about summary refs log tree commit diff
Commit message (Collapse)AuthorAge
* Send real account name in fake 900June McEnroe2022-03-29
| | | | | | | This only exists in case of clients that won't use a TLS client cert without trying to use SASL EXTERNAL. Honestly I'm not sure if they actually exist. But if they do, they might be happier to receive the real account name afterwards.
* Track account name from 900 numericJune McEnroe2022-03-29
|
* Set clientOrigin from bindHost, add dot if necessaryJune McEnroe2022-03-29
| | | | | Since effectively the difference between a nick origin and a server origin is the presence of a dot.
* Replace ORIGIN #define with clientOrigin variableJune McEnroe2022-03-29
|
* Handle CAP REQ causal.agency/passive after registrationJune McEnroe2022-03-29
| | | | | If we supported disabling caps, there would need to be a corresponding check and activeIncr().
* Document using -S to connect over IPv4 or IPv6June McEnroe2022-03-14
|
* notify, palaver: Add -t to trust self-signed certificatesOmar Polo2021-11-28
|
* Remove CAVEATS section 3.0June McEnroe2021-10-15
| | | | | | The first one is already covered in the opening paragraphs. The second is now I think better covered by the DIAGNOSTICS section, though maybe not as specifically.
* Note Libera userhost-in-names in QUIRKSJune McEnroe2021-10-15
|
* Prefix other example commands with $ promptJune McEnroe2021-10-15
|
* Add back pounce EXAMPLES sectionJune McEnroe2021-10-15
|
* Prefix example commands with $ promptJune McEnroe2021-10-15
|
* Note TLS certificate requirement early in manualJune McEnroe2021-10-15
|
* Remove certbot from calico(1) exampleJune McEnroe2021-10-07
|
* Don't call pounce a daemonJune McEnroe2021-10-07
|
* Refer to long option names rather than flagsJune McEnroe2021-10-07
| | | | Except of course when flags only exist as flags.
* Separate options into three sectionsJune McEnroe2021-10-07
|
* Remove mention of capsicum from READMEJune McEnroe2021-10-07
|
* OpenBSD: Simplify unveil(2) callsJune McEnroe2021-10-07
|
* Refactor XDG base directory iterator APIJune McEnroe2021-10-05
| | | | Finally something more reasonable for call sites.
* Load and reload local certificates like normalJune McEnroe2021-10-05
|
* Delete local-path socket like normalJune McEnroe2021-10-05
|
* FreeBSD: Remove capsicum supportJune McEnroe2021-10-05
| | | | | capsicum is too impractical and removing it will allow much more straightforward code.
* Remove certbot default pathsJune McEnroe2021-10-05
|
* Remove TCP keepalive settingsJune McEnroe2021-10-03
| | | | | | | | | | | | | | | TCP keepalives were originally enabled to solve the problem of client connections staying idle for long periods of time, due to pounce not relaying PINGs from the server. Long-idle TCP connections are likely to be dropped by NAT routers, causing timeouts. Unfortunately, the TCP_KEEPIDLE socket option is not available on OpenBSD, so this was useless for pounce running there. The default timeout before sending keepalives is 2 hours, which is far longer than the timeout used by NAT routers, which seems to be 30 minutes. Now that pounce sends its own PINGs to idle clients approximately every 15 minutes, these TCP keepalive settings are unnecessary.
* Intercept client PONGJune McEnroe2021-10-03
| | | | | | | Since pounce responds to server PINGs itself and doesn't relay them to clients, the only PING a client could be responding to is one of pounce's, in which case it doesn't make sense to relay the PONG to the server.
* Send PING to idle clients after 15 minutesJune McEnroe2021-10-03
| | | | | | | | | | | This is to keep TCP connections to clients from being idle for more than 15 minutes, since regular PINGs from the server are answered by pounce and not relayed to clients. Note that there is still no timeout on poll(2) unless there are need clients. We assume that we are receiving (and swallowing) regular PINGs from the server at an interval shorter than 15 minutes, so a poll(2) timeout would be pointless.
* Track client idle timeJune McEnroe2021-10-03
| | | | Bumped on both send and receive.
* Log IRC to standard output with -vJune McEnroe2021-10-02
| | | | | So that it can actually be logged to a file separate from any errors or status messages. Also make sure only LF is used when logging.
* Explain what pounce does and some of how it works in README 2.5June McEnroe2021-09-06
| | | | That opening paragraph was severely lacking for a README.
* Document DIAGNOSTICSJune McEnroe2021-09-05
|
* Avoid logging that a new consumer dropped messagesJune McEnroe2021-09-05
| | | | | A new consumer is obviously expected to have dropped a huge number of messages.
* Use EX_USAGE for all local configuration errorsJune McEnroe2021-09-05
|
* Expand on -s size optionJune McEnroe2021-09-05
|
* Clarify parts of the manualJune McEnroe2021-09-05
| | | | | Most importantly, call out both times that it's IRC usernames pounce cares about, not nicknames.
* OpenBSD: Drop inet pledge when using unix socketJune McEnroe2021-09-03
| | | | | calico is passing us sockets it already accepted, so we don't need inet anymore.
* OpenBSD: Drop no longer needed unveils and pledge promisesJune McEnroe2021-09-03
|
* Reorder file loading in mainJune McEnroe2021-09-03
|
* Be nice and call tls_close(3) on the serverJune McEnroe2021-09-02
|
* Separate client QUIT and ERROR messagesJune McEnroe2021-09-02
| | | | So each can be logged properly with its prefix.
* Remove redundant clientDiff functionJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) the genCert code pathJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) the hashPass code pathJune McEnroe2021-09-02
|
* OpenBSD: pledge(2) printCert code path separatelyJune McEnroe2021-09-02
| | | | Ported from catgirl.
* Call serverConfig() with NULLs for -oJune McEnroe2021-09-02
| | | | | Always use insecure, and trust, clientCert, clientPriv are irrelevant for printing the remote certificate.
* Read from /dev/urandom instead of using getentropy(3)June McEnroe2021-09-02
| | | | | | | | | getentropy(3) is kind of an awkward function. May as well be generic as possible and read some random bytes from /dev/urandom, since for -x we don't really need to worry about being in some execution environment where that's unavailable. I'm also happy to remove that special-case include for macOS since its crypt(3) isn't even usable anyway.
* Separate stateSync intro messagesJune McEnroe2021-08-31
| | | | | So each message can be logged with its prefix. All other calls to clientFormat and serverFormat write one message at a time.
* Correct handling of colons in SASL PLAINJune McEnroe2021-08-30
| | | | Only the first colon should be replaced with a null byte.
* Declare producer staticJune McEnroe2021-08-28
|
* Use CapBits as length of FiltersJune McEnroe2021-08-28
| | | | | This should hopefully prevent accidentally using CapSomething rather than CapSomethingBit as an index in the future.