[2.0] Invalidate the caches properly when User::SetClientIP is called.
compiler:
- - "clang"
- - "gcc"
-language: "cpp"
+ - clang
+ - gcc
+dist: trusty
+env:
+ - PURE_STATIC=1
+ -
+language: cpp
notifications:
email: false
-os:
- - "linux"
- - "osx"
script:
- - "sh ./tools/travis-ci.sh"
+ - sh ./tools/travis-ci.sh
sudo: required
BEGIN {
require 5.8.0;
+ push @INC, '.';
}
use strict;
{
$config{CC} = $opt_cc;
}
-our $exec = $config{CC} . " -dumpversion | cut -c 1";
-chomp($config{GCCVER} = `$exec`); # Major GCC Version
-$exec = $config{CC} . " -dumpversion | cut -c 3";
-chomp($config{GCCMINOR} = `$exec`);
+`$config{CC} -dumpversion` =~ /^(\d+)(?:\.(\d+))?/;
+$config{GCCVER} = defined $1 ? $1 : '';
+$config{GCCMINOR} = defined $2 ? $2 : '0';
$config{MAXBUF} = "512"; # Max buffer size
if ($config{HAS_OPENSSL} =~ /^([-[:digit:].]+)(?:[a-z])?(?:\-[a-z][0-9])?/) {
$config{SYSTEM} = lc $^O;
print "Checking operating system version... $config{SYSTEM}\n";
-$exec = $config{CC} . " -dumpversion | cut -c 1";
-chomp($config{GCCVER} = `$exec`); # Major GCC Version
-$exec = $config{CC} . " -dumpversion | cut -c 3";
-chomp($config{GCCMINOR} = `$exec`);
+`$config{CC} -dumpversion` =~ /^(\d+)(?:\.(\d+))?/;
+$config{GCCVER} = defined $1 ? $1 : '';
+$config{GCCMINOR} = defined $2 ? $2 : '0';
printf "Checking if stdint.h exists... ";
$config{HAS_STDINT} = test_compile('stdint');
}
chomp(my $foo = `$config{CC} -dumpversion | cut -c 1`);
if ($foo ne "") {
- chomp($config{GCCVER} = `$config{CC} -dumpversion | cut -c 1`); # we must redo these if we change compilers
- chomp($config{GCCMINOR} = `$config{CC} -dumpversion | cut -c 3`);
+ `$config{CC} -dumpversion` =~ /^(\d+)(?:\.(\d+))?/;
+ $config{GCCVER} = defined $1 ? $1 : '';
+ $config{GCCMINOR} = defined $2 ? $2 : '0';
print "Queried compiler: \e[1;32m$config{CC}\e[0m (version \e[1;32m$config{GCCVER}.$config{GCCMINOR}\e[0m)\n";
if ($config{GCCVER} < 3) {
print "\e[1;32mGCC 2.x WILL NOT WORK!\e[0m. Let's try that again, shall we?\n";
open(FILEHANDLE, ">include/inspircd_config.h.tmp");
print FILEHANDLE <<EOF;
/* Auto generated by configure, do not modify! */
-#ifndef __CONFIGURATION_AUTO__
-#define __CONFIGURATION_AUTO__
+#ifndef INSPIRCD_CONFIG_H
+#define INSPIRCD_CONFIG_H
/* this is for windows support. */
#define CoreExport /**/
}
if ($config{OSNAME} !~ /DARWIN/i) {
print FILEHANDLE "#define HAS_CLOCK_GETTIME\n";
+ } else {
+ print FILEHANDLE "#ifdef MAC_OS_X_VERSION_10_12\n";
+ print FILEHANDLE "# define HAS_CLOCK_GETTIME\n";
+ print FILEHANDLE "#endif\n";
}
my $use_hiperf = 0;
if (($has_kqueue) && ($config{USE_KQUEUE} eq "y")) {
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Chanprotect module: Gives +q and +a channel modes.
+#
+# IMPORTANT: This module has been removed in the next major version of
+# InspIRCd. You should use m_customprefix instead.
#<module name="m_chanprotect.so">
<chanprotect
# key3, key4; the values must be less than 0x80000000 and should be #
# picked at random. Prefix is mandatory, will default to network name #
# if not specified, and will always have a "-" appended. #
+# #
+# IMPORTANT: The compat-host and compat-ip modes have been removed in #
+# the next major version of InspIRCd. You should ONLY use them if you #
+# need backwards compatibility with InspIRCd 1.2. #
#
#<cloak mode="half"
# key="secret"
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# Halfop module: Provides the +h (halfops) channel status mode.
