1
0
mirror of https://github.com/osmarks/ngircd.git synced 2024-12-13 10:20:28 +00:00
Commit Graph

2257 Commits

Author SHA1 Message Date
Alexander Barton
d697de3186 IRC_SQUIT(): Fix use-after-free when unregistering the sending client 2020-05-26 00:05:22 +02:00
Alexander Barton
02cf31c0e2 IRC_SERVER: Make sure that the client sent a prefix
The SERVER command is only valid with a prefix when received from other
servers, so make sure that there is one and disconnect the peer if not
(instead of crashing ...).

This obsoletes PR #275.

Thanks Hilko Bengen (hillu) for finding & reporting this as well for the
patch & pull request! But I think this is the "more correct" fix.
2020-05-25 23:51:00 +02:00
Alexander Barton
430bb22376 Enhance debug logging for PONG commands
Distinguish between expected and unexpected PONG commands.
2020-05-25 23:30:07 +02:00
Alexander Barton
dc6807338e Fix PING-PONG handling when processing backlog in read buffers
Prior to this commit, the PONG wasn't registered correctly, becauuse the
"last ping" time was set to time(NULL), which could be bigger than the
"last data" time stamp, for example when handling the read buffer took
more than 1 second -- and this resulted in the PONG time out kicking in
effectively disconnecting a newly linked server for example, because
ngIRCd thought it was still waiting for a PONG: last data < last ping.

Now the "last ping" value has three possible values:

    0: new connection, no PING, no PONG so far.
    1: got a PONG, no longer waiting for a PONG.
  <t>: time stamp of last sent out PING command.
2020-05-25 22:59:58 +02:00
Alexander Barton
0d503945cb Revert "Set the "last data" time to "last ping" time when updating the latter"
This patch completely broke the PING-PONG logic: now ngIRCd never
disconnects any stale peers but keeps sending out PINGs over and over
again ...

The real issue (server disconnects right after connect) will be fixed in
the next commit, but let's revert to the somewhat "half-broken but
'known' state" first ...

This reverts commit 79a917f954.
2020-05-25 22:59:00 +02:00
Hilko Bengen
bae68eb612 testsuite: Add missing files to EXTRA_DIST
26~rc1 as extracted from tarball cannot be built/tested with SSL
support because of a missing script and certificates.
2020-05-22 17:23:42 +02:00
Alexander Barton
fcf2874a9d Allow more characters per line in MOTD and help text files
Change the line buffer in the Read_TextFile() function from 127 to
COMMAND_LEN (=512) bytes. Lines can't even get that long, because they
have to be prefixed before being sent to the client, so this is a sane
maximum.

This allows for even more "fancy" and "wider" MOTDs :-)

Closes #271.
2020-05-07 18:10:41 +02:00
Alexander Barton
4b7e8db418 Show allowed channel types in ISUPPORT(005) numeric only
Don't show the static list of all possibly available channel types ...

Closes #273.
2020-05-07 18:03:06 +02:00
Alexander Barton
21f33e5911 SSL test server: Use port 6790, like "test server #2"
Don't use the "standard" IRC SSL port 6697, as this easily collides with
real (ng)IRCd instances running on the same machine.

And by reusing port 6790, which is already used by the "test server #2",
we don't need any other port than the test suite already uses.
2020-05-07 00:02:00 +02:00
Alexander Barton
02850008f4
Merge pull request #269 from hillu/gnutls-reload-cert
Add support for GnuTLS certificate reload.

Thanks a lot, Hilko Bengen!
2020-05-06 23:36:19 +02:00
Alexander Barton
52d8fa2c09 Update Client_SetHostname() to not use strpbrk()
Not sure about the portability of strpbrk() in really ancient OS, and
this was the only place where it became used recently in ngIRCd ...
So let's play it safe! ;-)
2020-05-04 00:58:24 +02:00
michi
1f40776bc1 Allow hostmask cloaking when rDNS is disabled 2020-05-04 00:58:24 +02:00
Alexander Barton
387a29a7fd Don't wait for the network when read buffers possibly hold commands
There is no point in waiting up to one second for the network receiving
new data when there is still a read buffer holding at least one command;
we shouldn't waste time but handle it immediately!
2020-05-04 00:46:56 +02:00
Alexander Barton
54fac57603 Handle commands in the read buffer before reading more data
If there are more bytes in the read buffer already than a single valid
IRC command can get long (513 bytes, COMMAND_LEN), wait for this/those
command(s) to be handled first and don't try to read even more data from
the network (which most probably would overflow the read buffer of this
connection soon).
2020-05-04 00:46:56 +02:00
Alexander Barton
9f05f5ee61 Read_Request(): Clean up code and add some more comments
No functional changes.
2020-05-04 00:46:56 +02:00
Alexander Barton
629a45ee0f Revert "Increase read buffer size for server connections"
This reverts commit c6e3c13f27.

