1
0
mirror of https://github.com/irssi/irssi.git synced 2024-12-04 14:46:39 -05:00
Commit Graph

3913 Commits

Author SHA1 Message Date
Joseph Bisch
cf46907256
Add frontend for fuzzing
Use the following configure command:

$ ./configure --with-fuzzer --with-fuzzer-lib=/path/to/libFuzzer.a \
      CC=clang CXX=clang++

Places an irssi-fuzz in src/fe-fuzz/ after build.

Also can specify SANFLAGS to override the chosen sanitizer flags
(defaults to "-g -fsanitize=address -fsanitize-coverage=trace-pc-guard").
2017-01-07 20:01:07 -05:00
Tim Konick
5917bc6f75 Follow g_strsplit with call to g_strfreev 2017-01-07 14:31:35 -08:00
dequis
1831a8e1a7 Don't reset wait_cmd during connection registration (fixes early ISON) 2017-01-06 12:49:56 -03:00
dequis
752f484c6c Add OPENSSL_NO_EC for solaris 11.3, see issue #598
Original patch by 'Slarky'

According to that ticket, the next major version of solaris won't need
this. Consider reverting this when solaris 11.3 stops being relevant.
2017-01-06 11:47:24 -03:00
Martijn Dekker
c9c45e4f89 make irssi --with-perl build with separate object directory
irssi 1.0.0 will not build if Perl is enabled and a separate
object code directory is used. The problem was a relative path
to an internal Perl dependency in four Makefile.PL.in files.
2017-01-06 12:24:36 +01:00
ailin-nemui
33107be748 fix GRegex GError problem 2017-01-05 13:06:55 +01:00
Nei
7a112e0217 Merge branch 'master' into 'security'
Sync to master

See merge request !6
2017-01-03 13:30:39 +01:00
ailin-nemui
01163710e7 Merge pull request #585 from ailin-nemui/win_seq
g_sequence backing for window list
2017-01-03 12:45:50 +01:00
Ailin Nemui
1f72b8e66a up abi version 2017-01-03 12:29:52 +01:00
Ailin Nemui
f5cbbebc2e switch for gregex and regex.h 2017-01-03 12:29:11 +01:00
Nei
1b99299ed2 Merge branch 'percent_flag' into 'security'
fix %[

See merge request !5
2017-01-02 17:01:47 +00:00
Nei
124bcd4804 Merge branch '4-use-after-free-when-receiving-numeric-432-invalid-nick' into 'security'
avoid server_disconnect

See merge request !4
2017-01-02 17:01:29 +00:00
Nei
c3cca5ecf3 Merge branch '1-null-pointer-dereference-in-irc_nickcmp_rfc1459' into 'security'
bail out if nick is NULL

See merge request !3
2017-01-02 17:01:05 +00:00
Nei
24d2d039b5 Merge branch '3-out-of-bounds-read-with-invalid-utf8-in-term_addstr' into 'security'
Fix oob read on invalid utf8 in term_addstr

See merge request !2
2017-01-02 17:00:44 +00:00
Nei
7daa7a6aa9 Merge branch '2-out-of-bounds-read-of-one-byte-with-x1b-48-in-truecolor-builds' into 'security'
check for end of string in ansi 48

