ngIRCd GIT Updates

ngircd-commits@lists.barton.de

2442 Diskussionen

Alexander Barton : configure: conversation -> conversion
by alex＠arthur.barton.de 15 Feb '13

15 Feb '13

Module: ngircd.git Branch: master Commit: d5763937ad8d482f3e62299428f8cb4b601c6ace URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=d5763937… Author: Alexander Barton <alex(a)barton.de> Date: Fri Feb 15 21:26:47 2013 +0100 configure: conversation -> conversion --- configure.ng | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configure.ng b/configure.ng index 034b565..c030996 100644 --- a/configure.ng +++ b/configure.ng @@ -519,7 +519,7 @@ if test "$x_ircplus_on" = "yes"; then x_iconv_on=no AC_ARG_WITH(iconv, AS_HELP_STRING([--with-iconv], - [enable character conversation using libiconv]), + [enable character conversion using libiconv]), [ if test "$withval" != "no"; then if test "$withval" != "yes"; then CFLAGS="-I$withval/include $CFLAGS"

1 0

Alexander Barton : ngIRCd Release 20.2
by alex＠arthur.barton.de 15 Feb '13

15 Feb '13

Module: ngircd.git Branch: master Commit: 25b19e08e2083f7b1972820ca4c096687d7eeaca URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=25b19e08… Author: Alexander Barton <alex(a)barton.de> Date: Fri Feb 15 12:18:02 2013 +0100 ngIRCd Release 20.2 (cherry picked from commit c45d9dd1f08fddb95fa01d62c69848cd753a3161) --- ChangeLog | 29 +++++++++++++++++++++++++++++ NEWS | 6 ++++++ contrib/Debian/changelog | 6 ++++++ contrib/ngircd.spec | 2 +- 4 files changed, 42 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index a4cfdb9..08d337f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,35 @@ -- ChangeLog -- +ngIRCd 20.2 (2013-02-15) + + - Security: Fix a denial of service bug in the function handling KICK + commands that could be used by arbitrary users to to crash the daemon. + - WHO command: Use the currently "displayed hostname" (which can be cloaked!) + for hostname matching, not the real one. In other words: don't display all + the cloaked users on a specific real hostname! + - configure: The header file "netinet/in_systm.h" already is optional in + ngIRCd, so don't require it in the configure script. Now ngIRCd can be + built on Minix 3 again :-) + - Return better "Connection not registered as server link" errors: Now ngIRCd + returns a more specific error message for numeric ERR_NOTREGISTERED(451) + when a regular user tries to use a command that isn't allowed for users but + for servers. + - Don't report ERR_NEEDMOREPARAMS(461) when a MDOE command with more modes + than nicknames is handled, as well as for channel limit and key changes + without specifying the limit or key parameters. + This is how a lot (all?) other IRC servers behave, including ircd2.11, + InspIRCd, and ircd-seven. And because of clients (tested with Textual and + mIRC) sending bogus MODE commands like "MODE -ooo nick", end-users got the + expected result as well as correct but misleading error messages ... + - Correctly detect when SSL subsystem must be initialized and take + outgoing connections (server links!) into account, too. + - autogen.sh: Enforce serial test harness on GNU automake >=1.13. The + new parallel test harness which is enabled by default starting with + automake 1.13 isn't compatible with our test suite. + And don't use "egrep -o", insetead use "sed", because it isn't portable + and not available on OpenBSD, for example. + ngIRCd 20.1 (2013-01-02) - Allow ERROR command on server and service links only, ignore them and diff --git a/NEWS b/NEWS index be743e6..38f6029 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,12 @@ -- NEWS -- +ngIRCd 20.2 (2013-02-15) + + - This release is a bugfix release only, without new features. + - Security: Fix a denial of service bug in the function handling KICK + commands that could be used by arbitrary users to to crash the daemon. + ngIRCd 20.1 (2013-01-02) - This release is a bugfix release only, without new features. diff --git a/contrib/Debian/changelog b/contrib/Debian/changelog index 03c3df6..2e39af0 100644 --- a/contrib/Debian/changelog +++ b/contrib/Debian/changelog @@ -1,3 +1,9 @@ +ngircd (20.2-0ab1) unstable; urgency=high + + * New "upstream" release, fixing a security related bug: ngIRCd 20.2. + + -- Alexander Barton <alex(a)barton.de> Fri, 15 Feb 2013 12:17:00 +0100 + ngircd (20.1-0ab1) unstable; urgency=low * New "upstream" release: ngIRCd 20.1. diff --git a/contrib/ngircd.spec b/contrib/ngircd.spec index fa0a6a1..e2448a4 100644 --- a/contrib/ngircd.spec +++ b/contrib/ngircd.spec @@ -1,5 +1,5 @@ %define name ngircd -%define version 20.1 +%define version 20.2 %define release 1 %define prefix %{_prefix}

