| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ported from catgirl:
commit 585039fb6e5097cfd16bc083c6d1c9356b237882
Author: Klemens Nanni <klemens@posteo.de>
Date: Sun Jun 20 14:42:10 2021 +0000
Use "secure" libtls ciphers
d3e90b6 'Use libtls "compat" ciphers' from 2018 fell back to "compat"
ciphers to support irc.mozilla.org which now yields NXDOMAIN.
All modern networks (should) support secure ciphers, so drop the
hopefully unneeded list of less secure ciphers by avoiding
tls_config_set_ciphers(3) and therefore sticking to the "secure" aka.
"default" set of ciphers in libtls.
A quick check shows that almost all of the big/known IRC networks
support TLS1.3 already; those who do not at least comply with
SSL_CTX_set_cipher_list(3)'s "HIGH" set as can be tested like this:
echo \
irc.hackint.org \
irc.tilde.chat \
irc.libera.chat \
irc.efnet.nl \
irc.oftc.net |
xargs -tn1 \
openssl s_client -quiet -cipher HIGH -no_ign_eof -port 6697 -host
|
| |
|
| |
|
|
|
|
| |
LibreSSL is "a modified version of that library".
|
|
|
|
| |
https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs
|
|
|
|
| |
We need to ignore SIGPIPE anyway for other platforms.
|
|
|
|
|
|
|
|
|
| |
This addresses pounce getting killed with "Excess flood" when it sends
NAMES commands for too many channels when a client connects. These
commands, as well as automatic AWAY commands, are by default throttled
to 5 per second.
Tested on freenode with 36 channels and 200ms interval.
|
|
|
|
|
|
| |
Filter functions are dealing with lines not including CRLF, so they
already have extra space. serverFormat is using snprintf which wants to
always write a NUL at the end of the string.
|
| |
|
|
|
|
| |
Yikes.
|
|
|
|
|
| |
I still think this limit is unreasonably large in comparison to 512 for
the actual message.
|
|
|
|
|
|
| |
This commit introduces a '-S' command line option and a "bind" configuration
file option for selecting the source address when making outbound TCP
connections (similar to the corresponding option in catgirl(1)).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
> Notwithstanding any other provision of this License, if you modify the
> Program, your modified version must prominently offer all users
> interacting with it remotely through a computer network (if your version
> supports such interaction) an opportunity to receive the Corresponding
> Source of your version by providing access to the Corresponding Source
> from a network server at no charge, through some standard or customary
> means of facilitating copying of software.
This potentially means that every freenode user, for example, is
interacting with this software, and offering the corresponding source to
each of them is an unreasonable burden.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
GNU doesn't implement memset_s, but both FreeBSD and GNU implement
explicit_bzero. Darwin doesn't, so #define it in terms of memset_s.
|
| |
|
|
|
|
|
|
|
| |
Also refuse to continue logging in if SASL authentication fails.
I should really just move all of log in and authentication from server.c
to state.c...
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
To disambiguate clientRecv and clientRead, say clientConsume.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|