X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fconf.c;h=221e7a96e8621c37b6f2db3d26d4c0accdf9075a;hp=32461f3550ffb127332754e44ae0033bfbd73c86;hb=3c30490d54da941e368d54aeb63cf56cf1aef345;hpb=f1a4a4dc882e28affb0f2f3b940e5762df230ccd diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index 32461f35..221e7a96 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2010 Alexander Barton (alex@barton.de) + * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -16,7 +16,6 @@ * Configuration management (reading, parsing & validation) */ -#include "imp.h" #include #include #ifdef PROTOTYPES @@ -28,26 +27,19 @@ #include #include #include +#include #include #include #include #include -#include - -#ifdef HAVE_CTYPE_H -# include -#endif +#include -#include "array.h" #include "ngircd.h" #include "conn.h" #include "channel.h" -#include "defines.h" #include "log.h" #include "match.h" -#include "tool.h" -#include "exp.h" #include "conf.h" @@ -55,36 +47,62 @@ static bool Use_Log = true, Using_MotdFile = true; static CONF_SERVER New_Server; static int New_Server_Idx; -static size_t Conf_Oper_Count; -static size_t Conf_Channel_Count; static char Conf_MotdFile[FNAME_LEN]; +static char Conf_HelpFile[FNAME_LEN]; +static char Conf_IncludeDir[FNAME_LEN]; static void Set_Defaults PARAMS(( bool InitServers )); -static bool Read_Config PARAMS(( bool ngircd_starting )); +static bool Read_Config PARAMS(( bool TestOnly, bool IsStarting )); +static void Read_Config_File PARAMS(( const char *File, FILE *fd )); static bool Validate_Config PARAMS(( bool TestOnly, bool Rehash )); -static void Handle_GLOBAL PARAMS(( int Line, char *Var, char *Arg )); -static void Handle_FEATURES PARAMS(( int Line, char *Var, char *Arg )); -static void Handle_OPERATOR PARAMS(( int Line, char *Var, char *Arg )); -static void Handle_SERVER PARAMS(( int Line, char *Var, char *Arg )); -static void Handle_CHANNEL PARAMS(( int Line, char *Var, char *Arg )); - -static void Config_Error PARAMS(( const int Level, const char *Format, ... )); - -static void Config_Error_NaN PARAMS(( const int LINE, const char *Value )); -static void Config_Error_TooLong PARAMS(( const int LINE, const char *Value )); +static void Handle_GLOBAL PARAMS((const char *File, int Line, + char *Var, char *Arg )); +static void Handle_LIMITS PARAMS((const char *File, int Line, + char *Var, char *Arg )); +static void Handle_OPTIONS PARAMS((const char *File, int Line, + char *Var, char *Arg )); +static void Handle_OPERATOR PARAMS((const char *File, int Line, + char *Var, char *Arg )); +static void Handle_SERVER PARAMS((const char *File, int Line, + char *Var, char *Arg )); +static void Handle_CHANNEL PARAMS((const char *File, int Line, + char *Var, char *Arg )); + +static void Config_Error PARAMS((const int Level, const char *Format, ...)); + +static void Config_Error_NaN PARAMS((const char *File, const int LINE, + const char *Value)); +static void Config_Error_Section PARAMS((const char *File, const int Line, + const char *Item, const char *Section)); +static void Config_Error_TooLong PARAMS((const char *File, const int LINE, + const char *Value)); static void Init_Server_Struct PARAMS(( CONF_SERVER *Server )); + #ifdef WANT_IPV6 #define DEFAULT_LISTEN_ADDRSTR "::,0.0.0.0" #else #define DEFAULT_LISTEN_ADDRSTR "0.0.0.0" #endif +#ifdef HAVE_LIBSSL +#define DEFAULT_CIPHERS "HIGH:!aNULL:@STRENGTH:!SSLv3" +#endif +#ifdef HAVE_LIBGNUTLS +#define DEFAULT_CIPHERS "SECURE128:-VERS-SSL3.0" +#endif + #ifdef SSL_SUPPORT + +static void Handle_SSL PARAMS((const char *File, int Line, char *Var, char *Ark)); + struct SSLOptions Conf_SSLOptions; +/** + * Initialize SSL configuration. + */ static void ConfSSL_Init(void) { @@ -97,61 +115,80 @@ ConfSSL_Init(void) free(Conf_SSLOptions.DHFile); Conf_SSLOptions.DHFile = NULL; array_free_wipe(&Conf_SSLOptions.KeyFilePassword); + + array_free(&Conf_SSLOptions.ListenPorts); + + free(Conf_SSLOptions.CipherList); + Conf_SSLOptions.CipherList = NULL; } -static bool -ssl_print_configvar(const char *name, const char *file) +/** + * Check if the current configuration uses/requires SSL. + * + * @returns true if SSL is used and should be initialized. + */ +GLOBAL bool +Conf_SSLInUse(void) { - FILE *fp; + int i; - if (!file) { - printf(" %s =\n", name); + /* SSL listen ports configured? */ + if (array_bytes(&Conf_SSLOptions.ListenPorts)) return true; - } - fp = fopen(file, "r"); - if (fp) - fclose(fp); - else - fprintf(stderr, "ERROR: %s \"%s\": %s\n", - name, file, strerror(errno)); - - printf(" %s = %s\n", name, file); - return fp != NULL; + for (i = 0; i < MAX_SERVERS; i++) { + if (Conf_Server[i].port > 0 + && Conf_Server[i].SSLConnect) + return true; + } + return false; } -static bool -ConfSSL_Puts(void) +/** + * Make sure that a configured file is readable. + * + * Currently, this function is only used for SSL-related options ... + * + * @param Var Configuration variable + * @param Filename Configured filename + */ +static void +CheckFileReadable(const char *Var, const char *Filename) { - bool ret; - - ret = ssl_print_configvar("SSLKeyFile", Conf_SSLOptions.KeyFile); - - if (!ssl_print_configvar("SSLCertFile", Conf_SSLOptions.CertFile)) - ret = false; - - if (!ssl_print_configvar("SSLDHFile", Conf_SSLOptions.DHFile)) - ret = false; - - if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) - puts(" SSLKeyFilePassword = "); + FILE *fp; - array_free_wipe(&Conf_SSLOptions.KeyFilePassword); + if (!Filename) + return; - return ret; + fp = fopen(Filename, "r"); + if (fp) + fclose(fp); + else + Config_Error(LOG_ERR, "Can't read \"%s\" (\"%s\"): %s", + Filename, Var, strerror(errno)); } + #endif + +/** + * Duplicate string and warn on errors. + * + * @returns Pointer to string on success, NULL otherwise. + */ static char * strdup_warn(const char *str) { char *ptr = strdup(str); if (!ptr) - Config_Error(LOG_ERR, "Could not allocate mem for string: %s", str); + Config_Error(LOG_ERR, + "Could not allocate memory for string: %s", str); return ptr; } - +/** + * Output a comma separated list of ports (integer values). + */ static void ports_puts(array *a) { @@ -169,9 +206,11 @@ ports_puts(array *a) putc('\n', stdout); } - +/** + * Parse a comma separated string into an array of port numbers (integers). + */ static void -ports_parse(array *a, int Line, char *Arg) +ports_parse(array *a, const char *File, int Line, char *Arg) { char *ptr; int port; @@ -179,8 +218,6 @@ ports_parse(array *a, int Line, char *Arg) array_trunc(a); - /* Ports on that the server should listen. More port numbers - * must be separated by "," */ ptr = strtok( Arg, "," ); while (ptr) { ngt_TrimStr(ptr); @@ -189,38 +226,46 @@ ports_parse(array *a, int Line, char *Arg) port16 = (UINT16) port; if (!array_catb(a, (char*)&port16, sizeof port16)) Config_Error(LOG_ERR, "%s, line %d Could not add port number %ld: %s", - NGIRCd_ConfFile, Line, port, strerror(errno)); + File, Line, port, strerror(errno)); } else { Config_Error( LOG_ERR, "%s, line %d (section \"Global\"): Illegal port number %ld!", - NGIRCd_ConfFile, Line, port ); + File, Line, port ); } ptr = strtok( NULL, "," ); } } - +/** + * Initialize configuration module. + */ GLOBAL void Conf_Init( void ) { - Read_Config( true ); + Read_Config(false, true); Validate_Config(false, false); -} /* Config_Init */ - +} +/** + * "Rehash" (reload) server configuration. + * + * @returns true if configuration has been re-read, false on errors. + */ GLOBAL bool Conf_Rehash( void ) { - if (!Read_Config(false)) + if (!Read_Config(false, false)) return false; Validate_Config(false, true); /* Update CLIENT structure of local server */ Client_SetInfo(Client_ThisServer(), Conf_ServerInfo); return true; -} /* Config_Rehash */ - +} +/** + * Output a boolean value as "yes/no" string. + */ static const char* yesno_to_str(int boolean_value) { @@ -229,7 +274,9 @@ yesno_to_str(int boolean_value) return "no"; } - +/** + * Free all IRC operator configuration structures. + */ static void opers_free(void) { @@ -245,31 +292,40 @@ opers_free(void) array_free(&Conf_Opers); } +/** + * Output all IRC operator configuration structures. + */ static void opers_puts(void) { struct Conf_Oper *op; - size_t len; + size_t count, i; - len = array_length(&Conf_Opers, sizeof(*op)); + count = array_length(&Conf_Opers, sizeof(*op)); op = array_start(&Conf_Opers); - while (len--) { - assert(op->name[0]); + for (i = 0; i < count; i++, op++) { + if (!op->name[0]) + continue; puts("[OPERATOR]"); printf(" Name = %s\n", op->name); printf(" Password = %s\n", op->pwd); printf(" Mask = %s\n\n", op->mask ? op->mask : ""); - op++; } } - +/** + * Read configuration, validate and output it. + * + * This function waits for a keypress of the user when stdin/stdout are valid + * tty's ("you can read our nice message and we can read in your keypress"). + * + * @return 0 on success, 1 on failure(s); therefore the result code can + * directly be used by exit() when running "ngircd --configtest". + */ GLOBAL int Conf_Test( void ) { - /* Read configuration, validate and output it. */ - struct passwd *pwd; struct group *grp; unsigned int i; @@ -279,30 +335,26 @@ Conf_Test( void ) Use_Log = false; - if (! Read_Config(true)) + if (!Read_Config(true, true)) return 1; config_valid = Validate_Config(true, false); - /* If stdin and stdout ("you can read our nice message and we can - * read in your keypress") are valid tty's, wait for a key: */ - if( isatty( fileno( stdin )) && isatty( fileno( stdout ))) { - puts( "OK, press enter to see a dump of your service configuration ..." ); - getchar( ); - } else { - puts( "Ok, dump of your server configuration follows:\n" ); - } + /* Valid tty? */ + if(isatty(fileno(stdin)) && isatty(fileno(stdout))) { + puts("OK, press enter to see a dump of your server configuration ..."); + getchar(); + } else + puts("Ok, dump of your server configuration follows:\n"); - puts( "[GLOBAL]" ); + puts("[GLOBAL]"); printf(" Name = %s\n", Conf_ServerName); - printf(" Info = %s\n", Conf_ServerInfo); -#ifndef PAM - printf(" Password = %s\n", Conf_ServerPwd); -#endif - printf(" WebircPassword = %s\n", Conf_WebircPwd); printf(" AdminInfo1 = %s\n", Conf_ServerAdmin1); printf(" AdminInfo2 = %s\n", Conf_ServerAdmin2); printf(" AdminEMail = %s\n", Conf_ServerAdminMail); + printf(" HelpFile = %s\n", Conf_HelpFile); + printf(" Info = %s\n", Conf_ServerInfo); + printf(" Listen = %s\n", Conf_ListenAddress); if (Using_MotdFile) { printf(" MotdFile = %s\n", Conf_MotdFile); printf(" MotdPhrase =\n"); @@ -311,56 +363,94 @@ Conf_Test( void ) printf(" MotdPhrase = %s\n", array_bytes(&Conf_Motd) ? (const char*) array_start(&Conf_Motd) : ""); } - printf(" ChrootDir = %s\n", Conf_Chroot); + printf(" Network = %s\n", Conf_Network); + if (!Conf_PAM) + printf(" Password = %s\n", Conf_ServerPwd); printf(" PidFile = %s\n", Conf_PidFile); - printf(" Listen = %s\n", Conf_ListenAddress); - fputs(" Ports = ", stdout); + printf(" Ports = "); ports_puts(&Conf_ListenPorts); -#ifdef SSL_SUPPORT - fputs(" SSLPorts = ", stdout); - ports_puts(&Conf_SSLOptions.ListenPorts); - if (!ConfSSL_Puts()) - config_valid = false; -#endif - - pwd = getpwuid(Conf_UID); - if (pwd) - printf(" ServerUID = %s\n", pwd->pw_name); - else - printf(" ServerUID = %ld\n", (long)Conf_UID); grp = getgrgid(Conf_GID); if (grp) printf(" ServerGID = %s\n", grp->gr_name); else printf(" ServerGID = %ld\n", (long)Conf_GID); -#ifdef SYSLOG - printf(" SyslogFacility = %s\n", - ngt_SyslogFacilityName(Conf_SyslogFacility)); -#endif + pwd = getpwuid(Conf_UID); + if (pwd) + printf(" ServerUID = %s\n", pwd->pw_name); + else + printf(" ServerUID = %ld\n", (long)Conf_UID); + puts(""); + + puts("[LIMITS]"); + printf(" ConnectRetry = %d\n", Conf_ConnectRetry); + printf(" IdleTimeout = %d\n", Conf_IdleTimeout); + printf(" MaxConnections = %d\n", Conf_MaxConnections); + printf(" MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP); + printf(" MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1); + printf(" MaxNickLength = %u\n", Conf_MaxNickLength - 1); + printf(" MaxListSize = %d\n", Conf_MaxListSize); printf(" PingTimeout = %d\n", Conf_PingTimeout); printf(" PongTimeout = %d\n", Conf_PongTimeout); - printf(" ConnectRetry = %d\n", Conf_ConnectRetry); - printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); - printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); + puts(""); + + puts("[OPTIONS]"); + printf(" AllowedChannelTypes = %s\n", Conf_AllowedChannelTypes); printf(" AllowRemoteOper = %s\n", yesno_to_str(Conf_AllowRemoteOper)); - printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly)); + printf(" ChrootDir = %s\n", Conf_Chroot); + printf(" CloakHost = %s\n", Conf_CloakHost); + printf(" CloakHostModeX = %s\n", Conf_CloakHostModeX); + printf(" CloakHostSalt = %s\n", Conf_CloakHostSalt); + printf(" CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick)); #ifdef WANT_IPV6 printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6)); printf(" ConnectIPv6 = %s\n", yesno_to_str(Conf_ConnectIPv4)); #endif - printf(" MaxConnections = %ld\n", Conf_MaxConnections); - printf(" MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP); - printf(" MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1); - printf(" MaxNickLength = %u\n", Conf_MaxNickLength - 1); - printf(" CloakHost = %s\n", Conf_CloakHost); - printf(" CloakUserToNick = %s\n\n", yesno_to_str(Conf_CloakUserToNick)); - - puts("[FEATURES]"); + printf(" DefaultUserModes = %s\n", Conf_DefaultUserModes); printf(" DNS = %s\n", yesno_to_str(Conf_DNS)); +#ifdef IDENT printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); +#endif + printf(" IncludeDir = %s\n", Conf_IncludeDir); + printf(" MorePrivacy = %s\n", yesno_to_str(Conf_MorePrivacy)); + printf(" NoticeAuth = %s\n", yesno_to_str(Conf_NoticeAuth)); + printf(" OperCanUseMode = %s\n", yesno_to_str(Conf_OperCanMode)); + printf(" OperChanPAutoOp = %s\n", yesno_to_str(Conf_OperChanPAutoOp)); + printf(" OperServerMode = %s\n", yesno_to_str(Conf_OperServerMode)); +#ifdef PAM printf(" PAM = %s\n", yesno_to_str(Conf_PAM)); + printf(" PAMIsOptional = %s\n", yesno_to_str(Conf_PAMIsOptional)); +#endif +#ifndef STRICT_RFC + printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing)); +#endif + printf(" ScrubCTCP = %s\n", yesno_to_str(Conf_ScrubCTCP)); +#ifdef SYSLOG + printf(" SyslogFacility = %s\n", + ngt_SyslogFacilityName(Conf_SyslogFacility)); +#endif + printf(" WebircPassword = %s\n", Conf_WebircPwd); puts(""); +#ifdef SSL_SUPPORT + puts("[SSL]"); + printf(" CertFile = %s\n", Conf_SSLOptions.CertFile + ? Conf_SSLOptions.CertFile : ""); + printf(" CipherList = %s\n", Conf_SSLOptions.CipherList ? + Conf_SSLOptions.CipherList : DEFAULT_CIPHERS); + printf(" DHFile = %s\n", Conf_SSLOptions.DHFile + ? Conf_SSLOptions.DHFile : ""); + printf(" KeyFile = %s\n", Conf_SSLOptions.KeyFile + ? Conf_SSLOptions.KeyFile : ""); + if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) + puts(" KeyFilePassword = "); + else + puts(" KeyFilePassword = "); + array_free_wipe(&Conf_SSLOptions.KeyFilePassword); + printf(" Ports = "); + ports_puts(&Conf_SSLOptions.ListenPorts); + puts(""); +#endif + opers_puts(); for( i = 0; i < MAX_SERVERS; i++ ) { @@ -399,17 +489,19 @@ Conf_Test( void ) } return (config_valid ? 0 : 1); -} /* Conf_Test */ - +} +/** + * Remove connection information from configured server. + * + * If the server is set as "once", delete it from our configuration; + * otherwise set the time for the next connection attempt. + * + * Non-server connections will be silently ignored. + */ GLOBAL void Conf_UnsetServer( CONN_ID Idx ) { - /* Set next time for next connection attempt, if this is a server - * link that is (still) configured here. If the server is set as - * "once", delete it from our configuration. - * Non-Server-Connections will be silently ignored. */ - int i; time_t t; @@ -431,30 +523,48 @@ Conf_UnsetServer( CONN_ID Idx ) * require the next attempt to be delayed. */ Conf_Server[i].lasttry = t - Conf_ConnectRetry + RECONNECT_DELAY; - } else - Conf_Server[i].lasttry = t; + } else { + /* "Short" connection, enforce "ConnectRetry" + * but randomize it a little bit: 15 seconds. */ + Conf_Server[i].lasttry = +#ifdef HAVE_ARC4RANDOM + t + (arc4random() % 15); +#else + t + rand() / (RAND_MAX / 15); +#endif + } } } -} /* Conf_UnsetServer */ - +} -GLOBAL void +/** + * Set connection information for specified configured server. + */ +GLOBAL bool Conf_SetServer( int ConfServer, CONN_ID Idx ) { - /* Set connection for specified configured server */ - assert( ConfServer > NONE ); assert( Idx > NONE ); + if (Conf_Server[ConfServer].conn_id > NONE && + Conf_Server[ConfServer].conn_id != Idx) { + Log(LOG_ERR, + "Connection %d: Server configuration of \"%s\" already in use by connection %d!", + Idx, Conf_Server[ConfServer].name, + Conf_Server[ConfServer].conn_id); + Conn_Close(Idx, NULL, "Server configuration already in use", true); + return false; + } Conf_Server[ConfServer].conn_id = Idx; -} /* Conf_SetServer */ - + return true; +} +/** + * Get index of server in configuration structure. + */ GLOBAL int Conf_GetServer( CONN_ID Idx ) { - /* Get index of server in configuration structure */ - int i = 0; assert( Idx > NONE ); @@ -463,18 +573,20 @@ Conf_GetServer( CONN_ID Idx ) if( Conf_Server[i].conn_id == Idx ) return i; } return NONE; -} /* Conf_GetServer */ - +} +/** + * Enable a server by name and adjust its port number. + * + * @returns true if a server has been enabled and now has a valid port + * number and host name for outgoing connections. + */ GLOBAL bool Conf_EnableServer( const char *Name, UINT16 Port ) { - /* Enable specified server and adjust port */ - int i; assert( Name != NULL ); - for( i = 0; i < MAX_SERVERS; i++ ) { if( strcasecmp( Conf_Server[i].name, Name ) == 0 ) { /* Gotcha! Set port and enable server: */ @@ -484,53 +596,75 @@ Conf_EnableServer( const char *Name, UINT16 Port ) } } return false; -} /* Conf_EnableServer */ - +} +/** + * Enable a server by name. + * + * The server is only usable as outgoing server, if it has set a valid port + * number for outgoing connections! + * If not, you have to use Conf_EnableServer() function to make it available. + * + * @returns true if a server has been enabled; false otherwise. + */ GLOBAL bool Conf_EnablePassiveServer(const char *Name) { - /* Enable specified server */ int i; assert( Name != NULL ); for (i = 0; i < MAX_SERVERS; i++) { - if ((strcasecmp( Conf_Server[i].name, Name ) == 0) && (Conf_Server[i].port > 0)) { + if ((strcasecmp( Conf_Server[i].name, Name ) == 0) + && (Conf_Server[i].port > 0)) { /* BINGO! Enable server */ Conf_Server[i].flags &= ~CONF_SFLAG_DISABLED; + Conf_Server[i].lasttry = 0; return true; } } return false; -} /* Conf_EnablePassiveServer */ - +} +/** + * Disable a server by name. + * An already established connection will be disconnected. + * + * @returns true if a server was found and has been disabled. + */ GLOBAL bool Conf_DisableServer( const char *Name ) { - /* Enable specified server and adjust port */ - int i; assert( Name != NULL ); - for( i = 0; i < MAX_SERVERS; i++ ) { if( strcasecmp( Conf_Server[i].name, Name ) == 0 ) { /* Gotcha! Disable and disconnect server: */ Conf_Server[i].flags |= CONF_SFLAG_DISABLED; - if( Conf_Server[i].conn_id > NONE ) Conn_Close( Conf_Server[i].conn_id, NULL, "Server link terminated on operator