Commit Briefs
ngIRCd Release 26.1 (origin/master, tags/rel-26.1)
Update config.guess and config.sub to recent versions
- config.guess: 2020-12-22 - config.sub: 2020-12-22
Update Platforms.txt
- Add aarch64/apple/darwin (Apple CLang 12.0.0) - Add x86_64/unknown/openbsd6.7 (gcc 4.2.1) Thanks to Götz Hoffart <goetz@hoffart.de>
2021! :-)
Happy new year!
Explicitely cast Conf_MaxPenaltyTime (time_t) to "long"
This fixes the following compiler warning, for example on OpenBSD: conf.c: In function 'Conf_Test': conf.c:391: warning: format '%ld' expects type 'long int', but argument 2 has type 'time_t' Thanks to Götz Hoffart for reporting this!
Don't set AI_ADDRCONFIG, even when it exists
Basically, the issue described in #281 is that the test suite uses the IPv4 address 127.0.0.1 on an IPv6-only host. But this is the "safest" thing to do in (almost) all other setups: relaying on DNS host names makes things even more complex, as different systems map 127.0.0.1 differently (including the reverse lookup; that's why we switched to 127.0.0.1 back in 2014, see commit 3f807e10457). But with AI_ADDRCONFIG set, on an IPv6-only host, we prevent 127.0.0.1 to get translated properly, even when the loopback interface has this address configured! So don't set it any more. The drawback is that the resolver possibly returns more addresses now, even of an unsupported/not connected address family; but this shouldn't do much harm in practice, as ngIRCd iterates over all returned addresses while trying to establish an outgoing connection. Closes #281.
Revert "Show allowed channel types in ISUPPORT(005) numeric only"
The ISUPPORT(005) numeric lists only channel prefixes which are listed in the "AllowedChannelTypes" configuration option. And if this is the empty string ("") for example, this now results in IRC clients assuming "oh, no channel prefix characters at all, so no channels at all, so no PRIVMSG can go to any channel" -- which is not the case when there are pre-defined channel set up or other servers still having channels! So "allowed channel types" != "supported channel types", and we always have to list all supported ones in the ISUPPORT(005) numeric! This reverts commit 4b7e8db418340576c95f1edad8470b66d6fe886d. Closes #285.
Test suite: Wait 2 seconds after reloading the daemon
On reload, all listening ports are closed, configuration updated, and then opened again. Which leads to subsequent tests running while the daemon isn't listening on any ports, and that's why the tests fail. The "proper" way whould be to loop and check for open ports, but waiting is what the start-server.sh script does right now, so stick with this in reload-server.sh for now as well. This fixes the issue, at least on my RaspberryPi ... Closes #280.
Update Platforms.txt
- Update powerpc/apple/darwin8.11.0 (gcc 4.0.1) - Add x86_64/apple/darwin19.6.0 (Apple clang 12.0.0) - Add x86_64/unknown/freebsd12.1 (FreeBSD clang 8.0.1) - Update x86_64/pc/linux-gnu (gcc 8.3.0) - Add x86_64/unknown/netbsd9.0 (gcc 7.4.0) - Add x86_64/unknown/openbsd6.6 (gcc 4.2.1) - Add x86_64/unknown/openbsd6.6 (OpenBSD clang 8.0.1) Thanks to Götz Hoffart <goetz@hoffart.de> for the PowerPC test!
Fixed Atheme Links
.org and not .net
ngIRCd Release 26 (tags/rel-26)
ngIRCd Release 26~rc2 (tags/rel-26-rc2)
Don't send invalid CHANINFO commands when no key is set
It can happen that a channel is +k, but no key is set: for example by misconfiguring a pre-defined channel. In this case, ngIRCd sent an invalud CHANINFO command ("CHANINFO #test +Pk 0 :'", note the unset key represented by the two spaces) to its peers. Fix this and enhance the CHANINFO documentation.
Update description texts
Bring them in line with the updated texts on the homepage.
IRC_SERVER: Make sure that the client sent a prefix
The SERVER command is only valid with a prefix when received from other servers, so make sure that there is one and disconnect the peer if not (instead of crashing ...). This obsoletes PR #275. Thanks Hilko Bengen (hillu) for finding & reporting this as well for the patch & pull request! But I think this is the "more correct" fix.
Enhance debug logging for PONG commands
Distinguish between expected and unexpected PONG commands.
Fix PING-PONG handling when processing backlog in read buffers
Prior to this commit, the PONG wasn't registered correctly, becauuse the "last ping" time was set to time(NULL), which could be bigger than the "last data" time stamp, for example when handling the read buffer took more than 1 second -- and this resulted in the PONG time out kicking in effectively disconnecting a newly linked server for example, because ngIRCd thought it was still waiting for a PONG: last data < last ping. Now the "last ping" value has three possible values: 0: new connection, no PING, no PONG so far. 1: got a PONG, no longer waiting for a PONG. <t>: time stamp of last sent out PING command.
Revert "Set the "last data" time to "last ping" time when updating the latter"
This patch completely broke the PING-PONG logic: now ngIRCd never disconnects any stale peers but keeps sending out PINGs over and over again ... The real issue (server disconnects right after connect) will be fixed in the next commit, but let's revert to the somewhat "half-broken but 'known' state" first ... This reverts commit 79a917f954bef8089967786bd3597a6e5ff5c336.
testsuite: Add missing files to EXTRA_DIST
26~rc1 as extracted from tarball cannot be built/tested with SSL support because of a missing script and certificates.
ngIRCd Release 26~rc1 (tags/rel-26-rc1)
Update config.guess and config.sub to recent versions
- config.guess: 2020-04-26 - config.sub: 2020-05-04 And set both scripts +x, they are executable.
Allow more characters per line in MOTD and help text files
Change the line buffer in the Read_TextFile() function from 127 to COMMAND_LEN (=512) bytes. Lines can't even get that long, because they have to be prefixed before being sent to the client, so this is a sane maximum. This allows for even more "fancy" and "wider" MOTDs :-) Closes #271.
Show allowed channel types in ISUPPORT(005) numeric only
Don't show the static list of all possibly available channel types ... Closes #273.
Platforms.txt: Add x86_64/apple/darwin19.0.0
- Add x86_64/apple/darwin19.0.0 (Apple clang 11.0)
Update Platforms.txt
- Update powerpc/apple/darwin8.11.0 (gcc 4.0.1) - Add mips/sgi/irix6.5 (SGI C compiler) - Add mipsel/unknown/netbsd8.0 (gcc 5.5.0) Thanks to Götz Hoffart <goetz@hoffart.de>!
SSL test server: Use port 6790, like "test server #2"
Don't use the "standard" IRC SSL port 6697, as this easily collides with real (ng)IRCd instances running on the same machine. And by reusing port 6790, which is already used by the "test server #2", we don't need any other port than the test suite already uses.
Merge pull request #269 from hillu/gnutls-reload-cert
Add support for GnuTLS certificate reload. Thanks a lot, Hilko Bengen!
Update Client_SetHostname() to not use strpbrk()
Not sure about the portability of strpbrk() in really ancient OS, and this was the only place where it became used recently in ngIRCd ... So let's play it safe! ;-)
GnuTLS: Eliminate memory leaks for DH parameters, priorities cache
The DH parameters reference has to be stored next to the x509_cred which holds a reference to it.
Don't wait for the network when read buffers possibly hold commands
There is no point in waiting up to one second for the network receiving new data when there is still a read buffer holding at least one command; we shouldn't waste time but handle it immediately!
Add support for GnuTLS certificate reload
This requires keeping track of currently active certificates, so those are stored separately, along with a reference counter, and discarded when they are no longer in use.
Handle commands in the read buffer before reading more data
If there are more bytes in the read buffer already than a single valid IRC command can get long (513 bytes, COMMAND_LEN), wait for this/those command(s) to be handled first and don't try to read even more data from the network (which most probably would overflow the read buffer of this connection soon).
Update documentation to reflect "[Channel]->Modes" changes
No longer mention "[Channel]->Key" and "[Channel]->MaxUsers".
Read_Request(): Clean up code and add some more comments
No functional changes.
Convert INSTALL and README files to Markdown
This requires some changes to the build system, for example to comply with the expectations of the GNU autoconf/automake tools ...
Revert "Increase read buffer size for server connections"
This reverts commit c6e3c13f27744971fcb1d2de4e561d3bcdaa5aed. This sounded like the right approach at first, but I'm not that sure that it really makes sense to have different sizes of read buffers: the per-connection read buffer only needs to keep data that is needed to parse one full command, be it plain text, encrypted and/or compressed. Then ngIRCd should handle this one command, move leftover data to the beginning of the buffer and read the next chunk from the network that is missing to get the next complete command (512 bytes at max). So I revert this for now and try to fix the logic in Read_Request(), which is broken nevertheless, as it results in servers becoming disconnected during "server burst" when "big" lists are transferred.
Correctly use Config_Error() instead of Log() in Read_Config()
The name of the Config_Error() function is misleading: it is not only used to show configuraton errors, but all messages shown during normal operation as well as for "config testing": it takes care of the correct formatting of the messages (syslog, forground logging, config testing). This fixes commit bb1d014abad8.
Predefined channles: Fix handling of legacy configuration options
Fix the handling of legacy "Key" and "MaxUsers" [Channel] settings: - Activate them before evaluating the "Modes" parameter, to allow the latter to override those legacy options. - Enforce setting the respective +k/+l mode(s) to support the legacy "Mode = kl" notation, which was valid but is an invalid MODE string: key and limit are missing! So set them manually when "k" or "l" are detected in the first MODE parameter. - Sort modes +kl alphabetically, adjust test suite accordingly.
Log G-/K-Line changes only when not initiated by a server
This prevents the log from becomming spammed during "net bursts".
Set the "last data" time to "last ping" time when updating the latter
This is required because the PING can be received quite a bit earlier than it is actually handled, for example during "server burst" or other heavy operations: So the times won't match and PING-PONG logic would become garbled, because we test for "last ping > last data" to determine if a PING already was sent or not.
Evaluate initial channel modes
Allow setting arbitrary channel modes in the config file. Closes #55.
Makefile.am: Replace make with ${MAKE} (#270)
Fixes warnings such as: "warning: jobserver unavailable: using -j1. Add `+' to parent make rule." Signed-off-by: Sam James (sam_c) <sam@cmpct.info>
Add "FNC" (forced nick changes) to ISUPPORT(005) numeric
Most probably this doesn't make any difference to any client, but it seems correct. See <http://www.irc.org/tech_docs/005.html> for details.
Fix memory leak in portabtest Check_strtok_r()
Fix the following Clang "LeakSanitizer" error (which isn't quite relevant in this test program, but anyway): ERROR: LeakSanitizer: detected memory leaks Direct leak of 7 byte(s) in 1 object(s) allocated from: #0 0x7f8c4d022810 in strdup (/lib/x86_64-linux-gnu/libasan.so.5+0x3a810) #1 0x5601a801491a in Check_strtok_r (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x291a) #2 0x5601a8014d77 in main (/net/arthur/home/alex/Develop/ngIRCd/ngIRCd.git/src/portab/portabtest+0x2d77) #3 0x7f8c4c69009a in __libc_start_main ../csu/libc-start.c:308 SUMMARY: AddressSanitizer: 7 byte(s) leaked in 1 allocation(s). FAIL: portabtest
contrib/nglog.sh: Use bash(1) as interpreter
bash(1) is required to handle the forking and output redirection connectly, sh(1) -- at least dash(1) on Debian -- fails ... This fixes the last commit, 14777c18c.
Remove outdated OpenBSD/NetBSD systrace.policy
Systrace was removed from OpenBSD and NetBSD, so remove this (old and outdated?) configuration file from the ./contrib directory. See <https://en.wikipedia.org/wiki/Systrace>. Thanks to "michi" for pointing this out on #ngircd!
Enhance handling of command line errors, and "--help" & "--version"
Return with exit code 0 ("no error") when "--help" or "--version" was used (this resulted in exit code 1, "error" before). And exit with code 2 ("command line error") for all invalid command line options, and show the error message on stderr (message was printed to stdout before, and exit code was 1, "generic error"). This new behaviour is more in line with the GNU "coding standards", see <https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html>.
Remove legacy configuration options
Remove legacy configuration options and related functions that have been marked for removal for some time: - PredefChannelsOnly (v22) - NoticeAuth (v24) - NoXXX (v19) - Old '[GLOBAL]' section handling (v19)
Fix and update Xcode project
- Reference correct contrib/Makefile.am file - Correctly sort contrib/nglog.sh - Add "ORGANIZATIONNAME" setting
Increase read buffer size for server connections
This applies the same logic we have for write buffers to distinguish between server and client connections and sets the maximum buffer size accordingly. As a result peering with servers with many GLINE/KLINEs does not kill the connecting server connection anymore.
Fix recursion bug on write error
Depending on the stack size, too many clients on the same channel quitting at the same time would trigger a crash due to too many recursive calls to Conn_Close().
contrib/ngindent.sh: Enhance and rename script
Add more GNU indent options for better results, and add the ".sh" suffix to bring this script in line with the others in the contrib/ folder.
Update install documentation: libgnutls-dev
According https://packages.debian.org/search?keywords=libgnutls28-dev in Ubuntu and Debian libgnutls-dev package name is libgnutls28-dev Closes #264. Thanks Windree!
Add simple log colorization script: ./contrib/nglog.sh
This script parses the log output of ngircd(8), and colorizes the messages accoring to their log level. Example usage: ngircd -f $PWD/doc/sample-ngircd.conf -np | ./contrib/nglog.sh
Fix hostmask cloaking bug, don't cloak multiple times
Previously, each server would cloak every user's hostmask. The problem is that if a network has more than one server, then a user's hostmask would get cloaked twice. This patch ensures that a server only cloaks the hostmask if it has not yet been cloaked (the period indicates it's still an IP address). Closes #228.
Fix some typos (documentation files, ngircd.conf manual page, ...)
Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!
Make sure HAVE_LIBSSL is defined, even when using pkg-config
Without this, the configure script assumes and states that OpenSSL will be used, but the code won't include support for it because there we use the "HAVE_LIBSSL" define to test for it ("#ifdef HAVE_LIBSSL"). So define the latter when pkg-config(1) is used, too. This fixes #257, a regression introduced by commit ad86a41ee :-/
Enlage buffers of info texts to 128 bytes.
This includes: - "Real name" of a client (4th filed of the USER command). - Server info text ("Info" configuration option). - Admin info texts and email address ("AdminInfo1", "AdminInfo2" and "AdminEmail" configuration options). - Network name ("Network" configuration option). The limit was 64 bytes before ... Closes #258.
Streamline handling of invalid and unset server name
Don't exit during runtime (REHASH command, HUP signal), because the server name can't be changed in this case anyway and the new invalid name will be ignored.
Fix and extend documentation a little bit
- Fix syntax of LINKS amd LIST commands. - Whitespace and spelling fixes. - Add some more information about IRCv3 support.
Slightly reoder startup steps, and enhance logging
- Show name of configuration file at the beginning of start up. - Add a message when ngIRCd is ready, including its host name. - Show name of configuration file on REHASH (SIGHUP), too. - Change level of "done message" to NOTICE, like "starting" & "ready". - Initialize IO functions before channels, connections, clients, ...
configure.ng: use pkg-config to find PpenSSL dependencies
OpenSSL can depends on lz or latomic so use pkg-config to find those dependencies and fallback to existing mechanism. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Closes #256.
ngIRCd Release 25 (tags/rel-25)
Platforms.txt: Add and update systems
- Update x86_64/apple/darwin16.5.0 (Apple clang 8.1) - Add x86_64/apple/darwin17.7.0 (Apple clang 10.0) - Add x86_64/apple/darwin18.2.0 (Apple clang 10.0) - Add x86_64/unknown/haiku (gcc 7.3) - Update x86_64/pc/linux-gnu (gcc 6.3.0)
Fix documentation of MotdPhrase length (#254)
The max length is actually 126 (< 127), since the check errors out if length >= 127. See <https://github.com/ngircd/ngircd/blob/master/src/ngircd/conf.c#L1487>. I didn't look through the history to see when the change happened. I just happened to find during a migration that my 140 character MOTD didn't work. Update sample configuration file as well as the man page.
Implement new configuration option "MaxPenaltyTime" (#251)
This option configures the maximum penalty time increase in seconds, per penalty event. Set to -1 for no limit (the default), 0 to disable penalties altogether. ngIRCd doesn't use penalty increases higher than 2 seconds during normal operation, so values higher than 1 rarely make sense. Disabling (or reducing) penalties can greatly speed up "make check" runs for example, see below, but are mostly a debugging feature and normally not meant to be used on production systems! Some example timings running "make check" from my macOS workstation: - MaxPenaltyTime not set: 4:41,79s - "MaxPenaltyTime = 1": 3:14,71s - "MaxPenaltyTime = 0": 25,46s Closes #249.
