From: Alexander Barton Date: Fri, 26 Apr 2024 14:53:00 +0000 (+0200) Subject: ngIRCd Release 27 X-Git-Tag: rel-27^0 X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=commitdiff_plain;h=HEAD;hp=e7cb9b1a001a97b1edf0e862808cbd0be5264a7a;ds=sidebyside ngIRCd Release 27 --- diff --git a/.dockerignore b/.dockerignore new file mode 120000 index 00000000..3e4e48b0 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +.gitignore \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..5aba70ef --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,60 @@ +name: ngIRCd CI + +on: + push: + branches: + - master + paths-ignore: + - 'COPYING' + - 'ChangeLog' + - 'NEWS' + - 'contrib/**' + - 'doc/**' + - 'man/**' + - '**.md' + - '**.txt' + pull_request: + branches: + - master + paths-ignore: + - 'COPYING' + - 'ChangeLog' + - 'NEWS' + - 'contrib/**' + - 'doc/**' + - 'man/**' + - '**.md' + - '**.txt' + +jobs: + build_and_distcheck: + + name: Configure ngIRCd sources and run make targets "all" and "distcheck" + runs-on: ubuntu-latest + timeout-minutes: 10 + + steps: + - uses: actions/checkout@v4 + - uses: awalsh128/cache-apt-pkgs-action@v1 + with: + packages: > + autoconf + automake + build-essential + expect + libident-dev + libpam0g-dev + libssl-dev + libwrap0-dev + pkg-config + telnet + zlib1g-dev + version: 1.0 + - name: Generate build system files + run: ./autogen.sh + - name: Configure the build system + run: ./configure --enable-ipv6 --with-iconv --with-ident --with-openssl --with-pam --with-tcp-wrappers --with-zlib + - name: Build everything + run: make all + - name: Create distribution archive and run tests + run: make distcheck diff --git a/.gitignore b/.gitignore index 0f4768a9..94957798 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,14 @@ +.*.swp +.deps +.trunk +.vscode +*.a +*.e_ +*.exe +*.log +*.o +*~ Makefile -Makefile.am Makefile.in aclocal.m4 ansi2knr.1 @@ -11,7 +20,6 @@ build-stamp-ngircd* build+* compile config.cache -config.log config.status configure configure.ac @@ -23,47 +31,24 @@ depcomp install-sh missing ngircd.dest -.*.swp -.deps -.vscode -*.a -*.o doc/sample-ngircd.conf doc/src/html man/ngircd.8 man/ngircd.conf.5 +src/*/Makefile.am src/config.h src/config.h.in -src/config.h.in~ src/stamp-h1 src/ngircd/check-help src/ngircd/check-version src/ngircd/ngircd -src/ngircd/ngircd.exe src/portab/portabtest -src/portab/portabtest.exe -src/testsuite/*.e_ -src/testsuite/channel-test -src/testsuite/connect-test -src/testsuite/invite-test -src/testsuite/join-test -src/testsuite/kick-test +src/testsuite/*-test src/testsuite/logs -src/testsuite/message-test -src/testsuite/misc-test -src/testsuite/mode-test -src/testsuite/ngircd-test1.log -src/testsuite/ngircd-test1.motd -src/testsuite/ngircd-test2.log -src/testsuite/ngircd-test2.motd -src/testsuite/opless-channel-test -src/testsuite/server-link-test -src/testsuite/server-login-test -src/testsuite/T-ngircd1 -src/testsuite/T-ngircd1.exe -src/testsuite/T-ngircd2 -src/testsuite/T-ngircd2.exe +src/testsuite/ngircd-*.motd +src/testsuite/ssl/cert.pem +src/testsuite/ssl/dhparams.pem +src/testsuite/ssl/key.pem +src/testsuite/T-ngircd? src/testsuite/tests src/testsuite/tests-skipped.lst -src/testsuite/who-test -src/testsuite/whois-test diff --git a/.mailmap b/.mailmap index 7dfa21ba..860a2374 100644 --- a/.mailmap +++ b/.mailmap @@ -6,6 +6,8 @@ Alexander Barton Ali Shemiran +Christoph Biedl + Dana Dahlstrom Dana Dahlstrom @@ -14,3 +16,7 @@ DNS Götz Hoffart LucentW + +Michi + +Sam James <11667869+thesamesam@users.noreply.github.com> diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3b82280a..00000000 --- a/.travis.yml +++ /dev/null @@ -1,16 +0,0 @@ -language: c -sudo: false -addons: - apt: - packages: - - libident-dev - - libpam0g-dev - - libssl-dev - - libwrap0-dev - - zlib1g-dev - - expect - - telnet -compiler: - - gcc - - clang -script: ./autogen.sh && ./configure --enable-ipv6 --with-iconv --with-ident --with-openssl --with-pam --with-tcp-wrappers --with-zlib && make check diff --git a/AUTHORS b/AUTHORS deleted file mode 100644 index 4c555dbc..00000000 --- a/AUTHORS +++ /dev/null @@ -1,74 +0,0 @@ - - ngIRCd - Next Generation IRC Server - http://ngircd.barton.de/ - - (c)2001-2020 Alexander Barton and Contributors. - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- AUTHORS and CONTRIBUTORS -- - - -Note: -If you have comments, patches or something else, please feel free to post -a mail to the ngIRCd mailing list: (please see - for details) or join the ngIRCd IRC -channel "#ngircd" on irc.barton.de: . - -Don't mail the people listed here directly, if possible! - - -Main Authors -~~~~~~~~~~~~ -Alexander Barton -Florian Westphal - - -Contributors -~~~~~~~~~~~~ -Ali Shemiran -Ask Bjørn Hansen -Benjamin Pineau -Bernd Kuhls -Brandon Beresini -Brett Smith -Brian Collins -Bryan Caldwell -Christian Aistleitner -Christoph Biedl -Dana Dahlstrom -David Kingston -DNS -Eric Grunow -Federico G. Schwindt -Gabor Adam Toth -Götz Hoffart -Ian Chard -Ilja Osthoff -ItsOnlyBinary -James Lu -Jari Aalto -LucentW -Mantas Mikulėnas -Neale Pickett -Peter Powell -Rolf Eike Beer -Rosen Penev -Roy Sindre Norangshol -Scott Perry -Sean Reifschneider -Sebastian Köhler -shankari -Tassilo Schweyer -Tom Ryder -Unit 193 -William Pitcock -xor -Yecheng Fu - - -Code snippets -~~~~~~~~~~~~~ -Andrew Tridgell & Martin Pool: strl{cpy|cat}()-functions -John Kercheval: pattern matching functions -Patrick Powell : snprintf()-function diff --git a/AUTHORS.md b/AUTHORS.md new file mode 100644 index 00000000..dad1f9a6 --- /dev/null +++ b/AUTHORS.md @@ -0,0 +1,82 @@ +# [ngIRCd](https://ngircd.barton.de) - Authors & Contributors + +Please feel free to post an email to the ngIRCd users mailing list + (see for details) +if you have comments, patches, suggestions or questions. + +Or join the "#ngircd" channel in IRC on irc.barton.de: +. + +*Please do not email the people listed here directly, if possible!* + +## Main Authors + +- Alexander Barton +- Florian Westphal + +## Contributors + +- 9pfs +- Ali Shemiran +- Ask Bjørn Hansen +- Benjamin Pineau +- Bernd Kuhls +- Brandon Beresini +- Brett Smith +- Brian Collins +- Bryan Caldwell +- Christian Aistleitner +- Christoph Biedl +- Dana Dahlstrom +- David Kingston +- DNS +- Eric Grunow +- ewired <37567272+ewired@users.noreply.github.com> +- Fabrice Fontaine +- Federico G. Schwindt +- Florian Weimer +- Gabor Adam Toth +- Götz Hoffart +- hello-smile6 <73048226+hello-smile6@users.noreply.github.com> +- Hilko Bengen +- Ian Chard +- Ilja Osthoff +- ItsOnlyBinary +- Ivan Agarkov +- James Lu +- Jari Aalto +- Johann Hartwig Hauschild +- JRMU +- Jules Maselbas +- Katherine Peeters +- LucentW +- Mantas Mikulėnas +- Michi +- Neale Pickett +- Peter Powell +- Rolf Eike Beer +- Rosen Penev +- Roy Sindre Norangshol +- salaaad2 <47527723+salaaad2@users.noreply.github.com> +- Sam James +- Scott Perry +- Sean Reifschneider +- Sebastian Andrzej Siewior +- Sebastian Köhler +- shankari +- Tassilo Schweyer +- Tom Ryder +- Unit 193 +- Valentin Lorentz +- Val Lorentz +- William Pitcock +- Windree <57554809+Windree@users.noreply.github.com> +- xnaas <8271327+xnaas@users.noreply.github.com> +- xor +- Yecheng Fu + +## Code snippets + +- Andrew Tridgell & Martin Pool: strl{cpy|cat}()-functions +- John Kercheval: pattern matching functions +- Patrick Powell : snprintf()-function diff --git a/ChangeLog b/ChangeLog index 06dc4f83..0744e250 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,12 +2,356 @@ ngIRCd - Next Generation IRC Server http://ngircd.barton.de/ - (c)2001-2020 Alexander Barton and Contributors. + (c)2001-2024 Alexander Barton and Contributors. ngIRCd is free software and published under the terms of the GNU General Public License. -- ChangeLog -- +ngIRCd 27 (2024-04-26) + + - Update ChangeLog, NEWS, AUTHORS.md & doc/Platforms.txt for ngIRCd 27. + - Clarify in the sample configuration file and the ngircd.conf(5) manual + page that the "CAFile" option is unset by default. + - Fix channel symbol returned in the RPL_NAMREPLY(353) numeric of NAMES + commands for secret (mode +s) channels: this should be "@", not "=". + Thanks Val Lorentz for the patch! + Closes #313. + - Add an example filter file for "Fail2Ban": contrib/ngircd-fail2ban.conf. + - Don't abort startup when setgid/setuid() fails with EINVAL: Both setgid(2) + as well as setuid(2) can fail with EINVAL in addition to EPERM, their + manual pages state "EINVAL: The user/group ID specified in uid/gid is not + valid in this user namespace ". So not only treat EPERM as an "acceptable + error" and continue with logging the error, but do the same for EINVAL. + This was triggered by the Void Linux xbps-uunshare(1) tool used for + building "XBPS source packages" and reported by luca in #ngircd. Thanks! + - Test suite: Don't use "pgrep -u" when LOGNAME and USER are not set + Thanks for reporting this on IRC, luca! + + ngIRCd 27~rc1 (2024-04-13) + - Validate certificates on server links. Up to now, ngIRCd optionally used + SSL/TLS encrypted server-server links but never checked and validated any + certificates. Now ngIRCd validates SSL/TLS certificates on outgoing + server-server links by default and drops(!) connections when the remote + certificate is invalid (for example self-signed, expired, not matching the + host name, ...). Therefore you have to make sure that all relevant + *certificates are valid* (or to disable certificate validation on this + connection using the new `SSLVerify = false` setting in the affected + `[Server]` block, where the remote certificate is not valid and you can not + fix this issue). + The original patch for OpenSSL dates back to 2009 and was written by Florian + Westphal and was extended for GnuTLS in 2014 by Christoph Biedl. But it took + us another 10 years to bring it to life ... oh my! Many thanks to both + Florian and Christoph! + Closes #120. + - Add support for the "sd_notify" protocol of systemd(8): Periodically + "ping" the service manager (every 3 seconds) and set a status message + showing current connection statistics which then is included in "systemctl + status ngircd.service" output. In addition, this enables using the + systemd(8) watchdog functionality ("WatchdogSec") for the "ngircd.service" + unit and allows it to use the "notify" service type, which results in + better status tracking by the service manager. + - Try to set file descriptor limit to its maximum and show info on startup: + The number of possible parallel connections is limited by the file + descriptor limit of the process (among other things). Therefore try to + upgrade the current "soft" limit to its "hard" maximum (but limited to + 100000 instead of "infinite"), and show an information or even warning when + the limit is still less than the configured "MaxConnections" setting. Please + note that ngIRCd and its linked libraries (like PAM) need file descriptors + not only for incoming and outgoing IRC connections, but for reading files + and inter-process communication, too! Therefore the actual connection limit + is less(!) than the file descriptor limit! + - Update and fix the logcheck(8) rules file. + - METADATA: Fix unsetting the "cloakhost" hostname, which did not result in + the original hostname being restored, but actually resulted in an empty + string being used as the client hostname -- which is a protocol violation. + - Update the "rpm" make target to use the rpmbuild(8) command. + - Add a "Docker file" (contrib/Dockerfile) and corresponding documentation + (doc/Container.md) to the project. The resulting container is based on the + latest Debian "stable-slim" container and built using a "build container". + - Remove outdated, unsupported and broken support for splint(1). + - Don't show the default config file name on config errors: The configuration + can be set in drop-in files in the include directory, too, so it is not + clear in which file it is actually missing. + - No longer use a default built-in value for the "IncludeDir" directive when + a configuration file was explicitly specified on the command line using + "--config"/"-f": This way no default include directory is scanned when a + possibly non-default configuration file is used which (intentionally) did + not specify an "IncludeDir" directive. So now you can use "-f /dev/null" + for checking all built-in defaults, regardless of any local configuration + files in the default drop-in directory (which would have been read in + until this change). + - No longer log channel keys ("passwords") for predefined channels. + - The server "Name" in the "[Global]" section of the configuration file no + longer needs to be set: When not set (or empty), ngIRCd now tries to + deduce a valid IRC server name from the local host name ("node name"), + possibly adding a ".host" extension when the host name does not contain a + dot (".") which is required in an IRC server name ("ID"). + This new behavior, with all configuration parameters now being optional, + allows running ngIRCd without any configuration file at all. + - Silence some compiler warnings. + - autogen.sh: Prefer automake 1.11 over other releases because this is the + last release supporting "de-ANSI-fication" using the included ansi2knr tool. + And because we _want_ to support old K&R platforms, we try hard to use this + release of automake when available to generate our build system. + Note: This is only relevant for you if you are building from Git sources. + - Autodetect support for IPv6 by default: Until now, IPv6 support was disabled + by default, which seems a bit outdated in 2024. Note: You still can pass + "--enable-ipv6"/"--disable-ipv6" to the ./configure script to forcefully + activate or deactivate IPv6 support. + - Do IDENT requests even when DNS lookups are disabled: Up to now disabling + DNS in the configuration disabled IDENT lookups as well (for no good + reason). Now you can activate/deactivate DNS lookups and IDENT requests + completely separately. Thanks for reporting this, Miniontoby! + Closes #291. + - Update config.guess (2023-08-22) and config.sub (2023-09-19) files. + - Fix Channel Admins being able to to set Channel Owner status! "Sarah" + reported this back in April 2021 and proposed a patch, thanks a lot! + - Test suite: Update for OpenSSL 3.x, some command outputs changed, clean up + shell scripts and make the getpid.sh script more robust. + - Allow SSL client-only configurations without keys/certificates: You don't + need to configure certificates/keys as long as you don't configure + SSL-enabled listening ports. This can make sense when you want to only link + your local daemon to an uplink server using SSL and only have clients on + your local host or in your fully trusted network, where SSL is not required. + - Remove the unmaintained contrib/MacOSX/ folder: this includes the Xcode + project as well as the outdated macOS "Package Maker" configuration. The + sample launchd(8) configuration properties list file was moved to + "contrib/de.barton.ngircd.plist" and kept. + - Fix showing the "Ident" option in "--configtest" output which was never + shown because of a coding error. Whoops! + - Change GnuTLS "slot handling" messages to debug level: Those messages are + about an internal implementation detail, not relevant for an administrator + of ngIRCd. + - Enlarge buffer for log messages: For example, SSL/TLS certificate + information can easily get longer than 256 characters. So enlarge the log + buffer to 1 KB to avoid cutting off relevant information. + - Respect "SSLConnect" option for incoming connections and do not accept + incoming plain-text ("non SSL") server connections for servers configured + with "SSLConnect" enabled. This change prevents an authenticated + client-server being able to force the server-server to send its password + on a plain-text connection when SSL/TLS was intended. + - Always try to close a connection with errors immediately, but try hard + to avoid too much recursion. Without this patch, an outgoing server + connection could get stuck in an "endless" state trying to write out data + over and over again. + - Add "hopm.service" to "Wants" and "Before" dependencies in the sample + systemd unit file (Hopm is the successor of Bopm). + - Update Debian package configuration using current "dh_make", package + dependencies and build rules. And no longer build 3 different versions, + only build "ngircd" which now includes support for IDENT, PAM (disabled in + the ngircd.conf installed by the package), SSL (OpenSSL), ZLib and IPv6. + - Return ERR_NOTEXTTOSEND on empty PRIVMSG content, which matches the + behavior of other servers. + - Add a new option "Autojoin" to [Channel] blocks: When it is set, ngIRCd + automatically joins all local users to this channel on connect. Note: The + users must have permissions to access the channel, otherwise joining them + will fail! + Thanks Ivan Agarkov for the initial patch! + - Hide invisible (+i) users on "WHOIS ": Let's behave like most(?) + other IRC daemons (at least ircd2.11) and hide all +i users when WHOIS is + used with a pattern. Otherwise privacy of this users is not guaranteed and + the +i mode a bit useless ... + Reported by Cahata on #ngircd, thanks! + - Update the final "closing connection" message: Add some more information + like nick name, user name, host name and bring it in line with some other + implementations (at least ircd2.11 and Hybrid). + - Fix RPL_INVITING message: All numeric replies must originate from an IRC + server, never from a client. Thanks "tommyrot" for reporting this! + Closes #307. + - Enhance some log messages, for example for errors when accepting new + connections. + - Make the debug log level ("--debug"/-"d" command line option) always + available, not only when ./configure'd with "--enable-debug": the latter + now only enables additional checks (like the tests done using assert(2)) + and is signalled by adding "+DEBUG" to the version "feature string". This + change enables everyone to get even more detailed logging when required. + - Always report an error when a parameter is missing in a channel "MODE +k" + or "MODE +l" command, and better validate their parameters: return the new + numeric ERR_INVALIDMODEPARAM_MSG(696) on errors. + Thanks Val Lorentz for reporting this! + Closes #290. + - Allow IRC Operators to use the WHO command on any channel. + - Add configuration for "ngIRCd CI" GitHub Action, no longer use Travis-CI. + - Send the NAMES list and channel topic to users "forcefully" joined to a + channel using NJOIN, like they joined on their own using JOIN, and + streamline the order of NAMES list and channel topic messages. + Closes #288. + - Fix (invalid) error messages when setting modes on local channels which + are defined in the configuration file. + - Fix handling of G-Lines/K-Lines with cloaked host names. + - Streamline logging of debug messages. + - Added a new command line option "-y"/"--syslog", with which logging to + syslog can be activated/deactivated separately from running on the console + (using "--nodaemon") or in the background. + Thanks Katherine Peeters for the patch and pull request! + Closes #294. + - Fix a possible race condition while introducing new clients in the network. + - Update, enhance and extend our documentation in README.md, INSTALL.md, + doc/HowToRelease.txt and the manual pages ngircd(8) and ngircd.conf(5), add + a new doc/QuickStart.md document, and convert some more documentation files + to Markdown (AUTHORS.md, contrib/README.md, doc/FAQ.md, doc/SSL.md). + +ngIRCd 26.1 (2021-01-02) + + - Fix a "format string" compiler warning (detected on OpenBSD). + - No longer set "AI_ADDRCONFIG" when resolving host names, even when it + exists: with this option set, on an IPv6-only host, we prevent 127.0.0.1 + to get translated properly, even when the loopback interface has this + address configured! And as the test suite uses 127.0.0.1, it was broken + on IPv6-only hosts. + The drawback is that the resolver possibly returns more addresses now, + even of an unsupported/not connected address family; but this shouldn't + do much harm in practice, as ngIRCd iterates over all returned addresses + while trying to establish an outgoing connection. + Closes #281. + - Revert "Show allowed channel types in ISUPPORT(005) numeric only", which + was introduced in 26~rc1: This lead to some IRC clients assuming "oh, no + channel prefix characters at all, so no channels at all, so no PRIVMSG can + go to any channel" when "AllowedChannelTypes" was set to the empty string + ("") -- which is not the case when there are pre-defined channel set up or + other