disable pam_fail_delay() only is available starting with Mac
OS X 10.6; but we use the 10.5 SDK for campatibility, so don't use
this function at all when building using Xcode.
Alexander Barton [Wed, 20 Oct 2010 22:20:08 +0000 (00:20 +0200)]
Generate ngIRCd version number from GIT tag
Now the ngIRCd release/version number is deduced from the "current"
annotated GIT tag; see "git describe --help" for details. This is the
same scheme the Linux kernel uses and gives much more details version
numbers for interim releases and inofficial source archives generated
using "make dist".
Please note: the version number is only updated it the autogen.sh
script is run; so after pulling in and pushing out new commits, you
should run ./autogen.sh!
Alexander Barton [Sun, 24 Oct 2010 19:48:32 +0000 (21:48 +0200)]
Make sourcecode compatible with ansi2knr again
This allows to compile ngIRCd using a pre-ANSI K&R C compiler again:
all source files are automatically converted by the included ansi2knr
program (of GNU automake/autoconf) before compiling them with the
K&R C compiler, but a few coding standards must be met.
Tested on Apple A/UX 3.x.
Regression testing on Linux and Mac OS X.
Alexander Barton [Mon, 11 Oct 2010 14:54:49 +0000 (16:54 +0200)]
New configuration option "NoZeroConf" to disable ZeroConf registration
If ngIRCd is compiled to register its services using ZeroConf (e.g. using
Howl, Avahi or on Mac OS X) this parameter can be used to disable service
registration at runtime.
Alexander Barton [Fri, 24 Sep 2010 15:39:11 +0000 (17:39 +0200)]
New configuration option "SyslogFacility"
The new option "SyslogFacility" deines the syslog "facility" to which
ngIRCd should send log messages.
Possible values are system dependant, but most probably "auth", "daemon",
"user" and "local1" through "local7" are possible values; see syslog(3).
Default is "local5" for historical reasons.
Alexander Barton [Fri, 24 Sep 2010 14:29:55 +0000 (16:29 +0200)]
New functions ngt_SyslogFacilityName() and ngt_SyslogFacilityID()
These both functions translate syslog facility names to ID numbers
and vice versa. On systems that don't define the facilitynames[] array
in syslog.h, we try to build one ourself.
Alexander Barton [Wed, 22 Sep 2010 12:15:46 +0000 (14:15 +0200)]
Explicitly cast return value of read(2) to "int"
This fixes the following gcc warning, emitted by Xcode:
src/ngircd/sighandlers.c: In function 'Signal_Callback':
src/ngircd/sighandlers.c:239: warning: implicit conversion shortens 64-bit value into a 32-bit value
Signals_Init() must only be called once.
This does not affect any ngircd release version.
Earlier version of this patch moved the io and sighandler
initialization before the while() loop, but as Alexander
Barton noticed that broke all systems without builtin select
support in io.c...
Alexander Barton [Mon, 13 Sep 2010 22:30:45 +0000 (00:30 +0200)]
sighandlers.{c|h}: Code cleanup
- declare signals_catch[] array not between the function implementations.
- rename now local function NGIRCd_Rehash() to Rehash().
- remove empty and therefore not used "catch SIGHUP; break;".
Enable the daemon to dump its internal state in debug-mode.
This patch allows ngIRCd to dump its internal state (connected clients,
actual configuration) when compiled with --enable-debug. The daemon
catches two more signals:
- SIGUSR1: toggle debug mode (on/off),
- SIGUSR2: dump internal state to console/syslog.
Allows to defer/queue signal processing for execution on the next
event dispatch call, i.e. we can perform any signal action in
normal, non-signal context.
Example uses:
- Reload everything on HUP without writing a global "SIGHUP_received"
variable
- Dump status of internal Lists on SIGUSR1, etc.
Conn_SyncServerStruct(): test all connections; and work case insensitive
Fix synchronization of established connections and configured server
structures after a configuration update:
- Not only test servers that already have a connection, but also check
and update configured servers to which a new connection is beeing
established (SERVER_WAIT state).
