When you are already in #znc and you did 'stick znc' (# prefix missing!),
stickychan caused segfaults or different weird behavior. This happened because
stickychan didn't handle errors from CUser::AddChan(). AddChan() can only error
out if the channel already exists, but since stickychan already checked this,
were does the error come from?
CChan's constructor does some sanity checks on the channel name. It
automatically adds the proper channel prefix (most likely #) if it's missing.
This means when stickychan checked for the channel "znc" it correctly didn't
find one. When it then tried to add "znc", it really tried adding "#znc" which
could fail if the channel was already added.
Thanks to DM8Mydog for finding this.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1500 726aef4b-f618-498e-8847-2d620e286838
Now ZNC compiles with -Wmissing-declarations :)
(BTW I hate the perl headers, could some fix them app so that they cause
less warnings?)
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1499 726aef4b-f618-498e-8847-2d620e286838
This adds a new, second argument to fail2ban which is the number of failed
logins one is allowed before being banned. Each login attempt resets the
timeout. This value defaults to 2.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1489 726aef4b-f618-498e-8847-2d620e286838
Before this, the KICK message was missing a target which was kicked.
Now the user kicks himself. :)
Thanks to JoeK for reporting this bug.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1486 726aef4b-f618-498e-8847-2d620e286838
This moves all static webadmin files (images, css) to the data/ subdirectory
of the skin dir. The webadmin module is changed to redirect requests to
/<skin name>/ to that data directory. The skins are changed to use the
new URL when linking to their stuff. (I only needed to change the path to
the main.css file in each Header.tmpl. Since the .css and the images are now
in the same directory, relative URLs work just fine).
This means that we now generate different URLs after changing the webadmin
skins and the browser cache can do its thing.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1481 726aef4b-f618-498e-8847-2d620e286838
The new CloneUser command allows one to create a user with a space in
its name and the code for reading znc.conf allows spaces too. So now
one can even get rid of this users again...
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1478 726aef4b-f618-498e-8847-2d620e286838
That false/true thing makes no sense and pUser was passed in to a bool
argument which means it was always true... weird...
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1472 726aef4b-f618-498e-8847-2d620e286838
Use ToUInt to convert the string, since we're actually using an
unsigned integer. And use ToBool for consistency.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1440 726aef4b-f618-498e-8847-2d620e286838
While experimenting with some warning flags I found another one which breaks
the perl headers. This warning is triggered by code like this:
void bla();
void bla();
Sadly, the perl headers do this for some weird reason :(
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1427 726aef4b-f618-498e-8847-2d620e286838
The admin module is now able to set a user's password. Furthermore
fixed a bug if now username was specified for the 'Get' or 'Set'
command.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1423 726aef4b-f618-498e-8847-2d620e286838
One needs to be admin to change the current skin dir, but it still sounds
like a good idea to be careful...
Plus, this wont deny symlinks anyway!
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1412 726aef4b-f618-498e-8847-2d620e286838
There was a bug in webadmin which allowed any users to write arbitrary strings
to znc.conf by setting e.g. their quit message to:
Some quit message
Admin = true
LoadModule = shell
</User>
ISpoofFile = /home/<user>/.ssh/authorited_keys
ISpoofFormat = <some ssh key>
<User a>
(The newlines must be sent as newlines to webadmin)
This commit fixes this by stripping all newlines from all the data fields
by default. Since some fields (e.g. CTCPReplies and Servers) do need newlines,
there is a new function CHTTPSock::GetRawParam() which doesn't do the stripping.
Thanks to cnu for finding and reporting this bug.
Thanks to kroimon for patch review.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1395 726aef4b-f618-498e-8847-2d620e286838
This is a slightly modified version of the connect_throttle from znc-extra.
If a login attempt fails, all further login attempts from that source IP are
blocked for some time (by default one minute).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1390 726aef4b-f618-498e-8847-2d620e286838
This breaks CAuthBase's API for modules that want to auth users.
Instead of overloading AcceptLogin() and RefuseLogin(), they now have to
overload AcceptedLogin() and RefusedLogin().
Modules that auth users (e.g. imapauth) still call AcceptLogin() and
RefuseLogin() which is where OnFailedLogin() gets called.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1389 726aef4b-f618-498e-8847-2d620e286838
- No longer a global module, why was it ever one?
- Fix '/msg *admin set ident a' to error out instead of modifying my own user.
- Document '$me'.
- Other, minor stuff.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1386 726aef4b-f618-498e-8847-2d620e286838
This module basically does the same things webadmin does, but via
an IRC query interface.
Thanks to sebastinas for writing the original version of this module.
Thanks to kroimon for making this suite ZNC's coding style better and porting
it to newer ZNC versions.
Finally, I added a DelUser command and ported it again to laters versions.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1379 726aef4b-f618-498e-8847-2d620e286838
Because some ENTER/LEAVE pair was missing, the stack perl uses for passing
arguments grew and grew.
Besides adding those calls this also fixes some more of the callback calling
code to look a little closer to the examples from perldoc.
This also fixes some warnings perl threw at us when unloading by not
making ZNC::{CONTINUE,HALT{,MODS,CORE}} mortal.
Thanks to tomaw and AnMaster for reporting and helping me debug this mem issue.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1357 726aef4b-f618-498e-8847-2d620e286838
Channel buffers are loaded from disk when we join a channel (OnJoin) and when
the module is loaded (OnBoot(), called from OnLoad()) and only if KeepBuffer
for that channel is turned on. So every case is handled.
If we now also load channel buffers in SaveBufferToDisk() we will only reload
old channel buffers which were deleted since then
(e.g. /msg *status clearallchannelbuffers).
Thanks to Julian for finding this bug and helping me debug.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1345 726aef4b-f618-498e-8847-2d620e286838
In theory this could lead to extra copies of the password in memory, but since
no caller actually makes sure that those passwords are forgotten as fast as
possible, I don't see why this should be done the Old Way(tm).
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1343 726aef4b-f618-498e-8847-2d620e286838
The stuff in CUtils::GetHashPass() and CUtils::GetSaltedHashPass() shouldn't
hurt, since we don't do such stuff in other places for passwords either.
This should improve the readability of the code a lot.
git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1324 726aef4b-f618-498e-8847-2d620e286838
