Commit Graph

1157 Commits

Author SHA1 Message Date
Simon Ser
e177977c30 Add DB stats 2021-10-05 19:31:06 +02:00
Simon Ser
5405923aa2 Add limit for RSA bits 2021-10-05 19:21:43 +02:00
Simon Ser
f93616fb41 Add "server status" command
Right now, it prints the number of active users and number of
downstream connections.
2021-10-05 19:13:53 +02:00
Simon Ser
0d2829c180 test: get rid of testUpstream
No need for this complexity.
2021-10-05 14:26:10 +02:00
Simon Ser
c672763068 test: add NOTICE broadcast 2021-10-05 14:14:31 +02:00
Simon Ser
74297d607b test: add upstream 2021-10-05 14:03:17 +02:00
Simon Ser
1626ffb97b Use isErrClosed in Server.Serve 2021-10-05 14:02:59 +02:00
Simon Ser
e4f22a8f40 Add basic server test 2021-10-05 12:11:40 +02:00
Simon Ser
410ba47277 Close DB on shutdown 2021-10-05 11:53:38 +02:00
Simon Ser
1b8d8d08c9 db_sqlite: fix realname not fetched in ListUsers
This fixes per-user realname not being used on bouncer startup.
2021-10-05 11:10:48 +02:00
Simon Ser
5bedcd24e2 Add support for IRCv3 WebSocket text subprotocol
Technically we aren't spec-compliant since we don't serve
binary.ircv3.net. Any complaints will be redirected to /dev/null.
2021-09-28 21:25:06 +02:00
Simon Ser
fce86b0f0d db_sqlite: switch to sql.Named
This allows us to avoid mixing up arguments.
2021-09-27 16:54:06 +02:00
Hubert Hirtz
6b9c99821a Fix DeliveryReceipt not being cleaned up 2021-09-21 18:19:05 +02:00
Simon Ser
872ed736b4 Workaround lack of net.ErrClosed in WebSocket library 2021-09-21 11:49:48 +02:00
Simon Ser
27ea855ea2 readme: add note to use system libsqlite3 2021-09-21 11:44:08 +02:00
Chris Smith
c607fd5a58 Set a higher timeout for proxyproto listeners
go-proxyproto added support for a read timeout in 0.6.0[1] and
defaulted it to 200ms. After this time if no data is read on
the socket, it is closed.

This is _really_ low if the underlying connection is a TLS
one as no data pops out the other end until the handshake is
done. It effectively limits you to TLS connections within
a 50ms RTT of your bouncer with clients that are fast enough
at responding.

It appears that HexChat on Arch is somehow slow enough at
TLS connections thant it consistently takes longer than
200ms even over localhost, meaning it outright can't connect
to soju any longer.

To make this a lot less painful, have soju pass in a read
timeout of 5 seconds. This feels like a reasonable tradeoff
between keeping (possibly malicious) connections open and
accepting the realities of network connections.

[1]: https://github.com/pires/go-proxyproto/issues/65
2021-09-19 17:00:40 +02:00
Hubert Hirtz
ba19d44cf9 msgstore_fs: escape "." and ".." 2021-09-19 16:55:12 +02:00
Hubert Hirtz
2554c92df7 Allow CAP negotiation to happen with CAP REQ
See https://ircv3.net/specs/extensions/capability-negotiation

> Upon receiving either a CAP LS or CAP REQ command during connection
> registration, the server MUST not complete registration until the
> client sends a CAP END command to indicate that capability negotiation
> has ended.

This commit should prevent soju from trying to authenticate the user
prior to having received AUTHENTICATE messages, when the client eagerly
requests capabilities with CAP REQ seeing available capabilities
beforehand with CAP LS.
2021-09-19 16:50:47 +02:00
Hubert Hirtz
bc83d3a3ba Use NULL-tolerant comparison for DeliveryReceipts
Since NULL = NULL is always FALSE, this query needs to use IS instead.
This should fix the flood of DeliveryReceipts in the DB.

