1
0
mirror of https://github.com/osmarks/ngircd.git synced 2024-12-14 02:40:27 +00:00
Commit Graph

2339 Commits

Author SHA1 Message Date
Alexander Barton
79a917f954 Set the "last data" time to "last ping" time when updating the latter
This is required because the PING can be received quite a bit earlier
than it is actually handled, for example during "server burst" or other
heavy operations:
So the times won't match and PING-PONG logic would become garbled,
because we test for "last ping > last data" to determine if a PING
already was sent or not.
2020-05-03 03:15:38 +02:00
Johann Hartwig Hauschild
11ea6a5070 updating testsuite to support ssl-tests 2020-04-25 00:04:38 +02:00
michi
ab62dd27dc Remove legacy configuration options
Remove legacy configuration options and related functions that have
been marked for removal for some time:

- PredefChannelsOnly (v22)
- NoticeAuth (v24)
- NoXXX (v19)
- Old '[GLOBAL]' section handling (v19)
2020-04-20 00:20:50 +02:00
michi
c6e3c13f27 Increase read buffer size for server connections
This applies the same logic we have for write buffers to distinguish
between server and client connections and sets the maximum buffer size
accordingly. As a result peering with servers with many GLINE/KLINEs
does not kill the connecting server connection anymore.
2020-04-20 00:20:46 +02:00
michi
04de1423eb Fix recursion bug on write error
Depending on the stack size, too many clients on the same channel
quitting at the same time would trigger a crash due to too many
recursive calls to Conn_Close().
2020-04-20 00:20:46 +02:00
michi
13b8324c4a Fix hostmask cloaking bug for IPv6 too 2020-04-20 00:20:46 +02:00
michi
f27827d793 Unbreak GCC 10 (-fno-common) build 2020-04-20 00:20:46 +02:00
Hilko Bengen
86f3c563d6 GnuTLS: Eliminate memory leaks for DH parameters, priorities cache
The DH parameters reference has to be stored next to the x509_cred
which holds a reference to it.
2020-04-19 21:20:43 +02:00
Hilko Bengen
eead4a631f Add support for GnuTLS certificate reload
This requires keeping track of currently active certificates, so those
are stored separately, along with a reference counter, and discarded
when they are no longer in use.
2020-04-17 17:34:12 +02:00
Alexander Barton
3aa1d880fe Add deprecation warnings for "Key" and "MaxUsers" in [Channel] 2020-03-29 22:31:18 +02:00
Alexander Barton
ba3b22b851 Test suite: Test multiple "Modes" lines in [Channel] sections 2020-03-29 01:16:37 +01:00
Alexander Barton
4d519cfdbf Predefined channles: Fix handling of legacy configuration options
Fix the handling of legacy "Key" and "MaxUsers" [Channel] settings:

- Activate them before evaluating the "Modes" parameter, to allow the
  latter to override those legacy options.
- Enforce setting the respective +k/+l mode(s) to support the legacy
  "Mode = kl" notation, which was valid but is an invalid MODE string:
  key and limit are missing! So set them manually when "k" or "l" are
  detected in the first MODE parameter.
- Sort modes +kl alphabetically, adjust test suite accordingly.
2020-03-29 00:45:59 +01:00
Alexander Barton
fed22184c5 Enhance logging while setting up predefined channels 2020-03-29 00:30:36 +01:00
michi
a3072ce698 Allow multiple "Modes =" lines per [Channel] section 2020-03-29 00:29:50 +01:00
michi
decf98d5ef Evaluate initial channel modes
Allow setting arbitrary channel modes in the config file.

Closes #55.
2020-03-28 23:47:21 +01:00
Alexander Barton
3f7caff630 Add "FNC" (forced nick changes) to ISUPPORT(005) numeric
Most probably this doesn't make any difference to any client, but it
seems correct. See <http://www.irc.org/tech_docs/005.html> for details.
2020-03-22 14:07:32 +01:00
Alexander Barton
8d173a3328 Fix memory leak in portabtest Check_strtok_r()
Fix the following Clang "LeakSanitizer" error (which isn't quite
relevant in this test program, but anyway):

  ERROR: LeakSanitizer: detected memory leaks

  Direct leak of 7 byte(s) in 1 object(s) allocated from:
      #0 0x7f8c4d022810 in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
      #1 0x5601a801491a in Check_strtok_r (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x291a)
      #2 0x5601a8014d77 in main (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x2d77)
      #3 0x7f8c4c69009a in __libc_start_main ../csu/libc-start.c:308

  SUMMARY: AddressSanitizer: 7 byte(s) leaked in 1 allocation(s).
  FAIL: portabtest
2020-02-15 14:56:07 +01:00
michi
e7cb9b1a00 Reuse old SSL key if loading a new one failed 2020-02-15 14:47:20 +01:00
Alexander Barton
f5fa7db4ba 2020! 2020-01-21 22:02:40 +01:00
Alexander Barton
22cae1b5fc Enhance handling of command line errors, and "--help" & "--version"
Return with exit code 0 ("no error") when "--help" or "--version" was
used (this resulted in exit code 1, "error" before).

And exit with code 2 ("command line error") for all invalid command
line options, and show the error message on stderr (message was printed
to stdout before, and exit code was 1, "generic error").

