X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=src%2Fngircd%2Fconf.c;h=4991918d54ade6d843e249bc61205e867d2ab497;hb=8aac36680265124067994391e7efef4e241a0ffd;hp=d19109fcf63f8806c786d3adf2ba8235fd25ee82;hpb=e7256bb8acc5f6cd221f5cffb463ca7463de8d92;p=ngircd-alex.git diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index d19109fc..4991918d 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -89,6 +89,8 @@ static void Init_Server_Struct PARAMS(( CONF_SERVER *Server )); #ifdef SSL_SUPPORT +static void Handle_SSL PARAMS(( int Line, char *Var, char *Ark )); + struct SSLOptions Conf_SSLOptions; /** @@ -109,56 +111,27 @@ ConfSSL_Init(void) } /** - * Output SSL configuration variable containing a file name. - * And make sure that the given file is readable. + * Make sure that a configured file is readable. + * + * Currently, this function is only used for SSL-related options ... * - * @returns true when the file is readable. + * @param Var Configuration variable + * @param Filename Configured filename */ -static bool -ssl_print_configvar(const char *name, const char *file) +static void +CheckFileReadable(const char *Var, const char *Filename) { FILE *fp; - if (!file) { - printf(" %s =\n", name); - return true; - } + if (!Filename) + return; - fp = fopen(file, "r"); + fp = fopen(Filename, "r"); if (fp) fclose(fp); else - fprintf(stderr, "ERROR: %s \"%s\": %s\n", - name, file, strerror(errno)); - - printf(" %s = %s\n", name, file); - return fp != NULL; -} - -/** - * Output SSL-related configuration variables. - * - * @returns true when all SSL-related configuration variables are valid. - */ -static bool -ConfSSL_Puts(void) -{ - bool ret; - - ret = ssl_print_configvar("SSLKeyFile", Conf_SSLOptions.KeyFile); - - if (!ssl_print_configvar("SSLCertFile", Conf_SSLOptions.CertFile)) - ret = false; - - if (!ssl_print_configvar("SSLDHFile", Conf_SSLOptions.DHFile)) - ret = false; - - if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) - puts(" SSLKeyFilePassword = "); - - array_free_wipe(&Conf_SSLOptions.KeyFilePassword); - - return ret; + Config_Error(LOG_ERR, "Can't read \"%s\" (\"%s\"): %s", + Filename, Var, strerror(errno)); } #endif @@ -334,12 +307,11 @@ Conf_Test( void ) config_valid = Validate_Config(true, false); /* Valid tty? */ - if( isatty( fileno( stdin )) && isatty( fileno( stdout ))) { - puts( "OK, press enter to see a dump of your service configuration ..." ); - getchar( ); - } else { - puts( "Ok, dump of your server configuration follows:\n" ); - } + if(isatty(fileno(stdin)) && isatty(fileno(stdout))) { + puts("OK, press enter to see a dump of your server configuration ..."); + getchar(); + } else + puts("Ok, dump of your server configuration follows:\n"); puts("[GLOBAL]"); printf(" Name = %s\n", Conf_ServerName); @@ -397,6 +369,7 @@ Conf_Test( void ) #ifdef IDENT printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); #endif + printf(" MorePrivacy = %s\n", yesno_to_str(Conf_MorePrivacy)); printf(" NoticeAuth = %s\n", yesno_to_str(Conf_NoticeAuth)); printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); @@ -407,18 +380,7 @@ Conf_Test( void ) #ifndef STRICT_RFC printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing)); #endif -#ifdef SSL_SUPPORT - printf(" SSLCertFile = %s\n", Conf_SSLOptions.CertFile); - printf(" SSLDHFile = %s\n", Conf_SSLOptions.DHFile); - printf(" SSLKeyFile = %s\n", Conf_SSLOptions.KeyFile); - if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) - puts(" SSLKeyFilePassword = "); - else - puts(" SSLKeyFilePassword = "); - array_free_wipe(&Conf_SSLOptions.KeyFilePassword); - printf(" SSLPorts = "); - ports_puts(&Conf_SSLOptions.ListenPorts); -#endif + printf(" ScrubCTCP = %s\n", yesno_to_str(Conf_ScrubCTCP)); #ifdef SYSLOG printf(" SyslogFacility = %s\n", ngt_SyslogFacilityName(Conf_SyslogFacility)); @@ -426,6 +388,24 @@ Conf_Test( void ) printf(" WebircPassword = %s\n", Conf_WebircPwd); puts(""); +#ifdef SSL_SUPPORT + puts("[SSL]"); + printf(" CertFile = %s\n", Conf_SSLOptions.CertFile + ? Conf_SSLOptions.CertFile : ""); + printf(" DHFile = %s\n", Conf_SSLOptions.DHFile + ? Conf_SSLOptions.DHFile : ""); + printf(" KeyFile = %s\n", Conf_SSLOptions.KeyFile + ? Conf_SSLOptions.KeyFile : ""); + if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) + puts(" KeyFilePassword = "); + else + puts(" KeyFilePassword = "); + array_free_wipe(&Conf_SSLOptions.KeyFilePassword); + printf(" Ports = "); + ports_puts(&Conf_SSLOptions.ListenPorts); + puts(""); +#endif + opers_puts(); for( i = 0; i < MAX_SERVERS; i++ ) { @@ -710,6 +690,7 @@ Set_Defaults(bool InitServers) #else Conf_Ident = false; #endif + Conf_MorePrivacy = false; Conf_NoticeAuth = false; Conf_OperCanMode = false; Conf_OperServerMode = false; @@ -720,6 +701,7 @@ Set_Defaults(bool InitServers) #endif Conf_PredefChannelsOnly = false; #ifdef SYSLOG + Conf_ScrubCTCP = false; #ifdef LOG_LOCAL5 Conf_SyslogFacility = LOG_LOCAL5; #else @@ -877,7 +859,8 @@ Read_Config( bool ngircd_starting ) strlcpy( section, str, sizeof( section )); if (strcasecmp(section, "[GLOBAL]") == 0 || strcasecmp(section, "[LIMITS]") == 0 || - strcasecmp(section, "[OPTIONS]") == 0) + strcasecmp(section, "[OPTIONS]") == 0 || + strcasecmp(section, "[SSL]") == 0) continue; if( strcasecmp( section, "[SERVER]" ) == 0 ) { @@ -913,7 +896,9 @@ Read_Config( bool ngircd_starting ) continue; } - Config_Error( LOG_ERR, "%s, line %d: Unknown section \"%s\"!", NGIRCd_ConfFile, line, section ); + Config_Error(LOG_ERR, + "%s, line %d: Unknown section \"%s\"!", + NGIRCd_ConfFile, line, section); section[0] = 0x1; } if( section[0] == 0x1 ) continue; @@ -934,6 +919,10 @@ Read_Config( bool ngircd_starting ) Handle_LIMITS(line, var, arg); else if(strcasecmp(section, "[OPTIONS]") == 0) Handle_OPTIONS(line, var, arg); +#ifdef SSL_SUPPORT + else if(strcasecmp(section, "[SSL]") == 0) + Handle_SSL(line, var, arg); +#endif else if(strcasecmp(section, "[OPERATOR]") == 0) Handle_OPERATOR(line, var, arg); else if(strcasecmp(section, "[SERVER]") == 0) @@ -977,6 +966,14 @@ Read_Config( bool ngircd_starting ) /* No MOTD phrase configured? (re)try motd file. */ if (array_bytes(&Conf_Motd) == 0) Read_Motd(Conf_MotdFile); + +#ifdef SSL_SUPPORT + /* Make sure that all SSL-related files are readable */ + CheckFileReadable("CertFile", Conf_SSLOptions.CertFile); + CheckFileReadable("DHFile", Conf_SSLOptions.DHFile); + CheckFileReadable("KeyFile", Conf_SSLOptions.KeyFile); +#endif + return true; } @@ -1074,8 +1071,8 @@ WarnPAM(int UNUSED Line) /** * Handle legacy "NoXXX" options in [GLOBAL] section. * - * TODO: This function and support for "NoXXX" should be removed starting - * with ngIRCd release 19! (One release after marking it "deprecated"). + * TODO: This function and support for "NoXXX" could be removed starting + * with ngIRCd release 19 (one release after marking it "deprecated"). * * @param