Age | Commit message (Collapse) | Author |
|
Security
See merge request irssi/irssi!34
|
|
printing netsplit/join
|
|
Now iterating over all servers to avoid crashes on server_ischannel(),
which is a macro for server->ischannel(), so it dies horribly when it's
null. Doesn't help that IS_IRC_SERVER() always returns true on null.
|
|
|
|
this reverts part of #465
unfortunately we need to further refine the initial patch
- when filtering by channel, the whole split is cleaned up nevertheless
- something similar happens for the netjoins
- furthermore, we cannot wait only for PUBLIC msgs, j/p/q are equivalently relevant for temporal integrity
|
|
Some arguments were free'd first and then printed, leading to gibberish
being output to screen or a crash.
Found by Joseph Bisch.
Closes: !GL17
|
|
|
|
There was no easy way for the user to disable the SASL authentication or
to clear the username/password once the network was created.
Closes #718
|
|
The warning itself:
>warning: comparison between pointer and zero character constant [-Wpointer-compare]
Harmless stuff as far as I can tell.
The fix adds a null check that probably isn't needed. The old code that
compared against '\0' worked a lot like a null check so it makes sense
to keep that, while also adding the intended check for empty string.
This was visible with "/dcc close send a" showing an empty filename.
The equivalent for get didn't show the filename in the format string.
|
|
fe-netjoin: remove irc servers on "server disconnected" signal
Closes #7
See merge request !10
|
|
|
|
Spotted by our friend scan-build.
|
|
Process the nick changes in queries before the PRIVMSG is handled.
|
|
|
|
|
|
Otherwise we end up with the message in the status window since the
frontend knows jack shit about the casemapping option when it tries to
find the associated window for the query.
|
|
|
|
|
|
This is the root cause of #567
|
|
|
|
This patch adds two new options to /CONNECT and /SERVER to let the user
pin either an x509 certificate and/or the public key of a given server.
It is possible to fetch the certificate outside of Irssi itself to
verify the checksum. To fetch the certificate call:
$ openssl s_client -connect chat.freenode.net:6697 < /dev/null 2>/dev/null | \
openssl x509 > freenode.cert
This will download chat.freenode.net:6697's TLS certificate and put it into the
file freenode.cert.
-tls_pinned_cert
----------------
This option allows you to specify the SHA-256 hash of the x509
certificate. When succesfully connected to the server, irssi will verify
that the given server certificate matches the pin set by the user.
The SHA-256 hash of a given certificate can be verified outside of irssi
using the OpenSSL command line tool:
$ openssl x509 -in freenode.cert -fingerprint -sha256 -noout
-tls_pinned_pubkey
------------------
This option allows you to specify the SHA-256 hash of the subject public key
information section of the server certificate. This section contains both the
cryptographic parameters for the public key, but also information about the
algorithm used together with the public key parameters.
When succesfully connected to the server, irssi will verify that the
given public key matches the pin set by the user.
The SHA-256 hash of a public key can be verified outside of irssi using
the OpenSSL command line tool:
$ openssl x509 -in freenode.cert -pubkey -noout | \
openssl pkey -pubin -outform der | \
openssl dgst -sha256 -c | \
tr a-z A-Z
It is possible to specify both -tls_pinned_cert and -tls_pinned_pubkey
together.
|
|
This patch changes the internal name of SSL to TLS. We also add -tls_*
options to /CONNECT and /SERVER, but make sure that the -ssl_* versions
of the commands continue to work like before.
|
|
Some small adjustments to the netsplit code.
|
|
This fixes two issues:
- IRCNet doesn't have STATUSMSG, but it supports +channels, and
including + in the default value meant processing those incorrectly
- The "bahamut hack", for old servers that support but don't advertise
STATUSMSG, didn't work since ischannel_func doesn't use the default.
The choice of @ intentionally leaves out support for other STATUSMSG
(for example, AzzurraNet's bahamut 1.4 fork seemed to support + and % in
any order, contradicting the comment in the code).
I think this is a decent tradeoff, given how those servers are uncommon
and relying on +# or %# is even less common than @#.
Fixes #531
|
|
|
|
|
|
By making the signal handler hooked to the "print starting" event
smarter we can avoid dumping the whole netsplit stats for every
server/channel when a message arrives.
Issue #420
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Removing network will also remove attached channels
|
|
Removing network will now also remove all attached servers
|
|
|
|
|
|
The /NETWORK ADD command now is able to modify the SASL mechanism, the
username and the password on a chatnet basis.
|
|
|
|
|
|
Network and IPv{4,6} related changes
|
|
The return value is a char*, and here it was false which is 0 which is
more or less the same as null.
That could have been a crash somewhere, the functions that call this
don't expect null ever.
|
|
Just passing the full target to the "message irc op_public" signal
handler and letting it do the cleanup.
The fe_channel_skip_prefix() call in event_privmsg() is kept because
recode_in() needs a real channel name, but
There was similar code in sig_message_own_wall(), but that one is
correct - the /wall command always sends NOTICE @#chan, so I added a
comment down there to make it clear.
|
|
Ip's aren't selected using random() anymore, also select the ip version
by using getaddrinfo and some proper hints.
|
|
Add some copyright headers here and there too.
|
|
Fixes #285
|
|
|
|
|