config: deprecate NoXX-Options

ngircd unfortunately uses several options using double-negation, e.g.

NoIdent = No, NoPam = No, etc.

This renames all options by dropping the "No" prefix, e.g.
"NoIdent = no" becomes "Ident = yes".

The old options will continue to work, but will cause a warning
message.

Also update man pages and default config.

To prevent silly
'Ident = yes' from appearing in  --configtest output in the
'ident support not compiled in and Ident Option not used' case,
make default value depend on feature availability.
If feature is available, enable by default, otherwise disable.

We might consider moving these options to a new
[Feature]

section, or something like that, because none of these options are
essential.

Another possible improvement:

'Ident = yes' option in ngircd.conf causes a warning if ngircd was
built without ident support.

This does not happen with e.g. zeroconf....
This commit is contained in:
Florian Westphal 2011-01-08 15:56:14 +01:00
parent 4a5dfcc3ac
commit 1dca082fc6
8 changed files with 126 additions and 59 deletions

View File

@ -134,19 +134,18 @@
# Allow Pre-Defined Channels only (see Section [Channels]) # Allow Pre-Defined Channels only (see Section [Channels])
;PredefChannelsOnly = no ;PredefChannelsOnly = no
# Don't do any DNS lookups when a client connects to the server. # Do any DNS lookups when a client connects to the server.
;NoDNS = no ;DNS = yes
# Don't do any IDENT lookups, even if ngIRCd has been compiled # Do any IDENT lookups if ngIRCd has been compiled with support for it.
# with support for it. ;Ident = yes
;NoIdent = no
# Don't use PAM, even if ngIRCd has been compiled with support for it. # Use PAM if ngIRCd has been compiled with support for it.
;NoPAM = no ;PAM = no
# Don't use ZeroConf service registration, even if ngIRCd has been # Use ZeroConf service registration if ngIRCd has been
# compiled with support for it (e.g. Howl, Avahi, Mac OS X). # compiled with support for it (e.g. Howl, Avahi, Mac OS X).
;NoZeroConf = no ;ZeroConf = no
# try to connect to other irc servers using ipv4 and ipv6, if possible # try to connect to other irc servers using ipv4 and ipv6, if possible
;ConnectIPv6 = yes ;ConnectIPv6 = yes

View File

@ -205,28 +205,28 @@ you do not want to have channels other than those defined in
[Channel] sections in the configuration file. [Channel] sections in the configuration file.
Default: no. Default: no.
.TP .TP
\fBNoDNS\fR \fBDNS\fR
If set to true, ngIRCd will not make DNS lookups when clients connect. If set to false, ngIRCd will not make DNS lookups when clients connect.
If you configure the daemon to connect to other servers, ngIRCd may still If you configure the daemon to connect to other servers, ngIRCd may still
perform a DNS lookup if required. perform a DNS lookup if required.
Default: no. Default: yes.
.TP .TP
\fBNoIdent\fR \fBIdent\fR
If ngIRCd is compiled with IDENT support this can be used to disable IDENT If ngIRCd is compiled with IDENT support this can be used to disable IDENT
lookups at run time. lookups at run time.
Default: no. Default: yes.
.TP .TP
\fBNoPAM\fR \fBPAM\fR
If ngIRCd is compiled with PAM support this can be used to disable all calls If ngIRCd is compiled with PAM support this can be used to disable all calls
to the PAM library at runtime; all users connecting without password are to the PAM library at runtime; all users connecting without password are
allowed to connect, all passwords given will fail. allowed to connect, all passwords given will fail.
Default: no. Default: yes.
.TP .TP
\fBNoZeroConf\fR \fBZeroConf\fR
If ngIRCd is compiled to register its services using ZeroConf (e.g. using If ngIRCd is compiled to register its services using ZeroConf (e.g. using
Howl, Avahi or on Mac OS X) this parameter can be used to disable service Howl, Avahi or on Mac OS X) this parameter can be used to disable service
registration at runtime. registration at runtime.
Default: no. Default: yes.
.TP .TP
\fBConnectIPv4\fR \fBConnectIPv4\fR
Set this to no if you do not want ngIRCd to connect to other IRC servers using Set this to no if you do not want ngIRCd to connect to other IRC servers using

View File

@ -93,7 +93,7 @@ Client_Init( void )
This_Server->hops = 0; This_Server->hops = 0;
gethostname( This_Server->host, CLIENT_HOST_LEN ); gethostname( This_Server->host, CLIENT_HOST_LEN );
if (!Conf_NoDNS) { if (Conf_DNS) {
h = gethostbyname( This_Server->host ); h = gethostbyname( This_Server->host );
if (h) strlcpy(This_Server->host, h->h_name, sizeof(This_Server->host)); if (h) strlcpy(This_Server->host, h->h_name, sizeof(This_Server->host));
} }