servers still having channels! + So "allowed channel types" != "supported channel types", and we always have + to list all supported ones in the ISUPPORT(005) numeric! + Closes #285. + - Test suite: Wait 2 seconds after reloading the daemon, which is required + because on reload, all listening ports are closed, configuration updated, + and then opened again. This lead to subsequent tests running while the + daemon isn't listening on any ports, and that's why some tests could fail. + Closes #280. + - platformtest.sh: Try to mangle CLang name more intelligently. + - Documentation: Fixed URLs of Atheme IRC services, updated all mentions + from CVS to Git, and updated Platforms.txt -- Oh, and it is 2021 now! ;-) + +ngIRCd 26 (2020-06-20) + + ngIRCd 26~rc2 (2020-06-11) + - Add AppStream metadata file (contrib/de.barton.ngircd.metainfo.xml). + - Don't send invalid CHANINFO commands when a channel has mode +k set but no + key is known to the server. This can happen with a misconfigured predefined + channel, for example, and looked like this: "CHANINFO #test +Pk 0 :" -- + note the unset key represented by the two spaces. Fix this by sending a + "*" in this case and update the CHANINFO documentation, too. + - ngircd.spec: Fix names of README.md and INSTALL.md, add ".md" extension. + - Update description texts in the README.md file, the RPM and Debian package + files and the manual page: bring them in line with the updated homepage. + - Server-Server protocol: Fix use-after-free when unregistering a directly + connected server sending a SQUIT for itself. + - Server-Server protocol: Detect bogus SERVER commands lacking a prefix. + Thanks Hilko Bengen (hillu) for finding & reporting this as well for the + patch & pull request (even if fixed differently). + Closes #275. + - Fix the PING-PONG logic: In ngIRCd 26~rc1 this was completely broken (while + trying to fix timeouts during server handshakes in bigger networks): the + daemon never disconnected any stale peers but kept sending out PINGs over + and over again ... + - Test suite: Add missing files needed to test SSL support to "EXTRA_DIST", + so that they are included in distribution archives: in rc1, "make check" + fails when using sources from an archive and enabling SSL support. + Thanks to Hilko Bengen for the patch! + + ngIRCd 26~rc1 (2020-05-10) + - Tweak & update doc/HowToRelease.txt, .mailmap and AUTHORS files. + - Allow up to 512 characters per line in MOTD and help text files (but keep + in mind that lines can't get that long, because they have to be prefixed + before being sent to the client). But this allows for more fancy MOTDs :-) + Closes #271. + - Show the actually allowed channel types in the ISUPPORT(005) numeric which + are configured by the "AllowedChannelTypes" configuration variable. + Closes #273. + - Handle commands in the read buffer before reading more data and don't wait + for the network in this case: If there are more bytes in the read buffer + already than a single valid IRC command can get long (513 bytes), wait for + this/those command(s) to be handled first and don't try to read even more + data from the network (which most probably would overflow the read buffer + of this connection soon). + - Update Travis-CI configuration, "sudo" is deprecated. + - Log G-/K-Line changes only when not initiated by a server: this prevents + the log from becoming spammed during "net bursts". + - Update test suite to include SSL tests, including checking for reloading + certificates during runtime. + - Makefile.am: Replace "make" with "${MAKE}". This fixes warnings like this: + "warning: jobserver unavailable: using -j1. Add `+' to parent make rule." + Thanks to Sam James (sam_c) ! + Closes #270. + - Add support for GnuTLS certificate reload, which is quite handy when using + Let's Encrypt, for example. Until now this was only supported when linked + with OpenSSL. Thanks a lot, Hilko Bengen ! + - Remove deprecated legacy configuration options and related functions that + have been marked for removal for quite some time: + - PredefChannelsOnly (v22) + - NoticeAuth (v24) + - NoXXX (v19) + - Old '[GLOBAL]' section handling (v19) + Thanks to Michi for the patch! + - Fix recursion bug on write errors: Depending on the stack size, too many + clients on the same channel quitting at the same time would trigger a crash + due to too many recursive calls to Conn_Close(). Thanks to Michi + for the patch! + - Fix builds using GCC option -fno-common, which is the default starting with + GCC 10. Thanks to Michi for the patch! + Closes #266. + - Convert INSTALL and README files to Markdown. + - Allow setting arbitrary channel modes in the configuration file by handling + them like in MODE commands, and allow multiple "Modes =" lines per [Channel] + section. Thanks to Michi ! + Closes #55. + - Add "FNC" (forced nick changes) to ISUPPORT(005) numeric. Most probably + this doesn't make any difference to any client, but it seems correct. + See for details. + - Reuse old SSL key if loading a new one failed. + - Remove outdated OpenBSD/NetBSD systrace.policy. + - Enhance handling of command line errors, and return with exit code 0 ("no + error") when "--help" or "--version" is used (which resulted in exit code 1, + "error" before). Exit with code 2 ("command line error") for all other + invalid command line options, and show the error message itself on stderr + (instead of stdout and exit code 1, "generic error", as before). + This new behavior is more in line with the GNU "coding standards", + see . + - Fix and update Xcode project: Reference correct contrib/Makefile.am file, + correctly sort contrib/nglog.sh and add "ORGANIZATIONNAME" setting. + - contrib/ngindent.sh: Add more GNU indent options for better results, and + add the ".sh" suffix to bring this script in line with the others in the + contrib/ folder. + - Add ./contrib/nglog.sh: This script parses the log output of ngircd(8), + and colorizes the messages according to their log level. Example usage: + ngircd -f $PWD/doc/sample-ngircd.conf -np | ./contrib/nglog.sh + - Log received signals with their names using strsignal(3), when available. + - Make test suite compatible with Haiku OS. + - Fix host mask cloaking bug, don't cloak multiple times: Previously, each + server would cloak every user's host mask. The problem is that if a network + has more than one server, then a user's host mask would get cloaked twice. + This patch ensures that a server only cloaks the host mask if it has not yet + been cloaked (the period indicates it's still an IP address). Thanks to + JRMU for the patch! + Closes #228. + - Enlarge buffers of info texts to 128 bytes. This includes: + - "Real name" of a client (4th filed of the USER command). + - Server info text ("Info" configuration option). + - Admin info texts and email address ("AdminInfo1", "AdminInfo2" and + "AdminEmail" configuration options). + - Network name ("Network" configuration option). + The limit was 64 bytes before ... + Closes #258. + - Streamline handling of invalid and unset server name: Don't exit during + runtime (REHASH command, HUP signal), because the server name can't be + changed in this case anyway and the new invalid name will be ignored. + - Fix and extend documentation: Fix some typos, fix syntax of LINKS and LIST + commands, whitespace and spelling fixes, update dependencies and add some + more information about IRCv3 support. + Thanks to Thanks Windree, Étienne Mollier and + Christoph Biedl . + Closes #264. + - Slightly reorder startup steps, and enhance logging: + - Show name of configuration file at the beginning of start up. + - Add a message when ngIRCd is ready, including its host name. + - Show name of configuration file on REHASH (SIGHUP), too. + - Change level of "done message" to NOTICE, like "starting" & "ready". + - Initialize IO functions before channels, connections, clients, ... + - configure.ng: OpenSSL can depends on lz or latomic so use pkg-config to + find those dependencies and fallback to existing mechanism. + Closes #256. + - ngircd.conf.5: Fix wording as suggested by lintian. ngIRCd 25 (2019-01-23) @@ -140,7 +484,7 @@ ngIRCd 24 (2017-01-20) - contrib/ngindent: Fix shebang line. - Make contrib/platformtest.sh script more portable, and only show "runs=Y" when the test suite really has been passed successfully. - - Code cleanup in the NJON handler and the function killing clients as + - Code cleanup in the NJOIN handler and the function killing clients as well as the function sending messages to a "mask" (cleaner code, more fault tolerant, better code comments). - Update and enhance documentation: README file, doc/Platforms.txt, diff --git a/INSTALL b/INSTALL deleted file mode 100644 index 1dc75eba..00000000 --- a/INSTALL +++ /dev/null @@ -1,370 +0,0 @@ - - ngIRCd - Next Generation IRC Server - http://ngircd.barton.de/ - - (c)2001-2020 Alexander Barton and Contributors. - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- INSTALL -- - - -I. Upgrade Information -~~~~~~~~~~~~~~~~~~~~~~ - -Differences to version 22.x - -- The "NoticeAuth" ngircd.conf configuration variable has been renamed to - "NoticeBeforeRegistration". The old "NoticeAuth" variable still works but - is deprecated now. - -- The default value of the SSL "CipherList" variable has been changed to - "HIGH:!aNULL:@STRENGTH:!SSLv3" (OpenSSL) and "SECURE128:-VERS-SSL3.0" - (GnuTLS) to disable the old SSLv3 protocol by default. - To enable connections of clients still requiring the weak SSLv3 protocol, - the "CipherList" must be set to its old value (not recommended!), which - was "HIGH:!aNULL:@STRENGTH" (OpenSSL) and "SECURE128" (GnuTLS), see below. - -Differences to version 20.x - -- Starting with ngIRCd 21, the ciphers used by SSL are configurable and - default to "HIGH:!aNULL:@STRENGTH" (OpenSSL) or "SECURE128" (GnuTLS). - Previous version were using the OpenSSL or GnuTLS defaults, "DEFAULT" - and "NORMAL" respectively. - -- When adding GLINE's or KLINE's to ngIRCd 21 (or newer), all clients matching - the new mask will be KILL'ed. This was not the case with earlier versions - that only added the mask but didn't kill already connected users. - -- The "PredefChannelsOnly" configuration variable has been superseded by the - new "AllowedChannelTypes" variable. It is still supported and translated to - the appropriate "AllowedChannelTypes" setting but is deprecated now. - -Differences to version 19.x - -- Starting with ngIRCd 20, users can "cloak" their hostname only when the - configuration variable "CloakHostModeX" (introduced in 19.2) is set. - Otherwise, only IRC operators, other servers, and services are allowed to - set mode +x. This prevents regular users from changing their hostmask to - the name of the IRC server itself, which confused quite a few people ;-) - -Differences to version 17.x - -- Support for ZeroConf/Bonjour/Rendezvous service registration has been - removed. The configuration option "NoZeroconf" is no longer available. - -- The structure of ngircd.conf has been cleaned up and three new configuration - sections have been introduced: [Limits], [Options], and [SSL]. - Lots of configuration variables stored in the [Global] section are now - deprecated there and should be stored in one of these new sections (but - still work in [Global]): - "AllowRemoteOper" -> [Options] - "ChrootDir" -> [Options] - "ConnectIPv4" -> [Options] - "ConnectIPv6" -> [Options] - "ConnectRetry" -> [Limits] - "MaxConnections" -> [Limits] - "MaxConnectionsIP" -> [Limits] - "MaxJoins" -> [Limits] - "MaxNickLength" -> [Limits] - "NoDNS" -> [Options], and renamed to "DNS" - "NoIdent" -> [Options], and renamed to "Ident" - "NoPAM" -> [Options], and renamed to "PAM" - "OperCanUseMode" -> [Options] - "OperServerMode" -> [Options] - "PingTimeout" -> [Limits] - "PongTimeout" -> [Limits] - "PredefChannelsOnly" -> [Options] - "SSLCertFile" -> [SSL], and renamed to "CertFile" - "SSLDHFile" -> [SSL], and renamed to "DHFile" - "SSLKeyFile" -> [SSL], and renamed to "KeyFile" - "SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword" - "SSLPorts" -> [SSL], and renamed to "Ports" - "SyslogFacility" -> [Options] - "WebircPassword" -> [Options] - You should adjust your ngircd.conf and run "ngircd --configtest" to make - sure that your settings are correct and up to date! - -Differences to version 16.x - -- Changes to the "MotdFile" specified in ngircd.conf now require a ngircd - configuration reload to take effect (HUP signal, REHASH command). - -Differences to version 0.9.x - -- The option of the configure script to enable support for Zeroconf/Bonjour/ - Rendezvous/WhateverItIsNamedToday has been renamed: - --with-rendezvous -> --with-zeroconf - -Differences to version 0.8.x - -- The maximum length of passwords has been raised to 20 characters (instead - of 8 characters). If your passwords are longer than 8 characters then they - are cut at an other position now. - -Differences to version 0.6.x - -- Some options of the configure script have been renamed: - --disable-syslog -> --without-syslog - --disable-zlib -> --without-zlib - Please call "./configure --help" to review the full list of options! - -Differences to version 0.5.x - -- Starting with version 0.6.0, other servers are identified using asynchronous - passwords: therefore the variable "Password" in [Server]-sections has been - replaced by "MyPassword" and "PeerPassword". - -- New configuration variables, section [Global]: MaxConnections, MaxJoins - (see example configuration file "doc/sample-ngircd.conf"!). - - -II. Standard Installation -~~~~~~~~~~~~~~~~~~~~~~~~~ - -ngIRCd is developed for UNIX-based systems, which means that the installation -on modern UNIX-like systems that are supported by GNU autoconf and GNU -automake ("configure") should be no problem. - -The normal installation procedure after getting (and expanding) the source -files (using a distribution archive or Git) is as following: - - 0) Satisfy prerequisites - 1) ./autogen.sh [only necessary when using Git] - 2) ./configure - 3) make - 4) make install - -(Please see details below!) - -Now the newly compiled executable "ngircd" is installed in its standard -location, /usr/local/sbin/. - -The next step is to configure and afterwards starting the daemon. Please -have a look at the ngircd(8) and ngircd.conf(5) manual pages for details -and all possible options -- and don't forget to run "ngircd --configtest" -to validate your configuration file! - -If no previous version of the configuration file exists (the standard name -is /usr/local/etc/ngircd.conf), a sample configuration file containing all -possible options will be installed there. You'll find its template in the -doc/ directory: sample-ngircd.conf. - - -0): Satisfy prerequisites - -When building from source, you'll need some other software to build ngIRCd: -for example a working C compiler, make tool, and a few libraries depending on -the feature set you want to enable at compile time (like IDENT, SSL, and PAM). - -And if you aren't using a distribution archive ("tar.gz" file), but cloned the -plain source archive, you need a few additional tools to generate the build -system itself: GNU automake and autoconf, as well as pkg-config. - -If you are using one of the "big" operating systems or Linux distributions, -you can use the following commands to install all the required packages to -build the sources including all optional features and to run the test suite: - -* Red Hat / Fedora based distributions: - - yum install \ - autoconf automake expect gcc glibc-devel gnutls-devel \ - libident-devel make pam-devel pkg-config tcp_wrappers-devel telnet zlib-devel - -* Debian / Ubuntu based distributions: - - apt-get install \ - autoconf automake build-essential expect libgnutls28-dev \ - libident-dev libpam-dev pkg-config libwrap0-dev libz-dev telnet - - -1): "autogen.sh" - -The first step, autogen.sh, is ONLY necessary if the "configure" script itself -isn't already generated. This never happens in official ("stable") releases in -"tar.gz" archives, but when cloning the source code repository using Git. - -This step is therefore only interesting for developers. - -autogen.sh produces the Makefile.in's, which are necessary for the configure -script itself, and some more files for make. To run autogen.sh you'll need -GNU autoconf, GNU automake and pkg-config: at least autoconf 2.61 and automake -1.10 are required, newer is better. But don't use automake 1.12 or newer for -creating distribution archives: it will work but lack "de-ANSI-fication" support -in the generated Makefile's! Stick with automake 1.11.x for this purpose ... -So automake 1.11.x and autoconf 2.67+ is recommended. - -Again: "end users" do not need this step and neither need GNU autoconf nor GNU -automake at all! - - -2): "./configure" - -The configure-script is used to detect local system dependencies. - -In the perfect case, configure should recognize all needed libraries, header -files and so on. If this shouldn't work, "./configure --help" shows all -possible options. - -In addition, you can pass some command line options to "configure" to enable -and/or disable some features of ngIRCd. All these options are shown using -"./configure --help", too. - -Compiling a static binary will avoid you the hassle of feeding a chroot dir -(if you want use the chroot feature). Just do something like: - CFLAGS=-static ./configure [--your-options ...] -Then you can use a void directory as ChrootDir (like OpenSSH's /var/empty). - - -3): "make" - -The make command uses the Makefiles produced by configure and compiles the -ngIRCd daemon. - - -4): "make install" - -Use "make install" to install the server and a sample configuration file on -the local system. Normally, root privileges are necessary to complete this -step. If there is already an older configuration file present, it won't be -overwritten. - -These files and folders will be installed by default: - -- /usr/local/sbin/ngircd: executable server -- /usr/local/etc/ngircd.conf: sample configuration (if not already present) -- /usr/local/share/doc/ngircd/: documentation -- /usr/local/share/man/: manual pages - - -III. Additional features -~~~~~~~~~~~~~~~~~~~~~~~~ - -The following optional features can be compiled into the daemon by passing -options to the "configure" script. Most options can handle a argument -which will be used to search for the required libraries and header files in -the given paths ("/lib/...", "/include/...") in addition to the -standard locations. - -* Syslog Logging (autodetected by default): - --with-syslog[=] / --without-syslog - - Enable (disable) support for logging to "syslog", which should be - available on most modern UNIX-like operating systems by default. - -* ZLib Compression (autodetected by default): - --with-zlib[=] / --without-zlib - - Enable (disable) support for compressed server-server links. - The Z compression library ("libz") is required for this option. - -* IO Backend (autodetected by default): - --with-select[=] / --without-select - --with-poll[=] / --without-poll - --with-devpoll[=] / --without-devpoll - --with-epoll[=] / --without-epoll - --with-kqueue[=] / --without-kqueue - - ngIRCd can use different IO "backends": the "old school" select() and poll() - API which should be supported by most UNIX-like operating systems, or the - more efficient and flexible epoll() (Linux >=2.6), kqueue() (BSD) and - /dev/poll APIs. - By default the IO backend is autodetected, but you can use "--without-xxx" - to disable a more enhanced API. - When using the epoll() API, support for select() is compiled in as well by - default to enable the binary to run on older Linux kernels (<2.6), too. - -* IDENT-Support: - --with-ident[=] - - Include support for IDENT ("AUTH") lookups. The "ident" library is - required for this option. - -* TCP-Wrappers: - --with-tcp-wrappers[=] - - Include support for Wietse Venemas "TCP Wrappers" to limit client access - to the daemon, for example by using "/etc/hosts.