1
0
mirror of https://github.com/osmarks/ngircd.git synced 2024-12-13 10:20:28 +00:00
Commit Graph

2402 Commits

Author SHA1 Message Date
Florian Westphal
0ef94edad7 add section and rfc number to comment about QUIT error 2009-06-05 01:39:33 +02:00
Florian Westphal
643ae1b48b enforce upper limit on maximum number of handled commands
reported on #ngircd: pasting lots of lines into a channel can kill off
many people on the channel if the read buffer is drained quickly enough
and the client-side TCP can't keep up with the incoming data.

This implements a throttling scheme:
- an irc client may send up to 3 commands per second before a one second
pause is enforced.
- an irc client may send up to 256 bytes per second before a one second
pause is enforced.

After discussion with Alexander Barton, server <-> server links are
treated specially: There is no artificial limit on the number of bytes
sent per second, and up to 10 commands are processed per second before
a pause is enforced.

It may be neccessary to make those limits tuneable to accomondate larger
networks, but for now they are compile time values.
2009-05-25 22:25:18 +02:00
Florian Westphal
9b1c47220f conn.c: fix NumConnections imbalance
New_Server() can call Conn_Close() in its error paths,
but that function decrements the number of current active
connections. Thus we need to increment it earlier.
2009-05-17 21:32:53 +02:00
Florian Westphal
8e2c5816ee SSL/TLS: fix error handling when ssl ctx init for outgoing server link fails 2009-05-17 21:27:27 +02:00
Florian Westphal
f31c3a3aa2 SSL/TLS: fix error path in gnutls ssl ctx allocation 2009-05-17 21:18:04 +02:00
Florian Westphal
b0931f322b manpage: move SSLConnect option to the right section 2009-05-17 01:22:18 +02:00
Florian Westphal
5196e9bcb1 SSL/TLS: remove redundant asserts/ifdefs 2009-05-16 20:48:43 +02:00
Florian Westphal
57aa64e117 SSL/TLS: proper indentation, remove erroneous comment 2009-05-14 00:00:55 +02:00
Alexander Barton
fd7e85b798 Update copyright notice, it's 2009 already! 2009-05-05 17:08:48 +02:00
Alexander Barton
b1852f3029 Updated Debian "changelog" file for ngIRCd 14.1 2009-05-05 13:14:23 +02:00
Alexander Barton
822c1e9265 ngIRCd release 14.1 2009-05-05 12:58:51 +02:00
Alexander Barton
5b4a3eda08 Added start/stop script for Red Hat based distributions
Script contributed by Naoya Nakazawa <naoya@sanow.net>.
2009-05-05 12:50:55 +02:00
Alexander Barton
a83554b572 Renamed contrib/ngircd.sh to contrib/ngircd-bsd.sh 2009-05-05 11:41:26 +02:00
Florian Westphal
627b0b713c security: fix remotely triggerable crash in SSL/TLS code
When a server is running with SSL/TLS support compiled in,
it is trivial to crash the server by sending an MOTD request
via another server in the network.

- ONLY servers without ssl/tls support compiled in are not affected.
  Disabling SSL in the configuration (no ssl listening ports, etc)
  does NOT help.
- servers that are running standalone (i.e., not connected to any
  other servers) are not affected, either.

This affects all ngircd releases since ngircd 13 (earlier versions
have no SSL/TLS support).
2009-05-05 10:21:20 +02:00
Alexander Barton
95428a72ff Fixed "Conflicts:" line in debian/control: missing comma 2009-05-04 11:23:19 +02:00
Alexander Barton
6b83d1740e Debian: build ngircd-full-dbg package
In addition to the "ngircd" and "ngircd-full" packages a new package named
"ngircd-full-dbg" is build: this package contains all the features of the
"full" package but includes debug code and both the --debug and --sniffer
options and the resulting binaries are _not_ stripped.
2009-04-29 02:14:17 +02:00
Alexander Barton
c8bba8e5c3 debian/rules: whitespace fixes 2009-04-29 02:12:56 +02:00
Tassilo Schweyer
37359799eb Fix server list announcement
When ngircd announces the list of currently known servers
to a new (connecting) server, it sent the introducer of
the servers instead of the top server.

Assuming this network:

irc1.example.com
|--irc2.example.com
|    `--irc3.example.com
|         `--irc4.example.com
`--irc5.example.com

When irc4 connects to irc3, irc3 tells irc4 that irc5 was
connected to irc2. (irc2 had introduced irc5 to irc3; but thats
not what ngircd should have sent to the new server).

This also placed users on the wrong servers.
2009-04-26 00:30:49 +02:00
Alexander Barton
4a14fb252d Doxygen: update source code repository link to GIT 2009-04-25 00:53:47 +02:00
David Kingston
9b59f043c8 allow ping timeout quit messages to show the timeout value 2009-04-23 21:39:45 +02:00
Florian Westphal
b545d38ae4 irc-server: do not remove hostnames from info text
that code does not really make sense -- the info
text is freely cofngiureable and des not follow a specific
format.

Also, that "+2" might have caused invalid memory accesses.
2009-04-22 23:15:17 +02:00
Florian Westphal
84eaed6c9a conn-zip: fix error handling
callers of (Un)Zip_Buffer() assume that
the function closes the connection on error.