See https://www.sqlite.org/lang_expr.html

> The IS and IS NOT operators work like = and != except when one or both
> of the operands are NULL. In this case, if both operands are NULL,
> then the IS operator evaluates to 1 (true) and the IS NOT operator
> evaluates to 0 (false). If one operand is NULL and the other is not,
> then the IS operator evaluates to 0 (false) and the IS NOT operator is
> 1 (true). It is not possible for an IS or IS NOT expression to
> evaluate to NULL.
2021-09-14 18:38:58 +02:00
Hubert Hirtz
4dce5a91c9 Explicitly close connection to SQLite on failed upgrade 2021-09-13 17:14:04 +02:00
Simon Ser
8adf65ade2 Upgrade dependencies 2021-09-13 14:23:33 +02:00
Simon Ser
0f2f4de275 Send empty history for service
Fixes error when fetching chat history for BouncerServ.
2021-09-13 11:36:25 +02:00
Simon Ser
fba1fdb31e Don't require upstream to be connected for CHATHISTORY
Closes: https://todo.sr.ht/~emersion/soju/127
2021-09-13 11:25:38 +02:00
Simon Ser
cd64a7ffda Split unmarshalEntity into two functions
Some command handlers need to unmarshal without requiring the
upstream to be connected.
2021-09-13 11:14:47 +02:00
Simon Ser
79b0fe5de5 Don't send network notification when removed
Closes: https://todo.sr.ht/~emersion/soju/123
2021-09-13 10:33:46 +02:00
Simon Ser
a4a9b7e934 go fmt: add go:build tags
This is the new style for build tags. The old +build format is
deprecated.
2021-09-09 10:07:37 +02:00
Rafael Castillo
d1181b3e7a Check for TLS config in wss listeners
Previously http.Server.ListenAndServeTLS would return a not very helpful
error about a failed open. This adds a check similar to the one in the
ircs case that should make it clearer to operators what the error is.
2021-09-09 10:06:31 +02:00
Simon Ser
c5d5259243 Pass-through CLIENTTAGDENY in ISUPPORT 2021-07-09 22:48:58 +02:00
Simon Ser
51df11a55f contrib/clients: sort alphabetically and wrap lines 2021-07-07 10:37:18 +02:00
delthas
9814901f56 contrib/clients: Mention Hexchat 2021-07-07 10:36:02 +02:00
delthas
896caebfcf service: Introduce network quote
This command enables sending a raw line to a specific network.
2021-07-07 10:34:46 +02:00
Hubert Hirtz
f4562a7534 Add a C compiler to the list of dependencies
It's needed to build sqlite3.
2021-07-07 10:32:16 +02:00
Alexey Yerin
12545c07ef service: show SHA-512 fingerprint
Closes: https://todo.sr.ht/~emersion/soju/130
2021-07-06 16:34:15 +02:00
Simon Ser
9f2e0595b7 ci: add gofmt check 2021-06-29 22:24:44 +02:00
Jake Nelson
fc841b0ba2 Sort channel status channels by name 2021-06-29 22:19:19 +02:00
Simon Ser
acde97ca37 Introduce user.updateUser
Unify updatePassword and updateRealname into a single function. This
allows "user update" to be atomic.
2021-06-28 18:05:03 +02:00
Simon Ser
00538e7028 doc/soju.1: improve "user create" docs 2021-06-28 16:55:49 +02:00
Simon Ser
09b04792b9 Merge "change-password" into "user update"
Add a -password flag to the "user update" command.
2021-06-28 16:55:44 +02:00
Simon Ser
f8e853fab1 Only update realname if specified in "user udpate"
This will allow adding more flags.
2021-06-28 16:40:49 +02:00
Simon Ser
a14f646135 Add per-user realname setting
This allows users to set a default realname used if the per-network
realname isn't set.

A new "user update" command is introduced and can be extended to edit
other user properties and other users in the future.
2021-06-25 20:33:13 +02:00
Simon Ser
9a53d4cd08 readme: list dependencies 2021-06-24 21:32:54 +02:00
Hubert Hirtz
a21585ac41 Hand-made word splitter for BouncerServ
Remove the (direct) dependency on shlex (go-scfg still depends on it).

Co-authored-by: Simon Ser <contact@emersion.fr>
2021-06-24 19:33:46 +02:00
Simon Ser
f3f864dddc Disallow '$' in nicks 2021-06-23 19:54:22 +02:00
Simon Ser
089608409e doc/soju.1: document bouncer-wide broadcasts 2021-06-23 19:30:47 +02:00
Simon Ser
d7b1c5a9a2 Allow admins to broadcast message to all bouncer users
Typically done via:

    /notice $<bouncer> <message>

Or, for a connection not bound to a specific network:

    /notice $* <message>

The message is broadcast as BouncerServ, because that's the only
user that can be trusted to belong to the bouncer by users. Any
other prefix would conflict with the upstream network.
2021-06-23 19:23:09 +02:00
Simon Ser
eca4c41223 Unify downstream PRIVMSG and NOTICE handling
We were doing some things wrong here, e.g. not sending echo messages
for NOTICE.
2021-06-23 18:17:30 +02:00
Simon Ser
fb50d70b70 Forward LUSERS and STATS messages after initial registration 2021-06-23 11:45:14 +02:00
Simon Ser
faa89333bf Add support for utf8-only 2021-06-15 15:48:10 +02:00
Simon Ser
b609b86f97 Add support for account-tag 2021-06-14 21:44:38 +02:00
Gregory Anders
cacbd48949 Slightly relax new log file permissions
Make new log files group-readable by default. To retain the prior
behavior, soju can be started with a umask set to 0077.
2021-06-14 17:58:36 +02:00