This new behaviour is more in line with the GNU "coding standards",
see <https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html>.
2019-12-31 16:34:23 +01:00
Alexander Barton
de1de40551 Log received signals (using strsignal(3), when available) 2019-11-10 21:12:43 +01:00
Alexander Barton
4169cb25e6 Make test suite compatible with Haiku 2019-11-03 15:15:59 +01:00
JRMU
147e424d98 Fix hostmask cloaking bug, don't cloak multiple times
Previously, each server would cloak every user's hostmask. The problem
is that if a network has more than one server, then a user's hostmask
would get cloaked twice. This patch ensures that a server only cloaks
the hostmask if it has not yet been cloaked (the period indicates it's
still an IP address).

Closes #228.
2019-09-09 15:30:44 +02:00
Alexander Barton
e954b59d41 Fix some typos (documentation files, ngircd.conf manual page, ...)
Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph
Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!
2019-07-21 16:23:07 +02:00
Alexander Barton
2c495a1fe7 Enlage buffers of info texts to 128 bytes.
This includes:
- "Real name" of a client (4th filed of the USER command).
- Server info text ("Info" configuration option).
- Admin info texts and email address ("AdminInfo1", "AdminInfo2" and
  "AdminEmail" configuration options).
- Network name ("Network" configuration option).

The limit was 64 bytes before ...

Closes #258.
2019-06-29 16:13:16 +02:00
Alexander Barton
f8002057f2 Streamline handling of invalid and unset server name
Don't exit during runtime (REHASH command, HUP signal), because the
server name can't be changed in this case anyway and the new invalid
name will be ignored.
2019-06-29 16:02:52 +02:00
Alexander Barton
bb1d014aba Slightly reoder startup steps, and enhance logging
- Show name of configuration file at the beginning of start up.
- Add a message when ngIRCd is ready, including its host name.
- Show name of configuration file on REHASH (SIGHUP), too.
- Change level of "done message" to NOTICE, like "starting" & "ready".
- Initialize IO functions before channels, connections, clients, ...
2019-06-29 16:00:53 +02:00
Alexander Barton
96bad2b861 2019! 2019-01-02 00:10:06 +01:00
Alexander Barton
456eea6f18
Implement new configuration option "MaxPenaltyTime" (#251)
This option configures the maximum penalty time increase in seconds, per
penalty event. Set to -1 for no limit (the default), 0 to disable
penalties altogether. ngIRCd doesn't use penalty increases higher than 2
seconds during normal operation, so values higher than 1 rarely make
sense.

Disabling (or reducing) penalties can greatly speed up "make check" runs
for example, see below, but are mostly a debugging feature and normally
not meant to be used on production systems!

Some example timings running "make check" from my macOS workstation:

- MaxPenaltyTime not set: 4:41,79s
- "MaxPenaltyTime = 1":   3:14,71s
- "MaxPenaltyTime = 0":     25,46s

Closes #249.
2018-11-28 14:13:09 +01:00
Rosen Penev
7690716e4f Fix compilation without deprecated OpenSSL APIs (#252) 2018-11-28 14:10:46 +01:00
Alexander Barton
c8162a80be Fix some compiler warnings of Apple Xcode/Clang
For example:

* src/ngircd/irc-login.c:102:21: Implicit conversion loses integer
  precision: 'int' to 'char'

* src/ngircd/conn.c:1084:9: Implicit conversion turns floating-point
  number into integer: 'double' to 'bool'

* src/tool/tool.c:85:10: Implicit conversion loses integer precision:
  'int' to 'char'
2018-10-30 01:53:24 +01:00
Alexander Barton
e8e04b4c8f Fix typos/errors/... in file comments
Found by Xcode/Clang code analyzer. No functional changes.
2018-10-30 01:48:31 +01:00
ItsOnlyBinary
d0f9d3d92e Allow a 5th parameter in WEBIRC
According to an IRCv3 extension, the 5th parameter can be used for extra
flags that are fine to ignore for now, but limiting WEBIRC params to 4
causes a syntax error.

See https://github.com/ircv3/ircv3-ideas/issues/12 for more information.

This closes #247.
2018-10-07 23:33:27 +02:00
Alexander Barton
6af9476cad Initialize listening socket: Streamline error message 2018-04-01 02:19:08 +02:00
Alexander Barton
b4f7aae67e Correctly retry outgoing conenctions when forking a resolver failed
When ngIRCd failed to spawn a new resolver subprocess, the connection
structure was still marked as "SERVER_WAIT", and no new attempt to
connect to this server was made.

Thanks to Robert Obermeier for reporting this bug!

Closes #243.
2018-03-25 21:59:01 +02:00
Alexander Barton
798de94d65 Fix use-after-free while handling ERROR during client login
This patch fixes a "use after free" bug which is hit while processing
ERROR commands while a new client is logging into the server, which
leads to only the CLIENT structure becoming freed, but not the
CONNECTION structure, too. And this leads to the daemon accessing the
already freed CLIENT structure later on ...

So now IRC_ERROR() uses the correct function Conn_Close() to correctly
free both structures.

The CONNECTION structure is cleaned up later on, and the freed CLIENT
structure can't be overwritten during normal operations, therefore this
bug normally can't crash (DoS) the service -- but you can easily hit it
when using the GCC option "-fsanitize=address", or run ngIRCd with
Valgrind.

