aboutsummaryrefslogtreecommitdiff
path: root/src/modules/extra
Commit message (Collapse)AuthorAgeFilesLines
* Update the GeoIP ExtItem when CGI:IRC sets the real IP (#1471)Gravatar genius30002018-03-301-1/+8
| | | | | | | | | Since CGI:IRC calls it's 'ChangeIP()' either from 'OnCheckReady()' or 'OnUserRegister()', both of which are called after the user has sent NICK/USER, we can safely skip re-setting the ExtItem prior to this point. This skips the first 'OnSetUserIP()' from 'User::AddUser()' as the 'OnSetConnectClass()' catch handles the initial setting.
* m_ssl_openssl: Remove deprecated API members.Gravatar Wade Cline2018-03-021-3/+12
| | | | Backported from 2afc1af4639ae2bbef397f4f6acc834950017d91.
* Update wiki links to use HTTPS and point to the correct pages.Gravatar Peter Powell2017-10-152-3/+1
| | | | | When we release 3.0 these links will break as they will point to the pages for 3.0 rather than 2.0.
* m_ldapauth: fix providing username in PASSGravatar Adam2017-03-201-29/+18
| | | | | | | | | | This has never worked because it never prepended attribute= to the search string. It also would prefer matching nick/ident over the user string provided which is inconsistent, since your ability to authenticate using PASS would depend on a ldap entry not existing with your current nick/ident. Instead, use username provided in PASS and then fallback to nick/ident.
* m_sqlite3 Fix possible memory leak when opening a database failsGravatar Attila Molnar2016-08-171-1/+3
|
* m_ssl_openssl Verify DH params being non-NULL before setting it on the contextGravatar Attila Molnar2016-07-221-4/+11
| | | | Fixes issue reported by @m4rkw on IRC
* m_ssl_gnutls, m_ssl_openssl After a read schedule another read if data ↵Gravatar Attila Molnar2016-06-212-1/+11
| | | | remains in the buffer of the SSL library
* Update m_ssl_gnutls to use libgnutls-30 for gnutls 3.4Gravatar Adam2016-02-111-1/+1
|
* m_ssl_gnutls Hold users in pre-registration state until the handshake is ↵Gravatar Attila Molnar2015-05-101-1/+8
| | | | completed
* Remove some dead code found by CoverityGravatar Attila Molnar2014-10-261-3/+1
|
* Use gnutls_rnd instead of gcry_randomize on newer GnuTLS versions.Gravatar Peter Powell2014-10-251-6/+3
| | | | This is a modified version of 690c372. Fixes #905.
* m_ssl_openssl Add compile time option that allows disabling renegotiationsGravatar Attila Molnar2014-10-201-0/+61
|
* m_ssl_openssl Add compile time option to enable ECDHGravatar Attila Molnar2014-10-201-0/+36
|
* m_ssl_gnutls Add compile time option for allowing sha256 certificate ↵Gravatar Attila Molnar2014-10-201-0/+4
| | | | fingerprints
* Initialize all fields of issl_session on module load in SSL modulesGravatar Attila Molnar2014-10-162-1/+3
|
* Add interface to SSL modules that allows other modules to obtain the raw SSL ↵Gravatar Attila Molnar2014-10-162-0/+12
| | | | session of a socket
* m_ssl_gnutls Refcount GnuTLS objects, free them when they are no longer in ↵Gravatar Attila Molnar2014-10-161-66/+110
| | | | use instead of at /rehash ssl time
* m_ssl_openssl Fix debug messageGravatar Attila Molnar2014-10-151-1/+1
|
* m_ssl_openssl Reset data_to_write for new sessionsGravatar Attila Molnar2014-10-151-0/+2
|
* m_ssl_openssl Free the ssl_cert object as soon as the session is closed ↵Gravatar Attila Molnar2014-10-151-1/+1
| | | | instead of waiting for the next VerifyCertificate() or new connection
* m_ssl_openssl Remove bogus errno assignment from CloseSession()Gravatar Attila Molnar2014-10-151-1/+0
|
* m_ssl_openssl Return an error from the IOHook read and write functions if ↵Gravatar Attila Molnar2014-10-141-1/+1
| | | | | | | the handshake returns 0 The meaning of a 0 return value quoted from the manual: The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol.