See merge request !1
2017-01-02 17:00:15 +00:00
LemonBoy
5dcf291f21 Use the RAW flag when building the regexps.
Also, plugged a memory leak when retrieving the match position.
2017-01-02 17:50:14 +01:00
LemonBoy
5eaead761f Rebase against master. 2017-01-02 17:50:14 +01:00
LemonBoy
3fcd3cd2b9 Remove the regexp_compiled field.
It was made redundant by the introduction of the pointer to the GRegex
structure.
Silence the compiler warning in textbuffer.c about preg being
initialized by setting it to NULL.
2017-01-02 17:50:14 +01:00
LemonBoy
8e5db471e4 Use GLib's regexp interface (backed by PCRE) 2017-01-02 17:50:14 +01:00
ailin-nemui
91f48c6f0e Merge pull request #586 from LemonBoy/fix-580
Process the nick changes in queries before the PRIVMSG is handled.
2017-01-02 14:44:07 +01:00
LemonBoy
7e22d051ae Make sure SASL was actually requested before failing. 2017-01-01 23:08:38 +01:00
ailin-nemui
77ff8f5b74 Merge pull request #514 from LemonBoy/sasl_fail
Add an option to stop the connection when SASL fails.
2016-12-21 15:29:26 +01:00
ailin-nemui
07050e2a3c Merge pull request #587 from ailin-nemui/sbar_crash
add assertion to statusbar_read_group
2016-12-21 15:28:17 +01:00
ailin-nemui
9151f87145 remove some for loops 2016-12-20 21:40:18 +01:00
ailin-nemui
9a018a782c sort windows_seq helpers to top 2016-12-20 21:36:56 +01:00
ailin-nemui
03f5dc63fe nits 2016-12-20 21:33:51 +01:00
ailin-nemui
9004265e54 clean up window_refnum_{prev,next} 2016-12-20 21:01:16 +01:00
ailin-nemui
7dc2f832c1 fix %[ 2016-12-20 16:41:57 +01:00
ailin-nemui
2f59fe2062 add some sequence helper functions 2016-12-19 22:03:46 +01:00
Joseph Bisch
8007e9e61d
Fix oob read on invalid utf8 in term_addstr 2016-12-19 15:52:05 -05:00
ailin-nemui
508d2e0860 bail out if nick is NULL in irc_query_find
Closes #1
2016-12-19 21:41:47 +01:00
ailin-nemui
77aab79057 avoid server_disconnect
Closes #4
2016-12-19 21:16:37 +01:00
LemonBoy
a39e210ea8 Minor cleanup in the highlighting signal. 2016-12-18 15:46:48 +01:00
LemonBoy
7a7f6abc16 Prevent a UaF by calling server_disconnect in a signal handler. 2016-12-15 22:41:57 +01:00
LemonBoy
0d6add02cf Process the nick changes in queries before the PRIVMSG is handled.
Otherwise we end up with the message in the status window since the
frontend knows jack shit about the casemapping option when it tries to
find the associated window for the query.
2016-12-15 19:36:44 +01:00
ailin-nemui
7b856d628b check for end of string in ansi 48 2016-12-15 18:01:26 +01:00
ailin-nemui
17e42649bb reset background for mirc colour 99
fix #571
2016-12-15 17:06:40 +01:00
ailin-nemui
59242cb595 add assertion to statusbar_read_group
fix #564
2016-12-15 16:59:38 +01:00
ailin-nemui
365097319f manually redraw the activity list on expose only
might speed up /foreach query /unquery
2016-12-13 03:19:00 +01:00
ailin-nemui
560283ba4e g_sequence backing for window list 2016-12-13 01:04:26 +01:00
LemonBoy
4ccffd85ff Expose 'sasl_success' to the perl side. 2016-12-12 21:41:07 +01:00
LemonBoy
91c9e871c7 Add an option to stop the connection when SASL fails. 2016-12-12 21:41:06 +01:00
ailin-nemui
618c8bd10e Merge pull request #581 from LemonBoy/set-contract
Enforce the is_node_list contract in lib-config setters.
2016-12-08 12:29:52 +01:00
ailin-nemui
964f423fed Merge pull request #570 from josephbisch/fix-issue-563
enforce check that chatnets are nodelists to handle invalid config
2016-12-08 12:11:59 +01:00
LemonBoy
7fb84b5b7d Enforce the is_node_list contract in lib-config setters.
An assertion failure is better than a segfault.
2016-11-29 23:08:45 +01:00
LemonBoy
5efb3077d5 Merge pull request #565 from ahf/bug/524
Kill bell_beeps.
2016-11-29 22:13:53 +01:00
LemonBoy
22ce6637c7 Merge pull request #577 from LemonBoy/flagz
Minor corrections to the netsplit code.
2016-11-25 21:52:42 +01:00
LemonBoy
5f0e755a00 Don't shadow the 'channel' variable when printing the netjoins.
This is the root cause of #567
2016-11-23 22:22:37 +01:00
ailin-nemui
dcffa98d46 add a static buffer for dcc received data
increased buffersize might make irssi freeze less / #159
2016-11-23 17:02:29 +01:00
LemonBoy
7574bed26c Minor corrections to the netsplit code. 2016-11-23 16:11:38 +01:00
Lauri Tirkkonen
4cbf279d88 add completion_empty_line setting 2016-11-08 16:27:38 +02:00
ailin-nemui
43934ae9ad add missing inheritance to Exec item from 3532fc46 2016-11-01 17:08:28 +01:00
Joseph Bisch
c98f5f23ea
enforce check that chatnets are nodelists to handle invalid config 2016-10-27 11:18:37 -04:00
Alexander Færøy
6a6196eebe
Kill bell_beeps.
Fixes #524
2016-10-23 21:24:12 +02:00
Alexander Færøy
bc4e2c9ade
Shorten the certificate chain output. 2016-10-23 02:51:08 +02:00
Alexander Færøy
322625b548
Only do checks for SSL_get_server_tmp_key in network-openssl.c. 2016-10-22 22:04:33 +02:00
Alexander Færøy
0a6e66f8b7
Kill do { ... } while (0); and replace it with goto's. 2016-10-22 22:04:33 +02:00
Alexander Færøy
d501a54f4f
Emit the TLS handshake finished signal before we do verification.
This patch moves the emitted "tls handshake finished" signal to before
we do validation of the given TLS certificate. This ensures that we
display certificate information before we possibly error out and
disconnects from the server.
2016-10-22 22:04:33 +02:00
Alexander Færøy
5a04430998
Kill support for DANE.
This patch removes support for DANE validation of TLS certificates.

