ngIRCd relaxes its flood protection for users having the user mode "F" set
and allows them to rapidly send data to the daemon. This mode is only
settable by IRC Operators and can cause problems in the network -- so be
careful and only set it on "trusted" clients!
User mode "F" is used by Bahamut for this purpose, for example, see
<http://docs.dal.net/docs/modes.html#4.9>.
ngIRCd uses "command throttling" and "bps throttling" (bytes per second).
The states are detected in different functions, Conn_Handler() and
Read_Request(), but handle the actual "throttling" in a common function:
this enables us to guarantee consistent behavior and to disable throttling
for special connections in only one place, eventually.
Change all #define's to follow the form
#define DEBUG_xxx {0|1}
to disable (0, default) or enable (1) additional debug messages.
And somewhat enhance some DEBUG_BUFFER messages.
This partially reverts commit b130b35f4, "Update #include's: remove
unused and add missing ones", but fixes the following compiler and
analyzer warnings of Apple Xcode 5:
"Semantic issue: No previous prototype for function 'yyy'"
The "deheader" tool (<http://www.catb.org/~esr/deheader/>) has been
used to find unused #include directives as well as missing ones.
Tested on:
- A/UX 3.1.1
- ArchLinux (2014-03-17)
- Debian GNU/Hurd
- Debian GNU/Linux 6.0.9
- Debian GNU/Linux 7.4
- Fedora 20
- FreeBSD 9.2
- OpenBSD 4.8
- OpenBSD 5.1
- OS X 10.9
- Solaris 11
Fix the following two errors emitted by the Apple K&R C compiler
on Apple A/UX:
"./class.c", line 47: no automatic aggregate initialization
"./class.c", line 47: illegal lhs of assignment operator
"./conf.c", line 1052: syntax error
Tested on A/UX 3.1.1.
The cloaked IRC mask of a user is his visible mask, so the daemon has
to use it for generating the "one time" entries for the invite list of
the given channel.
Without this patch, ngIRCd records the real IRC mask which will never
match while the target client is "+x", and even worse, will disclose
the real mask on "MODE #channel +I" commands :-/
Bug reported by Cahata on #ngircd, thanks!
This fixes commit 2e168c78 ("Return ISUPPORT(005) numerics on
'VERSION'") and make sure, that the 005 numerics are correctly
routed back to the sender.
Don't support "range marching" in our pattern matching code using
the "[...]" syntax, because [ and ] are valid characters in nick
names and one has to quote them currently using the "\" character,
which is quite unexpected. For example:
Nick "te[st" => "MODE #channel +b te\[st"
And remove quoting altogether, too, because "*" and "?" don't need
to be quoted because these characters are not allowed in IRC masks,
nicks, and hostnames.
Reported by "hifi" (Toni Spets) on IRC, thanks!
According to RFC 2812 3.2.3 "Channel mode message" and the examples
there, it looks like clients should use "MODE -k <key>" to unset channel
keys; and that's how other servers and services behave and do expect it.
(But please note that this is NOT the case for "MODE -l"!)
In the end, it doesn't make sense to specify a key when UNsetting it at
all, and different services behave diffrently when clients do not send
the currently set key to unset it - some ignore such calls, for example!
But this implementation is quite relaxed, it accepts any key when
unsetting channel mode "k" and even accepts no key at all. But the reply
will always include an "*" character for every "-k" parameter.
C99 states that vsnprintf() "returns the number of characters that
would have been printed if the n were unlimited"; but according to the
Linux manual page "glibc until 2.0.6 would return -1 when the output
was truncated" -- so we have to handle both cases ...
Test functions snprintf(), strlcpy(), strlcat(), vsnprintf() for
correctness, not only existance (which was quite useless, because
if they weren't available, the program could not have been linked
at all ...).
The new configuration variable "Network" is used to set the (completely
optional) "network name", to which this instance of the daemon belongs.
When set, this name is used in the ISUPPORT(005) numeric which is sent to
all clients connecting to the server after logging in.