request", true); + if( Conf_Server[i].conn_id > NONE ) + Conn_Close(Conf_Server[i].conn_id, NULL, + "Server link terminated on operator request", + true); return true; } } return false; -} /* Conf_DisableServer */ - +} +/** + * Add a new remote server to our configuration. + * + * @param Name Name of the new server. + * @param Port Port number to connect to or 0 for incoming connections. + * @param Host Host name to connect to. + * @param MyPwd Password that will be sent to the peer. + * @param PeerPwd Password that must be received from the peer. + * @returns true if the new server has been added; false otherwise. + */ GLOBAL bool -Conf_AddServer( const char *Name, UINT16 Port, const char *Host, const char *MyPwd, const char *PeerPwd ) +Conf_AddServer(const char *Name, UINT16 Port, const char *Host, + const char *MyPwd, const char *PeerPwd) { - /* Add new server to configuration */ - int i; assert( Name != NULL ); @@ -554,34 +688,45 @@ Conf_AddServer( const char *Name, UINT16 Port, const char *Host, const char *MyP Conf_Server[i].flags = CONF_SFLAG_ONCE; return true; -} /* Conf_AddServer */ - +} /** - * Check if the given nick name is an service + * Check if the given nickname is reserved for services on a particular server. + * + * @param ConfServer The server index to check. + * @param Nick The nickname to check. + * @returns true if the given nickname belongs to an "IRC service". */ GLOBAL bool -Conf_IsService(int ConfServer, const char *Nick) +Conf_NickIsService(int ConfServer, const char *Nick) { - return MatchCaseInsensitive(Conf_Server[ConfServer].svs_mask, Nick); -} /* Conf_IsService */ + assert (ConfServer >= 0); + assert (ConfServer < MAX_SERVERS); + return MatchCaseInsensitiveList(Conf_Server[ConfServer].svs_mask, + Nick, ","); +} -static void -Set_Defaults_Optional(void) +/** + * Check if the given nickname is blocked for "normal client" use. + * + * @param ConfServer The server index or NONE to check all configured servers. + * @param Nick The nickname to check. + * @returns true if the given nickname belongs to an "IRC service". + */ +GLOBAL bool +Conf_NickIsBlocked(const char *Nick) { -#ifdef IDENTAUTH - Conf_Ident = true; -#else - Conf_Ident = false; -#endif -#ifdef PAM - Conf_PAM = true; -#else - Conf_PAM = false; -#endif -} + int i; + for(i = 0; i < MAX_SERVERS; i++) { + if (!Conf_Server[i].name[0]) + continue; + if (Conf_NickIsService(i, Nick)) + return true; + } + return false; +} /** * Initialize configuration settings with their default values. @@ -590,50 +735,79 @@ static void Set_Defaults(bool InitServers) { int i; + char random[RANDOM_SALT_LEN + 1]; + /* Global */ strcpy(Conf_ServerName, ""); - snprintf(Conf_ServerInfo, sizeof Conf_ServerInfo, "%s %s", - PACKAGE_NAME, PACKAGE_VERSION); - strcpy(Conf_ServerPwd, ""); - strcpy(Conf_ServerAdmin1, ""); strcpy(Conf_ServerAdmin2, ""); strcpy(Conf_ServerAdminMail, ""); - + snprintf(Conf_ServerInfo, sizeof Conf_ServerInfo, "%s %s", + PACKAGE_NAME, PACKAGE_VERSION); + strcpy(Conf_Network, ""); + free(Conf_ListenAddress); + Conf_ListenAddress = NULL; + array_free(&Conf_ListenPorts); + array_free(&Conf_Motd); + array_free(&Conf_Helptext); strlcpy(Conf_MotdFile, SYSCONFDIR, sizeof(Conf_MotdFile)); strlcat(Conf_MotdFile, MOTD_FILE, sizeof(Conf_MotdFile)); - - Conf_UID = Conf_GID = 0; - strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot)); + strlcpy(Conf_HelpFile, DOCDIR, sizeof(Conf_HelpFile)); + strlcat(Conf_HelpFile, HELP_FILE, sizeof(Conf_HelpFile)); + strcpy(Conf_ServerPwd, ""); strlcpy(Conf_PidFile, PID_FILE, sizeof(Conf_PidFile)); + Conf_UID = Conf_GID = 0; - free(Conf_ListenAddress); - Conf_ListenAddress = NULL; - - Conf_PingTimeout = 120; - Conf_PongTimeout = 20; + /* Limits */ Conf_ConnectRetry = 60; - Conf_DNS = true; - - Conf_Oper_Count = 0; - Conf_Channel_Count = 0; - - Conf_OperCanMode = false; - Conf_OperServerMode = false; - Conf_AllowRemoteOper = false; - Conf_PredefChannelsOnly = false; - - Conf_ConnectIPv4 = true; - Conf_ConnectIPv6 = true; - + Conf_IdleTimeout = 0; Conf_MaxConnections = 0; Conf_MaxConnectionsIP = 5; Conf_MaxJoins = 10; Conf_MaxNickLength = CLIENT_NICK_LEN_DEFAULT; + Conf_MaxListSize = 100; + Conf_PingTimeout = 120; + Conf_PongTimeout = 20; + /* Options */ + strlcpy(Conf_AllowedChannelTypes, CHANTYPES, + sizeof(Conf_AllowedChannelTypes)); + Conf_AllowRemoteOper = false; +#ifndef STRICT_RFC + Conf_AuthPing = false; +#endif + strlcpy(Conf_Chroot, CHROOT_DIR, sizeof(Conf_Chroot)); strcpy(Conf_CloakHost, ""); + strcpy(Conf_CloakHostModeX, ""); + strlcpy(Conf_CloakHostSalt, ngt_RandomStr(random, RANDOM_SALT_LEN), + sizeof(Conf_CloakHostSalt)); Conf_CloakUserToNick = false; - + Conf_ConnectIPv4 = true; +#ifdef WANT_IPV6 + Conf_ConnectIPv6 = true; +#else + Conf_ConnectIPv6 = false; +#endif + strcpy(Conf_DefaultUserModes, ""); + Conf_DNS = true; +#ifdef IDENTAUTH + Conf_Ident = true; +#else + Conf_Ident = false; +#endif + strcpy(Conf_IncludeDir, ""); + Conf_MorePrivacy = false; + Conf_NoticeAuth = false; + Conf_OperCanMode = false; + Conf_OperChanPAutoOp = true; + Conf_OperServerMode = false; +#ifdef PAM + Conf_PAM = true; +#else + Conf_PAM = false; +#endif + Conf_PAMIsOptional = false; + Conf_ScrubCTCP = false; #ifdef SYSLOG #ifdef LOG_LOCAL5 Conf_SyslogFacility = LOG_LOCAL5; @@ -641,19 +815,19 @@ Set_Defaults(bool InitServers) Conf_SyslogFacility = 0; #endif #endif - Set_Defaults_Optional(); /* Initialize server configuration structures */ if (InitServers) { for (i = 0; i < MAX_SERVERS; Init_Server_Struct(&Conf_Server[i++])); } +} - /* Free MOTD; this is important when reloading the configuration */ - array_free(&Conf_Motd); -} /* Set_Defaults */ - - +/** + * Get number of configured listening ports. + * + * @returns The number of ports (IPv4+IPv6) on which the server should listen. + */ static bool no_listenports(void) { @@ -664,46 +838,66 @@ no_listenports(void) return cnt == 0; } -static void -Read_Motd(const char *filename) +/** + * Read contents of a text file into an array. + * + * This function is used to read the MOTD and help text file, for example. + * + * @param filename Name of the file to read. + * @return true, when the file has been read in. + */ +static bool +Read_TextFile(const char *Filename, const char *Name, array *Destination) { char line[127]; FILE *fp; + int line_no = 1; - if (*filename == '\0') - return; + if (*Filename == '\0') + return false; - fp = fopen(filename, "r"); + fp = fopen(Filename, "r"); if (!fp) { - Config_Error(LOG_WARNING, "Can't read MOTD file \"%s\": %s", - filename, strerror(errno)); - return; + Config_Error(LOG_ERR, "Can't read %s file \"%s\": %s", + Name, Filename, strerror(errno)); + return false; } - array_free(&Conf_Motd); - Using_MotdFile = true; - + array_free(Destination); while (fgets(line, (int)sizeof line, fp)) { - ngt_TrimLastChr( line, '\n'); + ngt_TrimLastChr(line, '\n'); /* add text including \0 */ - if (!array_catb(&Conf_Motd, line, strlen(line) + 1)) { - Log(LOG_WARNING, "Cannot add MOTD text: %s", strerror(errno)); + if (!array_catb(Destination, line, strlen(line) + 1)) { + Log(LOG_ERR, "Cannot read/add \"%s\", line %d: %s", + Filename, line_no, strerror(errno)); break; } + line_no++; } fclose(fp); + return true; } +/** + * Read ngIRCd configuration file. + * + * Please note that this function uses exit(1) on fatal errors and therefore + * can result in ngIRCd terminating! + * + * @param ngircd_starting Flag indicating if ngIRCd is starting or not. + * @returns true when the configuration file has been read + * successfully; false otherwise. + */ static bool -Read_Config( bool ngircd_starting ) +Read_Config(bool TestOnly, bool IsStarting) { - /* Read configuration file. */ - - char section[LINE_LEN], str[LINE_LEN], *var, *arg, *ptr; const UINT16 defaultport = 6667; - int line, i, n; + char *ptr, file[FNAME_LEN]; + struct dirent *entry; + int i, n; FILE *fd; + DIR *dh; /* Open configuration file */ fd = fopen( NGIRCd_ConfFile, "r" ); @@ -711,16 +905,19 @@ Read_Config( bool ngircd_starting ) /* No configuration file found! */ Config_Error( LOG_ALERT, "Can't read configuration \"%s\": %s", NGIRCd_ConfFile, strerror( errno )); - if (!ngircd_starting) + if (!IsStarting) return false; Config_Error( LOG_ALERT, "%s exiting due to fatal errors!", PACKAGE_NAME ); exit( 1 ); } opers_free(); - Set_Defaults( ngircd_starting ); + Set_Defaults(IsStarting); - Config_Error( LOG_INFO, "Reading configuration from \"%s\" ...", NGIRCd_ConfFile ); + if (TestOnly) + Config_Error(LOG_INFO, + "Reading configuration from \"%s\" ...", + NGIRCd_ConfFile ); /* Clean up server configuration structure: mark all already * configured servers as "once" so that they are deleted @@ -754,133 +951,273 @@ Read_Config( bool ngircd_starting ) } /* Initialize variables */ - line = 0; - strcpy( section, "" ); Init_Server_Struct( &New_Server ); New_Server_Idx = NONE; #ifdef SSL_SUPPORT ConfSSL_Init(); #endif + + Read_Config_File(NGIRCd_ConfFile, fd); + fclose(fd); + + if (Conf_IncludeDir[0]) { + dh = opendir(Conf_IncludeDir); + if (!dh) + Config_Error(LOG_ALERT, + "Can't open include directory \"%s\": %s", + Conf_IncludeDir, strerror(errno)); + } else { + strlcpy(Conf_IncludeDir, SYSCONFDIR, sizeof(Conf_IncludeDir)); + strlcat(Conf_IncludeDir, CONFIG_DIR, sizeof(Conf_IncludeDir)); + dh = opendir(Conf_IncludeDir); + } + + /* Include further configuration files, if IncludeDir is available */ + if (dh) { + while ((entry = readdir(dh)) != NULL) { + ptr = strrchr(entry->d_name, '.'); + if (!ptr || strcasecmp(ptr, ".conf") != 0) + continue; + snprintf(file, sizeof(file), "%s/%s", + Conf_IncludeDir, entry->d_name); + if (TestOnly) + Config_Error(LOG_INFO, + "Reading configuration from \"%s\" ...", + file); + fd = fopen(file, "r"); + if (fd) { + Read_Config_File(file, fd); + fclose(fd); + } else + Config_Error(LOG_ALERT, + "Can't read configuration \"%s\": %s", + file, strerror(errno)); + } + closedir(dh); + } + + /* Check if there is still a server to add */ + if( New_Server.name[0] ) { + /* Copy data to "real" server structure */ + assert( New_Server_Idx > NONE ); + Conf_Server[New_Server_Idx] = New_Server; + } + + /* not a single listening port? Add default. */ + if (no_listenports() && + !array_copyb(&Conf_ListenPorts, (char*) &defaultport, sizeof defaultport)) + { + Config_Error(LOG_ALERT, "Could not add default listening Port %u: %s", + (unsigned int) defaultport, strerror(errno)); + + exit(1); + } + + if (!Conf_ListenAddress) + Conf_ListenAddress = strdup_warn(DEFAULT_LISTEN_ADDRSTR); + + if (!Conf_ListenAddress) { + Config_Error(LOG_ALERT, "%s exiting due to fatal errors!", PACKAGE_NAME); + exit(1); + } + + /* No MOTD phrase configured? (re)try motd file. */ + if (array_bytes(&Conf_Motd) == 0) { + if (Read_TextFile(Conf_MotdFile, "MOTD", &Conf_Motd)) + Using_MotdFile = true; + } + + /* Try to read ngIRCd help text file. */ + (void)Read_TextFile(Conf_HelpFile, "help text", &Conf_Helptext); + if (!array_bytes(&Conf_Helptext)) + Config_Error(LOG_WARNING, + "No help text available, HELP command will be of limited use."); + +#ifdef SSL_SUPPORT + /* Make sure that all SSL-related files are readable */ + CheckFileReadable("CertFile", Conf_SSLOptions.CertFile); + CheckFileReadable("DHFile", Conf_SSLOptions.DHFile); + CheckFileReadable("KeyFile", Conf_SSLOptions.KeyFile); + + /* Set the default ciphers if none were configured */ + if (!Conf_SSLOptions.CipherList) + Conf_SSLOptions.CipherList = strdup_warn(DEFAULT_CIPHERS); +#endif + + return true; +} + +/** + * Read in and handle a configuration file. + * + * @param File Name of the configuration file. + * @param fd File descriptor already opened for reading. + */ +static void +Read_Config_File(const char *File, FILE *fd) +{ + char section[LINE_LEN], str[LINE_LEN], *var, *arg, *ptr; + int i, line = 0; + size_t count; + /* Read configuration file */ - while( true ) { - if( ! fgets( str, LINE_LEN, fd )) break; - ngt_TrimStr( str ); + section[0] = '\0'; + while (true) { + if (!fgets(str, sizeof(str), fd)) + break; + ngt_TrimStr(str); line++; /* Skip comments and empty lines */ - if( str[0] == ';' || str[0] == '#' || str[0] == '\0' ) continue; + if (str[0] == ';' || str[0] == '#' || str[0] == '\0') + continue; + + if (strlen(str) >= sizeof(str) - 1) { + Config_Error(LOG_WARNING, "%s, line %d too long!", + File, line); + continue; + } /* Is this the beginning of a new section? */ - if(( str[0] == '[' ) && ( str[strlen( str ) - 1] == ']' )) { - strlcpy( section, str, sizeof( section )); - if (strcasecmp( section, "[GLOBAL]" ) == 0 || - strcasecmp( section, "[FEATURES]") == 0) + if ((str[0] == '[') && (str[strlen(str) - 1] == ']')) { + strlcpy(section, str, sizeof(section)); + if (strcasecmp(section, "[GLOBAL]") == 0 + || strcasecmp(section, "[LIMITS]") == 0 + || strcasecmp(section, "[OPTIONS]") == 0 +#ifdef SSL_SUPPORT + || strcasecmp(section, "[SSL]") == 0 +#endif + ) continue; - if( strcasecmp( section, "[SERVER]" ) == 0 ) { + if (strcasecmp(section, "[SERVER]") == 0) { /* Check if there is already a server to add */ - if( New_Server.name[0] ) { + if (New_Server.name[0]) { /* Copy data to "real" server structure */ - assert( New_Server_Idx > NONE ); - Conf_Server[New_Server_Idx] = New_Server; + assert(New_Server_Idx > NONE); + Conf_Server[New_Server_Idx] = + New_Server; } /* Re-init structure for new server */ - Init_Server_Struct( &New_Server ); + Init_Server_Struct(&New_Server); /* Search unused item in server configuration structure */ - for( i = 0; i < MAX_SERVERS; i++ ) { + for (i = 0; i < MAX_SERVERS; i++) { /* Is this item used? */ - if( ! Conf_Server[i].name[0] ) break; + if (!Conf_Server[i].name[0]) + break; } - if( i >= MAX_SERVERS ) { + if (i >= MAX_SERVERS) { /* Oops, no free item found! */ - Config_Error( LOG_ERR, "Too many servers configured." ); + Config_Error(LOG_ERR, + "Too many servers configured."); New_Server_Idx = NONE; - } - else New_Server_Idx = i; + } else + New_Server_Idx = i; continue; } + if (strcasecmp(section, "[CHANNEL]") == 0) { - Conf_Channel_Count++; + count = array_length(&Conf_Channels, + sizeof(struct + Conf_Channel)); + if (!array_alloc + (&Conf_Channels, + sizeof(struct Conf_Channel), count)) { + Config_Error(LOG_ERR, + "Could not allocate memory for new operator (line %d)", + line); + } continue; } + if (strcasecmp(section, "[OPERATOR]") == 0) { - Conf_Oper_Count++; + count = array_length(&Conf_Opers, + sizeof(struct Conf_Oper)); + if (!array_alloc(&Conf_Opers, + sizeof(struct Conf_Oper), + count)) { + Config_Error(LOG_ERR, + "Could not allocate memory for new channel (line &d)", + line); + } continue; } - Config_Error( LOG_ERR, "%s, line %d: Unknown section \"%s\"!", NGIRCd_ConfFile, line, section ); + Config_Error(LOG_ERR, + "%s, line %d: Unknown section \"%s\"!", + File, line, section); section[0] = 0x1; } - if( section[0] == 0x1 ) continue; + if (section[0] == 0x1) + continue; /* Split line into variable name and parameters */ - ptr = strchr( str, '=' ); - if( ! ptr ) { - Config_Error( LOG_ERR, "%s, line %d: Syntax error!", NGIRCd_ConfFile, line ); + ptr = strchr(str, '='); + if (!ptr) { + Config_Error(LOG_ERR, "%s, line %d: Syntax error!", + File, line); continue; } *ptr = '\0'; - var = str; ngt_TrimStr( var ); - arg = ptr + 1; ngt_TrimStr( arg ); - - if( strcasecmp( section, "[GLOBAL]" ) == 0 ) Handle_GLOBAL( line, var, arg ); - else if( strcasecmp( section, "[FEATURES]" ) == 0 ) Handle_FEATURES( line, var, arg ); - else if( strcasecmp( section, "[OPERATOR]" ) == 0 ) Handle_OPERATOR( line, var, arg ); - else if( strcasecmp( section, "[SERVER]" ) == 0 ) Handle_SERVER( line, var, arg ); - else if( strcasecmp( section, "[CHANNEL]" ) == 0 ) Handle_CHANNEL( line, var, arg ); - else Config_Error( LOG_ERR, "%s, line %d: Variable \"%s\" outside section!", NGIRCd_ConfFile, line, var ); - } - - /* Close configuration file */ - fclose( fd ); - - /* Check if there is still a server to add */ - if( New_Server.name[0] ) { - /* Copy data to "real" server structure */ - assert( New_Server_Idx > NONE ); - Conf_Server[New_Server_Idx] = New_Server; - } - - /* not a single listening port? Add default. */ - if (no_listenports() && - !array_copyb(&Conf_ListenPorts, (char*) &defaultport, sizeof defaultport)) - { - Config_Error(LOG_ALERT, "Could not add default listening Port %u: %s", - (unsigned int) defaultport, strerror(errno)); - - exit(1); - } - - if (!Conf_ListenAddress) - Conf_ListenAddress = strdup_warn(DEFAULT_LISTEN_ADDRSTR); - - if (!Conf_ListenAddress) { - Config_Error(LOG_ALERT, "%s exiting due to fatal errors!", PACKAGE_NAME); - exit(1); + var = str; + ngt_TrimStr(var); + arg = ptr + 1; + ngt_TrimStr(arg); + + if (strcasecmp(section, "[GLOBAL]") == 0) + Handle_GLOBAL(File, line, var, arg); + else if (strcasecmp(section, "[LIMITS]") == 0) + Handle_LIMITS(File, line, var, arg); + else if (strcasecmp(section, "[OPTIONS]") == 0) + Handle_OPTIONS(File, line, var, arg); +#ifdef SSL_SUPPORT + else if (strcasecmp(section, "[SSL]") == 0) + Handle_SSL(File, line, var, arg); +#endif + else if (strcasecmp(section, "[OPERATOR]") == 0) + Handle_OPERATOR(File, line, var, arg); + else if (strcasecmp(section, "[SERVER]") == 0) + Handle_SERVER(File, line, var, arg); + else if (strcasecmp(section, "[CHANNEL]") == 0) + Handle_CHANNEL(File, line, var, arg); + else + Config_Error(LOG_ERR, + "%s, line %d: Variable \"%s\" outside section!", + File, line, var); } +} - /* No MOTD phrase configured? (re)try motd file. */ - if (array_bytes(&Conf_Motd) == 0) - Read_Motd(Conf_MotdFile); - return true; -} /* Read_Config */ - - +/** + * Check whether a string argument is "true" or "false". + * + * @param Arg Input string. + * @returns true if the input string has been parsed as "yes", "true" + * (case insensitive) or a non-zero integer value. + */ static bool -Check_ArgIsTrue( const char *Arg ) +Check_ArgIsTrue(const char *Arg) { - if( strcasecmp( Arg, "yes" ) == 0 ) return true; - if( strcasecmp( Arg, "true" ) == 0 ) return true; - if( atoi( Arg ) != 0 ) return true; + if (strcasecmp(Arg, "yes") == 0) + return true; + if (strcasecmp(Arg, "true") == 0) + return true; + if (atoi(Arg) != 0) + return true; return false; -} /* Check_ArgIsTrue */ - +} +/** + * Handle setting of "MaxNickLength". + * + * @param Line Line number in configuration file. + * @raram Arg Input string. + * @returns New configured maximum nickname length. + */ static unsigned int -Handle_MaxNickLength(int Line, const char *Arg) +Handle_MaxNickLength(const char *File, int Line, const char *Arg) { unsigned new; @@ -888,48 +1225,79 @@ Handle_MaxNickLength(int Line, const char *Arg) if (new > CLIENT_NICK_LEN) { Config_Error(LOG_WARNING, "%s, line %d: Value of \"MaxNickLength\" exceeds %u!", - NGIRCd_ConfFile, Line, CLIENT_NICK_LEN - 1); + File, Line, CLIENT_NICK_LEN - 1); return CLIENT_NICK_LEN; } if (new < 2) { Config_Error(LOG_WARNING, "%s, line %d: Value of \"MaxNickLength\" must be at least 1!", - NGIRCd_ConfFile, Line); + File, Line); return 2; } return new; -} /* Handle_MaxNickLength */ - +} +/** + * Output a warning messages if IDENT is configured but not compiled in. + */ static void -WarnIdent(int UNUSED Line) +WarnIdent(const char UNUSED *File, int UNUSED Line) { #ifndef IDENTAUTH if (Conf_Ident) { /* user has enabled ident lookups explicitly, but ... */ Config_Error(LOG_WARNING, - "%s: line %d: %s=True, but ngircd was built without support", - NGIRCd_ConfFile, Line, "Ident"); + "%s: line %d: \"Ident = yes\", but ngircd was built without IDENT support!", + File, Line); + } +#endif +} + +/** + * Output a warning messages if IPv6 is configured but not compiled in. + */ +static void +WarnIPv6(const char UNUSED *File, int UNUSED Line) +{ +#ifndef WANT_IPV6 + if (Conf_ConnectIPv6) { + /* user has enabled IPv6 explicitly, but ... */ + Config_Error(LOG_WARNING, + "%s: line %d: \"ConnectIPv6 = yes\", but ngircd was built without IPv6 support!", + File, Line); } #endif } +/** + * Output a warning messages if PAM is configured but not compiled in. + */ static void -WarnPAM(int UNUSED Line) +WarnPAM(const char UNUSED *File, int UNUSED Line) { #ifndef PAM if (Conf_PAM) { Config_Error(LOG_WARNING, - "%s: line %d: %s=True, but ngircd was built without support", - NGIRCd_ConfFile, Line, "PAM"); + "%s: line %d: \"PAM = yes\", but ngircd was built without PAM support!", + File, Line); } #endif } +/** + * Handle legacy "NoXXX" options in [GLOBAL] section. + * + * TODO: This function and support for "NoXXX" could be removed starting + * with ngIRCd release 19 (one release after marking it "deprecated"). + * + * @param Var Variable name. + * @param Arg Argument string. + * @returns true if a NoXXX option has been processed; false otherwise. + */ static bool CheckLegacyNoOption(const char *Var, const char *Arg) { - if( strcasecmp( Var, "NoDNS" ) == 0 ) { + if(strcasecmp(Var, "NoDNS") == 0) { Conf_DNS = !Check_ArgIsTrue( Arg ); return true; } @@ -941,9 +1309,70 @@ CheckLegacyNoOption(const char *Var, const char *Arg) Conf_PAM = !Check_ArgIsTrue(Arg); return true; } - return false; + return false; +} + +/** + * Handle deprecated legacy options in [GLOBAL] section. + * + * TODO: This function and support for these options in the [Global] section + * could be removed starting with ngIRCd release 19 (one release after + * marking it "deprecated"). + * + * @param Var Variable name. + * @param Arg Argument string. + * @returns true if a legacy option has been processed; false otherwise. + */ +static const char* +CheckLegacyGlobalOption(const char *File, int Line, char *Var, char *Arg) +{ + if (strcasecmp(Var, "AllowRemoteOper") == 0 + || strcasecmp(Var, "ChrootDir") == 0 + || strcasecmp(Var, "ConnectIPv4") == 0 + || strcasecmp(Var, "ConnectIPv6") == 0 + || strcasecmp(Var, "OperCanUseMode") == 0 + || strcasecmp(Var, "OperChanPAutoOp") == 0 + || strcasecmp(Var, "OperServerMode") == 0 + || strcasecmp(Var, "PredefChannelsOnly") == 0 + || strcasecmp(Var, "SyslogFacility") == 0 + || strcasecmp(Var, "WebircPassword") == 0) { + Handle_OPTIONS(File, Line, Var, Arg); + return "[Options]"; + } + if (strcasecmp(Var, "ConnectRetry") == 0 + || strcasecmp(Var, "IdleTimeout") == 0 + || strcasecmp(Var, "MaxConnections") == 0 + || strcasecmp(Var, "MaxConnectionsIP") == 0 + || strcasecmp(Var, "MaxJoins") == 0 + || strcasecmp(Var, "MaxNickLength") == 0 + || strcasecmp(Var, "PingTimeout") == 0 + || strcasecmp(Var, "PongTimeout") == 0) { + Handle_LIMITS(File, Line, Var, Arg); + return "[Limits]"; + } +#ifdef SSL_SUPPORT + if (strcasecmp(Var, "SSLCertFile") == 0 + || strcasecmp(Var, "SSLDHFile") == 0 + || strcasecmp(Var, "SSLKeyFile") == 0 + || strcasecmp(Var, "SSLKeyFilePassword") == 0 + || strcasecmp(Var, "SSLPorts") == 0) { + Handle_SSL(File, Line, Var + 3, Arg); + return "[SSL]"; + } +#endif + + return NULL; } +/** + * Strip "no" prefix of a string. + * + * TODO: This function and support for "NoXXX" should be removed starting + * with ngIRCd release 19! (One release after marking it "deprecated"). + * + * @param str Pointer to input string starting with "no". + * @returns New pointer to string without "no" prefix. + */ static const char * NoNo(const char *str) { @@ -951,297 +1380,473 @@ NoNo(const char *str) return str + 2; } +/** + * Invert "boolean" string. + * + * TODO: This function and support for "NoXXX" should be removed starting + * with ngIRCd release 19! (One release after marking it "deprecated"). + * + * @param arg "Boolean" input string. + * @returns Pointer to inverted "boolean string". + */ static const char * InvertArg(const char *arg) { return yesno_to_str(!Check_ArgIsTrue(arg)); } +/** + * Handle variable in [Global] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ static void -Handle_GLOBAL( int Line, char *Var, char *Arg ) +Handle_GLOBAL(const char *File, int Line, char *Var, char *Arg ) { struct passwd *pwd; struct group *grp; size_t len; - - assert( Line > 0 ); - assert( Var != NULL ); - assert( Arg != NULL ); - - if( strcasecmp( Var, "Name" ) == 0 ) { - /* Server name */ - len = strlcpy( Conf_ServerName, Arg, sizeof( Conf_ServerName )); - if (len >= sizeof( Conf_ServerName )) - Config_Error_TooLong( Line, Var ); - return; - } - if( strcasecmp( Var, "CloakHost" ) == 0 ) { - /* Client hostname */ - len = strlcpy( Conf_CloakHost, Arg, sizeof( Conf_CloakHost )); - if (len >= sizeof( Conf_CloakHost )) - Config_Error_TooLong( Line, Var ); - return; - } - if( strcasecmp( Var, "CloakUserToNick" ) == 0 ) { - /* Use client nick name as user name */ - Conf_CloakUserToNick = Check_ArgIsTrue( Arg ); - return; - } - if( strcasecmp( Var, "Info" ) == 0 ) { - /* Info text of server */ - len = strlcpy( Conf_ServerInfo, Arg, sizeof( Conf_ServerInfo )); - if (len >= sizeof( Conf_ServerInfo )) - Config_Error_TooLong ( Line, Var ); + const char *section; + char *ptr; + + assert(File != NULL); + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); + + if (strcasecmp(Var, "Name") == 0) { + len = strlcpy(Conf_ServerName, Arg, sizeof(Conf_ServerName)); + if (len >= sizeof(Conf_ServerName)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "Password" ) == 0 ) { - /* Global server password */ - len = strlcpy( Conf_ServerPwd, Arg, sizeof( Conf_ServerPwd )); - if (len >= sizeof( Conf_ServerPwd )) - Config_Error_TooLong( Line, Var ); + if (strcasecmp(Var, "AdminInfo1") == 0) { + len = strlcpy(Conf_ServerAdmin1, Arg, sizeof(Conf_ServerAdmin1)); + if (len >= sizeof(Conf_ServerAdmin1)) + Config_Error_TooLong(File, Line, Var); return; } - if (strcasecmp(Var, "WebircPassword") == 0) { - /* Password required for WEBIRC command */ - len = strlcpy(Conf_WebircPwd, Arg, sizeof(Conf_WebircPwd)); - if (len >= sizeof(Conf_WebircPwd)) - Config_Error_TooLong(Line, Var); + if (strcasecmp(Var, "AdminInfo2") == 0) { + len = strlcpy(Conf_ServerAdmin2, Arg, sizeof(Conf_ServerAdmin2)); + if (len >= sizeof(Conf_ServerAdmin2)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "AdminInfo1" ) == 0 ) { - /* Administrative info #1 */ - len = strlcpy( Conf_ServerAdmin1, Arg, sizeof( Conf_ServerAdmin1 )); - if (len >= sizeof( Conf_ServerAdmin1 )) - Config_Error_TooLong ( Line, Var ); + if (strcasecmp(Var, "AdminEMail") == 0) { + len = strlcpy(Conf_ServerAdminMail, Arg, + sizeof(Conf_ServerAdminMail)); + if (len >= sizeof(Conf_ServerAdminMail)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "AdminInfo2" ) == 0 ) { - /* Administrative info #2 */ - len = strlcpy( Conf_ServerAdmin2, Arg, sizeof( Conf_ServerAdmin2 )); - if (len >= sizeof( Conf_ServerAdmin2 )) - Config_Error_TooLong ( Line, Var ); + if (strcasecmp(Var, "Info") == 0) { + len = strlcpy(Conf_ServerInfo, Arg, sizeof(Conf_ServerInfo)); + if (len >= sizeof(Conf_ServerInfo)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "AdminEMail" ) == 0 ) { - /* Administrative email contact */ - len = strlcpy( Conf_ServerAdminMail, Arg, sizeof( Conf_ServerAdminMail )); - if (len >= sizeof( Conf_ServerAdminMail )) - Config_Error_TooLong( Line, Var ); + if (strcasecmp(Var, "HelpFile") == 0) { + len = strlcpy(Conf_HelpFile, Arg, sizeof(Conf_HelpFile)); + if (len >= sizeof(Conf_HelpFile)) + Config_Error_TooLong(File, Line, Var); return; } - - if( strcasecmp( Var, "Ports" ) == 0 ) { - ports_parse(&Conf_ListenPorts, Line, Arg); + if (strcasecmp(Var, "Listen") == 0) { + if (Conf_ListenAddress) { + Config_Error(LOG_ERR, + "Multiple Listen= options, ignoring: %s", + Arg); + return; + } + Conf_ListenAddress = strdup_warn(Arg); + /* If allocation fails, we're in trouble: we cannot ignore the + * error -- otherwise ngircd would listen on all interfaces. */ + if (!Conf_ListenAddress) { + Config_Error(LOG_ALERT, + "%s exiting due to fatal errors!", + PACKAGE_NAME); + exit(1); + } return; } - if( strcasecmp( Var, "MotdFile" ) == 0 ) { - len = strlcpy( Conf_MotdFile, Arg, sizeof( Conf_MotdFile )); - if (len >= sizeof( Conf_MotdFile )) - Config_Error_TooLong( Line, Var ); + if (strcasecmp(Var, "MotdFile") == 0) { + len = strlcpy(Conf_MotdFile, Arg, sizeof(Conf_MotdFile)); + if (len >= sizeof(Conf_MotdFile)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "MotdPhrase" ) == 0 ) { - /* "Message of the day" phrase (instead of file) */ + if (strcasecmp(Var, "MotdPhrase") == 0) { len = strlen(Arg); if (len == 0) return; - if (len >= LINE_LEN) { - Config_Error_TooLong( Line, Var ); + if (len >= 127) { + Config_Error_TooLong(File, Line, Var); return; } if (!array_copyb(&Conf_Motd, Arg, len + 1)) - Config_Error(LOG_WARNING, "%s, line %d: Could not append MotdPhrase: %s", - NGIRCd_ConfFile, Line, strerror(errno)); + Config_Error(LOG_WARNING, + "%s, line %d: Could not append MotdPhrase: %s", + File, Line, strerror(errno)); Using_MotdFile = false; return; } - if( strcasecmp( Var, "ChrootDir" ) == 0 ) { - /* directory for chroot() */ - len = strlcpy( Conf_Chroot, Arg, sizeof( Conf_Chroot )); - if (len >= sizeof( Conf_Chroot )) - Config_Error_TooLong( Line, Var ); + if (strcasecmp(Var, "Network") == 0) { + len = strlcpy(Conf_Network, Arg, sizeof(Conf_Network)); + if (len >= sizeof(Conf_Network)) + Config_Error_TooLong(File, Line, Var); + ptr = strchr(Conf_Network, ' '); + if (ptr) { + Config_Error(LOG_WARNING, + "%s, line %d: \"Network\" can't contain spaces!", + File, Line); + *ptr = '\0'; + } return; } - if ( strcasecmp( Var, "PidFile" ) == 0 ) { - /* name of pidfile */ - len = strlcpy( Conf_PidFile, Arg, sizeof( Conf_PidFile )); - if (len >= sizeof( Conf_PidFile )) - Config_Error_TooLong( Line, Var ); + if(strcasecmp(Var, "Password") == 0) { + len = strlcpy(Conf_ServerPwd, Arg, sizeof(Conf_ServerPwd)); + if (len >= sizeof(Conf_ServerPwd)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "ServerUID" ) == 0 ) { - /* UID the daemon should switch to */ - pwd = getpwnam( Arg ); - if( pwd ) Conf_UID = pwd->pw_uid; - else { - Conf_UID = (unsigned int)atoi( Arg ); - if (!Conf_UID && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); - } + if (strcasecmp(Var, "PidFile") == 0) { + len = strlcpy(Conf_PidFile, Arg, sizeof(Conf_PidFile)); + if (len >= sizeof(Conf_PidFile)) + Config_Error_TooLong(File, Line, Var); + return; + } + if (strcasecmp(Var, "Ports") == 0) { + ports_parse(&Conf_ListenPorts, File, Line, Arg); return; } - if( strcasecmp( Var, "ServerGID" ) == 0 ) { - /* GID the daemon should use */ - grp = getgrnam( Arg ); - if( grp ) Conf_GID = grp->gr_gid; + if (strcasecmp(Var, "ServerGID") == 0) { + grp = getgrnam(Arg); + if (grp) + Conf_GID = grp->gr_gid; else { Conf_GID = (unsigned int)atoi(Arg); if (!Conf_GID && strcmp(Arg, "0")) - Config_Error_NaN( Line, Var ); + Config_Error(LOG_WARNING, + "%s, line %d: Value of \"%s\" is not a valid group name or ID!", + File, Line, Var); } return; } - if( strcasecmp( Var, "PingTimeout" ) == 0 ) { - /* PING timeout */ - Conf_PingTimeout = atoi( Arg ); - if( Conf_PingTimeout < 5 ) { - Config_Error( LOG_WARNING, "%s, line %d: Value of \"PingTimeout\" too low!", - NGIRCd_ConfFile, Line ); - Conf_PingTimeout = 5; + if (strcasecmp(Var, "ServerUID") == 0) { + pwd = getpwnam(Arg); + if (pwd) + Conf_UID = pwd->pw_uid; + else { + Conf_UID = (unsigned int)atoi(Arg); + if (!Conf_UID && strcmp(Arg, "0")) + Config_Error(LOG_WARNING, + "%s, line %d: Value of \"%s\" is not a valid user name or ID!", + File, Line, Var); } return; } - if( strcasecmp( Var, "PongTimeout" ) == 0 ) { - /* PONG timeout */ - Conf_PongTimeout = atoi( Arg ); - if( Conf_PongTimeout < 5 ) { - Config_Error( LOG_WARNING, "%s, line %d: Value of \"PongTimeout\" too low!", - NGIRCd_ConfFile, Line ); - Conf_PongTimeout = 5; + + if (CheckLegacyNoOption(Var, Arg)) { + /* TODO: This function and support for "NoXXX" could be + * be removed starting with ngIRCd release 19 (one release + * after marking it "deprecated"). */ + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"No\"-Prefix is deprecated, use \"%s = %s\" in [Options] section!", + File, Line, NoNo(Var), InvertArg(Arg)); + if (strcasecmp(Var, "NoIdent") == 0) + WarnIdent(File, Line); + else if (strcasecmp(Var, "NoPam") == 0) + WarnPAM(File, Line); + return; + } + if ((section = CheckLegacyGlobalOption(File, Line, Var, Arg))) { + /** TODO: This function and support for these options in the + * [Global] section could be removed starting with ngIRCd + * release 19 (one release after marking it "deprecated"). */ + if (strncasecmp(Var, "SSL", 3) == 0) { + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s and rename to \"%s\"!", + File, Line, Var, section, + Var + 3); + } else { + Config_Error(LOG_WARNING, + "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!", + File, Line, Var, section); } return; } - if( strcasecmp( Var, "ConnectRetry" ) == 0 ) { - /* Seconds between connection attempts to other servers */ - Conf_ConnectRetry = atoi( Arg ); - if( Conf_ConnectRetry < 5 ) { - Config_Error( LOG_WARNING, "%s, line %d: Value of \"ConnectRetry\" too low!", - NGIRCd_ConfFile, Line ); + + Config_Error_Section(File, Line, Var, "Global"); +} + +/** + * Handle variable in [Limits] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ +static void +Handle_LIMITS(const char *File, int Line, char *Var, char *Arg) +{ + assert(File != NULL); + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); + + if (strcasecmp(Var, "ConnectRetry") == 0) { + Conf_ConnectRetry = atoi(Arg); + if (Conf_ConnectRetry < 5) { + Config_Error(LOG_WARNING, + "%s, line %d: Value of \"ConnectRetry\" too low!", + File, Line); Conf_ConnectRetry = 5; } return; } - if( strcasecmp( Var, "PredefChannelsOnly" ) == 0 ) { - /* Should we only allow pre-defined-channels? (i.e. users cannot create their own channels) */ - Conf_PredefChannelsOnly = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "IdleTimeout") == 0) { + Conf_IdleTimeout = atoi(Arg); + if (!Conf_IdleTimeout && strcmp(Arg, "0")) + Config_Error_NaN(File, Line, Var); return; } - - if (CheckLegacyNoOption(Var, Arg)) { - Config_Error(LOG_WARNING, "%s, line %d: \"No\"-Prefix has been removed, use \"%s = %s\" in [FEATURES] section instead", - NGIRCd_ConfFile, Line, NoNo(Var), InvertArg(Arg)); - if (strcasecmp(Var, "NoIdent") == 0) - WarnIdent(Line); - else if (strcasecmp(Var, "NoPam") == 0) - WarnPAM(Line); + if (strcasecmp(Var, "MaxConnections") == 0) { + Conf_MaxConnections = atoi(Arg); + if (!Conf_MaxConnections && strcmp(Arg, "0")) + Config_Error_NaN(File, Line, Var); return; } -#ifdef WANT_IPV6 - /* the default setting for all the WANT_IPV6 special options is 'true' */ - if( strcasecmp( Var, "ConnectIPv6" ) == 0 ) { - /* connect to other hosts using ipv6, if they have an AAAA record? */ - Conf_ConnectIPv6 = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "MaxConnectionsIP") == 0) { + Conf_MaxConnectionsIP = atoi(Arg); + if (!Conf_MaxConnectionsIP && strcmp(Arg, "0")) + Config_Error_NaN(File, Line, Var); return; } - if( strcasecmp( Var, "ConnectIPv4" ) == 0 ) { - /* connect to other hosts using ipv4. - * again, this can be used for ipv6-only setups */ - Conf_ConnectIPv4 = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "MaxJoins") == 0) { + Conf_MaxJoins = atoi(Arg); + if (!Conf_MaxJoins && strcmp(Arg, "0")) + Config_Error_NaN(File, Line, Var); return; } -#endif - if( strcasecmp( Var, "OperCanUseMode" ) == 0 ) { - /* Are IRC operators allowed to use MODE in channels they aren't Op in? */ - Conf_OperCanMode = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "MaxNickLength") == 0) { + Conf_MaxNickLength = Handle_MaxNickLength(File, Line, Arg); + return; + } + if (strcasecmp(Var, "MaxListSize") == 0) { + Conf_MaxListSize = atoi(Arg); + if (!Conf_MaxListSize && strcmp(Arg, "0")) + Config_Error_NaN(File, Line, Var); return; } - if( strcasecmp( Var, "OperServerMode" ) == 0 ) { - /* Mask IRC operator as if coming from the server? (ircd-irc2 compat hack) */ - Conf_OperServerMode = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "PingTimeout") == 0) { + Conf_PingTimeout = atoi(Arg); + if (Conf_PingTimeout < 5) { + Config_Error(LOG_WARNING, + "%s, line %d: Value of \"PingTimeout\" too low!", + File, Line); + Conf_PingTimeout = 5; + } + return; + } + if (strcasecmp(Var, "PongTimeout") == 0) { + Conf_PongTimeout = atoi(Arg); + if (Conf_PongTimeout < 5) { + Config_Error(LOG_WARNING, + "%s, line %d: Value of \"PongTimeout\" too low!", + File, Line); + Conf_PongTimeout = 5; + } + return; + } + + Config_Error_Section(File, Line, Var, "Limits"); +} + +/** + * Handle variable in [Options] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ +static void +Handle_OPTIONS(const char *File, int Line, char *Var, char *Arg) +{ + size_t len; + char *p; + + assert(File != NULL); + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); + + if (strcasecmp(Var, "AllowedChannelTypes") == 0) { + p = Arg; + Conf_AllowedChannelTypes[0] = '\0'; + while (*p) { + if (strchr(Conf_AllowedChannelTypes, *p)) { + /* Prefix is already included; ignore it */ + p++; + continue; + } + + if (strchr(CHANTYPES, *p)) { + len = strlen(Conf_AllowedChannelTypes) + 1; + assert(len < sizeof(Conf_AllowedChannelTypes)); + Conf_AllowedChannelTypes[len - 1] = *p; + Conf_AllowedChannelTypes[len] = '\0'; + } else { + Config_Error(LOG_WARNING, + "%s, line %d: Unknown channel prefix \"%c\" in \"AllowedChannelTypes\"!", + File, Line, *p); + } + p++; + } return; } - if(strcasecmp(Var, "AllowRemoteOper") == 0) { - /* Are remote IRC operators allowed to control this server? */ + if (strcasecmp(Var, "AllowRemoteOper") == 0) { Conf_AllowRemoteOper = Check_ArgIsTrue(Arg); return; } - if( strcasecmp( Var, "MaxConnections" ) == 0 ) { - /* Maximum number of connections. 