There wasn't enough support in the IRC community to push for this on the
majority of bigger IRC networks. If you believe this should be
reintroduced into irssi, then please come up with an implementation that
does not rely on the libval library. It is causing a lot of troubles for
our downstream maintainers.
2016-10-22 22:04:33 +02:00
Alexander Færøy
f533baa191
Lift EC_KEY declaration onto the entry of the function. 2016-10-22 22:04:32 +02:00
Alexander Færøy
25824e2d3f
Lift ASN1_STRING declaration onto the entry of the function. 2016-10-22 22:04:32 +02:00
Alexander Færøy
4e170c5233
Declare variables in the beginning of the function. 2016-10-22 22:04:32 +02:00
Alexander Færøy
53d772e48b
Make sure we clean-up after ourself upon failure. 2016-10-22 22:04:31 +02:00
Alexander Færøy
5146ce9631
Add x509 certificate and public key pinning support.
This patch adds two new options to /CONNECT and /SERVER to let the user
pin either an x509 certificate and/or the public key of a given server.

It is possible to fetch the certificate outside of Irssi itself to
verify the checksum. To fetch the certificate call:

    $ openssl s_client -connect chat.freenode.net:6697 < /dev/null 2>/dev/null | \
      openssl x509 > freenode.cert

This will download chat.freenode.net:6697's TLS certificate and put it into the
file freenode.cert.

-tls_pinned_cert
----------------

This option allows you to specify the SHA-256 hash of the x509
certificate. When succesfully connected to the server, irssi will verify
that the given server certificate matches the pin set by the user.

The SHA-256 hash of a given certificate can be verified outside of irssi
using the OpenSSL command line tool:

    $ openssl x509 -in freenode.cert -fingerprint -sha256 -noout

-tls_pinned_pubkey
------------------

This option allows you to specify the SHA-256 hash of the subject public key
information section of the server certificate. This section contains both the
cryptographic parameters for the public key, but also information about the
algorithm used together with the public key parameters.

When succesfully connected to the server, irssi will verify that the
given public key matches the pin set by the user.

The SHA-256 hash of a public key can be verified outside of irssi using
the OpenSSL command line tool:

    $ openssl x509 -in freenode.cert -pubkey -noout | \
      openssl pkey -pubin -outform der | \
      openssl dgst -sha256 -c | \
      tr a-z A-Z