Fix some compiler warnings of Apple Xcode/Clang
For example: * src/ngircd/irc-login.c:102:21: Implicit conversion loses integer precision: 'int' to 'char' * src/ngircd/conn.c:1084:9: Implicit conversion turns floating-point number into integer: 'double' to 'bool' * src/tool/tool.c:85:10: Implicit conversion loses integer precision: 'int' to 'char'
Fix typos/errors/... in file comments
Found by Xcode/Clang code analyzer. No functional changes.
Update doc/Protocol.txt for IRCv3 WEBIRC extension
See commit d0f9d3d92.
Allow a 5th parameter in WEBIRC
According to an IRCv3 extension, the 5th parameter can be used for extra flags that are fine to ignore for now, but limiting WEBIRC params to 4 causes a syntax error. See https://github.com/ircv3/ircv3-ideas/issues/12 for more information. This closes #247.
Platforms.txt: Add and update systems
- Update x86_64/unknown/freebsd10.0 (FreeBSD clang 3.3) - Add x86_64/unknown/freebsd10.3 (FreeBSD clang 3.4) - Update i386/pc/solaris2.11 (gcc 4.8.2) - Add mipsel/openwrt/linux-uclibc (gcc 4.8) [cross-compiler] - Add x86_64/pc/linux-gnu (gcc 5.4.0) [Win10/WSL] - Platforms.txt: Update "pre-ANSI compiler" foot note. Thanks to Götz Hoffart <goetz@hoffart.de>!
ngIRCd Release 25~rc1 (tags/rel-25-rc1)
Update config.guess and config.sub to recent versions
- config.guess: 2018-03-08 - config.sub: 2018-03-08
Correctly retry outgoing conenctions when forking a resolver failed
When ngIRCd failed to spawn a new resolver subprocess, the connection structure was still marked as "SERVER_WAIT", and no new attempt to connect to this server was made. Thanks to Robert Obermeier for reporting this bug! Closes #243.
Fix use-after-free while handling ERROR during client login
This patch fixes a "use after free" bug which is hit while processing ERROR commands while a new client is logging into the server, which leads to only the CLIENT structure becoming freed, but not the CONNECTION structure, too. And this leads to the daemon accessing the already freed CLIENT structure later on ... So now IRC_ERROR() uses the correct function Conn_Close() to correctly free both structures. The CONNECTION structure is cleaned up later on, and the freed CLIENT structure can't be overwritten during normal operations, therefore this bug normally can't crash (DoS) the service -- but you can easily hit it when using the GCC option "-fsanitize=address", or run ngIRCd with Valgrind. Thanks a lot to Joseph Bisch <joseph.bisch@gmail.com> for discovering and reporting this issue!
Only send TOPIC updates to a channel when the topic actually changed
This prevents the channel from becoming flooded by unecessary TOPIC update messages, that can happen when IRC services try to enforce a certain topic but which is already set (at least on the local server), for example. Therefore still forward it to all servers, but don't inform local clients (still update setter and timestamp information, though!)
Update Xcode project for latest Xcode version (9.2)
This includes adding missing and deleting obsolete file references.
User mode "C": Allow messages from servers, services, and IRC Ops
Update user mode "C" handling ("Only users that share a channel are allowed to send messages") to behave like user mode "b" ("block private messages and notices") and therefore allow messages from servers, services, and IRC Operators, too. Change proposed by "wowaname" in #ngircd, thanks!
Fix compiler warning in ForwardLookup()
When compiling without "working getaddrinfo()", the "af" parameter of ForwardLookup() is unused by that function. Mark it as such! This prevents the following compiler warning: resolve.c:235:56: warning: unused parameter ‘af’ [-Wunused-parameter]
Fix compiler warning in Option_String()
When compiling ngIRCd without support for SSL and without support for ZLIB, gcc outputs the following warning: irc.c:493:9: warning: variable ‘options’ set but not used [-Wunused-but-set-variable] Fix it by providing a dummy function in this case.
Fix Get_Error() usage, take II
This should fix the following compiler warning: resolve.c:113:1: warning: ‘Get_Error’ defined but not used [-Wunused-function] Which can happen, because the logic of commit 543f44bf isn't sufficient: Get_Error() is only used when neither HAVE_WORKING_GETADDRINFO nor HAVE_GETNAMEINFO are set ... Enhances 543f44bf. Closes #241.
Allow IRC Ops and remote servers to KILL service clients (#242)
In the end, service clients behave like regular users, therefore IRC operators and servers should be able to KILL them: for example to resolve nick collisions. This is related to #238.
Don't forward KILLs to other servers if they've been blocked locally
This prevents clients from killing IRC services, for example. Closes #238. Closes #239.
Merge pull request #240 from bkuhls/fix_Get_Error
Fix Get_Error usage
Fix Get_error usage
The usage of Get_Error is guarded by "ifdef h_errno" in this file, the definition of this function should follow the same rules. Fixes a build error when cross-compiling: https://github.com/ngircd/ngircd/issues/223
Update HowToRelease.txt
- Freshmeat is no more, and - GitHub issues doesn't allow us to configure "releases".
ngIRCd Release 24 (tags/rel-24)
Platforms.txt: Add and update systems
- Update i386/unknown/freebsd7.3 (gcc 4.2.1) - Update i386/unknown/netbsdelf4.0 (gcc 4.1.2) - Update x86_64/apple/darwin16.3.0 (Apple clang 8.0) - Update x86_64/unknown/freebsd8.4 (gcc 4.2.1) - Update x86_64/pc/linux-gnu (gcc 4.4.5) - Update x86_64/pc/linux-gnu (gcc 4.8.4) - Update x86_64/pc/linux-gnu (gcc 4.9.2) - Update x86_64/pc/linux-gnu (gcc 6.2.1) - Add x86_64/pc/linux-gnu (gcc 6.3.1)
Update config.guess and config.sub to recent versions
- config.guess: 2016-10-02 - config.sub: 2016-11-04
Build Debian packages with OpenSSL instead of GnuTLS
OpenSSL allows to reload used certificates on runtime for example (which is very useful when using Let's Encrypt), and therefore is preferred ...
Fix handling of connection pool allocation and enlargement
The daemon only enlarged its connection pool when accepting new client connections, not when establishing new outgoing server links. Thanks to Lukas Braun (k00mi) for reporting this! In addition this patch streamlines the connection pool allocation, so that there is only one place in the code allocating the pool: the now updated Socket2Index() function. The name doesn't quite fit, but this existing and today quite useless function (because the mapping from socket number to connection index is 1:1 today) already became called in almost all relevant code paths, so I decided to reuse it to keep the patch small ...probably we want to fix the naming in a second patch? Closes #231.
ngIRCd Release 24~rc1 (tags/rel-24-rc1)
ngircd.conf.5.tmpl: Fix spelling
Thanks to Christoph Biedl.
Platforms.txt: Add and update systems
- Add x86_64/apple/darwin16.3.0 (Apple clang 8.0) - Update x86_64/pc/linux-gnu (gcc 4.9.2) - Add x86_64/pc/linux-gnu (gcc 6.2.1.)
Further enhance systemd unit file
- Add more comments/documentation. - Add dependencies for services and proxy scanners. - Add more limit configurations. - Allow AF_UNIX address family, required for syslog!
Enhance systemd service file
- Add homepage :-) - Remote CAP_SETUID and CAP_SETGID from CapabilityBoundingSet: This is nor needed, because the unit already sets User=irc and Group=irc. - Add RestrictAddressFamilies, and restrict it to AF_INET and AF_INET6. - Read in the Debian "default files", but note: only PARAMS is supported!
Update Debian package
- Update debhelper compatibility to version 9. - Update build-dependencies. - Change group of ngircd.conf to "irc" in postinst script (this makes starting ngIRCd as user "irc" easier, for example when using systemd). - Don't create /var/run/ircd during installation: this is handled by the SysV init script and the systemd service already.
Immediately shut down connection on receiving ERROR
Don't wait for the peer to close the connection. This allows us to forward the ERROR mesage in the network, instead of the very generic "client closed connection" message.
List expiration: use same log level as when setting
And log this event to the &SERVER channel, too.
G-LINES: Forbid remote modifications if "AllowRemoteOper" is not set
Explicitely forbid remote servers to modify "x-lines" (G-LINES) when the "AllowRemoteOper" configuration option isn't set, even when the command seems to originate from the remote server itself: this prevents GLINE's to become set during server handshake in this case (what wouldn't be possible during regular runtime when a remote IRC Op sends the command) and what can't be undone by IRC Ops later on (because of the missing "AllowRemoteOper" option) ...
Fix building ngIRCd with OpenSSL 1.1
At the moment, ngIRCd fails to build against OpenSSL 1.1 since the configure check probes for the SSL_library_init symbol which was removed, but probing for a different function availabe in both versions solves that problem: SSL_new(). And as SSL_library_init is no longer needed, the patch boils down to probing SSL_new to assert libssl is available, and disabling the SSL_library_init invokation from OpenSSL 1.1 on, see also another application[1] (NSCA-ng) that did pretty much the same. Patch was compile-tested on both Debian jessie (OpenSSL 1.0.2) and stretch (OpenSSL 1.1). [1] <https://www.nsca-ng.org/cgi-bin/repository/nsca-ng/commit/?id=8afc22031ff174f02caad4afc83fa5dff2c29f8a> (Patch by Christoph, commit message cherry-picked from the email thread on the mailing list by Alex. Thanks!)
gcc 6.2 warnings: fix code indentation
This fixes the following correct -Wmisleading-indentation warning messages of gcc 6.2: irc-write.c: In function ‘IRC_SendWallops’: irc-write.c:521:4: warning: this ‘if’ clause does not guard... irc-write.c:524:5: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘if’ irc-write.c:526:4: warning: this ‘if’ clause does not guard... [] irc-write.c:529:5: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘if’ irc-info.c: In function ‘IRC_STATS’: irc-info.c:895:3: warning: this ‘else’ clause does not guard... irc-info.c:897:4: note: ...this statement, but the latter is misleadingly indented as if it is guarded by the ‘else’ No functional changes, the code has been correct, but the indentation was wrong ...
Update config.guess and config.sub to recent versions
- config.guess: 2016-04-02 - config.sub: 2016-03-30
Platforms.txt: Update systems
- Update x86_64/apple/darwin15.6.0 (Apple clang 8.0) - Update x86_64/unknown/linux-gnu (gcc 4.9.2) - Update i386/pc/solaris2.11 (gcc 4.8.2), tests have been run both on Solaris 11.2 and Solaris 11.3 successfully, but the system identifier is the same ... Thanks to Götz Hoffart <goetz@hoffart.de>!
autogen.sh, ngindent, platformtest.sh: Fix warnings of "shellcheck"
- SC2006: Use $(..) instead of legacy `..`. - SC2015: Note that A && B || C is not if-then-else. C may run when A is true. - SC2086: Double quote to prevent globbing and word splitting. - SC2166: Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.
Make sure that SYSCONFDIR is always set
This is useful when ./configure hasn't been run but some source code linters are run in an editor, for example.
Add "PAMServiceName" configuration option
This setting allows to run multiple ngIRCd instances with separate PAM configurations on each instance. If one sets it to ngircd-foo, PAM will use /etc/pam.d/ngircd-foo instead of the default /etc/pam.d/ngircd. Thanks to "somechris" for the patch & pull request! Closes #226.
Add PAMServiceName setting to specify the used PAM configuration
This setting allows to run multiple ngIRCd instances with PAM configurations on each instance. If one sets it to "ngircd-foo", PAM will use `/etc/pam.d/ngircd-foo` instead of the default `/etc/pam.d/ngircd`.
Platforms.txt: Remove x86_64/unknown/linux-gnu, tcc 0.9.25
This combination had been successfully tested with ngIRCd 21, but after further investigation didn't build correctly: it seems as if tcc fails to correctly link external libraries (e. g. ngipaddr). Astonishingly the test suite passed nevertheless, with garbled output, but without the daemon crashing!? When using tcc with ngIRCd 23 (and current master), the test suite fails completely because the daemon crashes ... (which actually is good!)
Platforms.txt: Add systems
- Add armv7l/unk./linux-gnueabihf (gcc 4.9.2) - Add x86_64/unknown/linux-gnu (icc 16)
Travis-CI: use "container-based infrastructure"
See <https://docs.travis-ci.com/user/migrating-from-legacy/> for details.
platformtest.sh: Delete ngIRCd binary before test run
This ensures that we definitely don't test an old binary later on ...
platformtest.sh: Only show "runs=Y" when test suite succeeded
Display "?" in the "runs" colum when the simple "run test" succeeded but the test suite failed. And display a message to double check the actual status, because it is somewhat unclear, if the daemon actually "works" or not in this case.
Platforms.txt: Add and update systems
- Add i386/pc/minix (clang 3.4) - Update i686/pc/cygwin (gcc 4.9.3) - Add x86_64/apple/darwin15.2.0 (Apple clang 7.0)
Send_Message: Fix handling of "empty" targets
Clients can specify multiple targets for the "PRIVMSG", "NOTICE", and "SQUERY" commands, separated by commas (e. g. "PRIVMSG a,#b,c :text"). Since commit 49ab79d0 ("Limit the number of message targes, and suppress duplicates"), ngIRCd crashed when the client sent the separator character only as target(s), e. g. "," or ",,,," etc.! This patch fixes the bug and adds a test case for this issue. Thanks to Florian Westphal <fw@strlen.de> for spotting the issue!
Platforms.txt: Add and update systems
- Update i586/pc/interix3.5 (gcc 3.3) - Add i686/pc/linux-gnu (gcc 2.6.3) - Add i686/pc/linux-gnu (gcc 2.95.2) Thanks to Götz Hoffart <goetz@hoffart.de>!
platformtest.sh: Use $LOGNAME instead of $USER
LOGNAME is more standard than USER.
Limit the number of message targes, and suppress duplicates
This prevents an user from flooding the server using commands like this: PRIVMSG nick1,nick1,nick1,... Duplicate targets are suppressed silently (channels and clients). In addition, the maximum number of targets per PRIVMSG/NOTICE/... command are limited to MAX_HNDL_TARGETS (25). If there are more, the daemon sends the new 407 (ERR_TOOMANYTARGETS_MSG) numeric, containing the first target that hasn't been handled any more. Closes #187.
Enahnce comments for Send_Message() and Send_Message_Mask()
No functional changes.
Get rid of unclever assert() in Send_Message_Mask()
Either we use assert() to _guarantee_ a certain condition, or we use if(...) to test for it. But never both. So get rid of the assert() in Send_Message_Mask() and handle the case that the target mask doesn't contain a dot (".") as regular error, don't require the caller to assure that any more. This polishes commit 5a312824. Please note: The test in Send_Message() is still _required_ to detect whether the target is a channel (no dot) or a "target mask" (at least one dot)!
Test suite: Add new test for server-server logins
This test detects the recent NJOIN breakage, for example ...
Fix NJOIN handler killing all clients
This bug has been introduced by commit 1e386fb7ac which had the logic reversed :-( Reported by "ninguno" in #ngircd, thanks a lot!
Platforms.txt: Add and update systems
- Update i386/unknown/openbsd3.5 (gcc 2.95.3) - Update i686/pc/linux-gnu (gcc 2.7.2.1) - Add x86_64/unknown/linux-gnu (gcc 5.3.0) Thanks to Götz Hoffart <goetz@hoffart.de>!
Make NJOIN handler more fault-tolerant
Don't crash the daemon when the NJOIN handler can't join the new client to a channel (when the Channel_Join() function failed) but try to KILL this client -- which is the only possible reaction besides crashing: otherwise the network would get out of sync.
IRC_KillClient(): Don't break when called without "Client"
The IRC_KillClient() function is documented to handle the case that the "Client" structure is NULL, so make sure that this actually works and can't crash the daemon. Please note: The current code doesn't make use of this feature, so this fix is definitely the "right" thing to do but doesn't fix an actual problem.
IRC_NJOIN(): Code cleanup
No functional changes.
Fix NJOIN not propagating "half ops" status
ngIRCd tested for the wrong prefix of "half ops" when processing NJOIN commands and therefore never classified a remote user as "half op". Thanks to wowaname for pointing this out on #ngircd!
ngIRCd Release 23 (tags/rel-23)
Explicitly cast time_t to long when printing it out
This prevents wrong sizes data types on platforms where time_t doesn't equal a long any more, for example on OpenBSD.
ngIRCd Release 23~rc1 (tags/rel-23-rc1)
Update AUTHORS and .mailmap file
And add a note to doc/HowToRelease.txt to not forget to update the list of authors in the future ...
Add ".clang_complete" file
This file is used of the "linter-clang" package of the Atom editor, for example.
