3
0
mirror of https://github.com/jlu5/PyLink.git synced 2024-11-24 03:29:28 +01:00
Commit Graph

3469 Commits

Author SHA1 Message Date
James Lu
26361c4cc9 IRCNetwork: warn when using plaintext links to non-local addresses 2018-06-15 18:30:21 -07:00
James Lu
e5f817fc95 IRCNetwork: suppress "You can enhance...security...[with] ssl_fingerprint" notices when TLS cert validation is enabled 2018-06-15 15:57:45 -07:00
James Lu
ab9df93898 IRCNetwork: more consistent log format when remote certfp is verified 2018-06-15 15:52:04 -07:00
James Lu
b26d75a6a8 IRCNetwork: handle the case when certificate fingerprint checking is on but the remote provides no cert 2018-06-15 15:50:32 -07:00
James Lu
fefd5a1f6b IRCNetwork: raise ssl.CertificateError instead of an in house exception if certfp is mismatched
Also, fix the expected and real fingerprints being logged in the wrong order.
2018-06-15 15:48:09 -07:00
James Lu
68837aa927 example-conf: enable TLS/SSL by default in all the example server blocks 2018-06-15 15:43:20 -07:00
James Lu
17cd7af22d example-conf: reorder sample server options
Move TLS/SSL options higher up; shift pingfreq and autoconnect options further down
2018-06-15 15:41:20 -07:00
James Lu
17f0b09eb2 example-conf: suggest turning on TLS/SSL in the hostname-as-IP example 2018-06-15 15:36:59 -07:00
James Lu
8fa53f60cb example-conf: copy some more autoconnect examples to the clientbot block 2018-06-15 15:32:35 -07:00
James Lu
76c0db15c4 core: merge TLS validation code into IRCNetwork (#592)
Certificate verification is now enabled for all Clientbot networks, but not yet for S2S links (self-signed certs are common here and direct IP links even more so)
2018-06-15 15:29:15 -07:00
James Lu
e38cd0ada2 get_hostname_type: return 0 for hostnames instead of False for consistency 2018-06-15 14:02:30 -07:00
James Lu
4524aebbac clientbot: initial pass of TLS cert validation (#592)
This works OK, but we should make the validation options built-in instead of clientbot-specific.
2018-06-15 02:47:12 -07:00
James Lu
d3125d9a8f core: automatically detect between IPv4 / IPv6 addresses on connect
Closes #212.
2018-06-15 02:43:33 -07:00
James Lu
5ea33baa8e utils: add get_hostname_type() to autodetect address types (#212) 2018-06-15 02:39:20 -07:00
James Lu
040b009fcb clientbot: ignore RPL_ENDOFBANLIST (368) responses for removed channels 2018-06-15 02:19:56 -07:00
James Lu
c3bb0f7aca relay: rework kill->kick forwarding to send from the sender network's subservers
This makes the kick message a lot neater.

Before:
* net1.relay has kicked GL/net1 from #test ((net2.relay) KILL FWD from GL/net2: test)

After:
* net2.relay has kicked GL/net1 from #test (KILL FWD from GL/net2: test)
2018-06-14 14:48:54 -07:00
James Lu
a98dd36810 example-conf: mention kill -> kick forwarding briefly
[skip ci]
2018-06-14 14:44:03 -07:00
James Lu
56c035a1f5 IRCNetwork: fix broken ping timeout handling
Check for ping outs in the ping scheduler instead of the listener... If the connection is dead, the listener won't ever be called.
2018-06-14 01:18:33 -07:00
James Lu
b2421f5e15 IRCNetwork: simplify connection error handling 2018-06-14 01:18:33 -07:00
James Lu
579b5ce93f IRCNetwork: split SSL connection setup into separate functions
* _make_ssl_context(): returns the SSLContext to use on he network (with options set)
* _setup_ssl(): sets up TLS by loading certfile / keyfile and calling wrap_socket()
* _verify_ssl(): implements certificate fingerprint verification, raising TLSVerificationError (a new subclass of ConnectionError) if this fails