0 -> "no limit". */ - Conf_MaxConnections = atol( Arg ); - if (!Conf_MaxConnections && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); + if (strcasecmp(Var, "ChrootDir") == 0) { + len = strlcpy(Conf_Chroot, Arg, sizeof(Conf_Chroot)); + if (len >= sizeof(Conf_Chroot)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "MaxConnectionsIP" ) == 0 ) { - /* Maximum number of simultaneous connections from one IP. 0 -> "no limit" */ - Conf_MaxConnectionsIP = atoi( Arg ); - if (!Conf_MaxConnectionsIP && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); + if (strcasecmp(Var, "CloakHost") == 0) { + len = strlcpy(Conf_CloakHost, Arg, sizeof(Conf_CloakHost)); + if (len >= sizeof(Conf_CloakHost)) + Config_Error_TooLong(File, Line, Var); return; } - if( strcasecmp( Var, "MaxJoins" ) == 0 ) { - /* Maximum number of channels a user can join. 0 -> "no limit". */ - Conf_MaxJoins = atoi( Arg ); - if (!Conf_MaxJoins && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); + if (strcasecmp(Var, "CloakHostModeX") == 0) { + len = strlcpy(Conf_CloakHostModeX, Arg, sizeof(Conf_CloakHostModeX)); + if (len >= sizeof(Conf_CloakHostModeX)) + Config_Error_TooLong(File, Line, Var); + return; + } + if (strcasecmp(Var, "CloakHostSalt") == 0) { + len = strlcpy(Conf_CloakHostSalt, Arg, sizeof(Conf_CloakHostSalt)); + if (len >= sizeof(Conf_CloakHostSalt)) + Config_Error_TooLong(File, Line, Var); + return; + } + if (strcasecmp(Var, "CloakUserToNick") == 0) { + Conf_CloakUserToNick = Check_ArgIsTrue(Arg); + return; + } + if (strcasecmp(Var, "ConnectIPv6") == 0) { + Conf_ConnectIPv6 = Check_ArgIsTrue(Arg); + WarnIPv6(File, Line); return; } - if( strcasecmp( Var, "MaxNickLength" ) == 0 ) { - /* Maximum length of a nick name; must be same on all servers - * within the IRC network! */ - Conf_MaxNickLength = Handle_MaxNickLength(Line, Arg); + if (strcasecmp(Var, "ConnectIPv4") == 0) { + Conf_ConnectIPv4 = Check_ArgIsTrue(Arg); return; } + if (strcasecmp(Var, "DefaultUserModes") == 0) { + p = Arg; + Conf_DefaultUserModes[0] = '\0'; + while (*p) { + if (strchr(Conf_DefaultUserModes, *p)) { + /* Mode is already included; ignore it */ + p++; + continue; + } - if( strcasecmp( Var, "Listen" ) == 0 ) { - /* IP-Address to bind sockets */ - if (Conf_ListenAddress) { - Config_Error(LOG_ERR, "Multiple Listen= options, ignoring: %s", Arg); - return; + if (strchr(USERMODES, *p)) { + len = strlen(Conf_DefaultUserModes) + 1; + assert(len < sizeof(Conf_DefaultUserModes)); + Conf_DefaultUserModes[len - 1] = *p; + Conf_DefaultUserModes[len] = '\0'; + } else { + Config_Error(LOG_WARNING, + "%s, line %d: Unknown user mode \"%c\" in \"DefaultUserModes\"!", + File, Line, *p); + } + p++; } - Conf_ListenAddress = strdup_warn(Arg); - /* - * if allocation fails, we're in trouble: - * we cannot ignore the error -- otherwise ngircd - * would listen on all interfaces. - */ - if (!Conf_ListenAddress) { - Config_Error(LOG_ALERT, "%s exiting due to fatal errors!", PACKAGE_NAME); - exit(1); + return; + } + if (strcasecmp(Var, "DNS") == 0) { + Conf_DNS = Check_ArgIsTrue(Arg); + return; + } + if (strcasecmp(Var, "Ident") == 0) { + Conf_Ident = Check_ArgIsTrue(Arg); + WarnIdent(File, Line); + return; + } + if (strcasecmp(Var, "IncludeDir") == 0) { + if (Conf_IncludeDir[0]) { + Config_Error(LOG_ERR, + "%s, line %d: Can't overwrite value of \"IncludeDir\" variable!", + File, Line); + return; } + len = strlcpy(Conf_IncludeDir, Arg, sizeof(Conf_IncludeDir)); + if (len >= sizeof(Conf_IncludeDir)) + Config_Error_TooLong(File, Line, Var); return; } - -#ifdef SSL_SUPPORT - if( strcasecmp( Var, "SSLPorts" ) == 0 ) { - ports_parse(&Conf_SSLOptions.ListenPorts, Line, Arg); + if (strcasecmp(Var, "MorePrivacy") == 0) { + Conf_MorePrivacy = Check_ArgIsTrue(Arg); return; } - - if( strcasecmp( Var, "SSLKeyFile" ) == 0 ) { - assert(Conf_SSLOptions.KeyFile == NULL ); - Conf_SSLOptions.KeyFile = strdup_warn(Arg); + if (strcasecmp(Var, "NoticeAuth") == 0) { + Conf_NoticeAuth = Check_ArgIsTrue(Arg); return; } - if( strcasecmp( Var, "SSLCertFile" ) == 0 ) { - assert(Conf_SSLOptions.CertFile == NULL ); - Conf_SSLOptions.CertFile = strdup_warn(Arg); + if (strcasecmp(Var, "OperCanUseMode") == 0) { + Conf_OperCanMode = Check_ArgIsTrue(Arg); return; } - - if( strcasecmp( Var, "SSLKeyFilePassword" ) == 0 ) { - assert(array_bytes(&Conf_SSLOptions.KeyFilePassword) == 0); - if (!array_copys(&Conf_SSLOptions.KeyFilePassword, Arg)) - Config_Error( LOG_ERR, "%s, line %d (section \"Global\"): Could not copy %s: %s!", - NGIRCd_ConfFile, Line, Var, strerror(errno)); + if (strcasecmp(Var, "OperChanPAutoOp") == 0) { + Conf_OperChanPAutoOp = Check_ArgIsTrue(Arg); + return; + } + if (strcasecmp(Var, "OperServerMode") == 0) { + Conf_OperServerMode = Check_ArgIsTrue(Arg); + return; + } + if (strcasecmp(Var, "PAM") == 0) { + Conf_PAM = Check_ArgIsTrue(Arg); + WarnPAM(File, Line); + return; + } + if (strcasecmp(Var, "PAMIsOptional") == 0 ) { + Conf_PAMIsOptional = Check_ArgIsTrue(Arg); + return; + } + if (strcasecmp(Var, "PredefChannelsOnly") == 0) { + /* + * TODO: This section and support for "PredefChannelsOnly" + * could be removed starting with ngIRCd release 22 (one + * release after marking it "deprecated") ... + */ + Config_Error(LOG_WARNING, + "%s, line %d (section \"Options\"): \"%s\" is deprecated, please use \"AllowedChannelTypes\"!", + File, Line, Var); + if (Check_ArgIsTrue(Arg)) + Conf_AllowedChannelTypes[0] = '\0'; + else + strlcpy(Conf_AllowedChannelTypes, CHANTYPES, + sizeof(Conf_AllowedChannelTypes)); + return; + } +#ifndef STRICT_RFC + if (strcasecmp(Var, "RequireAuthPing") == 0) { + Conf_AuthPing = Check_ArgIsTrue(Arg); return; } - if( strcasecmp( Var, "SSLDHFile" ) == 0 ) { - assert(Conf_SSLOptions.DHFile == NULL); - Conf_SSLOptions.DHFile = strdup_warn( Arg ); - return; - } #endif + if (strcasecmp(Var, "ScrubCTCP") == 0) { + Conf_ScrubCTCP = Check_ArgIsTrue(Arg); + return; + } #ifdef SYSLOG if (strcasecmp(Var, "SyslogFacility") == 0) { Conf_SyslogFacility = ngt_SyslogFacilityID(Arg, @@ -1249,70 +1854,106 @@ Handle_GLOBAL( int Line, char *Var, char *Arg ) return; } #endif - Config_Error(LOG_ERR, "%s, line %d (section \"Global\"): Unknown variable \"%s\"!", - NGIRCd_ConfFile, Line, Var); -} /* Handle_GLOBAL */ + if (strcasecmp(Var, "WebircPassword") == 0) { + len = strlcpy(Conf_WebircPwd, Arg, sizeof(Conf_WebircPwd)); + if (len >= sizeof(Conf_WebircPwd)) + Config_Error_TooLong(File, Line, Var); + return; + } + + Config_Error_Section(File, Line, Var, "Options"); +} +#ifdef SSL_SUPPORT +/** + * Handle variable in [SSL] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ static void -Handle_FEATURES(int Line, char *Var, char *Arg) +Handle_SSL(const char *File, int Line, char *Var, char *Arg) { - assert( Line > 0 ); - assert( Var != NULL ); - assert( Arg != NULL ); + assert(File != NULL); + assert(Line > 0); + assert(Var != NULL); + assert(Arg != NULL); - if( strcasecmp( Var, "DNS" ) == 0 ) { - /* do reverse dns lookups when clients connect? */ - Conf_DNS = Check_ArgIsTrue( Arg ); + if (strcasecmp(Var, "CertFile") == 0) { + assert(Conf_SSLOptions.CertFile == NULL); + Conf_SSLOptions.CertFile = strdup_warn(Arg); return; } - if (strcasecmp(Var, "Ident") == 0) { - /* do IDENT lookups when clients connect? */ - Conf_Ident = Check_ArgIsTrue(Arg); - WarnIdent(Line); + if (strcasecmp(Var, "DHFile") == 0) { + assert(Conf_SSLOptions.DHFile == NULL); + Conf_SSLOptions.DHFile = strdup_warn(Arg); return; } - if(strcasecmp(Var, "PAM") == 0) { - /* use PAM library to authenticate users */ - Conf_PAM = Check_ArgIsTrue(Arg); - WarnPAM(Line); + if (strcasecmp(Var, "KeyFile") == 0) { + assert(Conf_SSLOptions.KeyFile == NULL); + Conf_SSLOptions.KeyFile = strdup_warn(Arg); + return; + } + if (strcasecmp(Var, "KeyFilePassword") == 0) { + assert(array_bytes(&Conf_SSLOptions.KeyFilePassword) == 0); + if (!array_copys(&Conf_SSLOptions.KeyFilePassword, Arg)) + Config_Error(LOG_ERR, + "%s, line %d (section \"SSL\"): Could not copy %s: %s!", + File, Line, Var, strerror(errno)); + return; + } + if (strcasecmp(Var, "Ports") == 0) { + ports_parse(&Conf_SSLOptions.ListenPorts, File, Line, Arg); + return; + } + if (strcasecmp(Var, "CipherList") == 0) { + assert(Conf_SSLOptions.CipherList == NULL); + Conf_SSLOptions.CipherList = strdup_warn(Arg); return; } - Config_Error(LOG_ERR, - "%s, line %d (section \"Features\"): Unknown variable \"%s\"!", - NGIRCd_ConfFile, Line, Var); + Config_Error_Section(File, Line, Var, "SSL"); } +#endif + +/** + * Handle variable in [Operator] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ static void -Handle_OPERATOR( int Line, char *Var, char *Arg ) +Handle_OPERATOR(const char *File, int Line, char *Var, char *Arg ) { size_t len; struct Conf_Oper *op; + assert( File != NULL ); assert( Line > 0 ); assert( Var != NULL ); assert( Arg != NULL ); - assert( Conf_Oper_Count > 0 ); - op = array_alloc(&Conf_Opers, sizeof(*op), Conf_Oper_Count - 1); - if (!op) { - Config_Error(LOG_ERR, "Could not allocate memory for operator (%d:%s = %s)", Line, Var, Arg); + op = array_get(&Conf_Opers, sizeof(*op), + array_length(&Conf_Opers, sizeof(*op)) - 1); + if (!op) return; - } if (strcasecmp(Var, "Name") == 0) { /* Name of IRC operator */ len = strlcpy(op->name, Arg, sizeof(op->name)); if (len >= sizeof(op->name)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } if (strcasecmp(Var, "Password") == 0) { /* Password of IRC operator */ len = strlcpy(op->pwd, Arg, sizeof(op->pwd)); if (len >= sizeof(op->pwd)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } if (strcasecmp(Var, "Mask") == 0) { @@ -1321,17 +1962,24 @@ Handle_OPERATOR( int Line, char *Var, char *Arg ) op->mask = strdup_warn( Arg ); return; } - Config_Error( LOG_ERR, "%s, line %d (section \"Operator\"): Unknown variable \"%s\"!", - NGIRCd_ConfFile, Line, Var ); -} /* Handle_OPERATOR */ + Config_Error_Section(File, Line, Var, "Operator"); +} +/** + * Handle variable in [Server] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ static void -Handle_SERVER( int Line, char *Var, char *Arg ) +Handle_SERVER(const char *File, int Line, char *Var, char *Arg ) { long port; size_t len; - + + assert( File != NULL ); assert( Line > 0 ); assert( Var != NULL ); assert( Arg != NULL ); @@ -1343,14 +1991,14 @@ Handle_SERVER( int Line, char *Var, char *Arg ) /* Hostname of the server */ len = strlcpy( New_Server.host, Arg, sizeof( New_Server.host )); if (len >= sizeof( New_Server.host )) - Config_Error_TooLong ( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "Name" ) == 0 ) { /* Name of the server ("Nick"/"ID") */ len = strlcpy( New_Server.name, Arg, sizeof( New_Server.name )); if (len >= sizeof( New_Server.name )) - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if (strcasecmp(Var, "Bind") == 0) { @@ -1358,26 +2006,26 @@ Handle_SERVER( int Line, char *Var, char *Arg ) return; Config_Error(LOG_ERR, "%s, line %d (section \"Server\"): Can't parse IP address \"%s\"", - NGIRCd_ConfFile, Line, Arg); + File, Line, Arg); return; } if( strcasecmp( Var, "MyPassword" ) == 