{allow|deny}". - The "libwrap" is required for this option. - -* PAM: - --with-pam[=] - - Enable support for PAM, the Pluggable Authentication Modules library. - See doc/PAM.txt for details. - -* SSL: - --with-openssl[=] - --with-gnutls[=] - - Enable support for SSL/TLS using OpenSSL or gnutls libraries. - See doc/SSL.txt for details. - -* IPv6: - --enable-ipv6 - - Adds support for version 6 of the Internet Protocol. - - -IV. Useful make-targets -~~~~~~~~~~~~~~~~~~~~~~~ - -The Makefile produced by the configure-script contains always these useful -targets: - - - clean: delete every product from the compiler/linker - next step: -> make - - - distclean: the above plus erase all generated Makefiles - next step: -> ./configure - - - maintainer-clean: erase all automatic generated files - next step: -> ./autogen.sh - - -V. Sample configuration file ngircd.conf -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -In the sample configuration file, there are comments beginning with "#" OR -";" -- this is only for the better understanding of the file. - -The file is separated in five blocks: [Global], [Features], [Operator], -[Server], and [Channel]. - -In the [Global] section, there is the main configuration like the server -name and the ports, on which the server should be listening. Options in -the [Features] section enable or disable functionality in the daemon. -IRC operators of this server are defined in [Operator] blocks, remote -servers are configured in [Server] sections, and [Channel] blocks are -used to configure pre-defined ("persistent") IRC channels. - -The meaning of the variables in the configuration file is explained in the -"doc/sample-ngircd.conf", which is used as sample configuration file in -/usr/local/etc after running "make install" (if you don't already have one) -and in the ngircd.conf(5) manual page. - - -VI. Command line options -~~~~~~~~~~~~~~~~~~~~~~~~ - -These parameters could be passed to the ngIRCd: - --f, --config - The daemon uses the file as configuration file rather than - the standard configuration /usr/local/etc/ngircd.conf. - --n, --nodaemon - ngIRCd should be running as a foreground process. - --p, --passive - Server-links won't be automatically established. - --t, --configtest - Reads, validates and dumps the configuration file as interpreted - by the server. Then exits. - -Use "--help" to see a short help text describing all available parameters -the server understands, with "--version" the ngIRCd shows its version -number. In both cases the server exits after the output. - -Please see the ngircd(8) manual page for complete details! diff --git a/INSTALL.md b/INSTALL.md new file mode 100644 index 00000000..16c7ea4b --- /dev/null +++ b/INSTALL.md @@ -0,0 +1,411 @@ +# [ngIRCd](https://ngircd.barton.de) - Installation + +This document describes how to install ngIRCd, the lightweight Internet Relay +Chat (IRC) server. + +The first section lists noteworthy changes to earlier releases; you definitely +should read this when upgrading your setup! But you can skip over this section +when you are working on a fresh installation. + +The subsequent sections describe the steps required to build and install ngIRCd +_from sources_. The information given here is not relevant when you are using +packages provided by your operating system vendor or third-party repositories! + +Please see the file `doc/QuickStart.md` in the `doc/` directory or on +[GitHub](https://github.com/ngircd/ngircd/blob/master/doc/QuickStart.md) for +information about _setting up_ and _running_ ngIRCd, including some real-world +configuration examples. + +## Upgrade Information + +This section lists important updates and breaking changes that you should be +aware of *before* starting the upgrade: + +Differences to version 26 + +- **Attention**: + Starting with release 27, ngIRCd validates SSL/TLS certificates on outgoing + server-server links by default and drops(!) connections when the remote + certificate is invalid (for example self-signed, expired, not matching the + host name, ...). Therefore you have to make sure that all relevant + *certificates are valid* (or to disable certificate validation on this + connection using the new `SSLVerify = false` setting in the affected + `[Server]` block, where the remote certificate is not valid and you can not + fix this issue). + +Differences to version 25 + +- **Attention**: + All already deprecated legacy options (besides the newly deprecated *Key* and + *MaxUsers* settings, see below) were removed in ngIRCd 26, so make sure to + update your configuration before upgrading, if you haven't done so already + (you got a warning on daemon startup when using deprecated options): you can + check your configuration using `ngircd --configtest` -- which is a good idea + anyway ;-) + +- Setting modes for predefined channels in *[Channel]* sections has been + enhanced: now you can set *all* modes, like in IRC "MODE" commands, and have + this setting multiple times per *[Channel]* block. Modifying lists (ban list, + invite list, exception list) is supported, too. + + Both the *Key* and *MaxUsers* settings are now deprecated and should be + replaced by `Modes = +l ` and `Modes = +k ` respectively. + +Differences to version 22.x + +- The *NoticeAuth* `ngircd.conf` configuration variable has been renamed to + *NoticeBeforeRegistration*. The old *NoticeAuth* variable still works but + is deprecated now. + +- The default value of the SSL *CipherList* variable has been changed to + "HIGH:!aNULL:@STRENGTH:!SSLv3" (OpenSSL) and "SECURE128:-VERS-SSL3.0" + (GnuTLS) to disable the old SSLv3 protocol by default. + + To enable connections of clients still requiring the weak SSLv3 protocol, + the *CipherList* must be set to its old value (not recommended!), which + was "HIGH:!aNULL:@STRENGTH" (OpenSSL) and "SECURE128" (GnuTLS), see below. + +Differences to version 20.x + +- Starting with ngIRCd 21, the ciphers used by SSL are configurable and + default to "HIGH:!aNULL:@STRENGTH" (OpenSSL) or "SECURE128" (GnuTLS). + Previous version were using the OpenSSL or GnuTLS defaults, "DEFAULT" + and "NORMAL" respectively. + +- When adding GLINE's or KLINE's to ngIRCd 21 (or newer), all clients matching + the new mask will be KILL'ed. This was not the case with earlier versions + that only added the mask but didn't kill already connected users. + +- The *PredefChannelsOnly* configuration variable has been superseded by the + new *AllowedChannelTypes* variable. It is still supported and translated to + the appropriate *AllowedChannelTypes* setting but is deprecated now. + +Differences to version 19.x + +- Starting with ngIRCd 20, users can "cloak" their hostname only when the + configuration variable *CloakHostModeX* (introduced in 19.2) is set. + Otherwise, only IRC operators, other servers, and services are allowed to + set mode +x. This prevents regular users from changing their hostmask to + the name of the IRC server itself, which confused quite a few people ;-) + +Differences to version 17.x + +- Support for ZeroConf/Bonjour/Rendezvous service registration has been + removed. The configuration option *NoZeroconf* is no longer available. + +- The structure of `ngircd.conf` has been cleaned up and three new configuration + sections have been introduced: *[Limits]*, *[Options]*, and *[SSL]*. + + Lots of configuration variables stored in the *[Global]* section are now + deprecated there and should be stored in one of these new sections (but + still work in *[Global]*): + + - *AllowRemoteOper* -> [Options] + - *ChrootDir* -> [Options] + - *ConnectIPv4* -> [Options] + - *ConnectIPv6* -> [Options] + - *ConnectRetry* -> [Limits] + - *MaxConnections* -> [Limits] + - *MaxConnectionsIP* -> [Limits] + - *MaxJoins* -> [Limits] + - *MaxNickLength* -> [Limits] + - *NoDNS* -> [Options], and renamed to *DNS* + - *NoIdent* -> [Options], and renamed to *Ident* + - *NoPAM* -> [Options], and renamed to *PAM* + - *OperCanUseMode* -> [Options] + - *OperServerMode* -> [Options] + - *PingTimeout* -> [Limits] + - *PongTimeout* -> [Limits] + - *PredefChannelsOnly* -> [Options] + - *SSLCertFile* -> [SSL], and renamed to *CertFile* + - *SSLDHFile* -> [SSL], and renamed to *DHFile* + - *SSLKeyFile* -> [SSL], and renamed to *KeyFile* + - *SSLKeyFilePassword* -> [SSL], and renamed to *KeyFilePassword* + - *SSLPorts* -> [SSL], and renamed to *Ports* + - *SyslogFacility* -> [Options] + - *WebircPassword* -> [Options] + + You should adjust your `ngircd.conf` and run `ngircd --configtest` to make + sure that your settings are correct and up to date! + +Differences to version 16.x + +- Changes to the *MotdFile* specified in `ngircd.conf` now require a ngIRCd + configuration reload to take effect (HUP signal, *REHASH* command). + +Differences to version 0.9.x + +- The option of the configure script to enable support for Zeroconf/Bonjour/ + Rendezvous/WhateverItIsNamedToday has been renamed: + + - `--with-rendezvous` -> `--with-zeroconf` + +Differences to version 0.8.x + +- The maximum length of passwords has been raised to 20 characters (instead + of 8 characters). If your passwords are longer than 8 characters then they + are cut at an other position now. + +Differences to version 0.6.x + +- Some options of the configure script have been renamed: + + - `--disable-syslog` -> `--without-syslog` + - `--disable-zlib` -> `--without-zlib` + + Please call `./configure --help` to review the full list of options! + +Differences to version 0.5.x + +- Starting with version 0.6.0, other servers are identified using asynchronous + passwords: therefore the variable *Password* in *[Server]*-sections has been + replaced by *MyPassword* and *PeerPassword*. + +- New configuration variables, section *[Global]*: *MaxConnections*, *MaxJoins* + (see example configuration file `doc/sample-ngircd.conf`!). + +## Standard Installation + +*Note*: This sections describes installing ngIRCd *from sources*. If you use +packages available for your operating system distribution you should skip over +and continue with the *Configuration* section, see below. + +ngIRCd is developed for UNIX-based systems, which means that the installation +on modern UNIX-like systems that are supported by GNU autoconf and GNU +automake ("`configure` script") should be no problem. + +The normal installation procedure after getting (and expanding) the source +files (using a distribution archive or Git) is as following: + +1) Satisfy prerequisites +2) `./autogen.sh` [only necessary when using "raw" sources with Git] +3) `./configure` +4) `make` +5) `make install` + +(Please see details below!) + +Now the newly compiled executable "ngircd" is installed in its standard +location, `/usr/local/sbin/`. + +If no previous version of the configuration file exists (the standard name +is `/usr/local/etc/ngircd.conf)`, a sample configuration file containing all +possible options will be installed there. You'll find its template in the +`doc/` directory: `sample-ngircd.conf`. + +The next step is to configure and afterwards start the daemon. See the section +*Configuration* below. + +### Satisfy prerequisites + +When building from source, you'll need some other software to build ngIRCd: +for example a working C compiler, make tool, and a few libraries depending on +the feature set you want to enable at compile time (like IDENT, SSL, and PAM). + +And if you aren't using a distribution archive ("tar.gz" file), but cloned the +plain source archive, you need a few additional tools to generate the build +system itself: GNU automake and autoconf, as well as pkg-config. + +If you are using one of the "big" operating systems or Linux distributions, +you can use the following commands to install all the required packages to +build the sources including all optional features and to run the test suite: + +#### Red Hat / Fedora based distributions + +``` shell + yum install \ + autoconf automake expect gcc glibc-devel gnutls-devel \ + libident-devel make pam-devel pkg-config tcp_wrappers-devel \ + telnet zlib-devel +``` + +*Note:* More recent versions use the DNF package manager; so substitute "yum" +with "dnf" in the command above. And neither "libident-devel" (IDENT support) +nor "tcp_wrappers-devel" (TCP Wrappers) are provided any more! + +So the resulting command looks like this: + +``` shell + dnf install \ + autoconf automake expect gcc glibc-devel gnutls-devel \ + make pam-devel pkg-config telnet zlib-devel +``` + +#### Debian / Ubuntu based distributions + +``` shell + apt-get install \ + autoconf automake build-essential expect libgnutls28-dev \ + libident-dev libpam-dev pkg-config libwrap0-dev libz-dev telnet +``` + +#### ArchLinux based distributions + +``` shell + pacman -S --needed \ + autoconf automake expect gcc gnutls inetutils libident libwrap \ + make pam pkg-config zlib +``` + +#### macOS with Homebrew + +To build ngIRCd on Apple macOS, you need either Xcode or the command line +development tools. You can install the latter with the `xcode-select --install` +command. + +Additional tools and libraries that are not part of macOS itself are best +installed with the [Homebrew](https://brew.sh) package manager: + +``` shell + brew install autoconf automake gnutls libident pkg-config +``` + +Note: To actually use the GnuTLS and IDENT libraries installed by Homebrew, you +need to pass the installation path to the `./configure` command (see below). For +example like this: + +``` shell + ./configure --with-gnutls=$(brew --prefix) --with-ident=$(brew --prefix) [...] +``` + +### `./autogen.sh` + +The first step, to run `./autogen.sh`, is *only* necessary if the `configure` +script itself isn't already generated and available. This never happens in +official ("stable") releases in "tar.gz" archives, but when cloning the source +code repository using Git. + +**This step is therefore only interesting for developers!** + +The `autogen.sh` script produces the `Makefile.in`'s, which are necessary for +the configure script itself, and some more files for `make(1)`. + +To run `autogen.sh` you'll need GNU autoconf, GNU automake and pkg-config: at +least autoconf 2.61 and automake 1.10 are required, newer is better. But don't +use automake 1.12 or newer for creating distribution archives: it will work +but lack "de-ANSI-fication" support in the generated Makefile's! Stick with +automake 1.11.x for this purpose ... + +So *automake 1.11.x* and *autoconf 2.67+* is recommended. + +Again: "end users" do not need this step and neither need GNU autoconf nor GNU +automake at all! + +### `./configure` + +The `configure` script is used to detect local system dependencies. + +In the perfect case, `configure` should recognize all needed libraries, header +files and so on. If this shouldn't work, `./configure --help` shows all +possible options. + +In addition, you can pass some command line options to `configure` to enable +and/or disable some features of ngIRCd. All these options are shown using +`./configure --help`, too. + +Compiling a static binary will avoid you the hassle of feeding a chroot dir +(if you want use the chroot feature). Just do something like: + +``` shell + CFLAGS=-static ./configure [--your-options ...] +``` + +Then you can use a void directory as ChrootDir (like OpenSSH's `/var/empty`). + +### `make` + +The `make(1)` command uses the `Makefile`'s produced by `configure` and +compiles the ngIRCd daemon. + +### `make install` + +Use `make install` to install the server and a sample configuration file on +the local system. Normally, root privileges are necessary to complete this +step. If there is already an older configuration file present, it won't be +overwritten. + +These files and folders will be installed by default: + +- `/usr/local/sbin/ngircd`: executable server +- `/usr/local/etc/ngircd.conf`: sample configuration (if not already present) +- `/usr/local/share/doc/ngircd/`: documentation +- `/usr/local/share/man/`: manual pages + +### Additional features + +The following optional features can be compiled into the daemon by passing +options to the `configure` script. Most options can handle a `` argument +which will be used to search for the required libraries and header files in +the given paths (`/lib/...`, `/include/...`) in addition to the +standard locations. + +- Syslog Logging (autodetected by default): + + `--with-syslog[=]` / `--without-syslog` + + Enable (disable) support for logging to "syslog", which should be + available on most modern UNIX-like operating systems by default. + +- ZLib Compression (autodetected by default): + + `--with-zlib[=]` / `--without-zlib` + + Enable (disable) support for compressed server-server links. + The Z compression library ("libz") is required for this option. + +- IO Backend (autodetected by default): + + - `--with-select[=]` / `--without-select` + - `--with-poll[=]` / `--without-poll` + - `--with-devpoll[=]` / `--without-devpoll` + - `--with-epoll[=]` / `--without-epoll` + - `--with-kqueue[=]` / `--without-kqueue` + + ngIRCd can use different IO "backends": the "old school" `select(2)` and + `poll(2)` API which should be supported by most UNIX-like operating systems, + or the more efficient and flexible `epoll(7)` (Linux >=2.6), `kqueue(2)` + (BSD) and `/dev/poll` APIs. + + By default the IO backend is autodetected, but you can use `--without-xxx` + to disable a more enhanced API. + + When using the `epoll(7)` API, support for `select(2)` is compiled in as + well by default, to enable the binary to run on older Linux kernels (<2.6), + too. + +- IDENT-Support: + + `--with-ident[=]` + + Include support for IDENT ("AUTH") lookups. The "ident" library is + required for this option. + +- TCP-Wrappers: + + `--with-tcp-wrappers[=]` + + Include support for Wietse Venemas "TCP Wrappers" to limit client access + to the daemon, for example by using `/etc/hosts.{allow|deny}`. + The "libwrap" is required for this option. + +- PAM: + + `--with-pam[=]` + + Enable support for PAM, the Pluggable Authentication Modules library. + See `doc/PAM.txt` for details. + +- SSL: + + - `--with-openssl[=]` + - `--with-gnutls[=]` + + Enable support for SSL/TLS using OpenSSL or GnuTLS libraries. + See `doc/SSL.md` for details. + +- IPv6 (autodetected by default): + + `--enable-ipv6` / `--disable-ipv6` + + Enable (disable) support for version 6 of the Internet Protocol, which should + be available on most modern UNIX-like operating systems by default. diff --git a/Makefile.am b/Makefile.am index d7ff72bc..aa491a91 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2015 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -9,13 +9,19 @@ # Please read the file COPYING, README and AUTHORS for more information. # -AUTOMAKE_OPTIONS = gnu - SUBDIRS = doc src man contrib -EXTRA_DIST = autogen.sh configure.ng .clang_complete .mailmap - -clean-local: osxpkg-clean +EXTRA_DIST = \ + AUTHORS.md \ + INSTALL.md \ + README.md \ + autogen.sh \ + configure.ng \ + .clang_complete \ + .dockerignore \ + .mailmap + +clean-local: rm -f build-stamp* maintainer-clean-local: @@ -25,69 +31,18 @@ maintainer-clean-local: rm -f config.log debian testsuite: - cd src/testsuite && make check - -lint: - cd src/ngircd && make lint + ${MAKE} -C src/testsuite check srcdoc: - cd doc && make srcdoc - -have-xcodebuild: - @xcodebuild -project contrib/MacOSX/ngIRCd.xcodeproj -list \ - >/dev/null 2>&1 \ - || ( echo; echo "Error: \"xcodebuild\" not found!"; echo; exit 1 ) - -have-packagemaker: - @packagemaker >/dev/null 2>&1; [ $$? -le 1 ] \ - || ( echo; echo "Error: \"packagemaker\" not found!"; echo; exit 2) - -xcode: have-xcodebuild - rel=`git describe|sed -e 's/rel-//g'|sed -e 's/-/~/'`; \ - def="GCC_PREPROCESSOR_DEFINITIONS=\"VERSION=\\\"$$rel\\\"\""; \ - xcodebuild -project contrib/MacOSX/ngIRCd.xcodeproj -alltargets \ - -configuration Default $$def build - -xcode-clean: have-xcodebuild - xcodebuild -project contrib/MacOSX/ngIRCd.xcodeproj -alltargets \ - -configuration Default clean - rm -fr contrib/MacOSX/build + ${MAKE} -C doc/src srcdoc rpm: distcheck - rpm -ta ngircd-*.tar.gz + rpmbuild -ta ngircd-$(VERSION).tar.gz deb: [ -f debian/rules ] || ln -s contrib/Debian debian - dpkg-buildpackage -rfakeroot -i - -osxpkg: have-packagemaker osxpkg-dest - cd contrib/MacOSX && packagemaker --no-recommend \ - --doc ngIRCd.pmdoc \ - --out ../../$(distdir).mpkg - rm -f $(distdir).mpkg.zip - zip -ro9 $(distdir).mpkg.zip $(distdir).mpkg - make osxpkg-clean - -osxpkg-clean: - [ ! -r ngircd.dest ] || sudo -n rm -rf ngircd.dest - rm -rf ngircd.dest $(distdir).mpkg - -osxpkg-dest: have-xcodebuild osxpkg-clean clean - ./configure --prefix=/opt/ngircd - make xcode - make -C contrib/MacOSX de.barton.ngircd.plist - mkdir -p ngircd.dest/opt/ngircd/sbin - DESTDIR="$$PWD/ngircd.dest" make -C doc install - DESTDIR="$$PWD/ngircd.dest" make -C contrib install - DESTDIR="$$PWD/ngircd.dest" make -C man install - cp contrib/MacOSX/build/Default/ngIRCd \ - ngircd.dest/opt/ngircd/sbin/ngircd - rm ngircd.dest/opt/ngircd/etc/ngircd.conf - echo "Have a nice day IRCing!" >ngircd.dest/opt/ngircd/etc/ngircd.motd - chmod -R a-s,og-w,a+rX ngircd.dest - sudo chown -R root:wheel ngircd.dest + dpkg-buildpackage --build=binary -.PHONY: deb have-packagemaker have-xcodebuild lint osxpkg