Commit Graph

1691 Commits

Author SHA1 Message Date
Florian Westphal 0bb892bb5f conn: avoid needlesly scary 'buffer overflow' messages
When the write buffer space grows too large, ngircd has to disconnect
the client to avoid wasting too much memory.

ngircd logs this with a scary 'write buffer overflow' message.
Change this to a more descriptive wording.
2011-04-29 23:10:01 +02:00
Alexander Barton c26ca7773b Only require server prefixes on non RFC1459 links
Not all servers (and services!) using the RFC1459 protocol style send
prefixes on all commands; so don't require them to do so.

This relaxes the requirements introduced by commit 15775e679.
2011-04-29 12:33:58 +02:00
Alexander Barton 160f5725a6 Do reverse lookups using the AF of the incoming connection
This fixes errors like this one:
  Address mismatch: 2001🔢abcd:1::1 != 192.168.1.1
2011-04-26 11:10:50 +02:00
Florian Westphal e4e1595bff resolve: fix reverse lookups of client connections with ConnectIPv6=no
We re-use the same helper function for both forward lookups
(when we want to connect to a peer server) and for validation of reverse
loopups (where we make a lookup on the hostname returned
by a reverse lookup on the IP address that connected).

Problem:

When ConnectIPv6=no, the forward lookup helper sets the adderss family
to AF_INET, and, if out client connected via ipv6, we fail to validate
the result.

Thus move the ConnectIPvX check out of the helper.
2011-04-25 18:00:10 +02:00
Alexander Barton 1cd8d7f386 Doxygen'ify conf.c 2011-04-12 23:15:29 +02:00
Alexander Barton 9a102ca96b New function Config_Error_Section(); and code cleanup 2011-04-12 21:55:32 +02:00
Alexander Barton e70e81460b Add some type casts to random() and srandom() functions
This fixes two gcc warnings (on Mac OS X):
 "warning: implicit conversion shortens 64-bit value into a 32-bit value"
2011-04-12 21:23:14 +02:00
Florian Westphal 5acb90fafc ngircd: improve rng initialisation
we do not need this for cryptographic purposes, but we can do better
than plain srandom(getpid()).

Also, keep in mind that rng state is inherited across fork(), so re-init
it in the child.
2011-03-28 00:29:58 +02:00
Alexander Barton d61fbfc6e3 Merge branch 'AuthPing'
* AuthPing:
  Add documentation for "RequireAuthPing" configuration option
  New configuration option "RequireAuthPing": PING-PONG on login
2011-03-27 20:58:18 +02:00
Alexander Barton 162433398e New configuration option "RequireAuthPing": PING-PONG on login
When enabled, this configuration option lets ngIRCd send a PING with an
numeric "token" to clients logging in; and it will not become registered
in the network until the client responds with the correct PONG.

This is used by QuakeNet for example (ircu/snircd), and looks like this:

  NICK nick
  :irc.example.net PING :1858979527
  USER user . . :real name
  PONG 1858979527
  :irc.example.net 001 nick :Welcome to the Internet Relay Network ...
2011-03-27 19:33:48 +02:00
Alexander Barton f99d33ddd9 Configuration: move "NoticeAuth" to GLOBAL section 2011-03-26 17:11:44 +01:00
Alexander Barton d29e389779 New configuration option "NoticeAuth": send NOTICE AUTH on connect
When enabling "NoticeAuth" in the [Features] section, ngircd will send
"NOTICE AUTH" messages on client connect like e.g. snircd (QuakeNet) does.
2011-03-25 12:15:11 +01:00
Alexander Barton f1a4a4dc88 Warn when unknown variables are found in [Features] section 2011-03-25 12:12:20 +01:00
Alexander Barton 770a58ac6d Generate WALLOPS message on SQUIT from IRC operator
So SQUIT now behaves like CONNECT and DISCONNECT commands, when called
by an IRC operator (and not received from an other server).
2011-03-21 23:52:42 +01:00
Alexander Barton 15775e6790 Commands received from other servers must have prefixes
Make sure that all commands received from other servers do have
valid prefixes.