This is a prerequisite for #592.
2018-06-14 01:17:39 -07:00
James Lu
8386edc6d5 conf: rename ConfigValidationError -> ConfigurationError & inherit from RuntimeError 2018-06-13 22:46:58 -07:00
James Lu
76b58c4432 relay: log chandesc changes to INFO 2018-06-12 02:36:37 -07:00
James Lu
77fd9475b6 relay: show channel descriptions before "created by" info 2018-06-12 02:33:29 -07:00
James Lu
8c42825612 relay: allow disabling free link access for all opers 2018-06-12 00:26:24 -07:00
James Lu
5617224780 example-conf: roughly sort "relay:" block options by usefulness
[skip ci]
2018-06-12 00:13:54 -07:00
James Lu
deff6d077d match_host: remove deprecation notice for non-host globs
This is too flaky with commands taking arbitrary user inputs (e.g. opercmds/checkban)
2018-06-12 00:02:18 -07:00
James Lu
1b68bfadc6 coremods, plugins, protocols: drop now redundant allowAuthed=False in is_oper() calls 2018-06-11 23:56:44 -07:00
James Lu
2ca9de2ea8 PyLinkNCWUtils: make the allowAuthed, allowOper options to is_oper no-ops 2018-06-11 23:55:19 -07:00
James Lu
18f108c328 PyLinkNCWUtils: remove check_authenticated() (#422) 2018-06-11 23:54:48 -07:00
James Lu
ed5d46e28a utils: remove deprecated is* functions 2018-06-11 23:48:12 -07:00
James Lu
a30921eeb8 classes: remove irc.conf (#422) 2018-06-11 23:44:59 -07:00
James Lu
3bea214cb0 classes: remove irc.botdata (#422) 2018-06-11 23:43:57 -07:00
James Lu
2e3317ce07 relay: explicitly mention forwarding in relayed kill messages (#520) 2018-06-11 19:26:52 -07:00
James Lu
7d56b30582 opercmds: skip verbose formatting of kill reasons for internal targets (#520) 2018-06-11 19:26:51 -07:00
James Lu
5ecbc2750e exec: fix textwrap error caused by passing the wrong type to reply() 2018-06-11 19:26:51 -07:00
James Lu
1a97a32ef5 ircs2s_common: return just the kill reason as text in kill parsing (#520) 2018-06-11 19:26:42 -07:00
James Lu
93fef9b923 relay: use match_text() to check forcetag_nicks globs 2018-06-11 18:51:30 -07:00
James Lu
73d0e153cf relay: support relaying kills (#520)
Instead of always bouncing, kills to a relay client are now handled as follows:

1) If the target and source networks are both in any killshare pool, relay the kill entirely
2) Otherwise, iterate over all channels the kill target is in:
    3) If the killer has claim access in a channel, forward the KILL as a kick
    4) Otherwise, bounce the kill (so far, silently)

TODO: kill messages are currently very cluttered, we should make our parser deliver more concise strings...
* GL|unreal has quit (Killed (chary.relay (KILL from GL/chary: Killed (GL (test)))))
2018-06-11 18:34:52 -07:00
James Lu
9466813ba1 relay: switch to a flexible, pool-based configuration scheme for IP sharing
This deprecates the "relay::show_ips" and network-specific "relay_no_ips" options, replacing it with the "relay::ip_share_pools" list.
2018-06-11 17:29:29 -07:00
James Lu
5f9904126a log: drop client-in-channel requirement for channel logging 2018-06-11 17:26:04 -07:00
James Lu
17ffd1f640 automode: log mass-removals to INFO as well 2018-06-10 14:36:40 -07:00
James Lu
372e7fb405 automode: send delacc confirmations from the right client
Also bold some parts of the output for easier viewing.
2018-06-10 14:31:56 -07:00
James Lu
8608c72b16 automode: allow removing entries by entry numbers
Closes #506.

This isn't the most efficient implementation because Automode entry lists are actually unordered...
So far we're relying on consistent sorting of entries between LISTACC and DELACC, and indrectly removing entries by comparing the entry list with remove_range's output.
2018-06-09 23:12:37 -07:00
James Lu
c919c523dc utils: add remove_range()
"""
    Removes a range string of (one-indexed) items from the list.
    Range strings are indices or ranges of them joined together with a ",":
    e.g. "5", "2", "2-10", "1,3,5-8"

    See test/test_utils.py for more complete examples.
    """
2018-06-09 17:03:40 -07:00
James Lu
f8e3cfa346 antispam: strip IRC formatting by default before processing
Closes #615.
2018-06-09 16:22:14 -07:00
James Lu
ebf7443d97 antispam: add a "block" verb, and make textfilter use it by default
Closes #616.
2018-06-09 16:22:14 -07:00
James Lu
de62b2e77a utils: add strip_irc_formatting() 2018-06-09 16:22:14 -07:00
James Lu
f9d21c2b10 UserMapping: fix wrong args to __copy__ 2018-06-09 10:44:36 -07:00
James Lu
0ae7eb2563 relay_clientbot: allow overriding clientbot styles by network
Closes #455.
2018-06-08 19:15:47 -07:00
James Lu
b1248524a9 relay: raise an error when trying to delink a leaf channel from another leaf network
Previously this would (confusingly) delink the channel from the network the command was called on instead of the intended target.
2018-06-08 18:45:45 -07:00