mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-22 18:52:41 +01:00
Merge pull request #1620 from slingamn/bugs
small fixes to kick off the 2.7 window
This commit is contained in:
commit
3ceb346c61
@ -58,6 +58,8 @@ server:
|
|||||||
# always send a PROXY protocol header ahead of the connection. See the
|
# always send a PROXY protocol header ahead of the connection. See the
|
||||||
# manual ("Reverse proxies") for more details.
|
# manual ("Reverse proxies") for more details.
|
||||||
proxy: false
|
proxy: false
|
||||||
|
# set the minimum TLS version:
|
||||||
|
min-tls-version: 1.2
|
||||||
|
|
||||||
# Example of a Unix domain socket for proxying:
|
# Example of a Unix domain socket for proxying:
|
||||||
# "/tmp/oragono_sock":
|
# "/tmp/oragono_sock":
|
||||||
|
@ -176,6 +176,10 @@ func (cm *ChannelManager) maybeCleanup(channel *Channel, afterJoin bool) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
cm.maybeCleanupInternal(cfname, entry, afterJoin)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (cm *ChannelManager) maybeCleanupInternal(cfname string, entry *channelManagerEntry, afterJoin bool) {
|
||||||
if afterJoin {
|
if afterJoin {
|
||||||
entry.pendingJoins -= 1
|
entry.pendingJoins -= 1
|
||||||
}
|
}
|
||||||
@ -288,6 +292,9 @@ func (cm *ChannelManager) SetUnregistered(channelName string, account string) (e
|
|||||||
entry.skeleton = skel
|
entry.skeleton = skel
|
||||||
cm.chans[cfname] = entry
|
cm.chans[cfname] = entry
|
||||||
}
|
}
|
||||||
|
// #1619: if the channel has 0 members and was only being retained
|
||||||
|
// because it was registered, clean it up:
|
||||||
|
cm.maybeCleanupInternal(cfname, entry, false)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -59,6 +59,7 @@ type listenerConfigBlock struct {
|
|||||||
TLS TLSListenConfig
|
TLS TLSListenConfig
|
||||||
// SNI configuration, with multiple certificates:
|
// SNI configuration, with multiple certificates:
|
||||||
TLSCertificates []TLSListenConfig `yaml:"tls-certificates"`
|
TLSCertificates []TLSListenConfig `yaml:"tls-certificates"`
|
||||||
|
MinTLSVersion string `yaml:"min-tls-version"`
|
||||||
Proxy bool
|
Proxy bool
|
||||||
Tor bool
|
Tor bool
|
||||||
STSOnly bool `yaml:"sts-only"`
|
STSOnly bool `yaml:"sts-only"`
|
||||||
@ -881,10 +882,29 @@ func loadTlsConfig(config listenerConfigBlock) (tlsConfig *tls.Config, err error
|
|||||||
result := tls.Config{
|
result := tls.Config{
|
||||||
Certificates: certificates,
|
Certificates: certificates,
|
||||||
ClientAuth: clientAuth,
|
ClientAuth: clientAuth,
|
||||||
|
MinVersion: tlsMinVersionFromString(config.MinTLSVersion),
|
||||||
}
|
}
|
||||||
return &result, nil
|
return &result, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func tlsMinVersionFromString(version string) uint16 {
|
||||||
|
version = strings.ToLower(version)
|
||||||
|
version = strings.TrimPrefix(version, "v")
|
||||||
|
switch version {
|
||||||
|
case "1", "1.0":
|
||||||
|
return tls.VersionTLS10
|
||||||
|
case "1.1":
|
||||||
|
return tls.VersionTLS11
|
||||||
|
case "1.2":
|
||||||
|
return tls.VersionTLS12
|
||||||
|
case "1.3":
|
||||||
|
return tls.VersionTLS13
|
||||||
|
default:
|
||||||
|
// tls package will fill in a sane value, currently 1.0
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func loadCertWithLeaf(certFile, keyFile string) (cert tls.Certificate, err error) {
|
func loadCertWithLeaf(certFile, keyFile string) (cert tls.Certificate, err error) {
|
||||||
// LoadX509KeyPair: "On successful return, Certificate.Leaf will be nil because
|
// LoadX509KeyPair: "On successful return, Certificate.Leaf will be nil because
|
||||||
// the parsed form of the certificate is not retained." tls.Config:
|
// the parsed form of the certificate is not retained." tls.Config:
|
||||||
@ -1477,11 +1497,6 @@ func LoadConfig(filename string) (config *Config, err error) {
|
|||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
err = config.prepareListeners()
|
|
||||||
if err != nil {
|
|
||||||
return nil, fmt.Errorf("failed to prepare listeners: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// #1428: Tor listeners should never see STS
|
// #1428: Tor listeners should never see STS
|
||||||
config.Server.supportedCapsWithoutSTS = caps.NewSet()
|
config.Server.supportedCapsWithoutSTS = caps.NewSet()
|
||||||
config.Server.supportedCapsWithoutSTS.Union(config.Server.supportedCaps)
|
config.Server.supportedCapsWithoutSTS.Union(config.Server.supportedCaps)
|
||||||
|
13
irc/modes.go
13
irc/modes.go
@ -32,6 +32,9 @@ var (
|
|||||||
// to confirm that the client actually has a valid operclass)
|
// to confirm that the client actually has a valid operclass)
|
||||||
func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool, oper *Oper) modes.ModeChanges {
|
func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool, oper *Oper) modes.ModeChanges {
|
||||||
applied := make(modes.ModeChanges, 0)
|
applied := make(modes.ModeChanges, 0)
|
||||||
|
// #1617: if the user is offline, they are not counted in LUSERS,
|
||||||
|
// so don't modify the LUSERS stats for +i or +o.