1 0

Alexander Barton : ngIRCd Release 20.2
by alex＠arthur.barton.de 15 Feb '13

15 Feb '13

Module: ngircd.git Branch: branch-20.x Commit: c45d9dd1f08fddb95fa01d62c69848cd753a3161 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=c45d9dd1… Author: Alexander Barton <alex(a)barton.de> Date: Fri Feb 15 12:18:02 2013 +0100 ngIRCd Release 20.2 --- ChangeLog | 29 +++++++++++++++++++++++++++++ NEWS | 6 ++++++ contrib/Debian/changelog | 6 ++++++ contrib/ngircd.spec | 2 +- 4 files changed, 42 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index a4cfdb9..08d337f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -9,6 +9,35 @@ -- ChangeLog -- +ngIRCd 20.2 (2013-02-15) + + - Security: Fix a denial of service bug in the function handling KICK + commands that could be used by arbitrary users to to crash the daemon. + - WHO command: Use the currently "displayed hostname" (which can be cloaked!) + for hostname matching, not the real one. In other words: don't display all + the cloaked users on a specific real hostname! + - configure: The header file "netinet/in_systm.h" already is optional in + ngIRCd, so don't require it in the configure script. Now ngIRCd can be + built on Minix 3 again :-) + - Return better "Connection not registered as server link" errors: Now ngIRCd + returns a more specific error message for numeric ERR_NOTREGISTERED(451) + when a regular user tries to use a command that isn't allowed for users but + for servers. + - Don't report ERR_NEEDMOREPARAMS(461) when a MDOE command with more modes + than nicknames is handled, as well as for channel limit and key changes + without specifying the limit or key parameters. + This is how a lot (all?) other IRC servers behave, including ircd2.11, + InspIRCd, and ircd-seven. And because of clients (tested with Textual and + mIRC) sending bogus MODE commands like "MODE -ooo nick", end-users got the + expected result as well as correct but misleading error messages ... + - Correctly detect when SSL subsystem must be initialized and take + outgoing connections (server links!) into account, too. + - autogen.sh: Enforce serial test harness on GNU automake >=1.13. The + new parallel test harness which is enabled by default starting with + automake 1.13 isn't compatible with our test suite. + And don't use "egrep -o", insetead use "sed", because it isn't portable + and not available on OpenBSD, for example. + ngIRCd 20.1 (2013-01-02) - Allow ERROR command on server and service links only, ignore them and diff --git a/NEWS b/NEWS index be743e6..38f6029 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,12 @@ -- NEWS -- +ngIRCd 20.2 (2013-02-15) + + - This release is a bugfix release only, without new features. + - Security: Fix a denial of service bug in the function handling KICK + commands that could be used by arbitrary users to to crash the daemon. + ngIRCd 20.1 (2013-01-02) - This release is a bugfix release only, without new features. diff --git a/contrib/Debian/changelog b/contrib/Debian/changelog index 03c3df6..2e39af0 100644 --- a/contrib/Debian/changelog +++ b/contrib/Debian/changelog @@ -1,3 +1,9 @@ +ngircd (20.2-0ab1) unstable; urgency=high + + * New "upstream" release, fixing a security related bug: ngIRCd 20.2. + + -- Alexander Barton <alex(a)barton.de> Fri, 15 Feb 2013 12:17:00 +0100 + ngircd (20.1-0ab1) unstable; urgency=low * New "upstream" release: ngIRCd 20.1. diff --git a/contrib/ngircd.spec b/contrib/ngircd.spec index fa0a6a1..e2448a4 100644 --- a/contrib/ngircd.spec +++ b/contrib/ngircd.spec @@ -1,5 +1,5 @@ %define name ngircd -%define version 20.1 +%define version 20.2 %define release 1 %define prefix %{_prefix}

1 0

Sebastian Köhler : KICK: Fix denial of service bug
by alex＠arthur.barton.de 15 Feb '13

