0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-11-09 19:41:22 +01:00
Commit graph

87 commits

Author SHA1 Message Date
Aaron Jones
cf12678be5
[openssl] More improvements to the backend
* Don't manually initialise libssl 1.1.0 -- it does this automatically
* SSL_library_init() should be called first otherwise
* Move SSL_CTX construction to rb_setup_ssl_server()
* Test for all required files (certificate & key) before doing anything
* Free the old CTX before constructing a new one (Fixes #186)
* Don't try to set options / ciphers etc on a NULL CTX
* Clean up ifdef indentation
* Fix DH parameters memory leak
2016-04-29 16:26:52 +00:00
Simon Arlott
f9014791da
openssl: set ciphers on client connections too 2016-04-29 07:42:12 +01:00
Aaron Jones
6a7ea191a7
[mbedtls] correct printf argument count
[ci skip]
2016-04-27 22:11:19 +00:00
Aaron Jones
b28c26d965
Partially revert previous commit
The OpenSSL backend is the only one that assigns a non-constant
value to the length variable. Use the correct type for its
pointer and cast instead.

[ci skip]
2016-04-27 21:49:55 +00:00
Aaron Jones
e3760ba710
[TLS backends] Miscellaneous fixes
* Certificate fingerprint length functions return an "int", so use an
  int when calculating the length
* Clean up the OpenSSL certificate fingerprint if() and indentation mess
2016-04-27 21:45:19 +00:00
Simon Arlott
d6acb43769
openssl: don't allow certificates outside the validity period 2016-04-27 22:03:49 +01:00
Simon Arlott
c53b6ef2cc
epoll: don't try to read from closed FDs 2016-04-27 21:16:29 +01:00
Aaron Jones
b1f0549361
[openssl] support ECDHE on more than one curve when possible 2016-04-27 16:17:33 +00:00
Simon Arlott
0346918701
add mkfingerprint program 2016-04-26 20:49:03 +01:00
Simon Arlott
31646e89ba
librb: gnutls: check return value of fread() 2016-04-26 20:33:17 +01:00
Simon Arlott
e1f16ce22e
openssl: accept more certificate verify errors as valid 2016-04-25 20:38:39 +01:00
Simon Arlott
5ad62c80ee
librb: remove socklen parameter from rb_connect_tcp 2016-04-24 17:11:20 +01:00
Simon Arlott
cf430c1a40
ssld: Add new certfp_methods spki_sha256 and spki_sha512
These operate on the SubjectPublicKeyInfo of the certificate, which does
change unless the private key is changed. This allows the fingerprint to
stay constant even if the certificate is reissued.

(The same fingerprint is also used by DANE)
2016-04-23 22:51:05 +01:00
Simon Arlott
7da82465a8
librb: mbedtls: fix rb_get_ssl_certfp()
Add missing break statements.
Return the hash length on success.
2016-04-23 22:45:13 +01:00
Simon Arlott
bf3bcbb5b2
librb: fix mbedtls library order
libmbedtls depends on libmbedx509 and libmbedcrypto
libmbedx509 depends on libmbedcrypto