Make server-to-server protocol more robust
Now ngIRCd catches more errors on the server-to-server (S2S) protocol that could crash the daemon before. This hasn't been a real problem because the IRC S2S protocol is "trusted" by design, but the behavior is much better now. Thanks to wowaname on #ngircd for pointing this out!
Reproducible builds
At the moment ngircd fails the tests for reproducible builds in Debian since it uses the __DATE__ and __TIME__ macros for the INFO command. Instead of patching this out I decided to implement an optional constant BIRTHTIME that allows you to set a time stamp for the "Birth Date" information, in seconds since the epoch, like in export CFLAGS += -DBIRTHTIME=$(shell date +%s --date="2015/08/15 23:42:22") In the future, Debian will provide a SOURCE_DATE_EPOCH environment variable, dealing with the situation until then will be my job. The time format was taken from the NGIRCd_StartStr formatting in ngircd.c so the "Birth Date" and "On-line since" lines in the INFO output look similar: :irc.example.net 371 nick :ngIRCd 22.1-IDENT+IPv6+IRCPLUS+PAM+SSL+SYSLOG+ZLIB-x86_64/pc/linux-gnu :irc.example.net 371 nick :Birth Date: Tue Aug 25 2015 at 18:11:11 (CEST) :irc.example.net 371 nick :On-line since Tue Aug 25 2015 at 18:11:33 (CEST) :irc.example.net 374 nick :End of INFO list The format of the time stamped is changed, but as far as I can tell, there's no rule that is violated by that. Bonus level: Reformat the messages so the time stamps are aligned.
Fix debug message "Client ... is closing connection"
It should be "host:port"!
INSTALL: Add deprecation notice for "PredefChannelsOnly"
Obviously I forgot to list this for ngIRCd 21 ... oops!
Merge pull request #217 from SaberUK/master+notice-auth
Use "NOTICE *" before registration instead of "NOTICE AUTH".
Rename NoticeAuth to NoticeBeforeRegistration.
The old name is still supported for compatibility reasons.
First check if channel has mode "N", then check membership
This should be more efficient.
Use "NOTICE *" before registration instead of "NOTICE AUTH".
AUTH is a valid nickname so sending notices to it is probably not a good idea. Use * as the target instead as done with numerics when the nick is not available. This mimics the behaviour in Charybdis, IRCD-Hybrid, InspIRCd 2.2, Plexus 4, etc.
Merge pull request #214 from Flupsy/channel-mode-N
Channel mode N (users on this channel can't change their nick)
Merge pull request #215 from tejr/master
Specify session context for OpenSSL clients. Closes #182.
Specify session context for OpenSSL clients
Reconnecting to ngIRCd 22.1 built with OpenSSL with some OpenSSL clients, including Pidgin and stunnel 5.06, attempts to reuse a session and fails due to the absence of this line. The error message in syslog from ngIRCd is: > SSL protocol error: SSL_accept (error:140D9115:SSL > routines:SSL_GET_PREV_SESSION:session id context uninitialized) This patch appears to fix the problem for both Pidgin and stunnel; it may work for other OpenSSL clients that attempt to re-use sessions. * <https://github.com/ngircd/ngircd/issues/182> * <https://developer.pidgin.im/ticket/11568> * <https://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html>
Merge remote-tracking branch 'LucentW/master'
* LucentW/master: Fix with oneshot invites Fixed building issues\ Implement timestamp tracking of invites Keep track of who placed bans/invites/excepts IRC operators w/OperCanMode can kick anyone [already cherry-picked] Closes #203, Closes #205.
Make setgroups(3) function optional
For example, Interix is missing this function, which prevented ngIRCd to build on this platform. When setgroups(3) isn't available, a warning message is issued when ngIRCd starts up.
Fix with oneshot invites
This should finally implement correctly oneshot invites sent via /INVITE
IRC operators w/OperCanMode can kick anyone
Closes #202. (cherry picked from commit 10c7ba99e73b42ec8c4c191ccdae60bdd35bba7d)
Fixed building issues\
Now builds cleanly. Pass all tests from make check.
Remove doc/GIT.txt: it is outdated
ngIRCd uses GitHub, and Git itself is quite common today. So don't include an own Git "mini HowTo" any longer.
Implement numeric RPL_LISTSTART(321)
lightIRC and other clients expecting RPL_LISTSTART should now behave correctly. Closes #207. (cherry picked from commit 0680ce5fd99bc643651d1433bcdaf271aeb73c46)
Implement timestamp tracking of invites
Now lists nodes also have the "onlyonce" field, since the valid_until is used to keep the timestamp of placing. Found no references to onlyonce or about valid_until being == 1, though, so it might be unused, but still available for other enhancements.
Keep track of who placed bans/invites/excepts
Implements #203. WARNING: it does not track the time of placement of invites, since the time_t is already used as a flag for single use invites!
Fix MatchCaseInsensitive[List]](): lowercase string _and_ pattern
Up to now, only the the string ("haystack") became lowercased and was the compared to the pattern ("needle") -- which failed, when the pattern itself wasn't all lowercase ...
Streamline effect of "MorePrivacy" option (WHOIS, LIST)
- Update documentation in ngircd.conf(5) - LIST: Don't hide channels for IRC Ops when "MorePrivacy" is in effect - WHOIS: Don't hide IP addresses/hostnames when "MorePrivacy" is in effect Closes #198
Merge pull request #197 from LucentW/master
Implement user mode "I": Hide channels on WHOIS User mode +I prevents ngIRCd from showing channels on WHOIS. IRC Operators can always see those. Closes #197.
Make sure that the target user is able to join a local channel
Implement ERR_USERNOTONSERV(504) numeric and make sure that the target user is on the same server when inviting other users to local ("&") channels. ircd-ratbox uses the ERR_USERNOTONSERV(504) numeric for this, and I think this is a good idea -- other IRC daemons (like ircu) silently drop such impossible invites, but thats not a big benefit ... Idea by Cahata, thanks! Closes #183.
Fixed indents and documentation
(also updated the copyright date on the txt I edited)
INVITE command: Enforce 1 second penalty time
This prevents flooding of the target client. This closes #186. Reported by Cahata, thanks!
Implement +I (private channel list on whois)
Implements enhancement requested in issue #179
MODE command: Always report channel creation time
Up to now when receiving a MODE command, ngIRCd only reported the channel creation time to clients that were members of the channel. This patch reports the channel creation time to all clients, regardless if they are joined to that channel or not. At least ircd-seven behaves like this. This closes #188. Thanks Cahata!
ngIRCd Release 22.1 (tags/rel-22.1)
Platforms.txt: Add and update systems
- Update powerpc/apple/darwin7.9.0 Thanks to Götz Hoffart <goetz@hoffart.de>!
Don't send nick name as default PART reason
No other IRC daemon seems to do this (today?), don't remember why ngIRCd did it in the first place ... Closes #185. Reported by Cahata in #ngircd, thanks!
Fix "WHO #<chan>" showing invisible users and hiding all visible
The logic is reversed ... This bug has been introduced by commit c74115f2, "Simplify mode checking on channels and users within a channel", ngIRCd releases 21, 21.1, and 22 are affected :-( Problem reported by Cahata in #ngircd, Thanks!
Auth PING: Fix our information text for manual sending of "PONG"
Up to now, ngIRCd doesn't send a valid IRC command at all, oops!
Auth PING: Don't send a prefix in our PING command
The prefix confuses WeeChat, at least, which doesn't send an appropriate PONG in the case ... Debugging and patch by "wowaname" on #ngircd, thanks!
Fix syntax of ERR_LISTFULL_MSG(478) numeric
Pointed out by "wowaname" in #ngircd, thanks!
Reset "last try" timer when enabling a passive server
This results in a new connection attempt as soon as possible.
Merge remote-tracking branch 'alex/TestsuiteNoDNS'
* alex/TestsuiteNoDNS: Test suite: Don't use DNS lookups
Merge branch 'CipherListNoSSL3'
* CipherListNoSSL3: INSTALL: List the changed SSL CipherList default value. Update "CipherList" to not enable SSLv3 by default
Test suite: Don't use DNS lookups
Different operating systems do behave quite differently when doing DNS lookups, for example "127.0.0.1" sometimes resolves to "localhost" and sometimes to "localhost.localdomain" (for example OpenBSD). And other systems resolve "localhost" to the real host name (for example Cygwin). So not using DNS at all makes the test site much more portable.
Update "CipherList" to not enable SSLv3 by default
Idea, initial patch, and testing by Christoph Biedl <ngircd.anoy@manchmal.in-ulm.de>
ngIRCd Release 22 (tags/rel-22)
Test suite/platformtest.sh: Detect when tests have been skipped
Detect if some tests have been skipped, for example when telnet(1) or expect(1) is missing: ./contrib/platformtest.sh will echo a warning message now.
Platforms.txt: Add and update systems
- Add armv7l/unk./linux-gnueabihf - Update hppa/unknown/openbsd5.4 - Update i686/unknown/gnu0.5 - Update i686/pc/cygwin - Add i386/pc/linux-gnu, gcc 4.4.5 - Update x86_64/apple/darwin14.0.0 - Update x86_64/unknown/freebsd8.4 - Update x86_64/unknown/freebsd9.2 - Add x86_64/unknown/freebsd10.0 - Add/update x86_64/unknown/linux-gnu, various compilers - Update x86_64/unknown/openbsd4.8 - Add x86_64/unknown/openbsd5.5 Tested version is "rel-22-rc1-3-g967deeb".
Platforms.txt: Add and update systems
- Add sparc/unknown/openbsd5.5 - Update powerpc/apple/darwin7.9.0 - Update x86_64/unknown/linux-gnu, Open64 - Update x86_64/unknown/linux-gnu, Sun C 5.12/Solaris Studio 12.3 - Update x86_64/unknown/linux-gnu, tcc 0.9.25 Thanks to Götz Hoffart <goetz@hoffart.de>!
Match list patterns case-insensitive
The invite-, ban-, and except lists are affected by this change, as well as G-Lines an K-Lines. Problem pointed out by "wowaname" on #ngircd, thanks!
ngIRCd Release 22~rc1 (tags/rel-22-rc1)
ngIRCd Release 21.1
(cherry picked from commit ee28e76df2a73f3bb4bcf69c644eae9a10298a58)
Sync "except lists" between servers
Up to now, ban, invite, and G-Line lists have been synced between servers while linking -- but obviously nobody noticed that except list have been missing ever since. Until now. Thanks to "j4jackj", who reported this issue in #ngircd.
Platforms.txt: Update powerpc/apple/darwin7.9.0
- Update powerpc/apple/darwin7.9.0, gcc 3.3 Thanks to Götz Hoffart <goetz@hoffart.de>!
Platforms.txt: Update x86_64/unkn./linux-gnu, clang 3.x
- Update x86_64/unknown/linux-gnu, clang 3.2 => clang 3.3
Correctly check that a server has a valid hostname and port
David Binderman <dcb314@hotmail.com> reported the following compiler warning, which is a real bug in ngIRCd, thanks! conn.c:2077:55: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
Platforms.txt: Add and update more systems
- update i686/pc/linux-gnu, gcc 2.7.2 - update powerpc/apple/darwin6.8, gcc 3.1 - add powerpc/apple/darwin9.8.0, gcc 4.0.1 Thanks to Götz Hoffart <goetz@hoffart.de>!
doc/Bopm.txt: Update "connregex" and "kline" for current ngIRCd
Thanks to "kerin" on IRC for pointing this out!
Allow "DefaultUserModes" to set all possible modes
Let IRC_MODE() detect that the "fake" MODE command originated on the local sever, which enables all modes to be settable using "DefaultUserModes" that can be set by regular MODE commands, including modes only settable by IRC Operators.
Initialize Conf_ScrubCTCP even when SYSLOG isn't #define'd
The "SYSLOG" #define isn't related to "Conf_ScrubCTCP" at all, so initialize the latter even when "SYSLOG" isn't #define'd. Pointed out by wowaname on #ngircd, thanks!
Spoofed prefixes: Really kill connection on non-server links
This fixes commit 6cbe1308 which only killed the connection when the spoofed prefix itself belonged to a non-server client.
Platforms.txt: Add and update systems
- Add armv7l/unk./linux-gnueabihf - Add x86_64/apple/darwin14.0.0 Thanks to Götz Hoffart <goetz@hoffart.de>!
Implement user mode "F": "relaxed flood protection"
ngIRCd relaxes its flood protection for users having the user mode "F" set and allows them to rapidly send data to the daemon. This mode is only settable by IRC Operators and can cause problems in the network -- so be careful and only set it on "trusted" clients! User mode "F" is used by Bahamut for this purpose, for example, see <http://docs.dal.net/docs/modes.html#4.9>.
Increase MAX_SERVERS from 16 to 64
There are installations out there that would like to configure more than 16 links per server, so increase this limit. Best would be to get rid of MAX_SERVERS altogether and make if fully dynamic, but start with this quick and dirty hack ...
Handle "throttling" in a single function
ngIRCd uses "command throttling" and "bps throttling" (bytes per second). The states are detected in different functions, Conn_Handler() and Read_Request(), but handle the actual "throttling" in a common function: this enables us to guarantee consistent behavior and to disable throttling for special connections in only one place, eventually.
New "Debian release" 21.1-0ab2
(cherry picked from commit 48fcb97fa4a2762a873d9d693c7a126588a1811d)
Streamline DEBUG_ARRAY, DEBUG_BUFFER, DEBUG_IO, DEBUG_ZIP
Change all #define's to follow the form #define DEBUG_xxx {0|1} to disable (0, default) or enable (1) additional debug messages. And somewhat enhance some DEBUG_BUFFER messages.
conn.c: Code cleanup
Reformat and restructure some code, move all SSL related code into one single #ifdef block, for example.
Update config.guess and config.sub to recent versions
- config.guess: 2014-03-23 - config.sub: 2014-05-01
Xcode: remove imp.h and exp.h from project file
These files have been removed from ngIRCd in commit 259c314d, "Remove imp.h and exp.h header files".
Re-add #include's for header files of the C file itself
This partially reverts commit b130b35f4, "Update #include's: remove unused and add missing ones", but fixes the following compiler and analyzer warnings of Apple Xcode 5: "Semantic issue: No previous prototype for function 'yyy'"
Update #include's: remove unused and add missing ones
The "deheader" tool (<http://www.catb.org/~esr/deheader/>) has been used to find unused #include directives as well as missing ones. Tested on: - A/UX 3.1.1 - ArchLinux (2014-03-17) - Debian GNU/Hurd - Debian GNU/Linux 6.0.9 - Debian GNU/Linux 7.4 - Fedora 20 - FreeBSD 9.2 - OpenBSD 4.8 - OpenBSD 5.1 - OS X 10.9 - Solaris 11
portab.h: Restructure and clean up code
- Don't use HAVE_SYS_TYPES_H, <sys/types.h> is a required header now. - Streamline check for boolean data types. - Better indent #ifdef constructs.
configure[.ng]: <sys/types.h> is a required header file
ngIRCd already includes <sys/types.h> in a lot of places without checking for its existence (for example in "ngircd.c", "io.c", ...), therefore make it a required header file.
io.c: <sys/time.h> is only needed when using select()
Only include the <sys/time.h> header when using the select() IO API, it isn't required otherwise.
Remove imp.h and exp.h header files
These include files don't have a function any more, remove them.
Don't define SSL_Want{Read|Write}() when SSL is disabled
Not even call the "dummy" functions.
Fix two K&R C portability issues
Fix the following two errors emitted by the Apple K&R C compiler on Apple A/UX: "./class.c", line 47: no automatic aggregate initialization "./class.c", line 47: illegal lhs of assignment operator "./conf.c", line 1052: syntax error Tested on A/UX 3.1.1.
Merge pull request #6 from norrs/pam_server_password_fix
Validate server password when PAM is disabled.
CHARCONV: Fix handling conversion errors
Don't overwrite already converted text!
Streamline punctuation of log messages
See commit d38d153f for details.
Streamline punctuation of log messages
See commit d38d153f for details.
Correctly use cloaked IRC masks on "INVITE nickname"
The cloaked IRC mask of a user is his visible mask, so the daemon has to use it for generating the "one time" entries for the invite list of the given channel. Without this patch, ngIRCd records the real IRC mask which will never match while the target client is "+x", and even worse, will disclose the real mask on "MODE #channel +I" commands :-/ Bug reported by Cahata on #ngircd, thanks!
Use correct sender as target for ISUPPORT replies on "VERSION"
This fixes commit 2e168c78 ("Return ISUPPORT(005) numerics on 'VERSION'") and make sure, that the 005 numerics are correctly routed back to the sender.
