Commit Graph

2398 Commits

Author SHA1 Message Date
Florian Westphal a02bc9cc6f startup: open /dev/null before chroot
before people had to create a /dev/null inside the chroot to make
redirection work.
2010-08-01 00:07:33 +02:00
Alexander Barton 01e40f4b55 Allow IRC ops to change channel modes even without OperServerMode set 2010-07-25 16:44:38 +02:00
Florian Westphal acb66d6463 Allow IRC operators to use MODE command on any channel (closes: #100)
This allows IRC operators to change channel modes of ANY channel,
even without joining these channels first.
2010-07-25 16:18:25 +02:00
Alexander Barton 63a304755a Added mailmap file for git-[short]log and git-blame 2010-07-25 15:13:50 +02:00
Alexander Barton 6ebb31ab35 Remove Proc_Kill(), use timeout to kill child processes
This avoids a race and potentionally killing the wrong process on
systems that use randomized process IDs; now the child itself is
responsible to exit in a timely manner using SIGALRM.
2010-07-14 10:29:05 +02:00
Alexander Barton cf93881dfb New function Conn_CloseAllSockets() to close all open sockets
This is useful in forked child processes, for example, to make sure that
they don't hold connections open that the main process wants to close.
2010-07-14 10:27:55 +02:00
Alexander Barton 560492a4a4 Authenticated users should be registered without the "~" mark 2010-07-13 23:18:54 +02:00
Alexander Barton 9cd3494de9 Don't Proc_Kill() childs after Proc_Read(): done there already. 2010-07-13 22:29:06 +02:00
Alexander Barton 6131822af6 Don't even fork a PAM-subprocess if "NoPAM" option is set 2010-07-13 22:14:53 +02:00
Alexander Barton 57a2faf4a7 Use Proc_GenericSignalHandler() as handler for SIGTERM by default 2010-07-13 22:04:35 +02:00
Alexander Barton 41034950d9 Mark some variables as "unused" to prevent compiler warnings
Some variables are only used when compiling with IDENT or PAM support
or when the debug code is enabled. Mark them as "unused" so that gcc
doesn't generate warnings when neither of these options is enabled.
2010-07-13 16:50:00 +02:00
Alexander Barton 6faf44bc6d Set NoPAM=yes in configuration files used for the testsuite 2010-07-13 16:48:24 +02:00
Alexander Barton f369177617 New configuration option "NoPAM" to disable PAM
When the "NoPAM" configuration option is set and ngIRCd is compiled
with support for PAM, ngIRCd will not call any PAM functions: all
connection attemps without password will succeed instead and all
connection attemps with password will fail.

If ngIRCd is compiled without PAM support, this option is a dummy
option and nothing changes: the global server password will still be
in effect.
2010-07-13 16:47:01 +02:00
Alexander Barton 37ee0a3313 io.c: Include conn.h when using the select() API 2010-07-12 13:24:45 +02:00
Alexander Barton 03457135b7 Use correct preprocessor syntax when testing for PAM and IDENTAUTH 2010-07-12 13:22:48 +02:00
Alexander Barton 28424d013d Make sure signal.h is #include'd when needed 2010-07-12 13:22:19 +02:00
Alexander Barton 583c50476b Initial documentation for using PAM with ngIRCd 2010-07-12 13:07:07 +02:00
Alexander Barton 808d4f6e85 Implement asynchronous user authentication using PAM
For each client connection a child process is forked which handles the
actual PAM authentication and reports the result back to the master
process using a pipe for communication.

While the PAM authentication is in process the daemon does not block.
2010-07-12 12:56:33 +02:00
Alexander Barton fb4b5acfb8 Add new pam.{c|h} module to Xcode project
Adjust Xcode project and Mac OS X static config.h header to use PAM.
2010-07-12 12:54:01 +02:00
Alexander Barton 77870ddf2d Add pam.{c|h} to project and implement PAM_Authenticate() function 2010-07-12 12:53:08 +02:00
Alexander Barton 1995af0ed6 New functions Client_[Set]OrigUser() to get/set user specified by peer
The Client_SetOrigUser() function is used to store the peer-provided
user name (see USER command) in its original form, not changed by
IDENT results, for example.
2010-07-11 17:03:43 +02:00
Alexander Barton 761b2284b9 Detect PAM libraries 2010-07-11 17:01:45 +02:00
Alexander Barton 79be1c477e Refactor Resolve_Read() into generic Proc_Read() function 2010-07-11 16:58:30 +02:00
Alexander Barton 7b5e2fe38e Make Proc_Kill() more fault-tolerant 2010-07-11 16:54:44 +02:00
Alexander Barton bf8b646304 New function Conn_GetProcStat()
Get PROC_STAT sub-process structure of a given connection.
2010-07-11 15:15:23 +02:00
Alexander Barton e4ffcd00bd Code cleanup: don't reset penalty time on DNS resolver result
See commit d4632a727fbee6: it's not necessary any more!
2010-07-11 15:12:17 +02:00
Alexander Barton 4cc4c29e38 New function Proc_GenericSignalHandler() 2010-07-01 00:39:35 +02:00
Alexander Barton 0db9a31e50 Rename Log_[{Init|Exit}_]Resolver to Log_[{Init|Exit}_]Subprocess
Rename Log_Init_Resolver, Log_Exit_Resolver, and Log_Resolver to
Log_Init_Subprocess, Log_Exit_Subprocess, and Log_Subprocess and
make it more generic thereby.
2010-07-01 00:34:56 +02:00
Alexander Barton 5462c6c50f Don't #include client.h when conn.h/conn-func.h is already included
conn.h and cinn-func.h both already #include client.h, so it is
not needed to do it twice.
2010-06-30 23:49:52 +02:00
Alexander Barton 3d49fa5bff New function Conn_GetFromProc() to get CONN_ID of a subprocess
Get CONN_ID from file descriptor associated to a subprocess structure.
2010-06-29 23:38:39 +02:00
Alexander Barton 2d4ea28835 Resolver: Implement signal handler and catch TERM signal 2010-06-29 22:55:27 +02:00
Alexander Barton d4632a727f Don't set a penalty time when doing DNS lookups
The logic isn't as described in the source and intended by this code:
ngIRCd doesn't wait for the asynchronous resolver process until the set
penalty time is over, but until the forked process terminates or the
initial connection timeout (= PongTimeout) triggers.

