Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-03-30 | Update the GeoIP ExtItem when CGI:IRC sets the real IP (#1471) | genius3000 | |
Since CGI:IRC calls it's 'ChangeIP()' either from 'OnCheckReady()' or 'OnUserRegister()', both of which are called after the user has sent NICK/USER, we can safely skip re-setting the ExtItem prior to this point. This skips the first 'OnSetUserIP()' from 'User::AddUser()' as the 'OnSetConnectClass()' catch handles the initial setting. | |||
2018-03-02 | m_ssl_openssl: Remove deprecated API members. | Wade Cline | |
Backported from 2afc1af4639ae2bbef397f4f6acc834950017d91. | |||
2017-10-15 | Update wiki links to use HTTPS and point to the correct pages. | Peter Powell | |
When we release 3.0 these links will break as they will point to the pages for 3.0 rather than 2.0. | |||
2017-03-20 | m_ldapauth: fix providing username in PASS | Adam | |
This has never worked because it never prepended attribute= to the search string. It also would prefer matching nick/ident over the user string provided which is inconsistent, since your ability to authenticate using PASS would depend on a ldap entry not existing with your current nick/ident. Instead, use username provided in PASS and then fallback to nick/ident. | |||
2016-08-17 | m_sqlite3 Fix possible memory leak when opening a database fails | Attila Molnar | |
2016-07-22 | m_ssl_openssl Verify DH params being non-NULL before setting it on the context | Attila Molnar | |
Fixes issue reported by @m4rkw on IRC | |||
2016-06-21 | m_ssl_gnutls, m_ssl_openssl After a read schedule another read if data ↵ | Attila Molnar | |
remains in the buffer of the SSL library | |||
2016-02-11 | Update m_ssl_gnutls to use libgnutls-30 for gnutls 3.4 | Adam | |
2015-05-10 | m_ssl_gnutls Hold users in pre-registration state until the handshake is ↵ | Attila Molnar | |
completed | |||
2014-10-26 | Remove some dead code found by Coverity | Attila Molnar | |
2014-10-25 | Use gnutls_rnd instead of gcry_randomize on newer GnuTLS versions. | Peter Powell | |
This is a modified version of 690c372. Fixes #905. | |||
2014-10-20 | m_ssl_openssl Add compile time option that allows disabling renegotiations | Attila Molnar | |
2014-10-20 | m_ssl_openssl Add compile time option to enable ECDH | Attila Molnar | |
2014-10-20 | m_ssl_gnutls Add compile time option for allowing sha256 certificate ↵ | Attila Molnar | |
fingerprints | |||
2014-10-16 | Initialize all fields of issl_session on module load in SSL modules | Attila Molnar | |
2014-10-16 | Add interface to SSL modules that allows other modules to obtain the raw SSL ↵ | Attila Molnar | |
session of a socket | |||
2014-10-16 | m_ssl_gnutls Refcount GnuTLS objects, free them when they are no longer in ↵ | Attila Molnar | |
use instead of at /rehash ssl time | |||
2014-10-15 | m_ssl_openssl Fix debug message | Attila Molnar | |
2014-10-15 | m_ssl_openssl Reset data_to_write for new sessions | Attila Molnar | |
2014-10-15 | m_ssl_openssl Free the ssl_cert object as soon as the session is closed ↵ | Attila Molnar | |
instead of waiting for the next VerifyCertificate() or new connection | |||
2014-10-15 | m_ssl_openssl Remove bogus errno assignment from CloseSession() | Attila Molnar | |
2014-10-14 | m_ssl_openssl Return an error from the IOHook read and write functions if ↵ | Attila Molnar | |
the handshake returns 0 The meaning of a 0 return value quoted from the manual: The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol. | |||
2014-10-14 | m_ssl_openssl Add user-friendly config options for setting a few OpenSSL ↵ | Attila Molnar | |
context options | |||
