This is a way for admins to mitigate some issues caused by caps if such issues ever arise.
E.g. add this to global level in znc.conf:
DisableClientCap = sasl
DisableServerCap = chghost
DisableServerCap = message-tags
Then these caps will be NAKed to client / not requested from server.
Note that this mechanism doesn't fully prevent a cap from being activated, e.g. one could use *send_raw module to request it from server even when disabled.
By not using the same hardcoded number for every test, we can parallelize the test now.
There are several cases remaining where we can't easily use unix sockets (e.g. QSslSocket or imapauth module), for that ask kernel what port number is currently free to use. This is a bit racy though.
These days salted SHA-256 is considered quite weak for passwords.
Transparently upgrade existing hashes upon login.
Bump cmake requirement to able to use IMPORTED_TARGET, this will allow
further cleanup in next commits.
Before this commit, when pUser->SetBeingDeleted(true) is executed,
pUser is an empty unique_ptr, because release() was already called
on it. Therefore, pUser->SetBeingDeleted is unidefined behaviour.
Also, AddUser only takes ownership of the passed user pointer if it
succeeds. In case of a failure, it's the caller's responsibility to
delete the user.
Fix this by keeping a raw pointer to the user, and handling it
accordingly when AddUser fails.
I have no idea whether SetBeingDeleted is necessary there, leaving it
just in case.
Maybe it would be better if we could change the semantics of
AddUser to always take ownership of the pointer,
or even take unique_ptr, but I have no idea how to adapt Python
bindings in modpython to such change.
Setting AuthOnlyViaModule on a user causes CheckPass to never return true,
causing all authentication attempts using the configured password to fail, both
on IRC connections and for webadmin. This is useful in situations where an
external module (cyrusauth, certauth, imapauth) handles authentication. Setting
the global AuthOnlyViaModule option causes similar behavior across every
user. If AuthOnlyViaModule is set to true globally, it cannot be overridden
per-user.
Close#1474Close#331
So far this is not integrated with ClientCommand.cpp or webadmin.cpp, so
the only way to actually use this is to hand-editing the config with a
<Listener> section like the following:
<Listener 42>
Path = /tmp/listen
SSL = false
</Listener>
So far this received only very basic testing. I did not even test SSL support.
Signed-off-by: Uli Schlachter <psychon@znc.in>
This splits up CListener into a TCP-specific class and a general class.
The intention is to later add another class inheriting from CListener
that listens on unix sockets.
Signed-off-by: Uli Schlachter <psychon@znc.in>
Make version checks more strict.
This finishes attempt to preserve ABI between patch versions. That
didn't work well, and the people who could make it work, left the
project already.
Close#1255Close#1274Close#172
Alexey Sokolov