So don't set the penalty time at all and remove the wrong comment.
2010-06-29 22:55:27 +02:00
Alexander Barton 60f5dd5b29 Update comments: subprocesses not only can be resolver processes 2010-06-29 22:55:27 +02:00
Alexander Barton 89e73ad4b4 Refactoring: Rename CONNECTION.res_stat to .proc_stat
We want to use this process status variable not only for the
resolver subprocesses but other asynchronous tasks as well;
so let's name it more generic.
2010-06-29 22:55:27 +02:00
Alexander Barton 54e67ea9ee New "module" proc.c/proc.h for generic process handling
The new "module" proc.c is used for functions dealing with child
processes. At the moment, it is only used by the asynchronous resolver.

All the functions already implemented habe been migrated from the
resolver code base, and the rest of the ngIRCd source code has been
adepted to the new namespace and calling conventions.

The goal is to develop "generic" process handling functions that can
be used for other purposes as well, e.g. running processes on client
connects etc.
2010-06-29 22:55:27 +02:00
Alexander Barton cc336b7558 Only #include resolve.h if it is really needed 2010-06-29 22:55:27 +02:00
Alexander Barton ae55d4f500 Fix redundant redeclaration of Conn_Count*() functions
The wrongly placed #endif lead to the following compiler warnings:

conn.h:125: warning: redundant redeclaration of ‘Conn_Count’
conn.h:125: warning: previous declaration of ‘Conn_Count’ was here
conn.h:126: warning: redundant redeclaration of ‘Conn_CountMax’
conn.h:126: warning: previous declaration of ‘Conn_CountMax’ was here
conn.h:127: warning: redundant redeclaration of ‘Conn_CountAccepted’
conn.h:127: warning: previous declaration of ‘Conn_CountAccepted’ was here
2010-06-26 00:45:11 +02:00
Alexander Barton edfa215481 const'ify Conn_WriteStr() function 2010-06-26 00:44:37 +02:00
Alexander Barton c6742192a6 const'ify Send_ListChange() function in irc-mode.c 2010-06-26 00:42:12 +02:00
Alexander Barton 0c0d4af55a const'ify IRC_WriteStrXXX() and Get_Prefix() functions 2010-06-26 00:38:20 +02:00
Alexander Barton 8605e9c0fe const'ify command name variable in _COMMAND strcuture 2010-06-26 00:37:06 +02:00
Alexander Barton a68103771c const'ify Client_TypeText() 2010-06-26 00:31:08 +02:00
Alexander Barton 8ad1c23ae4 Add some documentation for using BOPM with ngIRCd 2010-06-25 15:19:39 +02:00
Alexander Barton f76e0a1db6 Implement user mode "c": receive connect/disconnect NOTICEs
Users having the user mode "c" set receive NOTICE messages on each
new client connection to the local server as well as disconnects.
Only IRC operators (users having the mode "o" set) are allowed to
set the 'c' user mode.

These connect/disconnect messages can be useful for open proxy
scanners -- BOPM (http://wiki.blitzed.org/BOPM) is now functional
with ngIRCd, for example.
2010-06-25 00:33:01 +02:00
Alexander Barton 51ed742054 Refactor Wall_ServerNotice() into more generic Log_ServerNotice()
Log_ServerNotice() sends a messages to all users having a given
user mode set.
2010-06-25 00:33:00 +02:00
Alexander Barton 60eac5e952 New function Conn_IPA(): get client IP address as string 2010-06-25 00:33:00 +02:00
Alexander Barton 139d6303e7 ngircd.init: require $network $remote_fs when stopping ngircd 2010-06-25 00:10:56 +02:00
Neale Pickett 28f8b50174 Show SSL status in WHOIS, numeric 275
"I've been wanting this for years and finally took the 5 minutes to
patch it in. I took the response code (275) from whatever's running
OFTC's IRC network."
  -- Neale Pickett <neale@woozle.org>, Fri, 11 Jun 2010 17:32:41 -0500

(OFTC is running Hybrid ircd.)
2010-06-23 11:00:09 +02:00
Alexander Barton e2930f3f5e Include correct header files when testing for arpa/inet.h (Closes: #105)
Tested on OpenBSD 4.7, OpenBSD 4.1, FreeBSD 8, Linux and Mac OS X.
Thanks to rck <dev.rck@gmail.com> for reporting and testing!
2010-06-09 12:03:08 +02:00
Florian Westphal 059e707249 Revert "configure: make implicit declarations fatal"
This reverts commit b3a6c33da0b12ba74dc395979b677813d4bc2c0f.

apparently not all gcc versions support this 8-(
2010-06-09 12:03:00 +02:00