Commit Graph

4514 Commits

Author SHA1 Message Date
psychon
b764aa7b42 Fix WebModules with auth modules
When e.g. imapauth started handling a login from WebMods it opened a new TCP
connection etc. This took time, but WebMods didn't actually wait for the login
to finish which caused the login to fail later on since the HTTP socket was
already destroyed.

This fixes it by letting the HTTP sock just hang. Once the login finishes,
CHTTPSock::Redirect() is called to let it come back to life again.

Thanks to DarthGandalf for finding this issue.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1834 726aef4b-f618-498e-8847-2d620e286838
2010-03-15 16:06:56 +00:00
psychon
1d7fdc2954 Change the return type of OnPageRequestInternal()
Instead of return a bool, this now returns an enum. This explains the meaning of
the returned value better and will be used in the next commit to fix a bug.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1833 726aef4b-f618-498e-8847-2d620e286838
2010-03-15 15:58:15 +00:00
psychon
e54b0bda0a Revert r1831
No, I'm not going to explain why. :P


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1832 726aef4b-f618-498e-8847-2d620e286838
2010-03-15 15:43:22 +00:00
psychon
d76f193b6b Remove a self-assignment due to copy&paste
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1831 726aef4b-f618-498e-8847-2d620e286838
2010-03-15 15:36:04 +00:00
psychon
cb193d8f72 Make it possible to process HTTP requests async
This changes CHTTPSock so that one can handle HTTP requests asynchronously.
This is done by not forcing a page to be sent out in the caller of
OnPageRequest() but instead requiring a call to the new function
CHTTPSock::PrintPage().


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1830 726aef4b-f618-498e-8847-2d620e286838
2010-03-15 15:27:02 +00:00
psychon
5a8193565d Fix some minor "Whooops"
Someone semi-messed-up Makefile.in and the very same guy forgot to regenerate
configure when he modified configure.in. Whooops.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1829 726aef4b-f618-498e-8847-2d620e286838
2010-03-14 12:19:54 +00:00
psychon
5267e647e7 autoreply: Ignore messages from self
antiidle and autoreply didn't like each other, that's fixed now.

Thanks to Werring for reporting this.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1828 726aef4b-f618-498e-8847-2d620e286838
2010-03-12 12:22:40 +00:00
psychon
c3728f4cb3 Fix a crash with WebMods and deleting User
If a user who is currently logged in to WebMods is deleted, his CWebSession
still kept a stale CUser pointer around. The next time he loaded a web page,
Bad Things(tm) happened.

This is fixed by deleting all of a user's sessions when that user is deleted.

Thanks to DarthGandalf for spotting the bug and writing the patch.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1827 726aef4b-f618-498e-8847-2d620e286838
2010-03-11 17:29:36 +00:00
psychon
547b603488 Fix a crash bug with WebMods and auth modules
When a CWebSock was destroyed before its CWebAuth, the CWebAuth dereferenced a
stale pointer once it was used again. Fix this by calling
CAuthBase::Invalidate() appropriately.

Thanks to DarthGandalf for finding this.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1826 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 20:47:48 +00:00
psychon
5ff69d8e05 Fix traffic accounting of WebModules
The traffic generated by it was just discarded. Now it's accounted towards a
user if one is logged in, else towards the global traffic usage.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1825 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 19:34:21 +00:00
psychon
a7d26bb598 Fix a crash bug in WebModules
WebModules use CHTTPSock for the HTTP server. That class requires a CModule
instance for working since it's based on CSocket. This was solved by creating a
fake module instance which is destroyed when the socket is destroyed.