Only exceptions are PING and ERROR commands that can occure without
prefixes when generated by the remote peer itself.
2011-03-21 10:46:09 +01:00
Alexander Barton 62f705f97e Allow servers to send more commands in the first 10 secods
This helps to speed up server login and network synchronisation.
2011-03-21 09:42:01 +01:00
Alexander Barton a39e2f22c9 IRC_CHANINFO(): Code cleanup 2011-03-19 17:29:19 +01:00
Alexander Barton dcb1951efd Handle_GLOBAL(): don't use multi-line strings
They aren't supported by elder C compilers ...
2011-03-19 17:28:38 +01:00
Alexander Barton fa8b83e69b Merge branches 'CloakUserHost', 'QuitOnHTTP' and 'bug72-WHOIS-List'
* CloakUserHost:
  Add a note not to use a percent sign ("%") in CloakHost variable
  Rename ClientHost to CloakHost, and ClientUserNick to CloakUserToNick
  Don't use "the.net" in sample-ngircd.conf, use "example.net"
  ngircd.conf.5: document "ClientHost" and "ClientUserNick"
  Move "ClientHost" and "ClientUserNick" to end of [Global] section
  ClientUserNick setting
  ClientHost setting

* QuitOnHTTP:
  Only "handle" HTTP commands on unregistered connections
  Don't use IRC_QUIT_HTTP() if STRICT_RFC is #define'd
  IRC_QUIT_HTTP(): enhance error message
  Move IRC_QUIT_HTTP() below IRC_QUIT()
  quit on HTTP commands: GET & POST

* bug72-WHOIS-List:
  Add "whois-test" to testsuite and distribution archive
  Add support for up to 3 targets in WHOIS queries.
2011-03-19 17:16:14 +01:00
Alexander Barton ae7470ceb5 Rename ClientHost to CloakHost, and ClientUserNick to CloakUserToNick 2011-03-19 16:58:29 +01:00
Alexander Barton d1f604ab89 Add "whois-test" to testsuite and distribution archive
Test script proposed by Dana Dahlstrom, 2008-02-17.
See <https://arthur.barton.de/bugzilla/show_bug.cgi?id=72> ...
2011-03-19 15:03:15 +01:00
Florian Westphal ff2a425ab8 Add support for up to 3 targets in WHOIS queries.
also allow up to one wildcard query from local hosts.
Follows ircd 2.10 implementation rather than RFC 2812.
At most 10 entries are returned per wildcard expansion.

WHOIS test cases by Dana Dahlstrom.
2011-03-19 15:03:15 +01:00
Alexander Barton b19f7d73cb Only "handle" HTTP commands on unregistered connections 2011-03-17 00:03:10 +01:00
Alexander Barton 38747b40dc Don't use IRC_QUIT_HTTP() if STRICT_RFC is #define'd 2011-03-16 23:58:39 +01:00
Alexander Barton dbb66695c9 IRC_QUIT_HTTP(): enhance error message 2011-03-16 23:58:01 +01:00
Alexander Barton 77cff9e47c Move IRC_QUIT_HTTP() below IRC_QUIT() 2011-03-16 23:56:27 +01:00
Alexander Barton 25dd193e9b Move "ClientHost" and "ClientUserNick" to end of [Global] section 2011-03-16 23:43:29 +01:00
Gabor Adam Toth 71d8c37171 ClientUserNick setting 2011-03-16 23:15:50 +01:00
Gabor Adam Toth 52f59149ad ClientHost setting 2011-03-16 23:15:50 +01:00
Gabor Adam Toth 33e8c24806 quit on HTTP commands: GET & POST 2011-03-16 22:59:57 +01:00
Florian Westphal 5417a72536 channel: always reject zero-length channel key
previously, any client could join in this configuration:

[Channel]
  Name = #test
  Modes = tnk
  KeyFile = /tmp/foobar

fix this by checking for zero-length key before comparing
key to channel key.
2011-02-28 23:28:24 +01:00
Alexander Barton 94e4562c1c PAM-Auth child: log if result can't be reported
This fixes the followin GCC warning on modern Linux systems as well:

