1
0
mirror of https://github.com/osmarks/ngircd.git synced 2024-10-31 14:16:17 +00:00
Commit Graph

3406 Commits

Author SHA1 Message Date
Federico G. Schwindt
925b4de298 On bad /oper set the penalty to 10 seconds
This helps against brute-force attempts.
2013-11-06 21:46:53 +00:00
Federico G. Schwindt
48ea69d778 Remove unneded IRC_SetPenalty() calls
IRC_WriteErrClient() already calls IRC_SetPenalty().  While here convert
some IRC_SetPenalty() + IRC_WriteStrClient() to IRC_WriteErrClient().
2013-11-06 18:28:09 +00:00
Federico G. Schwindt
80d0613bf2 Use sizeof() intead of the explicit size 2013-11-06 18:25:11 +00:00
Alexander Barton
4ab688c5e8 Remove wrong #ifdef in Option_String()
This fixes the following error when compiling without zlib support:

  irc.c: In function ‘Option_String’:
  irc.c:487: error: ‘options’ undeclared (first use in this function)

Reported by "der_baer" on #ngircd.
2013-11-01 19:12:35 +01:00
Alexander Barton
2e93129877 NEWS/ChangeLog: Clean up version numbers and release dates 2013-11-01 00:05:43 +01:00
Alexander Barton
94148c37f5 ngIRCd Release 21 2013-10-30 22:20:36 +01:00
Alexander Barton
f25be28ab8 doc/Platforms.txt: add Mac OS X 10.6.8 2013-10-30 22:13:21 +01:00
Alexander Barton
fae7bd1bb7 Update doc/Platforms.txt 2013-10-28 00:00:06 +01:00
Alexander Barton
0556aa1901 ngircd.init: Make sure no stale PID file is left over 2013-10-26 21:34:56 +02:00
Alexander Barton
48698f14a2 platformtest.sh/Platforms.txt: allow user names up to 8 characters 2013-10-23 20:47:55 +02:00
Federico G. Schwindt
8e6db769ac Check and call arc4random_stir() if present
FreeBSD prior to 10.0 does not automatically stir on fork(). Same with
current NetBSD. If arc4random_stir() is present assume is needed and
call it instead of srand().
2013-10-23 16:00:26 +01:00
Alexander Barton
8a041373bb Debian: Fix sed(1) rules adjusting "ngircd-full" package
Error introduced by last commit :-/
2013-10-20 18:33:22 +02:00
Alexander Barton
37c8699f34 Debian: Fix default "HelpFile" file name in ngircd.conf
The "full" package variants must use "/usr/share/doc/ngircd-full/Commands.txt"
and "/usr/share/doc/ngircd-full-dbg/Commands.txt" respectively.
2013-10-20 18:06:21 +02:00
Alexander Barton
788b3002d8 ngIRCd Release 21~rc2 2013-10-20 15:51:03 +02:00
Alexander Barton
beb9f65dc8 platformtest.sh: Detect clang compilers 2013-10-20 15:25:19 +02:00
Federico G. Schwindt
62865f7e19 Add support for longer config lines
With the introduction of CipherList we could have longer config lines.
Handle up to 1024 bytes and warn if the line will be truncated.
2013-10-17 22:10:53 +01:00
Federico G. Schwindt
a7dda1b28c Report the correct file on error 2013-10-17 21:52:15 +01:00
Alexander Barton
cba5a2579f doc/Platforms.txt: Add Open64 and tcc C compilers on Linux
Thanks to Götz Hoffart!
2013-10-16 22:27:40 +02:00
Alexander Barton
a2479bb906 platformtest.sh: Detect tcc compiler 2013-10-16 21:59:31 +02:00
Federico G. Schwindt
17589534d0 Add support for arc4random
If arc4random is present it will be used over the srand/rand interface.
This fixes some warnings in OpenBSD-current.
2013-10-16 16:32:06 +01:00
Federico G. Schwindt
ea26fd2840 Fix another strcat warning missed in commit 4c5b43 2013-10-16 10:41:40 +01:00
Alexander Barton
45d3e6aa91 platformtest.sh: Clean up GIT source tree, when possible 2013-10-14 23:47:16 +02:00
Alexander Barton
0bd3fb88b2 platformtest.sh: Detect Apple LLVM (clang) compiler 2013-10-14 23:45:59 +02:00
Alexander Barton
c34b91d8dd Update (date of) manual pages 2013-10-07 23:02:27 +02:00
Alexander Barton
56da86b4f4 ChnageLog file: even more spelling fixes ... 2013-10-07 22:17:49 +02:00
Alexander Barton
ea8a2bf1fc INSTALL file: Update "Upgrade Information" 2013-10-07 22:15:22 +02:00
Alexander Barton
1b349b05d5 Fix spelling in NEWS and ChangeLog files 2013-10-07 21:59:25 +02:00
Alexander Barton
4c5b439992 ngircd.c, main(): use strlcat() instead of strcat()
This fixes the following warning on OpenBSD 5.3:

 ngircd.o(.text+0xeb4): In function `main':
  src/ngircd/ngircd.c:300: warning: strcat() is almost always misused,
                                    please use strlcat()

Thanks to Götz Hoffart for reporting this!
2013-10-07 21:56:09 +02:00
Alexander Barton
86cd2da8d5 ngIRCd Release 21~rc1 2013-10-05 23:40:29 +02:00
Alexander Barton
9b1fee8995 Update NEWS and ChangeLog files 2013-10-02 02:10:48 +02:00
Alexander Barton
2798a12444 Actually KILL clients on GLINE/KLINE
Kill all clients that match a new GLINE/KLINE mask and genrate apropriate
KILL commands. These KILL commands can be superfluous, but are required
when the IRC Operator isn't allowd to set remote G-Lines or if there are
older servers in the network that don't kill clients on GLINE/KLINE.