The problem here was that CSocket's destructor tried to access that module
instance which was already destroyed resulting in a use-after-free.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1824 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 19:16:38 +00:00
psychon
f6f7dce129 Use TCacheMap for saving the WebModules session
With this change, sessions are automatically "garbage collected" 24h after the
last request using this session.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1823 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 17:53:57 +00:00
psychon
7bff1c4d7c Change the default ConnectDelay from 30s to 5s
Now that we have the new ServerThrottle, we should be able to live with this
higher connect rate. Connecting lots of users is still awfully slow. :(


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1822 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 13:28:15 +00:00
cflakes
ca48efc0a0 Fix previous commit. That's why I said let psychon do it. Hahaha.
Seriously though, why does stuff return TRUE when it fails and FALSE when everything's fine? Pretty weird.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1821 726aef4b-f618-498e-8847-2d620e286838
2010-03-10 01:35:47 +00:00
cflakes
28022ca771 Added a new module hook
EModRet OnAddUser(CUser& User, CString& sErrorRet)
for global modules. Idea by BrianC.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1820 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 20:24:43 +00:00
psychon
cbb6e14c3a Generate session IDs more securely
We now use a lot more data for generating the session id which is fed to a hash
to make it impossible to attack specific parts of the input.

Also we now retry generating a new session id in the (improbable) case of
collision with an existing session id.

Thanks a lot to cnu for pointing out the weakness in the old code by stealing my
session cookie, you evil hacker!


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1819 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 19:44:24 +00:00
psychon
9036f5de74 Fix CSmartPtr's operator== to actually work
The old code only worked when the CSmartPtr instance was at the left side of the
comparison and comparing two CSmartPtr directly resulted in a compiler error.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1818 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 18:58:31 +00:00
psychon
2ca15364d4 Use Listen and Listen4 in --makeconf
Before this, --makeconf used "Listen" if you said "no" to "do you want ipv6?"
and "Listen6" else. Since yesterday, "Listen" means "v4 and v6 please" (thanks
to DarthGandalg) which means we now use "Listen4" for "no" and "Listen" else.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1817 726aef4b-f618-498e-8847-2d620e286838
2010-03-09 16:47:07 +00:00
psychon
6acaebf775 Add "Listen4" config option
"Listen6" and "Listen4" now do what the name implies and "Listen" listens on
both ipv4 and ipv6 (unless a bind host was set which forces something
different).

This also changes webadmin appropriately.

Thanks to DarthGandalf for the idea and the patch.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1816 726aef4b-f618-498e-8847-2d620e286838
2010-03-08 17:23:53 +00:00
silverleo
aa9edc13b9 Added debug output for the listeners IsHostAllowed check.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1815 726aef4b-f618-498e-8847-2d620e286838
2010-03-08 16:51:00 +00:00
psychon
8d37abf312 Update to latest Csocket
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1814 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 15:46:36 +00:00
psychon
32a5fda809 Use a better seed for srand()
Instead of just time() (which can be easily guessed by an attacker when he gets
a couple of samples of rand() results), this now also uses the current
microseconds, znc's pid and the old PRNG state for computing a seed.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1813 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 14:55:20 +00:00
psychon
19ecd6e508 Add basic support for CAP
This adds support for the general CAP protocol and the multi-prefix and
userhost-in-names (NAMESX and UHNAMES) to znc. There is no module call for CAP
tokens yet, but if modules really want to "catch" capabilities, we should most
likely add one.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1812 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:44:56 +00:00
psychon
3e780e8058 route_replies: Send 353 through ForwardRaw353()
Before, route_replies bypassed this function which caused "wrong" replies to
/names, because clients who didnt understand it still got NAMESX and UHNAMES
replies.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1811 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:24:14 +00:00
psychon
ec0d52e675 Split up CIRCSock::ForwardRaw353() into two function, one which is per-client
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1810 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:16:17 +00:00
psychon
5a02c73794 saslauth: Error out "better" on invalid module arguments
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1809 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 13:12:41 +00:00
psychon
5d9a22f6cc Use CString::Split() in more places
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1808 726aef4b-f618-498e-8847-2d620e286838
2010-03-07 11:08:26 +00:00
psychon
698965777a Optimize our ISUPPORT token parsing
CString::Split() is nice and beautiful and way better than what we did before.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1807 726aef4b-f618-498e-8847-2d620e286838
2010-03-06 15:34:48 +00:00
psychon
c9f26ba05f Move the list of sessions to a more "public" place
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1806 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:10:45 +00:00
psychon
333dd00867 notes: Remove an unused member variable
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1805 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:04:34 +00:00
psychon
9f742b352d Use a random string instead of an md5 hash for session IDs
This string has the same length as the md5 hash, but it does actually contain
more entropy. Also, why md5? :/


