quakenet / newserv Goto Github PK
View Code? Open in Web Editor NEWQuakeNet's modular services
Home Page: https://development.quakenet.org/
License: Other
QuakeNet's modular services
Home Page: https://development.quakenet.org/
License: Other
pqsql currently does not survive the PostgreSQL server restarting or going away at all.
If the PostgreSQL server goes away, it will send some input, signaling PQisBusy == false
, but we may not even have queryhead != NULL
at the time, leading to a crash. To avoid the crash, queryhead == NULL
would first need to be checked, then PQresultStatus(PQgetResult(dbconn))
should be verified to be PGRES_FATAL_ERROR, else the connection may continue to function as intended.
The discussion about PostgreSQL bug 5837 has yielded that the API is meant to be used with PQisBusy
to immediately go ahead to PQgetResult
, which will then inform about the fatal error. PQstatus
will still return CONNECTION_OK
despite it obviously not being okay.
However, even if that were to be detected correctly, then there is no reasonable recovery plan:
connectdb()
function hang due to its nature of connecting in a blocking manner, all network I/O will stall, possibly sendq'ing newserv off the network.dbhandler
/loadmaillocksdone
/csc_dochanstat
/chanservstdmessage
due to invalid parameters. Due to this, waiting for the PostgreSQL server to be confirmed working and then reloading pqsql manually is no option. More modules may or may not fail in similar ways.PostgreSQL servers may go away even over local connections when admins enable automatic security updates on Linux distributions and the like, due to it being restarted in the process.
(self explanatory)
(original reporter: wiebe)
Q leaves empty channels after about 5 minutes and then rejoins when a user joins it. It may be a nice feature if Q saves the topic when leaving, and restore it upon rejoin.
Or only when chanflag +f is set and a topic was set with /msg Q settopic.
(originally reported by wiebe)
G does not store who set what ban/censor/ticket/improper etc., I think it should do that, not only for accountability, but also for finding who to contact regarding a specific ban/censor/ticket etc.
And also for oneself, I know most of the bans/censors I set have reason "get out", "stay out" or "no thanks", but storing the owner's account makes things easier. Also other info should/could be stored, such as timestamp when added, last used, etc.
(originally reported by wiebe)
Hello some a day i connect to channel support in quakenet and someone there say this possible run Q without send email my a question how i do it please help thanks!!
authgate currently uses checkhashpass command which can't work with hashed passwords.
alter to use mechanism similar to CREATEACCOUNT.
how i disble send email from Q thankss
Can't release S until extracted.
bit horrible to use otherwise
(Labels: Chanserv Enhancement)
Add a channel setting to voice all joining users after a delay.
Rationale:
Delaying the ability to speak in the channel for unregistered people is a good mitigation strategy against the current spam attack.
This can be archived by setting the channel mode +DM (delay join, reg-only moderated), and auto-voicing anyone who enters with a delay.
If a fixed delay is used, a chanflag can be used.
If the delay should be configurable on a per channel basis, then more changes are needed.
Add account info in output from nicksearch to the usermode part.
For example: nick!user@host [ip](+ixr account) (realname)
(originally reported by wiebe)
Hello i read readme and what i only see it configure file but i`m not see explain about create sql for newserv i happy if this possible set explain about this
There are confusing error messages originating from the nickrate module: it claims to be proxyscan.
Attached a patch (created using hg export).
(originally reported by anders)
to fix: replace match with that from ircd
Friends on G cannot be given a ticket, G claims they do not need it, but they cannot get to #feds without it. Of course the work around at the moment, is to -peon -ticket -friend them, but it would be nice if this could be corrected.
(originally reported by wiebe)
(self explanatory)
Currently they're pretty bad.
(requestq / requests)
In case a split entry is removed in error, there is currently no way to fix that (apart from using O to jupe it, but then the server cannot link probably..), so it may be an idea to add a splitadd command.
(originally reported by wiebe)
When a ban is set on chanserv's banlist and a user joins the channel - he is kicked and banned. However, when a user changes his nick to fit the banmask - he isn't getting kicked and banned.
Example:
[03/10/13 09:02:04] * blal ([email protected]) has joined #thechannel
[03/10/13 09:02:40] * Q sets mode: +b [S]!@
[03/10/13 09:02:49] * blal is now known as [S]test
[03/10/13 09:03:59] * AnOppedUser sets mode: -b [S]!@
[03/10/13 09:03:59] * Q sets mode: +b [S]!@
[03/10/13 09:03:59] * [S]test was kicked by Q (Banned.)
[03/10/13 09:04:17] * AnOppedUser sets mode: -b [S]!@
[03/10/13 09:04:23] * [S]test ([email protected]) has joined #thechannel
[03/10/13 09:04:23] * Q sets mode: +b [S]!@
[03/10/13 09:04:23] * [S]test was kicked by Q (Banned.)
[03/10/13 09:02:04] * blal ([email protected]) has joined #thechannel
[03/10/13 09:02:40] * Q sets mode: +b [S]!@
[03/10/13 09:02:49] * blal is now known as [S]test
[03/10/13 09:03:59] * AnOppedUser sets mode: -b [S]!@
[03/10/13 09:03:59] * Q sets mode: +b [S]!@
[03/10/13 09:03:59] * [S]test was kicked by Q (Banned.)
[03/10/13 09:04:17] * AnOppedUser sets mode: -b [S]!@
[03/10/13 09:04:23] * [S]test ([email protected]) has joined #thechannel
[03/10/13 09:04:23] * Q sets mode: +b [S]!@
[03/10/13 09:04:23] * [S]test was kicked by Q (Banned.)
