vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
2101 commits 2 branches 0 tags 40 MiB
Commit graph

2101 commits

This branch
This branch
All branches
Author SHA1 Message Date
Max Teufel bbce62d2aa m_cap: do not allow sasl CAP when the agent is offline 2015-03-01 03:30:19 -06:00
William Pitcock 9f09e25b63 charybdis 3.5.0-test1. 2015-03-01 01:09:34 -06:00
William Pitcock bb2a50509a config: further EGD removal 2015-03-01 01:06:58 -06:00
William Pitcock e861902fd9 libratbox: remove RB_PRNG_EGD in its entirety (closes #85) 2015-03-01 01:05:14 -06:00
William Pitcock 125652041b cap-notify: implement cap-notify for sasl service (closes #84) 2015-03-01 00:58:40 -06:00
William Pitcock 984d80c988 cap-notify: add sendto_local_clients_with_capability() (ref #84) 2015-03-01 00:44:34 -06:00
William Pitcock 13de708352 cap-notify: add cap-notify cap 2015-03-01 00:26:23 -06:00
William Pitcock 8f05076d50 sasl: making the sasl capability actually sticky seems incompatible with broken implementations, so we make it just a formality instead. 2015-03-01 00:22:50 -06:00
William Pitcock c23902ae00 sasl: fix null deref on remote client exit 2015-03-01 00:01:24 -06:00
William Pitcock 8bb9594bf3 sasl: ircv3 wg decided sasl capability should be sticky (ref ircv3/ircv3-specifications#103) 2015-02-28 01:12:25 -06:00
Max Teufel 1b54aa5c3b src/channel: add support for IRCv3.2 userhost-in-names 2015-02-28 01:06:38 -06:00
William Pitcock 6e3d57dc6b cap: remove SASL_REAUTH capability 2015-02-28 01:01:08 -06:00
William Pitcock 51535fcbce sasl: allow reauth without sasl-reauth capability (since it's being dropped) 2015-02-28 00:48:43 -06:00
William Pitcock 676032301e move README to markdown. 2015-02-24 20:32:08 -06:00
William Pitcock 74bae4c6ff remove references to LIBPATH (closes #26). 2015-02-24 20:25:34 -06:00
William Pitcock 654caa84fb ircd.conf.example: explain DH parameters size better (closes #68) 2015-02-18 12:36:00 -06:00
William Pitcock dd28e3f2a4 Merge pull request #82 from grawity/sasl-send-conn-info 
m_sasl: send information about the client connection
 2015-02-18 12:29:57 -06:00
William Pitcock 95cce5f358 Revert "m_invite: add support for CAP invite-notify" 
This reverts commit 93eb76cc32.
 2015-02-16 17:50:51 -06:00
William Pitcock 4cb0a93d25 libratbox/gnutls: call gnutls_rnd_refresh() to ensure our PRNG is initialized 2015-02-16 17:40:25 -06:00
William Pitcock cfa7b5fdb0 rebuild configure 2015-02-16 15:57:14 -06:00
William Pitcock 7585af0f3b configure: move some OS X toolchain checks around (closes #40) 2015-02-16 15:55:36 -06:00
Max Teufel 93eb76cc32 m_invite: add support for CAP invite-notify 
Specification:
<https://github.com/ircv3/ircv3-specifications/blob/master/extensions/invite-notify-3.2.md>
 2015-02-16 15:40:34 -06:00
William Pitcock c6bc97fdcd m_sasl: move some struct members around for sasl-reauth 2015-02-16 15:39:36 -06:00
William Pitcock 3a48406b55 cap: fix compile 2015-02-15 17:40:20 -06:00
William Pitcock ef3ab8e3a5 cap: allow clients to do sasl reauth if they requested sasl and sasl-reauth (ref ircv3/ircv3#103). 2015-02-15 17:11:28 -06:00
William Pitcock 0044d40050 cap: add notion of required dependency caps 2015-02-15 17:11:28 -06:00
William Pitcock ce14240a02 Merge pull request #83 from maxteufel/feature/saslserv_config_option 
m_sasl: add configuration option for the nick of the SASL agent
 2015-02-14 15:23:00 -06:00
Max Teufel 7d33cce8ef m_sasl: add configuration option for the nick of the SASL agent 
This allows multiple improvements to m_sasl. With this change, the SASL
authentication gets aborted immediately when services are offline.
Additionally, we send the SASL ENCAP messages directly to the specified
SASL agent.
 2015-02-14 20:31:25 +01:00
Jilles Tjoelker f51b72de97 Ignore duplicate USER and PASS. 
If SASL starts using USER/PASS for unregistered clients, this change stops
users from using one USER/PASS for SASL while using another for connecting.
 2015-02-13 23:07:02 +01:00
Mantas Mikulėnas a3fa9d81a2 m_sasl: send information about the client connection 2015-02-13 22:38:24 +02:00
William Pitcock 9299ce1371 Merge pull request #81 from attilamolnar/master+openssl 
openssl: Disable session tickets and session caching
 2015-02-09 14:59:56 -06:00
Attila Molnar 989652e7a8 openssl: Disable session caching 2015-02-09 21:19:09 +01:00
Attila Molnar 6b6a579925 openssl: Disable session tickets 2015-02-09 21:18:32 +01:00
William Pitcock bc75c3ae0e fix target list generation edge case where WALLCHOPS was requested alongside normal users if the source user was not a channel op. 
from ircd-hybrid r5457
 2015-02-09 11:16:06 -06:00
Jilles Tjoelker 22e4a9bc2b Merge branch 'master+sjoin-deadcode' of https://github.com/attilamolnar/charybdis 2015-01-30 17:54:13 +01:00
Attila Molnar 407094721c SJOIN: Remove some dead code 2015-01-30 14:42:08 +01:00
Jilles Tjoelker e9f86e320e introduce_client(): Remove redundant check for sockhost starting with colon. 
Other code (inet_ntop6() in libratbox/src/commio.c and
extensions/m_webirc.c) ensures the sockhost does not start with a colon.
Checking only here does not make sense.

