William Pitcock
0a604c72a3
sslproc: handle ssl_cipher_list being NULL better
2015-12-13 09:42:12 -06:00
William Pitcock
1e8138afb0
channel: actually, use bancache invalidation as the metric for the duplication check
...
any state change which would cause the duplicate check to change would invalidate bancache as a whole anyway
2015-12-13 08:17:04 -06:00
William Pitcock
2f9687c48c
channel: cache duplicate calls to is_banned() and is_quieted()
2015-12-13 08:13:52 -06:00
William Pitcock
c42a66be2e
sslproc: garbage collect dead ssld resources every minute
2015-12-13 07:58:50 -06:00
William Pitcock
d63f3f80f0
extb_combi: implement a recursion guard
2015-12-13 07:50:02 -06:00
Jilles Tjoelker
2d28539c68
Reduce clean_nick() code duplication further.
...
Side effect: hurt and monitor now allow nicks starting with a digit.
2015-12-13 00:22:21 +01:00
William Pitcock
e1fda0d81e
map: make flatten_links dump a flattened map instead of blocking it ( closes #48 )
...
based on my patches in shadowircd legacy (4.0)
2015-12-12 09:24:37 -06:00
William Pitcock
413c61aaf5
monitor: ensure monitored nicknames are valid (ref. elemental-ircd/elemental-ircd#187 )
2015-12-12 08:42:03 -06:00
William Pitcock
72dee03d50
clean up some code duplication when checking nicks for validity
2015-12-12 08:41:09 -06:00
William Pitcock
7233e364cc
gnutls: fix typo
2015-12-12 08:19:58 -06:00
William Pitcock
673ec98e71
gnutls: allow priorities to be configured
2015-12-12 08:03:59 -06:00
William Pitcock
c1725bda3c
ssl: allow cipher list to be overridden ( closes #67 )
2015-12-12 07:50:48 -06:00
William Pitcock
b5b4a0e79b
client: use sequential connection ids for ssld connections in ssld RPC, instead of the file descriptor
...
this avoids race conditions when a file descriptor is reused and an ssld worker has not acked that the previous
connection was closed, which results in the new client being kicked.
2015-12-12 05:20:51 -06:00
William Pitcock
94356462c0
ssld: use uint64_t explicitly when we want 64-bit counters
2015-12-12 04:51:43 -06:00
William Pitcock
74ff144d33
ssld: fix a type warning pointed out by clang
2015-12-12 04:50:35 -06:00
William Pitcock
6cd1aca7f1
ssld: take inbuf/outbuf out of global scope, since its unnecessary
2015-12-12 04:50:15 -06:00
William Pitcock
4952e40b7e
newconf: fix error message on channel::autochanmodes
2015-12-12 00:33:46 -06:00
William Pitcock
5225f83df1
libratbox: import zstring functions
2015-12-11 15:56:33 -06:00
William Pitcock
63eb8567cb
implement configurable channel modes ( closes #31 )
...
While functionally compatible with the implementation in ElementalIRCd, our approach is different,
specifically pre-calculating the bitmask at config load time. This is more efficient, and allows us
to report errors as part of the configuration phase.
2015-12-11 15:36:53 -06:00
William Pitcock
bac8c4829f
config.h.dist: resync with config.h ( closes #14 )
2015-12-11 12:14:34 -06:00
William Pitcock
7c16cc9085
libratbox: implement nossl variants of rb_get_ssl_certfp() and rb_get_ssl_cipher()
2015-12-11 08:36:21 -06:00
William Pitcock
42dbc23943
ssld: enable sending SSL cipher information if available
2015-12-11 08:32:19 -06:00
William Pitcock
833b2f9cbf
libratbox: implement rb_get_ssl_cipher()
2015-12-11 08:32:02 -06:00
William Pitcock
427a8d5dbb
WHOIS: use cipher string if available
2015-12-11 08:20:11 -06:00
William Pitcock
ebe33dbfab
sslproc: set Client.localClient.cipher_string if sent by ssld
2015-12-11 08:19:50 -06:00
William Pitcock
196740c42b
sslproc: likewise
2015-12-10 23:44:31 -06:00
William Pitcock
408a29c65a
ssld: integrate some cleanups from ratbox 3.1
2015-12-10 23:40:24 -06:00
William Pitcock
d44660305f
update NEWS documenting availability of combination extbans
2015-12-10 02:28:52 -06:00
William Pitcock
98c645cadb
document extb_combi and extb_hostmask bans ( closes #74 )
2015-12-10 02:27:08 -06:00
William Pitcock
e2a9fa9cab
extenions: add a $m: extban (ref #74 )
2015-12-10 02:25:22 -06:00
William Pitcock
4ef511ebb8
import marienz's extb_combi module (ref #74 )
2015-12-10 02:20:58 -06:00
William Pitcock
7801d174d7
Revert "extban: implement helper functions for stackable extbans (part 1) (ref #74 )"
...
This reverts commit 304bd0d095
.
2015-12-10 02:19:21 -06:00
William Pitcock
304bd0d095
extban: implement helper functions for stackable extbans (part 1) (ref #74 )
2015-12-10 01:33:30 -06:00
William Pitcock
202d496644
override: only engage override code if we're needing to authorize a WRITE to a channel's state ( closes #65 )
2015-12-10 01:00:32 -06:00
William Pitcock
c7708a0994
ssld: update for protocol changes
2015-12-08 14:26:26 -06:00
William Pitcock
509088aaee
update NEWS to note that CertFP methods are now configurable
2015-12-07 01:52:16 -06:00
William Pitcock
13d8f0edba
allow certfp method to be configured
2015-12-07 01:49:30 -06:00
William Pitcock
772c95cc7a
ssld: we only will continue supporting one fingerprint method at a time
2015-12-07 01:21:26 -06:00
William Pitcock
fced7b416b
Merge branch 'master' of github.com:atheme/charybdis
2015-12-07 01:15:00 -06:00
Elizabeth Myers
e6bbb41030
Add ability to change CertFP hash.
...
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:14:02 -06:00
Elizabeth Myers
c33349ec21
Add ability to change CertFP hash.
...
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:11:12 -06:00
William Pitcock
653e3ca512
update copyright on NEWS (haha)
2015-12-05 07:18:35 -06:00
William Pitcock
354fd35126
update README
2015-12-05 07:09:52 -06:00
William Pitcock
6a49a3432f
update NEWS a little more
2015-12-05 07:07:01 -06:00
William Pitcock
a7433e330a
m_message: use same behaviour for +R users as +g users ( closes #96 )
2015-12-05 06:48:38 -06:00
William Pitcock
677d3cb1a3
mbedtls: implement rb_get_ssl_certfp()
2015-12-05 06:37:04 -06:00
William Pitcock
bbccb09a90
newconf: TLS listener ports should always be defer_accept
...
TLS clients are required to send ClientHello upon connection, the server may not reply with ServerHello until this has happened
2015-12-04 22:53:04 -06:00
William Pitcock
493897d67c
mbedtls: use server certificate for client mode too
2015-12-04 22:42:10 -06:00
William Pitcock
162a91d6ed
mbedtls: make client mode work too
2015-12-04 22:41:02 -06:00
William Pitcock
539d912b95
libratbox: fix up mbedtls backend
2015-12-04 00:01:40 -06:00