s_conf: Split out a function. 2015-09-13 22:59:03 +02:00
Jilles Tjoelker df3de4e913 kqueue: Remove unnecessary cast. 2015-09-13 22:59:03 +02:00
Jilles Tjoelker 2125182293 Remove the unneeded username parameter to register_local_user(). 2015-09-13 22:59:03 +02:00
Jilles Tjoelker 83e5941c87 Check CIDR ban IP address for validity. 
Otherwise, we compare to uninitialized stack data. This is wrong but seems
harmless.

Closes #103
 2015-09-13 22:59:03 +02:00
William Pitcock 00fda7b7bd Merge pull request #101 from Elizafox/master 
Relocate report_Klines to proper home
 2015-08-08 18:41:32 -04:00
Elizabeth Myers 34c10ca8b7 Relocate report_Klines to proper home 
This function is not used anywhere else but m_stats, so should be put
there.
 2015-08-08 17:25:29 -05:00
Mantas Mikulėnas 61815bf932 Merge pull request #100 from Mkaysi/readme 
Update NEWS & README.md
 2015-07-14 12:50:37 +03:00
Mikaela Suomalainen 61f156ba67 Update NEWS & README.md 
* Point to irc.freenode.net instead of irc.atheme.org. I know that it's
  CNAME to chat, but I think it's preferable to use the irc. subdomain
  to make it clear that it's IRC.
* Point to GitHub issue tracker instead of bugs-meta.atheme.org that
  doesn't exist
* Remove mentioning of BUGS file and change README.FIRST to README.md as
  the first doesn't exist and I think they are the same file.
 2015-07-14 12:40:24 +03:00
William Pitcock 23e6a59007 Merge pull request #95 from jailbird777/master 
Spring cleaning redux
 2015-07-06 17:13:50 -05:00
William Pitcock 98c8a3e987 Merge pull request #89 from prgmrbill/add-channel-mode-s-help-cmode 
Adds extension channel modes to help/opers/cmode
 2015-07-06 17:13:12 -05:00
Aaron Jones 1a4e224a4e LibreSSL have far advanced OPENSSL_VERSION_NUMBER beyond the 
feature set they support (2.0 even!), deliberately breaking
backward compatibility. Therefore, in order to fix a regression
introduced by commit a4c8c827 with regard to LibreSSL's stupidity,
unconditionally use the old TLS API if building against LibreSSL.
 2015-06-25 13:57:07 +00:00
Aaron Jones cb266283f8 libratbox/openssl: Set explicit cipher list for the client context aswell 
This is in furtherance of commits 9799bea4 and 1f384464 and addresses
any potential vulnerability to LogJam <https://weakdh.org/>
 2015-05-20 16:41:34 +00:00
Aaron Jones c86f11da1c Fix regression introduced by previous commit 
I really shouldn't copy and paste code.
 2015-05-20 10:39:04 +00:00
Aaron Jones a4c8c82703 Tidy up OpenSSL options code, support new version-agnostic client and server APIs 2015-05-20 02:27:59 +00:00
Jail Bird 29c92cf95f Spring cleaning redux: 
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls

Thanks Jilles!
 2015-04-20 00:55:20 -05:00
Aaron Jones 32fb589528 Misc code cleanups 
* src/packet.c: Remove a dead store
* src/res.c: Remove a dead store
* src/sslproc.c: Remove a dead store
* src/sslproc.c: Don't call the same accessor twice