15 Feb '13

Module: ngircd.git Branch: branch-20.x Commit: b3d4cf9081fc32df969760b5b58a21954a27d073 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=b3d4cf90… Author: Sebastian Köhler <sebkoehler(a)whoami.org.uk> Date: Thu Feb 14 19:21:01 2013 +0100 KICK: Fix denial of service bug Test if the user that it is to be kicked is on the channel before user channel modes are tested. Otherwise assert( cl2chan != NULL ); in line 742 would fail and stop the service. (cherry picked from commit 0e63fb3fa7ac4ca048e8c2b648d2be3fd0572311) --- src/ngircd/channel.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ngircd/channel.c b/src/ngircd/channel.c index 00aafe0..b7c3570 100644 --- a/src/ngircd/channel.c +++ b/src/ngircd/channel.c @@ -326,6 +326,13 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name, } } + /* Check that the client to be kicked is on the specified channel */ + if (!Channel_IsMemberOf(chan, Target)) { + IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG, + Client_ID(Origin), Client_ID(Target), Name ); + return; + } + if(Client_Type(Peer) == CLIENT_USER) { /* Channel mode 'Q' and user mode 'q' on target: nobody but * IRC Operators and servers can kick the target user */ @@ -382,13 +389,6 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name, } } - /* Check that the client to be kicked is on the specified channel */ - if (!Channel_IsMemberOf(chan, Target)) { - IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG, - Client_ID(Origin), Client_ID(Target), Name ); - return; - } - /* Kick Client from channel */ Remove_Client( REMOVE_KICK, chan, Target, Origin, Reason, true); } /* Channel_Kick */

1 0

Sebastian Köhler : KICK: Fix denial of service bug
by alex＠arthur.barton.de 15 Feb '13

15 Feb '13

Module: ngircd.git Branch: master Commit: 0e63fb3fa7ac4ca048e8c2b648d2be3fd0572311 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=0e63fb3f… Author: Sebastian Köhler <sebkoehler(a)whoami.org.uk> Date: Thu Feb 14 19:21:01 2013 +0100 KICK: Fix denial of service bug Test if the user that it is to be kicked is on the channel before user channel modes are tested. Otherwise assert( cl2chan != NULL ); in line 742 would fail and stop the service. --- src/ngircd/channel.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ngircd/channel.c b/src/ngircd/channel.c index 4eab272..45bf615 100644 --- a/src/ngircd/channel.c +++ b/src/ngircd/channel.c @@ -326,6 +326,13 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name, } } + /* Check that the client to be kicked is on the specified channel */ + if (!Channel_IsMemberOf(chan, Target)) { + IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG, + Client_ID(Origin), Client_ID(Target), Name ); + return; + } + if(Client_Type(Peer) == CLIENT_USER) { /* Channel mode 'Q' and user mode 'q' on target: nobody but * IRC Operators and servers can kick the target user */ @@ -382,13 +389,6 @@ Channel_Kick(CLIENT *Peer, CLIENT *Target, CLIENT *Origin, const char *Name, } } - /* Check that the client to be kicked is on the specified channel */ - if (!Channel_IsMemberOf(chan, Target)) { - IRC_WriteStrClient(Origin, ERR_USERNOTINCHANNEL_MSG, - Client_ID(Origin), Client_ID(Target), Name ); - return; - } - /* Kick Client from channel */ Remove_Client( REMOVE_KICK, chan, Target, Origin, Reason, true); } /* Channel_Kick */

1 0

Alexander Barton : sighandlers.c: Update some log messages
by alex＠arthur.barton.de 13 Feb '13