Thanks a lot to Joseph Bisch <joseph.bisch@gmail.com> for discovering
and reporting this issue!
2018-03-11 21:18:38 +01:00
Alexander Barton
ac341176da Only send TOPIC updates to a channel when the topic actually changed
This prevents the channel from becoming flooded by unecessary TOPIC
update messages, that can happen when IRC services try to enforce a
certain topic but which is already set (at least on the local server),
for example. Therefore still forward it to all servers, but don't inform
local clients (still update setter and timestamp information, though!)
2018-03-11 21:01:45 +01:00
Alexander Barton
13761f1ec9 Little code cleanups, better comments 2018-02-25 21:43:39 +01:00
Alexander Barton
03acae970d User mode "C": Allow messages from servers, services, and IRC Ops
Update user mode "C" handling ("Only users that share a channel are
allowed to send messages") to behave like user mode "b" ("block private
messages and notices") and therefore allow messages from servers, services,
and IRC Operators, too.

Change proposed by "wowaname" in #ngircd, thanks!
2018-02-25 03:22:05 +01:00
Alexander Barton
8f0c705029 portab/Makefile: Split list into separate lines 2018-02-25 03:17:21 +01:00
Alexander Barton
34bdb0d98a 2018! 2018-02-09 22:02:21 +01:00
Alexander Barton
7ed22d0b22 Fix compiler warning in ForwardLookup()
When compiling without "working getaddrinfo()", the "af" parameter of
ForwardLookup() is unused by that function. Mark it as such!

This prevents the following compiler warning:

  resolve.c:235:56: warning: unused parameter ‘af’
    [-Wunused-parameter]
2018-01-29 23:34:40 +01:00
Alexander Barton
d9f81ac669 Fix compiler warning in Option_String()
When compiling ngIRCd without support for SSL and without support for
ZLIB, gcc outputs the following warning:

  irc.c:493:9: warning: variable ‘options’ set but not used
    [-Wunused-but-set-variable]

Fix it by providing a dummy function in this case.
2018-01-29 23:32:06 +01:00
Alexander Barton
7207bef418 Fix Get_Error() usage, take II
This should fix the following compiler warning:

  resolve.c:113:1: warning: ‘Get_Error’ defined but not used
    [-Wunused-function]

Which can happen, because the logic of commit 543f44bf isn't sufficient:
Get_Error() is only used when neither HAVE_WORKING_GETADDRINFO nor
HAVE_GETNAMEINFO are set ...

Enhances 543f44bf.
Closes #241.
2018-01-29 23:30:53 +01:00
Alexander Barton
05640f9285 Allow IRC Ops and remote servers to KILL service clients (#242)
In the end, service clients behave like regular users, therefore IRC
operators and servers should be able to KILL them: for example to
resolve nick collisions.

This is related to #238.
2017-09-30 16:48:28 +02:00
James Lu
e009fc87d5 Don't forward KILLs to other servers if they've been blocked locally
This prevents clients from killing IRC services, for example.

Closes #238.
Closes #239.
2017-09-26 22:50:20 +02:00
Bernd Kuhls
543f44bff8 Fix Get_error usage
The usage of Get_Error is guarded by "ifdef h_errno" in this file, the
definition of this function should follow the same rules.

Fixes a build error when cross-compiling:
https://github.com/ngircd/ngircd/issues/223
2017-09-13 14:07:11 +02:00
Alexander Barton
879d550408 Fix handling of connection pool allocation and enlargement
The daemon only enlarged its connection pool when accepting new client
connections, not when establishing new outgoing server links.

Thanks to Lukas Braun (k00mi) for reporting this!

In addition this patch streamlines the connection pool allocation, so
that there is only one place in the code allocating the pool: the now
updated Socket2Index() function. The name doesn't quite fit, but this
existing and today quite useless function (because the mapping from
socket number to connection index is 1:1 today) already became called
in almost all relevant code paths, so I decided to reuse it to keep the
patch small ...probably we want to fix the naming in a second patch?

Closes #231.
2017-01-19 00:06:46 +01:00
Alexander Barton
2bb917f05a 2017! 2017-01-15 22:07:11 +01:00
Alexander Barton
02c8887543 Log privilege violations and failed OPER as "error" and to &server 2016-12-08 01:34:33 +01:00
Alexander Barton
77861f6fe2 Immediately shut down connection on receiving ERROR
Don't wait for the peer to close the connection. This allows us to
forward the ERROR mesage in the network, instead of the very generic
"client closed connection" message.
2016-12-08 01:01:40 +01:00
Alexander Barton
0dc3c13469 x-Line synchronization: Don't send negative durations 2016-12-08 00:22:05 +01:00
Alexander Barton
d0d4de4980 List expiration: use same log level as when setting
And log this event to the &SERVER channel, too.
2016-12-08 00:20:38 +01:00
Alexander Barton
85df414907 Remove leftover debug message. Oops! 2016-12-08 00:18:57 +01:00
Alexander Barton
f5ff22d98f G-LINES: Forbid remote modifications if "AllowRemoteOper" is not set
Explicitely forbid remote servers to modify "x-lines" (G-LINES) when the
"AllowRemoteOper" configuration option isn't set, even when the command
seems to originate from the remote server itself: this prevents GLINE's
to become set during server handshake in this case (what wouldn't be
possible during regular runtime when a remote IRC Op sends the command)
and what can't be undone by IRC Ops later on (because of the missing
"AllowRemoteOper" option) ...
2016-12-08 00:14:00 +01:00
Christoph Biedl
daa88b7651 Fix building ngIRCd with OpenSSL 1.1
At the moment, ngIRCd fails to build against OpenSSL 1.1 since the
configure check probes for the SSL_library_init symbol which was
removed, but probing for a different function availabe in both versions
solves that problem: SSL_new().