osxpkg-clean \ - osxpkg-dest rpm srcdoc testsuite xcode xcode-clean +.PHONY: deb rpm srcdoc testsuite # -eof- diff --git a/NEWS b/NEWS index 91f7cc69..f0c852b1 100644 --- a/NEWS +++ b/NEWS @@ -2,12 +2,185 @@ ngIRCd - Next Generation IRC Server http://ngircd.barton.de/ - (c)2001-2020 Alexander Barton and Contributors. + (c)2001-2024 Alexander Barton and Contributors. ngIRCd is free software and published under the terms of the GNU General Public License. -- NEWS -- +ngIRCd 27 (2024-04-26) + + - Add an example filter file for "Fail2Ban": contrib/ngircd-fail2ban.conf. + + ngIRCd 27~rc1 (2024-04-13) + - Validate certificates on server links. Up to now, ngIRCd optionally used + SSL/TLS encrypted server-server links but never checked and validated any + certificates. Now ngIRCd validates SSL/TLS certificates on outgoing + server-server links by default and drops(!) connections when the remote + certificate is invalid (for example self-signed, expired, not matching the + host name, ...). Therefore you have to make sure that all relevant + *certificates are valid* (or to disable certificate validation on this + connection using the new `SSLVerify = false` setting in the affected + `[Server]` block, where the remote certificate is not valid and you can not + fix this issue). + The original patch for OpenSSL dates back to 2009 and was written by Florian + Westphal and was extended for GnuTLS in 2014 by Christoph Biedl. But it took + us another 10 years to bring it to life ... oh my! Many thanks to both + Florian and Christoph! + Closes #120. + - Add support for the "sd_notify" protocol of systemd(8): Periodically + "ping" the service manager (every 3 seconds) and set a status message + showing current connection statistics which then is included in "systemctl + status ngircd.service" output. In addition, this enables using the + systemd(8) watchdog functionality ("WatchdogSec") for the "ngircd.service" + unit and allows it to use the "notify" service type, which results in + better status tracking by the service manager. + - Try to set file descriptor limit to its maximum and show info on startup: + The number of possible parallel connections is limited by the file + descriptor limit of the process (among other things). Therefore try to + upgrade the current "soft" limit to its "hard" maximum (but limited to + 100000 instead of "infinite"), and show an information or even warning when + the limit is still less than the configured "MaxConnections" setting. Please + note that ngIRCd and its linked libraries (like PAM) need file descriptors + not only for incoming and outgoing IRC connections, but for reading files + and inter-process communication, too! Therefore the actual connection limit + is less(!) than the file descriptor limit! + - Add a "Docker file" (contrib/Dockerfile) and corresponding documentation + (doc/Container.md) to the project. The resulting container is based on the + latest Debian "stable-slim" container and built using a "build container". + - No longer use a default built-in value for the "IncludeDir" directive when + a configuration file was explicitly specified on the command line using + "--config"/"-f": This way no default include directory is scanned when a + possibly non-default configuration file is used which (intentionally) did + not specify an "IncludeDir" directive. So now you can use "-f /dev/null" + for checking all built-in defaults, regardless of any local configuration + files in the default drop-in directory (which would have been read in + until this change). + - The server "Name" in the "[Global]" section of the configuration file no + longer needs to be set: When not set (or empty), ngIRCd now tries to + deduce a valid IRC server name from the local host name ("node name"), + possibly adding a ".host" extension when the host name does not contain a + dot (".") which is required in an IRC server name ("ID"). + This new behavior, with all configuration parameters now being optional, + allows running ngIRCd without any configuration file at all. + - Autodetect support for IPv6 by default: Until now, IPv6 support was disabled + by default, which seems a bit outdated in 2024. Note: You still can pass + "--enable-ipv6"/"--disable-ipv6" to the ./configure script to forcefully + activate or deactivate IPv6 support. + - Do IDENT requests even when DNS lookups are disabled: Up to now disabling + DNS in the configuration disabled IDENT lookups as well (for no good + reason). Now you can activate/deactivate DNS lookups and IDENT requests + completely separately. Thanks for reporting this, Miniontoby! + Closes #291. + - Allow SSL client-only configurations without keys/certificates: You don't + need to configure certificates/keys as long as you don't configure + SSL-enabled listening ports. This can make sense when you want to only link + your local daemon to an uplink server using SSL and only have clients on + your local host or in your fully trusted network, where SSL is not required. + - Respect "SSLConnect" option for incoming connections and do not accept + incoming plain-text ("non SSL") server connections for servers configured + with "SSLConnect" enabled. This change prevents an authenticated + client-server being able to force the server-server to send its password + on a plain-text connection when SSL/TLS was intended. + - Add a new option "Autojoin" to [Channel] blocks: When it is set, ngIRCd + automatically joins all local users to this channel on connect. Note: The + users must have permissions to access the channel, otherwise joining them + will fail! + Thanks Ivan Agarkov for the initial patch! + - Hide invisible (+i) users on "WHOIS ": Let's behave like most(?) + other IRC daemons (at least ircd2.11) and hide all +i users when WHOIS is + used with a pattern. Otherwise privacy of this users is not guaranteed and + the +i mode a bit useless ... + Reported by Cahata on #ngircd, thanks! + - Make the debug log level ("--debug"/-"d" command line option) always + available, not only when ./configure'd with "--enable-debug": the latter + now only enables additional checks (like the tests done using assert(2)) + and is signalled by adding "+DEBUG" to the version "feature string". This + change enables everyone to get even more detailed logging when required. + - Allow IRC Operators to use the WHO command on any channel. + - Send the NAMES list and channel topic to users "forcefully" joined to a + channel using NJOIN, like they joined on their own using JOIN, and + streamline the order of NAMES list and channel topic messages. + Closes #288. + - Added a new command line option "-y"/"--syslog", with which logging to + syslog can be activated/deactivated separately from running on the console + (using "--nodaemon") or in the background. + Thanks Katherine Peeters for the patch and pull request! + Closes #294. + - Update, enhance and extend our documentation in README.md, INSTALL.md, + doc/HowToRelease.txt and the manual pages ngircd(8) and ngircd.conf(5), add + a new doc/QuickStart.md document, and convert some more documentation files + to Markdown (AUTHORS.md, contrib/README.md, doc/FAQ.md, doc/SSL.md). + +ngIRCd 26.1 (2021-01-02) + + - This release is a bugfix release only, without new features. + +ngIRCd 26 (2020-06-20) + + ngIRCd 26~rc2 (2020-06-11) + - Add AppStream metadata file (contrib/de.barton.ngircd.metainfo.xml). + - Various bug fixes, see the ChangeLog. No new or changed functionality. + + ngIRCd 26~rc1 (2020-05-10) + - Allow up to 512 characters per line in MOTD and help text files (but keep + in mind that lines can't get that long, because they have to be prefixed + before being sent to the client). But this allows for more fancy MOTDs :-) + Closes #271. + - Show the actually allowed channel types in the ISUPPORT(005) numeric which + are configured by the "AllowedChannelTypes" configuration variable. + Closes #273. + - Handle commands in the read buffer before reading more data and don't wait + for the network in this case: If there are more bytes in the read buffer + already than a single valid IRC command can get long (513 bytes), wait for + this/those command(s) to be handled first and don't try to read even more + data from the network (which most probably would overflow the read buffer + of this connection soon). + - Log G-/K-Line changes only when not initiated by a server: this prevents + the log from becoming spammed during "net bursts". + - Update test suite to include SSL tests, including checking for reloading + certificates during runtime. + - Add support for GnuTLS certificate reload, which is quite handy when using + Let's Encrypt, for example. Until now this was only supported when linked + with OpenSSL. Thanks a lot, Hilko Bengen ! + - Allow setting arbitrary channel modes in the configuration file by handling + them like in MODE commands, and allow multiple "Modes =" lines per [Channel] + section. Thanks to Michi ! + Closes #55. + - Add "FNC" (forced nick changes) to ISUPPORT(005) numeric. Most probably + this doesn't make any difference to any client, but it seems correct. + See for details. + - Enhance handling of command line errors, and return with exit code 0 ("no + error") when "--help" or "--version" is used (which resulted in exit code 1, + "error" before). Exit with code 2 ("command line error") for all other + invalid command line options, and show the error message itself on stderr + (instead of stdout and exit code 1, "generic error", as before). + This new behavior is more in line with the GNU "coding standards", + see . + - Add ./contrib/nglog.sh: This script parses the log output of ngircd(8), + and colorizes the messages according to their log level. Example usage: + ngircd -f $PWD/doc/sample-ngircd.conf -np | ./contrib/nglog.sh + - Enlarge buffers of info texts to 128 bytes. This includes: + - "Real name" of a client (4th filed of the USER command). + - Server info text ("Info" configuration option). + - Admin info texts and email address ("AdminInfo1", "AdminInfo2" and + "AdminEmail" configuration options). + - Network name ("Network" configuration option). + The limit was 64 bytes before ... + Closes #258. + - Streamline handling of invalid and unset server name: Don't exit during + runtime (REHASH command, HUP signal), because the server name can't be + changed in this case anyway and the new invalid name will be ignored. + - Slightly reorder startup steps, and enhance logging: + - Show name of configuration file at the beginning of start up. + - Add a message when ngIRCd is ready, including its host name. + - Show name of configuration file on REHASH (SIGHUP), too. + - Change level of "done message" to NOTICE, like "starting" & "ready". + - Initialize IO functions before channels, connections, clients, ... + - configure.ng: OpenSSL can depends on lz or latomic so use pkg-config to + find those dependencies and fallback to existing mechanism. + Closes #256. + ngIRCd 25 (2019-01-23) - Implement new configuration option "MaxPenaltyTime", which configures the @@ -29,7 +202,7 @@ ngIRCd 25 (2019-01-23) ngIRCd 25~rc1 (2018-08-11) - Only send TOPIC updates to a channel when the topic actually changed: - This prevents the channel from becoming flooded by unecessary TOPIC update + This prevents the channel from becoming flooded by unnecessary TOPIC update messages, that can happen when IRC services try to enforce a certain topic but which is already set (at least on the local server), for example. Therefore still forward it to all servers, but don't inform local clients diff --git a/README b/README deleted file mode 100644 index e9aadbae..00000000 --- a/README +++ /dev/null @@ -1,89 +0,0 @@ - - ngIRCd - Next Generation IRC Server - http://ngircd.barton.de/ - - (c)2001-2020 Alexander Barton and Contributors. - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- README -- - - -I. Introduction -~~~~~~~~~~~~~~~ - -ngIRCd is a free, portable and lightweight Internet Relay Chat server for -small or private networks, developed under the GNU General Public License -(GPL; please see the file COPYING for details). It is simple to configure, -can cope with dynamic IP addresses, and supports IPv6 as well as SSL. It is -written from scratch and not based on the original IRCd. - -The name ngIRCd means next generation IRC daemon, which is a little bit -exaggerated: lightweight Internet Relay Chat server most probably would be a -better name :-) - -Please see the INSTALL document for installation and upgrade information! - - -II. Status -~~~~~~~~~~~ - -ngIRCd should be quite feature complete and stable to be used as daemon in -real world IRC networks. - -It is not the goal of ngIRCd to implement all the nasty behaviors of the -original ircd, but to implement most of the useful commands and semantics -specified by the RFCs that are used by existing clients. - - -III. Features (or: why use ngIRCd?) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -- Well arranged (lean) configuration file. -- Simple to build, install, configure, and maintain. -- Supports IPv6 and SSL. -- Can use PAM for user authentication. -- Lots of popular user and channel modes are implemented. -- Supports "cloaking" of users. -- No problems with servers that have dynamic IP addresses. -- Freely available, modern, portable and tidy C source. -- Wide field of supported platforms, including AIX, A/UX, FreeBSD, HP-UX, - IRIX, Linux, Mac OS X, NetBSD, OpenBSD, Solaris, and Windows with Cygwin. -- ngIRCd is being actively developed since 2001. - - -IV. Documentation -~~~~~~~~~~~~~~~~~ - -More documentation can be found in the "doc/" directory and the homepage of -ngIRCd: . - - -V. Download -~~~~~~~~~~~ - -The homepage of the ngIRCd is ; you will find -the newest information about the ngIRCd and the most recent ("stable") -releases there. - -Visit our source code repository at GitHub if you are interested in the -latest development version: . - - -VI. Problems, Bugs, Patches -~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Please don't hesitate to contact us if you encounter problems: - -- On IRC: -- Via the mailing list: - -See for details. - -If you find bugs in ngIRCd (which will be there most probably ...), please -report them to our issue tracker at GitHub: - -- Bug tracker: -- Patches, "pull requests": - -There you can read about known bugs and limitations, too. diff --git a/README.md b/README.md new file mode 100644 index 00000000..073fff44 --- /dev/null +++ b/README.md @@ -0,0 +1,101 @@ +# [ngIRCd](https://ngircd.barton.de) - Internet Relay Chat Server + +## Introduction + +*ngIRCd* is a free, portable and lightweight *Internet Relay Chat* ([IRC]) +server for small or private networks, developed under the terms of the GNU +General Public License ([GPL]); please see the file `COPYING` for licensing +information. + +The server is quite easy to configure and runs as a single-node server or can +be part of a network of ngIRCd servers in a LAN or across the internet. It +optionally supports the IPv6 protocol, SSL/TLS-protected client-server and +server-server links, the Pluggable Authentication Modules (PAM) system for user +authentication, IDENT requests, and character set conversion for legacy +clients. + +The name ngIRCd stands for *next-generation IRC daemon*, which is a little bit +exaggerated: *lightweight Internet Relay Chat server* most probably would have +been a better name :-) + +## Status + +Development of *ngIRCd* started back in 2001: The server has been written from +scratch in C, tries to follow all relevant standards, and is not based on the +forefather, the daemon of the IRCNet. + +It is not the goal of ngIRCd to implement all the nasty behaviors of the +original `ircd` or corner-cases in the RFCs, but to implement most of the useful +commands and semantics that are used by existing clients. + +*ngIRCd* is used as the daemon in real-world in-house and public IRC networks +and included in the package repositories of various operating systems. + +## Advantages and strengths + +- Well arranged (lean) configuration file. +- Simple to build, install, configure, and maintain. +- Supports IPv6 and SSL. +- Can use PAM for user authentication. +- Lots of popular user and channel modes are implemented. +- Supports "cloaking" of users. +- No problems with servers that have dynamic IP addresses. +- Freely available, modern, portable and tidy C source. +- Wide field of supported platforms, including AIX, A/UX, FreeBSD, HP-UX, + IRIX, Linux, macOS, NetBSD, OpenBSD, Solaris and Windows with WSL or Cygwin. + +## Documentation + +The **homepage** of the ngIRCd project is . + +The `INSTALL.md` document describes how to _install_ and _upgrade_ ngIRCd. It +is included in all distribution archives and available online on +[GitHub](https://github.com/ngircd/ngircd/blob/master/INSTALL.md). + +Please see the file `doc/QuickStart.md` in the `doc/` directory or on +[GitHub](https://github.com/ngircd/ngircd/blob/master/doc/QuickStart.md) for +information about _setting up_ and _running_ ngIRCd, including some real-world +configuration examples. + +More information can be found in a couple of files in the `doc/` directory +(online on [GitHub](https://github.com/ngircd/ngircd/tree/master/doc)) and in +the [documentation section](https://ngircd.barton.de/documentation) on the +[homepage of ngIRCd](https://ngircd.barton.de). + +In addition, ngIRCd comes with two _manual pages_: `ngircd(8)` (for the daemon) +and `ngircd.conf(5)` (for its configuration file). They have even more details +and list all possible command line parameters and configuration options. You +can read them with the `man` command (when they are installed locally on your +system, e.g. `man 8 ngircd` and `man 5 ngircd.conf`) or online here: + +- Daemon: + [ngircd(8)](https://ngircd.barton.de/man/ngircd.8.html) +- Configuration file: + [ngircd.conf(5)](https://ngircd.barton.de/man/ngircd.conf.5.html) + +## Downloads & Source Code + +You can find the latest information about the ngIRCd and the most recent +stable release on the [news](https://ngircd.barton.de/news) and +[downloads](https://ngircd.barton.de/download) pages of the homepage. + +Visit our source code repository at [GitHub](https://github.com/ngircd/ngircd) +if you are interested in the latest development code. + +## Problems, Bugs, Patches + +Please don't hesitate to contact us if you encounter problems: + +- On IRC: +- Via the mailing list: + +See for details. + +If you find any bugs in ngIRCd (which most probably will be there ...), please +report them to our issue tracker at GitHub: + +- Bug tracker: +- Patches, "pull requests": + +[IRC]: https://wikipedia.org/wiki/Internet_Relay_Chat +[GPL]: https://wikipedia.org/wiki/GNU_General_Public_License diff --git a/autogen.sh b/autogen.sh index bb548227..0cf9a0e3 100755 --- a/autogen.sh +++ b/autogen.sh @@ -1,7 +1,7 @@ #!/bin/sh # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2015 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -60,16 +60,43 @@ # and runs it with these arguments: "./configure --prefix=$HOME". # +Check_Tool() +{ + searchlist="$1" + major="$2" + minor="$3" + + for name in $searchlist; do + $EXIST "${name}${major}${minor}" >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "${name}${major}${minor}" + return 0 + fi + $EXIST "${name}-${major}.${minor}" >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "${name}-${major}.${minor}" + return 0 + fi + done + return 1 +} + Search() { - [ $# -eq 2 ] || exit 1 + [ $# -lt 2 ] && return 1 + [ $# -gt 3 ] && return 1 searchlist="$1" major="$2" + minor_pref="$3" minor=99 [ -n "$PREFIX" ] && searchlist="${PREFIX}/$1 ${PREFIX}/bin/$1 $searchlist" + if [ -n "$minor_pref" ]; then + Check_Tool "$searchlist" "$major" "$minor_pref" && return 0 + fi + for name in $searchlist; do $EXIST "${name}" >/dev/null 2>&1 if [ $? -eq 0 ]; then @@ -83,18 +110,7 @@ Search() done while [ $minor -ge 0 ]; do - for name in $searchlist; do - $EXIST "${name}${major}${minor}" >/dev/null 2>&1 - if [ $? -eq 0 ]; then - echo "${name}${major}${minor}" - return 0 - fi - $EXIST "${name}-${major}.${minor}" >/dev/null 2>&1 - if [ $? -eq 0 ]; then - echo "${name}-${major}.