This sounded like the right approach at first, but I'm not that sure
that it really makes sense to have different sizes of read buffers: the
per-connection read buffer only needs to keep data that is needed to
parse one full command, be it plain text, encrypted and/or compressed.
Then ngIRCd should handle this one command, move leftover data to the
beginning of the buffer and read the next chunk from the network that is
missing to get the next complete command (512 bytes at max).

So I revert this for now and try to fix the logic in Read_Request(),
which is broken nevertheless, as it results in servers becoming
disconnected during "server burst" when "big" lists are transferred.
2020-05-04 00:46:56 +02:00
Alexander Barton
8d414b079c Correctly use Config_Error() instead of Log() in Read_Config()
The name of the Config_Error() function is misleading: it is not only
used to show configuraton errors, but all messages shown during normal
operation as well as for "config testing": it takes care of the correct
formatting of the messages (syslog, forground logging, config testing).

This fixes commit bb1d014aba.
2020-05-03 17:08:51 +02:00
Alexander Barton
0dc692b1f7 Log G-/K-Line changes only when not initiated by a server
This prevents the log from becomming spammed during "net bursts".
2020-05-03 03:15:49 +02:00
Alexander Barton
79a917f954 Set the "last data" time to "last ping" time when updating the latter
This is required because the PING can be received quite a bit earlier
than it is actually handled, for example during "server burst" or other
heavy operations:
So the times won't match and PING-PONG logic would become garbled,
because we test for "last ping > last data" to determine if a PING
already was sent or not.
2020-05-03 03:15:38 +02:00
Johann Hartwig Hauschild
11ea6a5070 updating testsuite to support ssl-tests 2020-04-25 00:04:38 +02:00
michi
ab62dd27dc Remove legacy configuration options
Remove legacy configuration options and related functions that have
been marked for removal for some time:

- PredefChannelsOnly (v22)
- NoticeAuth (v24)
- NoXXX (v19)
- Old '[GLOBAL]' section handling (v19)
2020-04-20 00:20:50 +02:00
michi
c6e3c13f27 Increase read buffer size for server connections
This applies the same logic we have for write buffers to distinguish
between server and client connections and sets the maximum buffer size
accordingly. As a result peering with servers with many GLINE/KLINEs
does not kill the connecting server connection anymore.
2020-04-20 00:20:46 +02:00
michi
04de1423eb Fix recursion bug on write error
Depending on the stack size, too many clients on the same channel
quitting at the same time would trigger a crash due to too many
recursive calls to Conn_Close().
2020-04-20 00:20:46 +02:00
michi
13b8324c4a Fix hostmask cloaking bug for IPv6 too 2020-04-20 00:20:46 +02:00
michi
f27827d793 Unbreak GCC 10 (-fno-common) build 2020-04-20 00:20:46 +02:00
Hilko Bengen
86f3c563d6 GnuTLS: Eliminate memory leaks for DH parameters, priorities cache
The DH parameters reference has to be stored next to the x509_cred
which holds a reference to it.
2020-04-19 21:20:43 +02:00
Hilko Bengen
eead4a631f Add support for GnuTLS certificate reload
This requires keeping track of currently active certificates, so those
are stored separately, along with a reference counter, and discarded
when they are no longer in use.
2020-04-17 17:34:12 +02:00
Alexander Barton
3aa1d880fe Add deprecation warnings for "Key" and "MaxUsers" in [Channel] 2020-03-29 22:31:18 +02:00
Alexander Barton
ba3b22b851 Test suite: Test multiple "Modes" lines in [Channel] sections 2020-03-29 01:16:37 +01:00
Alexander Barton
4d519cfdbf Predefined channles: Fix handling of legacy configuration options
Fix the handling of legacy "Key" and "MaxUsers" [Channel] settings:

- Activate them before evaluating the "Modes" parameter, to allow the
  latter to override those legacy options.
- Enforce setting the respective +k/+l mode(s) to support the legacy
  "Mode = kl" notation, which was valid but is an invalid MODE string:
  key and limit are missing! So set them manually when "k" or "l" are
  detected in the first MODE parameter.
- Sort modes +kl alphabetically, adjust test suite accordingly.
2020-03-29 00:45:59 +01:00
Alexander Barton
fed22184c5 Enhance logging while setting up predefined channels 2020-03-29 00:30:36 +01:00
michi
a3072ce698 Allow multiple "Modes =" lines per [Channel] section 2020-03-29 00:29:50 +01:00
michi
decf98d5ef Evaluate initial channel modes
Allow setting arbitrary channel modes in the config file.