And as SSL_library_init is no longer needed, the patch boils down to
probing SSL_new to assert libssl is available, and disabling the
SSL_library_init invokation from OpenSSL 1.1 on, see also another
application[1] (NSCA-ng) that did pretty much the same.

Patch was compile-tested on both Debian jessie (OpenSSL 1.0.2) and
stretch (OpenSSL 1.1).

[1] <https://www.nsca-ng.org/cgi-bin/repository/nsca-ng/commit/?id=8afc22031ff174f02caad4afc83fa5dff2c29f8a>

(Patch by Christoph, commit message cherry-picked from the email thread
on the mailing list by Alex. Thanks!)
2016-12-05 23:51:07 +01:00
Alexander Barton
2924b3d52a gcc 6.2 warnings: fix code indentation
This fixes the following correct -Wmisleading-indentation warning
messages of gcc 6.2:

irc-write.c: In function ‘IRC_SendWallops’:
irc-write.c:521:4: warning: this ‘if’ clause does not guard...
irc-write.c:524:5: note: ...this statement, but the latter is
  misleadingly indented as if it is guarded by the ‘if’
irc-write.c:526:4: warning: this ‘if’ clause does not guard... []
irc-write.c:529:5: note: ...this statement, but the latter is
  misleadingly indented as if it is guarded by the ‘if’

irc-info.c: In function ‘IRC_STATS’:
irc-info.c:895:3: warning: this ‘else’ clause does not guard...
irc-info.c:897:4: note: ...this statement, but the latter is
  misleadingly indented as if it is guarded by the ‘else’

No functional changes, the code has been correct, but the indentation
was wrong ...
2016-12-05 23:33:12 +01:00
Alexander Barton
722afc1b81 Make sure that SYSCONFDIR is always set
This is useful when ./configure hasn't been run but some source code
linters are run in an editor, for example.
2016-07-22 19:01:04 +02:00
Christian Aistleitner
e84000f7b8 Add PAMServiceName setting to specify the used PAM configuration
This setting allows to run multiple ngIRCd instances with
PAM configurations on each instance.
If one sets it to "ngircd-foo", PAM will use `/etc/pam.d/ngircd-foo`
instead of the default `/etc/pam.d/ngircd`.
2016-06-05 23:48:29 +02:00
Alexander Barton
7dba1a0766 Send_Message: Fix handling of "empty" targets
Clients can specify multiple targets for the "PRIVMSG", "NOTICE", and
"SQUERY" commands, separated by commas (e. g. "PRIVMSG a,#b,c :text").

Since commit 49ab79d0 ("Limit the number of message targes, and suppress
duplicates"), ngIRCd crashed when the client sent the separator character
only as target(s), e. g. "," or ",,,," etc.!

This patch fixes the bug and adds a test case for this issue.

Thanks to Florian Westphal <fw@strlen.de> for spotting the issue!
2016-01-07 01:54:11 +01:00
Alexander Barton
6a5569c27d Update copyright notices for 2016 2016-01-04 22:43:58 +01:00
Alexander Barton
49ab79d0e6 Limit the number of message targes, and suppress duplicates
This prevents an user from flooding the server using commands like this:

  PRIVMSG nick1,nick1,nick1,...

Duplicate targets are suppressed silently (channels and clients).

In addition, the maximum number of targets per PRIVMSG/NOTICE/... command
are limited to MAX_HNDL_TARGETS (25). If there are more, the daemon sends
the new 407 (ERR_TOOMANYTARGETS_MSG) numeric, containing the first target
that hasn't been handled any more.

Closes #187.
2016-01-04 22:15:46 +01:00
Alexander Barton
cedba36965 Add "_MSG" postfix to ERR_WILDTOPLEVEL_MSG 2016-01-04 22:10:38 +01:00
Alexander Barton
7c7d03b730 Enahnce comments for Send_Message() and Send_Message_Mask()
No functional changes.
2016-01-04 20:45:49 +01:00
Alexander Barton
4693226d69 Get rid of unclever assert() in Send_Message_Mask()
Either we use assert() to _guarantee_ a certain condition, or we use
if(...) to test for it. But never both.

So get rid of the assert() in Send_Message_Mask() and handle the case
that the target mask doesn't contain a dot (".") as regular error,
don't require the caller to assure that any more.

This polishes commit 5a312824.

Please note:
The test in Send_Message() is still _required_ to detect whether the
target is a channel (no dot) or a "target mask" (at least one dot)!
2016-01-04 20:37:13 +01:00
Alexander Barton
afb59ab8e5 Test suite: Add new test for server-server logins
This test detects the recent NJOIN breakage, for example ...
2015-12-30 17:10:26 +01:00
Alexander Barton
d90f0323e5 Fix NJOIN handler killing all clients
This bug has been introduced by commit 1e386fb7ac which had
the logic reversed :-(

Reported by "ninguno" in #ngircd, thanks a lot!
2015-12-30 14:55:55 +01:00
Alexander Barton
1e386fb7ac Make NJOIN handler more fault-tolerant
Don't crash the daemon when the NJOIN handler can't join the new client
to a channel (when the Channel_Join() function failed) but try to KILL this
client -- which is the only possible reaction besides crashing: otherwise
the network would get out of sync.
2015-12-13 21:56:07 +01:00
Alexander Barton
52ccba5d1e IRC_KillClient(): Don't break when called without "Client"
The IRC_KillClient() function is documented to handle the case that the
"Client" structure is NULL, so make sure that this actually works and
can't crash the daemon.