${minor}" - return 0 - fi - done + Check_Tool "$searchlist" "$major" "$minor" && return 0 minor=$(expr $minor - 1) done return 1 @@ -140,11 +156,11 @@ fi # Try to detect the needed tools when no environment variable already # specifies one: echo "Searching for required tools ..." -[ -z "$ACLOCAL" ] && ACLOCAL=$(Search aclocal 1) +[ -z "$ACLOCAL" ] && ACLOCAL=$(Search aclocal 1 11) [ "$VERBOSE" = "1" ] && echo " - ACLOCAL=$ACLOCAL" [ -z "$AUTOHEADER" ] && AUTOHEADER=$(Search autoheader 2) [ "$VERBOSE" = "1" ] && echo " - AUTOHEADER=$AUTOHEADER" -[ -z "$AUTOMAKE" ] && AUTOMAKE=$(Search automake 1) +[ -z "$AUTOMAKE" ] && AUTOMAKE=$(Search automake 1 11) [ "$VERBOSE" = "1" ] && echo " - AUTOMAKE=$AUTOMAKE" [ -z "$AUTOCONF" ] && AUTOCONF=$(Search autoconf 2) [ "$VERBOSE" = "1" ] && echo " - AUTOCONF=$AUTOCONF" diff --git a/config.guess b/config.guess old mode 100644 new mode 100755 index 256083a7..cdfc4392 --- a/config.guess +++ b/config.guess @@ -1,12 +1,14 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright 1992-2018 Free Software Foundation, Inc. +# Copyright 1992-2023 Free Software Foundation, Inc. -timestamp='2018-03-08' +# shellcheck disable=SC2006,SC2268 # see below for rationale + +timestamp='2023-08-22' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or +# the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -27,17 +29,25 @@ timestamp='2018-03-08' # Originally written by Per Bothner; maintained since 2000 by Ben Elliston. # # You can get the latest version of this script from: -# https://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess +# https://git.savannah.gnu.org/cgit/config.git/plain/config.guess # # Please send patches to . +# The "shellcheck disable" line above the timestamp inhibits complaints +# about features and limitations of the classic Bourne shell that were +# superseded or lifted in POSIX. However, this script identifies a wide +# variety of pre-POSIX systems that do not have POSIX shells at all, and +# even some reasonably current systems (Solaris 10 as case-in-point) still +# have a pre-POSIX /bin/sh. + + me=`echo "$0" | sed -e 's,.*/,,'` usage="\ Usage: $0 [OPTION] -Output the configuration name of the system \`$me' is run on. +Output the configuration name of the system '$me' is run on. Options: -h, --help print this help, then exit @@ -50,13 +60,13 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright 1992-2018 Free Software Foundation, Inc. +Copyright 1992-2023 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." help=" -Try \`$me --help' for more information." +Try '$me --help' for more information." # Parse command line while test $# -gt 0 ; do @@ -84,85 +94,107 @@ if test $# != 0; then exit 1 fi -trap 'exit 1' 1 2 15 +# Just in case it came from the environment. +GUESS= # CC_FOR_BUILD -- compiler used by this script. Note that the use of a # compiler to aid in system detection is discouraged as it requires # temporary files to be created and, as you can see below, it is a # headache to deal with in a portable fashion. -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. +# Historically, 'CC_FOR_BUILD' used to be named 'HOST_CC'. We still +# use 'HOST_CC' if defined, but it is deprecated. # Portable tmp directory creation inspired by the Autoconf team. -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > "$dummy.c" ; - for c in cc gcc c89 c99 ; do - if ($c -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' +tmp= +# shellcheck disable=SC2172 +trap 'test -z "$tmp" || rm -fr "$tmp"' 0 1 2 13 15 + +set_cc_for_build() { + # prevent multiple calls if $tmp is already set + test "$tmp" && return 0 + : "${TMPDIR=/tmp}" + # shellcheck disable=SC2039,SC3028 + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir "$tmp" 2>/dev/null) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir "$tmp" 2>/dev/null) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } + dummy=$tmp/dummy + case ${CC_FOR_BUILD-},${HOST_CC-},${CC-} in + ,,) echo "int x;" > "$dummy.c" + for driver in cc gcc c89 c99 ; do + if ($driver -c -o "$dummy.o" "$dummy.c") >/dev/null 2>&1 ; then + CC_FOR_BUILD=$driver + break + fi + done + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; + esac +} # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then +if test -f /.attbin/uname ; then PATH=$PATH:/.attbin ; export PATH fi UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown -case "$UNAME_SYSTEM" in +case $UNAME_SYSTEM in Linux|GNU|GNU/*) - # If the system lacks a compiler, then just pick glibc. - # We could probably try harder. - LIBC=gnu + LIBC=unknown - eval "$set_cc_for_build" + set_cc_for_build cat <<-EOF > "$dummy.c" + #if defined(__ANDROID__) + LIBC=android + #else #include #if defined(__UCLIBC__) LIBC=uclibc #elif defined(__dietlibc__) LIBC=dietlibc - #else + #elif defined(__GLIBC__) LIBC=gnu + #else + #include + /* First heuristic to detect musl libc. */ + #ifdef __DEFINED_va_list + LIBC=musl + #endif + #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'`" + cc_set_libc=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^LIBC' | sed 's, ,,g'` + eval "$cc_set_libc" - # If ldd exists, use it to detect musl libc. - if command -v ldd >/dev/null && \ - ldd --version 2>&1 | grep -q ^musl - then - LIBC=musl + # Second heuristic to detect musl libc. + if [ "$LIBC" = unknown ] && + command -v ldd >/dev/null && + ldd --version 2>&1 | grep -q ^musl; then + LIBC=musl + fi + + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + if [ "$LIBC" = unknown ]; then + LIBC=gnu fi ;; esac # Note: order is significant - the case branches are not exclusive. -case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in +case $UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, @@ -174,12 +206,12 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # # Note: NetBSD doesn't particularly care about the vendor # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" UNAME_MACHINE_ARCH=`(uname -p 2>/dev/null || \ - "/sbin/$sysctl" 2>/dev/null || \ - "/usr/sbin/$sysctl" 2>/dev/null || \ + /sbin/sysctl -n hw.machine_arch 2>/dev/null || \ + /usr/sbin/sysctl -n hw.machine_arch 2>/dev/null || \ echo unknown)` - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in + aarch64eb) machine=aarch64_be-unknown ;; armeb) machine=armeb-unknown ;; arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; @@ -188,18 +220,18 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in earmv*) arch=`echo "$UNAME_MACHINE_ARCH" | sed -e 's,^e\(armv[0-9]\).*$,\1,'` endian=`echo "$UNAME_MACHINE_ARCH" | sed -ne 's,^.*\(eb\)$,\1,p'` - machine="${arch}${endian}"-unknown + machine=${arch}${endian}-unknown ;; - *) machine="$UNAME_MACHINE_ARCH"-unknown ;; + *) machine=$UNAME_MACHINE_ARCH-unknown ;; esac # The Operating System including object format, if it has switched # to ELF recently (or will in the future) and ABI. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) os=netbsdelf ;; arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval "$set_cc_for_build" + set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ELF__ then @@ -215,7 +247,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in ;; esac # Determine ABI tags. - case "$UNAME_MACHINE_ARCH" in + case $UNAME_MACHINE_ARCH in earm*) expr='s/^earmv[0-9]/-eabi/;s/eb$//' abi=`echo "$UNAME_MACHINE_ARCH" | sed -e "$expr"` @@ -226,7 +258,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # thus, need a distinct triplet. However, they do not need # kernel version information, so it can be replaced with a # suitable tag, in the style of linux-gnu. - case "$UNAME_VERSION" in + case $UNAME_VERSION in Debian*) release='-gnu' ;; @@ -237,45 +269,57 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "$machine-${os}${release}${abi}" - exit ;; + GUESS=$machine-${os}${release}${abi-} + ;; *:Bitrig:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-bitrig"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-bitrig$UNAME_RELEASE + ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-openbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-openbsd$UNAME_RELEASE + ;; + *:SecBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/SecBSD.//'` + GUESS=$UNAME_MACHINE_ARCH-unknown-secbsd$UNAME_RELEASE + ;; *:LibertyBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/^.*BSD\.//'` - echo "$UNAME_MACHINE_ARCH"-unknown-libertybsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE_ARCH-unknown-libertybsd$UNAME_RELEASE + ;; *:MidnightBSD:*:*) - echo "$UNAME_MACHINE"-unknown-midnightbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-midnightbsd$UNAME_RELEASE + ;; *:ekkoBSD:*:*) - echo "$UNAME_MACHINE"-unknown-ekkobsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-ekkobsd$UNAME_RELEASE + ;; *:SolidBSD:*:*) - echo "$UNAME_MACHINE"-unknown-solidbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-solidbsd$UNAME_RELEASE + ;; + *:OS108:*:*) + GUESS=$UNAME_MACHINE-unknown-os108_$UNAME_RELEASE + ;; macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-mirbsd$UNAME_RELEASE + ;; *:MirBSD:*:*) - echo "$UNAME_MACHINE"-unknown-mirbsd"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-mirbsd$UNAME_RELEASE + ;; *:Sortix:*:*) - echo "$UNAME_MACHINE"-unknown-sortix - exit ;; + GUESS=$UNAME_MACHINE-unknown-sortix + ;; + *:Twizzler:*:*) + GUESS=$UNAME_MACHINE-unknown-twizzler + ;; *:Redox:*:*) - echo "$UNAME_MACHINE"-unknown-redox - exit ;; + GUESS=$UNAME_MACHINE-unknown-redox + ;; mips:OSF1:*.*) - echo mips-dec-osf1 - exit ;; + GUESS=mips-dec-osf1 + ;; alpha:OSF1:*:*) + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + trap '' 0 case $UNAME_RELEASE in *4.0) UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` @@ -289,7 +333,7 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # covers most systems running today. This code pipes the CPU # types through head -n 1, so we only detect the type of CPU 0. ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in + case $ALPHA_CPU_TYPE in "EV4 (21064)") UNAME_MACHINE=alpha ;; "EV4.5 (21064)") @@ -326,117 +370,121 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # A Tn.n version is a released field test version. # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. - echo "$UNAME_MACHINE"-dec-osf"`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz`" - # Reset EXIT trap before exiting to avoid spurious non-zero exit code. - exitcode=$? - trap '' 0 - exit $exitcode ;; + OSF_REL=`echo "$UNAME_RELEASE" | sed -e 's/^[PVTX]//' | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` + GUESS=$UNAME_MACHINE-dec-osf$OSF_REL + ;; Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; + GUESS=m68k-unknown-sysv4 + ;; *:[Aa]miga[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-amigaos - exit ;; + GUESS=$UNAME_MACHINE-unknown-amigaos + ;; *:[Mm]orph[Oo][Ss]:*:*) - echo "$UNAME_MACHINE"-unknown-morphos - exit ;; + GUESS=$UNAME_MACHINE-unknown-morphos + ;; *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; + GUESS=i370-ibm-openedition + ;; *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; + GUESS=s390-ibm-zvmoe + ;; *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; + GUESS=powerpc-ibm-os400 + ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix"$UNAME_RELEASE" - exit ;; + GUESS=arm-acorn-riscix$UNAME_RELEASE + ;; arm*:riscos:*:*|arm*:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; + GUESS=arm-unknown-riscos + ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; + GUESS=hppa1.1-hitachi-hiuxmpp + ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; + case `(/bin/universe) 2>/dev/null` in + att) GUESS=pyramid-pyramid-sysv3 ;; + *) GUESS=pyramid-pyramid-bsd ;; + esac + ;; NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; + GUESS=pyramid-pyramid-svr4 + ;; DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; + GUESS=sparc-icl-nx6 + ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; + sparc) GUESS=sparc-icl-nx7 ;; + esac + ;; s390x:SunOS:*:*) - echo "$UNAME_MACHINE"-ibm-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$UNAME_MACHINE-ibm-solaris2$SUN_REL + ;; sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-hal-solaris2$SUN_REL + ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2"`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris2$SUN_REL + ;; i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux"$UNAME_RELEASE" - exit ;; + GUESS=i386-pc-auroraux$UNAME_RELEASE + ;; i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval "$set_cc_for_build" + set_cc_for_build SUN_ARCH=i386 # If there is a compiler, see if it is configured for 64-bit objects. # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. # This test works for both compilers. - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then + if test "$CC_FOR_BUILD" != no_compiler_found; then if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + (CCOPTS="" $CC_FOR_BUILD -m64 -E - 2>/dev/null) | \ grep IS_64BIT_ARCH >/dev/null then SUN_ARCH=x86_64 fi fi - echo "$SUN_ARCH"-pc-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=$SUN_ARCH-pc-solaris2$SUN_REL + ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=sparc-sun-solaris3$SUN_REL + ;; sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in + case `/usr/bin/arch -k` in Series*|S4*) UNAME_RELEASE=`uname -v` ;; esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos"`echo "$UNAME_RELEASE"|sed -e 's/-/_/'`" - exit ;; + # Japanese Language versions have a version number like '4.1.3-JL'. + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/'` + GUESS=sparc-sun-sunos$SUN_REL + ;; sun3*:SunOS:*:*) - echo m68k-sun-sunos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-sun-sunos$UNAME_RELEASE + ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x$UNAME_RELEASE" = x && UNAME_RELEASE=3 - case "`/bin/arch`" in + case `/bin/arch` in sun3) - echo m68k-sun-sunos"$UNAME_RELEASE" + GUESS=m68k-sun-sunos$UNAME_RELEASE ;; sun4) - echo sparc-sun-sunos"$UNAME_RELEASE" + GUESS=sparc-sun-sunos$UNAME_RELEASE ;; esac - exit ;; + ;; aushp:SunOS:*:*) - echo sparc-auspex-sunos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-auspex-sunos$UNAME_RELEASE + ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor @@ -446,43 +494,43 @@ case "$UNAME_MACHINE:$UNAME_SYSTEM:$UNAME_RELEASE:$UNAME_VERSION" in # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-atari-mint$UNAME_RELEASE + ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-milan-mint$UNAME_RELEASE + ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-hades-mint$UNAME_RELEASE + ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-mint$UNAME_RELEASE + ;; m68k:machten:*:*) - echo m68k-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-machten$UNAME_RELEASE + ;; powerpc:machten:*:*) - echo powerpc-apple-machten"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-machten$UNAME_RELEASE + ;; RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; + GUESS=mips-dec-mach_bsd4.3 + ;; RISC*:ULTRIX:*:*) - echo mips-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=mips-dec-ultrix$UNAME_RELEASE + ;; VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix"$UNAME_RELEASE" - exit ;; + GUESS=vax-dec-ultrix$UNAME_RELEASE + ;; 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix"$UNAME_RELEASE" - exit ;; + GUESS=clipper-intergraph-clix$UNAME_RELEASE + ;; mips:*:*:UMIPS | mips:*:*:RISCos) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #ifdef __cplusplus #include /* for printf() prototype */ @@ -508,78 +556,79 @@ EOF dummyarg=`echo "$UNAME_RELEASE" | sed -n 's/\([0-9]*\).*/\1/p'` && SYSTEM_NAME=`"$dummy" "$dummyarg"` && { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos"$UNAME_RELEASE" - exit ;; + GUESS=mips-mips-riscos$UNAME_RELEASE + ;; Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; + GUESS=powerpc-motorola-powermax + ;; Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; + GUESS=powerpc-harris-powermax + ;; Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; + GUESS=powerpc-harris-powerunix + ;; m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; + GUESS=m88k-harris-cxux7 + ;; m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; + GUESS=m88k-motorola-sysv4 + ;; m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ "$UNAME_PROCESSOR" = mc88100 ] || [ "$UNAME_PROCESSOR" = mc88110 ] + if test "$UNAME_PROCESSOR" = mc88100 || test "$UNAME_PROCESSOR" = mc88110 then - if [ "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx ] || \ - [ "$TARGET_BINARY_INTERFACE"x = x ] + if test "$TARGET_BINARY_INTERFACE"x = m88kdguxelfx || \ + test "$TARGET_BINARY_INTERFACE"x = x then - echo m88k-dg-dgux"$UNAME_RELEASE" + GUESS=m88k-dg-dgux$UNAME_RELEASE else - echo m88k-dg-dguxbcs"$UNAME_RELEASE" + GUESS=m88k-dg-dguxbcs$UNAME_RELEASE fi else - echo i586-dg-dgux"$UNAME_RELEASE" + GUESS=i586-dg-dgux$UNAME_RELEASE fi - exit ;; + ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; + GUESS=m88k-dolphin-sysv3 + ;; M88*:*:R3*:*) # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; + GUESS=m88k-motorola-sysv3 + ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; + GUESS=m88k-tektronix-sysv3 + ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; + GUESS=m68k-tektronix-bsd + ;; *:IRIX*:*:*) - echo mips-sgi-irix"`echo "$UNAME_RELEASE"|sed -e 's/-/_/g'`" - exit ;; + IRIX_REL=`echo "$UNAME_RELEASE" | sed -e 's/-/_/g'` + GUESS=mips-sgi-irix$IRIX_REL + ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + GUESS=romp-ibm-aix # uname -m gives an 8 hex-code CPU id + ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; + GUESS=i386-ibm-aix + ;; ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then + if test -x /usr/bin/oslevel ; then IBM_REV=`/usr/bin/oslevel` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$UNAME_MACHINE"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$UNAME_MACHINE-ibm-aix$IBM_REV + ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include @@ -593,16 +642,16 @@ EOF EOF if $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` then - echo "$SYSTEM_NAME" + GUESS=$SYSTEM_NAME else - echo rs6000-ibm-aix3.2.5 + GUESS=rs6000-ibm-aix3.2.5 fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 + GUESS=rs6000-ibm-aix3.2.4 else - echo rs6000-ibm-aix3.2 + GUESS=rs6000-ibm-aix3.2 fi - exit ;; + ;; *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El "$IBM_CPU_ID" | grep ' POWER' >/dev/null 2>&1; then @@ -610,57 +659,57 @@ EOF else IBM_ARCH=powerpc fi - if [ -x /usr/bin/lslpp ] ; then - IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | + if test -x /usr/bin/lslpp ; then + IBM_REV=`/usr/bin/lslpp -Lqc bos.rte.libc | \ awk -F: '{ print $3 }' | sed s/[0-9]*$/0/` else - IBM_REV="$UNAME_VERSION.$UNAME_RELEASE" + IBM_REV=$UNAME_VERSION.$UNAME_RELEASE fi - echo "$IBM_ARCH"-ibm-aix"$IBM_REV" - exit ;; + GUESS=$IBM_ARCH-ibm-aix$IBM_REV + ;; *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; + GUESS=rs6000-ibm-aix + ;; ibmrt:4.4BSD:*|romp-ibm:4.4BSD:*) - echo romp-ibm-bsd4.4 - exit ;; + GUESS=romp-ibm-bsd4.4 + ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd"$UNAME_RELEASE" # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 + GUESS=romp-ibm-bsd$UNAME_RELEASE # 4.3 with uname added to + ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; + GUESS=rs6000-bull-bosx + ;; DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; + GUESS=m68k-bull-sysv3 + ;; 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; + GUESS=m68k-hp-bsd + ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; + GUESS=m68k-hp-bsd4.4 + ;; 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - case "$UNAME_MACHINE" in + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + case $UNAME_MACHINE in 9000/31?) HP_ARCH=m68000 ;; 9000/[34]??) HP_ARCH=m68k ;; 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then + if test -x /usr/bin/getconf; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "$sc_cpu_version" in + case $sc_cpu_version in 523) HP_ARCH=hppa1.0 ;; # CPU_PA_RISC1_0 528) HP_ARCH=hppa1.1 ;; # CPU_PA_RISC1_1 532) # CPU_PA_RISC2_0 - case "$sc_kernel_bits" in + case $sc_kernel_bits in 32) HP_ARCH=hppa2.0n ;; 64) HP_ARCH=hppa2.0w ;; '') HP_ARCH=hppa2.0 ;; # HP-UX 10.20 esac ;; esac fi - if [ "$HP_ARCH" = "" ]; then - eval "$set_cc_for_build" + if test "$HP_ARCH" = ""; then + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #define _HPUX_SOURCE @@ -698,9 +747,9 @@ EOF test -z "$HP_ARCH" && HP_ARCH=hppa fi ;; esac - if [ "$HP_ARCH" = hppa2.0w ] + if test "$HP_ARCH" = hppa2.0w then - eval "$set_cc_for_build" + set_cc_for_build # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler @@ -719,14 +768,14 @@ EOF HP_ARCH=hppa64 fi fi - echo "$HP_ARCH"-hp-hpux"$HPUX_REV" - exit ;; + GUESS=$HP_ARCH-hp-hpux$HPUX_REV + ;; ia64:HP-UX:*:*) - HPUX_REV=`echo "$UNAME_RELEASE"|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux"$HPUX_REV" - exit ;; + HPUX_REV=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*.