These silence some fairly harmless compiler warnings
 2015-03-27 23:07:20 +00:00
Aaron Jones cf3b152547 INFO: Be easier on human eyes 2015-03-26 14:47:36 -05:00
Aaron Jones c9b5cd623b Remove network_desc configuration option, never actually used anywhere 2015-03-26 14:46:54 -05:00
William Pitcock c7e38ca917 Merge pull request #92 from aaronmdjones/master 
Use accessor function for certificate fingerprint, allow fingerprint generation for chained unknown roots
 2015-03-24 12:31:24 -05:00
Aaron Jones 614502a63c Generate fingerprints for chained certificates with an unknown root 2015-03-24 05:25:38 +00:00
Aaron Jones d3806d0503 Use X509_digest() instead of memcpy() to obtain cert fingerprint 
This will continue to work even if the OpenSSL developers make the
X509* structure opaque, the current approach will not.
 2015-03-24 05:22:25 +00:00
William Pitcock 7dade6a811 cap: missed a spot on =sticky caps removal 2015-03-22 21:08:05 -05:00
William Pitcock c021aafd66 ircd manpage: remove references to ircd.conf(5) (closes #91) 2015-03-22 16:42:11 -05:00
William Pitcock a8b4d6d6b5 Merge pull request #90 from aaronmdjones/master 
Update ciphersuite string to prohibit RC4
 2015-03-22 16:36:04 -05:00
Aaron Jones 1f384464fa Update ciphersuite string to prohibit RC4 
This is in accordance with RFC 7465
<https://tools.ietf.org/html/rfc7465>

Also correct the key exchange mechanism strings; these should be
prefixed with 'k'.
 2015-03-22 06:14:39 +00:00
PrgmrBill bba82e6026 Updates format to match help/users/umode 
Instead of adding a new section I made it look like the example from help/users/umode.
 2015-03-17 16:39:25 -04:00
PrgmrBill 027c425c78 Adds a new section for extension channel modes 
Adds new section - "FROM EXTENSIONS". These channel modes may not be available if the related extension is not loaded.
 2015-03-17 15:19:14 -04:00
PrgmrBill 4e358381fb Wraps long lines + adds TLS 
- Fixes long line by wrapping
- Adds TLS as charybdis now has SSL_OP_NO_SSLv3
 2015-03-17 15:06:56 -04:00
PrgmrBill 0ab8263ff0 Adds SSL only channel mode 
Adds +S channel mode - Only users connected via SSL may join the channel while this mode is set. Users already in the channel are not affected.
 2015-03-17 14:57:55 -04:00
William Pitcock aaaf9faf1d cap: sasl is now enforced as sticky again 2015-03-10 08:21:46 -05:00
William Pitcock eafae32681 cap: chase ircv3.2 interpretation of sticky/ack-required caps (basically dropping support other than serverside enforcement of stickyness) 
change request @ ircv3/ircv3-specifications#122
 2015-03-10 08:21:10 -05:00
William Pitcock 27403553b5 Merge pull request #86 from rnjohnson18/patch-1 
Change example.conf to ircd.conf.example
 2015-03-08 19:22:49 -05:00
rnjohnson18 3514f17e98 Change example.conf to ircd.conf.example 2015-03-08 19:16:36 -05:00
William Pitcock 3b1e0380ce charybdis 3.5.0 rc1. 2015-03-08 15:26:31 -05:00
Mantas Mikulėnas 6fb9f21449 sasl: reformat the other messages consistently 2015-03-06 17:19:16 +02:00
Mantas Mikulėnas 1cae2411d7 sasl: adjust 'H' message following commit 7d33cce8ef 2015-03-06 17:18:54 +02:00
Jilles Tjoelker 9279ad6461 Fix some compiler warnings about signed/unsigned comparison. 2015-03-01 23:46:20 +01:00
Jilles Tjoelker 4f0d2b588b conf: Correct message when serverinfo::nicklen is set too low (<9). 2015-03-01 16:12:12 +01:00
Jilles Tjoelker dafbd7faba cap-notify: Fix possible crash on 64-bit systems. 
find_named_client() was called without a prototype and therefore the
pointer could be truncated.
 2015-03-01 15:00:52 +01:00
Jilles Tjoelker bed692ca0e send: sendto_local_clients_with_capability() needn't use serial 
sendto_local_clients_with_capability() sends to a subset of the list of
local clients and cannot visit the same client multiple times like
sendto_channel_flags() and sendto_common_channels_local() can.
 2015-03-01 14:55:57 +01:00