Please note:
The current code doesn't make use of this feature, so this fix is
definitely the "right" thing to do but doesn't fix an actual problem.
2015-12-13 21:53:53 +01:00
Alexander Barton
98e9467c85 IRC_NJOIN(): Code cleanup
No functional changes.
2015-12-13 21:00:46 +01:00
Alexander Barton
398022631a Fix NJOIN not propagating "half ops" status
ngIRCd tested for the wrong prefix of "half ops" when processing NJOIN
commands and therefore never classified a remote user as "half op".

Thanks to wowaname for pointing this out on #ngircd!
2015-12-13 19:55:47 +01:00
Alexander Barton
d8aba40f07 Explicitly cast time_t to long when printing it out
This prevents wrong sizes data types on platforms where time_t doesn't
equal a long any more, for example on OpenBSD.
2015-11-15 15:14:12 +01:00
Alexander Barton
eb9929e82c Make server-to-server protocol more robust
Now ngIRCd catches more errors on the server-to-server (S2S) protocol
that could crash the daemon before. This hasn't been a real problem
because the IRC S2S protocol is "trusted" by design, but the behavior
is much better now.

Thanks to wowaname on #ngircd for pointing this out!
2015-09-03 16:22:36 +02:00
Christoph Biedl
ccc899c7f4 Reproducible builds
At the moment ngircd fails the tests for reproducible builds in Debian
since it uses the __DATE__ and __TIME__ macros for the INFO command.

Instead of patching this out I decided to implement an optional
constant BIRTHTIME that allows you to set a time stamp for the "Birth
Date" information, in seconds since the epoch, like in

    export CFLAGS += -DBIRTHTIME=$(shell date +%s --date="2015/08/15 23:42:22")

In the future, Debian will provide a SOURCE_DATE_EPOCH environment
variable, dealing with the situation until then will be my job.

The time format was taken from the NGIRCd_StartStr formatting in
ngircd.c so the "Birth Date" and "On-line since" lines in the INFO
output look similar:

    :irc.example.net 371 nick :ngIRCd 22.1-IDENT+IPv6+IRCPLUS+PAM+SSL+SYSLOG+ZLIB-x86_64/pc/linux-gnu
    :irc.example.net 371 nick :Birth Date: Tue Aug 25 2015 at 18:11:11 (CEST)
    :irc.example.net 371 nick :On-line since Tue Aug 25 2015 at 18:11:33 (CEST)
    :irc.example.net 374 nick :End of INFO list

The format of the time stamped is changed, but as far as I can tell, there's no
rule that is violated by that.

Bonus level: Reformat the messages so the time stamps are aligned.
2015-08-26 10:05:36 +02:00
Alexander Barton
9811223fb8 Whitespace fixes (no functional changes) 2015-08-01 15:15:30 +02:00
Alexander Barton
0083fe177f Fix debug message "Client ... is closing connection"
It should be "host:port"!
2015-08-01 15:14:23 +02:00
Alexander Barton
85dc4d8777 "NoticeAuth" configuration variable is deprecated now! 2015-08-01 14:52:07 +02:00
Alexander Barton
64c265cf33 Merge pull request #217 from SaberUK/master+notice-auth
Use "NOTICE *" before registration instead of "NOTICE AUTH".
2015-08-01 14:51:04 +02:00
Alexander Barton
b8482fd3cf First check if channel has mode "N", then check membership
This should be more efficient.
2015-08-01 14:26:11 +02:00
Alexander Barton
90ea23ab4f Merge pull request #214 from Flupsy/channel-mode-N
Channel mode N (users on this channel can't change their nick)
2015-08-01 14:24:20 +02:00
Alexander Barton
a5ca8be658 Streamline ".gitignore" files 2015-07-19 03:03:06 +02:00
Peter Powell
5545e1bebf Rename NoticeAuth to NoticeBeforeRegistration.
The old name is still supported for compatibility reasons.
2015-07-14 14:43:19 +01:00
Peter Powell
d118cd74b6 Use "NOTICE *" before registration instead of "NOTICE AUTH".
AUTH is a valid nickname so sending notices to it is probably not
a good idea. Use * as the target instead as done with numerics
when the nick is not available.

This mimics the behaviour in Charybdis, IRCD-Hybrid, InspIRCd 2.2,
Plexus 4, etc.
2015-07-14 14:37:42 +01:00
Ian Chard
599626d570 Only enforce channel mode N on users (not servers or services) 2015-06-26 10:36:57 +01:00
Tom Ryder
b71a0ddbd5 Specify session context for OpenSSL clients
Reconnecting to ngIRCd 22.1 built with OpenSSL with some OpenSSL
clients, including Pidgin and stunnel 5.06, attempts to reuse a session
and fails due to the absence of this line.

The error message in syslog from ngIRCd is:

> SSL protocol error: SSL_accept (error:140D9115:SSL
> routines:SSL_GET_PREV_SESSION:session id context uninitialized)

This patch appears to fix the problem for both Pidgin and stunnel; it
may work for other OpenSSL clients that attempt to re-use sessions.