|
||||||
|
present := len(client.Sessions()) != 0
|
||||||
|
|
||||||
for _, change := range changes {
|
for _, change := range changes {
|
||||||
if change.Mode != modes.ServerNotice {
|
if change.Mode != modes.ServerNotice {
|
||||||
@ -42,9 +45,9 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if client.SetMode(change.Mode, true) {
|
if client.SetMode(change.Mode, true) {
|
||||||
if change.Mode == modes.Invisible {
|
if change.Mode == modes.Invisible && present {
|
||||||
client.server.stats.ChangeInvisible(1)
|
client.server.stats.ChangeInvisible(1)
|
||||||
} else if change.Mode == modes.Operator {
|
} else if change.Mode == modes.Operator && present {
|
||||||
client.server.stats.ChangeOperators(1)
|
client.server.stats.ChangeOperators(1)
|
||||||
}
|
}
|
||||||
applied = append(applied, change)
|
applied = append(applied, change)
|
||||||
@ -53,11 +56,13 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
|||||||
case modes.Remove:
|
case modes.Remove:
|
||||||
var removedSnomasks string
|
var removedSnomasks string
|
||||||
if client.SetMode(change.Mode, false) {
|
if client.SetMode(change.Mode, false) {
|
||||||
if change.Mode == modes.Invisible {
|
if change.Mode == modes.Invisible && present {
|
||||||
client.server.stats.ChangeInvisible(-1)
|
client.server.stats.ChangeInvisible(-1)
|
||||||
} else if change.Mode == modes.Operator {
|
} else if change.Mode == modes.Operator {
|
||||||
removedSnomasks = client.server.snomasks.String(client)
|
removedSnomasks = client.server.snomasks.String(client)
|
||||||
|
if present {
|
||||||
client.server.stats.ChangeOperators(-1)
|
client.server.stats.ChangeOperators(-1)
|
||||||
|
}
|
||||||
applyOper(client, nil, nil)
|
applyOper(client, nil, nil)
|
||||||
if removedSnomasks != "" {
|
if removedSnomasks != "" {
|
||||||
client.server.snomasks.RemoveClient(client)
|
client.server.snomasks.RemoveClient(client)
|
||||||
@ -86,7 +91,7 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
|||||||
if len(addMasks) != 0 {
|
if len(addMasks) != 0 {
|
||||||
oper := client.Oper()
|
oper := client.Oper()
|
||||||
// #1176: require special operator privileges to subscribe to snomasks
|
// #1176: require special operator privileges to subscribe to snomasks
|
||||||
if oper.HasRoleCapab("snomasks") || oper.HasRoleCapab("ban") {
|
if force || oper.HasRoleCapab("snomasks") || oper.HasRoleCapab("ban") {
|
||||||
success = true
|
success = true
|
||||||
client.server.snomasks.AddMasks(client, addMasks...)
|
client.server.snomasks.AddMasks(client, addMasks...)
|
||||||
}
|
}
|
||||||
|
2
irctest
2
irctest
@ -1 +1 @@
|
|||||||
Subproject commit 5e622a34d38be329aec98b3b983a239fe3e1b4b7
|
Subproject commit 322cb7ae26a2a94a0daec5458373319fa4e0e743
|
@ -32,6 +32,8 @@ server:
|
|||||||
# always send a PROXY protocol header ahead of the connection. See the
|
# always send a PROXY protocol header ahead of the connection. See the
|
||||||
# manual ("Reverse proxies") for more details.
|
# manual ("Reverse proxies") for more details.
|
||||||
proxy: false
|
proxy: false
|
||||||
|
# optionally set the minimum TLS version (defaults to 1.0):
|
||||||
|
# min-tls-version: 1.2
|
||||||
|
|
||||||
# Example of a Unix domain socket for proxying:
|
# Example of a Unix domain socket for proxying:
|
||||||
# "/tmp/oragono_sock":
|
# "/tmp/oragono_sock":
|
||||||
|
Loading…
Reference in New Issue
Block a user