Closes #55.
2020-03-28 23:47:21 +01:00
Alexander Barton
3f7caff630 Add "FNC" (forced nick changes) to ISUPPORT(005) numeric
Most probably this doesn't make any difference to any client, but it
seems correct. See <http://www.irc.org/tech_docs/005.html> for details.
2020-03-22 14:07:32 +01:00
Alexander Barton
8d173a3328 Fix memory leak in portabtest Check_strtok_r()
Fix the following Clang "LeakSanitizer" error (which isn't quite
relevant in this test program, but anyway):

  ERROR: LeakSanitizer: detected memory leaks

  Direct leak of 7 byte(s) in 1 object(s) allocated from:
      #0 0x7f8c4d022810 in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x3a810)
      #1 0x5601a801491a in Check_strtok_r (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x291a)
      #2 0x5601a8014d77 in main (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x2d77)
      #3 0x7f8c4c69009a in __libc_start_main ../csu/libc-start.c:308

  SUMMARY: AddressSanitizer: 7 byte(s) leaked in 1 allocation(s).
  FAIL: portabtest
2020-02-15 14:56:07 +01:00
michi
e7cb9b1a00 Reuse old SSL key if loading a new one failed 2020-02-15 14:47:20 +01:00
Alexander Barton
f5fa7db4ba 2020! 2020-01-21 22:02:40 +01:00
Alexander Barton
22cae1b5fc Enhance handling of command line errors, and "--help" & "--version"
Return with exit code 0 ("no error") when "--help" or "--version" was
used (this resulted in exit code 1, "error" before).

And exit with code 2 ("command line error") for all invalid command
line options, and show the error message on stderr (message was printed
to stdout before, and exit code was 1, "generic error").

This new behaviour is more in line with the GNU "coding standards",
see <https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html>.
2019-12-31 16:34:23 +01:00
Alexander Barton
de1de40551 Log received signals (using strsignal(3), when available) 2019-11-10 21:12:43 +01:00
Alexander Barton
4169cb25e6 Make test suite compatible with Haiku 2019-11-03 15:15:59 +01:00
JRMU
147e424d98 Fix hostmask cloaking bug, don't cloak multiple times
Previously, each server would cloak every user's hostmask. The problem
is that if a network has more than one server, then a user's hostmask
would get cloaked twice. This patch ensures that a server only cloaks
the hostmask if it has not yet been cloaked (the period indicates it's
still an IP address).

Closes #228.
2019-09-09 15:30:44 +02:00
Alexander Barton
e954b59d41 Fix some typos (documentation files, ngircd.conf manual page, ...)
Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph
Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!
2019-07-21 16:23:07 +02:00
Alexander Barton
2c495a1fe7 Enlage buffers of info texts to 128 bytes.
This includes:
- "Real name" of a client (4th filed of the USER command).
- Server info text ("Info" configuration option).
- Admin info texts and email address ("AdminInfo1", "AdminInfo2" and
  "AdminEmail" configuration options).
- Network name ("Network" configuration option).

The limit was 64 bytes before ...

Closes #258.
2019-06-29 16:13:16 +02:00
Alexander Barton
f8002057f2 Streamline handling of invalid and unset server name
Don't exit during runtime (REHASH command, HUP signal), because the
server name can't be changed in this case anyway and the new invalid
name will be ignored.
2019-06-29 16:02:52 +02:00
Alexander Barton
bb1d014aba Slightly reoder startup steps, and enhance logging
- Show name of configuration file at the beginning of start up.
- Add a message when ngIRCd is ready, including its host name.
- Show name of configuration file on REHASH (SIGHUP), too.
- Change level of "done message" to NOTICE, like "starting" & "ready".
- Initialize IO functions before channels, connections, clients, ...
2019-06-29 16:00:53 +02:00
Alexander Barton
96bad2b861 2019! 2019-01-02 00:10:06 +01:00
Alexander Barton
456eea6f18
Implement new configuration option "MaxPenaltyTime" (#251)
This option configures the maximum penalty time increase in seconds, per
penalty event. Set to -1 for no limit (the default), 0 to disable
penalties altogether. ngIRCd doesn't use penalty increases higher than 2
seconds during normal operation, so values higher than 1 rarely make
sense.

Disabling (or reducing) penalties can greatly speed up "make check" runs
for example, see below, but are mostly a debugging feature and normally
not meant to be used on production systems!

Some example timings running "make check" from my macOS workstation:

- MaxPenaltyTime not set: 4:41,79s
- "MaxPenaltyTime = 1":   3:14,71s
- "MaxPenaltyTime = 0":     25,46s

Closes #249.
2018-11-28 14:13:09 +01:00
Rosen Penev
7690716e4f Fix compilation without deprecated OpenSSL APIs (#252) 2018-11-28 14:10:46 +01:00
Alexander Barton
c8162a80be Fix some compiler warnings of Apple Xcode/Clang
For example:

* src/ngircd/irc-login.c:102:21: Implicit conversion loses integer
  precision: 'int' to 'char'

* src/ngircd/conn.c:1084:9: Implicit conversion turns floating-point
  number into integer: 'double' to 'bool'

* src/tool/tool.c:85:10: Implicit conversion loses integer precision:
  'int' to 'char'
2018-10-30 01:53:24 +01:00
Alexander Barton
e8e04b4c8f Fix typos/errors/... in file comments
Found by Xcode/Clang code analyzer. No functional changes.
2018-10-30 01:48:31 +01:00