This fixes the null-dereference reported on full-disclosure [1]. A
corrected analysis of the issue
follows below:
When SASL authentication completes, and auth_user is requested,
client_p->user may be NULL. Thusly accessing fields of client_p->user
may cause a null dereference. In these cases, aborting SASL auth
early is a correct interpretation of the IRCv3.1 specification. The
code must handle this situation, which this commit corrects.
[1]: http://seclists.org/fulldisclosure/2014/Mar/320
Merge of commit da2fc2cbdec471b516a2aa56ed9f3513da8df87c in master
The behavior of cutting at the first '~' is confusing at first, and
looks too much like a bug.
atheme/charybdis@96b89dce38
This is a lot like the previous channel owner mode patch, except the
documentation that previously said "admin" now says "owner" in comments.
src/channel: Kicking logic for owner mode fixed
src/channel: Document the kick/deop logic
decruft: remove temporary files
Add two mechanism for avoiding name-collisions in a system-wide installation of charybdis. The ssld and bandb daemons, intended to be directly used by ircd and not the user, install into libexec when --enable-fhs-paths is set. For binaries which are meant to be in PATH (bindir), such as ircd and viconf, there is now an option --with-program-prefix=progprefix inspired by automake. If the user specifies --with-program-prefix=charybdis, the ircd binary is named charybdisircd when installed. Add support for saving the pidfile to a rundir and storing the ban database in localstatedir instead of in sysconfdir. This is, again, conditional on --enable-fhs-paths. Fix(?) genssl.sh to always write created SSL key/certificate/dh parameters to the sysconfdir specified during ./configure. The previous behavior was to assume that the user ran genssl.sh after ensuring that his current working directory was either sysconfdir or a sibling directory of sysconfdir.
Do kick_on_split_riding if services sends an SJOIN
with a lower TS and a different key. This relies on
services restoring TS (changets option in atheme) and
services not immediately parting after receiving the
KICK, which is the case in recent atheme.
For invite-only channels, still only do
kick_on_split_riding in netbursts. Services is
assumed to handle this itself (atheme does).
Any hunted parameter with wildcards is now assumed
to be a server, never a user.
Reasons:
* fewer match() calls
* do not disclose existing nicknames
* more intuitive behaviour for CONNECT
m_trace has a copy of some hunt_server logic in it
(for the RPL_TRACELINK reply), so adjust that too.
Modeset files are modules stored in shadowircd/modes. All they do is initalize
a set of modes on load, and orphan said modes on unload.
All cmodes not included in ircd-ratbox are now located in modeset files, rather
than being in the core. These modes no longer simply use defines, their
locations are stored in a the new struct module_modes. Each of these is set
when intializing the mode in the modeset files, and set to 0 when orphaning
the mode upon unloading the modeset file.
In addition, use_forward has been removed, as it is now obsoleted by modesets.