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1804 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 14:03:27 +00:00
psychon
b0128cf130 Add new module calls for writing config entries
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1803 726aef4b-f618-498e-8847-2d620e286838
2010-03-04 13:20:44 +00:00
prozacx
415754dd16 Removed some debug comments and a debug print
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1802 726aef4b-f618-498e-8847-2d620e286838
2010-03-03 01:47:26 +00:00
prozacx
c5dbfaf4fa Don't show form for logged in users
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1801 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 02:06:25 +00:00
prozacx
5e940438f9 Removed unused member
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1800 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 01:25:20 +00:00
prozacx
c27713cc1d Added support for cookies and sessions. Logging in is now done via cookies.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1799 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 01:22:02 +00:00
prozacx
2cfd6f9b46 CString::Split() - Trim() value before pushing it to vsRet if bTrimWhiteSpace is true
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1798 726aef4b-f618-498e-8847-2d620e286838
2010-03-01 00:21:17 +00:00
prozacx
fa6b595e06 Separated a bunch of the individual components out of BaseHeader.tmpl into their own include files
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1797 726aef4b-f618-498e-8847-2d620e286838
2010-02-28 22:08:17 +00:00
prozacx
3d5c56c7a7 Don't display the modname twice in breadcrumbs
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1796 726aef4b-f618-498e-8847-2d620e286838
2010-02-28 21:34:05 +00:00
psychon
8e5960983b Add our copyright header to WebModules.cpp
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1795 726aef4b-f618-498e-8847-2d620e286838
2010-02-25 12:30:14 +00:00
psychon
f72e2f8abd Remove --disable-modules
ZNC without modules is like rain without being inside,
you really don't want that!


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1794 726aef4b-f618-498e-8847-2d620e286838
2010-02-25 12:29:40 +00:00
prozacx
e4f907dc42 Added a bunch of admin checks
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1793 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 06:31:58 +00:00
prozacx
aff85c2244 Added F_ADMIN flag to CWebSubPage to require admin privs on a page-by-page basis
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1792 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 06:28:39 +00:00
prozacx
aadde9b48f Changed favicon.ico colors to reflect the color of their skin
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1791 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 05:36:32 +00:00
prozacx
0129916d4b The link to add channels was hidden if no channels already existed
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1790 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 04:57:55 +00:00
prozacx
c9b2f4e063 Removed a cerr used in debugging
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1789 726aef4b-f618-498e-8847-2d620e286838
2010-02-24 04:35:59 +00:00
silverleo
7215efe434 Fix input checkbox widths, which rendered badly on some browsers.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1788 726aef4b-f618-498e-8847-2d620e286838
2010-02-23 19:52:00 +00:00
prozacx
45caa26d86 Renamed GetWebNavTitle() to GetWebMenuTitle() to keep in line with the name of the Menu.tmpl file
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1787 726aef4b-f618-498e-8847-2d620e286838
2010-02-23 06:09:21 +00:00
psychon
4ede77ba99 blockuser: Make user name comparison case-sensitive
Because user names in znc *are* case sensitive.


git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1786 726aef4b-f618-498e-8847-2d620e286838
2010-02-22 18:44:54 +00:00
prozacx
a06ae1e7c3 Fixed which skin name gets checked when you're editing a user other than yourself
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1785 726aef4b-f618-498e-8847-2d620e286838
2010-02-22 16:59:04 +00:00