1
0
forked from bip/bip

478 Commits

Author SHA1 Message Date
eaed46da14
Merge branch 'path_test_use_stat' 2018-03-22 02:37:38 +01:00
025689d807
Merge branch 'dh_param_not_mandatory' 2018-03-22 02:37:23 +01:00
7834471f78
default value isn't used when path doesn't exist 2018-03-22 02:33:25 +01:00
13b2e37635
DH parameters are not always required
for example ECDHE ciphers doesn't require DH parameters.

Closes #499
2018-03-22 02:33:19 +01:00
3afb16d795
checking path: use stat
fopen was used because it's stdlib but stat is already used in other
parts
2018-03-21 11:54:20 +01:00
348737fab5
Fix path construction
Thanks to Renzokuken for pointing that !
Closes #610
2018-03-21 11:09:48 +01:00
96f0403a2a
remove useless calls to FREE
MOVE_STRING macro is used in order to initialize parameters, this
macro calls free when necessary.
2018-02-19 20:08:26 +01:00
83d7f2acbe
Add missing call to MAYFREE 2018-02-19 20:07:38 +01:00
Pierre-Louis Bonicoli
dbe19d9387
Handle no defined users 2018-02-19 20:05:32 +01:00
Adam Williamson
2ecd82f011
Fix some 'const const char' declarations
That's one two many consts...recent GCC blips on this.

Signed-off-by: Pierre-Louis Bonicoli <pierre-louis.bonicoli@libregerbil.fr>
2017-07-26 02:46:26 +02:00
Pierre-Louis Bonicoli
2e81cca480 Check value returned by X509_OBJECT_new()
Reported by Alexander Couzens, thanks to him !
2016-11-12 01:09:40 +01:00
Pierre-Louis Bonicoli
e452c023ad X509_OBJECT_new: call X509err
mimic behavior of X509_OBJECT_new provided by OpenSSL >= 1.1
2016-11-12 01:09:40 +01:00
Pierre-Louis Bonicoli
6b38449875 Allow to set DH parameters 2016-11-07 17:50:20 +01:00
Pierre-Louis Bonicoli
5db61f3982 Allow to set oidentd path 2016-11-07 11:26:22 +01:00
Pierre-Louis Bonicoli
e8b5d02f13 Add missing call to SSL_CTX_free 2016-11-07 11:25:47 +01:00
Pierre-Louis Bonicoli
406ebacfe5 check value returned by SSL_CTX_new 2016-11-07 11:25:44 +01:00
Pierre-Louis Bonicoli
ab8e5eece1 Add cipher specifications setting
Allow to configure cipher specifications for the listening bip
connection and for each outgoing IRC connection.

Closes #301
2016-11-07 11:25:37 +01:00
Pierre-Louis Bonicoli
20f39abc56 bipdir improvements
- more documentation
- don't die if environment variable $HOME isn't defined but '-s'
  parameter is used
- oidentd: change path, file is located in bipdir
2016-11-07 11:25:34 +01:00
Pierre-Louis Bonicoli
39414f8ff9 Handle OpenSSL version 1.1
adding forward-compatible code to older versions
2016-06-29 19:40:32 +02:00
Pierre-Louis Bonicoli
148b38a953 Prefixes and usermodes were inverted 2015-09-11 11:31:37 +02:00
Pierre-Louis Bonicoli
209b9a7cd7 Add missing terminating null byte
Reported by Trou, thanks to him !
Closes #477
2015-09-11 11:31:32 +02:00
Pierre-Louis Bonicoli
5594e69bf6 Use a new logfile when day changed 2015-09-11 11:22:32 +02:00
Pierre-Louis Bonicoli
bdec94020e Use monotonic time 2015-09-11 11:22:21 +02:00
Pierre-Louis Bonicoli
34baf6e841 Always call bip_tick when select timeout 2015-09-11 11:21:52 +02:00
Pierre-Louis Bonicoli
4eec084452 Allow to configure the delay before a reconnection
Initial patch submitted by Romain Gayon, thanks to him !
2014-12-11 18:19:11 +01:00
Pierre-Louis Bonicoli
73483ff088 Handle PREFIX defined in ISUPPORT
ISUPPORT is a de facto standard extension to IRC.
Available prefixes and usermodes are handled at the connection
level (link_level struct).
2014-12-11 16:50:18 +01:00
Pierre-Louis Bonicoli
e88d7da760 Handle CHANMODES defined in ISUPPORT
ISUPPORT is a de facto standard extension to IRC.
chanmodes are handled at the connection level (link_level struct).
2014-12-11 16:50:17 +01:00
Pierre-Louis Bonicoli
fda9fccb85 Handle unlikely case: "CAPAB" present twice
If "CAPAB" element were present twice, a wrong element would be removed.
2014-12-11 16:50:17 +01:00
Pierre-Louis Bonicoli
db27168c76 Avoid unnecessary test
The first element is "005", it cannot be "CAPAB".
2014-12-11 16:50:05 +01:00
Pierre-Louis Bonicoli
f7ace64abe Remove dead links from the list of all links
Fix segfault that occurs when bip admin users use:
/BIP DEL_CONN <connection name>
/BIP ADD_CONN <connection name> <network>

Closes #325
2014-12-11 16:40:28 +01:00
Adam Williamson
88242715f4 allow for certificate store to be unspecified in CA mode
In many cases, using OpenSSL's default certificate store is fine
and even preferred. If your OpenSSL provider (e.g. your
distribution) is competent, they will manage this database
better than you likely will. With this change, bip will
attempt to use the default certificate store if you set
CA mode but do not specify a certificate store location.

