81e3c908ad
Fix include
2025-04-21 01:01:42 +01:00
63d10ccb17
Add support to connect to server via unix socket
...
The syntax for AddServer command and config is chosen to be unix:/path or unix:ssl:/path
For security reasons, only admins can add such servers, to prevent users from poking around the file system.
2025-04-20 22:40:20 +01:00
d3a7f125cf
Make unix sockets work from modules
2025-04-20 08:31:36 +01:00
0af3e0705f
Configure unix listeners in webadmin
2025-04-19 23:43:09 +01:00
18af9b0895
More cleanup of listeners
2025-04-19 20:44:39 +01:00
3348de5b97
Remove old compatibility code in webadmin
...
Previously it was creating its own listener, but http support migrated to core ages ago
2025-04-19 20:23:08 +01:00
b53612edab
Merge branch 'master' into unix
2025-04-18 23:46:16 +01:00
a206d1a3bb
Webadmin: Fix Edit Network when using DenySetNetwork ( #1942 )
2025-04-18 02:11:43 +01:00
f93829e3b3
Implement message-tags spec
...
Message tags were supported already, but not arbitrary tags, and not
TAGMSG
2025-04-11 21:28:10 +01:00
bf5aa45b34
Update translations from Crowdin for bg_BG da_DK de_DE el_GR es_ES fr_FR id_ID it_IT nl_NL pl_PL pt_BR pt_PT ro_RO ru_RU tr_TR
2025-03-17 00:26:30 +00:00
ebfe1143e4
log: don't log user quit to disabled channels
...
Fix #1925
2025-03-16 22:00:11 +00:00
29104e81a2
certauth: use SHA-256 instead of SHA-1 for fingerprints
...
Transparently upgrade the hash upon successful login.
I intend to remove SHA-1 support in several versions.
2025-03-16 20:00:11 +00:00
a7dffb8ff1
Add modperl support for sasl
2025-03-16 00:42:27 +00:00
93e364b296
Add modpython sasl test
2025-03-15 22:43:35 +00:00
2ac6493150
Merge branch 'master' into sasl
2025-03-15 10:16:44 +00:00
bf6c6c6154
Update translations from Crowdin for bg_BG da_DK de_DE el_GR es_ES fr_FR id_ID it_IT nl_NL pl_PL pt_BR pt_PT ro_RO ru_RU tr_TR
2025-03-15 09:00:42 +00:00
6203ae64ba
Remove the word "either" ( #1938 )
...
This is likely there because there are two different paths
depending on if the module was loaded as a network or a user
module. But only one of them is printed here so either does
not make any sense.
2025-03-06 16:44:41 +01:00
37457105f3
Support SASL EXTERNAL in certauth
2025-02-24 22:52:47 +00:00
8778a2bb5d
Parse network and client from authzid. Tests will be in future commit
2025-02-24 09:21:30 +00:00
ed20d489b6
Apply suggestions from code review
...
Co-authored-by: dgw <dgw@technobabbl.es >
2025-02-23 22:41:01 +01:00
4f07558a7d
Remove a footgun by decreasing the SASL API surface for modules
...
Even without the bad vtable of mutex inside shared_ptr, if a module
creates a subclass of CAuthBase, but then unloads, we have the same
problem.
2025-02-23 09:25:24 +00:00
af21753901
Rename saslplain to saslplainauth for consistency with other auth
...
modules
2025-02-22 16:03:46 +00:00
6e9980d67f
Various SASL changes
2025-02-22 15:59:52 +00:00
99a5a52fea
fail2ban: Reset the counter upon successful login
...
This is for SASL: when multiple mechanisms available it's kinda expected
that some of them can fail, e.g. if client attempted EXTERNAL without
providing the cert first.
2025-02-15 00:17:24 +00:00
4ef64eb4d5
rename next sasl module hook
2025-02-13 21:36:07 +00:00
c8266aafda
Rename new callback, fix build
2025-02-13 21:22:09 +00:00
22f27b2e88
Fix indentation of SASL code.
...
This should help understanding what it's trying to do.
2025-02-13 21:03:16 +00:00
c6ae8d16e5
saslplain: use CZNC::AuthUser()
...
1. this should work better with modules such as imapauth
2. it fixes a null pointer dereference when the username wasn't found
This module won't work as is yet, and has some other obvious issues with
this approach, but was a good starting point.
2025-02-13 20:56:02 +00:00
41a0030fdb
Merge branch 'master' into sasl
...
Conflicts:
include/znc/Client.h
src/Client.cpp
src/Modules.cpp
test/integration/tests/modules.cpp
2025-02-13 20:37:32 +00:00
44e4b95a20
Welcome to 2025 ( #1929 )
2025-02-07 23:23:45 +00:00
25b19bb889
modperl: remove given/when
...
new perl version removes this feature
2024-10-13 21:35:30 +01:00
a3867d100f
unify indents in startup.pl
2024-10-13 21:27:42 +01:00
afefc048d0
Simply disconnect if SASL not available on server
...
Instead of disabling network
This unavailability could be temporarily
Fix #1918
2024-10-13 19:22:48 +01:00
0506e95a74
Merge branch '1.9.x'
2024-07-03 16:16:12 +01:00
8cbf8d6281
Fix RCE vulnerability in modtcl
...
Remote attacker could execute arbitrary code embedded into the kick
reason while kicking someone on a channel.
To mitigate this for existing installations, simply unload the modtcl
module for every user, if it's loaded.
Note that only users with admin rights can load modtcl at all.
While at it, also escape the channel name.
Discovered by Johannes Kuhn (DasBrain)
Patch by https://github.com/glguy
CVE-2024-39844
2024-07-01 10:27:49 +01:00
d6605d199e
Fix casing on traffic info table
2024-04-10 22:56:29 -07:00
1e89f7b4ba
Fix casing
2024-04-10 22:38:23 -07:00
82e82f0bf6
Merge branch '1.9.x'
2024-04-09 22:51:50 +01:00
207eaf4b1e
Fix title case of tooltips
...
Close #1906
2024-04-09 22:49:00 +01:00
8b768593b1
Add a helpful tooltip
2024-04-09 22:47:12 +01:00
3761c910b8
Update translations from Crowdin for id_ID
2024-03-03 22:25:45 +00:00
19e99fbc16
Try to fix merge conflict by rerunning CI
2024-03-03 22:05:59 +00:00
eb45a523c2
Merge branch '1.9.x'
2024-03-03 21:48:54 +00:00
82bf7fb803
Update translations from Crowdin for bg_BG da_DK de_DE el_GR es_ES fr_FR id_ID it_IT nl_NL pl_PL pt_BR pt_PT ro_RO ru_RU tr_TR
2024-02-26 00:33:26 +00:00
e819082432
Update translations from Crowdin for id_ID
2024-02-26 00:33:25 +00:00
04fd57ad46
Merge branch '1.9.x'
2024-02-25 14:28:20 +00:00
feeece9c84
Update translations from Crowdin for pl_PL pt_BR pt_PT
2024-02-23 00:33:44 +00:00
0b28e3a834
Update translations from Crowdin for bg_BG da_DK de_DE el_GR es_ES fr_FR id_ID it_IT nl_NL pl_PL pt_BR pt_PT ro_RO ru_RU tr_TR
2024-02-23 00:33:43 +00:00
251a8159b9
Update translations from Crowdin for it_IT
2024-02-20 00:32:30 +00:00
01bc617d58
Update translations from Crowdin for id_ID
2024-02-18 00:33:08 +00:00
Alexey Sokolov