Closes bug #165.
When DNS lookups are disabled, don't set the hostname received by the
WEBIRC command, but use the IP address instead.
Reported by Toni Spets <toni.spets@iki.fi>, thanks!
Closes bug #167.
At least AIX 4.3.3 and 5.1 have a broken implementation of getaddrinfo()
which doesn't handle "0" as numeric service correctly. This patch adds
a configure check for this case and changes all calling functions to only
use getaddrinfo() if it "works".
See <http://www.stacken.kth.se/lists/heimdal-discuss/2004-05/msg00059.html>
Increase the penalty for a command before checking its arguments. This
makes the handling more consistent and allow us to move more penalties to
Handle_Request().
This fixes the following error when compiling without zlib support:
irc.c: In function ‘Option_String’:
irc.c:487: error: ‘options’ undeclared (first use in this function)
Reported by "der_baer" on #ngircd.
FreeBSD prior to 10.0 does not automatically stir on fork(). Same with
current NetBSD. If arc4random_stir() is present assume is needed and
call it instead of srand().
This fixes the following warning on OpenBSD 5.3:
ngircd.o(.text+0xeb4): In function `main':
src/ngircd/ngircd.c:300: warning: strcat() is almost always misused,
please use strlcat()
Thanks to Götz Hoffart for reporting this!
Kill all clients that match a new GLINE/KLINE mask and genrate apropriate
KILL commands. These KILL commands can be superfluous, but are required
when the IRC Operator isn't allowd to set remote G-Lines or if there are
older servers in the network that don't kill clients on GLINE/KLINE.
Closes bug #156.
The old local function Kill_Nick() in irc.c has been an ugly hack. This
patch implements a generic function for killing clients.
Adjust all callers of Kill_Nick() and respect the return code!
Now invalid prefixes aren't logged no more when originating from an other
server (besides in debug mode), and spoofed prefixes are correctly logged
using LOG_WARNING (from an other server) or LOG_ERR (from a client) levels.
In addition, the log message texts have been adjusted to better reflect
what will happen: commands with invalid prefixes are ignored and logged,
commands with spoofed prefixes will result in the client being disconncted
(regular users) or the command being ignored (other servers).
This cleans up logging of commands related to already KILL'ed clients.
All places where Client_OperByMe() is used can either be converted to
Client_HasMode(Client, 'o') or Op_Check().
And Op_Check() itself can use the connection handle for deciding whether
the IRC Operator is a local user or not.
* alex/bug162-SSLCipherList:
Cipher list selection for GnuTLS
ConnSSL_Init_SSL(): correctly set CONN_SSL flag
Cipher list selection for OpenSSL
ConnSSL_InitLibrary(): Code cleanup
In some error cases conn_id will be left as SERVER_WAIT and
subsequently ignored in Check_Servers(). Ensure conn_id is set to
NONE before returning from New_Server() if we couldn't establish
the connection.
Prompted by a report from gabrielgi-at-gmail-dot-com.
Without this patch, ngIRCd ignores SSL-related messages and continues
to start up but only listens on plain text communication ports -- and
this most probably isn't what the administrator wanted ...
Closes bug #163.
This patch introduces the possibility to arbitrarily select ciphers which
should be promoted resp. declined when establishing a SSL connection
with a client by implementing the new configuration option "CipherList".
By default, OpenSSL would accept low and medium strength and RC-4 ciphers,
which nowadays are known to be broken.
This patch only implements the feature for OpenSSL. A GnuTLS counterpart
has to be implemented in another patch ...
Original patch by Bastian <bastian-ngircd@t6l.de>.
Closes bug #162.
As per RFC whois should return 431 if no nick is provided. While
here convert upper check to use irc-macros. As a bonus we get to set
the penalty for free.
The configuration option "AllowedChannelTypes" must only be enforced for
regular clients and not for remote servers. Channels created by other
servres are always allowed, because they already exist and the daemon
must stay in sync with the network.