2014-10-10 | m_ssl_openssl Allow configuring raw OpenSSL context options | Attila Molnar | |
2014-10-10 | m_ssl_openssl Disable session caching and session tickets | Attila Molnar | |
2014-10-10 | m_ssl_openssl Enable single (EC)DH use and disable SSL v2 | Attila Molnar | |
Options enabled: - SSL_OP_NO_SSLv2 - SSL_OP_SINGLE_DH_USE - SSL_OP_SINGLE_ECDH_USE (if it exists) Partial backport of #856 by @jvehent | |||
2014-10-08 | m_ssl_openssl Clear the error queue before every SSL_* call | Attila Molnar | |
2014-10-03 | m_ssl_gnutls Re-set DH params when the gnutls_certificate_credentials_t ↵ | Attila Molnar | |
struct is reallocated | |||
2014-09-02 | m_sqlite3 Fix cleanup of unsuccessful database connections | Attila Molnar | |
2014-07-24 | Make sure the DN strings obtained from the SSL mods are always valid | Attila Molnar | |
2014-04-13 | Change Windows libraries to be dynamically linked | Adam | |
2014-04-13 | m_ssl_openssl Avoid Applink on Windows by calling PEM_read_bio_DHparams() ↵ | Attila Molnar | |
instead of PEM_read_DHparams() | |||
2014-01-26 | m_ssl_openssl Fix memory leaks on /rehash ssl, unload and in VerifyCertificate() | Attila Molnar | |
2014-01-24 | Set a session id on our server ssl context in m_ssl_openssl. It is required ↵ | Adam | |
for some clients which try to restore SSL sessions. | |||
2013-08-13 | m_ssl_gnutls Fix feature testing and cipher suite related errors on older ↵ | attilamolnar | |
GnuTLS versions Use the (old) LIBGNUTLS_VERSION_* defines as a fallback when GNUTLS_VERSION_* is unavailable Fixes #595 reported by @rhylan | |||
2013-07-16 | m_ssl_openssl Fix inverted check that prevented certificates from being ↵ | attilamolnar | |
recognized as trusted | |||
2013-06-05 | Remove unnecessary string copies and dead code | attilamolnar | |
2013-06-04 | m_pgsql Same fix as 0e09600a431d0e0f2cde6457e088d84caf6d6f5d | attilamolnar | |
2013-06-01 | m_mysql Fix escaping strings longer than MAXBUF/2 | attilamolnar | |
Quotes from the documentation: "You must allocate the to buffer to be at least length*2+1 bytes long. (In the worst case, each character may need to be encoded as using two bytes, and you need room for the terminating null byte.)" "The return value is the length of the encoded string, not including the terminating null character." http://dev.mysql.com/doc/refman/5.6/en/mysql-real-escape-string.html | |||
2013-05-22 | m_mysql Fix crash on rehash when the database tags have been changed in the ↵ | attilamolnar | |
config | |||
2013-05-18 | m_geoip Set cc in OnSetConnectClass to the newly created string if it was NULL | attilamolnar | |
2013-05-02 | m_ssl_gnutls Call gnutls_transport_set_errno() on Windows only | attilamolnar | |
2013-05-02 | Fix gnutls (again) on Windows by using gnutls_transport_set_errno() | Adam | |
2013-04-24 | m_ssl_gnutls Add ability to load DH params from file | attilamolnar | |
This greatly decreases the load time because the DH parameters no longer have to be (re)generated each time the module is loaded | |||
2013-04-16 | Fix m_ssl_gnutls and perhaps some other things on Windows by recognizing ↵ | Adam | |
WSAEWOULDBLOCK | |||
2013-03-29 | m_ldapoper Make the module actually work | attilamolnar | |
Fixes #439 reported by @rhylan | |||
2013-03-29 | m_ldapoper Fix memory leak | attilamolnar | |
See 1813369adecc1efc9812e90c40c21dc32e4965c9 for details | |||
2013-03-15 | m_ssl_openssl Make it clear that a CA file is not mandatory | attilamolnar | |
2013-02-17 | m_ssl_gnutls Fix null pointer dereference in case gnutls_xxx_get_name() ↵ | attilamolnar | |
returns NULL | |||
2013-01-28 | m_ssl_gnutls Fix build with GnuTLS 1.x | attilamolnar | |
Fixes #409 reported by @SaberUK |