Commit Graph

2184 Commits

Author SHA1 Message Date
Alexander Barton 03457135b7 Use correct preprocessor syntax when testing for PAM and IDENTAUTH 2010-07-12 13:22:48 +02:00
Alexander Barton 28424d013d Make sure signal.h is #include'd when needed 2010-07-12 13:22:19 +02:00
Alexander Barton 583c50476b Initial documentation for using PAM with ngIRCd 2010-07-12 13:07:07 +02:00
Alexander Barton 808d4f6e85 Implement asynchronous user authentication using PAM
For each client connection a child process is forked which handles the
actual PAM authentication and reports the result back to the master
process using a pipe for communication.

While the PAM authentication is in process the daemon does not block.
2010-07-12 12:56:33 +02:00
Alexander Barton fb4b5acfb8 Add new pam.{c|h} module to Xcode project
Adjust Xcode project and Mac OS X static config.h header to use PAM.
2010-07-12 12:54:01 +02:00
Alexander Barton 77870ddf2d Add pam.{c|h} to project and implement PAM_Authenticate() function 2010-07-12 12:53:08 +02:00
Alexander Barton 1995af0ed6 New functions Client_[Set]OrigUser() to get/set user specified by peer
The Client_SetOrigUser() function is used to store the peer-provided
user name (see USER command) in its original form, not changed by
IDENT results, for example.
2010-07-11 17:03:43 +02:00
Alexander Barton 761b2284b9 Detect PAM libraries 2010-07-11 17:01:45 +02:00
Alexander Barton 79be1c477e Refactor Resolve_Read() into generic Proc_Read() function 2010-07-11 16:58:30 +02:00
Alexander Barton 7b5e2fe38e Make Proc_Kill() more fault-tolerant 2010-07-11 16:54:44 +02:00
Alexander Barton bf8b646304 New function Conn_GetProcStat()
Get PROC_STAT sub-process structure of a given connection.
2010-07-11 15:15:23 +02:00
Alexander Barton e4ffcd00bd Code cleanup: don't reset penalty time on DNS resolver result
See commit d4632a727fbee6: it's not necessary any more!
2010-07-11 15:12:17 +02:00
Alexander Barton 4cc4c29e38 New function Proc_GenericSignalHandler() 2010-07-01 00:39:35 +02:00
Alexander Barton 0db9a31e50 Rename Log_[{Init|Exit}_]Resolver to Log_[{Init|Exit}_]Subprocess
Rename Log_Init_Resolver, Log_Exit_Resolver, and Log_Resolver to
Log_Init_Subprocess, Log_Exit_Subprocess, and Log_Subprocess and
make it more generic thereby.
2010-07-01 00:34:56 +02:00
Alexander Barton 5462c6c50f Don't #include client.h when conn.h/conn-func.h is already included
conn.h and cinn-func.h both already #include client.h, so it is
not needed to do it twice.
2010-06-30 23:49:52 +02:00
Alexander Barton 3d49fa5bff New function Conn_GetFromProc() to get CONN_ID of a subprocess
Get CONN_ID from file descriptor associated to a subprocess structure.
2010-06-29 23:38:39 +02:00
Alexander Barton 2d4ea28835 Resolver: Implement signal handler and catch TERM signal 2010-06-29 22:55:27 +02:00
Alexander Barton d4632a727f Don't set a penalty time when doing DNS lookups
The logic isn't as described in the source and intended by this code:
ngIRCd doesn't wait for the asynchronous resolver process until the set
penalty time is over, but until the forked process terminates or the
initial connection timeout (= PongTimeout) triggers.

So don't set the penalty time at all and remove the wrong comment.
2010-06-29 22:55:27 +02:00
Alexander Barton 60f5dd5b29 Update comments: subprocesses not only can be resolver processes 2010-06-29 22:55:27 +02:00
Alexander Barton 89e73ad4b4 Refactoring: Rename CONNECTION.res_stat to .proc_stat
We want to use this process status variable not only for the
resolver subprocesses but other asynchronous tasks as well;
so let's name it more generic.
2010-06-29 22:55:27 +02:00
Alexander Barton 54e67ea9ee New "module" proc.c/proc.h for generic process handling
The new "module" proc.c is used for functions dealing with child
processes. At the moment, it is only used by the asynchronous resolver.

All the functions already implemented habe been migrated from the
resolver code base, and the rest of the ngIRCd source code has been
adepted to the new namespace and calling conventions.

The goal is to develop "generic" process handling functions that can
be used for other purposes as well, e.g. running processes on client
connects etc.
2010-06-29 22:55:27 +02:00
Alexander Barton cc336b7558 Only #include resolve.h if it is really needed 2010-06-29 22:55:27 +02:00
Alexander Barton ae55d4f500 Fix redundant redeclaration of Conn_Count*() functions
The wrongly placed #endif lead to the following compiler warnings:

conn.h:125: warning: redundant redeclaration of ‘Conn_Count’
conn.h:125: warning: previous declaration of ‘Conn_Count’ was here
conn.h:126: warning: redundant redeclaration of ‘Conn_CountMax’
conn.h:126: warning: previous declaration of ‘Conn_CountMax’ was here
conn.h:127: warning: redundant redeclaration of ‘Conn_CountAccepted’
conn.h:127: warning: previous declaration of ‘Conn_CountAccepted’ was here
2010-06-26 00:45:11 +02:00
Alexander Barton edfa215481 const'ify Conn_WriteStr() function 2010-06-26 00:44:37 +02:00
Alexander Barton c6742192a6 const'ify Send_ListChange() function in irc-mode.c 2010-06-26 00:42:12 +02:00
Alexander Barton 0c0d4af55a const'ify IRC_WriteStrXXX() and Get_Prefix() functions 2010-06-26 00:38:20 +02:00
Alexander Barton 8605e9c0fe const'ify command name variable in _COMMAND strcuture 2010-06-26 00:37:06 +02:00
Alexander Barton a68103771c const'ify Client_TypeText() 2010-06-26 00:31:08 +02:00
Alexander Barton 8ad1c23ae4 Add some documentation for using BOPM with ngIRCd 2010-06-25 15:19:39 +02:00
Alexander Barton f76e0a1db6 Implement user mode "c": receive connect/disconnect NOTICEs
Users having the user mode "c" set receive NOTICE messages on each
new client connection to the local server as well as disconnects.
Only IRC operators (users having the mode "o" set) are allowed to
set the 'c' user mode.

