mirror of
https://github.com/ergochat/ergo.git
synced 2024-12-22 18:52:41 +01:00
Merge pull request #1620 from slingamn/bugs
small fixes to kick off the 2.7 window
This commit is contained in:
commit
3ceb346c61
@ -58,6 +58,8 @@ server:
|
||||
# always send a PROXY protocol header ahead of the connection. See the
|
||||
# manual ("Reverse proxies") for more details.
|
||||
proxy: false
|
||||
# set the minimum TLS version:
|
||||
min-tls-version: 1.2
|
||||
|
||||
# Example of a Unix domain socket for proxying:
|
||||
# "/tmp/oragono_sock":
|
||||
|
@ -176,6 +176,10 @@ func (cm *ChannelManager) maybeCleanup(channel *Channel, afterJoin bool) {
|
||||
return
|
||||
}
|
||||
|
||||
cm.maybeCleanupInternal(cfname, entry, afterJoin)
|
||||
}
|
||||
|
||||
func (cm *ChannelManager) maybeCleanupInternal(cfname string, entry *channelManagerEntry, afterJoin bool) {
|
||||
if afterJoin {
|
||||
entry.pendingJoins -= 1
|
||||
}
|
||||
@ -288,6 +292,9 @@ func (cm *ChannelManager) SetUnregistered(channelName string, account string) (e
|
||||
entry.skeleton = skel
|
||||
cm.chans[cfname] = entry
|
||||
}
|
||||
// #1619: if the channel has 0 members and was only being retained
|
||||
// because it was registered, clean it up:
|
||||
cm.maybeCleanupInternal(cfname, entry, false)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
@ -59,6 +59,7 @@ type listenerConfigBlock struct {
|
||||
TLS TLSListenConfig
|
||||
// SNI configuration, with multiple certificates:
|
||||
TLSCertificates []TLSListenConfig `yaml:"tls-certificates"`
|
||||
MinTLSVersion string `yaml:"min-tls-version"`
|
||||
Proxy bool
|
||||
Tor bool
|
||||
STSOnly bool `yaml:"sts-only"`
|
||||
@ -881,10 +882,29 @@ func loadTlsConfig(config listenerConfigBlock) (tlsConfig *tls.Config, err error
|
||||
result := tls.Config{
|
||||
Certificates: certificates,
|
||||
ClientAuth: clientAuth,
|
||||
MinVersion: tlsMinVersionFromString(config.MinTLSVersion),
|
||||
}
|
||||
return &result, nil
|
||||
}
|
||||
|
||||
func tlsMinVersionFromString(version string) uint16 {
|
||||
version = strings.ToLower(version)
|
||||
version = strings.TrimPrefix(version, "v")
|
||||
switch version {
|
||||
case "1", "1.0":
|
||||
return tls.VersionTLS10
|
||||
case "1.1":
|
||||
return tls.VersionTLS11
|
||||
case "1.2":
|
||||
return tls.VersionTLS12
|
||||
case "1.3":
|
||||
return tls.VersionTLS13
|
||||
default:
|
||||
// tls package will fill in a sane value, currently 1.0
|
||||
return 0
|
||||
}
|
||||
}
|
||||
|
||||
func loadCertWithLeaf(certFile, keyFile string) (cert tls.Certificate, err error) {
|
||||
// LoadX509KeyPair: "On successful return, Certificate.Leaf will be nil because
|
||||
// the parsed form of the certificate is not retained." tls.Config:
|
||||
@ -1477,11 +1497,6 @@ func LoadConfig(filename string) (config *Config, err error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
err = config.prepareListeners()
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to prepare listeners: %v", err)
|
||||
}
|
||||
|
||||
// #1428: Tor listeners should never see STS
|
||||
config.Server.supportedCapsWithoutSTS = caps.NewSet()
|
||||
config.Server.supportedCapsWithoutSTS.Union(config.Server.supportedCaps)
|
||||
|
13
irc/modes.go
13
irc/modes.go
@ -32,6 +32,9 @@ var (
|
||||
// to confirm that the client actually has a valid operclass)
|
||||
func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool, oper *Oper) modes.ModeChanges {
|
||||
applied := make(modes.ModeChanges, 0)
|
||||
// #1617: if the user is offline, they are not counted in LUSERS,
|
||||
// so don't modify the LUSERS stats for +i or +o.
|
||||
present := len(client.Sessions()) != 0
|
||||
|
||||
for _, change := range changes {
|
||||
if change.Mode != modes.ServerNotice {
|
||||
@ -42,9 +45,9 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
||||
}
|
||||
|
||||
if client.SetMode(change.Mode, true) {
|
||||
if change.Mode == modes.Invisible {
|
||||
if change.Mode == modes.Invisible && present {
|
||||
client.server.stats.ChangeInvisible(1)
|
||||
} else if change.Mode == modes.Operator {
|
||||
} else if change.Mode == modes.Operator && present {
|
||||
client.server.stats.ChangeOperators(1)
|
||||
}
|
||||
applied = append(applied, change)
|
||||
@ -53,11 +56,13 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
||||
case modes.Remove:
|
||||
var removedSnomasks string
|
||||
if client.SetMode(change.Mode, false) {
|
||||
if change.Mode == modes.Invisible {
|
||||
if change.Mode == modes.Invisible && present {
|
||||
client.server.stats.ChangeInvisible(-1)
|
||||
} else if change.Mode == modes.Operator {
|
||||
removedSnomasks = client.server.snomasks.String(client)
|
||||
if present {
|
||||
client.server.stats.ChangeOperators(-1)
|
||||
}
|
||||
applyOper(client, nil, nil)
|
||||
if removedSnomasks != "" {
|
||||
client.server.snomasks.RemoveClient(client)
|
||||
@ -86,7 +91,7 @@ func ApplyUserModeChanges(client *Client, changes modes.ModeChanges, force bool,
|
||||
if len(addMasks) != 0 {
|
||||
oper := client.Oper()
|
||||
// #1176: require special operator privileges to subscribe to snomasks
|
||||
if oper.HasRoleCapab("snomasks") || oper.HasRoleCapab("ban") {
|
||||
if force || oper.HasRoleCapab("snomasks") || oper.HasRoleCapab("ban") {
|
||||
success = true
|
||||
client.server.snomasks.AddMasks(client, addMasks...)
|
||||
}
|
||||
|
2
irctest
2
irctest
@ -1 +1 @@
|
||||
Subproject commit 5e622a34d38be329aec98b3b983a239fe3e1b4b7
|
||||
Subproject commit 322cb7ae26a2a94a0daec5458373319fa4e0e743
|
@ -32,6 +32,8 @@ server:
|
||||
# always send a PROXY protocol header ahead of the connection. See the
|
||||
# manual ("Reverse proxies") for more details.
|
||||
proxy: false
|
||||
# optionally set the minimum TLS version (defaults to 1.0):
|
||||
# min-tls-version: 1.2
|
||||
|
||||
# Example of a Unix domain socket for proxying:
|
||||
# "/tmp/oragono_sock":
|
||||
|
Loading…
Reference in New Issue
Block a user