William Pitcock
be2447b850
config: document websocket options
2016-05-14 17:24:20 -05:00
William Pitcock
dcf450702b
newconf: ensure wsock and defer_accept are default-to-disable for now, for consistency sake on rehashes
2016-05-14 17:23:51 -05:00
Aaron Jones
7de13f7e5e
starttls: Allow command usage with backends other than OpenSSL
2016-05-14 00:26:03 +00:00
Simon Arlott
4ad9738d7a
m_alias: correctly construct string to be sent
2016-05-12 19:45:27 +01:00
Simon Arlott
8dd5d185e8
bandb: sqlite3: use getpagesize() on FreeBSD
2016-05-12 12:43:18 +01:00
Simon Arlott
0e0d823a5d
wsockd: include stdinc.h so that sys/types.h is included on FreeBSD 4.8
2016-05-12 12:43:17 +01:00
Simon Arlott
7c7cf006ca
librb: define UINT32_MAX for FreeBSD 4.8
2016-05-12 12:43:16 +01:00
Simon Arlott
87f7632760
librb: support rb_path_to_self on FreeBSD 4.8
2016-05-12 12:43:15 +01:00
Simon Arlott
d2a4981ab2
client: call authd_abort_client with the client that is exiting, not the originator
2016-05-12 10:06:31 +01:00
William Pitcock
96bcbb5d56
Merge pull request #191 from GLolol/patch-1
...
doc: add extensions/chm_nonotice to example confs
2016-05-11 23:46:10 -05:00
James Lu
cdc31cc55f
doc: add extensions/chm_nonotice to example confs
2016-05-11 21:39:42 -07:00
Aaron Jones
9d6b870d7b
[Documentation] Increase bitlength recommendation for DH parameters
...
Also clarify the behaviour of TLS backends and the consequences for
not providing any parameters at all.
[ci skip]
2016-05-05 04:20:16 +00:00
Aaron Jones
70a70462e5
[Documentation] Reflect that ssl_private_key is now optional
...
[ci skip]
2016-05-05 04:20:07 +00:00
Aaron Jones
f5960b830b
[sslproc] Use certificate file if key file is not present
2016-05-05 04:10:57 +00:00
Aaron Jones
883f3833ed
Travis CI: Build against sqlite3 library
2016-05-05 03:54:38 +00:00
Aaron Jones
1e7342d0f4
[mbedtls] Various fixes and improvements
...
* Move certificate, key, DH parameters and configuration to heap
(Documentation states that setting new configuration, e.g.
during a rehash, is unsupported while connections using that
configuration are active)
This is the same approach as the fix for #186
Refcount these structures so as to not introduce a memory leak
On rehash, it will use new structures only if there are no
errors in constructing them
* Make fingerprint generation work for TLS connections
See the comments in the newly created file for an explanation
* Fix memory leak when generating a fingerprint from a file
* Add better error-reporting (strings in addition to numbers)
where possible
* Coalesce several connection memory allocations into one function
* Reduce boilerplate where possible (Charybdis targets C99)
* Support private key being in certificate file, and having no
DH parameters file
* Correct erroneous closing comment
2016-05-05 03:47:57 +00:00
Aaron Jones
c40eede13b
[TLS Backends] Make version strings more useful and consistent
2016-05-05 03:47:46 +00:00
Aaron Jones
0fe9dd4119
[TLS Backends] Allow absense of private key file
...
Use the certificate file instead
2016-05-05 03:47:33 +00:00
Aaron Jones
4d83a4d92d
[sslproc] Allow absense of private key file
...
Backends can then assume that the private key is in the certificate file
2016-05-05 03:47:18 +00:00
Aaron Jones
f831e92603
Fix possible crash when DH parameters are not provided
...
This has ssld calling strlen() on a NULL value
[ci ckip]
2016-05-03 17:49:00 +00:00
Simon Arlott
da20854e83
random_ping: stop producing negative values that become 16 chars
2016-05-02 21:14:16 +01:00
Simon Arlott
84d0b55e76
authd: fix reference far off the end of the array on shutdown
...
When authd has no more input it tries to reject all current clients with
an id of UINT32_MAX.
2016-05-01 11:51:07 +01:00
Simon Arlott
2f598dacdd
authd: remove unused variable id from accept_client
2016-05-01 11:51:06 +01:00
Simon Arlott
075d4d569e
authd: allocate the correct size of auth_client_data
...
If there are holes in the auth_providers ID numbers, the array allocated
based on list length won't be large enough to handle all the IDs.
(auth->data could be converted to a dlink_list)
2016-05-01 11:51:05 +01:00
Simon Arlott
a5f52774bb
authd: Only use refcount for reference counting
...