*   <https://github.com/ngircd/ngircd/issues/182>
*   <https://developer.pidgin.im/ticket/11568>
*   <https://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html>
2015-06-26 16:21:54 +12:00
Ian Chard
7ff16e8116 Don't bother looking for +N channels for an op 2015-06-24 20:28:27 +01:00
Ian Chard
adfe5affed Don't use a standard message number 2015-06-24 15:51:37 +01:00
Ian Chard
f64cb901ef Add channel mode N (normal user can't change nick while on channel) 2015-06-24 15:37:56 +01:00
Alexander Barton
d28d838cb9 Merge remote-tracking branch 'LucentW/master'
* LucentW/master:
  Fix with oneshot invites
  Fixed building issues\
  Implement timestamp tracking of invites
  Keep track of who placed bans/invites/excepts
  IRC operators w/OperCanMode can kick anyone [already cherry-picked]

Closes #203, Closes #205.
2015-06-07 21:13:45 +02:00
Alexander Barton
2fc61ce8a6 Make setgroups(3) function optional
For example, Interix is missing this function, which prevented
ngIRCd to build on this platform. When setgroups(3) isn't available,
a warning message is issued when ngIRCd starts up.
2015-06-06 22:19:47 +02:00
LucentW
5c48d7e9c7 IRC operators w/OperCanMode can kick anyone
Closes #202.

(cherry picked from commit 10c7ba99e7)
2015-05-16 20:48:37 +02:00
LucentW
0f490b5cae Implement numeric RPL_LISTSTART(321)
lightIRC and other clients expecting RPL_LISTSTART should now behave correctly.

Closes #207.

(cherry picked from commit 0680ce5fd99bc643651d1433bcdaf271aeb73c46)
2015-05-16 20:29:10 +02:00
LucentW
93a872a36b Fix with oneshot invites
This should finally implement correctly oneshot invites sent via /INVITE
2015-05-15 14:02:37 +02:00
Alexander Barton
c4245220de Fix MatchCaseInsensitive[List]](): lowercase string _and_ pattern
Up to now, only the the string ("haystack") became lowercased and was
the compared to the pattern ("needle") -- which failed, when the pattern
itself wasn't all lowercase ...
2015-05-13 23:47:53 +02:00
Alexander Barton
f8f7f83f5a Streamline effect of "MorePrivacy" option (WHOIS, LIST)
- Update documentation in ngircd.conf(5)
- LIST: Don't hide channels for IRC Ops when "MorePrivacy" is in effect
- WHOIS: Don't hide IP addresses/hostnames when "MorePrivacy" is in effect

Closes #198
2015-05-13 22:42:51 +02:00
LucentW
03c8997af3 Fixed building issues\
Now builds cleanly. Pass all tests from make check.
2015-05-13 20:08:26 +00:00
LucentW
4396936f38 Implement timestamp tracking of invites
Now lists nodes also have the "onlyonce" field, since the valid_until is
used to keep the timestamp of placing. Found no references to onlyonce
or about valid_until being == 1, though, so it might be unused, but
still available for other enhancements.
2015-05-11 22:15:01 +02:00
LucentW
4da04640e6 Keep track of who placed bans/invites/excepts
Implements #203.
WARNING: it does not track the time of placement of invites, since the
time_t is already used as a flag for single use invites!
2015-05-11 22:15:00 +02:00
LucentW
10c7ba99e7 IRC operators w/OperCanMode can kick anyone 2015-05-11 22:12:30 +02:00
LucentW
a4af9024fd Fixed indents 2 2015-04-29 20:29:00 +02:00
LucentW
6fc53558ed Fixed indents and documentation
(also updated the copyright date on the txt I edited)
2015-04-29 20:25:18 +02:00
LucentW
21767c968d Implement +I (private channel list on whois)
Implements enhancement requested in issue #179
2015-04-29 14:04:06 +02:00
Alexander Barton
c5da483685 Make sure that the target user is able to join a local channel
Implement ERR_USERNOTONSERV(504) numeric and make sure that the
target user is on the same server when inviting other users to
local ("&") channels.

ircd-ratbox uses the ERR_USERNOTONSERV(504) numeric for this, and I
think this is a good idea -- other IRC daemons (like ircu) silently
drop such impossible invites, but thats not a big benefit ...

Idea by Cahata, thanks! Closes #183.
2015-04-12 20:59:43 +02:00
Alexander Barton
4330f5d1c9 INVITE command: Enforce 1 second penalty time
This prevents flooding of the target client.

This closes #186. Reported by Cahata, thanks!
2015-04-12 20:14:24 +02:00
Alexander Barton
81b81c818c MODE command: Always report channel creation time
Up to now when receiving a MODE command, ngIRCd only reported the channel
creation time to clients that were members of the channel. This patch
reports the channel creation time to all clients, regardless if they are
joined to that channel or not.

At least ircd-seven behaves like this.

This closes #188. Thanks Cahata!
2015-04-12 19:39:20 +02:00
Alexander Barton
c7bbc9a390 Fix spelling of RPL_WHOISBOT message text 2015-03-27 22:51:21 +01:00
Alexander Barton
6171beb7ab Don't send nick name as default PART reason
No other IRC daemon seems to do this (today?), don't remember why
ngIRCd did it in the first place ...