Return ISUPPORT(005) numerics on "VERSION"
This is how ircd-seven, Charybdis, Hybrid, and InspIRCd behave, for example.
configure: Only link "contrib/Debian" if it exists
This isn't the case on "VPATH builds", for example.
Merge pull request #5 from grawity/accountname-whois
Show account name in WHOIS
Show account name in WHOIS
This uses the same numeric as Charybdis and ircu families.
Merge branch 'no-range-matching' of git://arthur.barton.de/ngircd-alex
* 'no-range-matching' of git://arthur.barton.de/ngircd-alex: Remove "range matching" functionality
Use $(MKDIR_P) instead of $(mkinstalldirs) in Makefile's
And test for "mkdir -p" using AC_PROG_MKDIR_P in "configure".
Remove "range matching" functionality
Don't support "range marching" in our pattern matching code using the "[...]" syntax, because [ and ] are valid characters in nick names and one has to quote them currently using the "\" character, which is quite unexpected. For example: Nick "te[st" => "MODE #channel +b te\[st" And remove quoting altogether, too, because "*" and "?" don't need to be quoted because these characters are not allowed in IRC masks, nicks, and hostnames. Reported by "hifi" (Toni Spets) on IRC, thanks!
Fix configure script and "make check" for TCP Wrappers
Add missing #include's and static variables. Problem spotted on OpenBSD.
platformtest.sh: Allow using separate source and build trees
Now you can call platformtest.sh using its complete path name from an other directory which is then used for building. See <http://www.gnu.org/software/automake/manual/html_node/VPATH-Builds.html> Please not that the build system itself is still (re-)genrated in the original source tree. This can be avoided by passing the "-x" switch to the platformtest.sh script.
Add libwrap at the end of the configure run
If libwrap becomes added earlier, other tests may fail because of not all external variables required by libwrap are available when linking: for example allow_severity and deny_severity. This patch adds generic support for the LDFLAGS_END and LIBS_END variables (CFLAGS_END has been implemented already). Problem spotted on OpenBSD.
Send "fake '*' key" in "MODE -k" replies
According to RFC 2812 3.2.3 "Channel mode message" and the examples there, it looks like clients should use "MODE -k <key>" to unset channel keys; and that's how other servers and services behave and do expect it. (But please note that this is NOT the case for "MODE -l"!) In the end, it doesn't make sense to specify a key when UNsetting it at all, and different services behave diffrently when clients do not send the currently set key to unset it - some ignore such calls, for example! But this implementation is quite relaxed, it accepts any key when unsetting channel mode "k" and even accepts no key at all. But the reply will always include an "*" character for every "-k" parameter.
Support non-standard vsnprintf() return code
C99 states that vsnprintf() "returns the number of characters that would have been printed if the n were unlimited"; but according to the Linux manual page "glibc until 2.0.6 would return -1 when the output was truncated" -- so we have to handle both cases ...
Partially revert bc098794: don't require autoconf 2.67
GNU autoconf 2.61 is still sufficient to generate the configure script, even after updating configure.{ng|in}, so don't require a newer version.
doc/Platforms.txt: Update some systems to ngIRCd 21
- update i686/pc/cygwin, gcc 4.8.2 - update x86_64/apple/darwin13.0.0, Apple clang 5.0 - update x86_64/unknown/freebsd8.4, gcc 4.2.1 - update x86_64/unknown/freebsd9.1, gcc 4.2.1 - update x86_64/unknown/linux-gnu, gcc 4.8.2 - update x86_64/unknown/linux-gnu, Open64 - update x86_64/unknown/openbsd4.8, gcc 4.2.1 - update x86_64/unknown/openbsd5.1, gcc 4.2.1
Update configure.ng for autoconf 2.67
We already require GNU autoconf 2.67 for generating our build system (at least this is what the INSTALL document states), so update the build system accordingly and implement all changes that autoupdate(1) suggests: - Update AC_PREREQ and AC_INIT - Use AC_LINK_IFELSE, AC_RUN_IFELSE, and AC_COMPILE_IFELSE - Remove AC_TYPE_SIGNAL (we don't use RETSIGTYPE)
Merge branch 'bug167-WebircIPAnoDNS' of git://arthur.barton.de/ngircd-alex
* 'bug167-WebircIPAnoDNS' of git://arthur.barton.de/ngircd-alex: WEBIRC: Don't respect hostname when DNS is disabled
Merge branch 'bug165-005-NETWORK' of git://arthur.barton.de/ngircd-alex
* 'bug165-005-NETWORK' of git://arthur.barton.de/ngircd-alex: Implement new configuration option "Network"
WEBIRC: Don't respect hostname when DNS is disabled
When DNS lookups are disabled, don't set the hostname received by the WEBIRC command, but use the IP address instead. Reported by Toni Spets <toni.spets@iki.fi>, thanks! Closes bug #167.
Implement new configuration option "Network"
The new configuration variable "Network" is used to set the (completely optional) "network name", to which this instance of the daemon belongs. When set, this name is used in the ISUPPORT(005) numeric which is sent to all clients connecting to the server after logging in. Closes bug #165.
portabtest: Actually test functions
Test functions snprintf(), strlcpy(), strlcat(), vsnprintf() for correctness, not only existance (which was quite useless, because if they weren't available, the program could not have been linked at all ...).
Check for working getaddrinfo() function
At least AIX 4.3.3 and 5.1 have a broken implementation of getaddrinfo() which doesn't handle "0" as numeric service correctly. This patch adds a configure check for this case and changes all calling functions to only use getaddrinfo() if it "works". See <http://www.stacken.kth.se/lists/heimdal-discuss/2004-05/msg00059.html>
doc/Platforms.txt: Add and update more systems
- add i386/unknown/netbsdelf1.5.2, egcs-1.1.2 - update i386/unknown/openbsd5.3, gcc 4.2.1 - add i386/unknown/openbsd5.4, gcc 4.2.1 - add x86_64/unknown/linux-gnu, nwcc 0.8.2 - update x86_64/unknown/linux-gnu, tcc 0.9.25 Thanks to Götz Hoffart <goetz@hoffart.de>!
Fix permanent k/gline
Reported by Toni Spets (hifi - at - jnz - dot - fi).
doc/Platforms.txt: Add and update more systems
- add i386/unknown/openbsd3.5, gcc 2.95.3 - add x86_64/unknown/linux-gnu, Sun C 5.12 - update mipsel/unknown/linux-gnu, gcc 4.4.5 Thanks to Götz Hoffart <goetz@hoffart.de>!
doc/Platforms.txt: add DragonflyBSD 3.4 on x86_64
Thanks to Götz Hoffart <goetz@hoffart.de>!
Only use unsetenv() when it is available
AIX 4.3 dosn't support it, for example.
Rework the penalty handling slightly
Increase the penalty for a command before checking its arguments. This makes the handling more consistent and allow us to move more penalties to Handle_Request().
Move IRC_SetPenalty() to Handle_Request() when possible
This centralizes the penalty handling. It also exposes some commands that lack it for our attention.
Introduce a macro to define the command list
This will pave the way to other changes and simplifies the entries somewhat.
When sending an error use the IRC_WriteErrClient() variant
This ensures that all errors have a 2 second penalty.
On bad /oper set the penalty to 10 seconds
This helps against brute-force attempts.
Remove unneded IRC_SetPenalty() calls
IRC_WriteErrClient() already calls IRC_SetPenalty(). While here convert some IRC_SetPenalty() + IRC_WriteStrClient() to IRC_WriteErrClient().
Remove wrong #ifdef in Option_String()
This fixes the following error when compiling without zlib support: irc.c: In function ‘Option_String’: irc.c:487: error: ‘options’ undeclared (first use in this function) Reported by "der_baer" on #ngircd.
ngIRCd Release 21 (tags/rel-21)
Check and call arc4random_stir() if present
FreeBSD prior to 10.0 does not automatically stir on fork(). Same with current NetBSD. If arc4random_stir() is present assume is needed and call it instead of srand().
Debian: Fix sed(1) rules adjusting "ngircd-full" package
Error introduced by last commit :-/
Debian: Fix default "HelpFile" file name in ngircd.conf
The "full" package variants must use "/usr/share/doc/ngircd-full/Commands.txt" and "/usr/share/doc/ngircd-full-dbg/Commands.txt" respectively.
ngIRCd Release 21~rc2 (tags/rel-21-rc2)
Add support for longer config lines
With the introduction of CipherList we could have longer config lines. Handle up to 1024 bytes and warn if the line will be truncated.
doc/Platforms.txt: Add Open64 and tcc C compilers on Linux
Thanks to Götz Hoffart!
Add support for arc4random
If arc4random is present it will be used over the srand/rand interface. This fixes some warnings in OpenBSD-current.
ngircd.c, main(): use strlcat() instead of strcat()
This fixes the following warning on OpenBSD 5.3: ngircd.o(.text+0xeb4): In function `main': src/ngircd/ngircd.c:300: warning: strcat() is almost always misused, please use strlcat() Thanks to Götz Hoffart for reporting this!
ngIRCd Release 21~rc1 (tags/rel-21-rc1)
Actually KILL clients on GLINE/KLINE
Kill all clients that match a new GLINE/KLINE mask and genrate apropriate KILL commands. These KILL commands can be superfluous, but are required when the IRC Operator isn't allowd to set remote G-Lines or if there are older servers in the network that don't kill clients on GLINE/KLINE. Closes bug #156.
New function IRC_KillClient() to kill clients
The old local function Kill_Nick() in irc.c has been an ugly hack. This patch implements a generic function for killing clients. Adjust all callers of Kill_Nick() and respect the return code!
Adjust log messages for invalid and spoofed prefixes
Now invalid prefixes aren't logged no more when originating from an other server (besides in debug mode), and spoofed prefixes are correctly logged using LOG_WARNING (from an other server) or LOG_ERR (from a client) levels. In addition, the log message texts have been adjusted to better reflect what will happen: commands with invalid prefixes are ignored and logged, commands with spoofed prefixes will result in the client being disconncted (regular users) or the command being ignored (other servers). This cleans up logging of commands related to already KILL'ed clients.
Remove CLIENT.oper_by_my, Client_SetOperByMe() and Client_OperByMe()
All places where Client_OperByMe() is used can either be converted to Client_HasMode(Client, 'o') or Op_Check(). And Op_Check() itself can use the connection handle for deciding whether the IRC Operator is a local user or not.
Add support to show user links using "STATS L"
Change "stats L" to show servers and user links and restrict it to IRC Operators.
Change the certificate fingerprint digest to sha256
While here correct some indentation.
Change cipher defaults
Switch cipher defaults to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS).
Merge remote-tracking branch 'alex/bug162-SSLCipherList'
* alex/bug162-SSLCipherList: Cipher list selection for GnuTLS ConnSSL_Init_SSL(): correctly set CONN_SSL flag Cipher list selection for OpenSSL ConnSSL_InitLibrary(): Code cleanup
Fix server reconnection
In some error cases conn_id will be left as SERVER_WAIT and subsequently ignored in Check_Servers(). Ensure conn_id is set to NONE before returning from New_Server() if we couldn't establish the connection. Prompted by a report from gabrielgi-at-gmail-dot-com.
Cipher list selection for GnuTLS
This patch implements the missing functionality for cipher list selection using GnuTLS (our OpenSSL code has this already).
Don't ignore SSL-related errors during startup
Without this patch, ngIRCd ignores SSL-related messages and continues to start up but only listens on plain text communication ports -- and this most probably isn't what the administrator wanted ... Closes bug #163.
ConnSSL_Init_SSL(): correctly set CONN_SSL flag
The CONN_SSL flag must be set before any calls to ConnSSL_Free()!
Cipher list selection for OpenSSL
This patch introduces the possibility to arbitrarily select ciphers which should be promoted resp. declined when establishing a SSL connection with a client by implementing the new configuration option "CipherList". By default, OpenSSL would accept low and medium strength and RC-4 ciphers, which nowadays are known to be broken. This patch only implements the feature for OpenSSL. A GnuTLS counterpart has to be implemented in another patch ... Original patch by Bastian <bastian-ngircd@t6l.de>. Closes bug #162.
TRACE: fix error message when there are too many parameters
ircd 2.11 ignores additional parameters silently, but I don't think that this is the correct behaviour either ...
Add more penalty times
Ensure before every numeric 461 there is a call to IRC_SetPenalty().
Rework check for number of parameters
Move most of the checks that return numeric 461 into Handle_Request().
Reorder checks
Move oper and Conf_MorePrivacy checks after checking the number of parameters.
Correct numeric returned by whois
As per RFC whois should return 431 if no nick is provided. While here convert upper check to use irc-macros. As a bonus we get to set the penalty for free.
Minor cosmetic change
Add a define to indicate any client. While I'm here use hex values instead of decimal, it's somewhat clearer that they could be OR'ed together.
Don't enforce channel types for other servers
The configuration option "AllowedChannelTypes" must only be enforced for regular clients and not for remote servers. Channels created by other servres are always allowed, because they already exist and the daemon must stay in sync with the network.
Only log "IDENT ... no result" when IDENT was looked up
Without this patch, ngIRCd logged the "IDENT lookup for connection X: no result"-message even when IDENT lookups have been disabled using the "Ident = no" configuration option, which is a little bit misleading. Reported by "btwe" in #ngircd.
ngircd: use setgid/setuid errno value in error path
Need to use saved errno value as strerror argument, else you get bogus output ('success') in the log message.
Show connection flag "s" (SSL) in RPL_TRACE{LINK|SERVER}
Now you can check if a server-to-server link is SSL-encrypted or not using the IRC "TRACE" command. Idea by Götz Hoffart, thanks!
Ignore "operation not permitted" while dropping groups
Without this exception, you can't start ngIRCd as user any more, it is analog to setting the user and group ID.
ngircd: discard supplementary group ids on startup
The intention was to switch to JUST uid:gid, but setgid is not sufficient. Reported-by: Michael Scherer <misc@zarb.org>
Merge branch 'bug159-WebircIPA'
* bug159-WebircIPA: Introduce Free_Client() function to free CLIENT structure Save client IP address text for "WebIRC" users
Implement new configuration option "DefaultUserModes"
The new configuration option "DefaultUserModes" lists user modes that become automatically set on new local clients right after login. Please note that only modes can be set that the client could set on itself, you can't set "a" (away) or "o" (IRC Op), for example! User modes "i" (invisible) or "x" (cloaked) etc. are "interesting", though. Default: set no modes (like without this patch). Closes bug #160.
Save client IP address text for "WebIRC" users
This patch introduces a new field in the CLIENT structure, "ipa_text", which points to an optional textual representation of the client IP address (or NULL) which can be used to store the "real" IP address information of a client using the "WEBIRC" protocol. Without this patch, ngIRCd ignored the <ip-address> paramater ... In addition, the functions Client_SetIPAText() and Client_IPAText() have been introduced to set and get the textual representation of the client IP address. Client_IPAText() can be used even when no "IP address text" has been set before, it then returns the real IP address of the connection. Closes bug #159.
Cosmetic changes to METADATA
Update certfp and sort entries.
Silence warning
Cast the result of the operation to long, not the time(NULL) call. On systems where sizeof(time_t) is other than long this will produce a warning.
Implement account login support
This is done via the `accountname' METADATA command and used to automatically identify users after netsplits or across service restarts.
ngIRCd Release 20.3
(cherry picked from commit bb6e2779636aa6d74bbff474880829f0183a3c94) Conflicts: ChangeLog NEWS
Correctly handle return code of Handle_Write()
There have been code paths that ignored the return code of Handle_Write() when sending "notice auth" messages to new clients connecting to the server. But because Handle_Write() would have closed the client connection again if an error occurred, this would have resulted in new errors and assert()'s later on that could have crashed the server (denial of service). Only setups having the configuration option "NoticeAuth" enabled are affected, which is not the default. CVE-2013-5580.
Debian init script: test for binary after reading defaults
This allows the system administrator to overwrite the DAEMON variable in /etc/defaults/<name> and to use this init script even when the default "/usr/sbin/ngircd" doesn't exist on the system.
Merge branch 'ssl-log-messages'
* ssl-log-messages: Make SSL-related log messages more readable ConnSSL_HandleError: Code cleanup, more documentation
Make SSL-related log messages more readable
- Don't use internal function names but describe the error. - Streamline wording, use "SSL" for SSL and TLS. - Streamline punctuation.
Fix 2 bugs introduced in 74514b8c23
Channel_Modes() and Channel_Topic() return static memory that is zeroed at creation time. Fix checking for empty modes and topic so they're propagated correctly.
configure: Don't quote IO backend type(s)
It's not needed and inconsistent compared to the other settings. Reported by "allerbest" (Götz Hoffart) on #ngircd, thanks!