Var Variable name. * @param Arg Argument string. @@ -1084,7 +1081,7 @@ WarnPAM(int UNUSED Line) static bool CheckLegacyNoOption(const char *Var, const char *Arg) { - if( strcasecmp( Var, "NoDNS" ) == 0 ) { + if(strcasecmp(Var, "NoDNS") == 0) { Conf_DNS = !Check_ArgIsTrue( Arg ); return true; } @@ -1120,13 +1117,6 @@ CheckLegacyGlobalOption(int Line, char *Var, char *Arg) || strcasecmp(Var, "OperCanUseMode") == 0 || strcasecmp(Var, "OperServerMode") == 0 || strcasecmp(Var, "PredefChannelsOnly") == 0 -#ifdef SSL_SUPPORT - || strcasecmp(Var, "SSLCertFile") == 0 - || strcasecmp(Var, "SSLDHFile") == 0 - || strcasecmp(Var, "SSLKeyFile") == 0 - || strcasecmp(Var, "SSLKeyFilePassword") == 0 - || strcasecmp(Var, "SSLPorts") == 0 -#endif || strcasecmp(Var, "SyslogFacility") == 0 || strcasecmp(Var, "WebircPassword") == 0) { Handle_OPTIONS(Line, Var, Arg); @@ -1142,6 +1132,16 @@ CheckLegacyGlobalOption(int Line, char *Var, char *Arg) Handle_LIMITS(Line, Var, Arg); return "[Limits]"; } +#ifdef SSL_SUPPORT + if (strcasecmp(Var, "SSLCertFile") == 0 + || strcasecmp(Var, "SSLDHFile") == 0 + || strcasecmp(Var, "SSLKeyFile") == 0 + || strcasecmp(Var, "SSLKeyFilePassword") == 0 + || strcasecmp(Var, "SSLPorts") == 0) { + Handle_SSL(Line, Var + 3, Arg); + return "[SSL]"; + } +#endif return NULL; } @@ -1192,9 +1192,9 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) size_t len; const char *section; - assert( Line > 0 ); - assert( Var != NULL ); - assert( Arg != NULL ); + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); if (strcasecmp(Var, "Name") == 0) { len = strlcpy(Conf_ServerName, Arg, sizeof(Conf_ServerName)); @@ -1256,12 +1256,13 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) if (len == 0) return; if (len >= LINE_LEN) { - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(Line, Var); return; } if (!array_copyb(&Conf_Motd, Arg, len + 1)) - Config_Error(LOG_WARNING, "%s, line %d: Could not append MotdPhrase: %s", - NGIRCd_ConfFile, Line, strerror(errno)); + Config_Error(LOG_WARNING, + "%s, line %d: Could not append MotdPhrase: %s", + NGIRCd_ConfFile, Line, strerror(errno)); Using_MotdFile = false; return; } @@ -1305,8 +1306,12 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) } if (CheckLegacyNoOption(Var, Arg)) { - Config_Error(LOG_WARNING, "%s, line %d: \"No\"-Prefix has been removed, use \"%s = %s\" in [FEATURES] section instead", - NGIRCd_ConfFile, Line, NoNo(Var), InvertArg(Arg)); + /* TODO: This function and support for "NoXXX" could be + * be removed starting with ngIRCd release 19 (one release + * after marking it "deprecated"). */ + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"No\"-Prefix is deprecated, use \"%s = %s\" in [Options] section!", + NGIRCd_ConfFile, Line, NoNo(Var), InvertArg(Arg)); if (strcasecmp(Var, "NoIdent") == 0) WarnIdent(Line); else if (strcasecmp(Var, "NoPam") == 0) @@ -1317,9 +1322,16 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) /** TODO: This function and support for these options in the * [Global] section could be removed starting with ngIRCd * release 19 (one release after marking it "deprecated"). */ - Config_Error(LOG_WARNING, - "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!", - NGIRCd_ConfFile, Line, Var, section); + if (strncasecmp(Var, "SSL", 3) == 0) { + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s and rename to \"%s\"!", + NGIRCd_ConfFile, Line, Var, section, + Var + 3); + } else { + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!", + NGIRCd_ConfFile, Line, Var, section); + } return; } @@ -1450,6 +1462,10 @@ Handle_OPTIONS(int Line, char *Var, char *Arg) WarnIdent(Line); return; } + if (strcasecmp(Var, "MorePrivacy") == 0) { + Conf_MorePrivacy = Check_ArgIsTrue(Arg); + return; + } if (strcasecmp(Var, "NoticeAuth") == 0) { Conf_NoticeAuth = Check_ArgIsTrue(Arg); return; @@ -1477,53 +1493,77 @@ Handle_OPTIONS(int Line, char *Var, char *Arg) return; } #endif + if (strcasecmp(Var, "ScrubCTCP") == 0) { + Conf_ScrubCTCP = Check_ArgIsTrue(Arg); + return; + } +#ifdef SYSLOG + if (strcasecmp(Var, "SyslogFacility") == 0) { + Conf_SyslogFacility = ngt_SyslogFacilityID(Arg, + Conf_SyslogFacility); + return; + } +#endif + if (strcasecmp(Var, "WebircPassword") == 0) { + len = strlcpy(Conf_WebircPwd, Arg, sizeof(Conf_WebircPwd)); + if (len >= sizeof(Conf_WebircPwd)) + Config_Error_TooLong(Line, Var); + return; + } + + Config_Error_Section(Line, Var, "Options"); +} + #ifdef SSL_SUPPORT - if (strcasecmp(Var, "SSLCertFile") == 0) { + +/** + * Handle variable in [SSL] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ +static void +Handle_SSL(int Line, char *Var, char *Arg) +{ + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); + + if (strcasecmp(Var, "CertFile") == 0) { assert(Conf_SSLOptions.CertFile == NULL); Conf_SSLOptions.CertFile = strdup_warn(Arg); return; } - if (strcasecmp(Var, "SSLDHFile") == 0) { + if (strcasecmp(Var, "DHFile") == 0) { assert(Conf_SSLOptions.DHFile == NULL); Conf_SSLOptions.DHFile = strdup_warn(Arg); return; } - if (strcasecmp(Var, "SSLKeyFile") == 0) { + if (strcasecmp(Var, "KeyFile") == 0) { assert(Conf_SSLOptions.KeyFile == NULL); Conf_SSLOptions.KeyFile = strdup_warn(Arg); return; } - if (strcasecmp(Var, "SSLKeyFilePassword") == 0) { + if (strcasecmp(Var, "KeyFilePassword") == 0) { assert(array_bytes(&Conf_SSLOptions.KeyFilePassword) == 0); if (!array_copys(&Conf_SSLOptions.KeyFilePassword, Arg)) Config_Error(LOG_ERR, - "%s, line %d (section \"Global\"): Could not copy %s: %s!", + "%s, line %d (section \"SSL\"): Could not copy %s: %s!", NGIRCd_ConfFile, Line, Var, strerror(errno)); return; } - if (strcasecmp(Var, "SSLPorts") == 0) { + if (strcasecmp(Var, "Ports") == 0) { ports_parse(&Conf_SSLOptions.ListenPorts, Line, Arg); return; } -#endif -#ifdef SYSLOG - if (strcasecmp(Var, "SyslogFacility") == 0) { - Conf_SyslogFacility = ngt_SyslogFacilityID(Arg, - Conf_SyslogFacility); - return; - } -#endif - if (strcasecmp(Var, "WebircPassword") == 0) { - len = strlcpy(Conf_WebircPwd, Arg, sizeof(Conf_WebircPwd)); - if (len >= sizeof(Conf_WebircPwd)) - Config_Error_TooLong(Line, Var); - return; - } - Config_Error_Section(Line, Var, "Options"); + Config_Error_Section(Line, Var, "SSL"); } +#endif + /** * Handle variable in [Operator] configuration section. * @@ -1860,7 +1900,7 @@ Validate_Config(bool Configtest, bool Rehash) #ifdef PAM if (Conf_ServerPwd[0]) Config_Error(LOG_ERR, - "This server uses PAM, \"Password\" will be ignored!"); + "This server uses PAM, \"Password\" in [Global] section will be ignored!"); #endif #ifdef DEBUG @@ -1951,8 +1991,13 @@ va_dcl vsnprintf( msg, MAX_LOG_MSG_LEN, Format, ap ); va_end( ap ); - if (Use_Log) Log( Level, "%s", msg ); - else puts( msg ); + if (!Use_Log) { + if (Level <= LOG_WARNING) + printf(" - %s\n", msg); + else + puts(msg); + } else + Log(Level, "%s", msg); } #ifdef DEBUG