Use providers_active for provider activity tracking.
2016-05-01 11:31:05 +01:00
Simon Arlott
2392770f4d
authd: fix auth->cid type sizes
...
* long is too small on 32-bit systems, use unsigned long long if we want
to check for out of range values
* UINT32_MAX is a valid cid, and 0 isn't
* make auth->cid a uint32_t not uint16_t
2016-05-01 11:12:34 +01:00
Simon Arlott
a4da4fe574
authd: fix memory leak in start_auth
2016-05-01 10:59:22 +01:00
Simon Arlott
9f928dc532
authd: don't call cancel_providers recursively
...
Also check that they haven't been cancelled while starting up.
2016-05-01 10:53:34 +01:00
Simon Arlott
d955cd9f97
authd: use a list for auth_providers
...
We only need to iterate over this small fixed size list, so
dictionary iteration will be less efficient.
2016-05-01 10:49:12 +01:00
Elizabeth Myers
f4d828ef96
m_alias: restore old behaviour of joining all parameters.
...
There are two important caveats here, however:
1) Aliased commands have more than 8 parameters will be truncated;
there's nothing I can do about this.
2) Parameters with colons will not be handled as you expect. Again,
nothing I can do about this.
2016-05-01 03:48:00 -05:00
William Pitcock
998b6ec513
stage for charybdis 4-beta1.
2016-04-30 19:58:14 -05:00
William Pitcock
9cd0063a2c
librb: fix commio build on win32
2016-04-30 19:33:31 -05:00
William Pitcock
b585278b32
authd: provider: make refcounting system less fragile
2016-04-30 19:26:02 -05:00
William Pitcock
a71b65b15c
Revert "authd: change to lists instead of dictionaries for various things"
...
This reverts commit 49fd293f20
.
2016-04-30 19:20:12 -05:00
Aaron Jones
92404a1a98
[openssl] Forward-port some more cleanups from fixes to 3.5
2016-04-30 21:45:16 +00:00
Simon Arlott
3b0b4037d0
authd: don't decrement refcount twice when accepting the client
2016-04-30 17:06:21 +01:00
Simon Arlott
896370cc3e
m_stats: don't try to access bl_stats if it doesn't exist
2016-04-30 13:18:48 +01:00
Simon Arlott
3c5f720c6f
authd_check: don't try to update bl_stats if it doesn't exist
...
This can happen if all the blacklists are removed and then authd
sends a blacklisted response for a client.
2016-04-30 13:18:06 +01:00
Simon Arlott
4573f8f2fb
authproc: don't try to delete bl_stats if it hasn't been created
2016-04-30 13:11:06 +01:00
Simon Arlott
8a29e7cd1e
librb: shutdown() listening sockets pending close() so that listeners can be reopened reliably
2016-04-30 11:36:28 +01:00
Elizabeth Myers
c767c58b2a
opm: use rb_dlinkDelete instead of rb_dlinkFindDelete.
2016-04-30 01:59:05 -05:00
Elizabeth Myers
49fd293f20
authd: change to lists instead of dictionaries for various things
...
Iteration is the primary thing done on these, so using a dictionary
doesn't help a lot. Furthermore (and most importantly), they are not
safe to delete from.
2016-04-30 01:59:05 -05:00
William Pitcock
d71787ab69
librb: rb_path_to_self(): use sysctl(2) interface on freebsd/dragonfly
2016-04-30 01:19:08 -05:00
Elizabeth Myers
e7c4ecd5b1
authproc: don't delete during iteration, this is not safe.
2016-04-30 01:11:56 -05:00
William Pitcock
a2bfe0f88e
librb: linebuf: don't reinvent rb_dlinkAddTailAlloc().
2016-04-30 00:59:08 -05:00
Elizabeth Myers
9f7f75295c
authd: don't try to do anything on exit, it's too precarious
2016-04-30 00:46:18 -05:00
William Pitcock
5a775221d2
tools: fix stub rb_strcasecmp() build
2016-04-29 19:52:19 -05:00
William Pitcock
b5f3e5e5e8
ircd: Channel.bants is not a serial but a timestamp.
...
Previously, the IRCd would increment bants instead of resyncing the timestamp, causing the potential of
false negatives from the bancache system.
2016-04-29 18:59:32 -05:00
Simon Arlott
ff0414c856
librb: close FDs when they're freed (outside of select handler)
2016-04-29 16:19:08 -05:00
Aaron Jones
fed4fc59bc
Mention another RFC with regard to deprecating plaintext
2016-04-29 16:28:18 +00:00