Introduce new function IRC_WriteErrClient()
This function is used to send "error messages", including numerics, back to clients and to automatically enforce a 2 second penalty. With this patch, all error results enforces a delay for the client. All callers of IRC_WriteStrClient(ERR_xxx) have been converted. Please note that this patch prolongs the time "make check" needs to complete its tests, because of lots of new enforced penalties ...
Fix return code of some IRC_WriteXXX() functions
These functions usually write to more than one target, and therefore can't return value indicating success or failure in a sane way. And, even more omportant, these functions should send to as much as possible clients and not stop at the first client which isn't reachable any more!
Streamline punctuation of log messages
See commit d38d153f for details.
Simplify mode checking on channels and users within a channel
Add Channel_HasMode() and Channel_UserHasMode() and use it where possible.
Merge branch 'bug152-AllowedChannelTypes'
* bug152-AllowedChannelTypes: Implement new configuration option "AllowedChannelTypes" Introduce "CHANTYPES" #define
Implement new configuration option "AllowedChannelTypes"
The new configuration variable "AllowedChannelTypes" lists all allowed channel types (channel prefixes) for newly created channels on the local server. By default, all supported channel types are allowed. If set to the empty string, local clients can't create new channels at all, which equals the old "PredefChannelsOnly = yes" setting. This patch deprecates the "PredefChannelsOnly" variable, too, but it is still supported and translated to the apropriate "AllowedChannelTypes" setting. When "PredefChannelsOnly" is processed, a warning message is logged. Closes bug #152.
More spelling fixes
Remove superflous comments, mostly in German. Fix spelling and use american variants for consistency.
Change cloaked hostname to be malloc'd on demand
This shaves a few bytes when cloaked hostnames are not used and restricts the cloakhost announcement iif there is something to send.
Introduce "CHANTYPES" #define
This #define lists all the prefix characters of all supported channel types, this is "#&+" at the moment.
Merge remote-tracking branch 'fgsch/certfp'
* fgsch/certfp: Simplify MOTD handling Add certificate fingerprint support
Simplify MOTD handling
Merge Show_MOTD_Start, Show_MOTD_Sendline and Show_MOTD_End into IRC_Show_MOTD.
Update irc-server.c to use irc-macros.h
And add some comments :-)
Commands.txt: Update more descriptions
Update description of "CHANINFO", "METADATA", "NJOIN", "SERVER", "SQUIT", "GET", and "POST".
Improved client announcement
Move Announce_User() to client.c and rename it to Client_Announce(). Use this in cb_introduceClient() instead of duplicating the code. This fix the certificate fingerprint announcement for new clients. Also ensure the certificate fingerprint is only announced if the client supports it (`M' flag).
Add penalty times in error paths of generic IRC helper macros
Add a 2 second penalty time when the number of parameters is invalid.
Commands.txt: Update more descriptions
Update description of "CONNECT", "DIE", "DISCONNECT", "GLINE", "KILL", "KLINE", "OPER", "REHASH", "RESTART" and "WALLOPS".
Add more penalty times in error paths
This patch changes the handlers of the "PASS", "NICK", "USER", and "SERVICE" commands to enforce a 2 second penalty when an error like "need more/other parameters" occurs. More functions should follow, I think ...
Update irc-login.c to use irc-macros.h
This includes code cleanups, too :-)
Update irc-mode.c to use irc-macros.h
This includes code cleanups and more comments, too.
Commands.txt: Update more descriptions
Update descriptions of "NICK", "PASS", "PING", "PONG", "QUIT", "USER", "WEBIRC", "SERVICE", and "SVSNICK".
Update irc-channel.c to use irc-macros.h
This includes code cleanups, too :-)
Commands.txt: Update more descriptions
Update descriptions of "AWAY", "JOIN", "LIST", "MODE", "PART", "TOPC", and "TRACE".
Update irc.c to use irc-macros.h
This includes code cleanups and better documentation for some functions, too.
Merge pull request #4 from fgsch/master
Changes for ngircd 21.
Handle services in IRC_WHOIS_SendReply()
If the target is a service, advertise it as such and ignore operator mode.
Enhance Travis-CI configuration file
It now configures the sandbox to build ngIRCd with IPv6, IDENT, PAM, TCP-Wrappers, and zlib support. And it installs expect(1) and telnet(1) for the test suite.
Merge pull request #3 from Cofyc/master
irc-info.c: some commands use LINE_LEN as command buffer len
LINE_LEN -> COMMAND_LEN
LINE_LEN is configuration file line length
IncludeDir: default to "$SYSCONFDIR/ngircd.conf.d"
Now "IncludeDir" defaults to "$SYSCONFDIR/ngircd.conf.d" instead of no directory, but a missing directory is only reported as an error if it has explicitely configured in the main configuration file and simply ignored otherwise. Therefore it is now possible not to touch the default (sample) configuration file at all, and set all distribution and/or system specific configuration options in "*.conf" files stored in "$SYSCONFDIF/ngircd.conf.d/". Thanks to "Elmasloco" for the idea!
Rename "Mask" variables into "Pattern" in assert() statements
This completes commit 3ab00e3a11 which broke debug builds.
Implement new configuration option "IncludeDir"
The option "IncludeDir" in the [Options] section can be used to specify a directory which can contain further configuration files and configuration file snippets matching the pattern "*.conf" that should be read in after the main configuration file ("ngircd.conf" by default) has been parsed. Closes bug #157.
Ensure there is enough space for the mask
As pointed by Alex while strl{cat,cpy} take the full length we need to leave space to ensure a proper mask is always created so revert the removal of - N from my last change.
conf.c: New function Read_Config_File()
This function reads in and parses a single configuration file. Adjust all other functions to display the correct name of the file being read in currently.
Change Lists_MakeMask() to receive a buffer for the mask
Change callers accordingly so they don't rely on a global buffer and rename Mask to Pattern where it makes sense since some functions where indeed receiving a pattern and not a mask.
Fix use-after-free on Lists_CheckReason()
Change Lists_CheckReason() to receive a buffer where the reason will be stored and its length. Change callers accordingly. Change Class_GetMemberReason() (and its callers) in a similar way so it doesn't rely on a global buffer for the rejected reason.
Build OS X package with correct file permissions
This requires to have the correct permissions in the source tree, which is "root:wheel", which in turn requires root privileges. Therefore the Makefile now tries to become root on "make osxpkg-dest" but tries hard not to require root privileges on "clean" etc.
Make configure[.ng] compatible with autoconf 1.10 again
The incompatibility has been introduced by commit d0c9f4a6, "configure: search for iconv_open as well as libiconv_open".
Lists_CheckReason(): Check for Client_MaskCloaked()
Look for possible cloaked Masks in Lists. Users with +x usermode can be banned with their cloaked hostname now.
Conn_Handler(): Don't test for penalty times
The Conn_Handler() main loop calls Handle_Buffer() which checks for the "penalty time" of each client itself, so don't do it twice.
Don't read SSL client data before DNS resolver is finished
Fix the cb_clientserver_ssl() callback function to not read in and store SSL encrypted client data before the asynchronous DNS resolver sub-process has finished: This could have resulted in discarding the resolved client hostname and IDENT reply afterwards, because in some situations (timing dependent) the NICK and USER commands could have already been read in from the client, stored in the buffer, and been processed. Thanks to Julian Brost for reporting the issue and testing, and to Federico G. Schwindt <fgsch@lodoss.net> for helping to debug it!
Increase password length limit to 64 characters
Closes bug #154.
irc-cap.c: move static functions to the top of the file
And remove now unnecessary (local) prototypes.
irc-login.c: conenction -> connection
Introduced by commit d3ef2239 as of Sun Jan 16 2011 ... Thanks to Patrik Schindler <poc@pocnet.net> for reporting this!
Merge branch 'bug151-iconv' into master
* bug151-iconv: configure: search for iconv_open as well as libiconv_open
Merge branch 'bug153-ServerMask' into master
* bug153-ServerMask: Update irc-info.c to use irc-macros.h Add new irc-macros.h to project irc-info.c: add/streamline function documentation comments irc-info: move static functions at the top of the file Implement new function Client_SearchServer() Conflicts: src/ngircd/irc-info.c
configure: search for iconv_open as well as libiconv_open
On some installations iconv_open() is actually libiconv_open(). iconv_open() is the glibc version while libiconv_open() is the libiconv version. This patch enables ngIRCd to detect both cases. Tested on OpenBSD 5.1. Closes bug #151.
Update irc-info.c to use irc-macros.h
This includes: - move IRC_SetPenalty() at the beginning of the handler functions, - use macros provided by irc-macros.h, - code cleanup. The main benefits of this patch are core size reduction, streamlined structure of the handler functions, and enhanced functionality: because of the _IRC_GET_TARGET_SERVER_OR_RETURN_() macro using the Client_SearchServer() function, the target of the specific IRC command can now be given server names, server mask, or the nickname of a user connected to the server. Closes bug #153.
ngIRCd Release 20.2
(cherry picked from commit c45d9dd1f08fddb95fa01d62c69848cd753a3161)
Add new irc-macros.h to project
This file prvides some macros for common tasks required by functions implementing handlers for IRC commands: * _IRC_ARGC_LE_OR_RETURN_ * _IRC_ARGC_GE_OR_RETURN_ * _IRC_GET_SENDER_OR_RETURN_ * _IRC_GET_TARGET_SERVER_OR_RETURN_
KICK: Fix denial of service bug
Test if the user that it is to be kicked is on the channel before user channel modes are tested. Otherwise assert( cl2chan != NULL ); in line 742 would fail and stop the service.
irc-info.c: add/streamline function documentation comments
Add missing comments, streamline wording, and remove references to the RFCs: this will be added to ./doc/Commands.txt with an other patch and we want to avoid redundancy ...
my_sd_listen_fds(): really return an "int"
This fixes the following warning using Apple LLVM version 4.2 (clang-425.0.24) on OS X: src/ngircd/conn.c:157:9: Implicit conversion loses integer precision: 'long' to 'int'
Implement new function Client_SearchServer()
This function returns the server structure of a client or a given "mask"; it is useful for implemention handlers for commands like "COMMAND *.net", which should work on a server matching "*.net". Please note that the local server is always returned when it matches the mask, but besides that, the order is completely arbitrary.
Merge branch 'bug155-allowAtInUser'
* bug155-allowAtInUser: Allow "@" character in user names for authentication
Allow "@" character in user names for authentication
The "@" character isn't allowed in IRC usernames, because it is the separator between user name and hostname in IRC masks: <nickname>!<username>@<hostname> This patch accepts user names including "@" characters, saves the unmodified name for authentication but stores only the part in front of the "@" character as "IRC user name". And the latter is how ircd2.11, Bahamut, and irc-seven behave as well. Closes bug #155.
Merge branch 'systemd'
* systemd: ngircd.sock: explicitely bind to IPv4 and IPv6 addresses Show address and port of sockets passed-in by systemd(8) Check type of sockets passed-in by systemd(8) Adjust severity levels of some log messages New configuration option "IdleTimeout": exit daemon when idle Implement support for systemd(8) "socket activation" contrib/README: add more files
autogen.sh: Check for autoconf/automake wrapper scripts
For example OpenBSD uses a "autoconf" and "automake" wrapper script which tells the user to set AUTOCONF_VERSION and AUTOMAKE_VERSION environment variables. This patch enhances autogen.sh to not detect these wrapper scripts as regular autoconf/automake commands but to set the required environment variables after detecting the real "command-X.Y" commands. Tested on OpenBSD 5.1.
"WHO <hostmask>": use displayed hostname for matching
Use the currently "displayed hostname" (which can be cloaked!) for hostname matching, not the real one. In other words: don't display all the cloaked users on a specific real hostname! Thanks to DNS <dns@rbose.org> for reporting this issue.
autogen.sh: Don't use "egrep -o", use "sed"
"egrep -o" isn't portable and not available on OpenBSD, for example. So let's use sed instead to get the automake version. The expression used now is less specific but should work as well ...
Merge branch 'HelpText'
* HelpText: (22 commits) Commands.txt: Update description of the "USERS" command Commands.txt: Update description of the "SUMMON" command Commands.txt: Update description of the "SERVLIST" command Commands.txt: Update description of the "WHOWAS" command Commands.txt: Update description of the "WHOIS" command Commands.txt: Update description of the "WHO" command Commands.txt: Update description of the "VERSION" command Commands.txt: Update description of the "USERHOST" command Commands.txt: Update description of the "TIME" command Commands.txt: Update description of the "STATS" command Commands.txt: Update description of the "NAMES" command Commands.txt: Update description of the "MOTD" command Commands.txt: Update description of the "LUSERS" command Commands.txt: Update description of the "LINKS" command Commands.txt: Update description of the "ISON" command Commands.txt: Update description of the "INFO" command Commands.txt: Update description of the "ADMIN" command Commands.txt: Add description for the "CHARCONV" command Commands.txt: Add description for the "CAP" command Commands.txt: Import descriptions from "rbose/command_help" ...
IRC_WHO_Channel(): Use strlcpy() instead of strcpy()
This fixes the following warning, at least on OpenBSD 4.8: irc-info.o(.text+0x2427): In function `IRC_WHO': src/ngircd/irc-info.c:896: warning: strcpy() is almost always misused, please use strlcpy()
Check type of sockets passed-in by systemd(8)
This patch makes sure that ngIRCd doesn't try to handle sockets of unsupported types, for example of AF_INET6 sockets when ngIRCd isn't compiled with support for IPv6 ...
Streamline punctuation of log messages
Make sure that all log messages end with a correct punctuation mark. The rules for formatting log messages are: 1. Add punctuation marks to all messages passed to the actual logging functions like Log() and LogDebug(). 2. Don't add any punctuation marks to messages that are stored in variables for later use or are passed over the network. 3. IP addresses, DNS host names and IRC server names should be quoted. 4. Messages originating in the network should be quoted (at least if they are "untrusted" or variable). Most probably this patch doesn't fix all mistakes, but it should be a good starting point ...
Enable WHOIS to display information about IRC Services
This patch introduces the new numeric 310(RPL_WHOISSERVICE) and enables WHOIS to display information about IRC services. This numeric is used for this purpose by InspIRCd, for example -- but as usual, other numerics are in use, too, like 613 in UltimateIRCd ... Please note that neither the Operator (+o) not the "bot status" (+B) of an IRC service id displayed in the output. Change suggested by Federico G. Schwindt <fgsch@lodoss.net>, Thanks.
configure: "netinet/in_systm.h" is optional
The header file "netinet/in_systm.h" already is optional in ngIRCd, so don't require it in the configure script. Now ngIRCd can be built on Minix 3 again :-)
New configuration option "IdleTimeout": exit daemon when idle
This patch implements a new configuration option "IdleTimeout" in the [Limits] section of the configuration file which can be used to set a timeout (in seconds) after which the whole daemon will shutdown when no more connections are left active after handling at least one client. The default is 0, "never". This can be useful for testing or when ngIRCd is started using "socket activation" with systemd(8), for example.
contrib/Debian/rules: Do no compress Commands.txt
This is required, because ngIRCd can't use a compressed file as help text ... (cherry picked from commit 6d09b4f366f656f6d2732ea96a653e086380e458)
Implement support for systemd(8) "socket activation"
This patch enables ngIRCd to work with listening sockets already initialized and passed-in by systemd(8) and hereby to support on-demand "socket activation". systemd(8) uses two environment variables to pass information about the sockets to ngIRCd, LISTEN_PID and LISTEN_FDS, and this mechanism only kicks in when both variables are set. In all other cases, and therefore in most installations out there, nothing changes at all. Please note: If socket activation is in effect, ngIRCd will not initialize any (other) soeckets on its own! All sockets must be configured in the systemd(8) socket unit configuration file in this case, see ./contrib/ngircd.socket for example. Probably it would be interesting to match passed-in sockets to configured listening sockets and to initialize all the remaining ones not already set up by systemd(8), but this is kept back for an other patch ... See - <http://0pointer.de/blog/projects/socket-activation.html> - <http://0pointer.de/blog/projects/socket-activation2.html> - <http://www.freedesktop.org/software/systemd/man/systemd.socket.html>
ngircd.service: Use "forking" service type
Don't run ngIRCd in forground mode but let it daemonize itself. This enhances the log output of "systemctl status ngircd.service", because now ngIRCd doesn't print out its PID and timestamp on each log message which is redundant: it becomes logged by systemd/journald already.
Return better "Connection not registered as server link" errors
Now ngIRCd returns a more specific error message for numeric ERR_NOTREGISTERED(451) when a regular user tries to use a command that isn't allowed for users but for servers: ERR_NOTREGISTEREDSERVER(451).