These connect/disconnect messages can be useful for open proxy
scanners -- BOPM (http://wiki.blitzed.org/BOPM) is now functional
with ngIRCd, for example.
2010-06-25 00:33:01 +02:00
Alexander Barton 51ed742054 Refactor Wall_ServerNotice() into more generic Log_ServerNotice()
Log_ServerNotice() sends a messages to all users having a given
user mode set.
2010-06-25 00:33:00 +02:00
Alexander Barton 60eac5e952 New function Conn_IPA(): get client IP address as string 2010-06-25 00:33:00 +02:00
Alexander Barton 139d6303e7 ngircd.init: require $network $remote_fs when stopping ngircd 2010-06-25 00:10:56 +02:00
Neale Pickett 28f8b50174 Show SSL status in WHOIS, numeric 275
"I've been wanting this for years and finally took the 5 minutes to
patch it in. I took the response code (275) from whatever's running
OFTC's IRC network."
  -- Neale Pickett <neale@woozle.org>, Fri, 11 Jun 2010 17:32:41 -0500

(OFTC is running Hybrid ircd.)
2010-06-23 11:00:09 +02:00
Alexander Barton e2930f3f5e Include correct header files when testing for arpa/inet.h (Closes: #105)
Tested on OpenBSD 4.7, OpenBSD 4.1, FreeBSD 8, Linux and Mac OS X.
Thanks to rck <dev.rck@gmail.com> for reporting and testing!
2010-06-09 12:03:08 +02:00
Florian Westphal 059e707249 Revert "configure: make implicit declarations fatal"
This reverts commit b3a6c33da0b12ba74dc395979b677813d4bc2c0f.

apparently not all gcc versions support this 8-(
2010-06-09 12:03:00 +02:00
Florian Westphal b849e63fbf configure: make implicit declarations fatal
from bugzilla #105:
"ngircd-16 works great under openbsd4.7/i386, but it segfaults on
openbsd4.7/amd64."

Caused by missing function prototypes and the resulting truncation of
pointer to int.

Lets try to catch these bugs during compilation instead of SIGSEGV.
2010-06-09 11:49:57 +02:00
Alexander Barton 55190f2d3d Don't access already freed memory in IRC_KILL()
It is not possible to call Conn_Close() after Client_Destroy() has been
called, because Conn_Close wants to access the CLIENT structure which
then has been freed already.

Fix IRC_KILL to use Conn_Close() for local clients and Client_Destroy()
for remote clients only (and never both).
2010-05-22 17:03:54 +02:00
Florian Westphal 6dc80bd195 fix "beeing" typo
reported by Fabio Scotoni via bugzilla #101.
2010-05-14 19:43:08 +02:00
Florian Westphal df359835d1 SSL/TLS: fix bogus 'socket closed' error message
When we get there then the ssl handshake has failed, or
we could not create a ssl context because ssl library
initialization failed on startup.

Reflect that in the log message.
2010-05-07 23:25:59 +02:00
Alexander Barton defd7e09af ngIRCd release 16 2010-05-02 15:25:35 +02:00
Florian Westphal 29d448ed63 doc/SSL: remove line continuation marker
some people got confused by the '\' line continuation marker,
thus put everything in a single line, even if the line gets overly long.
2010-05-01 20:29:18 +02:00
Alexander Barton bdec5ac1f3 ngIRCd release 16~rc2 2010-04-25 13:13:11 +02:00
Alexander Barton 73fd26e9fa Don't reset counters on RESTART
When ngIRCd restarts, all the connection counters are preserved now,
as well as the command counters for example.

It's unclear if resetting or not resetting is the "correct" behaviour,
but it's quite clear that the behaviour should be consistent for all the
counters ngIRCd uses ...

And initializing "WCounter", the global but temporary write counter,
is not necessarry at all: it is initialized (reset) before its use in
the command parser (see parse.c).
2010-04-25 12:54:13 +02:00
Alexander Barton 79e1ec2b1e New numeric RPL_STATSCONN (250): display connection statistics
The RPL_STATSCONN numeric (250) displays information about the
highest simoultaneous connection count and the number of all
accepted connections since the daemon started up.

Used by ircd-Hybrid, Bahamut, and Unreal for example.
2010-04-23 23:30:14 +02:00
Alexander Barton 615d09459e Display total number of served connections on daemon shutdown 2010-04-23 23:29:22 +02:00
Alexander Barton 1338ade650 Enhace connection statistics counters
This patch enables ngIRCd to count the highest maximum simultaneous
connections and all the connections accepted since startup.

New functions:
- Conn_Count(): get current connections
- Conn_CountMax(): maximum simultaneous connections
- Conn_CountAccepted(): number of connections accepted
2010-04-23 23:25:34 +02:00
Alexander Barton 21140500f1 Conn_Init: code cleanup 2010-04-23 22:23:51 +02:00
Alexander Barton 77ceb9f8ab Updated doc/Platforms.txt 2010-04-23 11:04:39 +02:00
Alexander Barton b042363e88 Only include <netinet/in_systm.h> if it exists 2010-04-23 11:04:15 +02:00