Reported by:	Attila
 2015-01-25 22:11:16 +01:00
Jilles Tjoelker 3881a3ce5d Don't append a domain to names without dot from reverse lookup. 
Some code to append "domain" from /etc/resolv.conf to unqualified names (for
server connections) erroneously applied to names from reverse DNS lookups as
well.

The effect was that "domain" from /etc/resolv.conf was appended to
"localhost", even though the DNS server intended "localhost" to be a fully
qualified name.
 2015-01-16 23:23:56 +01:00
Aaron Jones 3c80b42532 Allow clients to have a resolved hostname of localhost 
I slightly changed the patch to match surrounding style.

(cherry picked from commit 0b06270fd6266c85d19e008efcd039605daf59d0)
 2015-01-16 21:38:42 +01:00
Jilles Tjoelker 74b2fb72db pretty_mask(): Stop temporarily modifying the passed mask entirely. 2015-01-15 23:45:02 +01:00
Jilles Tjoelker f4e893b515 pretty_mask(): Use explicit lengths instead of temporarily writing '\0'. 
This is slightly simpler and should fix Coverity warnings.
 2015-01-15 23:38:50 +01:00
Jilles Tjoelker 7db54a1f97 libratbox: Fix sizeof in two memsets. 
This fixes a compiler warning. The necessary fields of the struct sigevent
were initialized so there was no problem.

Submitted by:	Aaron (via IRC)
Reviewed by:	Attila
 2015-01-15 23:38:50 +01:00
Jilles Tjoelker 1c864688bb linebuf: Fix possible memory corruption when receiving many CR/LF. 
The last byte of balloc.c's block pointer could be changed from 10 or 13 to
0. On amd64, this is not possible. On i386, this is possible and usually
causes a crash soon.
 2014-11-05 21:42:35 +01:00
William Pitcock 5d4a99540b Merge pull request #73 from Argure/master 
Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-ca...
 2014-11-05 04:52:50 -06:00
William Pitcock 070d8da8eb Merge pull request #75 from attilamolnar/master+nullcharfix 
Fix sending null char after ERROR when the server is full
 2014-11-04 23:26:40 -06:00
Attila Molnar 76d82c19ad Fix sending null char after ERROR when the server is full 2014-11-04 21:57:37 +01:00
Patrick Godschalk d072eb2350 Explicitly drop SSLv3 connections (SSL_OP_NO_SSLv3) - might break TLS-capable clients that still depend on SSLv23 handshake 2014-10-26 13:15:30 +01:00
Jilles Tjoelker 2a17ae5483 ban: Fix build breakage. 
A normal 'make' did not rebuild m_ban.c even though dependencies had
changed.
 2014-09-21 18:28:24 +02:00
Jilles Tjoelker 36e50ccfa5 tools: Remove Hybrid 6 conversion tools. 
Hybrid 6 is old enough that the conversion tools can go away now.
They are for I and K lines; the ircd.conf converter was already removed.

This removes compiler/analyzer warnings about these tools.
 2014-09-21 18:20:39 +02:00
Jilles Tjoelker 624d779127 bandb: Don't apply empty ban list when bandb starts sending bans. 
When bandb sends the ban list, it first sends 'C', then all bans and
finally 'F'. Only when 'F' is sent is ircd supposed to apply the bans.
Because of a missing break, 'C' also did 'F', clearing the ircd active
permanent bans until bandb sent 'F'.

The effect is pretty limited because having bandb send the ban list via
/rehash bans is uncommon and most bans will be enforced when reset.
 2014-09-21 18:09:18 +02:00