This could be refined to test after enabling the default paths
whether the certificate store is empty, and error/warn if
so.
2014-12-11 14:50:02 +01:00
Adam Williamson
89295ca4b2 check whether trust store is a file or directory in CHECK_CA
The existing code only allows you to provide a set of trusted
CA certificates as an openssl 'CApath'-type directory. Fedora,
RHEL (and derived distros) and probably other distros provide
a system-wide database of trusted CA certs in various bundle
formats, but not as a CApath-type directory. This checks whether
check_store is a file or directory and loads it appropriately,
when initializing an SSL connection.

Note that there is code elsewhere which assumes the trust store
will be a file, but that code is hit only in CHECK_BASIC mode.
This change applies only to CHECK_CA mode.
2014-12-11 14:49:53 +01:00
Pierre-Louis Bonicoli
e0b63528f2 Channel modes: 'Type B' flags always have a value
even when removed.
Refs #345
2014-09-04 10:32:04 +02:00
Pierre-Louis Bonicoli
d2fa844960 Channel mode: handle flags 'f' and 'j'
Closes #345
2014-09-04 10:32:00 +02:00
Pierre-Louis Bonicoli
8d3539a7d0 Fix --without-openssl build
Reported & fixed by Whoopie, thanks to him !
Closes #313
2013-11-04 08:49:06 +01:00
Marc Dequènes (Duck)
8b98c3746e Compatibility fix with bison 2.6
Bison 2.6 now declares yyparse in the generated header. This fix
ensure it still works for older versions.

Reported in Debian#710614
2013-10-18 17:31:47 +02:00
Nathan Phillip Brink
71801fb3d2 Throttle almost everything (except PING, PONG, and certain QUIT messages) sent to the IRCd.
Fixes being killed for Excess Flooding on freenode by using the
existing fakelag mechanism. The existing fakelag works great but
was just not hooked into earlier.

Closes #191
2013-10-18 17:22:08 +02:00
Pierre-Louis Bonicoli
2c390390ed Password cannot contain spaces. Closes #265.
Thanks to Tim Hansen for reporting this bug.
2012-01-25 05:18:59 +01:00
Pierre-Louis Bonicoli
df45c4c2d6 Closes #261. Fix by Thijs Alkemade.
- use conf_global_log_file instead of stderr
- when a SSL handshake error occurs, close socket
2012-01-25 05:08:52 +01:00
Pierre-Louis Bonicoli
f1bec50a9c Revert f19e1f6. Fix #252.
f19e1f6 introduces a regression (#252) and bug described in commit
message can not be reproduced.
2012-01-25 04:03:18 +01:00
Pierre-Louis Bonicoli
222a33cb84 Buffer Overflow: check against the implicit size of select() arrays
Reported by Julien Tinnes (Fix #269)
exit is called when the listening socket can not be created
2012-01-23 22:38:59 +01:00
Pierre-Louis Bonicoli
975ccac0b1 delete generated file 2011-10-24 23:45:01 +02:00
Arnaud Fontaine
a46b8bd2c2 Fix GCC warnings. 2011-10-24 23:44:43 +02:00
Arnaud Fontaine
0da434d126 Fix GCC warnings. 2011-10-04 00:30:07 +02:00
Nathan Phillip Brink
7e1c80a65a Use 'make dist' instead of 'git archive' to create a release or snapshot tarball. 2011-09-14 06:28:14 +02:00
Pierre-Louis Bonicoli
84fa6c7eb0 Fix typo in assertion message 2011-05-23 04:36:58 +02:00
Pierre-Louis Bonicoli
b2dde370d6 Improve 'trust ok' command
if a client send "TRUST OK" to bip and all connexions are already trusted,
reply "No untrusted certificates." instead of "Unknown command"
2011-05-23 04:01:27 +02:00
Pierre-Louis Bonicoli
46c599d92e Add -git to version string. 2011-04-12 02:21:25 +02:00
Pierre-Louis Bonicoli
e730a96cd8 Update src/version.h and Changelog for release. 2011-04-12 02:21:24 +02:00
Pierre-Louis Bonicoli
f19e1f6209 Fix backlog of queries when option 'log' is False
Issue #212
2011-04-12 01:08:41 +02:00