MODE: don't report error on "more modes than parameters"
Don't report ERR_NEEDMOREPARAMS(461) when a MDOE command with more modes than nicknames is handled, as well as for channel limit and key changes without specifying the limit or key parameters. This is how a lot (all?) other IRC servers behave, including ircd2.11, InspIRCd, and ircd-seven. And because of clients (tested with Textual and mIRC) sending bogus MODE commands like "MODE -ooo nick", end-users got the expected result as well as correct but misleading error messages ... If ngIRCd is compiled using "strict mode", these errors are still reported. Reported-by: Tim <tim@stackwatch.net>
Correctly detect when SSL subsystem must be initialized
This patch introduces the new function Conf_SSLInUse() to check when the current server configuration requires the SSL subsystem to be initialized and accounts incoming as well as outgoing connections -- so this fixes commit bb20aeb9 ("Initialize SSL when needed only, and disable SSL on errors") which only handled the inbound case ... Tested-by: Brett Smith <brett@w3.org>
Merge branch 'bug145-ProvideHelp'
* bug145-ProvideHelp: Use "${docdir}/Commands.txt" as help text file Add a note that "help file" is updated on startup and REHASH only Add doc/Commands.txt which should document all commands Implement Help() function parsing and returning the help text Document "HelpFile" in sample-ngircd.conf and ngircd.conf.5 Implement new configuration option "HelpFile" IRC_HELP(): Code cleanup Refactor Read_Motd() into Read_TextFile()
ngIRCd Release 20.1 (tags/rel-20.1)
Add doc/Commands.txt which should document all commands
This document can be used as "help text", too, see configuration option "HelpFile" in ngircd.conf(5). Please note that this file in its current state is far from complete, only a few commands are documented, but you should get an idea how it works. So please send in patches adding the remaining parts! :-)
Allow ERROR command on server and service links only
Ignore it and add a penalty time on all other link types.
Implement Help() function parsing and returning the help text
This function parses the already read in help text and sends the requested portions to the user. Parsing is done as following when a user user issues a "HELP <cmd>" command: 1. Search the file for a line "- <cmd>", 2. Output all subsequent lines that start with a TAB (ASCII 9) character to the client using NOTICE commands, treat lines containing a single "." after the TAB as empty lines. 3. Break at the first line not starting with a TAB character. This format allows to have information to each command stored in this file which will not be sent to an IRC user requesting help which enables us to have additional annotations stored here which further describe the origin, implementation details, or limits of the specific command. A special "Intro" block is returned to the user when the HELP command is used without a command name.
Mode setting: only check channel user modes when on channel
Only check the channel user modes of the initiator if he is joined to this channel and not an IRC operator enforcing modes (which requires the configuration option "OperCanUseMode" to be enabled), because trying to check channel user modes of a non-member results in this assertion: Assertion failed: (cl2chan != NULL), function Channel_UserModes, file channel.c, line 742. This closes bug #147, thanks to James Kirwill <james.kirwill@bk.ru> for tracking this down!
Implement new configuration option "HelpFile"
This new configuration option allows to specify a specially formatted text file which can be used by the HELP command to provide information about the commands and their syntaxes.
Add some more casts in assert() statemens
This fixes the following warning messages of gcc 4.5.3 on Cygwin when building with debug code enabled: ng_ipaddr.c: In function ‘ng_ipaddr_init’: ng_ipaddr.c:52:2: warning: comparison between signed and unsigned integer expressions ng_ipaddr.c:53:20: warning: comparison between signed and unsigned integer expressions resolve.c: In function ‘ForwardLookup’: resolve.c:271:3: warning: comparison between signed and unsigned integer expressions
Commands.txt: Import descriptions from "rbose/command_help"
Import command description texts from the "rbose/command_help" branch, which have been written by DNS <dns@rbose.org> -- thanks a lot!
Makefiles: Correctly quote sed expressions
Now the Makefiles support spaces in "$sysconfdir", which isn't uncommon for Cygwin for example, when $HOME contains whitespaces ("/home/User Name") and ngIRCd is installed into the user home ("./configure --prefix=$HOME").
Commands.txt: Reorder some commands
Reorder some commands and introduce new section "Connection Handling". Idea by DNS <dns@rbose.org>, thanks!
Refactor Read_Motd() into Read_TextFile()
Now this function allows to read arbitrary text files into arrays.
Add a cast in ForwardLookup() to fix a gcc warning on Cygwin
This fixes the following warning message of 4.5.3 on Cygwin: resolve.c: In function ‘ForwardLookup’: resolve.c:273:21: warning: comparison between signed and unsigned integer expressions
ngIRCd Release 20 (tags/rel-20)
Allow user names up to 20 characters
This patch allows user names up to 20 characters when ngIRCd has not been configured for "strict RFC mode". Patch suggested by Brett Smith <brett@w3.org>, see <http://arthur.barton.de/pipermail/ngircd-ml/2012-October/000579.html>.
ngIRCd 20~rc2 (tags/rel-20-rc2)
Rework cloaked hostname handling, implement "METADATA cloakhost"
Now ngIRCd uses two fields internally, one to store the "real" hostname and one to save the "cloaked" hostname. And both fields can be set independently using the "METADATA host" and "METADATA cloakhost" commands. This allows "foreign servers" (aka "IRC services") to alter the real and cloaked hostnames of clients without problems, even when the user itself issues additional "MODE +x" and "MODE -x" commands.
Add a few casts, fix compiler warnings on NetBSD 5
This fixes a few warnings of this type: XXX.c: In function 'AAA': XXX.c:YY: warning: array subscription has type 'char' Tested on NetBSD 5.0.2 with gcc 4.1.3.
irc-info.c: Use strlcpy() instead of strcpy()
This fixes the following warning of gcc (tested on OpenBSD 5.0:) irc-info.c:990: warning: strcpy() is almost always misused, please use strlcpy
ngIRCd 20~rc1 (tags/rel-20-rc1)
conf.c: Use strlcpy() instead of strcpy()
This fixes the following warning of gcc on OpenBSD 5.0: conf.c:728: warning: strcpy() is almost always misused, please use strlcpy()
tool.h: Don't check for and #define PF_INET
This is correctly handled by ipaddr/ng_ipaddr.h today, and the check in tool.h isn't required any more -- and caused errors on OpenBSD 5.0: In file included from ./../tool/tool.h:23: /usr/include/arpa/inet.h:74: warning: "struct in_addr" declared inside parameter list
conf-ssl.h: Use "gnutls_session_t" instead of "gnutls_session"
This fixes the following warning with current versions of GnuTLS: conf-ssl.h:36: warning: "gnutls_session" is deprecated
Add new IRC+ server flag "X": "XOP modes supported"
This flag indicates, that the server supports the enhanced "xop channel user modes", like channel owner, admin, and halfop. This information is used to make sure that no unsupported CHANINFO commands are sent to servers not supporting such mode prefixes, for example.
Remove Anope "ngircd" protocol module patches
Starting with Anope 1.9.8, the ngIRCd protocol module is included in the Anope distribution, so there's no longer any need to support our own (but now heavily outdated!) patches. Therefore remove them.
doc/Services.txt: Update documentation for Anope 1.9.8
Starting with Anope 1.9.8, the ngIRCd protocol module is rewritten from scratch by "DukePyrolator" and included in the Anope distribution. So no patching is required any more, yeah! Drawback: Anope 1.9.8 is in development and not yet released ...
Generate "METADATA host" commands on "MODE +/-x"
Use "METADATA host" commands to let servers supporting this command know which (possibly cloaked) hostname is in effect for a specific client. This prevents "double cloaking" of hostnames and even cloaked hostnames are in sync on all servers supporting "METADATA" now.
Don't cloak already cloaked hostname when using METADATA
A client for which a METADATA command has been received from one of its peers got the client flag "M" set. So it's safe to assume that such a client gets "METADATA host" commands for its cloaked hostname and the server must not cloak the hostname on its own, even when the client mode "+x" is set.
Implement METADATA command to update client metadata
The METADATA command can be used by other servers to update "metadata" of registered clients, like the client info text ("real name"), user name, and hostname: :<prefix> METADATA <target> <key> :<value> It is distributed in the network, unknown <key> names are silently ignored and passed on, too. This allows for further extensions.
PredefChannelsOnly: Fix message for non pre-defined channels
If PredefChannelsOnly is enabled, and if someone tries to create a channel which does not exist, then the error message is a 474. The 474 Error message changed recently and does not match anymore: 'Cannot join channel (+b) -- You are banned'. Changed the error message to numeric 403 'No such channel'. Bug introduced by commit 9a82304a. (cherry picked from commit 2c2e08f34187a33c1da745995c5f213e33a91410)
Send NICK commands with prefix of (target) user
Now NICK commands are always generated using the prefix of the target user, even when the nickname change has been initiated by some other (pseudo) server or using the SVSNICK command. In this case, the prefix of the initiator has been used, but this isn't compatible with clients (at least weechat and irssi don't handle such NICK commands correctly).
Implement SVSNICK command to change remote nicknames
The SVSNICK command allows other servers (and services on "pseudo-servers") to forcefully change nicknames of remote users. Syntax: ":<from> SVSNICK <oldnick> <newnick>" The SVSNICK command itself doesn't change the nickname, but it becomes forwarded to the server to which the user is connected to. And then this server initiates the real nickname changing using regular NICK commands. This allows to still run networks with old servers not supporting the SVSNICK command, because SVSNICK commands for nicknames on such servers are silently ignored and don't cause a desync of the network.
Fix warning message introduced when cleaning up IRC_SERVER()
This reverts a not intentional code change and fixes the following compiler warning message (tested with gcc 4.4.5): irc-server.c: In function "IRC_SERVER": irc-server.c:142: warning: suggest parentheses around operand of "!" or change "&" to "&&" or "!" to "~"
Make server reconnect time a little bit more random
Add randomly up to 15 seconds to the reconnect delay for outgoing server links when the connection has been "short" and therefore the "ConnectRetry" delay is being enforced. This should make it even more unlikely that two servers deadlock each other when both are trying to connect to the other one at the same time, for example in test environments.
Don't accept connections for servers already beeing linked
If two servers try to link each other, there was a time frame that could result in one connection overwriting the other, e. g. the incoming connection overwriting the status of the outgoing one. And this could lead to all kind of weirdness (even crashes!) later on. So now such incoming connections are dropped. But this most probably prevents the two servers from linking until timing changes somehow (network latency?) because each server drops the incoming connection of the other one, so no connection survives in the end. But this has to be addressed by an other patch ...
Use lowercase "package name" for syslog logging again
This is how ngIRCd up to release 19.2 behaved; "bug" introduced by commit 67e882, "configure.in: require autoconf 2.67 and automake 1.11", which changed the "PACKAGE_NAME" to "ngIRCd"; so use "PACKAGE" which still is the lowercase version for initializing syslog logging.
Allow remote servers and IRC Ops to change channel topics
Remote servers are always allowed to change all channel topics, and IRC Operators are allowed to change all channel topics if the configuration option "OperCanUseMode" is enabled. Bug introduced by commit 7b01bb8 and reported by DNS777.
Increased maximum number of possible user and channel modes
Currntly ngIRCd supports 13 user and 15 channel modes, because there have been quite a few additions since our last release. But our data structures can only hold 15 user and -- even worse! -- only 9 channel modes! So enlarge the buffers to 20 bytes (actually 21 including NULL) to allow storing of all mode characters and to have some space left for more modes to come ... (cherry picked from commit 8996d777621d88d4bcc439ab4792b2814920687f)
Update error messages for user mode +b and channel Mode +M.
Replaced error message for channel mode +M with ERR_NEEDREGGEDNICK_MSG (used by Bahamut, inspircd, ircu & Unreal too) and using numeric 477 and the msg simliar like inspircd. Replaced the error message ERR_CANNOTSENDTONICK_MSG for user mode +b with ERR_NONONREG_MSG and using numeric 486, similar like unrealircd. (cherry picked from commit 55a61ab17f63a9e757b7c7598c31b98ce5a132e8 and commit 3737d9ab7da1ea0485cefc07c65dc5308bf0db02)
Disable UID/GID checks on "single user OS"
Don't abort on "single user operating systems" that don't know more than one user account and therefore can't change user and group IDs. Currently, the only such system supported by ngIRCd is Haiku, a BeOS clone.
Search gethostbyname() in libbind and libnetwork
This is required for Haiku (BeOS clone) at least.
Update manual pages
Among other little things, bring project description in line with website.
Implement user mode "b": block messages
When a user has set mode "b", all private messages and notices to this user are blocked if they don't originate from a registered user, an IRC Op, server or service. The originator gets an error numeric sent back in this case, ERR_CANNOTSENDTONICK_MSG(976), which is/was(?) used by KineIRCd, too. This closes bug #144.
Fix ERR_CANNOTSENDTOCHAN_MSG message
This error message is not only used if one can not send to a channel because it is moderated, but for _all_ reasons when a message can not be delivered (moderated, banned, no external messages, ...), so strip the "(+m) -- Moderated" part of the error message again. Bug introduced by commit 9a82304a.
Shorten filenames of Anope protocol module patchfiles
Filenames have been too long and couldn't be stored in all tar archive formats ...
WHOIS: show RPL_WHOISHOST_MSG to all IRC Ops in the network
Not only show RPL_WHOISHOST_MSG to local IRC opreators, but show it to all IRC operators in the network. And don't show it to anybody if the "more privacy" configuration option is enabled. This closes bug #134.
Test suite: make expect scripts more verbose
Now tests.sh transforms each expect script it executes using sed(1) and inserts a 'puts -nonewline stderr "."' in front of each "expect" command.
Merge branch 'bug141-ModesQq'
This closes bug #141. * bug141-ModesQq: KICK-protect IRC services Implement channel mode "Q" and user mode "q" Conflicts: src/ngircd/defines.h src/ngircd/messages.h
Show active user modes in WHOIS reply
Implement numeric RPL_WHOISMODES_MSG(379) and show user modes in the reply of the WHOIS command for the user himself or, if MorePrivacy isn't set, for request initiated by an IRC operator. Numeric 379 is used by Unreal and InspIRCd for this purpose, too. Closes bug #129.
Implement channel mode 'V' (invite disallow)
If the new channel mode "V" is set, the INVITE command becomes invalid and all clients get the new ERR_NOINVITE_MSG(518) reply. Unreal and InspIRCd uses this mode, too. This closes bug #143.
Implement channel mode "Q" and user mode "q"
Both modes protect users from channel kicks: only IRC operators and servers can kick users having mode "q" or in channels with mode "Q". Original patch by DNS777 <dns@rbose.org>, thanks! This closes bug #141.
Allow channel admins to "de-admin" channel members
This patch fixes unsetting of channel user mode "+a" (channel admin) and adds a better error message: without this patch, a channel admin is unable to unset this mode. This closes bug #142.
Merge branch 'bug109-CHARCONV'
This closes bug #109. * bug109-CHARCONV: Debian: require "telnet" or "telnet-ssl" for building Debian ngircd-full[-dbg]: enable CHARCONV Add "CHARCONV" to "feature string" when enabled Implement new IRC+ "CHARCONV" command Added new configure option "--with-iconv" Conflicts: src/ngircd/messages.h
Fix spelling: ERR_CHANOPPRIVTOLOW_MSG -> ERR_CHANOPPRIVTOOLOW_MSG
Thanks to DNS for pointing this out, see bug #126!
Test suite: don't use "mkdir -p"
"mkdir -p" is not supported on all platforms. Tested with Apple A/UX 3.1.x.
ERR_CHANNELISFULL_MSG: better wording
(cherry picked from commit 0fcfa7e00fa8e098dd3724c7188c88ac82a52881)
Implement new IRC+ "CHARCONV" command
See bug 109 and doc/Protocol.txt for details and documentation.
Send RPL_REHASHING if rehash was accepted
(cherry picked from commit f1b171a09cd076f743a7fff221fa7aa752abb374)
Added new configure option "--with-iconv"
The iconv library should be used for implementing the new CHARCONV IRC command discussed in bug 109. And because CHARCONV will be an IRC+ feature, we only test for libiconv if IRC+ is enabled as well.
Change variable name "SSLDHFile" to "DHFile" in log messages
(cherry picked from commit d96db0a2e56d310177edb45d0a8b164a37992ab1)
Move ConnSSL_InitLibrary() "dummy" from header into C file
(cherry picked from commit 5fd88c81a70d0c9e627f08522e57d251586288eb)
NJOIN: correctly reset channel level flags
This fixes commit 7b01bb83. Bug reported by DNS777 <dns@rbose.org>, thanks!