However, this was not always the case.
2009-04-21 21:00:43 +02:00
Florian Westphal
544b9884f4 remove or translate old comments 2009-04-21 20:58:30 +02:00
Florian Westphal
5e16b6df2d client.c: remove unecessary comments 2009-04-21 20:58:28 +02:00
Florian Westphal
ea041b8838 add const qualifier to pointers where possible 2009-04-21 20:58:23 +02:00
Alexander Barton
68835a1d1a ngIRCd release 14 2009-04-20 11:36:27 +02:00
Alexander Barton
54879b432b Display IPv6 addresses as "[<addr>]" when accepting connections.
With this patch ngIRCd displays IPv6 addresses as "[<addr>]:<port>" when
accepting new connections and later, if no successful DNS lookup could
be made (or DNS is disabled altogether).
2009-04-10 13:22:03 +02:00
Alexander Barton
d9355d53f8 Xcode: #define include __DATE__ in VERSION
Change VERSION to include the __DATE__ when compiling from within Xcode.

When building using "make xcode" or "make osxpkg" VERSION already is defined
to the "real" version number set in configure.in.
2009-04-10 13:08:04 +02:00
Alexander Barton
8c0137a6e0 Fix ChangeLog: Local channels are already implemented in Release 13 2009-04-09 15:17:44 +02:00
Alexander Barton
166ab3925e Fix up last Debian changelog entry 2009-03-30 13:44:04 +02:00
Alexander Barton
1f6a5744f6 ngIRCd release 14~rc1 2009-03-29 17:16:02 +02:00
Alexander Barton
156569d263 Updated NEWS and ChangeLog files 2009-03-29 17:05:37 +02:00
Alexander Barton
c3a8d6a73e Updated Debian/Linux init script
- PidFile, ServerUID and ServerGID are read from actual server configuration
- Exit code and behaviour is more LSB compliant
- New "status" and "test" sub-functions
2009-03-29 16:37:06 +02:00
Dana Dahlstrom
3a7d59c1ac misspelling in ERR_NORECIPIENT reply 2009-03-25 20:44:40 +01:00
Alexander Barton
51b88b12f3 Add missing contributors to AUTHORS file 2009-03-11 11:51:59 +01:00
Florian Westphal
ea35ba74b6 testsuite: add more predefined channels to server config
make sure it creates & and +, and accepts channel names without
a special character (ngircd should treat
'Name = chan' as 'Name = #chan').
2009-03-07 00:30:11 +01:00
Florian Westphal
2d4361d088 allow creation of persistent modeless channels 2009-03-07 00:21:43 +01:00
Florian Westphal
e9e7fc33f1 add and use Channel_IsModeless()
avoid "name[0] == '+'" where possible, having Channel_IsModeless()
makes things much more obvious.
2009-03-07 00:13:25 +01:00
Alexander Barton
c09742c518 Enhance INFO command to report compile time, if available 2009-03-05 16:04:36 +01:00
Alexander Barton
c56ab96270 Update NEWS and ChangeLog files 2009-03-03 17:59:43 +01:00
Alexander Barton
0a9608a26f Channel mode changes: break on error
Don't echo multiple syntax error messages (461) on invalid commands,
but break after the first one.
In addition, this solves corrupted 'Unknown mode "+' messages.
2009-03-03 16:33:40 +01:00
Alexander Barton
dee89c2355 Channel_Mode(): code cleanup (no functional changes) 2009-03-03 15:06:34 +01:00
Florian Westphal
b8c6dd503f TLS/SSL: remove useless error message when ssl connection is closed
When using OpenSSL, the following annoying "error" message was logged whenever
an encrypted connection was shut down in a orderly fashion:
TLS/SSL Connection shutdown: ConnSSL_Read: Unable to determine error

of course, this isn't an error at all.
2009-02-05 23:47:28 +01:00
Florian Westphal
66d6c3c84b update ChangeLog. 2009-02-04 23:33:46 +01:00
Florian Westphal
2fce4667a8 SSL/TLS: clear all ssl realted flags on shutdown
one ssl related flags was not cleared on ssl shutdown.
introduce and use CONN_SSL_FLAGS_ALL to zap them all.
2009-02-04 23:23:12 +01:00
Florian Westphal
c6a43fbaf0 TLS/SSL: fix memory leak when using compressed server links with ssl
commit 6bc2d3d06e
(New connection option CONN_RFC1459) forgot to adjust the ssl bitmasks.

The result is that when a compressed AND encrypted server link goes down
the memory allocated by zlib and the r/w buffers are no longer
free'd as the previous ConnSSL_Free() would then also remove the CONN_ZIP flag
from the flag mask.
2009-02-04 23:01:53 +01:00
Alexander Barton
3be9c477be Fix spelling of log message: "channek" vs. "channel" ... 2009-01-20 17:20:30 +01:00
Alexander Barton
d09094812f Channel key file: store file name and open on each access.
Store the file name of channel key files and reopen them on each access
(on each JOIN command) insted of just storing the file handles.

This eliminates the special requirements (no delete) and makes sure
that always the actual file contents are used in all circumstances.
2009-01-20 17:20:30 +01:00
Alexander Barton
c5000694d1 Support individual channel keys for pre-defined channels.
This patch introduces the new configuration variable "KeyFile" for
[Channel] sections in ngircd.conf. Here a file can be configured for each
pre-defined channel which contains individual channel keys for different
users. This file is line-based and must have the following syntax:

  <user>:<nick>:<key>

<user> and <nick> can contain the wildcard character "*".

Please not that these channel keys are only in effect, when the channel
has a regular key set using channel mode "k"!
2009-01-20 17:20:30 +01:00
Alexander Barton
2c1b6280fa RFC 2812, sec. 3.3.1: really check for the last dot
This fixes commit 5a3128243f and makes the test suite ("make check")
run again without errors.
2009-01-20 16:49:34 +01:00