Commit Graph

2029 Commits

Author SHA1 Message Date
Alexander Barton 131364def1 IRC_SetPenalty(): Code cleanup 2013-09-07 00:05:49 +02:00
Federico G. Schwindt bcb45da1b4 Add more penalty times
Ensure before every numeric 461 there is a call to IRC_SetPenalty().
2013-09-06 23:02:01 +01:00
Federico G. Schwindt 08f9d31d60 Rework check for number of parameters
Move most of the checks that return numeric 461 into Handle_Request().
2013-09-06 23:01:59 +01:00
Federico G. Schwindt 37609d6a4f Reorder checks
Move oper and Conf_MorePrivacy checks after checking the number of
parameters.
2013-09-05 17:31:57 +01:00
Federico G. Schwindt 33c2d5e4e2 Move the IRC_SetPenalty() call after the asserts 2013-09-05 17:31:57 +01:00
Federico G. Schwindt a98bbc8e0b Correct numeric returned by whois
As per RFC whois should return 431 if no nick is provided.  While
here convert upper check to use irc-macros. As a bonus we get to set
the penalty for free.
2013-09-05 17:31:56 +01:00
Federico G. Schwindt 9f74c0ff07 Minor cosmetic change
Add a define to indicate any client.  While I'm here use hex values
instead of decimal, it's somewhat clearer that they could be OR'ed
together.
2013-09-05 17:31:55 +01:00
Alexander Barton e3a2a6c44d getpid.sh: use /bin/pidof when available 2013-09-03 21:33:22 +02:00
Alexander Barton aad92ceafe Don't enforce channel types for other servers
The configuration option "AllowedChannelTypes" must only be enforced for
regular clients and not for remote servers. Channels created by other
servres are always allowed, because they already exist and the daemon
must stay in sync with the network.
2013-09-03 17:13:46 +02:00
Alexander Barton 4102e8fdfe Only log "IDENT ... no result" when IDENT was looked up
Without this patch, ngIRCd logged the "IDENT lookup for connection X:
no result"-message even when IDENT lookups have been disabled using the
"Ident = no" configuration option, which is a little bit misleading.

Reported by "btwe" in #ngircd.
2013-09-02 16:42:20 +02:00
Florian Westphal f8f8a9a041 ngircd: use setgid/setuid errno value in error path
Need to use saved errno value as strerror argument, else you
get bogus output ('success') in the log message.
2013-08-31 22:42:56 +02:00
Alexander Barton 04b947cdc3 Show connection flag "s" (SSL) in RPL_TRACE{LINK|SERVER}
Now you can check if a server-to-server link is SSL-encrypted or not
using the IRC "TRACE" command.

Idea by Götz Hoffart, thanks!
2013-08-31 14:15:24 +02:00
Federico G. Schwindt be2e611680 Change away to be allocated dynamically 2013-08-27 00:06:03 +01:00
Alexander Barton 41f75b6974 Ignore "operation not permitted" while dropping groups
Without this exception, you can't start ngIRCd as user any more,
it is analog to setting the user and group ID.
2013-08-27 00:41:36 +02:00
Florian Westphal e009ccbe66 ngircd: discard supplementary group ids on startup
The intention was to switch to JUST uid:gid, but setgid is not
sufficient.

Reported-by:  Michael Scherer <misc@zarb.org>
2013-08-27 00:19:31 +02:00
Alexander Barton 44698e44e8 Merge branch 'bug159-WebircIPA'
* bug159-WebircIPA:
  Introduce Free_Client() function to free CLIENT structure
  Save client IP address text for "WebIRC" users
2013-08-26 23:22:20 +02:00
Alexander Barton 0ff33777fe Introduce Free_Client() function to free CLIENT structure 2013-08-26 22:55:00 +02:00
Alexander Barton 1dc93286a0 Save client IP address text for "WebIRC" users
This patch introduces a new field in the CLIENT structure, "ipa_text",
which points to an optional textual representation of the client IP
address (or NULL) which can be used to store the "real" IP address
information of a client using the "WEBIRC" protocol.

Without this patch, ngIRCd ignored the <ip-address> paramater ...

In addition, the functions Client_SetIPAText() and Client_IPAText()
have been introduced to set and get the textual representation of the
client IP address.

Client_IPAText() can be used even when no "IP address text" has been
set before, it then returns the real IP address of the connection.

Closes bug #159.
2013-08-26 22:54:00 +02:00
Alexander Barton 2bacb8210b Implement new configuration option "DefaultUserModes"
The new configuration option "DefaultUserModes" lists user modes that
become automatically set on new local clients right after login.

Please note that only modes can be set that the client could set on
itself, you can't set "a" (away) or "o" (IRC Op), for example! User
modes "i" (invisible) or "x" (cloaked) etc. are "interesting", though.

Default: set no modes (like without this patch).

Closes bug #160.
2013-08-26 21:17:10 +02:00
Federico G. Schwindt 3b65f4e38d Change strdup() to strndup() 2013-08-26 12:18:46 +01:00
Federico G. Schwindt 6ac5a82eec private strndup() implementation in case libc does not provide it 2013-08-26 10:47:04 +01:00
Federico G. Schwindt 8d01be7bbd Silence warning
Cast the result of the operation to long, not the time(NULL) call.
On systems where sizeof(time_t) is other than long this will produce
a warning.
2013-08-25 05:24:11 +01:00
Federico G. Schwindt eb86d234f8 Plug memory leak 2013-08-25 05:24:11 +01:00
Federico G. Schwindt 3af0ece2bc Implement account login support
This is done via the `accountname' METADATA command and used to
automatically identify users after netsplits or across service
restarts.
2013-08-25 05:24:08 +01:00
Federico G. Schwindt a9ffbdea3f Fix spelling 2013-08-24 17:51:44 +01:00
Alexander Barton 309122017e Correctly handle return code of Handle_Write()
There have been code paths that ignored the return code of Handle_Write()
when sending "notice auth" messages to new clients connecting to the
server. But because Handle_Write() would have closed the client connection
again if an error occurred, this would have resulted in new errors and
assert()'s later on that could have crashed the server (denial of service).