(originally reported by NaNg)
Reported by modul8:
[18:39:39] -> n trustgroupadd
[18:39:39] N$A$ From: [email protected]/Wineasy: trustgroupadd
[18:39:39] N Usage: trustgroupadd ?comment?
[18:40:47] -> n trustgroupadd test 25 1 1 Wineasy trust testing group
[18:40:47] N$A$ From: [email protected]/Wineasy: trustgroupadd test 25 1 1 Wineasy trust testing group
[18:40:47] N Group added.
[18:40:47] N$t$ [email protected]/Wineasy TRUSTGROUPADD'ed 'test'
[18:41:08] -> n TRUSTLOGGREP test
[18:41:08] N$A$ From: [email protected]/Wineasy: TRUSTLOGGREP test
[18:41:09] N [2013-11-08 12:40:47] #7/test (Wineasy) Created trust group 'test' (ID #25): howmany=7, enforceident=1, maxperident=1, createdby=#Wineasy, contact=Wineasy, comment=trust testing group
[18:41:09] N — Done. Found 4 entries.
Fix attached:
diff -r 3f154eb428a9 trusts/trusts_management.c
--- a/trusts/trusts_management.c Tue Sep 24 00:35:42 2013 +0100
+++ b/trusts/trusts_management.c Fri Nov 08 19:04:56 2013 +0100
@@ -207,7 +207,7 @@
controlwall(NO_OPER, NL_TRUSTS, "%s TRUSTGROUPADD'ed '%s'", controlid(sender), tg->name->content);
trustlog(tg, sender->authname, "Created trust group '%s' (ID #%d): howmany=%d, enforceident=%d, maxperident=%d, "
"createdby=%s, contact=%s, comment=%s",
- tg->name->content, howmany, tg->id, enforceident, maxperident, createdby, contact, comment);
+ tg->name->content, tg->id, howmany, enforceident, maxperident, createdby, contact, comment);
return CMD_OK;
}
newserv's ping/pong routine with its uplink current does not support the ping time or the info for AsLL. I think it might be nice if it did. It does not need to reply to remote AsLL requests, simply providing the needed info in the ping/pong routine should make the AsLL info available on its uplink. See example below.
xx.cc.quakenet.org AsLL for hub.xx.quakenet.org – RTT: 2ms Upstream: -28ms Downstream: 30ms
xx.cc.quakenet.org AsLL for services.cc.quakenet.org – [unknown]
xx.cc.quakenet.org AsLL for *: 2 local servers matched
(originally from wiebe)
(Labels: Chanserv Enhancement)
Add a chanflag to chanserv that auto-voices all registered users who join the channel.
Proposed help:
-Q- +r VOICEREG Automatically grants voice (+v) on the channel to any registered user who enters,
-Q- unless they have quiet (+q) chanlev flag.
Rationale:
Delaying the ability to speak in the channel for unregistered people is a good mitigation strategy against the current spam attack.
This can be archived by setting the channel +DM (delay join, reg-only moderated), and auto-voicing anyone who enters with a delay.
Technically, it is not required to voice unregistered users - but this cause envy if only unregistered users are voiced.
Therefore it might be useful to voice anyone who can speak as soon as they enter the channel.
Also, Q can see through +D, making this feature even more useful - as the join and mode change line come together, and are easier to associate in my brain.
note we could display a hash of the hash, and rollback can just rollback the hashes.
this way namespacing would be automatic
e.g. db = db_open("sqlite", "myscriptname")
instead of everything being in the lua schema/db
The nterfacer protocol has no forward security: Once the password for any connection that was fully recorded is known, the key derivation algorithm allows decryption of all data. If the session in question is still going on, creating valid MACs becomes viable as the key becomes known.
Assuming best case, brute-forcing passwords is infeasible. Best case is all characters other than \n
and \0
are actually used in the password. The maximum password length is 255 - strlen("password=") - 1
== 245. This leads to a potential maximum password strength of meaning 245 bytes with each byte having 253 potential values, which is entirely unreasonable to brute-force. However, should it ever be leaked or cracked due to a weak password (matching /^[a-z]{8}$/
, for example), all previous captured communications would be compromised.
(There are other somewhat scary things, such as using memcmp
instead of a function with constant timing for HMAC comparison, but it apparently can't be abused since the connection is immediately dropped on invalid MAC, plus keys are only per-session as well as not generated until after authentication of the other party. Additionally, CBC here shouldn't have any issues with its predictable PKCS#7 padding since the nterfacer protocol is correctly encrypt-then-MAC.)
hello if this a possible register to Q without email more options for client please?
(self explanatory)
Make the ticket command more consitent with the other commands on G and use :reason instead of "reason" (or simply support both).
Also, do not ignore the ticket reason when longer than 128 chars, just allow the max on IRC, 512 chars so that it always fits and always gets through.
(originally reported by wiebe)
Note: this may end up having to run in a separate daemon / thread to prevent DoS.
SRP?
DH-Blowfish from Atheme looks ok but is easily DoS'able...
ECDH probably better idea.
Add an additional field to the whois output, to display the timestamp of when a staff comment was last set.
The field would not be shown unless a staff comment is present.
(originally reported by Bazerka)
help please how i disble send email from !
Add noticeflag system on Q like the newserv instances have, allowing opers to choose what to receive.
Also add notices about things like, but not limited to, usage of addchan/delchan by opers (perhaps not R), chanlev and chanflags changes which are only possible by oper priv, suspendchan/unsuspendchan, etc.
(originally reported by wiebe)
Currently hacked around by forcing sqlite.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.