[0B]*//'` + GUESS=ia64-hp-hpux$HPUX_REV + ;; 3050*:HI-UX:*:*) - eval "$set_cc_for_build" + set_cc_for_build sed 's/^ //' << EOF > "$dummy.c" #include int @@ -754,36 +803,36 @@ EOF EOF $CC_FOR_BUILD -o "$dummy" "$dummy.c" && SYSTEM_NAME=`"$dummy"` && { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; + GUESS=unknown-hitachi-hiuxwe2 + ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:*) - echo hppa1.1-hp-bsd - exit ;; + GUESS=hppa1.1-hp-bsd + ;; 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; + GUESS=hppa1.0-hp-bsd + ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; + GUESS=hppa1.0-hp-mpeix + ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:*) - echo hppa1.1-hp-osf - exit ;; + GUESS=hppa1.1-hp-osf + ;; hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; + GUESS=hppa1.0-hp-osf + ;; i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo "$UNAME_MACHINE"-unknown-osf1mk + if test -x /usr/sbin/sysversion ; then + GUESS=$UNAME_MACHINE-unknown-osf1mk else - echo "$UNAME_MACHINE"-unknown-osf1 + GUESS=$UNAME_MACHINE-unknown-osf1 fi - exit ;; + ;; parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; + GUESS=hppa1.1-hp-lites + ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; + GUESS=c1-convex-bsd + ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd @@ -791,17 +840,18 @@ EOF fi exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; + GUESS=c34-convex-bsd + ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; + GUESS=c38-convex-bsd + ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; + GUESS=c4-convex-bsd + ;; CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=ymp-cray-unicos$CRAY_REL + ;; CRAY*[A-Z]90:*:*:*) echo "$UNAME_MACHINE"-cray-unicos"$UNAME_RELEASE" \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ @@ -809,103 +859,155 @@ EOF -e 's/\.[^.]*$/.X/' exit ;; CRAY*TS:*:*:*) - echo t90-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=t90-cray-unicos$CRAY_REL + ;; CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=alphaev5-cray-unicosmk$CRAY_REL + ;; CRAY*SV1:*:*:*) - echo sv1-cray-unicos"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=sv1-cray-unicos$CRAY_REL + ;; *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp"$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/' - exit ;; + CRAY_REL=`echo "$UNAME_RELEASE" | sed -e 's/\.[^.]*$/.X/'` + GUESS=craynv-cray-unicosmp$CRAY_REL + ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/\///'` FUJITSU_REL=`echo "$UNAME_RELEASE" | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + GUESS=sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL} + ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo "$UNAME_MACHINE"-pc-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-pc-bsdi$UNAME_RELEASE + ;; sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-bsdi$UNAME_RELEASE + ;; *:BSD/OS:*:*) - echo "$UNAME_MACHINE"-unknown-bsdi"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-unknown-bsdi$UNAME_RELEASE + ;; + arm:FreeBSD:*:*) + UNAME_PROCESSOR=`uname -p` + set_cc_for_build + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabi + else + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL-gnueabihf + fi + ;; *:FreeBSD:*:*) - UNAME_PROCESSOR=`/usr/bin/uname -p` - case "$UNAME_PROCESSOR" in + UNAME_PROCESSOR=`uname -p` + case $UNAME_PROCESSOR in amd64) UNAME_PROCESSOR=x86_64 ;; i386) UNAME_PROCESSOR=i586 ;; esac - echo "$UNAME_PROCESSOR"-unknown-freebsd"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + FREEBSD_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_PROCESSOR-unknown-freebsd$FREEBSD_REL + ;; i*:CYGWIN*:*) - echo "$UNAME_MACHINE"-pc-cygwin - exit ;; + GUESS=$UNAME_MACHINE-pc-cygwin + ;; *:MINGW64*:*) - echo "$UNAME_MACHINE"-pc-mingw64 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw64 + ;; *:MINGW*:*) - echo "$UNAME_MACHINE"-pc-mingw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-mingw32 + ;; *:MSYS*:*) - echo "$UNAME_MACHINE"-pc-msys - exit ;; + GUESS=$UNAME_MACHINE-pc-msys + ;; i*:PW*:*) - echo "$UNAME_MACHINE"-pc-pw32 - exit ;; + GUESS=$UNAME_MACHINE-pc-pw32 + ;; + *:SerenityOS:*:*) + GUESS=$UNAME_MACHINE-pc-serenity + ;; *:Interix*:*) - case "$UNAME_MACHINE" in + case $UNAME_MACHINE in x86) - echo i586-pc-interix"$UNAME_RELEASE" - exit ;; + GUESS=i586-pc-interix$UNAME_RELEASE + ;; authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=x86_64-unknown-interix$UNAME_RELEASE + ;; IA64) - echo ia64-unknown-interix"$UNAME_RELEASE" - exit ;; + GUESS=ia64-unknown-interix$UNAME_RELEASE + ;; esac ;; i*:UWIN*:*) - echo "$UNAME_MACHINE"-pc-uwin - exit ;; + GUESS=$UNAME_MACHINE-pc-uwin + ;; amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; + GUESS=x86_64-pc-cygwin + ;; prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2"`echo "$UNAME_RELEASE"|sed -e 's/[^.]*//'`" - exit ;; + SUN_REL=`echo "$UNAME_RELEASE" | sed -e 's/[^.]*//'` + GUESS=powerpcle-unknown-solaris2$SUN_REL + ;; *:GNU:*:*) # the GNU system - echo "`echo "$UNAME_MACHINE"|sed -e 's,[-/].*$,,'`-unknown-$LIBC`echo "$UNAME_RELEASE"|sed -e 's,/.*$,,'`" - exit ;; + GNU_ARCH=`echo "$UNAME_MACHINE" | sed -e 's,[-/].*$,,'` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's,/.*$,,'` + GUESS=$GNU_ARCH-unknown-$LIBC$GNU_REL + ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo "$UNAME_MACHINE-unknown-`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"``echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`-$LIBC" - exit ;; - i*86:Minix:*:*) - echo "$UNAME_MACHINE"-pc-minix - exit ;; + GNU_SYS=`echo "$UNAME_SYSTEM" | sed 's,^[^/]*/,,' | tr "[:upper:]" "[:lower:]"` + GNU_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-$GNU_SYS$GNU_REL-$LIBC + ;; + x86_64:[Mm]anagarm:*:*|i?86:[Mm]anagarm:*:*) + GUESS="$UNAME_MACHINE-pc-managarm-mlibc" + ;; + *:[Mm]anagarm:*:*) + GUESS="$UNAME_MACHINE-unknown-managarm-mlibc" + ;; + *:Minix:*:*) + GUESS=$UNAME_MACHINE-unknown-minix + ;; aarch64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + set_cc_for_build + CPU=$UNAME_MACHINE + LIBCABI=$LIBC + if test "$CC_FOR_BUILD" != no_compiler_found; then + ABI=64 + sed 's/^ //' << EOF > "$dummy.c" + #ifdef __ARM_EABI__ + #ifdef __ARM_PCS_VFP + ABI=eabihf + #else + ABI=eabi + #endif + #endif +EOF + cc_set_abi=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^ABI' | sed 's, ,,g'` + eval "$cc_set_abi" + case $ABI in + eabi | eabihf) CPU=armv8l; LIBCABI=$LIBC$ABI ;; + esac + fi + GUESS=$CPU-unknown-linux-$LIBCABI + ;; aarch64_be:Linux:*:*) UNAME_MACHINE=aarch64_be - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in EV5) UNAME_MACHINE=alphaev5 ;; EV56) UNAME_MACHINE=alphaev56 ;; PCA56) UNAME_MACHINE=alphapca56 ;; @@ -916,183 +1018,245 @@ EOF esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC=gnulibc1 ; fi - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; - arc:Linux:*:* | arceb:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + arc:Linux:*:* | arceb:Linux:*:* | arc32:Linux:*:* | arc64:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; arm*:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_EABI__ then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC else if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ | grep -q __ARM_PCS_VFP then - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabi + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabi else - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC"eabihf + GUESS=$UNAME_MACHINE-unknown-linux-${LIBC}eabihf fi fi - exit ;; + ;; avr32*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; cris:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; crisv32:Linux:*:*) - echo "$UNAME_MACHINE"-axis-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-axis-linux-$LIBC + ;; e2k:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; frv:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; hexagon:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:Linux:*:*) - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-pc-linux-$LIBC + ;; ia64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; k1om:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + kvx:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; + kvx:cos:*:*) + GUESS=$UNAME_MACHINE-unknown-cos + ;; + kvx:mbr:*:*) + GUESS=$UNAME_MACHINE-unknown-mbr + ;; + loongarch32:Linux:*:* | loongarch64:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m32r*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; m68*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; mips:Linux:*:* | mips64:Linux:*:*) - eval "$set_cc_for_build" + set_cc_for_build + IS_GLIBC=0 + test x"${LIBC}" = xgnu && IS_GLIBC=1 sed 's/^ //' << EOF > "$dummy.c" #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el + #undef mips + #undef mipsel + #undef mips64 + #undef mips64el + #if ${IS_GLIBC} && defined(_ABI64) + LIBCABI=gnuabi64 + #else + #if ${IS_GLIBC} && defined(_ABIN32) + LIBCABI=gnuabin32 + #else + LIBCABI=${LIBC} + #endif + #endif + + #if ${IS_GLIBC} && defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa64r6 + #else + #if ${IS_GLIBC} && !defined(__mips64) && defined(__mips_isa_rev) && __mips_isa_rev>=6 + CPU=mipsisa32r6 + #else + #if defined(__mips64) + CPU=mips64 + #else + CPU=mips + #endif + #endif + #endif + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el + MIPS_ENDIAN=el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} + MIPS_ENDIAN= #else - CPU= + MIPS_ENDIAN= #endif #endif EOF - eval "`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU'`" - test "x$CPU" != x && { echo "$CPU-unknown-linux-$LIBC"; exit; } + cc_set_vars=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^CPU\|^MIPS_ENDIAN\|^LIBCABI'` + eval "$cc_set_vars" + test "x$CPU" != x && { echo "$CPU${MIPS_ENDIAN}-unknown-linux-$LIBCABI"; exit; } ;; mips64el:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; openrisc*:Linux:*:*) - echo or1k-unknown-linux-"$LIBC" - exit ;; + GUESS=or1k-unknown-linux-$LIBC + ;; or32:Linux:*:* | or1k*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; padre:Linux:*:*) - echo sparc-unknown-linux-"$LIBC" - exit ;; + GUESS=sparc-unknown-linux-$LIBC + ;; parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-"$LIBC" - exit ;; + GUESS=hppa64-unknown-linux-$LIBC + ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-"$LIBC" ;; - PA8*) echo hppa2.0-unknown-linux-"$LIBC" ;; - *) echo hppa-unknown-linux-"$LIBC" ;; + PA7*) GUESS=hppa1.1-unknown-linux-$LIBC ;; + PA8*) GUESS=hppa2.0-unknown-linux-$LIBC ;; + *) GUESS=hppa-unknown-linux-$LIBC ;; esac - exit ;; + ;; ppc64:Linux:*:*) - echo powerpc64-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64-unknown-linux-$LIBC + ;; ppc:Linux:*:*) - echo powerpc-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc-unknown-linux-$LIBC + ;; ppc64le:Linux:*:*) - echo powerpc64le-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpc64le-unknown-linux-$LIBC + ;; ppcle:Linux:*:*) - echo powerpcle-unknown-linux-"$LIBC" - exit ;; - riscv32:Linux:*:* | riscv64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=powerpcle-unknown-linux-$LIBC + ;; + riscv32:Linux:*:* | riscv32be:Linux:*:* | riscv64:Linux:*:* | riscv64be:Linux:*:*) + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; s390:Linux:*:* | s390x:Linux:*:*) - echo "$UNAME_MACHINE"-ibm-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-ibm-linux-$LIBC + ;; sh64*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sh*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; tile*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; vax:Linux:*:*) - echo "$UNAME_MACHINE"-dec-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-dec-linux-$LIBC + ;; x86_64:Linux:*:*) - echo "$UNAME_MACHINE"-pc-linux-"$LIBC" - exit ;; + set_cc_for_build + CPU=$UNAME_MACHINE + LIBCABI=$LIBC + if test "$CC_FOR_BUILD" != no_compiler_found; then + ABI=64 + sed 's/^ //' << EOF > "$dummy.c" + #ifdef __i386__ + ABI=x86 + #else + #ifdef __ILP32__ + ABI=x32 + #endif + #endif +EOF + cc_set_abi=`$CC_FOR_BUILD -E "$dummy.c" 2>/dev/null | grep '^ABI' | sed 's, ,,g'` + eval "$cc_set_abi" + case $ABI in + x86) CPU=i686 ;; + x32) LIBCABI=${LIBC}x32 ;; + esac + fi + GUESS=$CPU-pc-linux-$LIBCABI + ;; xtensa*:Linux:*:*) - echo "$UNAME_MACHINE"-unknown-linux-"$LIBC" - exit ;; + GUESS=$UNAME_MACHINE-unknown-linux-$LIBC + ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; + GUESS=i386-sequent-sysv4 + ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. - echo "$UNAME_MACHINE"-pc-sysv4.2uw"$UNAME_VERSION" - exit ;; + GUESS=$UNAME_MACHINE-pc-sysv4.2uw$UNAME_VERSION + ;; i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility + # If we were able to find 'uname', then EMX Unix compatibility # is probably installed. - echo "$UNAME_MACHINE"-pc-os2-emx - exit ;; + GUESS=$UNAME_MACHINE-pc-os2-emx + ;; i*86:XTS-300:*:STOP) - echo "$UNAME_MACHINE"-unknown-stop - exit ;; + GUESS=$UNAME_MACHINE-unknown-stop + ;; i*86:atheos:*:*) - echo "$UNAME_MACHINE"-unknown-atheos - exit ;; + GUESS=$UNAME_MACHINE-unknown-atheos + ;; i*86:syllable:*:*) - echo "$UNAME_MACHINE"-pc-syllable - exit ;; + GUESS=$UNAME_MACHINE-pc-syllable + ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=i386-unknown-lynxos$UNAME_RELEASE + ;; i*86:*DOS:*:*) - echo "$UNAME_MACHINE"-pc-msdosdjgpp - exit ;; + GUESS=$UNAME_MACHINE-pc-msdosdjgpp + ;; i*86:*:4.*:*) UNAME_REL=`echo "$UNAME_RELEASE" | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo "$UNAME_MACHINE"-univel-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-univel-sysv$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sysv$UNAME_REL fi - exit ;; + ;; i*86:*:5:[678]*) # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in @@ -1100,12 +1264,12 @@ EOF *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac - echo "$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}{$UNAME_VERSION}" - exit ;; + GUESS=$UNAME_MACHINE-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 @@ -1115,11 +1279,11 @@ EOF && UNAME_MACHINE=i686 (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ && UNAME_MACHINE=i686 - echo "$UNAME_MACHINE"-pc-sco"$UNAME_REL" + GUESS=$UNAME_MACHINE-pc-sco$UNAME_REL else - echo "$UNAME_MACHINE"-pc-sysv32 + GUESS=$UNAME_MACHINE-pc-sysv32 fi - exit ;; + ;; pc:*:*:*) # Left here for compatibility: # uname -m prints for DJGPP always 'pc', but it prints nothing about @@ -1127,31 +1291,31 @@ EOF # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configure will decide that # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; + GUESS=i586-pc-msdosdjgpp + ;; Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; + GUESS=i386-pc-mach3 + ;; paragon:*:*:*) - echo i860-intel-osf1 - exit ;; + GUESS=i860-intel-osf1 + ;; i860:*:4.*:*) # i860-SVR4 if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv"$UNAME_RELEASE" # Stardent Vistra i860-SVR4 + GUESS=i860-stardent-sysv$UNAME_RELEASE # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv"$UNAME_RELEASE" # Unknown i860-SVR4 + GUESS=i860-unknown-sysv$UNAME_RELEASE # Unknown i860-SVR4 fi - exit ;; + ;; mini*:CTIX:SYS*5:*) # "miniframe" - echo m68010-convergent-sysv - exit ;; + GUESS=m68010-convergent-sysv + ;; mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; + GUESS=m68k-convergent-sysv + ;; M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; + GUESS=m68k-diab-dnix + ;; M68*:*:R3V[5678]*:*) test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) @@ -1176,249 +1340,407 @@ EOF /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ && { echo i586-ncr-sysv4.3"$OS_REL"; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=m68k-unknown-lynxos$UNAME_RELEASE + ;; mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; + GUESS=m68k-atari-sysv4 + ;; TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=sparc-unknown-lynxos$UNAME_RELEASE + ;; rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=rs6000-unknown-lynxos$UNAME_RELEASE + ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-unknown-lynxos$UNAME_RELEASE + ;; SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv"$UNAME_RELEASE" - exit ;; + GUESS=mips-dde-sysv$UNAME_RELEASE + ;; RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; + GUESS=mips-sni-sysv4 + ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo "$UNAME_MACHINE"-sni-sysv4 + GUESS=$UNAME_MACHINE-sni-sysv4 else - echo ns32k-sni-sysv + GUESS=ns32k-sni-sysv fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + ;; + PENTIUM:*:4.0*:*) # Unisys 'ClearPath HMP IX 4000' SVR4/MP effort # says - echo i586-unisys-sysv4 - exit ;; + GUESS=i586-unisys-sysv4 + ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; + GUESS=hppa1.1-stratus-sysv4 + ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; + GUESS=i860-stratus-sysv4 + ;; i*86:VOS:*:*) # From Paul.Green@stratus.com. - echo "$UNAME_MACHINE"-stratus-vos - exit ;; + GUESS=$UNAME_MACHINE-stratus-vos + ;; *:VOS:*:*) # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; + GUESS=hppa1.1-stratus-vos + ;; mc68*:A/UX:*:*) - echo m68k-apple-aux"$UNAME_RELEASE" - exit ;; + GUESS=m68k-apple-aux$UNAME_RELEASE + ;; news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; + GUESS=mips-sony-newsos6 + ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv"$UNAME_RELEASE" + if test -d /usr/nec; then + GUESS=mips-nec-sysv$UNAME_RELEASE else - echo mips-unknown-sysv"$UNAME_RELEASE" + GUESS=mips-unknown-sysv$UNAME_RELEASE fi - exit ;; + ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; + GUESS=powerpc-be-beos + ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; + GUESS=powerpc-apple-beos + ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; + GUESS=i586-pc-beos + ;; BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; - x86_64:Haiku:*:*) - echo x86_64-unknown-haiku - exit ;; + GUESS=i586-pc-haiku + ;; + ppc:Haiku:*:*) # Haiku running on Apple PowerPC + GUESS=powerpc-apple-haiku + ;; + *:Haiku:*:*) # Haiku modern gcc (not bound by BeOS compat) + GUESS=$UNAME_MACHINE-unknown-haiku + ;; SX-4:SUPER-UX:*:*) - echo sx4-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx4-nec-superux$UNAME_RELEASE + ;; SX-5:SUPER-UX:*:*) - echo sx5-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx5-nec-superux$UNAME_RELEASE + ;; SX-6:SUPER-UX:*:*) - echo sx6-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx6-nec-superux$UNAME_RELEASE + ;; SX-7:SUPER-UX:*:*) - echo sx7-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx7-nec-superux$UNAME_RELEASE + ;; SX-8:SUPER-UX:*:*) - echo sx8-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8-nec-superux$UNAME_RELEASE + ;; SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sx8r-nec-superux$UNAME_RELEASE + ;; SX-ACE:SUPER-UX:*:*) - echo sxace-nec-superux"$UNAME_RELEASE" - exit ;; + GUESS=sxace-nec-superux$UNAME_RELEASE + ;; Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=powerpc-apple-rhapsody$UNAME_RELEASE + ;; *:Rhapsody:*:*) - echo "$UNAME_MACHINE"-apple-rhapsody"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-apple-rhapsody$UNAME_RELEASE + ;; + arm64:Darwin:*:*) + GUESS=aarch64-apple-darwin$UNAME_RELEASE + ;; *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - eval "$set_cc_for_build" - if test "$UNAME_PROCESSOR" = unknown ; then - UNAME_PROCESSOR=powerpc + UNAME_PROCESSOR=`uname -p` + case $UNAME_PROCESSOR in + unknown) UNAME_PROCESSOR=powerpc ;; + esac + if command -v xcode-select > /dev/null 2> /dev/null && \ + ! xcode-select --print-path > /dev/null 2> /dev/null ; then + # Avoid executing cc if there is no toolchain installed as + # cc will be a stub that puts up a graphical alert + # prompting the user to install developer tools. + CC_FOR_BUILD=no_compiler_found + else + set_cc_for_build fi - if test "`echo "$UNAME_RELEASE" | sed -e 's/\..