irc-login.c:     In function ‘Hello_User’:
irc-login.c:876: warning: ignoring return value of ‘write’,
                 declared with attribute warn_unused_result
2011-02-23 22:55:45 +01:00
Alexander Barton adfa968f99 Correctly detect errors when handling "MODE x" commands 2011-02-14 01:44:40 +01:00
Alexander Barton 07f241ff6d Enhance documentation for the WEBIRC command 2011-02-13 17:52:39 +01:00
Alexander Barton 53fecf5a2b Doxygen'ify irc-login.c 2011-02-13 17:52:39 +01:00
Alexander Barton 8a674c3263 Doxygen'ify irc-channel.c 2011-02-13 17:52:39 +01:00
Alexander Barton 1f5fbd5992 Doxygen'ify conn.c 2011-02-13 17:52:39 +01:00
Alexander Barton 5858dc3886 Doxygen'ify proc.h 2011-02-13 17:52:39 +01:00
Alexander Barton af6ac0fa41 Doxygen'ify parse.h 2011-02-13 17:52:39 +01:00
Alexander Barton f3ec90f3f0 Doxygen'ify and update comments in ngircd.{c|h} 2011-02-13 17:52:39 +01:00
Alexander Barton c6a7de869c Doxygen'ify and update comments in match.c 2011-02-13 17:52:39 +01:00
Alexander Barton 4ef23df813 Update and translate comments in hash.c 2011-02-13 17:52:39 +01:00
Alexander Barton 5555b6cc86 Doxygen'ify conf.h 2011-02-13 17:52:39 +01:00
Alexander Barton 72a982ae7e Add missong Doxygen @file tags to ngircd.h and irc-op.h 2011-02-13 17:52:39 +01:00
Alexander Barton 2a7dd06ebd Code cleanup: mostly removing empty lines 2011-02-13 17:52:38 +01:00
Alexander Barton 03628dbeaf Add Doxygen @file documentation to each source and header file 2011-02-13 17:52:38 +01:00
Alexander Barton f732c7117e Make write buffers bigger, but flush early
This patch
 - makes the server write buffer bigger: 64k,
 - makes the regular write buffer bigger: 32k,
 - tries to flush the write buffer starting at 4K.

Before this patch, a client got disconnected if the buffer flushing at 4k
failed, now regular clients can store up to 32k and servers up 64k even
if flushing is not possible at the moment (e.g. on slow links).
2011-02-12 23:24:56 +01:00
Alexander Barton 477224be5c Enhance logging on "write buffer overflow" 2011-02-12 23:24:26 +01:00
Alexander Barton 493ccd57f4 Clean up Validate_Prefix(); don't send punctuation in ERROR commands 2011-01-29 16:05:55 +01:00
Alexander Barton 8700f4d93c Better check for invalid IRC+ PASS command
Don't do a NULL-pointer dereference when a remote server using the
IRC+ protocol sends an invalid PASS command without the required
<serverversion> parameter ...
2011-01-23 18:38:36 +01:00
Alexander Barton 765dc320f1 Read_Request(): don't access possibly free'd CLIENT structure
Handle_Buffer() can shut down connections and remove clients, so after
calling it, we have to make sure that our CLIENT pointer is still valid.
2011-01-23 15:14:18 +01:00
Alexander Barton 9fff9f6a2b ngircd-test2.conf: really disable Ident and PAM ... 2011-01-19 01:19:40 +01:00
Alexander Barton b856a58051 Log "Can't read MOTD file" as "configuration error"
Now this error message is displayed in the console without debug prefix
when running the configuration test (--configtest).
2011-01-18 23:44:07 +01:00
Alexander Barton 8927700b22 Allow "Port = 0" in [Server] blocks
Port number 0 marks remote servers that try to connect to this
daemon, but where this daemon never tries to establis a connection
on its own: only incoming connections are allowed.
2011-01-18 22:45:01 +01:00
Alexander Barton 58a4dae56d conf: fix 'Value of "..." is not a number!' for negative values
Don't use isdigit() function any more, because it only checks the
first character of the variable value and because it doesn't know
about the minus sign which is required e.g. for "Group = -1".
2011-01-18 22:41:27 +01:00
Alexander Barton 914d6a26d8 Don't read MOTD file twice
The MOTD file is read in Read_Config(), so don't read it when handling
the "MotdFile" configuration variable. Instead make sure that it is
initialized properly when (re-)reading the configuration.
2011-01-18 22:01:27 +01:00
Alexander Barton c98e794b38 Add [Features] section to ngircd-test{1|2}.conf
Fix commit 5a34bb203a:
It is not enough to strip the "No" prefix from "Ident" and "PAM",
but we have to introduce the new [Features] section to fix all
warning messages of ngIRCd.

