Alexander Barton [Tue, 30 Jul 2013 20:05:00 +0000 (22:05 +0200)]
Add more penalty times in error paths
This patch changes the handlers of the "PASS", "NICK", "USER",
and "SERVICE" commands to enforce a 2 second penalty when an error
like "need more/other parameters" occurs.
It now configures the sandbox to build ngIRCd with IPv6, IDENT, PAM,
TCP-Wrappers, and zlib support. And it installs expect(1) and telnet(1)
for the test suite.
Alexander Barton [Fri, 24 May 2013 22:25:38 +0000 (00:25 +0200)]
IncludeDir: default to "$SYSCONFDIR/ngircd.conf.d"
Now "IncludeDir" defaults to "$SYSCONFDIR/ngircd.conf.d" instead
of no directory, but a missing directory is only reported as an
error if it has explicitely configured in the main configuration
file and simply ignored otherwise.
Therefore it is now possible not to touch the default (sample)
configuration file at all, and set all distribution and/or system
specific configuration options in "*.conf" files stored in
"$SYSCONFDIF/ngircd.conf.d/".
Alexander Barton [Fri, 24 May 2013 20:29:41 +0000 (22:29 +0200)]
Implement new configuration option "IncludeDir"
The option "IncludeDir" in the [Options] section can be used
to specify a directory which can contain further configuration
files and configuration file snippets matching the pattern
"*.conf" that should be read in after the main configuration
file ("ngircd.conf" by default) has been parsed.
Alexander Barton [Fri, 24 May 2013 19:57:42 +0000 (21:57 +0200)]
conf.c: New function Read_Config_File()
This function reads in and parses a single configuration file.
Adjust all other functions to display the correct name of the
file being read in currently.
As pointed by Alex while strl{cat,cpy} take the full length
we need to leave space to ensure a proper mask is always created
so revert the removal of - N from my last change.
Change Lists_MakeMask() to receive a buffer for the mask
Change callers accordingly so they don't rely on a global buffer and
rename Mask to Pattern where it makes sense since some functions
where indeed receiving a pattern and not a mask.
Alexander Barton [Wed, 27 Mar 2013 12:09:23 +0000 (13:09 +0100)]
Build OS X package with correct file permissions
This requires to have the correct permissions in the source tree, which
is "root:wheel", which in turn requires root privileges. Therefore the
Makefile now tries to become root on "make osxpkg-dest" but tries hard
not to require root privileges on "clean" etc.
Don't read SSL client data before DNS resolver is finished
Fix the cb_clientserver_ssl() callback function to not read in and store SSL
encrypted client data before the asynchronous DNS resolver sub-process has
finished: This could have resulted in discarding the resolved client hostname
and IDENT reply afterwards, because in some situations (timing dependent) the
NICK and USER commands could have already been read in from the client,
stored in the buffer, and been processed.
Thanks to Julian Brost for reporting the issue and testing, and to Federico
G. Schwindt <fgsch@lodoss.net> for helping to debug it!
Alexander Barton [Fri, 15 Feb 2013 20:59:06 +0000 (21:59 +0100)]
Merge branch 'bug153-ServerMask' into master
* bug153-ServerMask:
Update irc-info.c to use irc-macros.h
Add new irc-macros.h to project
irc-info.c: add/streamline function documentation comments
irc-info: move static functions at the top of the file
Implement new function Client_SearchServer()
Alexander Barton [Fri, 15 Feb 2013 20:32:08 +0000 (21:32 +0100)]
configure: search for iconv_open as well as libiconv_open
On some installations iconv_open() is actually libiconv_open().
iconv_open() is the glibc version while libiconv_open() is the libiconv
version. This patch enables ngIRCd to detect both cases.
Sebastian Köhler [Thu, 14 Feb 2013 18:21:01 +0000 (19:21 +0100)]
KICK: Fix denial of service bug
Test if the user that it is to be kicked is on the channel before user
channel modes are tested. Otherwise assert( cl2chan != NULL ); in
line 742 would fail and stop the service.
Alexander Barton [Mon, 11 Feb 2013 12:57:54 +0000 (13:57 +0100)]
Allow "@" character in user names for authentication
The "@" character isn't allowed in IRC usernames, because it is the
separator between user name and hostname in IRC masks:
<nickname>!<username>@<hostname>
This patch accepts user names including "@" characters, saves the
unmodified name for authentication but stores only the part in front
of the "@" character as "IRC user name". And the latter is how
ircd2.11, Bahamut, and irc-seven behave as well.
