- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls
Thanks Jilles!
If this option is yes (default), KLINE by itself sets global (propagated) bans.
If this option is no, KLINE by itself sets a local kline following cluster{},
compatible with 3.2 and older versions.
Such bans are not applied locally, but are propagated normally.
They can only be removed on a server that applies them.
Note that normally KLINE will not accept such bans.
This is mainly for services, differing min_wildcard and
ircd changes.
A KLINE command without the ON clause now sets a propagated
("global") ban. KLINE commands with the ON clause work as
before.
Propagated klines can only be removed with an UNKLINE command
without the ON clause, and this removes them everywhere.
In fact, they remain in a deactivated state until the latest
expiry ever used for the mask has passed.
Propagated klines are part of the netburst using a new BAN
message and capab. If such a burst has an effect, both the
server name and the original oper are shown in the server
notice.
No checks whatsoever are done on bursted klines at this time.
The system should be extended to XLINE and RESV later.
There is currently no way to list propagated klines,
but TESTLINE works normally.
The value 0 indicates the creation time is unknown (currently the case
for bandb).
Also store a creation time for xlines and resvs, but do not use it yet.
Duplicate klines are now disallowed regardless of
no_redundant_klines. There is a somewhat hackish check
to see if the new kline is wider than the existing one.
When a user is rejected, remember the hash value of the
ban mask (for klines/glines, hash value of the user part
XOR hash value of the host part) with the rejected IP;
if the kline/gline/xline is removed, remove rejects with
the same hash value also. Note that this does not happen
for expiries; this is deliberate.
Rejects for no auth{} or dnsbl put a hash value of 0;
they cannot be removed selectively.
- Use find_exact_conf_by_address() to find the kline and
abort immediately if there is no such kline.
- When removing a permanent kline, remove the kline from
the data structures instead of rehashing bans.