+#
+# IMPORTANT: This module has been removed in the next major version of
+# InspIRCd. You should use m_customprefix instead.
#<module name="m_halfop.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
# binddn="cn=Manager,dc=brainbox,dc=cc" #
# bindauth="mysecretpass" #
# verbose="yes" #
-# host="$uid.$ou.inspircd.org"> #
+# host="$uid.$ou.inspircd.org" #
+# useusername="no"> #
# #
# <ldapwhitelist cidr="10.42.0.0/16"> #
# #
# The attribute value indicates the attribute which is used to locate #
# a user account by name. On POSIX systems this is usually 'uid'. #
# #
+# The useusername setting chooses whether the user's username or #
+# nickname is used when locating a user account, if a username isn't #
+# provided in PASS. #
+# #
# The server parameter indicates the LDAP server to connect to. The #
# ldap:// style scheme before the hostname proper is MANDATORY. #
# #
#
#-#-#-#-#-#-#-#-#-# SECURELIST CONFIGURATION -#-#-#-#-#-#-#-#-#-#-#-#-#
# #
-# Securelist can be harmful to some IRC search engines such as #
-# netsplit.de and searchirc.com. To prevent securelist blocking these #
-# sites from listing, define exception tags as shown below: #
-#<securehost exception="*@*.searchirc.org">
+# Securelist can be harmful to some IRC search engines. To prevent #
+# securelist blocking these sites from listing, define exception tags #
+# as shown below: #
#<securehost exception="*@*.netsplit.de">
-#<securehost exception="*@echo940.server4you.de">
#<securehost exception="*@*.ircdriven.com">
+#<securehost exception="*@*.irc-source.com">
# #
# Define the following variable to change how long a user must wait #
# before issuing a LIST. If not defined, defaults to 60 seconds. #
# SSL channel mode module: Adds support for SSL-only channels via
# channel mode +z and the 'z' extban which matches SSL client
# certificate fingerprints.
-# Does not do anything useful without a working SSL module (see below).
+# Does not do anything useful without a working SSL module and the
+# m_sslinfo module (see below).
#<module name="m_sslmodes.so">
#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
* Actually no, it does nothing. Never mind.
* @throws Nothing!
*/
- virtual ~CoreException() throw() {};
+ virtual ~CoreException() throw() {}
/** Returns the reason for the exception.
* The module should probably put something informative here as the user will see this upon failure.
*/
obj/ld-extra.cmd: $core_src
\@\$(SOURCEPATH)/make/unit-cc.pl gen-ld\$(VERBOSE) \$\@ \$^ \$>
-bin/inspircd: obj/ld-extra.cmd $core_mk
+bin/inspircd: $core_mk obj/ld-extra.cmd
\@\$(SOURCEPATH)/make/unit-cc.pl static-ld\$(VERBOSE) \$\@ \$^ \$>
inspircd: bin/inspircd
use make::configure;
BEGIN {
+ push @INC, '.';
unless (module_installed("LWP::Simple")) {
die "Your system is missing the LWP::Simple Perl module!";
}
};
-static Channel* get_first_visible_channel(User *u)
+static Channel* get_first_visible_channel(User *source, User *u)
{
UCListIter i = u->chans.begin();
while (i != u->chans.end())
{
Channel* c = *i++;
- if (!c->IsModeSet('s'))
+
+ /* XXX move the +I check into m_hidechans */
+ if (source == u || !(c->IsModeSet('s') || c->IsModeSet('p') || u->IsModeSet('I')) || c->HasUser(source))
return c;
}
return NULL;
void CommandWho::SendWhoLine(User* user, const std::vector<std::string>& parms, const std::string &initial, Channel* ch, User* u, std::vector<std::string> &whoresults)
{
if (!ch)
- ch = get_first_visible_channel(u);
+ ch = get_first_visible_channel(user, u);
std::string wholine = initial + (ch ? ch->name : "*") + " " + u->ident + " " +
(opt_showrealhost ? u->host : u->dhost) + " ";
}
RAIILDAPMessage msg;
- std::string what = (attribute + "=" + (useusername ? user->ident : user->nick));
- if ((res = ldap_search_ext_s(conn, base.c_str(), searchscope, what.c_str(), NULL, 0, NULL, NULL, NULL, 0, &msg)) != LDAP_SUCCESS)
+ std::string what;
+ std::string::size_type pos = user->password.find(':');
+ // If a username is provided in PASS, use it, othewrise user their nick or ident
+ if (pos != std::string::npos)
{
- // Do a second search, based on password, if it contains a :
- // That is, PASS <user>:<password> will work.