13 Feb '13

Module: ngircd.git Branch: master Commit: 3e723318961b452c851eda2bec2a322fc249bfce URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=3e723318… Author: Alexander Barton <alex(a)barton.de> Date: Wed Feb 13 00:26:16 2013 +0100 sighandlers.c: Update some log messages --- src/ngircd/sighandlers.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/src/ngircd/sighandlers.c b/src/ngircd/sighandlers.c index 8f0a5a1..6d5ea8f 100644 --- a/src/ngircd/sighandlers.c +++ b/src/ngircd/sighandlers.c @@ -1,5 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon + * Copyright (c)2001-2013 Alexander Barton (alex(a)barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -40,7 +41,6 @@ static const int signals_catch[] = { SIGINT, SIGQUIT, SIGTERM, SIGHUP, SIGCHLD, SIGUSR1, SIGUSR2 }; - #ifdef DEBUG static void @@ -57,7 +57,6 @@ Dump_State(void) #endif - static void Signal_Block(int sig) { @@ -73,7 +72,6 @@ Signal_Block(int sig) #endif } - static void Signal_Unblock(int sig) { @@ -90,7 +88,6 @@ Signal_Unblock(int sig) #endif } - /** * Reload the server configuration file. */ @@ -117,18 +114,21 @@ Rehash(void) * be changed during run-time */ if (strcmp(old_name, Conf_ServerName) != 0 ) { strlcpy(Conf_ServerName, old_name, sizeof Conf_ServerName); - Log(LOG_ERR, "Can't change \"ServerName\" on runtime! Ignored new name."); + Log(LOG_ERR, + "Can't change \"ServerName\" on runtime! Ignored new name."); } if (old_nicklen != Conf_MaxNickLength) { Conf_MaxNickLength = old_nicklen; - Log(LOG_ERR, "Can't change \"MaxNickLength\" on runtime! Ignored new value."); + Log(LOG_ERR, + "Can't change \"MaxNickLength\" on runtime! Ignored new value."); } /* Create new pre-defined channels */ Channel_InitPredefined( ); if (!ConnSSL_InitLibrary()) - Log(LOG_WARNING, "Re-Initializing SSL failed, using old keys"); + Log(LOG_WARNING, + "Re-Initializing of SSL failed, using old keys!"); /* Start listening on sockets */ Conn_InitListeners( ); @@ -139,7 +139,6 @@ Rehash(void) Log( LOG_NOTICE|LOG_snotice, "Re-reading of configuration done." ); } /* Rehash */ - /** * Signal handler of ngIRCd. * This function is called whenever ngIRCd catches a signal sent by the @@ -198,7 +197,6 @@ Signal_Handler(int Signal) Signal_Block(Signal); } /* Signal_Handler */ - /** * Signal processing handler of ngIRCd. * This function is called from the main conn event loop in (io_dispatch) @@ -231,7 +229,6 @@ Signal_Handler_BH(int Signal) Signal_Unblock(Signal); } - static void Signal_Callback(int fd, short UNUSED what) { @@ -248,15 +245,15 @@ Signal_Callback(int fd, short UNUSED what) if (errno == EAGAIN || errno == EINTR) return; - Log(LOG_EMERG, "read from signal pipe: %s", strerror(errno)); + Log(LOG_EMERG, "Read from signal pipe: %s - Exiting!", + strerror(errno)); exit(1); } - Log(LOG_EMERG, "EOF on signal pipe"); + Log(LOG_EMERG, "EOF on signal pipe!? - Exiting!"); exit(1); } - /** * Initialize the signal handlers, catch * those signals we are interested in and sets SIGPIPE to be ignored. @@ -306,7 +303,6 @@ Signals_Init(void) return io_event_create(signalpipe[0], IO_WANTREAD, Signal_Callback); } /* Signals_Init */ - /** * Restores signals to their default behaviour. *

1 0

Alexander Barton : my_sd_listen_fds(): really return an "int"
by alex＠arthur.barton.de 11 Feb '13

11 Feb '13

Module: ngircd.git Branch: master Commit: 1438771124ed4730aca2d722595166e31ecd88c5 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=14387711… Author: Alexander Barton <alex(a)barton.de> Date: Mon Feb 11 23:25:13 2013 +0100 my_sd_listen_fds(): really return an "int" This fixes the following warning using Apple LLVM version 4.2 (clang-425.0.24) on OS X: src/ngircd/conn.c:157:9: Implicit conversion loses integer precision: 'long' to 'int' --- src/ngircd/conn.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index 3a43042..3c1427d 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -139,7 +139,7 @@ static int my_sd_listen_fds(void) { const char *e; - long count; + int count; /* Check if LISTEN_PID exists; but we ignore the result, because * normally ngircd forks a child before checking this, and therefore @@ -151,7 +151,7 @@ my_sd_listen_fds(void) e = getenv("LISTEN_FDS"); if (!e || !*e) return -1; - count = atol(e); + count = atoi(e); unsetenv("LISTEN_FDS"); return count;

1 0

Alexander Barton : Allow "@" character in user names for authentication
by alex＠arthur.barton.de 11 Feb '13