Without this patch, ngIRCd logged the "IDENT lookup for connection X:
no result"-message even when IDENT lookups have been disabled using the
"Ident = no" configuration option, which is a little bit misleading.
Reported by "btwe" in #ngircd.
This patch introduces a new field in the CLIENT structure, "ipa_text",
which points to an optional textual representation of the client IP
address (or NULL) which can be used to store the "real" IP address
information of a client using the "WEBIRC" protocol.
Without this patch, ngIRCd ignored the <ip-address> paramater ...
In addition, the functions Client_SetIPAText() and Client_IPAText()
have been introduced to set and get the textual representation of the
client IP address.
Client_IPAText() can be used even when no "IP address text" has been
set before, it then returns the real IP address of the connection.
Closes bug #159.
The new configuration option "DefaultUserModes" lists user modes that
become automatically set on new local clients right after login.
Please note that only modes can be set that the client could set on
itself, you can't set "a" (away) or "o" (IRC Op), for example! User
modes "i" (invisible) or "x" (cloaked) etc. are "interesting", though.
Default: set no modes (like without this patch).
Closes bug #160.
There have been code paths that ignored the return code of Handle_Write()
when sending "notice auth" messages to new clients connecting to the
server. But because Handle_Write() would have closed the client connection
again if an error occurred, this would have resulted in new errors and
assert()'s later on that could have crashed the server (denial of service).
Only setups having the configuration option "NoticeAuth" enabled are
affected, which is not the default.
CVE-2013-5580.
Channel_Modes() and Channel_Topic() return static memory that is zeroed at
creation time. Fix checking for empty modes and topic so they're propagated
correctly.
This function is used to send "error messages", including numerics,
back to clients and to automatically enforce a 2 second penalty. With
this patch, all error results enforces a delay for the client.
All callers of IRC_WriteStrClient(ERR_xxx) have been converted.
Please note that this patch prolongs the time "make check" needs
to complete its tests, because of lots of new enforced penalties ...
These functions usually write to more than one target, and therefore
can't return value indicating success or failure in a sane way. And, even
more omportant, these functions should send to as much as possible clients
and not stop at the first client which isn't reachable any more!
The new configuration variable "AllowedChannelTypes" lists all allowed
channel types (channel prefixes) for newly created channels on the local
server. By default, all supported channel types are allowed.
If set to the empty string, local clients can't create new channels at
all, which equals the old "PredefChannelsOnly = yes" setting.
This patch deprecates the "PredefChannelsOnly" variable, too, but it is
still supported and translated to the apropriate "AllowedChannelTypes"
setting. When "PredefChannelsOnly" is processed, a warning message is
logged.
Closes bug #152.
Move Announce_User() to client.c and rename it to Client_Announce().
Use this in cb_introduceClient() instead of duplicating the code.
This fix the certificate fingerprint announcement for new clients.
Also ensure the certificate fingerprint is only announced if the
client supports it (`M' flag).
This patch changes the handlers of the "PASS", "NICK", "USER",
and "SERVICE" commands to enforce a 2 second penalty when an error
like "need more/other parameters" occurs.
More functions should follow, I think ...
Now "IncludeDir" defaults to "$SYSCONFDIR/ngircd.conf.d" instead
of no directory, but a missing directory is only reported as an
error if it has explicitely configured in the main configuration
file and simply ignored otherwise.
Therefore it is now possible not to touch the default (sample)
configuration file at all, and set all distribution and/or system
specific configuration options in "*.conf" files stored in
"$SYSCONFDIF/ngircd.conf.d/".
Thanks to "Elmasloco" for the idea!
The option "IncludeDir" in the [Options] section can be used
to specify a directory which can contain further configuration
files and configuration file snippets matching the pattern
"*.conf" that should be read in after the main configuration
file ("ngircd.conf" by default) has been parsed.
Closes bug #157.
This function reads in and parses a single configuration file.
Adjust all other functions to display the correct name of the
file being read in currently.
As pointed by Alex while strl{cat,cpy} take the full length
we need to leave space to ensure a proper mask is always created
so revert the removal of - N from my last change.