* m_ssl_openssl Add user-friendly config options for setting a few OpenSSL ↵Gravatar Attila Molnar2014-10-141-0/+14
| | | | context options
* m_ssl_openssl Allow configuring raw OpenSSL context optionsGravatar Attila Molnar2014-10-101-2/+27
|
* m_ssl_openssl Disable session caching and session ticketsGravatar Attila Molnar2014-10-101-2/+5
|
* m_ssl_openssl Enable single (EC)DH use and disable SSL v2Gravatar Attila Molnar2014-10-101-0/+9
| | | | | | | | | Options enabled: - SSL_OP_NO_SSLv2 - SSL_OP_SINGLE_DH_USE - SSL_OP_SINGLE_ECDH_USE (if it exists) Partial backport of #856 by @jvehent
* m_ssl_openssl Clear the error queue before every SSL_* callGravatar Attila Molnar2014-10-081-0/+9
|
* m_ssl_gnutls Re-set DH params when the gnutls_certificate_credentials_t ↵Gravatar Attila Molnar2014-10-031-2/+2
| | | | struct is reallocated
* m_sqlite3 Fix cleanup of unsuccessful database connectionsGravatar Attila Molnar2014-09-021-2/+5
|
* Make sure the DN strings obtained from the SSL mods are always validGravatar Attila Molnar2014-07-242-4/+22
|
* Change Windows libraries to be dynamically linkedGravatar Adam2014-04-135-22/+23
|
* m_ssl_openssl Avoid Applink on Windows by calling PEM_read_bio_DHparams() ↵Gravatar Attila Molnar2014-04-131-0/+11
| | | | instead of PEM_read_DHparams()
* m_ssl_openssl Fix memory leaks on /rehash ssl, unload and in VerifyCertificate()Gravatar Attila Molnar2014-01-261-2/+6
|
* Set a session id on our server ssl context in m_ssl_openssl. It is required ↵Gravatar Adam2014-01-241-0/+3
| | | | for some clients which try to restore SSL sessions.
* m_ssl_gnutls Fix feature testing and cipher suite related errors on older ↵Gravatar attilamolnar2013-08-131-1/+9
| | | | | | | | GnuTLS versions Use the (old) LIBGNUTLS_VERSION_* defines as a fallback when GNUTLS_VERSION_* is unavailable Fixes #595 reported by @rhylan
* m_ssl_openssl Fix inverted check that prevented certificates from being ↵Gravatar attilamolnar2013-07-161-1/+1
| | | | recognized as trusted
* Remove unnecessary string copies and dead codeGravatar attilamolnar2013-06-051-1/+0
|
* m_pgsql Same fix as 0e09600a431d0e0f2cde6457e088d84caf6d6f5dGravatar attilamolnar2013-06-041-8/+8
|
* m_mysql Fix escaping strings longer than MAXBUF/2Gravatar attilamolnar2013-06-011-6/+12
| | | | | | | | | Quotes from the documentation: "You must allocate the to buffer to be at least length*2+1 bytes long. (In the worst case, each character may need to be encoded as using two bytes, and you need room for the terminating null byte.)" "The return value is the length of the encoded string, not including the terminating null character." http://dev.mysql.com/doc/refman/5.6/en/mysql-real-escape-string.html
* m_mysql Fix crash on rehash when the database tags have been changed in the ↵Gravatar attilamolnar2013-05-221-5/+6
| | | | config
* m_geoip Set cc in OnSetConnectClass to the newly created string if it was NULLGravatar attilamolnar2013-05-181-2/+3
|
* m_ssl_gnutls Call gnutls_transport_set_errno() on Windows onlyGravatar attilamolnar2013-05-021-0/+14
|
* Fix gnutls (again) on Windows by using gnutls_transport_set_errno()Gravatar Adam2013-05-021-42/+56
|
* m_ssl_gnutls Add ability to load DH params from fileGravatar attilamolnar2013-04-241-2/+23
| | | | This greatly decreases the load time because the DH parameters no longer have to be (re)generated each time the module is loaded
* Fix m_ssl_gnutls and perhaps some other things on Windows by recognizing ↵Gravatar Adam2013-04-161-0/+12
| | | | WSAEWOULDBLOCK
* m_ldapoper Make the module actually workGravatar attilamolnar2013-03-291-10/+50
| | | | Fixes #439 reported by @rhylan
* m_ldapoper Fix memory leakGravatar attilamolnar2013-03-291-1/+27
| | | | See 1813369adecc1efc9812e90c40c21dc32e4965c9 for details
* m_ssl_openssl Make it clear that a CA file is not mandatoryGravatar attilamolnar2013-03-151-1/+1
|
* m_ssl_gnutls Fix null pointer dereference in case gnutls_xxx_get_name() ↵Gravatar attilamolnar2013-02-171-3/+11
| | | | returns NULL
* m_ssl_gnutls Fix build with GnuTLS 1.xGravatar attilamolnar2013-01-281-0/+19
| | | | Fixes #409 reported by @SaberUK