Merge branch 'autoconf-update'
Update GNU autoconf and automake infrastructure. Tested on modern systems as well as Apple A/UX :-) * autoconf-update: AUTOMAKE_OPTIONS: fix ansi2knr option, include path Don't use AC_FUNC_MALLOC and AC_FUNC_REALLOC Make our own targets "silent", if enabled configure.in: use AC_CHECK_{FUNCS|HEADERS}_ONCE Updated config.{guess|sub} to version 2012-08-14 Make autogen.sh more verbose when VERBOSE=1 is set configure.in: use AC_SEARCH_LIBS (not AC_CHECK_LIB) configure.in: use AS_HELP_STRING macro configure.in: use AC_CANONICAL_HOST (not AC_CANONICAL_TARGET) configure.in: inttypes.h is an optional header file Use HAVE_SETSID #define when testing for setsid() Don't include <stdint.h>, it is included by "portab.h" Don't check type.h availability, it is required configure.in: Use AC_CONFIG_FILES macro configure.in: Don't use AC_C_PROTOTYPES configure.in: Update checks for required and optional features configure.in: require autoconf 2.67 and automake 1.11 configure.in: sort some lists (templates, output, ...)
Simplify check for valid user names in IRC_USER().
Patches from Federico G. Schwindt, thanks! (cherry picked from commit a44b7126227ba1118ec02b399e31b08102af5e8c and 6fbe9583753b2620da275676cde46a89cb4d06c2)
AUTOMAKE_OPTIONS: fix ansi2knr option, include path
Set correct relative path to ansi2knr.c in AUTOMAKE_OPTIONS, so that ansi2knr.{1|c} is only included once in the distribution archive.
Allow user mode +x only when "CloakHostModeX" is set
Allow users to "cloak" their hostname only when the configuration variable "CloakHostModeX" (introduced in 19.2) is set. Otherwise, only IRC opertators, other servers, and services are allowed to set mode +x. This prevents regular users from changing their hostmask to the name of the IRC server itself, which confused quite a few people ;-) This fixes bug #133.
Don't use AC_FUNC_MALLOC and AC_FUNC_REALLOC
We don't expect the GNU'ish behaviour of of malloc() and realloc() and never implemented the replacement functions rpl_malloc()/rpl_realloc() -- so these test result in linking failues on systems that don't have a GNU'ish malloc() and realloc() even though we don't require it! Introduced by commit 47ad9afc.
Merge pull request #2 from briancollins/master
Fix IRC_Send_NAMES not sending correct prefix for certain clients.
New configuration option "OperChanPAutoOp"
If disabled, IRC operators don't become channel operators in persistent channels when joining. Enabled by default, which has been the behavior of ngIRCd up to this patch. Closes bug #135. (Cosmetic fixes by Alex.)
Correctly re-initialize signal handlers on RESTART
This fixes part 2 of bug #127 :-)
Fix NAMES response when client has multi-prefix
Two fixes here: IRC_Send_NAMES was checking the capability of the wrong client when responding, and it didn't return any prefix for clients that had either +v or +o but not both.
Allow opers to see secret (+s) channels in LIST command
As long as 'MorePrivacy' isn't enabled in the configuration file, local IRC operators can see secret (+s) channels when using the LIST command. Closes bug #136.
New_Connection(): mark "IsSSL" parameter as UNUSED
This fixes the following warning message when building without SSL support: conn.c: In function "New_Connection": conn.c:1365: warning: unused parameter "IsSSL" Introduced by commit 01b62202.
Merge branch 'better-chan-errors'
By Alexander Barton (1) and DNS777 (1) * better-chan-errors: Remove unused ERR_CANNOTSENDTOCHAN2_MSG message Add some more information to channel error numerics
configure: only use AM_PROG_AR when available
This fixes commit 78d189fb on systems with older automake ...
Show a warning on startup if config file is not a full path
ngIRCd is a long-running process and changes its working directory to "/" to not block mounted filesystems and the like when running as daemon ("not in the foreground"); therefore the path to the configuration file must be relative to "/" (or the chroot() directory), which basically is "not relative", to ensure that "kill -HUP" and the "REHASH" command work as expected later on. This fixes parts of bug #127.
Merge branch 'move-connection-password' of git://arthur.barton.de/ngircd-alex
This patch series converts the statically allocated password buffer in the CLIENT structure into a dynamically (and only when needed) allocated buffer which is referenced by the CONNECTION structure. This a) saves memory for clients not using passwords at all and b) allows for "arbitrarily" long passwords. By Brett Smith (5) and Alexander Barton (2). * 'move-connection-password' of git://arthur.barton.de/ngircd-alex: Login_User(): use "conn" insted of calling Client_Conn(Client) Free already saved password when storing a new one Indentation and style fixes. Connection password is not constant. Implementation clean-ups. Dynamically allocate memory for connection password. Move client password from the Client to the Connection struct.
Create &SERVER channel after predefined channels
This patch allows you to define &SERVER in a [Channel] block yourself and to overwrite the built-in topic and channel modes. Fixes bug #131.
Enhance "ServiceMask" to handle a list of masks
The "ServiceMask" variable in "Server" blocks now can handle more than one mask using the new MatchCaseInsensitiveList() function. This makes marking "service clients" much more specific, which is a good thing per se, but which is the prerequisite for reasonably blocking these nick names, too (see commit a6dd2e3 for details).
Rename configure.in to configure.ac
This fixes automake: warning: autoconf input should be named 'configure.ac', not 'configure.in' when running the autogen.sh script.
configure.in: use AC_SEARCH_LIBS (not AC_CHECK_LIB)
Use the AC_SEARCH_LIBS macro to test for "sometimes but not always" required libraries, not AC_CHECK_LIB.
WHO #channel: don't limit list size
It makes no sense to limit the list size when doing WHO for a channel and not to return all the users in that channel, so I removed the check. But if there are more than MAX_RPL_WHO(25) replies, the client requesting the list will be "penalized" one second more (then 2 in total). This fixes bug #125.
Free already saved password when storing a new one
This shouldn't happen (clients aren't allowed to send more than one PASS command), but who knows ...
configure.ng: use AM_PROG_AR to check ar(1) command
This fixes automake-1.12/am/library.am: warning: 'libngipaddr.a': linking libraries using a non-POSIX .../automake-1.12/am/library.am: archiver requires 'AM_PROG_AR' in 'configure.in' src/ipaddr/Makefile.am:12: while processing library 'libngipaddr.a' and similar warnings of automake.
Define EV_SET() for kqueue() on systems that don't have it
Some systems, notably FreeBSD 4.x, do have the kqueue() function but lack the definition of EV_SET() in their header files -- but don't worry, we can #define it on our own ;-) Definition taken from /usr/include/sys/event.h of FreeBSD 8.1. Patch tested on FreeBSD 4.1 by Götz Hoffart. Thanks!
Block nicknames that are reserved for services
This patch introduces the new function Conf_NickIsBlocked() which checks if a given nick name matches with the "service mask" of a configured server. And Client_CheckNick() uses this information to deny such names for regular IRC users. So nick names intended for IRC services are more protected and can't be used by regular users even when the "services pseudo-server" isn't connected to the network. But please note: Up to now, there can be only one "ServiceMask" pattern per server, which most probably blocks much more nick names than really required ... So "ServiceMask" should allow more than one pattern which can be more specific, and most probably it should be possible to block nick names in the global server configuration as well. Nick names introduced by other servers/services are never restricted.
Merge branch 'automake-am11-am12'
* automake-am11-am12: autogen.sh: detect automake version format a.b.c and a.b configure.ng: don't require GIT tree to detect version string Include .mailmap file in distribution archives Include all build-system files into distribution archives Change build system to support new and old GNU automake
configure.in: use AC_CANONICAL_HOST (not AC_CANONICAL_TARGET)
See the autoconf manual for details: http://www.gnu.org/software/autoconf/manual/autoconf.html#Specifying-Target-Triplets
Connection password is not constant.
Saying otherwise makes a warning when we assign this to conv.appdata_ptr in pam.c.
Implementation clean-ups.
* Have Conn_Password return an empty string when no password has been set, to play better with pam.c. * Use strdup in Conn_SetPassword.
New function Conn_StartLogin() to finish connection initialization
Conn_StartLogin() is called after the connection has been established and fully innitialized, including the SSL handshake, for example. Up to this patch, the "NoticeAuth" option broke the SSL handshake ...
Xcode: use certificate of Alex for code signing
When doing non-debug Xcode builds, use the "Developer ID Application: Alexander Barton" certificate for code signing by default.
automake: enable colored test output, if available
The "color-tests" option can't be checked for, but is available starting with automake 1.11 which introduced AM_SILENT_RULES -- so we check this ...
Convert CONN_ID and Conf_MaxConnections to "int" datatype
We can't handle more connections than accept(2) can supply, and accept(2) returns an "int" ...
Move client password from the Client to the Connection struct.
This is a relatively naive implementation, basically doing the bare minimum necessary to make the switchover go. Subsequent commits can focus on improving the implementation.
"make uninstall": remove ngircd.conf if not modified
Now "make uninstall" removes the installed "ngircd.conf" file, if it is still equal to our "sample-ngircd.conf" file and therefore hasn't been modified by the user. If it has been modified, it isn't removed and a notice is displayed to the user. In addition, "make install" now displays a message when no ngircd.conf file exists and the "sample-ngircd.conf" file will be installed as a starting point.
Introduce numeric RPL_HOSTHIDDEN_MSG(396)
This numeric is sent to the client each time it changes its displayed hostname using "MODE +/-x", and if "CloakHost" is set right after the MOTD has been sent.
contrib/ngircd.service: systemd service file for ngircd
Thanks to Kyle Keen <keenerd@gmail.com>: Date: Sat, 18 Aug 2012 08:28:22 -0400 Message-ID: <CAAKTTKNNmrB=8XtxcV6w1Q-RQ6J_xTTDGD4MHQFaDy6V3=B19Q@mail.gmail.com> From: keenerd <keenerd@gmail.com> To: ngircd-ml@ngircd.barton.de Subject: [ngIRCd-ML] systemd service Hello all. Linked is a service file for ngircd. Please add this to your source tree so other people don't have to learn to write service files ;-) https://projects.archlinux.org/svntogit/community.git/plain/trunk/ngircd.service?h=packages/ngircd -Kyle Keen Arch Linux TU http://kmkeen.com
Loose GNU autoconf / automake requirements a bit
Now ngIRCd requires at least GNU autoconf 2.61 and automake 1.10, the requirements of commit 67e882d4 have been too restrictive: 19.2 67e882d4 now ---------- --------- --------- --------- autoconf >=2.50 >=2.67 >=2.61 automake >=1.6 >=1.11 >=1.10 The tools required now are supported by Debian GNU/Linux 4.0 "Etch", RedHat Enterprise Linux 5, and Mac OS X 10.6.x for example. I read the changelogs of autoconf and automake, and I think ther's nothing that prevents it from working with these older versions; and we don't want to force users to upgrade without real benefits. Please note: the recommended versions are still autoconf 1.11.x and the most recent autoconf release that works with automake 1.11.x!
Change build system to support new and old GNU automake
Starting with GNU automake 1.12, the "de-ANSI-fication support" has been removed, which ngIRCd used to enable building itself on very old systems. Now the problem is, that using automake >= 1.12 isn't working because of the now unsupported M4 macros. Therefore the solution that this patch implements is to dynamically generate the automake input files with our own ./autogen.sh script: configure.ng => configure.in Makefile.ng => Makefile.am This is quite an ugly approach, but it works and enables us to: 1. use current automake >= 1.12 for development and "private builds", 2. still build distribution archives using automake 1.11.x that have "de-ANSI-fication support" enabled in the generated Makefile's. And if you are using Makefile's generated with a automake version newer than 1.11.x (without "de-ANSI-fication support"), the ./configure script warns you not to use this generated build system to generate distribution archives. Drawback of this patch: you MUST use our autogen.sh script, you can't call the autoconf/automake commands directly any more; but autoreconf should still work ...
Always cloak client hostname, if needed
Not only cloak the hostname in Client_MaskCloaked(), but also in Client_HostnameCloaked() -- so move the actual cloaking to this function and call it in Client_MaskCloaked() to get the (cloaked) hostname. This fixes USERHOST not displaying the correctly cloaked hostname, for example.
ngt_RandomStr(): Add implicit cast to "unsigned".
This fixes the following warning of Xcode 4.5: src/tool/tool.c:150:19: Implicit conversion loses integer precision: 'long' to 'unsigned int'
Merge branch 'bug92-xop'
By Alexander Barton (5) and Sebastian Köhler (2) * bug92-xop: Fix NAMES/WHO response when client has multi-prefix Fix prefix of "halfop" when "multi-prefix" is active Clean up doc/.gitignore doc/Modes.txt: add version number to new channel modes Fix some "whitespace glitches" Tests and documentation for xop Implemented xop support Conflicts (because of "multi-prefix fix"): src/ngircd/irc-info.c This fixes bug #92 "ngircd does not support XOP usermodes".
configure.in: Don't use AC_C_PROTOTYPES
Don't use AC_C_PROTOTYPES, AM_C_PROTOTYPES is already used.
Fix a buffer overflow when initializing the random salt for "+x"
This "off by one" buffer overflow has been introduced in commit 49385a98, "Implemented hashed cloaked hostnames for +x".
Fix NAMES/WHO response when client has multi-prefix
This has been fixed by commit 16f94546 "Fix NAMES response when client has multi-prefix" in the master branch, fix it in this patch series, too.
Free all listen ports on initialization
Now you can reconfigure listen ports and reload the server configuration on runtime. Without this patch, no ports could be removed.
configure.in: Update checks for required and optional features
Update checks for required and optional header files, data types, and functions.
Merge branch 'umode-B'
This patch series allows ngIRCd to support the user mode "B" ("Bot flasg"): it is settable and unsettable by every (non-restricted) client. According to DNS777, this is how Unreal and InspIRCd do behave, so do we :-) By Alexander Barton (1) and DNS777 (1) * umode-B: Add new user mode "B" to doc/Modes.txt Implement an Unreal-like user mode "B" ("Bot mode")
configure.in: Use AC_CONFIG_HEADER instead of AM_CONFIG_HEADER
AM_CONFIG_HEADER is marked obsolete and will be removed in Automake 1.13.
Initialize SSL when needed only, and disable SSL on errors
With this patch, the SSL subsystem will only be initialized if at least one SSL ports is configured; so you won't get "SSL initialization failed" messages if you didn't configured it at all. And if SSL initialization fails, no SSL listen ports will be enabled later which never could establish a working SSL connection at all ...
configure.in: require autoconf 2.67 and automake 1.11
And use newer features such as bug reporting address and project URL.
Merge branch 'recognize-umode-R'
By Alexander Barton (1) and DNS777 (1) * recognize-umode-R: Only allow IRC services to modify user mode "R" Recognize user mode "R"
Fix compiler warning when not building with ZLIB support
This fixes: irc.c: In function ‘Option_String’: irc.c:333:9: error: variable ‘options’ set but not used
Recognize user mode "R"
This allows users to unset the user mode "R".
Hashed hostnames for CloakHost
Implemented support for hashed hostnames for CloakHost. The admin can use '%x' in both the CloakHost and CloakHostModeX setting. The config option CloakHostModeX was renamed to CloakHostSalt. This salt is used for both cloaking options.
Fix some "whitespace glitches"
Some have been introduced by commit 7b01bb83, some are older.
Implemented hashed cloaked hostnames for +x
CloakHostModeX can now contain '%x'. It will be replace by the hash of the original client hostname. The new config option CloakHostModeXSalt defines the salt for the hash function. When CloakHostModeXSalt is not set a random salt will be generated after each server restart. Spelling fix in defines.h
Merge branch 'xop' of https://github.com/kart0ffelsack/ngircd into bug92-xop
* 'xop' of https://github.com/kart0ffelsack/ngircd: Tests and documentation for xop Implemented xop support Conflicts (because of merge of the 'cmode-M' branch): src/ngircd/channel.c src/ngircd/defines.h src/ngircd/messages.h
Merge branch 'cmode-M'
By Alexander Barton (2) and DNS777 (1) * cmode-M: Add new channel mode "M" to doc/Modes.txt Remove Can_Send_To_Channel_Identified() Implement channel mode "M"
ngIRCd release 19.2 (tags/rel-19.2)
Remove Can_Send_To_Channel_Identified()
Move the functionality directly into Can_Send_To_Channel() function. There should be no functional change ...
Implemented xop support
3 new channel user modes have been added. Half Op: +h(Prefix: %) can set the channel modes +imntvIbek and kick all +v and normal users. Admin: +a(Prefix: &) can set channel modes +imntvIbekoRsz and kick all +o, +h, +v and normal users. Owner: +q(Prefix: ~) can set channel modes +imntvIbekoRsz and kick all +a, +o, +h, +v and normal users
ngIRCd release 19.2~rc1 (tags/rel-19.2-rc1)
Implement channel mode "M"
Only the server, identified users and IRC operators are able to talk.
Merge branch 'bug124-CloakHostModeX'
* bug124-CloakHostModeX: Describe "CloakHostModeX" in sample-ngircd.conf an ngircd.conf(5) Rename "CloakModeHost" option to "CloakHostModeX" Introduce new configuration option "CloakModeHost" This closes bug #124.
