Commit Graph

1804 Commits

Author SHA1 Message Date
psychon a7d26bb598 Fix a crash bug in WebModules
WebModules use CHTTPSock for the HTTP server. That class requires a CModule
instance for working since it's based on CSocket. This was solved by creating a
fake module instance which is destroyed when the socket is destroyed.

The problem here was that CSocket's destructor tried to access that module
instance which was already destroyed resulting in a use-after-free.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1824 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 19:16:38 +00:00
psychon f6f7dce129 Use TCacheMap for saving the WebModules session
With this change, sessions are automatically "garbage collected" 24h after the
last request using this session.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1823 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 17:53:57 +00:00
psychon 7bff1c4d7c Change the default ConnectDelay from 30s to 5s
Now that we have the new ServerThrottle, we should be able to live with this
higher connect rate. Connecting lots of users is still awfully slow. :(


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1822 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 13:28:15 +00:00
cflakes ca48efc0a0 Fix previous commit. That's why I said let psychon do it. Hahaha.
Seriously though, why does stuff return TRUE when it fails and FALSE when everything's fine? Pretty weird.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1821 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 01:35:47 +00:00
cflakes 28022ca771 Added a new module hook
EModRet OnAddUser(CUser& User, CString& sErrorRet)
for global modules. Idea by BrianC.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1820 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 20:24:43 +00:00
psychon cbb6e14c3a Generate session IDs more securely
We now use a lot more data for generating the session id which is fed to a hash
to make it impossible to attack specific parts of the input.

Also we now retry generating a new session id in the (improbable) case of
collision with an existing session id.

Thanks a lot to cnu for pointing out the weakness in the old code by stealing my
session cookie, you evil hacker!


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1819 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 19:44:24 +00:00
psychon 9036f5de74 Fix CSmartPtr's operator== to actually work
The old code only worked when the CSmartPtr instance was at the left side of the
comparison and comparing two CSmartPtr directly resulted in a compiler error.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1818 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 18:58:31 +00:00
psychon 2ca15364d4 Use Listen and Listen4 in --makeconf
Before this, --makeconf used "Listen" if you said "no" to "do you want ipv6?"
and "Listen6" else. Since yesterday, "Listen" means "v4 and v6 please" (thanks
to DarthGandalg) which means we now use "Listen4" for "no" and "Listen" else.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1817 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 16:47:07 +00:00
psychon 6acaebf775 Add "Listen4" config option
"Listen6" and "Listen4" now do what the name implies and "Listen" listens on
both ipv4 and ipv6 (unless a bind host was set which forces something
different).

This also changes webadmin appropriately.

Thanks to DarthGandalf for the idea and the patch.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1816 726aef4b-f618-498e-8847-2d620e286838
2010-03-08 17:23:53 +00:00
silverleo aa9edc13b9 Added debug output for the listeners IsHostAllowed check.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1815 726aef4b-f618-498e-8847-2d620e286838
2010-03-08 16:51:00 +00:00
psychon 8d37abf312 Update to latest Csocket
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1814 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 15:46:36 +00:00
psychon 32a5fda809 Use a better seed for srand()
Instead of just time() (which can be easily guessed by an attacker when he gets
a couple of samples of rand() results), this now also uses the current
microseconds, znc's pid and the old PRNG state for computing a seed.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1813 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 14:55:20 +00:00
psychon 19ecd6e508 Add basic support for CAP
This adds support for the general CAP protocol and the multi-prefix and
userhost-in-names (NAMESX and UHNAMES) to znc. There is no module call for CAP
tokens yet, but if modules really want to "catch" capabilities, we should most
likely add one.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1812 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:44:56 +00:00
psychon 3e780e8058 route_replies: Send 353 through ForwardRaw353()
Before, route_replies bypassed this function which caused "wrong" replies to
/names, because clients who didnt understand it still got NAMESX and UHNAMES
replies.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1811 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:24:14 +00:00
psychon ec0d52e675 Split up CIRCSock::ForwardRaw353() into two function, one which is per-client
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1810 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:16:17 +00:00
psychon 5a02c73794 saslauth: Error out "better" on invalid module arguments
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1809 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:12:41 +00:00
psychon 5d9a22f6cc Use CString::Split() in more places
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1808 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 11:08:26 +00:00
psychon 698965777a Optimize our ISUPPORT token parsing
CString::Split() is nice and beautiful and way better than what we did before.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1807 726aef4b-f618-498e-8847-2d620e286838
2010-03-06 15:34:48 +00:00
psychon c9f26ba05f Move the list of sessions to a more "public" place
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1806 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:10:45 +00:00
psychon 333dd00867 notes: Remove an unused member variable
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1805 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:04:34 +00:00
psychon 9f742b352d Use a random string instead of an md5 hash for session IDs
This string has the same length as the md5 hash, but it does actually contain
more entropy. Also, why md5? :/