- size_t pos = user->password.find(":");
- if (pos != std::string::npos)
- {
- // manpage says we must deallocate regardless of success or failure
- // since we're about to do another query (and reset msg), first
- // free the old one.
- msg.dealloc();
-
- std::string cutpassword = user->password.substr(0, pos);
- res = ldap_search_ext_s(conn, base.c_str(), searchscope, cutpassword.c_str(), NULL, 0, NULL, NULL, NULL, 0, &msg);
-
- if (res == LDAP_SUCCESS)
- {
- // Trim the user: prefix, leaving just 'pass' for later password check
- user->password = user->password.substr(pos + 1);
- }
- }
+ what = (attribute + "=" + user->password.substr(0, pos));
- // It may have found based on user:pass check above.
- if (res != LDAP_SUCCESS)
- {
- if (verbose)
- ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (LDAP search failed: %s)", user->GetFullRealHost().c_str(), ldap_err2string(res));
- return false;
- }
+ // Trim the user: prefix, leaving just 'pass' for later password check
+ user->password = user->password.substr(pos + 1);
+ }
+ else
+ {
+ what = (attribute + "=" + (useusername ? user->ident : user->nick));
+ }
+ if ((res = ldap_search_ext_s(conn, base.c_str(), searchscope, what.c_str(), NULL, 0, NULL, NULL, NULL, 0, &msg)) != LDAP_SUCCESS)
+ {
+ if (verbose)
+ ServerInstance->SNO->WriteToSnoMask('c', "Forbidden connection from %s (LDAP search failed: %s)", user->GetFullRealHost().c_str(), ldap_err2string(res));
+ return false;
}
if (ldap_count_entries(conn, msg) > 1)
{
std::string dnPart;
while (stream.GetToken(dnPart))
{
- std::string::size_type pos = dnPart.find('=');
+ pos = dnPart.find('=');
if (pos == std::string::npos) // malformed
continue;
realhost("cgiirc_realhost", Creator), realip("cgiirc_realip", Creator),
webirc_hostname("cgiirc_webirc_hostname", Creator), webirc_ip("cgiirc_webirc_ip", Creator)
{
+ allow_empty_last_param = false;
works_before_reg = true;
this->syntax = "password client hostname ip";
}
if(user->registered == REG_ALL)
return CMD_FAILURE;
+ irc::sockets::sockaddrs ipaddr;
+ if (!irc::sockets::aptosa(parameters[3], 0, ipaddr))
+ {
+ IS_LOCAL(user)->CommandFloodPenalty += 5000;
+ ServerInstance->SNO->WriteGlobalSno('a', "Connecting user %s tried to use WEBIRC but gave an invalid IP address.", user->GetFullRealHost().c_str());
+ return CMD_FAILURE;
+ }
+
for(CGIHostlist::iterator iter = Hosts.begin(); iter != Hosts.end(); iter++)
{
if(InspIRCd::Match(user->host, iter->hostmask, ascii_case_insensitive_map) || InspIRCd::MatchCIDR(user->GetIPString(), iter->hostmask, ascii_case_insensitive_map))
}
}
+ IS_LOCAL(user)->CommandFloodPenalty += 5000;
ServerInstance->SNO->WriteGlobalSno('a', "Connecting user %s tried to use WEBIRC, but didn't match any configured webirc blocks.", user->GetFullRealHost().c_str());
return CMD_FAILURE;
}
{
std::string chost;
+ irc::sockets::sockaddrs hostip;
+ bool host_is_ip = irc::sockets::aptosa(host, ip.port(), hostip) && hostip == ip;
+
switch (mode)
{
case MODE_COMPAT_HOST:
{
- if (ipstr != host)
+ if (!host_is_ip)
{
std::string tail = LastTwoDomainParts(host);
break;
case MODE_HALF_CLOAK:
{
- if (ipstr != host)
+ if (!host_is_ip)
chost = prefix + SegmentCloak(host, 1, 6) + LastTwoDomainParts(host);
if (chost.empty() || chost.length() > 50)
chost = SegmentIP(ip, false);
int i = countExt.get(them);
if (i)
countExt.set(them, i - 1);
- // Now we calculate the bitmask: 256*(256*(256*a+b)+c)+d
- if(result.length())
+ // All replies should be in 127.0.0.0/8
+ if (result.compare(0, 4, "127.") == 0)
{
unsigned int bitmask = 0, record = 0;
bool match = false;
switch (ConfEntry->type)
{
case DNSBLConfEntry::A_BITMASK:
+ // Now we calculate the bitmask: 256*(256*(256*a+b)+c)+d
bitmask = resultip.s_addr >> 24; /* Last octet (network byte order) */
bitmask &= ConfEntry->bitmask;
match = (bitmask != 0);
ConfEntry->stats_misses++;
}
else
+ {
+ if (!result.empty())
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL: %s returned address outside of acceptable subnet 127.0.0.0/8: %s", ConfEntry->domain.c_str(), result.c_str());
ConfEntry->stats_misses++;
+ }
}
}
data << "<server>";
data << "<servername>" << b->servername << "</servername>";
data << "<parentname>" << b->parentname << "</parentname>";
- data << "<gecos>" << b->gecos << "</gecos>";
+ data << "<gecos>" << Sanitize(b->gecos) << "</gecos>";
data << "<usercount>" << b->usercount << "</usercount>";
// This is currently not implemented, so, commented out.