View File

@ -341,10 +341,10 @@ Conf_Test( void )
printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode));
printf(" AllowRemoteOper = %s\n", yesno_to_str(Conf_AllowRemoteOper)); printf(" AllowRemoteOper = %s\n", yesno_to_str(Conf_AllowRemoteOper));
printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly)); printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly));
printf(" NoDNS = %s\n", yesno_to_str(Conf_NoDNS)); printf(" DNS = %s\n", yesno_to_str(Conf_DNS));
printf(" NoIdent = %s\n", yesno_to_str(Conf_NoIdent)); printf(" Ident = %s\n", yesno_to_str(Conf_Ident));
printf(" NoPAM = %s\n", yesno_to_str(Conf_NoPAM)); printf(" PAM = %s\n", yesno_to_str(Conf_PAM));
printf(" NoZeroConf = %s\n", yesno_to_str(Conf_NoZeroConf)); printf(" ZeroConf = %s\n", yesno_to_str(Conf_ZeroConf));
#ifdef WANT_IPV6 #ifdef WANT_IPV6
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6)); printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
@ -561,6 +561,27 @@ Conf_IsService(int ConfServer, const char *Nick)
} /* Conf_IsService */ } /* Conf_IsService */
static void
Set_Defaults_Optional(void)
{
#ifdef IDENTAUTH
Conf_Ident = true;
#else
Conf_Ident = false;
#endif
#ifdef PAM
Conf_PAM = true;
#else
Conf_PAM = false;
#endif
#ifdef ZEROCONF
Conf_ZeroConf = true;
#else
Conf_ZeroConf = false;
#endif
}
/** /**
* Initialize configuration settings with their default values. * Initialize configuration settings with their default values.
*/ */
@ -591,10 +612,7 @@ Set_Defaults(bool InitServers)
Conf_PingTimeout = 120; Conf_PingTimeout = 120;
Conf_PongTimeout = 20; Conf_PongTimeout = 20;
Conf_ConnectRetry = 60; Conf_ConnectRetry = 60;
Conf_NoDNS = false; Conf_DNS = true;
Conf_NoIdent = false;
Conf_NoPAM = false;
Conf_NoZeroConf = false;
Conf_Oper_Count = 0; Conf_Oper_Count = 0;
Conf_Channel_Count = 0; Conf_Channel_Count = 0;
@ -619,6 +637,7 @@ Set_Defaults(bool InitServers)
Conf_SyslogFacility = 0; Conf_SyslogFacility = 0;
#endif #endif
#endif #endif
Set_Defaults_Optional();
/* Initialize server configuration structures */ /* Initialize server configuration structures */
if (InitServers) { if (InitServers) {
@ -873,6 +892,53 @@ Handle_MaxNickLength(int Line, const char *Arg)
} /* Handle_MaxNickLength */ } /* Handle_MaxNickLength */
static void
WarnIdent(int Line)
{
#ifndef IDENTAUTH
if (Conf_Ident) {
/* user has enabled ident lookups explicitly, but ... */
Config_Error(LOG_WARNING,
"%s: line %d: Ident=True, but ngircd was built without IDENT support",
NGIRCd_ConfFile, Line);
}
#endif
}
static bool
CheckLegacyNoOption(const char *Var, const char *Arg)
{
if( strcasecmp( Var, "NoDNS" ) == 0 ) {
Conf_DNS = !Check_ArgIsTrue( Arg );
return true;
}
if (strcasecmp(Var, "NoIdent") == 0) {
Conf_Ident = !Check_ArgIsTrue(Arg);
return true;
}
if(strcasecmp(Var, "NoPAM") == 0) {
Conf_PAM = !Check_ArgIsTrue(Arg);
return true;
}
if(strcasecmp(Var, "NoZeroConf") == 0) {
Conf_ZeroConf = !Check_ArgIsTrue(Arg);
return true;
}
return false;
}
const char *
NoNo(const char *str)
{
assert(strncasecmp("no", str, 2) == 0 && str[2]);
return str + 2;
}
static const char *
InvertArg(const char *arg)
{
return yesno_to_str(!Check_ArgIsTrue(arg));
}
static void static void
Handle_GLOBAL( int Line, char *Var, char *Arg ) Handle_GLOBAL( int Line, char *Var, char *Arg )
@ -1036,32 +1102,34 @@ Handle_GLOBAL( int Line, char *Var, char *Arg )
Conf_PredefChannelsOnly = Check_ArgIsTrue( Arg ); Conf_PredefChannelsOnly = Check_ArgIsTrue( Arg );
return; return;
} }
if( strcasecmp( Var, "NoDNS" ) == 0 ) {
/* don't do reverse dns lookups when clients connect? */ if (CheckLegacyNoOption(Var, Arg)) {
Conf_NoDNS = Check_ArgIsTrue( Arg ); Config_Error(LOG_WARNING, "%s, line %d: \"No\"-Prefix has been removed, use "
"\"%s = %s\" instead",
NGIRCd_ConfFile, Line, NoNo(Var), InvertArg(Arg));
if (strcasecmp(Var, "NoIdent") == 0)
WarnIdent(Line);
return; return;
} }
if (strcasecmp(Var, "NoIdent") == 0) { if( strcasecmp( Var, "DNS" ) == 0 ) {
/* don't do IDENT lookups when clients connect? */ /* do reverse dns lookups when clients connect? */
Conf_NoIdent = Check_ArgIsTrue(Arg); Conf_DNS = Check_ArgIsTrue( Arg );
#ifndef IDENTAUTH
if (!Conf_NoIdent) {
/* user has enabled ident lookups explicitly, but ... */
Config_Error(LOG_WARNING,
"%s: line %d: NoIdent=False, but ngircd was built without IDENT support",
NGIRCd_ConfFile, Line);
}
#endif
return; return;
} }
if(strcasecmp(Var, "NoPAM") == 0) { if (strcasecmp(Var, "Ident") == 0) {
/* don't use PAM library to authenticate users */ /* do IDENT lookups when clients connect? */
Conf_NoPAM = Check_ArgIsTrue(Arg); Conf_Ident = Check_ArgIsTrue(Arg);
WarnIdent(Line);
return; return;
} }
if(strcasecmp(Var, "NoZeroConf") == 0) { if(strcasecmp(Var, "PAM") == 0) {
/* don't register services using ZeroConf */ /* use PAM library to authenticate users */
Conf_NoZeroConf = Check_ArgIsTrue(Arg); Conf_PAM = Check_ArgIsTrue(Arg);
return;
}
if(strcasecmp(Var, "ZeroConf") == 0) {
/* register services using ZeroConf */
Conf_ZeroConf = Check_ArgIsTrue(Arg);
return; return;
} }
#ifdef WANT_IPV6 #ifdef WANT_IPV6