Closes bug #156.
2013-10-01 12:26:34 +02:00
Alexander Barton
02182143c3 Don't forward KILL commands for unknown clients 2013-10-01 12:20:23 +02:00
Alexander Barton
b5faf3055b New function IRC_KillClient() to kill clients
The old local function Kill_Nick() in irc.c has been an ugly hack. This
patch implements a generic function for killing clients.

Adjust all callers of Kill_Nick() and respect the return code!
2013-10-01 12:13:17 +02:00
Alexander Barton
cccd8fc957 Adjust log messages for invalid and spoofed prefixes
Now invalid prefixes aren't logged no more when originating from an other
server (besides in debug mode), and spoofed prefixes are correctly logged
using LOG_WARNING (from an other server) or LOG_ERR (from a client) levels.

In addition, the log message texts have been adjusted to better reflect
what will happen: commands with invalid prefixes are ignored and logged,
commands with spoofed prefixes will result in the client being disconncted
(regular users) or the command being ignored (other servers).

This cleans up logging of commands related to already KILL'ed clients.
2013-09-26 02:28:16 +02:00
Alexander Barton
eccbd97e1f Remove CLIENT.oper_by_my, Client_SetOperByMe() and Client_OperByMe()
All places where Client_OperByMe() is used can either be converted to
Client_HasMode(Client, 'o') or Op_Check().

And Op_Check() itself can use the connection handle for deciding whether
the IRC Operator is a local user or not.
2013-09-25 01:29:23 +02:00
Federico G. Schwindt
ec5ab4fcd1 Add support to show user links using "STATS L"
Change "stats L" to show servers and user links and restrict it to
IRC Operators.
2013-09-24 21:17:35 +02:00
Alexander Barton
13a5358a3d Log an error (not info) when working directory can't be changed 2013-09-24 00:04:54 +02:00
Alexander Barton
99db111bca doc/PAM.txt: add a slightly more useful example 2013-09-19 00:17:43 +02:00
Federico G. Schwindt
27b9d32bf2 Change the certificate fingerprint digest to sha256
While here correct some indentation.
2013-09-17 17:35:56 +01:00
Federico G. Schwindt
0985d69cc6 Change cipher defaults
Switch cipher defaults to HIGH:!aNULL:@STRENGTH (OpenSSL) or
SECURE128 (GnuTLS).
2013-09-17 17:15:24 +01:00
Alexander Barton
d0977258ee Merge remote-tracking branch 'alex/bug162-SSLCipherList'
* alex/bug162-SSLCipherList:
  Cipher list selection for GnuTLS
  ConnSSL_Init_SSL(): correctly set CONN_SSL flag
  Cipher list selection for OpenSSL
  ConnSSL_InitLibrary(): Code cleanup
2013-09-16 17:32:25 +02:00
Federico G. Schwindt
2cebfc54f5 Fix server reconnection
In some error cases conn_id will be left as SERVER_WAIT and
subsequently ignored in Check_Servers(). Ensure conn_id is set to
NONE before returning from New_Server() if we couldn't establish
the connection.

Prompted by a report from gabrielgi-at-gmail-dot-com.
2013-09-16 02:15:49 +01:00
Alexander Barton
de3e5fa77c Don't ignore SSL-related errors during startup
Without this patch, ngIRCd ignores SSL-related messages and continues
to start up but only listens on plain text communication ports -- and
this most probably isn't what the administrator wanted ...

Closes bug #163.
2013-09-16 00:31:03 +02:00
Alexander Barton
b9006acee3 Cipher list selection for GnuTLS
This patch implements the missing functionality for cipher list selection
using GnuTLS (our OpenSSL code has this already).
2013-09-15 17:57:47 +02:00
Alexander Barton
51231ac8d4 ConnSSL_Init_SSL(): correctly set CONN_SSL flag
The CONN_SSL flag must be set before any calls to ConnSSL_Free()!
2013-09-15 17:35:52 +02:00
Alexander Barton
84ed46d4c1 Cipher list selection for OpenSSL
This patch introduces the possibility to arbitrarily select ciphers which
should be promoted resp. declined when establishing a SSL connection
with a client by implementing the new configuration option "CipherList".

By default, OpenSSL would accept low and medium strength and RC-4 ciphers,
which nowadays are known to be broken.

This patch only implements the feature for OpenSSL. A GnuTLS counterpart
has to be implemented in another patch ...

Original patch by Bastian <bastian-ngircd@t6l.de>.

Closes bug #162.
2013-09-15 15:09:36 +02:00
Alexander Barton
849f85a05c ConnSSL_InitLibrary(): Code cleanup 2013-09-15 14:09:31 +02:00
Alexander Barton
e8e0351985 TRACE: fix error message when there are too many parameters
ircd 2.11 ignores additional parameters silently, but I don't think
that this is the correct behaviour either ...
2013-09-07 00:19:21 +02:00
Alexander Barton
131364def1 IRC_SetPenalty(): Code cleanup 2013-09-07 00:05:49 +02:00
Federico G. Schwindt
bcb45da1b4 Add more penalty times
Ensure before every numeric 461 there is a call to IRC_SetPenalty().
2013-09-06 23:02:01 +01:00