Variables "Ident" and "PAM" in [Global] are completely wrong :-(
2011-01-18 21:39:48 +01:00
Alexander Barton a990bd72ec Enable WHOIS command to return information about services 2011-01-18 21:04:55 +01:00
Alexander Barton 5a34bb203a Update testsuite configuration: strip No... prefixes 2011-01-18 14:28:39 +01:00
Alexander Barton d3ef2239e1 Add connection/socket information to some log messages 2011-01-16 23:24:41 +01:00
Alexander Barton a57748e1a1 Implement channel mode 'O': "IRC operators only"
This channel mode is used on DALnet (bahamut), for example.
2011-01-10 12:15:05 +01:00
Alexander Barton 4a6d44dce2 Remove support for ZeroConf/Bonjour/Rendezvous service registration 2011-01-09 23:51:30 +01:00
Alexander Barton 5ed7a4ea57 TOPIC command: test for channel admin rights correctly
This enables other servers, services and IRC operators to change
channel topics, even when the client is not joined to this channel.

Now the handler for TOPIC behaves like the one for MODE.
2011-01-09 23:08:15 +01:00
Alexander Barton ba32d594fd Channel_CheckAdminRights(): test if client can admin a channel
This generic function tests if a client is allowed to do administrative
tasks to a specific channel:

 - servers and services are always truested ("allowed everything"),
 - channel operators are allowed,
 - IRC operarors are allowed if OperCanUseMode is set in the config.
2011-01-09 22:40:11 +01:00
Florian Westphal 3460c87c58 conf: fix 'unknown section' FEATURES parse error
pointed out by Alex:
ngircd.conf, line 105: Unknown section "[Features]"!
2011-01-09 22:19:17 +01:00
Alexander Barton 02592f912e IRC_TOPIC(): code cleanup 2011-01-09 22:10:30 +01:00
Florian Westphal 1964bda252 conf: move 'run-time-feature-disable' options to new FEATURE section 2011-01-09 19:42:42 +01:00
Florian Westphal 23ce0393b2 array: remove check for allocated == 0
allocated can only be zero if ->mem is NULL.
2011-01-09 19:40:54 +01:00
Florian Westphal 994a003aba array: remove alignment of requested size
libc should know better than us.
Also, this helps debugging with tools like valgrind:
When you allocate an array of size x, and then erronoulsy
use x+1 valgrind cannot detect the bug because due to ALIGN_()
made by array.c we might have allocated more than size x...
2011-01-09 19:28:50 +01:00
Florian Westphal eda2556e09 conf: Warn if PAM=true when ngircd was built without PAM support 2011-01-09 18:17:35 +01:00
Florian Westphal 9402bcaa73 conf: add missing static qualifier
internal helper, so it should be static.

also, add UNUSED to 'Line'.
2011-01-09 17:54:21 +01:00
Alexander Barton 6d11fb1497 Update copyright notices for 2010 :)
And update the NEWS and ChangeLog file as well.
2011-01-09 16:11:12 +01:00
Alexander Barton 28bbd7e27a Make NoZeroConf option work with Howl 2011-01-09 14:31:18 +01:00
Florian Westphal 1dca082fc6 config: deprecate NoXX-Options
ngircd unfortunately uses several options using double-negation, e.g.

NoIdent = No, NoPam = No, etc.

This renames all options by dropping the "No" prefix, e.g.
"NoIdent = no" becomes "Ident = yes".

The old options will continue to work, but will cause a warning
message.

Also update man pages and default config.

To prevent silly
'Ident = yes' from appearing in  --configtest output in the
'ident support not compiled in and Ident Option not used' case,
make default value depend on feature availability.
If feature is available, enable by default, otherwise disable.

We might consider moving these options to a new
[Feature]

section, or something like that, because none of these options are
essential.

Another possible improvement:

'Ident = yes' option in ngircd.conf causes a warning if ngircd was
built without ident support.