View File

@ -143,17 +143,17 @@ GLOBAL bool Conf_OperServerMode;
/* Are remote IRC operators allowed to manage this server? */ /* Are remote IRC operators allowed to manage this server? */
GLOBAL bool Conf_AllowRemoteOper; GLOBAL bool Conf_AllowRemoteOper;
/* Disable all DNS functions? */ /* Enable all DNS functions? */
GLOBAL bool Conf_NoDNS; GLOBAL bool Conf_DNS;
/* Disable IDENT lookups, even when compiled with support for it */ /* Enable IDENT lookups, even when compiled with support for it */
GLOBAL bool Conf_NoIdent; GLOBAL bool Conf_Ident;
/* Disable all usage of PAM, even when compiled with support for it */ /* Enable all usage of PAM, even when compiled with support for it */
GLOBAL bool Conf_NoPAM; GLOBAL bool Conf_PAM;
/* Disable service registration using "ZeroConf" */ /* Enable service registration using "ZeroConf" */
GLOBAL bool Conf_NoZeroConf; GLOBAL bool Conf_ZeroConf;
/* /*
* try to connect to remote systems using the ipv6 protocol, * try to connect to remote systems using the ipv6 protocol,

View File

@ -1381,10 +1381,10 @@ New_Connection(int Sock)
identsock = new_sock; identsock = new_sock;
#ifdef IDENTAUTH #ifdef IDENTAUTH
if (Conf_NoIdent) if (!Conf_Ident)
identsock = -1; identsock = -1;
#endif #endif
if (!Conf_NoDNS) if (Conf_DNS)
Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr, Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
identsock, cb_Read_Resolver_Result); identsock, cb_Read_Resolver_Result);

View File

@ -778,7 +778,7 @@ Hello_User(CLIENT * Client)
assert(Client != NULL); assert(Client != NULL);
conn = Client_Conn(Client); conn = Client_Conn(Client);
if (Conf_NoPAM) { if (!Conf_PAM) {
/* Don't do any PAM authentication at all, instead emulate /* Don't do any PAM authentication at all, instead emulate
* the beahiour of the daemon compiled without PAM support: * the beahiour of the daemon compiled without PAM support:
* because there can't be any "server password", all * because there can't be any "server password", all

View File

@ -151,7 +151,7 @@ GLOBAL bool Rendezvous_Register( char *Name, char *Type, UINT16 Port )
{ {
int i; int i;
if (Conf_NoZeroConf) if (!Conf_ZeroConf)
return true; return true;
/* Search free port structure */ /* Search free port structure */