11 Feb '13

Module: ngircd.git Branch: master Commit: 4b15f10fbb036da96caaf9ffcffd27cd9f6815d2 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=4b15f10f… Author: Alexander Barton <alex(a)barton.de> Date: Mon Feb 11 13:57:54 2013 +0100 Allow "@" character in user names for authentication The "@" character isn't allowed in IRC usernames, because it is the separator between user name and hostname in IRC masks: <nickname>!<username>@<hostname> This patch accepts user names including "@" characters, saves the unmodified name for authentication but stores only the part in front of the "@" character as "IRC user name". And the latter is how ircd2.11, Bahamut, and irc-seven behave as well. Closes bug #155. --- src/ngircd/irc-login.c | 10 ++++++++-- src/ngircd/login.c | 10 +++++++++- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/ngircd/irc-login.c b/src/ngircd/irc-login.c index e7d83ef..52c6e46 100644 --- a/src/ngircd/irc-login.c +++ b/src/ngircd/irc-login.c @@ -444,7 +444,7 @@ IRC_USER(CLIENT * Client, REQUEST * Req) ptr = Req->argv[0]; while (*ptr) { if (!isalnum((int)*ptr) && - *ptr != '+' && *ptr != '-' && + *ptr != '+' && *ptr != '-' && *ptr != '@' && *ptr != '.' && *ptr != '_') { Conn_Close(Client_Conn(Client), NULL, "Invalid user name", true); @@ -453,6 +453,13 @@ IRC_USER(CLIENT * Client, REQUEST * Req) ptr++; } + /* Save the received username for authentication, and use + * it up to the first '@' as default user name (like ircd2.11, + * bahamut, ircd-seven, ...), prefixed with '~', if needed: */ + Client_SetOrigUser(Client, Req->argv[0]); + ptr = strchr(Req->argv[0], '@'); + if (ptr) + *ptr = '\0'; #ifdef IDENTAUTH ptr = Client_User(Client); if (!ptr || !*ptr || *ptr == '~') @@ -460,7 +467,6 @@ IRC_USER(CLIENT * Client, REQUEST * Req) #else Client_SetUser(Client, Req->argv[0], false); #endif - Client_SetOrigUser(Client, Req->argv[0]); /* "Real name" or user info text: Don't set it to the empty * string, the original ircd can't deal with such "real names" diff --git a/src/ngircd/login.c b/src/ngircd/login.c index d79344b..d8c8c40 100644 --- a/src/ngircd/login.c +++ b/src/ngircd/login.c @@ -202,6 +202,7 @@ Login_User_PostAuth(CLIENT *Client) static void cb_Read_Auth_Result(int r_fd, UNUSED short events) { + char user[CLIENT_USER_LEN], *ptr; CONN_ID conn; CLIENT *client; int result; @@ -233,7 +234,14 @@ cb_Read_Auth_Result(int r_fd, UNUSED short events) } if (result == true) { - Client_SetUser(client, Client_OrigUser(client), true); + /* Authentication succeeded, now set the correct user name + * supplied by the client (without prepended '~' for exmaple), + * but cut it at the first '@' character: */ + strlcpy(user, Client_OrigUser(client), sizeof(user)); + ptr = strchr(user, '@'); + if (ptr) + *ptr = '\0'; + Client_SetUser(client, user, true); (void)Login_User_PostAuth(client); } else Client_Reject(client, "Bad password", false);

1 0

Alexander Barton : Merge branch 'bug155-allowAtInUser'
by alex＠arthur.barton.de 11 Feb '13

11 Feb '13

Module: ngircd.git Branch: master Commit: b95dfb3ffd798e00df54b52496963d2a998ccbb0 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=b95dfb3f… Author: Alexander Barton <alex(a)barton.de> Date: Mon Feb 11 13:58:30 2013 +0100 Merge branch 'bug155-allowAtInUser' * bug155-allowAtInUser: Allow "@" character in user names for authentication ---

1 0

Alexander Barton : Merge branch 'systemd'
by alex＠arthur.barton.de 10 Feb '13

10 Feb '13

Module: ngircd.git Branch: master Commit: 628c14d65686c4c848a17381b8ef61c78dbcf405 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=628c14d6… Author: Alexander Barton <alex(a)barton.de> Date: Sun Feb 10 20:43:56 2013 +0100 Merge branch 'systemd' * systemd: ngircd.sock: explicitely bind to IPv4 and IPv6 addresses Show address and port of sockets passed-in by systemd(8) Check type of sockets passed-in by systemd(8) Adjust severity levels of some log messages New configuration option "IdleTimeout": exit daemon when idle Implement support for systemd(8) "socket activation" contrib/README: add more files ---

1 0

Springe zur Seite:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

ngIRCd GIT Updates