Change callers accordingly so they don't rely on a global buffer and
rename Mask to Pattern where it makes sense since some functions
where indeed receiving a pattern and not a mask.
Change Lists_CheckReason() to receive a buffer where the reason
will be stored and its length. Change callers accordingly.
Change Class_GetMemberReason() (and its callers) in a similar way
so it doesn't rely on a global buffer for the rejected reason.
Fix the cb_clientserver_ssl() callback function to not read in and store SSL
encrypted client data before the asynchronous DNS resolver sub-process has
finished: This could have resulted in discarding the resolved client hostname
and IDENT reply afterwards, because in some situations (timing dependent) the
NICK and USER commands could have already been read in from the client,
stored in the buffer, and been processed.
Thanks to Julian Brost for reporting the issue and testing, and to Federico
G. Schwindt <fgsch@lodoss.net> for helping to debug it!
* bug153-ServerMask:
Update irc-info.c to use irc-macros.h
Add new irc-macros.h to project
irc-info.c: add/streamline function documentation comments
irc-info: move static functions at the top of the file
Implement new function Client_SearchServer()
Conflicts:
src/ngircd/irc-info.c
Test if the user that it is to be kicked is on the channel before user
channel modes are tested. Otherwise assert( cl2chan != NULL ); in
line 742 would fail and stop the service.
This fixes the following warning using Apple LLVM version 4.2
(clang-425.0.24) on OS X:
src/ngircd/conn.c:157:9: Implicit conversion loses integer
precision: 'long' to 'int'
The "@" character isn't allowed in IRC usernames, because it is the
separator between user name and hostname in IRC masks:
<nickname>!<username>@<hostname>
This patch accepts user names including "@" characters, saves the
unmodified name for authentication but stores only the part in front
of the "@" character as "IRC user name". And the latter is how
ircd2.11, Bahamut, and irc-seven behave as well.
Closes bug #155.
* systemd:
ngircd.sock: explicitely bind to IPv4 and IPv6 addresses
Show address and port of sockets passed-in by systemd(8)
Check type of sockets passed-in by systemd(8)
Adjust severity levels of some log messages
New configuration option "IdleTimeout": exit daemon when idle
Implement support for systemd(8) "socket activation"
contrib/README: add more files
This patch makes sure that ngIRCd doesn't try to handle sockets of
unsupported types, for example of AF_INET6 sockets when ngIRCd isn't
compiled with support for IPv6 ...
This includes:
- move IRC_SetPenalty() at the beginning of the handler functions,
- use macros provided by irc-macros.h,
- code cleanup.
The main benefits of this patch are core size reduction, streamlined
structure of the handler functions, and enhanced functionality:
because of the _IRC_GET_TARGET_SERVER_OR_RETURN_() macro using the
Client_SearchServer() function, the target of the specific IRC command
can now be given server names, server mask, or the nickname of a user
connected to the server.
Closes bug #153.
This file prvides some macros for common tasks required by functions
implementing handlers for IRC commands:
* _IRC_ARGC_LE_OR_RETURN_
* _IRC_ARGC_GE_OR_RETURN_
* _IRC_GET_SENDER_OR_RETURN_
* _IRC_GET_TARGET_SERVER_OR_RETURN_
Add missing comments, streamline wording, and remove references to the
RFCs: this will be added to ./doc/Commands.txt with an other patch and
we want to avoid redundancy ...
Use the currently "displayed hostname" (which can be cloaked!) for
hostname matching, not the real one. In other words: don't display
all the cloaked users on a specific real hostname!
Thanks to DNS <dns@rbose.org> for reporting this issue.
This function returns the server structure of a client or a given "mask";
it is useful for implemention handlers for commands like "COMMAND *.net",
which should work on a server matching "*.net".
Please note that the local server is always returned when it matches the
mask, but besides that, the order is completely arbitrary.