// data << "<opercount>" << b->opercount << "</opercount>";
void SpanningTreeProtocolInterface::SendChannel(Channel* target, char status, const std::string &text)
{
- std::string cname = target->name;
- if (status)
- cname = status + cname;
TreeServerList list;
CUList exempt_list;
Utils->GetListOfServersForChannel(target,list,status,exempt_list);
void SpanningTreeProtocolInterface::SendChannelPrivmsg(Channel* target, char status, const std::string &text)
{
- SendChannel(target, status, ":" + ServerInstance->Config->GetSID()+" PRIVMSG "+target->name+" :"+text);
+ std::string cname = target->name;
+ if (status)
+ cname.insert(0, 1, status);
+
+ SendChannel(target, status, ":" + ServerInstance->Config->GetSID()+" PRIVMSG "+cname+" :"+text);
}
void SpanningTreeProtocolInterface::SendChannelNotice(Channel* target, char status, const std::string &text)
{
- SendChannel(target, status, ":" + ServerInstance->Config->GetSID()+" NOTICE "+target->name+" :"+text);
+ std::string cname = target->name;
+ if (status)
+ cname.insert(0, 1, status);
+
+ SendChannel(target, status, ":" + ServerInstance->Config->GetSID()+" NOTICE "+cname+" :"+text);
}
void SpanningTreeProtocolInterface::SendUserPrivmsg(User* target, const std::string &text)
#include "exitcodes.h"
#include "socketengine.h"
#include <sys/epoll.h>
-#include <ulimit.h>
+#include <sys/resource.h>
#include <iostream>
#define EP_DELAY 5
EPollEngine::EPollEngine()
{
CurrentSetSize = 0;
- int max = ulimit(4, 0);
- if (max > 0)
+
+ struct rlimit limit;
+ if (!getrlimit(RLIMIT_NOFILE, &limit))
{
- MAX_DESCRIPTORS = max;
+ MAX_DESCRIPTORS = limit.rlim_cur;
}
else
{
FOREACH_MOD(I_OnBuildNeighborList,OnBuildNeighborList(this, include_c, exceptions));
+ // Users shouldn't see themselves quitting when host cycling
+ exceptions.erase(this);
for (std::map<User*,bool>::iterator i = exceptions.begin(); i != exceptions.end(); ++i)
{
LocalUser* u = IS_LOCAL(i->first);
then
sudo apt-get update --assume-yes
sudo apt-get install --assume-yes libgeoip-dev libgnutls-dev libldap2-dev libmysqlclient-dev libpcre3-dev libpq-dev libsqlite3-dev libssl-dev libtre-dev
-elif [ "$TRAVIS_OS_NAME" = "osx" ]
-then
- brew update
- brew install geoip gnutls mysql-connector-c openssl pcre postgresql sqlite3 tre
- brew link sqlite3 --force
else
>&2 echo "'$TRAVIS_OS_NAME' is an unknown Travis CI environment!"
exit 1
install(DIRECTORY ${LOG_PATH} DESTINATION .)
if(EXISTS "${CMAKE_ROOT}/Modules/CPack.cmake")
+ set(CMAKE_INSTALL_SYSTEM_RUNTIME_DESTINATION ".") # place runtime libraries next to InspIRCd binary
include(InstallRequiredSystemLibraries)
set(CPACK_PACKAGE_NAME "InspIRCd IRC Daemon")