This patch makes the code in CClient use a wrapper function for accessing the
IRC socket. Wait and see for why I do this. ;)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1724 726aef4b-f618-498e-8847-2d620e286838
If a module like imapauth needs some time to process a login, it's possible that
the client already disconnected by the time the lookup finished. This would then
cause a stale pointer in CAuthBase to be dereferenced.
Fix this remotely exploitable crash bug by adding a new function
CAuthBase::Invalidate(). After this was called, the CAuthBase instance doesn't
do anything at all anymore, especially not dereferencing the (possibly stale)
m_pSock pointer.
This also makes sure that one can only call AcceptLogin() or RefuseLogin() once.
Thanks to Sm0ke0ut for providing backtraces and reporting this bug.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1669 726aef4b-f618-498e-8847-2d620e286838
We used to start a dedicated timer for a new client socket that would make sure
the client is disconnected if it didn't successfully log in after 60 seconds.
This is now replaced by using Csocket's built-in timeout support. When a new
client connects we SetTimeout(60, 0); which means that Timeout() will be called
in 60 seconds, no matter what. The second argument is a bitmask which says on
which events the timeout should be reset (TMO_READ, TMO_WRITE, TMO_ACCEPT,
TMO_ALL).
Once the client logs in successfully, CClient::AcceptLogin() now sets back the
proper timeout (SetTimeout(240, TMO_READ);) which was set in Connected() before.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1622 726aef4b-f618-498e-8847-2d620e286838
Everything which isn't a CClient with a successful login counts as an
unidentified connection in this context. Modules who don't want this kind of
limit on their listening sockets can override CSocket::ConnectionFrom(), but
their sockets will still count towards this limit.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1561 726aef4b-f618-498e-8847-2d620e286838
This breaks CAuthBase's API for modules that want to auth users.
Instead of overloading AcceptLogin() and RefuseLogin(), they now have to
overload AcceptedLogin() and RefusedLogin().
Modules that auth users (e.g. imapauth) still call AcceptLogin() and
RefuseLogin() which is where OnFailedLogin() gets called.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1389 726aef4b-f618-498e-8847-2d620e286838
CSocket caches the data read from a socket and then looks for lines in there.
If there is no line end, this buffer can grow quite large. This patch now
closes sockets if they get a huge read buffer.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1233 726aef4b-f618-498e-8847-2d620e286838
We no longer include Csocket.h in main.h because only few files actually need
it. (Only HTTPSock.h and Timers.h)
We also clean up some includes in Timers.h. It didn't actually include
the file it needed.
Oh and this also adds a warning to main.h if PATH_MAX is undefined. If this
happens, it is most likely a bug that needs to be addressed. (some missing
includes, I'd guess)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1099 726aef4b-f618-498e-8847-2d620e286838
If CClient::m_bAuthed was false, CClient::m_pUser was NULL as well and
if it was true, m_pUser wasn't NULL, too. So why not take that var for
this job?
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1003 726aef4b-f618-498e-8847-2d620e286838
All the headers are now self-contained (g++ Header.h -o /dev/null).
Some system headers where moved to the .cpp they are actually needed in,
some of our own headers are includes less. (Especially MD5.h)
Headers are sorted alphabetically while in e.g. FileUtils.cpp FileUtils.h
is the first file included.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@915 726aef4b-f618-498e-8847-2d620e286838
- Changes to specfile
- define PATH_MAX and RTLD_LOCAL if not defines
- compile fixes
- SetFileName should not set m_iFD
- check for cygwin and do not use -fPIC
- replaced if ... elif with case in configure.in
- handle 437 reply code
- allow disabled channels
- use strerror() in CIRCSock::SockError()
- added GetUser() to CClient and CIRCSock
- added support for traffic accounting
- added names to timers
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@806 726aef4b-f618-498e-8847-2d620e286838
- if a client connected before znc connected to irc and if it uses a wrong nick it
wasnt informed of this -> fixed
- znc.cpp didnt work with --disable-modules
- some stuff which was already merged previously
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@800 726aef4b-f618-498e-8847-2d620e286838