*//'`" -le 10 ; then - if [ "$CC_FOR_BUILD" != no_compiler_found ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - case $UNAME_PROCESSOR in - i386) UNAME_PROCESSOR=x86_64 ;; - powerpc) UNAME_PROCESSOR=powerpc64 ;; - esac - fi - # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc - if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ - (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_PPC >/dev/null - then - UNAME_PROCESSOR=powerpc - fi + if test "$CC_FOR_BUILD" != no_compiler_found; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + # On 10.4-10.6 one might compile for PowerPC via gcc -arch ppc + if (echo '#ifdef __POWERPC__'; echo IS_PPC; echo '#endif') | \ + (CCOPTS="" $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_PPC >/dev/null + then + UNAME_PROCESSOR=powerpc fi elif test "$UNAME_PROCESSOR" = i386 ; then - # Avoid executing cc on OS X 10.9, as it ships with a stub - # that puts up a graphical alert prompting to install - # developer tools. Any system running Mac OS X 10.7 or - # later (Darwin 11 and later) is required to have a 64-bit - # processor. This is not true of the ARM version of Darwin - # that Apple uses in portable devices. - UNAME_PROCESSOR=x86_64 + # uname -m returns i386 or x86_64 + UNAME_PROCESSOR=$UNAME_MACHINE fi - echo "$UNAME_PROCESSOR"-apple-darwin"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-apple-darwin$UNAME_RELEASE + ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = x86; then UNAME_PROCESSOR=i386 UNAME_MACHINE=pc fi - echo "$UNAME_PROCESSOR"-"$UNAME_MACHINE"-nto-qnx"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_PROCESSOR-$UNAME_MACHINE-nto-qnx$UNAME_RELEASE + ;; *:QNX:*:4*) - echo i386-pc-qnx - exit ;; + GUESS=i386-pc-qnx + ;; NEO-*:NONSTOP_KERNEL:*:*) - echo neo-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=neo-tandem-nsk$UNAME_RELEASE + ;; NSE-*:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nse-tandem-nsk$UNAME_RELEASE + ;; NSR-*:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsr-tandem-nsk$UNAME_RELEASE + ;; NSV-*:NONSTOP_KERNEL:*:*) - echo nsv-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsv-tandem-nsk$UNAME_RELEASE + ;; NSX-*:NONSTOP_KERNEL:*:*) - echo nsx-tandem-nsk"$UNAME_RELEASE" - exit ;; + GUESS=nsx-tandem-nsk$UNAME_RELEASE + ;; *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; + GUESS=mips-compaq-nonstopux + ;; BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; + GUESS=bs2000-siemens-sysv + ;; DS/*:UNIX_System_V:*:*) - echo "$UNAME_MACHINE"-"$UNAME_SYSTEM"-"$UNAME_RELEASE" - exit ;; + GUESS=$UNAME_MACHINE-$UNAME_SYSTEM-$UNAME_RELEASE + ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 # operating systems. - if test "$cputype" = 386; then + if test "${cputype-}" = 386; then UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" + elif test "x${cputype-}" != x; then + UNAME_MACHINE=$cputype fi - echo "$UNAME_MACHINE"-unknown-plan9 - exit ;; + GUESS=$UNAME_MACHINE-unknown-plan9 + ;; *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; + GUESS=pdp10-unknown-tops10 + ;; *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; + GUESS=pdp10-unknown-tenex + ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; + GUESS=pdp10-dec-tops20 + ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; + GUESS=pdp10-xkl-tops20 + ;; *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; + GUESS=pdp10-unknown-tops20 + ;; *:ITS:*:*) - echo pdp10-unknown-its - exit ;; + GUESS=pdp10-unknown-its + ;; SEI:*:*:SEIUX) - echo mips-sei-seiux"$UNAME_RELEASE" - exit ;; + GUESS=mips-sei-seiux$UNAME_RELEASE + ;; *:DragonFly:*:*) - echo "$UNAME_MACHINE"-unknown-dragonfly"`echo "$UNAME_RELEASE"|sed -e 's/[-(].*//'`" - exit ;; + DRAGONFLY_REL=`echo "$UNAME_RELEASE" | sed -e 's/[-(].*//'` + GUESS=$UNAME_MACHINE-unknown-dragonfly$DRAGONFLY_REL + ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "$UNAME_MACHINE" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; + case $UNAME_MACHINE in + A*) GUESS=alpha-dec-vms ;; + I*) GUESS=ia64-dec-vms ;; + V*) GUESS=vax-dec-vms ;; esac ;; *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; + GUESS=i386-pc-xenix + ;; i*86:skyos:*:*) - echo "$UNAME_MACHINE"-pc-skyos"`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'`" - exit ;; + SKYOS_REL=`echo "$UNAME_RELEASE" | sed -e 's/ .*$//'` + GUESS=$UNAME_MACHINE-pc-skyos$SKYOS_REL + ;; i*86:rdos:*:*) - echo "$UNAME_MACHINE"-pc-rdos - exit ;; - i*86:AROS:*:*) - echo "$UNAME_MACHINE"-pc-aros - exit ;; + GUESS=$UNAME_MACHINE-pc-rdos + ;; + i*86:Fiwix:*:*) + GUESS=$UNAME_MACHINE-pc-fiwix + ;; + *:AROS:*:*) + GUESS=$UNAME_MACHINE-unknown-aros + ;; x86_64:VMkernel:*:*) - echo "$UNAME_MACHINE"-unknown-esx - exit ;; + GUESS=$UNAME_MACHINE-unknown-esx + ;; amd64:Isilon\ OneFS:*:*) - echo x86_64-unknown-onefs - exit ;; + GUESS=x86_64-unknown-onefs + ;; + *:Unleashed:*:*) + GUESS=$UNAME_MACHINE-unknown-unleashed$UNAME_RELEASE + ;; esac +# Do we have a guess based on uname results? +if test "x$GUESS" != x; then + echo "$GUESS" + exit +fi + +# No uname command or uname output not recognized. +set_cc_for_build +cat > "$dummy.c" < +#include +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined (vax) || defined (__vax) || defined (__vax__) || defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#include +#if defined(_SIZE_T_) || defined(SIGLOST) +#include +#endif +#endif +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); +#endif + +#if defined (vax) +#if !defined (ultrix) +#include +#if defined (BSD) +#if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +#else +#if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#endif +#else + printf ("vax-dec-bsd\n"); exit (0); +#endif +#else +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname un; + uname (&un); + printf ("vax-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("vax-dec-ultrix\n"); exit (0); +#endif +#endif +#endif +#if defined(ultrix) || defined(_ultrix) || defined(__ultrix) || defined(__ultrix__) +#if defined(mips) || defined(__mips) || defined(__mips__) || defined(MIPS) || defined(__MIPS__) +#if defined(_SIZE_T_) || defined(SIGLOST) + struct utsname *un; + uname (&un); + printf ("mips-dec-ultrix%s\n", un.release); exit (0); +#else + printf ("mips-dec-ultrix\n"); exit (0); +#endif +#endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o "$dummy" "$dummy.c" 2>/dev/null && SYSTEM_NAME=`"$dummy"` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. +test -d /usr/apollo && { echo "$ISP-apollo-$SYSTYPE"; exit; } + echo "$0: unable to guess system type" >&2 -case "$UNAME_MACHINE:$UNAME_SYSTEM" in +case $UNAME_MACHINE:$UNAME_SYSTEM in mips:Linux | mips64:Linux) # If we got here on MIPS GNU/Linux, output extra information. cat >&2 <&2 <&2 exit 1 ;; *local*) @@ -110,1223 +119,1165 @@ case $# in exit 1;; esac -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ - knetbsd*-gnu* | netbsd*-gnu* | netbsd*-eabi* | \ - kopensolaris*-gnu* | cloudabi*-eabi* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - android-linux) - os=-linux-android - basic_machine=`echo "$1" | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown - ;; - *) - basic_machine=`echo "$1" | sed 's/-[^-]*$//'` - if [ "$basic_machine" != "$1" ] - then os=`echo "$1" | sed 's/.*-/-/'` - else os=; fi - ;; -esac +# Split fields of configuration type +# shellcheck disable=SC2162 +saved_IFS=$IFS +IFS="-" read field1 field2 field3 field4 <&2 + exit 1 ;; - -lynx*) - os=-lynxos + *-*-*-*) + basic_machine=$field1-$field2 + basic_os=$field3-$field4 ;; - -ptx*) - basic_machine=`echo "$1" | sed -e 's/86-.*/86-sequent/'` + *-*-*) + # Ambiguous whether COMPANY is present, or skipped and KERNEL-OS is two + # parts + maybe_os=$field2-$field3 + case $maybe_os in + nto-qnx* | linux-* | uclinux-uclibc* \ + | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* \ + | netbsd*-eabi* | kopensolaris*-gnu* | cloudabi*-eabi* \ + | storm-chaos* | os2-emx* | rtmk-nova* | managarm-* \ + | windows-* ) + basic_machine=$field1 + basic_os=$maybe_os + ;; + android-linux) + basic_machine=$field1-unknown + basic_os=linux-android + ;; + *) + basic_machine=$field1-$field2 + basic_os=$field3 + ;; + esac ;; - -psos*) - os=-psos + *-*) + # A lone config we happen to match not fitting any pattern + case $field1-$field2 in + decstation-3100) + basic_machine=mips-dec + basic_os= + ;; + *-*) + # Second component is usually, but not always the OS + case $field2 in + # Prevent following clause from handling this valid os + sun*os*) + basic_machine=$field1 + basic_os=$field2 + ;; + zephyr*) + basic_machine=$field1-unknown + basic_os=$field2 + ;; + # Manufacturers + dec* | mips* | sequent* | encore* | pc533* | sgi* | sony* \ + | att* | 7300* | 3300* | delta* | motorola* | sun[234]* \ + | unicom* | ibm* | next | hp | isi* | apollo | altos* \ + | convergent* | ncr* | news | 32* | 3600* | 3100* \ + | hitachi* | c[123]* | convex* | sun | crds | omron* | dg \ + | ultra | tti* | harris | dolphin | highlevel | gould \ + | cbm | ns | masscomp | apple | axis | knuth | cray \ + | microblaze* | sim | cisco \ + | oki | wec | wrs | winbond) + basic_machine=$field1-$field2 + basic_os= + ;; + *) + basic_machine=$field1 + basic_os=$field2 + ;; + esac + ;; + esac ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint + *) + # Convert single-component short-hands not valid as part of + # multi-component configurations. + case $field1 in + 386bsd) + basic_machine=i386-pc + basic_os=bsd + ;; + a29khif) + basic_machine=a29k-amd + basic_os=udi + ;; + adobe68k) + basic_machine=m68010-adobe + basic_os=scout + ;; + alliant) + basic_machine=fx80-alliant + basic_os= + ;; + altos | altos3068) + basic_machine=m68k-altos + basic_os= + ;; + am29k) + basic_machine=a29k-none + basic_os=bsd + ;; + amdahl) + basic_machine=580-amdahl + basic_os=sysv + ;; + amiga) + basic_machine=m68k-unknown + basic_os= + ;; + amigaos | amigados) + basic_machine=m68k-unknown + basic_os=amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + basic_os=sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + basic_os=sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + basic_os=bsd + ;; + aros) + basic_machine=i386-pc + basic_os=aros + ;; + aux) + basic_machine=m68k-apple + basic_os=aux + ;; + balance) + basic_machine=ns32k-sequent + basic_os=dynix + ;; + blackfin) + basic_machine=bfin-unknown + basic_os=linux + ;; + cegcc) + basic_machine=arm-unknown + basic_os=cegcc + ;; + convex-c1) + basic_machine=c1-convex + basic_os=bsd + ;; + convex-c2) + basic_machine=c2-convex + basic_os=bsd + ;; + convex-c32) + basic_machine=c32-convex + basic_os=bsd + ;; + convex-c34) + basic_machine=c34-convex + basic_os=bsd + ;; + convex-c38) + basic_machine=c38-convex + basic_os=bsd + ;; + cray) + basic_machine=j90-cray + basic_os=unicos + ;; + crds | unos) + basic_machine=m68k-crds + basic_os= + ;; + da30) + basic_machine=m68k-da30 + basic_os= + ;; + decstation | pmax | pmin | dec3100 | decstatn) + basic_machine=mips-dec + basic_os= + ;; + delta88) + basic_machine=m88k-motorola + basic_os=sysv3 + ;; + dicos) + basic_machine=i686-pc + basic_os=dicos + ;; + djgpp) + basic_machine=i586-pc + basic_os=msdosdjgpp + ;; + ebmon29k) + basic_machine=a29k-amd + basic_os=ebmon + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + basic_os=ose + ;; + gmicro) + basic_machine=tron-gmicro + basic_os=sysv + ;; + go32) + basic_machine=i386-pc + basic_os=go32 + ;; + h8300hms) + basic_machine=h8300-hitachi + basic_os=hms + ;; + h8300xray) + basic_machine=h8300-hitachi + basic_os=xray + ;; + h8500hms) + basic_machine=h8500-hitachi + basic_os=hms + ;; + harris) + basic_machine=m88k-harris + basic_os=sysv3 + ;; + hp300 | hp300hpux) + basic_machine=m68k-hp + basic_os=hpux + ;; + hp300bsd) + basic_machine=m68k-hp + basic_os=bsd + ;; + hppaosf) + basic_machine=hppa1.1-hp + basic_os=osf + ;; + hppro) + basic_machine=hppa1.1-hp + basic_os=proelf + ;; + i386mach) + basic_machine=i386-mach + basic_os=mach + ;; + isi68 | isi) + basic_machine=m68k-isi + basic_os=sysv + ;; + m68knommu) + basic_machine=m68k-unknown + basic_os=linux + ;; + magnum | m3230) + basic_machine=mips-mips + basic_os=sysv + ;; + merlin) + basic_machine=ns32k-utek + basic_os=sysv + ;; + mingw64) + basic_machine=x86_64-pc + basic_os=mingw64 + ;; + mingw32) + basic_machine=i686-pc + basic_os=mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + basic_os=mingw32ce + ;; + monitor) + basic_machine=m68k-rom68k + basic_os=coff + ;; + morphos) + basic_machine=powerpc-unknown + basic_os=morphos + ;; + moxiebox) + basic_machine=moxie-unknown + basic_os=moxiebox + ;; + msdos) + basic_machine=i386-pc + basic_os=msdos + ;; + msys) + basic_machine=i686-pc + basic_os=msys + ;; + mvs) + basic_machine=i370-ibm + basic_os=mvs + ;; + nacl) + basic_machine=le32-unknown + basic_os=nacl + ;; + ncr3000) + basic_machine=i486-ncr + basic_os=sysv4 + ;; + netbsd386) + basic_machine=i386-pc + basic_os=netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + basic_os=linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + basic_os=newsos + ;; + news1000) + basic_machine=m68030-sony + basic_os=newsos + ;; + necv70) + basic_machine=v70-nec + basic_os=sysv + ;; + nh3000) + basic_machine=m68k-harris + basic_os=cxux + ;; + nh[45]000) + basic_machine=m88k-harris + basic_os=cxux + ;; + nindy960) + basic_machine=i960-intel + basic_os=nindy + ;; + mon960) + basic_machine=i960-intel + basic_os=mon960 + ;; + nonstopux) + basic_machine=mips-compaq + basic_os=nonstopux + ;; + os400) + basic_machine=powerpc-ibm + basic_os=os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + basic_os=ose + ;; + os68k) + basic_machine=m68k-none + basic_os=os68k + ;; + paragon) + basic_machine=i860-intel + basic_os=osf + ;; + parisc) + basic_machine=hppa-unknown + basic_os=linux + ;; + psp) + basic_machine=mipsallegrexel-sony + basic_os=psp + ;; + pw32) + basic_machine=i586-unknown + basic_os=pw32 + ;; + rdos | rdos64) + basic_machine=x86_64-pc + basic_os=rdos + ;; + rdos32) + basic_machine=i386-pc + basic_os=rdos + ;; + rom68k) + basic_machine=m68k-rom68k + basic_os=coff + ;; + sa29200) + basic_machine=a29k-amd + basic_os=udi + ;; + sei) + basic_machine=mips-sei + basic_os=seiux + ;; + sequent) + basic_machine=i386-sequent + basic_os= + ;; + sps7) + basic_machine=m68k-bull + basic_os=sysv2 + ;; + st2000) + basic_machine=m68k-tandem + basic_os= + ;; + stratus) + basic_machine=i860-stratus + basic_os=sysv4 + ;; + sun2) + basic_machine=m68000-sun + basic_os= + ;; + sun2os3) + basic_machine=m68000-sun + basic_os=sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + basic_os=sunos4 + ;; + sun3) + basic_machine=m68k-sun + basic_os= + ;; + sun3os3) + basic_machine=m68k-sun + basic_os=sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + basic_os=sunos4 + ;; + sun4) + basic_machine=sparc-sun + basic_os= + ;; + sun4os3) + basic_machine=sparc-sun + basic_os=sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + basic_os=sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + basic_os=solaris2 + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + basic_os= + ;; + sv1) + basic_machine=sv1-cray + basic_os=unicos + ;; + symmetry) + basic_machine=i386-sequent + basic_os=dynix + ;; + t3e) + basic_machine=alphaev5-cray + basic_os=unicos + ;; + t90) + basic_machine=t90-cray + basic_os=unicos + ;; + toad1) + basic_machine=pdp10-xkl + basic_os=tops20 + ;; + tpf) + basic_machine=s390x-ibm + basic_os=tpf + ;; + udi29k) + basic_machine=a29k-amd + basic_os=udi + ;; + ultra3) + basic_machine=a29k-nyu + basic_os=sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + basic_os=none + ;; + vaxv) + basic_machine=vax-dec + basic_os=sysv + ;; + vms) + basic_machine=vax-dec + basic_os=vms + ;; + vsta) + basic_machine=i386-pc + basic_os=vsta + ;; + vxworks960) + basic_machine=i960-wrs + basic_os=vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + basic_os=vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + basic_os=vxworks + ;; + xbox) + basic_machine=i686-pc + basic_os=mingw32 + ;; + ymp) + basic_machine=ymp-cray + basic_os=unicos + ;; + *) + basic_machine=$1 + basic_os= + ;; + esac ;; esac -# Decode aliases for certain CPU-COMPANY combinations. +# Decode 1-component or ad-hoc basic machines case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | aarch64 | aarch64_be \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arceb \ - | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ - | avr | avr32 \ - | ba \ - | be32 | be64 \ - | bfin \ - | c4x | c8051 | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | e2k | epiphany \ - | fido | fr30 | frv | ft32 \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | hexagon \ - | i370 | i860 | i960 | ia16 | ia64 \ - | ip2k | iq2000 \ - | k1om \ - | le32 | le64 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa32r6 | mipsisa32r6el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64r6 | mipsisa64r6el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipsr5900 | mipsr5900el \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nds32 | nds32le | nds32be \ - | nios | nios2 | nios2eb | nios2el \ - | ns16k | ns32k \ - | open8 | or1k | or1knd | or32 \ - | pdp10 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle \ - | pru \ - | pyramid \ - | riscv32 | riscv64 \ - | rl78 | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[234]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu \ - | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ - | visium \ - | wasm32 \ - | x86 | xc16x | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown - ;; - c54x) - basic_machine=tic54x-unknown - ;; - c55x) - basic_machine=tic55x-unknown - ;; - c6x) - basic_machine=tic6x-unknown - ;; - leon|leon[3-9]) - basic_machine=sparc-$basic_machine - ;; - m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) - basic_machine=$basic_machine-unknown - os=-none + # Here we handle the default manufacturer of certain CPU types. It is in + # some cases the only manufacturer, in others, it is the most popular. + w89k) + cpu=hppa1.1 + vendor=winbond ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65) + op50n) + cpu=hppa1.1 + vendor=oki ;; - ms1) - basic_machine=mt-unknown + op60c) + cpu=hppa1.1 + vendor=oki ;; - - strongarm | thumb | xscale) - basic_machine=arm-unknown + ibm*) + cpu=i370 + vendor=ibm ;; - xgate) - basic_machine=$basic_machine-unknown - os=-none + orion105) + cpu=clipper + vendor=highlevel ;; - xscaleeb) - basic_machine=armeb-unknown + mac | mpw | mac-mpw) + cpu=m68k + vendor=apple ;; - - xscaleel) - basic_machine=armel-unknown + pmac | pmac-mpw) + cpu=powerpc + vendor=apple ;; - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`"$1"\': machine \`"$basic_machine"\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | aarch64-* | aarch64_be-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | ba-* \ - | be32-* | be64-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* \ - | c8051-* | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | e2k-* | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | hexagon-* \ - | i*86-* | i860-* | i960-* | ia16-* | ia64-* \ - | ip2k-* | iq2000-* \ - | k1om-* \ - | le32-* | le64-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ - | microblaze-* | microblazeel-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa32r6-* | mipsisa32r6el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64r6-* | mipsisa64r6el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipsr5900-* | mipsr5900el-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nds32-* | nds32le-* | nds32be-* \ - | nios-* | nios2-* | nios2eb-* | nios2el-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | open8-* \ - | or1k*-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ - | pru-* \ - | pyramid-* \ - | riscv32-* | riscv64-* \ - | rl78-* | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx*-* \ - | tahoe-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile*-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ - | vax-* \ - | visium-* \ - | wasm32-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-pc - os=-bsd - ;; 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att + cpu=m68000 + vendor=att ;; 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - asmjs) - basic_machine=asmjs-unknown - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux + cpu=we32k + vendor=att ;; bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c54x-*) - basic_machine=tic54x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c55x-*) - basic_machine=tic55x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c6x-*) - basic_machine=tic6x-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16 | cr16-*) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec + cpu=powerpc + vendor=ibm + basic_os=cnk ;; decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 + cpu=pdp10 + vendor=dec + basic_os=tops10 ;; decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 + cpu=pdp10 + vendor=dec + basic_os=tops20 ;; delta | 3300 | motorola-3300 | motorola-delta \ | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx + cpu=m68k + vendor=motorola ;; dpx2*) - basic_machine=m68k-bull - os=-sysv3 - ;; - e500v[12]) - basic_machine=powerpc-unknown - os=$os"spe" - ;; - e500v[12]-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=$os"spe" - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd + cpu=m68k + vendor=bull + basic_os=sysv3 ;; encore | umax | mmax) - basic_machine=ns32k-encore + cpu=ns32k + vendor=encore ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose + elxsi) + cpu=elxsi + vendor=elxsi + basic_os=${basic_os:-bsd} ;; fx2800) - basic_machine=i860-alliant + cpu=i860 + vendor=alliant ;; genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 + cpu=ns32k + vendor=ns ;; h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 ;; hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp + cpu=hppa1.0 + vendor=hp ;; hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp + cpu=m68000 + vendor=hp ;; hp9k3[2-9][0-9]) - basic_machine=m68k-hp + cpu=m68k + vendor=hp ;; hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp + cpu=hppa1.0 + vendor=hp ;; hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k78[0-9] | hp78[0-9]) # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp + cpu=hppa1.1 + vendor=hp ;; hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm + cpu=hppa1.0 + vendor=hp ;; i*86v32) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv32 + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv32 ;; i*86v4*) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv4 + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv4 ;; i*86v) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-sysv + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=sysv ;; i*86sol2) - basic_machine=`echo "$1" | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach + cpu=`echo "$1" | sed -e 's/86.