This does not happen with e.g. zeroconf....
2011-01-09 13:59:33 +01:00
Florian Westphal 4a5dfcc3ac channel: fix confusing "adding to invite list" debug output
adding entries to ban list produced 'invite list' debug output...
2010-12-31 11:35:40 +01:00
Alexander Barton f37e495a2b Command throttling: introduce MAX_COMMANDS_SERVICE
New MAX_COMMANDS_SERVICE (currently set to MAX_COMMANDS_SERVER[10]),
so that services are handled like servers (and not regular users).
2010-12-29 14:19:51 +01:00
Alexander Barton 21cbf37db5 Don't throttle services and servers beeing registered 2010-12-29 14:12:34 +01:00
Alexander Barton 36d4f6c601 Don't assert() when serching a client for an invalid server token
This is only relevant when a trusted server on a server-server link
sends invalid commands.
2010-12-24 12:48:03 +01:00
Alexander Barton 8ea1c5bb82 --configtest: remember if MOTD is configured by file or phrase
Configuration variables "MotdFile" and "MotdPhrase" are mutually
exclusive; so don't display content in both of them when running
"ngircd --configtest": instead remember which one is beeing used.
2010-12-02 16:51:21 +01:00
Alexander Barton 79ca5fe04d Enhance log messages when establishing server links a little bit 2010-12-02 13:40:08 +01:00
Alexander Barton 60bb40d67a Reset ID of outgoing server link on DNS error correctly
Not resetting the ID prevents the daemon from trying to re-establish
outgoing server links when the DNS resolver failed to resole a hostname.
2010-12-02 13:38:42 +01:00
Alexander Barton 5da98ec389 Don't log critical (or worse) messages to stderr
stderr isn't redirected to the "error file" any more, so there is
no point in trying to log to it ...
2010-12-02 13:36:19 +01:00
Alexander Barton 790fa89e67 Remove "error file" when compiled with debug code enabled
The information written to the "error file" (/tmp/ngircd-<PID>.err) when
ngIRCd is compiled with debug code enabled isn't that usefule, so don't
create this file at all.
2010-12-01 21:22:20 +01:00
Alexander Barton 7321be2ccd New numeric 329: get channel creation time on "MODE #chan" commands 2010-11-11 12:39:49 +01:00
Alexander Barton 9bc5d565bb Save channel creation time; new function Channel_CreationTime() 2010-11-11 12:39:19 +01:00
Alexander Barton d7ad956a06 Fix connect attempts to further IP addresses of outgoing server links
If a hostname resolves to more than one IP address (round-robin DNS,
IPv4 and IPv6) and an attempt to connect to the first address fails,
ngIRCd should try to connect to the 2nd address, 3rd address etc.

But because of a wrong variable used in the call to New_Server(),
the wrong server structure has been used in further connection attemps
which possibly lead to connection attempts to already connected servers.
2010-10-27 21:59:51 +02:00
Alexander Barton 76f40bdb98 Xcode builds ("make xcode"): disable pam_fail_delay()
disable pam_fail_delay() only is available starting with Mac
OS X 10.6; but we use the 10.5 SDK for campatibility, so don't use
this function at all when building using Xcode.
2010-10-26 15:13:24 +02:00
Alexander Barton 0c0cac641d ZeroConf: include header files missing since commit a988bbc86a 2010-10-25 00:17:46 +02:00
Alexander Barton 596bc096b0 Make sourcecode compatible with ansi2knr again
This allows to compile ngIRCd using a pre-ANSI K&R C compiler again:
all source files are automatically converted by the included ansi2knr
program (of GNU automake/autoconf) before compiling them with the
K&R C compiler, but a few coding standards must be met.

Tested on Apple A/UX 3.x.
Regression testing on Linux and Mac OS X.
2010-10-24 21:48:32 +02:00
Alexander Barton f1267ca375 Don't use PARAMS() macro for function implementations
The PARAMS() macro is only needed for function prototypes;
don't use it for the actual implementations.
2010-10-24 13:41:51 +02:00
Alexander Barton 99e08eaced Only try to set FD_CLOEXEC if this flag is defined
A/UX 3.x doesn't implement this constant, for example.
2010-10-19 22:17:12 +02:00
Alexander Barton 5f2bc55d36 Only use "__attribute__ ((unused))" if GCC >=2.8 is used
At least GCC 2.7.2 doesn't support this attribute.
2010-10-19 22:13:48 +02:00
Alexander Barton a988bbc86a New configuration option "NoZeroConf" to disable ZeroConf registration
If ngIRCd is compiled to register its services using ZeroConf (e.g. using
Howl, Avahi or on Mac OS X) this parameter can be used to disable service
registration at runtime.
2010-10-11 16:54:49 +02:00
Alexander Barton ade8902b88 Make sure sighandlers.h is listed in noinst_HEADERS
... because it must be included in the distribution archive :-)
2010-10-05 21:57:01 +02:00
Alexander Barton 3a826b774a const'ify ngt_SyslogFacilityName() function
This fixes the following gcc compiler warning:

