diff --git a/doc/sample-ngircd.conf.tmpl b/doc/sample-ngircd.conf.tmpl index 9bfa9d41..180bdcef 100644 --- a/doc/sample-ngircd.conf.tmpl +++ b/doc/sample-ngircd.conf.tmpl @@ -134,19 +134,6 @@ # Allow Pre-Defined Channels only (see Section [Channels]) ;PredefChannelsOnly = no - # Do any DNS lookups when a client connects to the server. - ;DNS = yes - - # Do any IDENT lookups if ngIRCd has been compiled with support for it. - ;Ident = yes - - # Use PAM if ngIRCd has been compiled with support for it. - ;PAM = no - - # Use ZeroConf service registration if ngIRCd has been - # compiled with support for it (e.g. Howl, Avahi, Mac OS X). - ;ZeroConf = no - # try to connect to other irc servers using ipv4 and ipv6, if possible ;ConnectIPv6 = yes ;ConnectIPv4 = yes @@ -167,6 +154,20 @@ # maximum nick name length! ;MaxNickLength = 9 +[Features] + # Do any DNS lookups when a client connects to the server. + ;DNS = yes + + # Do any IDENT lookups if ngIRCd has been compiled with support for it. + ;Ident = yes + + # Use PAM if ngIRCd has been compiled with support for it. + ;PAM = no + + # Use ZeroConf service registration if ngIRCd has been + # compiled with support for it (e.g. Howl, Avahi, Mac OS X). + ;ZeroConf = no + [Operator] # [Operator] sections are used to define IRC Operators. There may be # more than one [Operator] block, one for each local operator. diff --git a/man/ngircd.conf.5.tmpl b/man/ngircd.conf.5.tmpl index 1a6301fb..eb504725 100644 --- a/man/ngircd.conf.5.tmpl +++ b/man/ngircd.conf.5.tmpl @@ -47,13 +47,18 @@ ports on which the server should be listening. IRC operators of this server are defined in .I [Operator] blocks. +.I [Features] +can be used to disable compile-time features at run time, e.g. if ngircd +was built to support ident lookups, but you do not want ngircd to perform +ident lookups you can disable them here. +This section is optional. .I [Server] is the section where server links are configured. And .I [Channel] blocks are used to configure pre-defined ("persistent") IRC channels. .PP There can be more than one [Operator], [Server] and [Channel] sections -per configuration file, but only one [Global] section. +per configuration file, but only one [Global] and one [Features] section. .SH [GLOBAL] The .I [Global] @@ -205,29 +210,6 @@ you do not want to have channels other than those defined in [Channel] sections in the configuration file. Default: no. .TP -\fBDNS\fR -If set to false, ngIRCd will not make DNS lookups when clients connect. -If you configure the daemon to connect to other servers, ngIRCd may still -perform a DNS lookup if required. -Default: yes. -.TP -\fBIdent\fR -If ngIRCd is compiled with IDENT support this can be used to disable IDENT -lookups at run time. -Default: yes. -.TP -\fBPAM\fR -If ngIRCd is compiled with PAM support this can be used to disable all calls -to the PAM library at runtime; all users connecting without password are -allowed to connect, all passwords given will fail. -Default: yes. -.TP -\fBZeroConf\fR -If ngIRCd is compiled to register its services using ZeroConf (e.g. using -Howl, Avahi or on Mac OS X) this parameter can be used to disable service -registration at runtime. -Default: yes. -.TP \fBConnectIPv4\fR Set this to no if you do not want ngIRCd to connect to other IRC servers using IPv4. This allows usage of ngIRCd in IPv6-only setups. @@ -269,6 +251,33 @@ Password of the IRC operator. \fBMask\fR Mask that is to be checked before an /OPER for this account is accepted. Example: nick!ident@*.example.com +.SH [FEATURES] +An optional section that can be used to disable features at +run-time. A feature is enabled by default if if ngircd was built with +support for it. +\fBDNS\fR +If set to false, ngIRCd will not make DNS lookups when clients connect. +If you configure the daemon to connect to other servers, ngIRCd may still +perform a DNS lookup if required. +Default: yes. +.TP +\fBIdent\fR +If ngIRCd is compiled with IDENT support this can be used to disable IDENT +lookups at run time. +Default: yes. +.TP +\fBPAM\fR +If ngIRCd is compiled with PAM support this can be used to disable all calls +to the PAM library at runtime; all users connecting without password are +allowed to connect, all passwords given will fail. +Default: yes. +.TP +\fBZeroConf\fR +If ngIRCd is compiled to register its services using ZeroConf (e.g. using +Howl, Avahi or on Mac OS X) this parameter can be used to disable service +registration at runtime. +Default: yes. +.TP .SH [SERVER] Other servers are configured in .I [Server] diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index 