Closes #185.

Reported by Cahata in #ngircd, thanks!
2015-03-14 11:13:50 +01:00
Alexander Barton
2196e945e4 Fix "WHO #<chan>" showing invisible users and hiding all visible
The logic is reversed ...

This bug has been introduced by commit c74115f2, "Simplify mode checking on
channels and users within a channel", ngIRCd releases 21, 21.1, and 22 are
affected :-(

Problem reported by Cahata in #ngircd, Thanks!
2015-03-14 10:16:16 +01:00
Alexander Barton
f16eb1b686 Fix typo in src/testsuite/README 2015-03-11 22:14:24 +01:00
Alexander Barton
c41f18e3f9 Auth PING: Fix our information text for manual sending of "PONG"
Up to now, ngIRCd doesn't send a valid IRC command at all, oops!
2015-01-20 22:50:13 +01:00
Alexander Barton
dbfe1beca8 Auth PING: The numeric ID is a "long", use atol() 2015-01-20 22:49:23 +01:00
Alexander Barton
6bdae55177 Auth PING: Don't send a prefix in our PING command
The prefix confuses WeeChat, at least, which doesn't send an appropriate
PONG in the case ...

Debugging and patch by "wowaname" on #ngircd, thanks!
2015-01-20 22:44:36 +01:00
Alexander Barton
bd8d4e710c Fix syntax of ERR_LISTFULL_MSG(478) numeric
Pointed out by "wowaname" in #ngircd, thanks!
2014-12-27 01:50:27 +01:00
Alexander Barton
9a931a549b Enhance debug messages while sending CHANINFO commands 2014-12-20 15:35:49 +01:00
Alexander Barton
3c30490d54 Reset "last try" timer when enabling a passive server
This results in a new connection attempt as soon as possible.
2014-12-20 15:31:55 +01:00
Alexander Barton
6250335352 Change log message for "Can't resolve address" 2014-12-10 11:11:42 +01:00
Alexander Barton
7e14bd3b58 Change log messages issued for IP address forgeries 2014-12-10 11:02:03 +01:00
Alexander Barton
31b3c83c1f Merge remote-tracking branch 'alex/TestsuiteNoDNS'
* alex/TestsuiteNoDNS:
  Test suite: Don't use DNS lookups
2014-11-01 20:14:09 +01:00
Alexander Barton
100de3e4cc Update "CipherList" to not enable SSLv3 by default
Idea, initial patch, and testing by Christoph Biedl
<ngircd.anoy@manchmal.in-ulm.de>
2014-10-16 13:42:24 +02:00
Alexander Barton
be88707027 Match list patterns case-insensitive
The invite-, ban-, and except lists are affected by this change,
as well as G-Lines an K-Lines.

Problem pointed out by "wowaname" on #ngircd, thanks!
2014-10-06 21:47:34 +02:00
Alexander Barton
84ff5a6eb9 Sync "except lists" between servers
Up to now, ban, invite, and G-Line lists have been synced between servers
while linking -- but obviously nobody noticed that except list have been
missing ever since. Until now.

Thanks to "j4jackj", who reported this issue in #ngircd.
2014-09-22 02:17:04 +02:00
Alexander Barton
bf2eae3249 Allow longer usernames for authentication 2014-09-11 22:04:31 +02:00
Alexander Barton
ffad2da835 Correctly check that a server has a valid hostname and port
David Binderman <dcb314@hotmail.com> reported the following compiler warning,
which is a real bug in ngIRCd, thanks!

conn.c:2077:55: warning: logical not is only applied to the left hand
                         side of comparison [-Wlogical-not-parentheses]
2014-09-10 13:03:30 +02:00
Alexander Barton
896d45471a Lists_MakeMask: Don't destroy source buffer 2014-08-08 13:50:48 +02:00
Alexander Barton
01c3552140 Initialize Conf_ScrubCTCP even when SYSLOG isn't #define'd
The "SYSLOG" #define isn't related to "Conf_ScrubCTCP" at all, so
initialize the latter even when "SYSLOG" isn't #define'd.

Pointed out by wowaname on #ngircd, thanks!
2014-07-29 23:08:18 +02:00
Alexander Barton
40ed94a1f2 Increase MAX_SERVERS from 16 to 64
There are installations out there that would like to configure more
than 16 links per server, so increase this limit. Best would be to
get rid of MAX_SERVERS altogether and make if fully dynamic, but
start with this quick and dirty hack ...
2014-07-20 13:19:36 +02:00
Alexander Barton
3f807e1045 Test suite: Don't use DNS lookups
Different operating systems do behave quite differently when doing DNS
lookups, for example "127.0.0.1" sometimes resolves to "localhost" and
sometimes to "localhost.localdomain" (for example OpenBSD). And other
systems resolve "localhost" to the real host name (for example Cygwin).