tool.c: In function 'ngt_SyslogFacilityName':
tool.c:195: warning: return discards qualifiers from pointer target type
2010-10-05 20:16:35 +02:00
Alexander Barton 5e82a91d13 New configuration option "SyslogFacility"
The new option "SyslogFacility" deines the syslog "facility" to which
ngIRCd should send log messages.

Possible values are system dependant, but most probably "auth", "daemon",
"user" and "local1" through "local7" are possible values; see syslog(3).
Default is "local5" for historical reasons.
2010-09-24 17:39:11 +02:00
Alexander Barton 4943bbb066 New functions ngt_SyslogFacilityName() and ngt_SyslogFacilityID()
These both functions translate syslog facility names to ID numbers
and vice versa. On systems that don't define the facilitynames[] array
in syslog.h, we try to build one ourself.
2010-09-24 16:29:55 +02:00
Alexander Barton e2ba7e08b4 Explicitly cast return value of read(2) to "int"
This fixes the following gcc warning, emitted by Xcode:

src/ngircd/sighandlers.c: In function 'Signal_Callback':
src/ngircd/sighandlers.c:239: warning: implicit conversion shortens 64-bit value into a 32-bit value
2010-09-22 14:15:46 +02:00
Alexander Barton 4a770e8e2d Don't call sigaction() if it is not available on the system 2010-09-22 14:10:09 +02:00
Florian Westphal ba720fcbae Fix signalpipe file descriptor leak on RESTART
Signals_Init() must only be called once.
This does not affect any ngircd release version.

Earlier version of this patch moved the io and sighandler
initialization before the while() loop, but as Alexander
Barton noticed that broke all systems without builtin select
support in io.c...
2010-09-14 23:53:59 +02:00
Alexander Barton b3cfbc3d28 sighandlers.{c|h}: Code cleanup
- declare signals_catch[] array not between the function implementations.
 - rename now local function NGIRCd_Rehash() to Rehash().
 - remove empty and therefore not used "catch SIGHUP; break;".
2010-09-14 00:30:45 +02:00
Alexander Barton 74578890b7 Make sighandlers.{c|h} compatible with ansi2knr 2010-09-14 00:29:34 +02:00
Alexander Barton 3600dc60fc Output connection status when dumping the internal server state 2010-09-14 00:05:31 +02:00
Alexander Barton cd954ee7e9 Reformat "server state" debug messages a little bit 2010-09-14 00:04:04 +02:00
Alexander Barton 355828e64f Enable the daemon to dump its internal state in debug-mode.
This patch allows ngIRCd to dump its internal state (connected clients,
actual configuration) when compiled with --enable-debug. The daemon
catches two more signals:

 - SIGUSR1: toggle debug mode (on/off),
 - SIGUSR2: dump internal state to console/syslog.
2010-09-14 00:02:02 +02:00
Florian Westphal 755f54b150 signalhandlers: add fallback to deprecated sysv API 2010-09-11 11:36:12 +02:00
Florian Westphal ef3dbf96eb remove NGIRCd_SignalRehash
now that the main signal handling is done from the dispatcher
loop we can call NGIRCD_Rehash() directly.

the /REHASH handler can queue the Rehash() function for
execution by sending a SIGHUP.  It will be run when we
return back to the dispatch loop.
2010-09-11 11:36:12 +02:00
Florian Westphal 1fe17e246c Add new 'delayed' signal handlers.
Allows to defer/queue signal processing for execution on the next
event dispatch call, i.e. we can perform any signal action in
normal, non-signal context.