- And do the server name comparision case-insensitive.
Let CheckServers() not only skip servers that already have a
connection, but also skip servers to which a new connection is
already beeing established (SERVER_WAIT state).
Please note that hostname cloaking is only in effect in server-client
communication! The server still uses the real hostname for its own
logging and for all server-server communication -- therefore all servers
in the network must support user mode "x" to prevent older servers
from leaking the real hostname of a cloaked client!
Alexander Barton [Tue, 17 Aug 2010 18:54:33 +0000 (20:54 +0200)]
Implement Client_HostnameCloaked() and Client_MaskCloaked()
These two functions return the cloaked hostname, if the client has
enabled hostname cloaking indicated by the -- still to implement --
user mode "x". See furter patches :-)
Florian Westphal [Wed, 11 Aug 2010 20:52:06 +0000 (22:52 +0200)]
ngircd: change MOTD file handling
previously, the given MotdFile file was read whenever a client
requested it.
Change handling to read the MotdFile contents into memory once
during config file parsing.
Two side effects:
- changes to the MOTD file do not have any effect until ngircds
configuration is reloaded
- MOTD file does no longer have to reside in the chroot directory
(the MOTD contents will then not be re-read on reload in that case)
Alexander Barton [Wed, 14 Jul 2010 08:29:05 +0000 (10:29 +0200)]
Remove Proc_Kill(), use timeout to kill child processes
This avoids a race and potentionally killing the wrong process on
systems that use randomized process IDs; now the child itself is
responsible to exit in a timely manner using SIGALRM.
Alexander Barton [Tue, 13 Jul 2010 14:50:00 +0000 (16:50 +0200)]
Mark some variables as "unused" to prevent compiler warnings
Some variables are only used when compiling with IDENT or PAM support
or when the debug code is enabled. Mark them as "unused" so that gcc
doesn't generate warnings when neither of these options is enabled.
Alexander Barton [Tue, 13 Jul 2010 13:10:35 +0000 (15:10 +0200)]
New configuration option "NoPAM" to disable PAM
When the "NoPAM" configuration option is set and ngIRCd is compiled
with support for PAM, ngIRCd will not call any PAM functions: all
connection attemps without password will succeed instead and all
connection attemps with password will fail.
If ngIRCd is compiled without PAM support, this option is a dummy
option and nothing changes: the global server password will still be
in effect.
Alexander Barton [Mon, 12 Jul 2010 10:56:33 +0000 (12:56 +0200)]
Implement asynchronous user authentication using PAM
For each client connection a child process is forked which handles the
actual PAM authentication and reports the result back to the master
process using a pipe for communication.
While the PAM authentication is in process the daemon does not block.
Alexander Barton [Sun, 11 Jul 2010 15:03:43 +0000 (17:03 +0200)]
New functions Client_[Set]OrigUser() to get/set user specified by peer
The Client_SetOrigUser() function is used to store the peer-provided
user name (see USER command) in its original form, not changed by
IDENT results, for example.
Alexander Barton [Wed, 30 Jun 2010 22:34:56 +0000 (00:34 +0200)]
Rename Log_[{Init|Exit}_]Resolver to Log_[{Init|Exit}_]Subprocess
Rename Log_Init_Resolver, Log_Exit_Resolver, and Log_Resolver to
Log_Init_Subprocess, Log_Exit_Subprocess, and Log_Subprocess and
make it more generic thereby.
Alexander Barton [Fri, 21 May 2010 21:47:28 +0000 (23:47 +0200)]
Don't set a penalty time when doing DNS lookups
The logic isn't as described in the source and intended by this code:
ngIRCd doesn't wait for the asynchronous resolver process until the set
penalty time is over, but until the forked process terminates or the
initial connection timeout (= PongTimeout) triggers.
So don't set the penalty time at all and remove the wrong comment.