summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-06-28Use TimingSafeCompare() to compare passwords and password hashes (non-hmac only)Attila Molnar
Issue #882
2014-06-28Add InspIRCd::TimingSafeCompare() function that compares strings in a ↵Attila Molnar
timing-safe way
2014-06-28m_spanningtree Send the cert fingerprint message to opers only after ↵Attila Molnar
successful auth
2014-06-28Check fingerprint before checking password (server linking)Matthew Martin
Checking the password before the fingerprint means that even without the correct cert it's possible to brute force the password or leak information about it. Checking the fingerprint means attackers must forge the cert before they can learn any information about the password.
2014-06-28Add man pages.Peter Powell
2014-06-28Add systemd service file.Peter Powell
2014-06-28Fix warning from gnutls-certtool about --bits being deprecated.Peter Powell
This patch has made me extremely grateful for git-blame as the GnuTLS developers apparently do not document when deprecation warnings are introduced.
2014-06-28Ignore safe compiler warnings in a more reliable way.Peter Powell
2014-06-25Add parameter to InspIRCd::TimeString for UTC time formats.Peter Powell
Missing doc added by @attilamolnar
2014-06-25Add formatting to InspIRCd::TimeString; switch all code to use it.Peter Powell
m_httpd also now uses the correct timestamp format. Windows-specific fixes by @attilamolnar, original PR #849
2014-06-24Inherit ThreadQueueData from Mutex to avoid duplicating codeAttila Molnar
2014-06-24Remove empty Thread destructorAttila Molnar
2014-06-24threadengine_win32 Don't ask for the thread id of newly created threads ↵Attila Molnar
pointlessly
2014-06-24Move and rename class ThreadData to ThreadEngine::ThreadStateAttila Molnar
2014-06-24Move and rename ThreadData::FreeThread() to ThreadEngine::Stop() and ↵Attila Molnar
document what it does
2014-06-24Make Thread::state privateAttila Molnar
2014-06-24Change allocation of ThreadData to be physically part of the object ↵Attila Molnar
containing it
2014-06-24Remove empty ThreadEngine constructors and destructorsAttila Molnar
2014-06-24Remove the unused ThreadEngine::GetName() method from both implementationsAttila Molnar
2014-06-24Change allocation of InspIRCd::Users to be physically part of the object ↵Attila Molnar
containing it using fakederef
2014-06-24Change allocation of InspIRCd::SNO to be physically part of the object ↵Attila Molnar
containing it using fakederef
2014-06-24Remove now needless dynref_init_completeAttila Molnar
ModuleManager is constructed when ServerInstance is non-NULL, test that instead
2014-06-24Change allocation of InspIRCd::Modules to be physically part of the object ↵Attila Molnar
containing it using fakederef
2014-06-24Change allocation of InspIRCd::Logs to be physically part of the object ↵Attila Molnar
containing it using fakederef
2014-06-24Change allocation of InspIRCd::Modes to be physically part of the object ↵Attila Molnar
containing it using fakederef
2014-06-24Add the fakederef classAttila Molnar
2014-06-22Change all occurrences of plain sort() to std::sort()Attila Molnar
2014-06-22core_userhost Show real host if the target is the same as the user doing the ↵Attila Molnar
/USERHOST
2014-06-22core_userhost Append data to the output in a saner wayAttila Molnar
2014-06-22core_userhost Do the HasPrivPermission() check only once, not once per nickAttila Molnar
2014-06-22core_ison Use iteratorsAttila Molnar
2014-06-22core_ison Extract duplicated code into a functionAttila Molnar
Change append(" ") to push_back(' ')
2014-06-22core_ison Truncate string after sending it on overflow instead of recreating itAttila Molnar
2014-06-22core_ison Don't deduplicate nicksAttila Molnar
Deduplication makes us do pointless processing for every ISON and offers no benefit at all to proper clients that send a nick only once
2014-06-22core_ison Remove check that is always trueAttila Molnar
2014-06-22core_list Improve readability by assigning the Channel being inspected to a ↵Attila Molnar
variable
2014-06-22core_list Check whether the chan name/topic has to be Match()ed once, not ↵Attila Molnar
once per chan
2014-06-22core_list Do the HasPrivPermission() check only once, not once per chanAttila Molnar
2014-06-20Check Q-Lines on nick change in core_xlineAttila Molnar
2014-06-20Reject nickname case changes too when enforcing <security:restrictbannedusers>Attila Molnar
2014-06-20Change the type of the user parameter in the OnUserPreNick() hook from User ↵Attila Molnar
to LocalUser No remote users were passed to this hook before. Remove needless IS_LOCAL() checks.
2014-06-20Increment serverstats::Collisions when a collision is handled, not when a ↵Attila Molnar
module denies a nick change
2014-06-17m_spanningtree Share server description updates via SINFO descAttila Molnar
2014-06-17Update the description field in the Server object representing the local ↵Attila Molnar
server on rehash
2014-06-17m_spanningtree Remove server-to-server VERSION handlerAttila Molnar
2014-06-17m_spanningtree Translate SINFO version to VERSION and vice versa for 1202 ↵Attila Molnar
protocol servers
2014-06-17m_spanningtree Exchange public server version strings via SINFO instead of ↵Attila Molnar
VERSION
2014-06-17m_spanningtree Show the full version string of servers to opersAttila Molnar
Issue #637, suggested by @CuleX
2014-06-17m_spanningtree Send and receive full version strings via SINFOAttila Molnar
2014-06-17m_spanningtree Add a field to TreeServer for storing full version stringsAttila Molnar