Example uses:
- Reload everything on HUP without writing a global "SIGHUP_received"
  variable
- Dump status of internal Lists on SIGUSR1, etc.
2010-09-11 11:36:12 +02:00
Florian Westphal c135d0dded io: add io_cloexec to set close-on-exec flag. 2010-09-11 11:36:12 +02:00
Florian Westphal 1e281a8baa ng_ipaddr.h: include assert.h
We use assert() in this header, so we should include assert.h.
2010-09-11 11:35:01 +02:00
Alexander Barton 6349ec8bb3 Conn_SyncServerStruct(): test all connections; and work case insensitive
Fix synchronization of established connections and configured server
structures after a configuration update:

 - Not only test servers that already have a connection, but also check
   and update configured servers to which a new connection is beeing
   established (SERVER_WAIT state).

 - And do the server name comparision case-insensitive.
2010-09-08 02:02:01 +02:00
Alexander Barton 8d68fe3f86 Check_Servers(): skip servers already beeing connected
Let CheckServers() not only skip servers that already have a
connection, but also skip servers to which a new connection is
already beeing established (SERVER_WAIT state).
2010-09-08 00:45:23 +02:00
Alexander Barton 4f6c19712e Check_Servers(): Code cleanup 2010-09-08 00:42:57 +02:00
Alexander Barton 04e38f17ae Don't reset My_Connections[Idx].lastping when reading data
This fixes PING-PONG lag calculation (which resulted in "0" before).

The "lastping" time is still reset it if a time shift backwards has
been detected to prevent the daemon from miscalculating ping timeouts.
2010-08-19 15:58:55 +02:00
Alexander Barton 32188d821b write_whoreply(): respect hostname cloaking 2010-08-18 00:01:14 +02:00
Alexander Barton 6f4a348b75 IRC_USERHOST(): respect hostname cloaking 2010-08-17 23:56:36 +02:00
Alexander Barton a51670005f IRC_USERHOST(): Code cleanup & some documentation 2010-08-17 23:55:40 +02:00
Alexander Barton 0263fa4c66 Send_Message(): respect hostname cloaking 2010-08-17 21:16:46 +02:00
Alexander Barton 31ea0f8ee9 IRC_WriteStrClientPrefix() / Get_Prefix(): respect hostname cloaking 2010-08-17 21:14:51 +02:00
Alexander Barton fd4dfccc30 Refactor IRC_WriteStr{Channel|Related}Prefix(); support cloaking
Move common code to new local function Send_Marked_Connections()
and respect hostname cloaking.
2010-08-17 21:11:37 +02:00
Alexander Barton 2a4bf67aac Implement user mode "x": hostname cloaking (closes: #102)
When a client has user mode "x" set, its real hostname is cloaked
by substituting it with the server name (as configured in ngircd.conf).

Restricted clients (user mode "r") aren't allowed to change mode "x".

Please note that hostname cloaking is only in effect in server-client
communication! The server still uses the real hostname for its own
logging and for all server-server communication -- therefore all servers
in the network must support user mode "x" to prevent older servers
from leaking the real hostname of a cloaked client!
2010-08-17 21:05:06 +02:00
Alexander Barton 575485eb82 WHOWAS: respect hostname cloaking
Store cloaked hostname if user mode "x" is set when the client
disconnects from the server.
2010-08-17 21:02:39 +02:00
Alexander Barton 3fd4f320b7 WHOIS: respect hostname cloaking 2010-08-17 21:00:47 +02:00
Alexander Barton 6fdd3479f1 Implement Client_HostnameCloaked() and Client_MaskCloaked()
These two functions return the cloaked hostname, if the client has
enabled hostname cloaking indicated by the -- still to implement --
user mode "x". See furter patches :-)
2010-08-17 20:54:33 +02:00
Alexander Barton 617640e0a3 Clean up an document Client_Hostname() and Client_Mask() 2010-08-17 20:51:14 +02:00
Florian Westphal 056de78e31 ngircd: change MOTD file handling
previously, the given MotdFile file was read whenever a client
requested it.

Change handling to read the MotdFile contents into memory once
during config file parsing.