5a992eb5..5819ef17 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -62,6 +62,7 @@ static bool Read_Config PARAMS(( bool ngircd_starting )); static bool Validate_Config PARAMS(( bool TestOnly, bool Rehash )); static void Handle_GLOBAL PARAMS(( int Line, char *Var, char *Arg )); +static void Handle_FEATURES PARAMS(( int Line, char *Var, char *Arg )); static void Handle_OPERATOR PARAMS(( int Line, char *Var, char *Arg )); static void Handle_SERVER PARAMS(( int Line, char *Var, char *Arg )); static void Handle_CHANNEL PARAMS(( int Line, char *Var, char *Arg )); @@ -232,7 +233,7 @@ opers_free(void) { struct Conf_Oper *op; size_t len; - + len = array_length(&Conf_Opers, sizeof(*op)); op = array_start(&Conf_Opers); while (len--) { @@ -247,7 +248,7 @@ opers_puts(void) { struct Conf_Oper *op; size_t len; - + len = array_length(&Conf_Opers, sizeof(*op)); op = array_start(&Conf_Opers); while (len--) { @@ -341,11 +342,6 @@ Conf_Test( void ) printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); printf(" AllowRemoteOper = %s\n", yesno_to_str(Conf_AllowRemoteOper)); printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly)); - printf(" DNS = %s\n", yesno_to_str(Conf_DNS)); - printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); - printf(" PAM = %s\n", yesno_to_str(Conf_PAM)); - printf(" ZeroConf = %s\n", yesno_to_str(Conf_ZeroConf)); - #ifdef WANT_IPV6 printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6)); printf(" ConnectIPv6 = %s\n", yesno_to_str(Conf_ConnectIPv4)); @@ -355,6 +351,13 @@ Conf_Test( void ) printf(" MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1); printf(" MaxNickLength = %u\n\n", Conf_MaxNickLength - 1); + puts("[FEATURES]"); + printf(" DNS = %s\n", yesno_to_str(Conf_DNS)); + printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); + printf(" PAM = %s\n", yesno_to_str(Conf_PAM)); + printf(" ZeroConf = %s\n", yesno_to_str(Conf_ZeroConf)); + puts(""); + opers_puts(); for( i = 0; i < MAX_SERVERS; i++ ) { @@ -818,6 +821,7 @@ Read_Config( bool ngircd_starting ) arg = ptr + 1; ngt_TrimStr( arg ); if( strcasecmp( section, "[GLOBAL]" ) == 0 ) Handle_GLOBAL( line, var, arg ); + else if( strcasecmp( section, "[FEATURES]" ) == 0 ) Handle_FEATURES( line, var, arg ); else if( strcasecmp( section, "[OPERATOR]" ) == 0 ) Handle_OPERATOR( line, var, arg ); else if( strcasecmp( section, "[SERVER]" ) == 0 ) Handle_SERVER( line, var, arg ); else if( strcasecmp( section, "[CHANNEL]" ) == 0 ) Handle_CHANNEL( line, var, arg ); @@ -1117,7 +1121,7 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) if (CheckLegacyNoOption(Var, Arg)) { Config_Error(LOG_WARNING, "%s, line %d: \"No\"-Prefix has been removed, use " - "\"%s = %s\" instead", + "\"%s = %s\" in [FEATURES] section instead", NGIRCd_ConfFile, Line, NoNo(Var), InvertArg(Arg)); if (strcasecmp(Var, "NoIdent") == 0) WarnIdent(Line); @@ -1125,28 +1129,6 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) WarnPAM(Line); return; } - if( strcasecmp( Var, "DNS" ) == 0 ) { - /* do reverse dns lookups when clients connect? */ - Conf_DNS = Check_ArgIsTrue( Arg ); - return; - } - if (strcasecmp(Var, "Ident") == 0) { - /* do IDENT lookups when clients connect? */ - Conf_Ident = Check_ArgIsTrue(Arg); - WarnIdent(Line); - return; - } - if(strcasecmp(Var, "PAM") == 0) { - /* use PAM library to authenticate users */ - Conf_PAM = Check_ArgIsTrue(Arg); - WarnPAM(Line); - return; - } - if(strcasecmp(Var, "ZeroConf") == 0) { - /* register services using ZeroConf */ - Conf_ZeroConf = Check_ArgIsTrue(Arg); - return; - } #ifdef WANT_IPV6 /* the default setting for all the WANT_IPV6 special options is 'true' */ if( strcasecmp( Var, "ConnectIPv6" ) == 0 ) { @@ -1271,6 +1253,37 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) } /* Handle_GLOBAL */ +static void +Handle_FEATURES(int Line, char *Var, char *Arg) +{ + assert( Line > 0 ); + assert( Var != NULL ); + assert( Arg != NULL ); + + if( strcasecmp( Var, "DNS" ) == 0 ) { + /* do reverse dns lookups when clients connect? */ + Conf_DNS = Check_ArgIsTrue( Arg ); + return; + } + if (strcasecmp(Var, "Ident") == 0) { + /* do IDENT lookups when clients connect? */ + Conf_Ident = Check_ArgIsTrue(Arg); + WarnIdent(Line); + return; + } + if(strcasecmp(Var, "PAM") == 0) { + /* use PAM library to authenticate users */ + Conf_PAM = Check_ArgIsTrue(Arg); + WarnPAM(Line); + return; + } + if(strcasecmp(Var, "ZeroConf") == 0) { + /* register services using ZeroConf */ + Conf_ZeroConf = Check_ArgIsTrue(Arg); + return; + } +} + static void Handle_OPERATOR( int Line, char *Var, char *Arg ) {