So not using DNS at all makes the test site much more portable.
2014-06-09 02:15:52 +02:00
Alexander Barton
39b8fc65b6 Add "tests-skipped.lst" to src/testsuite/.gitignore 2014-06-04 12:20:31 +02:00
Alexander Barton
3de972e0bd Test suite/platformtest.sh: Detect when tests have been skipped
Detect if some tests have been skipped, for example when telnet(1) or expect(1)
is missing: ./contrib/platformtest.sh will echo a warning message now.
2014-06-04 12:15:23 +02:00
Alexander Barton
a90004b913 Test suite: Update file headers and comments 2014-04-17 23:56:36 +02:00
Alexander Barton
d314c75a37 Allow "DefaultUserModes" to set all possible modes
Let IRC_MODE() detect that the "fake" MODE command originated on the local
sever, which enables all modes to be settable using "DefaultUserModes"
that can be set by regular MODE commands, including modes only settable by
IRC Operators.
2014-03-18 16:43:21 +01:00
Alexander Barton
5009ab3e8c Spoofed prefixes: Really kill connection on non-server links
This fixes commit 6cbe1308 which only killed the connection when the
spoofed prefix itself belonged to a non-server client.
2014-03-18 16:30:38 +01:00
Alexander Barton
5713c49c84 Implement user mode "F": "relaxed flood protection"
ngIRCd relaxes its flood protection for users having the user mode "F" set
and allows them to rapidly send data to the daemon. This mode is only
settable by IRC Operators and can cause problems in the network -- so be
careful and only set it on "trusted" clients!

User mode "F" is used by Bahamut for this purpose, for example, see
<http://docs.dal.net/docs/modes.html#4.9>.
2014-03-18 14:55:38 +01:00
Alexander Barton
35f1db5f28 Handle "throttling" in a single function
ngIRCd uses "command throttling" and "bps throttling" (bytes per second).
The states are detected in different functions, Conn_Handler() and
Read_Request(), but handle the actual "throttling" in a common function:
this enables us to guarantee consistent behavior and to disable throttling
for special connections in only one place, eventually.
2014-03-18 14:53:29 +01:00
Alexander Barton
f547981188 Streamline DEBUG_ARRAY, DEBUG_BUFFER, DEBUG_IO, DEBUG_ZIP
Change all #define's to follow the form
	#define DEBUG_xxx {0|1}
to disable (0, default) or enable (1) additional debug messages.

And somewhat enhance some DEBUG_BUFFER messages.
2014-03-17 23:54:44 +01:00
Alexander Barton
b35f8916a5 conn.c: Code cleanup
Reformat and restructure some code, move all SSL related code into
one single #ifdef block, for example.
2014-03-17 22:59:58 +01:00
Alexander Barton
a534e71e8d Re-add #include's for header files of the C file itself
This partially reverts commit b130b35f4, "Update #include's: remove
unused and add missing ones", but fixes the following compiler and
analyzer warnings of Apple Xcode 5:

 "Semantic issue: No previous prototype for function 'yyy'"
2014-03-17 18:02:57 +01:00
Alexander Barton
a13bb78b1e Update copyright notices of recently changed files 2014-03-17 12:22:00 +01:00
Alexander Barton
b130b35f48 Update #include's: remove unused and add missing ones
The "deheader" tool (<http://www.catb.org/~esr/deheader/>) has been
used to find unused #include directives as well as missing ones.

Tested on:

- A/UX 3.1.1
- ArchLinux (2014-03-17)
- Debian GNU/Hurd
- Debian GNU/Linux 6.0.9
- Debian GNU/Linux 7.4
- Fedora 20
- FreeBSD 9.2
- OpenBSD 4.8
- OpenBSD 5.1
- OS X 10.9
- Solaris 11
2014-03-17 11:37:25 +01:00
Alexander Barton
37090a28e8 portab.h: Restructure and clean up code
- Don't use HAVE_SYS_TYPES_H, <sys/types.h> is a required header now.
- Streamline check for boolean data types.
- Better indent #ifdef constructs.
2014-03-17 01:17:30 +01:00
Alexander Barton
7b10a0e4ee io.c: <sys/time.h> is only needed when using select()
Only include the <sys/time.h> header when using the select() IO API,
it isn't required otherwise.
2014-03-17 00:45:07 +01:00
Alexander Barton
259c314d14 Remove imp.h and exp.h header files
These include files don't have a function any more, remove them.
2014-03-17 00:17:02 +01:00
Alexander Barton
51396f8f1c strdup.c: Code cleanup 2014-03-16 22:59:03 +01:00
Alexander Barton
6238196dac Don't define SSL_Want{Read|Write}() when SSL is disabled
Not even call the "dummy" functions.
2014-03-16 22:31:23 +01:00
Alexander Barton
43fb18f2f5 Code cleanup, remove blank lines 2014-03-16 22:11:26 +01:00
Alexander Barton
a4ed90ba9a Fix two K&R C portability issues
Fix the following two errors emitted by the Apple K&R C compiler
on Apple A/UX:

"./class.c", line 47: no automatic aggregate initialization
"./class.c", line 47: illegal lhs of assignment operator

"./conf.c", line 1052: syntax error

Tested on A/UX 3.1.1.
2014-03-16 20:07:08 +01:00
Roy Sindre Norangshol
485d0aec81 Use server password when PAM is compiled in but disabled 2014-02-28 10:53:40 +01:00
Alexander Barton
abf280d5bd CHARCONV: Fix handling conversion errors
Don't overwrite already converted text!
2014-02-23 18:20:47 +01:00
Alexander Barton
ccc9e1baa4 Streamline punctuation of log messages
See commit d38d153f for details.
2014-02-09 16:01:13 +01:00
Alexander Barton
384b27cee0 IRC_INVITE(): Code cleanup 2014-02-02 00:27:24 +01:00