Two side effects:
- changes to the MOTD file do not have any effect until ngircds
  configuration is reloaded
- MOTD file does no longer have to reside in the chroot directory
  (the MOTD contents will then not be re-read on reload in that case)
2010-08-12 21:46:47 +02:00
Florian Westphal a02bc9cc6f startup: open /dev/null before chroot
before people had to create a /dev/null inside the chroot to make
redirection work.
2010-08-01 00:07:33 +02:00
Alexander Barton 01e40f4b55 Allow IRC ops to change channel modes even without OperServerMode set 2010-07-25 16:44:38 +02:00
Florian Westphal acb66d6463 Allow IRC operators to use MODE command on any channel (closes: #100)
This allows IRC operators to change channel modes of ANY channel,
even without joining these channels first.
2010-07-25 16:18:25 +02:00
Alexander Barton 6ebb31ab35 Remove Proc_Kill(), use timeout to kill child processes
This avoids a race and potentionally killing the wrong process on
systems that use randomized process IDs; now the child itself is
responsible to exit in a timely manner using SIGALRM.
2010-07-14 10:29:05 +02:00
Alexander Barton cf93881dfb New function Conn_CloseAllSockets() to close all open sockets
This is useful in forked child processes, for example, to make sure that
they don't hold connections open that the main process wants to close.
2010-07-14 10:27:55 +02:00
Alexander Barton 560492a4a4 Authenticated users should be registered without the "~" mark 2010-07-13 23:18:54 +02:00
Alexander Barton 9cd3494de9 Don't Proc_Kill() childs after Proc_Read(): done there already. 2010-07-13 22:29:06 +02:00
Alexander Barton 6131822af6 Don't even fork a PAM-subprocess if "NoPAM" option is set 2010-07-13 22:14:53 +02:00
Alexander Barton 57a2faf4a7 Use Proc_GenericSignalHandler() as handler for SIGTERM by default 2010-07-13 22:04:35 +02:00
Alexander Barton 41034950d9 Mark some variables as "unused" to prevent compiler warnings
Some variables are only used when compiling with IDENT or PAM support
or when the debug code is enabled. Mark them as "unused" so that gcc
doesn't generate warnings when neither of these options is enabled.
2010-07-13 16:50:00 +02:00
Alexander Barton 6faf44bc6d Set NoPAM=yes in configuration files used for the testsuite 2010-07-13 16:48:24 +02:00
Alexander Barton f369177617 New configuration option "NoPAM" to disable PAM
When the "NoPAM" configuration option is set and ngIRCd is compiled
with support for PAM, ngIRCd will not call any PAM functions: all
connection attemps without password will succeed instead and all
connection attemps with password will fail.

If ngIRCd is compiled without PAM support, this option is a dummy
option and nothing changes: the global server password will still be
in effect.
2010-07-13 16:47:01 +02:00
Alexander Barton 37ee0a3313 io.c: Include conn.h when using the select() API 2010-07-12 13:24:45 +02:00
Alexander Barton 03457135b7 Use correct preprocessor syntax when testing for PAM and IDENTAUTH 2010-07-12 13:22:48 +02:00
Alexander Barton 28424d013d Make sure signal.h is #include'd when needed 2010-07-12 13:22:19 +02:00
Alexander Barton 808d4f6e85 Implement asynchronous user authentication using PAM
For each client connection a child process is forked which handles the
actual PAM authentication and reports the result back to the master
process using a pipe for communication.

While the PAM authentication is in process the daemon does not block.
2010-07-12 12:56:33 +02:00
Alexander Barton 77870ddf2d Add pam.{c|h} to project and implement PAM_Authenticate() function 2010-07-12 12:53:08 +02:00
Alexander Barton 1995af0ed6 New functions Client_[Set]OrigUser() to get/set user specified by peer
The Client_SetOrigUser() function is used to store the peer-provided
user name (see USER command) in its original form, not changed by
IDENT results, for example.
2010-07-11 17:03:43 +02:00
Alexander Barton 761b2284b9 Detect PAM libraries 2010-07-11 17:01:45 +02:00
Alexander Barton 79be1c477e Refactor Resolve_Read() into generic Proc_Read() function 2010-07-11 16:58:30 +02:00
Alexander Barton 7b5e2fe38e Make Proc_Kill() more fault-tolerant 2010-07-11 16:54:44 +02:00
Alexander Barton bf8b646304 New function Conn_GetProcStat()
Get PROC_STAT sub-process structure of a given connection.
2010-07-11 15:15:23 +02:00
Alexander Barton e4ffcd00bd Code cleanup: don't reset penalty time on DNS resolver result
See commit d4632a727fbee6: it's not necessary any more!
2010-07-11 15:12:17 +02:00
Alexander Barton 4cc4c29e38 New function Proc_GenericSignalHandler() 2010-07-01 00:39:35 +02:00