Only setups having the configuration option "NoticeAuth" enabled are
affected, which is not the default.

CVE-2013-5580.
2013-08-23 21:40:51 +02:00
Alexander Barton 8f530eb315 Enhance log messages on "recursive" connection errors 2013-08-21 01:16:16 +02:00
Alexander Barton d56341c77b Add some assert() calls to ng_ipaddr library 2013-08-21 00:23:47 +02:00
Alexander Barton c8b12af1d2 Merge branch 'ssl-log-messages'
* ssl-log-messages:
  Make SSL-related log messages more readable
  ConnSSL_HandleError: Code cleanup, more documentation
2013-08-17 22:05:59 +02:00
Alexander Barton a919e02ba1 Make SSL-related log messages more readable
- Don't use internal function names but describe the error.
 - Streamline wording, use "SSL" for SSL and TLS.
 - Streamline punctuation.
2013-08-14 10:56:09 +02:00
Federico G. Schwindt b081cfb628 Use _IRC_ARGC_BETWEEN_OR_RETURN_ when possible 2013-08-14 00:07:12 +01:00
Alexander Barton dd4c60cf39 ConnSSL_HandleError: Code cleanup, more documentation 2013-08-13 00:09:04 +02:00
Alexander Barton 4828bae8d3 Change log level of "SSL connection shutting down" 2013-08-12 00:02:40 +02:00
Federico G. Schwindt cd38e9580e Fix 2 bugs introduced in 74514b8c23
Channel_Modes() and Channel_Topic() return static memory that is zeroed at
creation time. Fix checking for empty modes and topic so they're propagated
correctly.
2013-08-11 20:57:11 +01:00
Alexander Barton 298158501d IRC_SERVER(): Code cleanup 2013-08-07 00:13:08 +02:00
Alexander Barton 904c8a4375 Introduce new function IRC_WriteErrClient()
This function is used to send "error messages", including numerics,
back to clients and to automatically enforce a 2 second penalty. With
this patch, all error results enforces a delay for the client.

All callers of IRC_WriteStrClient(ERR_xxx) have been converted.

Please note that this patch prolongs the time "make check" needs
to complete its tests, because of lots of new enforced penalties ...
2013-08-07 00:10:50 +02:00
Alexander Barton b86e33ef49 irc-macros.h: Update copyright, don't forget contributors! 2013-08-06 23:36:16 +02:00
Alexander Barton 0a3d8d60d3 irc-write.c: Clean up code and add more documentation comments 2013-08-06 23:21:48 +02:00
Alexander Barton 08d49a8fa0 Fix return code of some IRC_WriteXXX() functions
These functions usually write to more than one target, and therefore
can't return value indicating success or failure in a sane way. And, even
more omportant, these functions should send to as much as possible clients
and not stop at the first client which isn't reachable any more!
2013-08-06 23:18:57 +02:00
Alexander Barton 8f5cbe51a7 Streamline punctuation of log messages
See commit d38d153f for details.
2013-08-06 21:34:32 +02:00
Federico G. Schwindt 7db8481500 Inline who_flags_status 2013-08-05 11:05:12 +01:00
Federico G. Schwindt 74514b8c23 Convert more code to use Channel_HasMode 2013-08-04 21:16:03 +01:00
Federico G. Schwindt c74115f25c Simplify mode checking on channels and users within a channel
Add Channel_HasMode() and Channel_UserHasMode() and use it where
possible.
2013-08-04 18:28:04 +01:00
Federico G. Schwindt 672a167963 Use Client_HasMode and Client_HasFlag where appropriate 2013-08-04 17:25:24 +01:00
Alexander Barton 139f5961a0 Merge branch 'bug152-AllowedChannelTypes'
* bug152-AllowedChannelTypes:
  Implement new configuration option "AllowedChannelTypes"
  Introduce "CHANTYPES" #define
2013-08-04 14:11:12 +02:00
Alexander Barton 5258fb7f7c Implement new configuration option "AllowedChannelTypes"
The new configuration variable "AllowedChannelTypes" lists all allowed
channel types (channel prefixes) for newly created channels on the local
server. By default, all supported channel types are allowed.

If set to the empty string, local clients can't create new channels at
all, which equals the old "PredefChannelsOnly = yes" setting.

This patch deprecates the "PredefChannelsOnly" variable, too, but it is
still supported and translated to the apropriate "AllowedChannelTypes"
setting. When "PredefChannelsOnly" is processed, a warning message is
logged.

Closes bug #152.
2013-08-04 14:10:12 +02:00
Federico G. Schwindt 15dfdaac82 More spelling fixes
Remove superflous comments, mostly in German. Fix spelling and
use american variants for consistency.
2013-08-04 12:45:11 +01:00
Federico G. Schwindt bb8d207efa Change cloaked hostname to be malloc'd on demand
This shaves a few bytes when cloaked hostnames are not used and
restricts the cloakhost announcement iif there is something to
send.
2013-08-04 10:15:11 +01:00
Federico G. Schwindt e03d8eb728 Add Client_HasFlag() to check if a client has certain flag 2013-08-04 04:00:34 +01:00
Federico G. Schwindt a95d3e05e7 Fix spelling 2013-08-04 03:15:27 +01:00