Alexander Barton [Sun, 10 Feb 2013 19:43:56 +0000 (20:43 +0100)]
Merge branch 'systemd'
* systemd:
ngircd.sock: explicitely bind to IPv4 and IPv6 addresses
Show address and port of sockets passed-in by systemd(8)
Check type of sockets passed-in by systemd(8)
Adjust severity levels of some log messages
New configuration option "IdleTimeout": exit daemon when idle
Implement support for systemd(8) "socket activation"
contrib/README: add more files
Alexander Barton [Sun, 10 Feb 2013 19:20:58 +0000 (20:20 +0100)]
Check type of sockets passed-in by systemd(8)
This patch makes sure that ngIRCd doesn't try to handle sockets of
unsupported types, for example of AF_INET6 sockets when ngIRCd isn't
compiled with support for IPv6 ...
* HelpText: (22 commits)
Commands.txt: Update description of the "USERS" command
Commands.txt: Update description of the "SUMMON" command
Commands.txt: Update description of the "SERVLIST" command
Commands.txt: Update description of the "WHOWAS" command
Commands.txt: Update description of the "WHOIS" command
Commands.txt: Update description of the "WHO" command
Commands.txt: Update description of the "VERSION" command
Commands.txt: Update description of the "USERHOST" command
Commands.txt: Update description of the "TIME" command
Commands.txt: Update description of the "STATS" command
Commands.txt: Update description of the "NAMES" command
Commands.txt: Update description of the "MOTD" command
Commands.txt: Update description of the "LUSERS" command
Commands.txt: Update description of the "LINKS" command
Commands.txt: Update description of the "ISON" command
Commands.txt: Update description of the "INFO" command
Commands.txt: Update description of the "ADMIN" command
Commands.txt: Add description for the "CHARCONV" command
Commands.txt: Add description for the "CAP" command
Commands.txt: Import descriptions from "rbose/command_help"
...
- move IRC_SetPenalty() at the beginning of the handler functions,
- use macros provided by irc-macros.h,
- code cleanup.
The main benefits of this patch are core size reduction, streamlined
structure of the handler functions, and enhanced functionality:
because of the _IRC_GET_TARGET_SERVER_OR_RETURN_() macro using the
Client_SearchServer() function, the target of the specific IRC command
can now be given server names, server mask, or the nickname of a user
connected to the server.
irc-info.c: add/streamline function documentation comments
Add missing comments, streamline wording, and remove references to the
RFCs: this will be added to ./doc/Commands.txt with an other patch and
we want to avoid redundancy ...
"WHO <hostmask>": use displayed hostname for matching
Use the currently "displayed hostname" (which can be cloaked!) for
hostname matching, not the real one. In other words: don't display
all the cloaked users on a specific real hostname!
Thanks to DNS <dns@rbose.org> for reporting this issue.
This function returns the server structure of a client or a given "mask";
it is useful for implemention handlers for commands like "COMMAND *.net",
which should work on a server matching "*.net".
Please note that the local server is always returned when it matches the
mask, but besides that, the order is completely arbitrary.
New configuration option "IdleTimeout": exit daemon when idle
This patch implements a new configuration option "IdleTimeout" in the
[Limits] section of the configuration file which can be used to set a
timeout (in seconds) after which the whole daemon will shutdown when no
more connections are left active after handling at least one client.
The default is 0, "never".
This can be useful for testing or when ngIRCd is started using "socket
activation" with systemd(8), for example.
Implement support for systemd(8) "socket activation"
This patch enables ngIRCd to work with listening sockets already
initialized and passed-in by systemd(8) and hereby to support on-demand
"socket activation".
systemd(8) uses two environment variables to pass information about the
sockets to ngIRCd, LISTEN_PID and LISTEN_FDS, and this mechanism only
kicks in when both variables are set. In all other cases, and therefore
in most installations out there, nothing changes at all.
Please note:
If socket activation is in effect, ngIRCd will not initialize any (other)
soeckets on its own! All sockets must be configured in the systemd(8)
socket unit configuration file in this case, see ./contrib/ngircd.socket
for example.
Probably it would be interesting to match passed-in sockets to configured
listening sockets and to initialize all the remaining ones not already
set up by systemd(8), but this is kept back for an other patch ...
See
- <http://0pointer.de/blog/projects/socket-activation.html>
- <http://0pointer.de/blog/projects/socket-activation2.html>
- <http://www.freedesktop.org/software/systemd/man/systemd.socket.html>
Enable WHOIS to display information about IRC Services
This patch introduces the new numeric 310(RPL_WHOISSERVICE) and enables
WHOIS to display information about IRC services. This numeric is used
for this purpose by InspIRCd, for example -- but as usual, other numerics
are in use, too, like 613 in UltimateIRCd ...
Please note that neither the Operator (+o) not the "bot status" (+B)
of an IRC service id displayed in the output.
Change suggested by Federico G. Schwindt <fgsch@lodoss.net>, Thanks.