Correctly handle asynchronously re-established server links
Don't try to establish an outgoing server link after DNS lookup when this server re-connected on its own in the meantime. In addition, log a warning message if we try to update the connection index of an already connected server structure -- and ignore it. Up to now, both behaviour could lead to a race when the remote server connects to this daemon while it still prepares the outgoing connection: - The local server prepares the new outgoing connection ... - in the meantime the remote server becomes connected and registered. - Now the new outgoing connection overwrites the (correct) socket handle, - then the 2nd connection becomes disconnected: "already registered", - and the 1st connection becomes unhandled ("gets lost") because the configuration structure is reset because of the wrong socket handle. This patch hopefully fixes all these problems.
Introduce new configuration option "CloakModeHost"
This closes bug #124.
doc/Platforms.txt: more updates
Added: - armv6l/unkn./linux-gnueabi, gcc 4.4.5 - i686/pc/linux-gnu, gcc 2.7.2 Updated: - i386/pc/solaris2.11, gcc 4.2.3 Thanks to Götz Hoffart!
NoticeAuth: Fix test if IDENT reply has been invalid
This fixes conn.c: In function ‘cb_Read_Resolver_Result’: conn.c:2252: warning: comparison between pointer and integer
IDENT reply: only allow alphanumeric characters in user name
Only alphanumeric characters are allowed in the user name, so ignore all IDENT replies that would violate this rule and use the one supplied by the USER command.
USER command: only allow alphanumeric characters in user name
Only alphanumeric characters are allowed in the user name, so terminate the connection if any "strage" characters have been supplied by the user. This is how other IRC daemons (like ircd2.11 and ircd-seven) behave ...
Change wording of "TLS initialized" message
Don't use the word "socket" to identify the connection number, but use the word "connection" like on all the other messages logged.
Pidfile_Create(): Don't leak file descriptor on error path
Detected by cppcheck: [src/ngircd/ngircd.c:502]: (error) Resource leak: pidfd
INSTALL: Add "satisfy prerequisites" section
Include information for RedHat/Fedora and Debian/Ubuntu based Linux distributions.
irc-cap.c: mark arguments of Handle_CAP_ACK() as "unused"
This fixes irc-cap.c: In function ‘Handle_CAP_ACK’: irc-cap.c:163: warning: unused parameter ‘Client’ irc-cap.c:163: warning: unused parameter ‘Arg’
irc-login.c, login.c: add missing include of "string.h"
This fixes the following warnings with GCC 4.4.5 on Linux: irc-login.c: In function ‘IRC_PASS’: irc-login.c:92: warning: implicit declaration of function ‘strlen’ irc-login.c:92: warning: incompatible implicit declaration of built-in function ‘strlen’ irc-login.c:113: warning: incompatible implicit declaration of built-in function ‘strlen’ irc-login.c:129: warning: implicit declaration of function ‘strchr’ irc-login.c:129: warning: incompatible implicit declaration of built-in function ‘strchr’ irc-login.c:133: warning: implicit declaration of function ‘strcmp’ irc-login.c: In function ‘IRC_SERVICE’: irc-login.c:556: warning: incompatible implicit declaration of built-in function ‘strchr’ login.c: In function ‘Login_User’: login.c:131: warning: implicit declaration of function ‘strcmp’
Merge branch 'master' of /srv/git/ngircd
* 'master' of /srv/git/ngircd: "multi-prefix" capability 2/2: adjust NAME and WHO handlers "multi-prefix" capability 1/2: implement complete CAP infrastructure IRC_Send_NAMES(): Code cleanup New function Client_CapSet() in addition to Client_Cap{Add|Del} "CAP REQ" starts capability negotiation and delays user registration Xcode: update project file for Xcode 4.3 Correctly handle "CAP END", new client type CLIENT_WAITCAPEND Implement core IRC capability handling and "CAP" command New "login" source file Introduce_Client() => Client_Introduce(), and move it to client.c
contrib/platformtest.sh: support "CC=xxx MAKE=yyy ./platformtest.sh"
Now you can use contrib/platformtest.sh on platforms that require a "special" make (not "make") or compiler (not cc/gcc) binary.
Merge branch 'capabilities'
* capabilities: "multi-prefix" capability 2/2: adjust NAME and WHO handlers "multi-prefix" capability 1/2: implement complete CAP infrastructure IRC_Send_NAMES(): Code cleanup New function Client_CapSet() in addition to Client_Cap{Add|Del} "CAP REQ" starts capability negotiation and delays user registration Correctly handle "CAP END", new client type CLIENT_WAITCAPEND Implement core IRC capability handling and "CAP" command New "login" source file Introduce_Client() => Client_Introduce(), and move it to client.c
"multi-prefix" capability 2/2: adjust NAME and WHO handlers
The NAME and WHO commands now return multiple usermode prfixes when the "multi-prefix" capability is in effect for the requesting client. See <http://ircv3.atheme.org/extensions/multi-prefix-3.1>
Xcode: update project file for Xcode 4.3
(No changes needed)
"multi-prefix" capability 1/2: implement complete CAP infrastructure
Now ngIRCd is able to handle "CAP LS", "CAP REQ", "CAP LIST", and "CAP CLEAR" commands. "multi-prefix" can be set/unset, but has no functionality - yet!
Fix 8ec17063: "Lists_Add(): use size of destination when copying data"
Thanks to Florian Westphal for spotting my silliness ...
Lists_Add(): use size of destination when copying data
This fixes the following warning of clang: /src/ngircd/lists.c:152:44: warning: size argument in 'strlcpy' call appears to be size of the source; expected the size of the destination [-Wstrlcpy-strlcat-size] But it isn't a real problem, because the size of the source always is the same than the size of the destination ...
"CAP REQ" starts capability negotiation and delays user registration
New helper function Set_CAP_Negotiation().
Makefiles: list each source files on a separate line
Patches that add/remove source files become much nicer this way :-)
Implement core IRC capability handling and "CAP" command
This patch implements the core functions to support "IRC Capabilities" and the IRC "CAP" command as used by other servers and specified here: <http://www.leeh.co.uk/draft-mitchell-irc-capabilities-02.html>. It enables ngIRCd to support the defined handshake, but it doesn't implement any capabilities, so "CAP LS" and "CAP LIST" always return the empty set and "CAP REQ ..." always fails with "CAP NAK".
Don't ignore "permission denied" errors when enabling chroot
Up to now, ngIRCd silently ignored permission denied errors when trying to enable a chroot setup: only the "not running chrooted" message became logged later on. This patch lets ngIRCd exit with a fatal error when the chroot can't be enabled on startup -- this is the much safer bevahiour!
New "login" source file
Rename Hello_User[_PostAuth] to Login_User[_PostAuth] and move it to the new login.c; and move cb_Read_Auth_Result(), too. This will enable further code to easily call Login_User() when required.
ngIRCd Release 19.1 (tags/rel-19.1)
Fix gcc warning, initialize "list" variable to NULL
This fixes the following warning with gcc 4.6.3.: irc-mode.c: In function "Channel_Mode": irc-mode.c:947:26: error: "list" may be used uninitialized in this function irc-mode.c:884:25: error: "list" may be used uninitialized in this function (The variable has never been used uninitialized, so don't worry)
Fix manual page "hyphen-used-as-minus-sign" error (lintian)
Thanks to Christoph Biedl for reporting this!
Fix typo: Please not -> Please note
Thanks to Götz Hoffart!
Fix typo: recieved -> received
Thanks to Christoph Biedl.
getpid.sh: Fix testcase error for Debian using sbuild
When * building the ngircd Debian package (on Linux at least) and * using the sbuild build system, the command "ps -af" does not include the commands running inside the sbuild system. Therefore, start-server.sh will report a fail as getpid.sh cannot not find the ./T-ngircd1 just started although it's actually running. This results in a funny build log ... starting server 1 ... failure! FAIL: start-server1 running connect-test ... ok. PASS: connect-test The self-test of getpid.sh however will likely succeed as it's happy if it sees any process with "sh" somewhere in the name. Things go downhill from there. The confusing things are: * The alternative cowbuilder/pbuilder does not have this problem. * The alternative usage "ps ax" does fine. So, as a quick hack, the patch attached adds another switch to getpid.sh.
Don't log "ngIRCd hello message" two times
Start "regular" logging not until the configuration file has been read in and "SyslolgFacility" is set, and log all configuration errors using the generic "daemon" facility. So if there are no configuration errors, logging starts right after parsing the configuration and we log the configuration file used _after_ reading it. But this is no problem because every configuration error message includes the configuration file name as well. (The "double hello" has been introduced by commit 3641e5110952)
ngIRCd release 19 (tags/rel-19)
Merge branch 'master' of /srv/git/ngircd
* 'master' of /srv/git/ngircd: Update doc/Platforms.txt for ngIRCd 19 doc/README-Interix.txt: note that GNU make should be used
Fix C syntax: duplicate ";;" should be ";"
Using gcc 2.7.2, this fixes: irc-channel.c: In function `join_allowed': irc-channel.c:86: parse error before `const'
Correctly re-open syslog logging after reading of configuration
Syslog logging has been initialized before reading the configuraton file, so ngIRCd always used the default facility and ignored the "SyslogFacility" configuration option. Thanks to Patrik Schindler for reporting this issue!
ngIRCd release 19~rc1 (tags/rel-19-rc1)
Fix forwarding of LIST commands
Bug reported by Cahata, thanks!
New_Connection(): don't set the client hostname twice
Setting the hostname twice doesn't do much harm a lot, but isn't elegant. And for IPv6 addresses, it isn't correct the first time (missing []) ...
io: remove outer do {} while loops for epoll/kqueue/devpoll backends
simplifies things a bit. io_dispatch() is called repeatedly from the main loop.
Enhance server command limits
This patch updates the limits for handling commands from a remote server: - "<user count> / 5 + <min>" using "<min>=10" during normal operation, - the above count multiplied with 5 while servers are syncing. The intention is to a) make the limit dependent of the number of users in the network (the more users, the more commands required to sync) and b) to significantly rise this limit while servers are joining the network to make the login and synchronization faster.
Send a PING at the end of the server sync to detect it
At the end of sending all "state" to the remote server, a PING command is sent to request a PONG reply. Until then, no "regual" PING was sent, so Conn_LastPing(<connection>) is null and now becomes non-null in the PONG command handler. So the servers are still synchronizing when Conn_LastPing(<connection>) is 0, which could easily be tested.
RPL_ISUPPORT_MSG(005): add "EXCEPTS=e INVEX=I"
Thanks to Cahata for the idea!
Fix "MAXLIST=beI:50": the limit is the sum of all lists
"Modes which are specified in the same pair share the same maximum size", so "beI:50" means a total of 50 entries, regardless of the list. See <http://www.irc.org/tech_docs/draft-brocklesby-irc-isupport-03.txt>, thanks to Cahata for reporting this!
New RPL_WHOISHOST_MSG(378): show hostname and IP address
The numeric RPL_WHOISHOST_MSG(378) returns the DNS hostname (if available) and the IP address of a client in the WHOIS reply. Only the user itself and local IRC operators get this numeric.
Check G/K-Lines before the client has been registered, too
This allows to use "*!<user>@<host>" or "*!*@<host>" masks to reject clients even before receiving PASS, NICK and USER commands and before forking authentication child processes which reduces resource usage.
Streamline handling of connection rejects (bad password, G/K-line)
- Use Client_Reject(), get rid of Reject_Client(). - Refactor Class_IsMember() to Class_GetMemberReason(), - New function Class_HandleServerBans().
Implement channel exception list (mode 'e')
This allows a channel operator to define exception masks that allow users to join the channel even when a "ban" would match and prevent them from joining: the exception list (e) overrides the ban list (b).
PRIVMSG/NOTICE: handle nick!user@host masks case-insensitive
And enhance our test suite to check this a little bit better :-)
PRIVMSG/NOTICE: don't stop list processing on invalid target
Process further targets, even if one has been a server ID: just skip this one with an error message and continue.
Implement user mode 'C': require "same channel" to send message
If the target user of a PRIVMSG or NOTICE command has the user mode 'C' set, it is required that both sender and receiver are on the same channel. This prevents private flooding by completely unknown clients.
Limit channel invite and ban lists to 50 entries
- New function Lists_Count(). - New limit #define MAX_HNDL_CHANNEL_LISTS = 50. - New numeric #define ERR_LISTFULL_MSG(478). - Adjust numeric RPL_ISUPPORT2_MSG(005) accordingly ("MAXLIST")
Remove unused prototype of Lists_AlreadyRegistered()
This prototype has been introduced by commit fa7bb279 in 2006, but as far as I can see, this function never existed ...
Channel lists: Fix duplicate check and error messages
- Check correct list for duplicates when adding items. - Don't generate any messages when adding duplicates or removing non-existing items (this is how ircd-seven and ircu behave). - Code cleanup: Add_Ban_Invite(), Del_Ban_Invite().
Don't stop join handling on faulty channel, skip it (part #2)
Commit 565523cb allowed processing of further channel names given to the JOIN command when a single name was invalid. After this patch, the JOIN command handler continues to process channel name lists even after errors like "channel is full", "too many channels", and the like and generates appropriate error messages for all the channels given by the client.
JOIN command: don't check channel limit if already member
Don't check the channel limit and don't report "too many channels" when trying to join a channel that the client is already a member of.
Return ERR_UNKNOWNMODE(472) for unknown channel modes
The daemon reported ERR_UMODEUNKNOWNFLAG(501), which is wrong.
Limit list replies of LIST, WHO, WHOIS, and MAX_RPL_WHOWAS
Introduce new #define's MAX_RPL_LIST(100), MAX_RPL_WHO(25), MAX_RPL_WHOIS(10), and MAX_RPL_WHOWAS(25).
New function IRC_CheckListTooBig() to check size of list replies
It the limit is reached, a NOTICE is sent to the client and list processing should stop.
DEFAULT_WHOWAS->DEF_RPL_WHOWAS; MAX_CMODES_ARG->MAX_HNDL_MODES_ARG
To streamline naming, in preparation for MAX_RPL_WHO and MAX_RPL_WHOWAS :-)
RPL_ISUPPORT (numeric 005): Report MODES=<MAX_CMODES_ARG>
"Maximum number of channel modes with parameter allowed per MODE command." See <http://www.irc.org/tech_docs/005.html> for details.
Channel modes: really break handling when MAX_CMODES_ARG is hit
This fixes 98493077.
channel modes: only handle MAX_CMODES_ARG modes with arguments
Limit the MODE command to handle a maximum of MAX_CMODES_ARG (5) channel modes that require an argument (+Ibkl) per call. Please note: Further modes that require arguments are silently ignored and end the handling of any further modes. This is similar to the behavior of ircd2.11 (silently ignores but seems to handle other modes) as well as ircd-seven (silently ignores but handles some(!) other modes) ...
Fix handling of channel mode sequence with/without arguments
For example, don't generate wrong error messages when handling "MODE #chan +IIIIItn *!aa@b *!bb@c *!cc@d *!dd@e *!ee@f".
Conn_Write(): Make sure there is a client when detecting its type
The assert(client != NULL) got triggered during our tests, so there is an error path that resulted in the connection being still established (sock >= 0) but the client structure already freed. So Conn_Write() should handle it!
Proc_Close(): Only close socket if it is still valid
It could be invalid when calling Proc_Close() a 2nd time, for exmaple, which could happen when we hit a timeout doing IDENT requests :-(
WHOIS command: make sure matching is case-insensitive
And make sure that RPL_ENDOFWHOIS replies with the unmodified mask like it has been received from the client.
WHOIS command: don't anser queries for IRC servers
Thanks to Cahata for spotting this!
WHOIS command: make sure the reply ends with RPL_ENDOFWHOIS
Up to now, each reply for itself ended in RPL_ENDOFWHOIS and queries for unknown nick names lacked the RPL_ENDOFWHOIS -- both is wrong.
LINKS command: support <mask> parameter
The <mask> can be used to limit the servers shown in the listing.
Add 1 second penalty for every further target on PRIVMSG/NOTICE
This reduces the possibility of flooding channels with commands like "PRIVMSG/NOTICE #a,#n,#c,... :message" a little bit. Problem noticed by Cahata -- thanks!
Conn_SetPenalty(): Add new "penalty time" on each function call
Until now, the penalty time has only been set when longer as the already set one, so it didn't accumulate. And add documentation for and clean up code in Conn_SetPenalty() and Conn_ResetPenalty() functions.
Display correct error message when "Server{UID|GID}" is invalid
This partly closes bug #118. ngIRCd still starts up even when Server{UID|GID} is invalid: then the daemon falls back to "nobody" when running with root(0) privileges (as before).