It is possible to specify both -tls_pinned_cert and -tls_pinned_pubkey
together.
2016-10-22 22:01:50 +02:00
Alexander Færøy
c6c2e79537
Display TLS connection information when connected to a TLS enabled server. 2016-10-22 21:58:50 +02:00
Alexander Færøy
1d101afe0d
s/SSL/TLS/ for warning strings. 2016-10-22 21:58:49 +02:00
Alexander Færøy
13f75d49e0
Simplify TLS verification error handling. 2016-10-22 21:58:49 +02:00
Alexander Færøy
b630fd1703
Populate and emit TLS_REC after TLS handshake have completed. 2016-10-22 21:58:49 +02:00
Alexander Færøy
99d017720d
Add TLS_REC.
This patch adds the TLS_REC structure. This structure is used to emit
information about the TLS handshake from the core of irssi to the
front-end layers such that we can display connection information to the
user.
2016-10-22 20:37:33 +02:00
Alexander Færøy
2be7289085
Rename SSL to TLS.
This patch changes the internal name of SSL to TLS. We also add -tls_*
options to /CONNECT and /SERVER, but make sure that the -ssl_* versions
of the commands continue to work like before.
2016-10-22 20:36:50 +02:00
Alexander Færøy
da67d3e8e6
Add function to convert a buffer to a colon-delimited hex string.
This patch adds binary_to_hex(), which can take an input buffer and
convert it to colon-delimited hex strings suitable for printing for
fingerprints.
2016-10-22 20:36:50 +02:00
Alexander Færøy
6300dfec71
Always build irssi with TLS support.
This patch removes the optional checks for whether to build irssi with
TLS support or not. This will allow us to ship a default configuration
file where we connect to TLS enabled IRC servers out of the box.
2016-10-16 14:55:48 +02:00
ailin-nemui
61590f31df Merge pull request #465 from LemonBoy/netsplit-print
Some small adjustments to the netsplit code.
2016-10-11 16:12:35 +02:00
LemonBoy
3667fd9fd1 Make the cap_complete field unsigned.
Fixes a problem where the field would end up as a negative number when
exposed to the perl scripts.
And move it near the other bit-packed fields so we take advantage of the
packing.
2016-09-30 19:30:43 +02:00
ailin-nemui
8d4d313cc9 Merge pull request #506 from kruton/sasl-400-byte-chunk
SASL: handle fragmentation
2016-09-26 16:43:33 +02:00
ailin-nemui
f9fd50a357 nullptr when doing module backward compat on invalid config 2016-09-25 23:17:20 +02:00
ailin-nemui
31044ec004 Merge pull request #542 from LemonBoy/xs-add
Expose the CAP fields to the perl scripts.
2016-09-22 17:10:33 +02:00
ailin-nemui
295a4b77f0 Patches for heap corruption and missing bounds check
By Gabriel Campana and Adrien Guinet from Quarkslab.
2016-09-20 19:56:06 +02:00
ailin-nemui
b3c6cdbb91 Merge pull request #540 from LemonBoy/reset-autorun
/script reset can now also run the autorun scripts
2016-09-19 22:14:57 +02:00
LemonBoy
0e0d99587a Expose 'cap_toggle' to the perl scripts. 2016-09-15 20:38:04 +02:00
ailin-nemui
b58be939d2 Merge pull request #516 from LemonBoy/comp-file
Fix the tab completion for paths starting with ./
2016-09-13 23:29:09 +02:00
LemonBoy
21539019dd Make sure to make a copy of ERRSV content.
Otherwise we might end up showing an empty message.
Fixes #522.
2016-09-13 17:11:05 +02:00
LemonBoy
9591afcb4b Expose the CAP fields to the perl scripts. 2016-09-13 16:07:48 +02:00
LemonBoy
b2424f3193 Add a '-autorun' switch to /script reset
This way we reload all the scripts in the autorun folder.
2016-09-11 16:59:21 +02:00
LemonBoy
e4f8abc973 Merge pull request #533 from dequis/statusmess
Set the default STATUSMSG to @ instead of @+ if it's missing
2016-09-04 12:11:02 +02:00
Kenny Root
60d9ec621f SASL: handle fragmentation
The IRCv3 SASL extension says that AUTHENTICATION payloads of exactly
400 bytes in length indicate that the message is fragmented and will
continue in a subsequent message. Handle the reassembly and splitting of
these messages so that we are compliant with the specification.
2016-08-29 22:56:30 -07:00
ailin-nemui
c8630acbaf Merge pull request #529 from ailin-nemui/issue500
fix nick->host == NULL crash
2016-08-25 04:24:07 +02:00
dequis
3429c1a0a0 Set the default STATUSMSG to @ instead of @+ if it's missing
This fixes two issues:

- IRCNet doesn't have STATUSMSG, but it supports +channels, and
  including + in the default value meant processing those incorrectly

- The "bahamut hack", for old servers that support but don't advertise
  STATUSMSG, didn't work since ischannel_func doesn't use the default.

The choice of @ intentionally leaves out support for other STATUSMSG
(for example, AzzurraNet's bahamut 1.4 fork seemed to support + and % in
any order, contradicting the comment in the code).

I think this is a decent tradeoff, given how those servers are uncommon
and relying on +# or %# is even less common than @#.

Fixes #531
2016-08-24 19:56:23 -03:00
LemonBoy
251d8a686a Fix an OOB access in the cutbuffer implementation. 2016-08-24 22:29:52 +02:00
ailin-nemui
681caf2b58 fix nick->host == NULL crash 2016-08-22 12:27:10 +02:00
ailin-nemui
17f4bd2060 Merge pull request #526 from ailin-nemui/ax-dummy
remove broken dummy mode
2016-08-14 23:35:41 +02:00
ailin-nemui
de11e0f4f2 remove broken dummy mode 2016-08-12 19:33:56 +02:00
ailin-nemui
b411f943a0 fix use after free in expando error 2016-08-12 18:24:58 +02:00
ailin-nemui
9ee4803770 remove curses terminal and ncurses macro 2016-08-04 10:02:28 +02:00
ailin-nemui
8b47196745 Merge pull request #517 from LemonBoy/unignore
Minor cosmetic fix in /unignore error message.
2016-07-13 15:26:37 +02:00
LemonBoy
bd4189907e Minor cosmetic fix in /unignore error message.
Reported here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577202
2016-07-12 17:38:05 +02:00
LemonBoy
dab3246db9 Fix the tab completion for paths starting with ./ 2016-07-12 16:35:43 +02:00
Tom Feist
9559a8ead9 Allow Irssi::signal_remove to work properly with coderefs 2016-07-12 12:42:15 +02:00
LemonBoy
c0f66c95ff Such draft. Very wow. 2016-06-26 21:45:03 +02:00
LemonBoy
8f5e200551 Avoid entering an endless loop while traversing the channel list 2016-06-26 21:45:03 +02:00