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1804 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:03:27 +00:00
psychon b0128cf130 Add new module calls for writing config entries
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1803 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 13:20:44 +00:00
prozacx 415754dd16 Removed some debug comments and a debug print
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1802 726aef4b-f618-498e-8847-2d620e286838
2010-03-03 01:47:26 +00:00
prozacx c5dbfaf4fa Don't show form for logged in users
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1801 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 02:06:25 +00:00
prozacx 5e940438f9 Removed unused member
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1800 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 01:25:20 +00:00
prozacx c27713cc1d Added support for cookies and sessions. Logging in is now done via cookies.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1799 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 01:22:02 +00:00
prozacx 2cfd6f9b46 CString::Split() - Trim() value before pushing it to vsRet if bTrimWhiteSpace is true
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1798 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 00:21:17 +00:00
prozacx fa6b595e06 Separated a bunch of the individual components out of BaseHeader.tmpl into their own include files
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1797 726aef4b-f618-498e-8847-2d620e286838
2010-02-28 22:08:17 +00:00
prozacx 3d5c56c7a7 Don't display the modname twice in breadcrumbs
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1796 726aef4b-f618-498e-8847-2d620e286838
2010-02-28 21:34:05 +00:00
psychon 8e5960983b Add our copyright header to WebModules.cpp
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1795 726aef4b-f618-498e-8847-2d620e286838
2010-02-25 12:30:14 +00:00
psychon f72e2f8abd Remove --disable-modules
ZNC without modules is like rain without being inside,
you really don't want that!


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1794 726aef4b-f618-498e-8847-2d620e286838
2010-02-25 12:29:40 +00:00
prozacx e4f907dc42 Added a bunch of admin checks
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1793 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 06:31:58 +00:00
prozacx aff85c2244 Added F_ADMIN flag to CWebSubPage to require admin privs on a page-by-page basis
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1792 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 06:28:39 +00:00
prozacx aadde9b48f Changed favicon.ico colors to reflect the color of their skin
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1791 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 05:36:32 +00:00
prozacx 0129916d4b The link to add channels was hidden if no channels already existed
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1790 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 04:57:55 +00:00
prozacx c9b2f4e063 Removed a cerr used in debugging
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1789 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 04:35:59 +00:00
silverleo 7215efe434 Fix input checkbox widths, which rendered badly on some browsers.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1788 726aef4b-f618-498e-8847-2d620e286838
2010-02-23 19:52:00 +00:00
prozacx 45caa26d86 Renamed GetWebNavTitle() to GetWebMenuTitle() to keep in line with the name of the Menu.tmpl file
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1787 726aef4b-f618-498e-8847-2d620e286838
2010-02-23 06:09:21 +00:00
psychon 4ede77ba99 blockuser: Make user name comparison case-sensitive
Because user names in znc *are* case sensitive.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1786 726aef4b-f618-498e-8847-2d620e286838
2010-02-22 18:44:54 +00:00
prozacx a06ae1e7c3 Fixed which skin name gets checked when you're editing a user other than yourself
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1785 726aef4b-f618-498e-8847-2d620e286838
2010-02-22 16:59:04 +00:00
prozacx ad92c58c42 Initial commit of webmods - still lots of work to be done
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1784 726aef4b-f618-498e-8847-2d620e286838
2010-02-22 07:40:22 +00:00
psychon e88958b95a Remove a useless constructor call
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1783 726aef4b-f618-498e-8847-2d620e286838
2010-02-21 08:24:03 +00:00
psychon e8dc3de47a Fix --disable-tcl
Thanks to Efreak for finding this.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1782 726aef4b-f618-498e-8847-2d620e286838
2010-02-21 08:14:40 +00:00
prozacx 5679949dd8 Don't quote url or html escaped strings (edited two non-used macros)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1781 726aef4b-f618-498e-8847-2d620e286838
2010-02-21 04:17:27 +00:00
prozacx 40aa7b09fe Split the Token() change to an overloaded function
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1780 726aef4b-f618-498e-8847-2d620e286838
2010-02-21 01:35:54 +00:00
prozacx eb40b3de77 Readding Token() code which does get called a lot but also fixes a webadmin bug where the darkcloud skin doesn't highlite the current page's nav item
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1779 726aef4b-f618-498e-8847-2d620e286838
2010-02-20 18:54:52 +00:00
psychon 472bc6f5c7 autoattach: Attach on channel actions
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1778 726aef4b-f618-498e-8847-2d620e286838
2010-02-19 17:11:56 +00:00
psychon 115b170890 Another patch by DarthGandalf, thanks
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1777 726aef4b-f618-498e-8847-2d620e286838
2010-02-19 17:06:42 +00:00
psychon 1d88f564dc Fix a bunch of style suggestions from cppcheck[1]
Thanks to DarthGandalf for this patch. You must be bored. :P

[1] cppcheck.sf.net


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1776 726aef4b-f618-498e-8847-2d620e286838
2010-02-19 16:21:07 +00:00
psychon e36d8ae576 Remove a spurious semicolon
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1775 726aef4b-f618-498e-8847-2d620e286838
2010-02-19 10:21:33 +00:00