0 ) { /* Password of this server which is sent to the peer */ if (*Arg == ':') { Config_Error(LOG_ERR, - "%s, line %d (section \"Server\"): MyPassword must not start with ':'!", - NGIRCd_ConfFile, Line); + "%s, line %d (section \"Server\"): MyPassword must not start with ':'!", + File, Line); } len = strlcpy( New_Server.pwd_in, Arg, sizeof( New_Server.pwd_in )); if (len >= sizeof( New_Server.pwd_in )) - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "PeerPassword" ) == 0 ) { /* Passwort of the peer which must be received */ len = strlcpy( New_Server.pwd_out, Arg, sizeof( New_Server.pwd_out )); if (len >= sizeof( New_Server.pwd_out )) - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "Port" ) == 0 ) { @@ -1387,8 +2035,8 @@ Handle_SERVER( int Line, char *Var, char *Arg ) New_Server.port = (UINT16)port; else Config_Error(LOG_ERR, - "%s, line %d (section \"Server\"): Illegal port number %ld!", - NGIRCd_ConfFile, Line, port ); + "%s, line %d (section \"Server\"): Illegal port number %ld!", + File, Line, port ); return; } #ifdef SSL_SUPPORT @@ -1401,7 +2049,7 @@ Handle_SERVER( int Line, char *Var, char *Arg ) /* Server group */ New_Server.group = atoi( Arg ); if (!New_Server.group && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); + Config_Error_NaN(File, Line, Var); return; } if( strcasecmp( Var, "Passive" ) == 0 ) { @@ -1413,15 +2061,23 @@ Handle_SERVER( int Line, char *Var, char *Arg ) len = strlcpy(New_Server.svs_mask, ngt_LowerStr(Arg), sizeof(New_Server.svs_mask)); if (len >= sizeof(New_Server.svs_mask)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } - Config_Error( LOG_ERR, "%s, line %d (section \"Server\"): Unknown variable \"%s\"!", - NGIRCd_ConfFile, Line, Var ); -} /* Handle_SERVER */ - + Config_Error_Section(File, Line, Var, "Server"); +} +/** + * Copy channel name into channel structure. + * + * If the channel name is not valid because of a missing prefix ('#', '&'), + * a default prefix of '#' will be added. + * + * @param new_chan New already allocated channel structure. + * @param name Name of the new channel. + * @returns true on success, false otherwise. + */ static bool Handle_Channelname(struct Conf_Channel *new_chan, const char *name) { @@ -1440,72 +2096,83 @@ Handle_Channelname(struct Conf_Channel *new_chan, const char *name) return size > strlcpy(dest, name, size); } - +/** + * Handle variable in [Channel] configuration section. + * + * @param Line Line numer in configuration file. + * @param Var Variable name. + * @param Arg Variable argument. + */ static void -Handle_CHANNEL(int Line, char *Var, char *Arg) +Handle_CHANNEL(const char *File, int Line, char *Var, char *Arg) { size_t len; - size_t chancount; struct Conf_Channel *chan; + assert( File != NULL ); assert( Line > 0 ); assert( Var != NULL ); assert( Arg != NULL ); - assert(Conf_Channel_Count > 0); - chancount = Conf_Channel_Count - 1; - - chan = array_alloc(&Conf_Channels, sizeof(*chan), chancount); - if (!chan) { - Config_Error(LOG_ERR, "Could not allocate memory for predefined channel (%d:%s = %s)", Line, Var, Arg); + chan = array_get(&Conf_Channels, sizeof(*chan), + array_length(&Conf_Channels, sizeof(*chan)) - 1); + if (!chan) return; - } + if (strcasecmp(Var, "Name") == 0) { if (!Handle_Channelname(chan, Arg)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } if (strcasecmp(Var, "Modes") == 0) { /* Initial modes */ len = strlcpy(chan->modes, Arg, sizeof(chan->modes)); if (len >= sizeof(chan->modes)) - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "Topic" ) == 0 ) { /* Initial topic */ len = strlcpy(chan->topic, Arg, sizeof(chan->topic)); if (len >= sizeof(chan->topic)) - Config_Error_TooLong( Line, Var ); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "Key" ) == 0 ) { /* Initial Channel Key (mode k) */ len = strlcpy(chan->key, Arg, sizeof(chan->key)); if (len >= sizeof(chan->key)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } if( strcasecmp( Var, "MaxUsers" ) == 0 ) { /* maximum user limit, mode l */ chan->maxusers = (unsigned long) atol(Arg); if (!chan->maxusers && strcmp(Arg, "0")) - Config_Error_NaN(Line, Var); + Config_Error_NaN(File, Line, Var); return; } if (strcasecmp(Var, "KeyFile") == 0) { /* channel keys */ len = strlcpy(chan->keyfile, Arg, sizeof(chan->keyfile)); if (len >= sizeof(chan->keyfile)) - Config_Error_TooLong(Line, Var); + Config_Error_TooLong(File, Line, Var); return; } - Config_Error( LOG_ERR, "%s, line %d (section \"Channel\"): Unknown variable \"%s\"!", - NGIRCd_ConfFile, Line, Var ); -} /* Handle_CHANNEL */ - + Config_Error_Section(File, Line, Var, "Channel"); +} +/** + * Validate server configuration. + * + * Please note that this function uses exit(1) on fatal errors and therefore + * can result in ngIRCd terminating! + * + * @param Configtest true if the daemon has been called with "--configtest". + * @param Rehash true if re-reading configuration on runtime. + * @returns true if configuration is valid. + */ static bool Validate_Config(bool Configtest, bool Rehash) { @@ -1517,6 +2184,13 @@ Validate_Config(bool Configtest, bool Rehash) bool config_valid = true; char *ptr; + /* Emit a warning when the config file is not a full path name */ + if (NGIRCd_ConfFile[0] && NGIRCd_ConfFile[0] != '/') { + Config_Error(LOG_WARNING, + "Not specifying a full path name to \"%s\" can cause problems when rehashing the server!", + NGIRCd_ConfFile); + } + /* Validate configured server name, see RFC 2812 section 2.3.1 */ ptr = Conf_ServerName; do { @@ -1583,9 +2257,9 @@ Validate_Config(bool Configtest, bool Rehash) } #ifdef PAM - if (Conf_ServerPwd[0]) + if (Conf_PAM && Conf_ServerPwd[0]) Config_Error(LOG_ERR, - "This server uses PAM, \"Password\" will be ignored!"); + "This server uses PAM, \"Password\" in [Global] section will be ignored!"); #endif #ifdef DEBUG @@ -1598,29 +2272,66 @@ Validate_Config(bool Configtest, bool Rehash) } } Log(LOG_DEBUG, - "Configuration: Operators=%d, Servers=%d[%d], Channels=%d", - Conf_Oper_Count, servers, servers_once, Conf_Channel_Count); + "Configuration: Operators=%ld, Servers=%d[%d], Channels=%ld", + array_length(&Conf_Opers, sizeof(struct Conf_Oper)), + servers, servers_once, + array_length(&Conf_Channels, sizeof(struct Conf_Channel))); #endif return config_valid; -} /* Validate_Config */ - +} +/** + * Output "line too long" warning. + * + * @param Line Line number in configuration file. + * @param Item Affected variable name. + */ static void -Config_Error_TooLong ( const int Line, const char *Item ) +Config_Error_TooLong(const char *File, const int Line, const char *Item) { - Config_Error( LOG_WARNING, "%s, line %d: Value of \"%s\" too long!", NGIRCd_ConfFile, Line, Item ); + Config_Error(LOG_WARNING, "%s, line %d: Value of \"%s\" too long!", + File, Line, Item ); } - +/** + * Output "unknown variable" warning. + * + * @param Line Line number in configuration file. + * @param Item Affected variable name. + * @param Section Section name. + */ static void -Config_Error_NaN( const int Line, const char *Item ) +Config_Error_Section(const char *File, const int Line, const char *Item, + const char *Section) { - Config_Error( LOG_WARNING, "%s, line %d: Value of \"%s\" is not a number!", - NGIRCd_ConfFile, Line, Item ); + Config_Error(LOG_ERR, "%s, line %d (section \"%s\"): Unknown variable \"%s\"!", + File, Line, Section, Item); } +/** + * Output "not a number" warning. + * + * @param Line Line number in configuration file. + * @param Item Affected variable name. + */ +static void +Config_Error_NaN(const char *File, const int Line, const char *Item ) +{ + Config_Error(LOG_WARNING, "%s, line %d: Value of \"%s\" is not a number!", + File, Line, Item ); +} +/** + * Output configuration error to console and/or logfile. + * + * On runtime, the normal log functions of the daemon are used. But when + * testing the configuration ("--configtest"), all messages go directly + * to the console. + * + * @param Level Severity level of the message. + * @param Format Format string; see printf() function. + */ #ifdef PROTOTYPES static void Config_Error( const int Level, const char *Format, ... ) #else @@ -1630,8 +2341,6 @@ const char *Format; va_dcl #endif { - /* Error! Write to console and/or logfile. */ - char msg[MAX_LOG_MSG_LEN]; va_list ap; @@ -1644,17 +2353,21 @@ va_dcl #endif vsnprintf( msg, MAX_LOG_MSG_LEN, Format, ap ); va_end( ap ); - - /* During "normal operations" the log functions of the daemon should - * be used, but during testing of the configuration file, all messages - * should go directly to the console: */ - if (Use_Log) Log( Level, "%s", msg ); - else puts( msg ); -} /* Config_Error */ + if (!Use_Log) { + if (Level <= LOG_WARNING) + printf(" - %s\n", msg); + else + puts(msg); + } else + Log(Level, "%s", msg); +} #ifdef DEBUG +/** + * Dump internal state of the "configuration module". + */ GLOBAL void Conf_DebugDump(void) { @@ -1671,16 +2384,18 @@ Conf_DebugDump(void) Conf_Server[i].group, Conf_Server[i].flags, Conf_Server[i].conn_id); } -} /* Conf_DebugDump */ +} #endif - +/** + * Initialize server configuration structure to default values. + * + * @param Server Pointer to server structure to initialize. + */ static void Init_Server_Struct( CONF_SERVER *Server ) { - /* Initialize server configuration structur to default values */ - assert( Server != NULL ); memset( Server, 0, sizeof (CONF_SERVER) ); @@ -1692,8 +2407,7 @@ Init_Server_Struct( CONF_SERVER *Server ) Proc_InitStruct(&Server->res_stat); Server->conn_id = NONE; - memset(&Server->bind_addr, 0, sizeof(&Server->bind_addr)); -} /* Init_Server_Struct */ - + memset(&Server->bind_addr, 0, sizeof(Server->bind_addr)); +} /* -eof- */