This patch implements a new configuration option "IdleTimeout" in the
[Limits] section of the configuration file which can be used to set a
timeout (in seconds) after which the whole daemon will shutdown when no
more connections are left active after handling at least one client.
The default is 0, "never".
This can be useful for testing or when ngIRCd is started using "socket
activation" with systemd(8), for example.
This patch enables ngIRCd to work with listening sockets already
initialized and passed-in by systemd(8) and hereby to support on-demand
"socket activation".
systemd(8) uses two environment variables to pass information about the
sockets to ngIRCd, LISTEN_PID and LISTEN_FDS, and this mechanism only
kicks in when both variables are set. In all other cases, and therefore
in most installations out there, nothing changes at all.
Please note:
If socket activation is in effect, ngIRCd will not initialize any (other)
soeckets on its own! All sockets must be configured in the systemd(8)
socket unit configuration file in this case, see ./contrib/ngircd.socket
for example.
Probably it would be interesting to match passed-in sockets to configured
listening sockets and to initialize all the remaining ones not already
set up by systemd(8), but this is kept back for an other patch ...
See
- <http://0pointer.de/blog/projects/socket-activation.html>
- <http://0pointer.de/blog/projects/socket-activation2.html>
- <http://www.freedesktop.org/software/systemd/man/systemd.socket.html>
This patch introduces the new numeric 310(RPL_WHOISSERVICE) and enables
WHOIS to display information about IRC services. This numeric is used
for this purpose by InspIRCd, for example -- but as usual, other numerics
are in use, too, like 613 in UltimateIRCd ...
Please note that neither the Operator (+o) not the "bot status" (+B)
of an IRC service id displayed in the output.
Change suggested by Federico G. Schwindt <fgsch@lodoss.net>, Thanks.
This fixes the following warning, at least on OpenBSD 4.8:
irc-info.o(.text+0x2427): In function `IRC_WHO':
src/ngircd/irc-info.c:896: warning: strcpy() is almost always misused,
please use strlcpy()
Make sure that all log messages end with a correct punctuation mark.
The rules for formatting log messages are:
1. Add punctuation marks to all messages passed to the actual logging
functions like Log() and LogDebug().
2. Don't add any punctuation marks to messages that are stored in
variables for later use or are passed over the network.
3. IP addresses, DNS host names and IRC server names should be quoted.
4. Messages originating in the network should be quoted (at least if
they are "untrusted" or variable).
Most probably this patch doesn't fix all mistakes, but it should be a
good starting point ...
Now ngIRCd returns a more specific error message for numeric
ERR_NOTREGISTERED(451) when a regular user tries to use a command that
isn't allowed for users but for servers: ERR_NOTREGISTEREDSERVER(451).
Don't report ERR_NEEDMOREPARAMS(461) when a MDOE command with more modes
than nicknames is handled, as well as for channel limit and key changes
without specifying the limit or key parameters.
This is how a lot (all?) other IRC servers behave, including ircd2.11,
InspIRCd, and ircd-seven. And because of clients (tested with Textual and
mIRC) sending bogus MODE commands like "MODE -ooo nick", end-users got the
expected result as well as correct but misleading error messages ...
If ngIRCd is compiled using "strict mode", these errors are still reported.
Reported-by: Tim <tim@stackwatch.net>
This patch introduces the new function Conf_SSLInUse() to check when the
current server configuration requires the SSL subsystem to be initialized
and accounts incoming as well as outgoing connections -- so this fixes
commit bb20aeb9 ("Initialize SSL when needed only, and disable SSL on
errors") which only handled the inbound case ...
Tested-by: Brett Smith <brett@w3.org>
* bug145-ProvideHelp:
Use "${docdir}/Commands.txt" as help text file
Add a note that "help file" is updated on startup and REHASH only
Add doc/Commands.txt which should document all commands
Implement Help() function parsing and returning the help text
Document "HelpFile" in sample-ngircd.conf and ngircd.conf.5
Implement new configuration option "HelpFile"
IRC_HELP(): Code cleanup
Refactor Read_Motd() into Read_TextFile()