They have to be specified in the correct order for the GNU linker to work.
2016-04-23 22:13:03 +01:00
Elizabeth Myers
c9b6f58349 Name the fallback strncasecmp properly [ci skip] 2016-04-10 17:28:20 -05:00
Elizabeth Myers
ea3168fff8 whoops, fix a typo 2016-04-10 17:26:09 -05:00
Elizabeth Myers
8b813d3060 Replace my shitty fallbacks with those from FreeBSD 2016-04-10 17:25:32 -05:00
Elizabeth Myers
efc4b18c78 *sigh* comment these out until travis is fixed. 2016-04-10 17:12:42 -05:00
Elizabeth Myers
c5514ce8ee Add these for now until travis actually gets their shit together. 2016-04-10 17:07:33 -05:00
Elizabeth Myers
238db37776 Get rid of install-sh and use shtoolize to create them.
Contributed by jackal^
2016-04-10 16:49:42 -05:00
Elizabeth Myers
9af0d38291 librb: minor adjustments to rb_strcasestr fallback to avoid warnings. 2016-04-10 10:10:46 -05:00
Elizabeth Myers
b376d0fd46 Properly clean up build artifacts.
Author: jackal^ from freenode
2016-04-09 04:55:57 -05:00
Elizabeth Myers
4eafa9e62f ipv4_from_ipv6: move to librb 2016-04-08 03:49:23 -05:00
Elizabeth Myers
508e25a85b librb: add versions of rb_strcasecmp, rb_strncasecmp, and rb_strcasestr.
The first two are POSIX but not standard (Windows has functions that act
like it, so use them), but the latter is non-standard, full stop.
2016-04-05 05:33:43 -05:00
Elizabeth Myers
731d128990 authd: rework module ID system
Provider ID's are now assigned dynamically at load-time. To accomodate
this, there is now a lookup system for finding providers by name (all
providers have names as well).
2016-04-05 04:31:22 -05:00
Elizabeth Myers
0e651b1441 librb: rb_run_event -> rb_run_one_event
This is to avoid confusion with rb_event_run, which does something else.
2016-04-02 23:38:28 -05:00
Elizabeth Myers
f8ef4b8dd6 win32: change from ircd-ratbox-class to charybdis-class 2016-04-02 23:19:38 -05:00
Elizabeth Myers
d86692fa44 Add new sockaddr_storage port retrieval/setting macros
These macros are safe for use on IPv6 and clean up a lot of code.
2016-03-31 03:00:29 -05:00
Elizabeth Myers
7b2c764f59 librb: don't include linux/tcp.h, that's already included 2016-03-31 01:16:34 -05:00
Elizabeth Myers
468ef960f8 opm: don't assume we have netinet/tcp.h
Instead, check for it in librb
2016-03-31 01:08:38 -05:00
William Pitcock
a20190d5ea librb: fix rb_path_to_self() dlinfo variant 2016-03-30 14:33:39 -05:00
Elizabeth Myers
42c5dd7e01 serno.h: remove it with make clean. 2016-03-25 11:47:02 -05:00
William Pitcock
ac2f2189f9 librb: define RB_PATH_SEPARATOR 2016-03-24 18:21:11 -05:00
Elizabeth Myers
491b3b39d5 cleanup: u_long -> unsigned long 2016-03-23 22:03:24 -05:00
Matt Ullman
c056dba233 Remove the rest of the SVN id tags 2016-03-23 20:13:12 -04:00
Matt Ullman
4b11f39115 Move away from BSD data types 2016-03-23 19:11:42 -04:00
Elizabeth Myers
3d1df26cdd librb/ports: ungimp thing. 2016-03-23 12:06:26 -05:00
Elizabeth Myers
3a1f645bed misc solaris fixes 2016-03-23 12:04:46 -05:00
Elizabeth Myers
2fc6772ee1 typedef-ify rb_radixtree for consistency. 2016-03-23 08:32:22 -05:00
Elizabeth Myers
4177311e6e Change struct Dictionary(*) to rb_dictionary(_\1).
This cleans things up a slightly and puts the dictionary stuff in its
own namespace.
2016-03-23 08:09:58 -05:00
Elizabeth Myers
56f84dedf7 DICTIONARY_FOREACH → RB_DICTIONARY_FOREACH
This is in librb and therefore should be prefixed.
2016-03-23 07:45:44 -05:00
Matt Ullman
e23126c83b Cleanup warnings 2016-03-21 22:28:41 -04:00
William Pitcock
87b20cbb75 librb: use readlink(2) on linux for the direct path instead of dlinfo 2016-03-21 21:26:28 -05:00
William Pitcock
b7c7f290c7 librb: provide rb_path_to_self() on windows 2016-03-21 21:20:50 -05:00
William Pitcock
790e4dce4e librb: add rb_path_to_self(), which provides fairly reliable runtime path detection 2016-03-21 21:11:53 -05:00
William Pitcock
36b3cff77f configure: fix msys checks 2016-03-20 22:06:54 -05:00
William Pitcock
e452b26e46 librb: configure: tolerate older msys versions having wrong uname -a output 2016-03-20 22:01:17 -05:00
Elizabeth Myers
98793cc9e4 librb: remove an experiment I had.
This won't really work on 32-bit architectures due to pointer
truncation. In any case, I wasn't planning on using it for this reason,
it was simply something I tinkered with.
2016-03-20 10:28:35 -05:00
William Pitcock
eb55877548 librb: fix socklen_t check 2016-03-20 04:24:30 -05:00