*/86/'` + vendor=pc + basic_os=solaris2 ;; - vsta) - basic_machine=i386-unknown - os=-vsta + j90 | j90-cray) + cpu=j90 + vendor=cray + basic_os=${basic_os:-unicos} ;; iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) + cpu=mips + vendor=sgi + case $basic_os in + irix*) ;; *) - os=-irix4 + basic_os=irix4 ;; esac ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - leon-*|leon[3-9]-*) - basic_machine=sparc-`echo "$basic_machine" | sed 's/-.*//'` - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze*) - basic_machine=microblaze-xilinx - ;; - mingw64) - basic_machine=x86_64-pc - os=-mingw64 - ;; - mingw32) - basic_machine=i686-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; miniframe) - basic_machine=m68000-convergent + cpu=m68000 + vendor=convergent ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo "$basic_machine" | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - moxiebox) - basic_machine=moxie-unknown - os=-moxiebox - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo "$basic_machine" | sed -e 's/ms1-/mt-/'` - ;; - msys) - basic_machine=i686-pc - os=-msys - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - nacl) - basic_machine=le32-unknown - os=-nacl - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos + *mint | mint[0-9]* | *MiNT | *MiNT[0-9]*) + cpu=m68k + vendor=atari + basic_os=mint ;; news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv + cpu=mips + vendor=sony + basic_os=newsos ;; next | m*-next) - basic_machine=m68k-next - case $os in - -nextstep* ) + cpu=m68k + vendor=next + case $basic_os in + openstep*) + ;; + nextstep*) ;; - -ns2*) - os=-nextstep2 + ns2*) + basic_os=nextstep2 ;; *) - os=-nextstep3 + basic_os=nextstep3 ;; esac ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; np1) - basic_machine=np1-gould - ;; - neo-tandem) - basic_machine=neo-tandem - ;; - nse-tandem) - basic_machine=nse-tandem - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - nsv-tandem) - basic_machine=nsv-tandem - ;; - nsx-tandem) - basic_machine=nsx-tandem + cpu=np1 + vendor=gould ;; op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k + cpu=hppa1.1 + vendor=oki + basic_os=proelf ;; pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo "$basic_machine" | sed 's/^[^-]*-//'` - os=-linux + cpu=hppa1.1 + vendor=hitachi + basic_os=hiuxwe2 ;; pbd) - basic_machine=sparc-tti + cpu=sparc + vendor=tti ;; pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc - ;; - pc98-*) - basic_machine=i386-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc + cpu=m68k + vendor=tti ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo "$basic_machine" | sed 's/^[^-]*-//'` + pc532) + cpu=ns32k + vendor=pc532 ;; pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm + cpu=pn + vendor=gould ;; - ppc | ppcbe) basic_machine=powerpc-unknown + power) + cpu=power + vendor=ibm ;; - ppc-* | ppcbe-*) - basic_machine=powerpc-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo "$basic_machine" | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown + ps2) + cpu=i386 + vendor=ibm ;; - ppc64-*) basic_machine=powerpc64-`echo "$basic_machine" | sed 's/^[^-]*-//'` + rm[46]00) + cpu=mips + vendor=siemens ;; - ppc64le | powerpc64little) - basic_machine=powerpc64le-unknown + rtpc | rtpc-*) + cpu=romp + vendor=ibm ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo "$basic_machine" | sed 's/^[^-]*-//'` + sde) + cpu=mipsisa32 + vendor=sde + basic_os=${basic_os:-elf} ;; - ps2) - basic_machine=i386-ibm + simso-wrs) + cpu=sparclite + vendor=wrs + basic_os=vxworks ;; - pw32) - basic_machine=i586-unknown - os=-pw32 + tower | tower-32) + cpu=m68k + vendor=ncr ;; - rdos | rdos64) - basic_machine=x86_64-pc - os=-rdos + vpp*|vx|vx-*) + cpu=f301 + vendor=fujitsu ;; - rdos32) - basic_machine=i386-pc - os=-rdos + w65) + cpu=w65 + vendor=wdc ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff + w89k-*) + cpu=hppa1.1 + vendor=winbond + basic_os=proelf ;; - rm[46]00) - basic_machine=mips-siemens + none) + cpu=none + vendor=none ;; - rtpc | rtpc-*) - basic_machine=romp-ibm + leon|leon[3-9]) + cpu=sparc + vendor=$basic_machine ;; - s390 | s390-*) - basic_machine=s390-ibm + leon-*|leon[3-9]-*) + cpu=sparc + vendor=`echo "$basic_machine" | sed 's/-.*//'` ;; - s390x | s390x-*) - basic_machine=s390x-ibm + + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read cpu vendor <&2 - exit 1 + # Recognize the canonical CPU types that are allowed with any + # company name. + case $cpu in + 1750a | 580 \ + | a29k \ + | aarch64 | aarch64_be | aarch64c | arm64ec \ + | abacus \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ + | alphapca5[67] | alpha64pca5[67] \ + | am33_2.0 \ + | amdgcn \ + | arc | arceb | arc32 | arc64 \ + | arm | arm[lb]e | arme[lb] | armv* \ + | avr | avr32 \ + | asmjs \ + | ba \ + | be32 | be64 \ + | bfin | bpf | bs2000 \ + | c[123]* | c30 | [cjt]90 | c4x \ + | c8051 | clipper | craynv | csky | cydra \ + | d10v | d30v | dlx | dsp16xx \ + | e2k | elxsi | epiphany \ + | f30[01] | f700 | fido | fr30 | frv | ft32 | fx80 \ + | javascript \ + | h8300 | h8500 \ + | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ + | i370 | i*86 | i860 | i960 | ia16 | ia64 \ + | ip2k | iq2000 \ + | k1om \ + | kvx \ + | le32 | le64 \ + | lm32 \ + | loongarch32 | loongarch64 \ + | m32c | m32r | m32rle \ + | m5200 | m68000 | m680[012346]0 | m68360 | m683?2 | m68k \ + | m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x \ + | m88110 | m88k | maxq | mb | mcore | mep | metag \ + | microblaze | microblazeel \ + | mips* \ + | mmix \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nds32 | nds32le | nds32be \ + | nfp \ + | nios | nios2 | nios2eb | nios2el \ + | none | np1 | ns16k | ns32k | nvptx \ + | open8 \ + | or1k* \ + | or32 \ + | orion \ + | picochip \ + | pdp10 | pdp11 | pj | pjl | pn | power \ + | powerpc | powerpc64 | powerpc64le | powerpcle | powerpcspe \ + | pru \ + | pyramid \ + | riscv | riscv32 | riscv32be | riscv64 | riscv64be \ + | rl78 | romp | rs6000 | rx \ + | s390 | s390x \ + | score \ + | sh | shl \ + | sh[1234] | sh[24]a | sh[24]ae[lb] | sh[23]e | she[lb] | sh[lb]e \ + | sh[1234]e[lb] | sh[12345][lb]e | sh[23]ele | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet \ + | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v | sv1 | sx* \ + | spu \ + | tahoe \ + | thumbv7* \ + | tic30 | tic4x | tic54x | tic55x | tic6x | tic80 \ + | tron \ + | ubicom32 \ + | v70 | v850 | v850e | v850e1 | v850es | v850e2 | v850e2v3 \ + | vax \ + | visium \ + | w65 \ + | wasm32 | wasm64 \ + | we32k \ + | x86 | x86_64 | xc16x | xgate | xps100 \ + | xstormy16 | xtensa* \ + | ymp \ + | z8k | z80) + ;; + + *) + echo "Invalid configuration '$1': machine '$cpu-$vendor' not recognized" 1>&2 + exit 1 + ;; + esac ;; esac # Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo "$basic_machine" | sed 's/digital.*/dec/'` +case $vendor in + digital*) + vendor=dec ;; - *-commodore*) - basic_machine=`echo "$basic_machine" | sed 's/commodore.*/cbm/'` + commodore*) + vendor=cbm ;; *) ;; @@ -1334,203 +1285,226 @@ esac # Decode manufacturer-specific aliases for certain operating systems. -if [ x"$os" != x"" ] +if test x"$basic_os" != x then + +# First recognize some ad-hoc cases, or perhaps split kernel-os, or else just +# set os. +obj= +case $basic_os in + gnu/linux*) + kernel=linux + os=`echo "$basic_os" | sed -e 's|gnu/linux|gnu|'` + ;; + os2-emx) + kernel=os2 + os=`echo "$basic_os" | sed -e 's|os2-emx|emx|'` + ;; + nto-qnx*) + kernel=nto + os=`echo "$basic_os" | sed -e 's|nto-qnx|qnx|'` + ;; + *-*) + # shellcheck disable=SC2162 + saved_IFS=$IFS + IFS="-" read kernel os <&2 - exit 1 + # No normalization, but not necessarily accepted, that comes below. ;; esac + else # Here we handle the default operating systems that come with various machines. @@ -1543,254 +1517,439 @@ else # will signal an error saying that MANUFACTURER isn't an operating # system, and we'll never get to this point. -case $basic_machine in +kernel= +obj= +case $cpu-$vendor in score-*) - os=-elf + os= + obj=elf ;; spu-*) - os=-elf + os= + obj=elf ;; *-acorn) - os=-riscix1.2 + os=riscix1.2 ;; arm*-rebel) - os=-linux + kernel=linux + os=gnu ;; arm*-semi) - os=-aout + os= + obj=aout ;; c4x-* | tic4x-*) - os=-coff + os= + obj=coff ;; c8051-*) - os=-elf + os= + obj=elf + ;; + clipper-intergraph) + os=clix ;; hexagon-*) - os=-elf + os= + obj=elf ;; tic54x-*) - os=-coff + os= + obj=coff ;; tic55x-*) - os=-coff + os= + obj=coff ;; tic6x-*) - os=-coff + os= + obj=coff ;; # This must come before the *-dec entry. pdp10-*) - os=-tops20 + os=tops20 ;; pdp11-*) - os=-none + os=none ;; *-dec | vax-*) - os=-ultrix4.2 + os=ultrix4.2 ;; m68*-apollo) - os=-domain + os=domain ;; i386-sun) - os=-sunos4.0.2 + os=sunos4.0.2 ;; m68000-sun) - os=-sunos3 + os=sunos3 ;; m68*-cisco) - os=-aout + os= + obj=aout ;; mep-*) - os=-elf + os= + obj=elf ;; mips*-cisco) - os=-elf + os= + obj=elf ;; mips*-*) - os=-elf + os= + obj=elf ;; or32-*) - os=-coff + os= + obj=coff ;; *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 + os=sysv3 ;; sparc-* | *-sun) - os=-sunos4.1.1 + os=sunos4.1.1 ;; pru-*) - os=-elf + os= + obj=elf ;; *-be) - os=-beos + os=beos ;; *-ibm) - os=-aix + os=aix ;; *-knuth) - os=-mmixware + os=mmixware ;; *-wec) - os=-proelf + os=proelf ;; *-winbond) - os=-proelf + os=proelf ;; *-oki) - os=-proelf + os=proelf ;; *-hp) - os=-hpux + os=hpux ;; *-hitachi) - os=-hiux + os=hiux ;; i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv + os=sysv ;; *-cbm) - os=-amigaos + os=amigaos ;; *-dg) - os=-dgux + os=dgux ;; *-dolphin) - os=-sysv3 + os=sysv3 ;; m68k-ccur) - os=-rtu + os=rtu ;; m88k-omron*) - os=-luna + os=luna ;; *-next) - os=-nextstep + os=nextstep ;; *-sequent) - os=-ptx + os=ptx ;; *-crds) - os=-unos + os=unos ;; *-ns) - os=-genix + os=genix ;; i370-*) - os=-mvs + os=mvs ;; *-gould) - os=-sysv + os=sysv ;; *-highlevel) - os=-bsd + os=bsd ;; *-encore) - os=-bsd + os=bsd ;; *-sgi) - os=-irix + os=irix ;; *-siemens) - os=-sysv4 + os=sysv4 ;; *-masscomp) - os=-rtu + os=rtu ;; f30[01]-fujitsu | f700-fujitsu) - os=-uxpv + os=uxpv ;; *-rom68k) - os=-coff + os= + obj=coff ;; *-*bug) - os=-coff + os= + obj=coff ;; *-apple) - os=-macos + os=macos ;; *-atari*) - os=-mint + os=mint + ;; + *-wrs) + os=vxworks ;; *) - os=-none + os=none ;; esac + fi +# Now, validate our (potentially fixed-up) individual pieces (OS, OBJ). + +case $os in + # Sometimes we do "kernel-libc", so those need to count as OSes. + musl* | newlib* | relibc* | uclibc*) + ;; + # Likewise for "kernel-abi" + eabi* | gnueabi*) + ;; + # VxWorks passes extra cpu info in the 4th filed. + simlinux | simwindows | spe) + ;; + # See `case $cpu-$os` validation below + ghcjs) + ;; + # Now accept the basic system types. + # The portable systems comes first. + # Each alternative MUST end in a * to match a version number. + gnu* | android* | bsd* | mach* | minix* | genix* | ultrix* | irix* \ + | *vms* | esix* | aix* | cnk* | sunos | sunos[34]* \ + | hpux* | unos* | osf* | luna* | dgux* | auroraux* | solaris* \ + | sym* | plan9* | psp* | sim* | xray* | os68k* | v88r* \ + | hiux* | abug | nacl* | netware* | windows* \ + | os9* | macos* | osx* | ios* | tvos* | watchos* \ + | mpw* | magic* | mmixware* | mon960* | lnews* \ + | amigaos* | amigados* | msdos* | newsos* | unicos* | aof* \ + | aos* | aros* | cloudabi* | sortix* | twizzler* \ + | nindy* | vxsim* | vxworks* | ebmon* | hms* | mvs* \ + | clix* | riscos* | uniplus* | iris* | isc* | rtu* | xenix* \ + | mirbsd* | netbsd* | dicos* | openedition* | ose* \ + | bitrig* | openbsd* | secbsd* | solidbsd* | libertybsd* | os108* \ + | ekkobsd* | freebsd* | riscix* | lynxos* | os400* \ + | bosx* | nextstep* | cxux* | oabi* \ + | ptx* | ecoff* | winnt* | domain* | vsta* \ + | udi* | lites* | ieee* | go32* | aux* | hcos* \ + | chorusrdb* | cegcc* | glidix* | serenity* \ + | cygwin* | msys* | moss* | proelf* | rtems* \ + | midipix* | mingw32* | mingw64* | mint* \ + | uxpv* | beos* | mpeix* | udk* | moxiebox* \ + | interix* | uwin* | mks* | rhapsody* | darwin* \ + | openstep* | oskit* | conix* | pw32* | nonstopux* \ + | storm-chaos* | tops10* | tenex* | tops20* | its* \ + | os2* | vos* | palmos* | uclinux* | nucleus* | morphos* \ + | scout* | superux* | sysv* | rtmk* | tpf* | windiss* \ + | powermax* | dnix* | nx6 | nx7 | sei* | dragonfly* \ + | skyos* | haiku* | rdos* | toppers* | drops* | es* \ + | onefs* | tirtos* | phoenix* | fuchsia* | redox* | bme* \ + | midnightbsd* | amdhsa* | unleashed* | emscripten* | wasi* \ + | nsk* | powerunix* | genode* | zvmoe* | qnx* | emx* | zephyr* \ + | fiwix* | mlibc* | cos* | mbr* ) + ;; + # This one is extra strict with allowed versions + sco3.2v2 | sco3.2v[4-9]* | sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + ;; + none) + ;; + kernel* | msvc* ) + # Restricted further below + ;; + '') + if test x"$obj" = x + then + echo "Invalid configuration '$1': Blank OS only allowed with explicit machine code file format" 1>&2 + fi + ;; + *) + echo "Invalid configuration '$1': OS '$os' not recognized" 1>&2 + exit 1 + ;; +esac + +case $obj in + aout* | coff* | elf* | pe*) + ;; + '') + # empty is fine + ;; + *) + echo "Invalid configuration '$1': Machine code format '$obj' not recognized" 1>&2 + exit 1 + ;; +esac + +# Here we handle the constraint that a (synthetic) cpu and os are +# valid only in combination with each other and nowhere else. +case $cpu-$os in + # The "javascript-unknown-ghcjs" triple is used by GHC; we + # accept it here in order to tolerate that, but reject any + # variations. + javascript-ghcjs) + ;; + javascript-* | *-ghcjs) + echo "Invalid configuration '$1': cpu '$cpu' is not valid with os '$os$obj'" 1>&2 + exit 1 + ;; +esac + +# As a final step for OS-related things, validate the OS-kernel combination +# (given a valid OS), if there is a kernel. +case $kernel-$os-$obj in + linux-gnu*- | linux-dietlibc*- | linux-android*- | linux-newlib*- \ + | linux-musl*- | linux-relibc*- | linux-uclibc*- | linux-mlibc*- ) + ;; + uclinux-uclibc*- ) + ;; + managarm-mlibc*- | managarm-kernel*- ) + ;; + windows*-msvc*-) + ;; + -dietlibc*- | -newlib*- | -musl*- | -relibc*- | -uclibc*- | -mlibc*- ) + # These are just libc implementations, not actual OSes, and thus + # require a kernel. + echo "Invalid configuration '$1': libc '$os' needs explicit kernel." 1>&2 + exit 1 + ;; + -kernel*- ) + echo "Invalid configuration '$1': '$os' needs explicit kernel." 1>&2 + exit 1 + ;; + *-kernel*- ) + echo "Invalid configuration '$1': '$kernel' does not support '$os'." 1>&2 + exit 1 + ;; + *-msvc*- ) + echo "Invalid configuration '$1': '$os' needs 'windows'." 1>&2 + exit 1 + ;; + kfreebsd*-gnu*- | kopensolaris*-gnu*-) + ;; + vxworks-simlinux- | vxworks-simwindows- | vxworks-spe-) + ;; + nto-qnx*-) + ;; + os2-emx-) + ;; + *-eabi*- | *-gnueabi*-) + ;; + none--*) + # None (no kernel, i.e. freestanding / bare metal), + # can be paired with an machine code file format + ;; + -*-) + # Blank kernel with real OS is always fine. + ;; + --*) + # Blank kernel and OS with real machine code file format is always fine. + ;; + *-*-*) + echo "Invalid configuration '$1': Kernel '$kernel' not known to work with OS '$os'." 1>&2 + exit 1 + ;; +esac + # Here we handle the case where we know the os, and the CPU type, but not the # manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) +case $vendor in + unknown) + case $cpu-$os in + *-riscix*) vendor=acorn ;; - -sunos*) + *-sunos*) vendor=sun ;; - -cnk*|-aix*) + *-cnk* | *-aix*) vendor=ibm ;; - -beos*) + *-beos*) vendor=be ;; - -hpux*) + *-hpux*) vendor=hp ;; - -mpeix*) + *-mpeix*) vendor=hp ;; - -hiux*) + *-hiux*) vendor=hitachi ;; - -unos*) + *-unos*) vendor=crds ;; - -dgux*) + *-dgux*) vendor=dg ;; - -luna*) + *-luna*) vendor=omron ;; - -genix*) + *-genix*) vendor=ns ;; - -mvs* | -opened*) + *-clix*) + vendor=intergraph + ;; + *-mvs* | *-opened*) + vendor=ibm + ;; + *-os400*) vendor=ibm ;; - -os400*) + s390-* | s390x-*) vendor=ibm ;; - -ptx*) + *-ptx*) vendor=sequent ;; - -tpf*) + *-tpf*) vendor=ibm ;; - -vxsim* | -vxworks* | -windiss*) + *-vxsim* | *-vxworks* | *-windiss*) vendor=wrs ;; - -aux*) + *-aux*) vendor=apple ;; - -hms*) + *-hms*) vendor=hitachi ;; - -mpw* | -macos*) + *-mpw* | *-macos*) vendor=apple ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + *-*mint | *-mint[0-9]* | *-*MiNT | *-MiNT[0-9]*) vendor=atari ;; - -vos*) + *-vos*) vendor=stratus ;; esac - basic_machine=`echo "$basic_machine" | sed "s/unknown/$vendor/"` ;; esac -echo "$basic_machine$os" +echo "$cpu-$vendor${kernel:+-$kernel}${os:+-$os}${obj:+-$obj}" exit # Local variables: diff --git a/configure.ng b/configure.ng index a3855dbe..0dccfbc5 100644 --- a/configure.ng +++ b/configure.ng @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -23,13 +23,13 @@ m4_ifdef([AM_SILENT_RULES], # -- Initialisation -- AC_PREREQ([2.61]) -AC_INIT([ngIRCd],[VERSION_ID],[ngircd-ml@ngircd.barton.de],[ngircd],[http://ngircd.barton.de/]) +AC_INIT([ngIRCd],[VERSION_ID],[ngircd@lists.barton.de],[ngircd],[https://ngircd.barton.de/]) AC_CONFIG_SRCDIR([src/ngircd/ngircd.c]) AC_CONFIG_HEADER([src/config.h]) AC_CANONICAL_HOST -AM_INIT_AUTOMAKE([-Wall 1.10 ]ng_color_tests) +AM_INIT_AUTOMAKE([-Wall 1.10 foreign ]ng_color_tests) m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) @@ -101,6 +101,7 @@ AC_DEFUN([WORKING_GETADDRINFO],[ #include #include #include +#include int main(int argc, char **argv) { @@ -124,6 +125,20 @@ main(int argc, char **argv) ]) ]) +AC_DEFUN([GCC_W_NO_FORMAT_TRUNC],[ + result=yes + AC_MSG_CHECKING([whether ${CC} accepts -Wno-format-truncation]) + old_cflags="$CFLAGS" + CFLAGS="$CFLAGS -Werror -Wno-format-truncation" + AC_LINK_IFELSE([AC_LANG_PROGRAM([],[])],[],[result=no]) + echo $result + if test "X$result" = "Xyes"; then + CFLAGS="$old_cflags -Wno-format-truncation" + else + CFLAGS="$old_cflags" + fi +]) + # -- Hard coded system and compiler dependencies/features/options ... -- if test "$GCC" = "yes"; then @@ -131,6 +146,7 @@ if test "$GCC" = "yes"; then CFLAGS="$CFLAGS -pipe -W -Wall -Wpointer-arith -Wstrict-prototypes" GCC_STACK_PROTECT_CC + GCC_W_NO_FORMAT_TRUNC fi case "$host_os" in @@ -176,6 +192,8 @@ AC_CHECK_HEADERS_ONCE([ \ stdbool.h \ stddef.h \ stdint.h \ + sys/resource.h \ + sys/un.h \ varargs.h \ ]) @@ -258,6 +276,7 @@ AC_CHECK_FUNCS_ONCE([ getnameinfo \ inet_aton \ setgroups \ + setrlimit \ sigaction \ sigprocmask \ snprintf \ @@ -506,6 +525,8 @@ if test "$x_ssl_openssl" = "yes"; then x_ssl_lib=openssl fi +AM_CONDITIONAL(HAVE_SSL, [test $x_ssl_lib != "no"]) + # use TCP wrappers? x_tcpwrap_on=no @@ -636,18 +657,24 @@ if test "$x_ircplus_on" = "yes"; then fi # enable support for IPv6? -x_ipv6_on=no + +x_ipv6_on=yes AC_ARG_ENABLE(ipv6, - AS_HELP_STRING([--enable-ipv6], - [enable IPv6 protocol support]), - if test "$enableval" = "yes"; then x_ipv6_on=yes; fi + AS_HELP_STRING([--disable-ipv6], + [disable IPv6 protocol support (autodetected by default)]), + [ if test "$enableval" = "no"; then + x_ipv6_on=no + else + AC_CHECK_FUNCS( + [getaddrinfo getnameinfo],, + AC_MSG_ERROR([required function missing for IPv6 support!]) + ) + fi + ], + [ AC_CHECK_FUNCS([getaddrinfo getnameinfo],, x_ipv6_on=no) + ] ) if test "$x_ipv6_on" = "yes"; then - # getaddrinfo() and getnameinfo() are optional when not compiling - # with IPv6 support, but are required for IPv6 to work! - AC_CHECK_FUNCS([ \ - getaddrinfo getnameinfo \ - ],,AC_MSG_ERROR([required function missing for IPv6 support!])) AC_DEFINE(WANT_IPV6, 1) fi @@ -706,9 +733,6 @@ test -n "$LIBS_END" && LIBS="$LIBS $LIBS_END" AC_CONFIG_FILES([ \ Makefile \ contrib/Debian/Makefile \ - contrib/MacOSX/Makefile \ - contrib/MacOSX/ngIRCd.pmdoc/Makefile \ - contrib/MacOSX/ngIRCd.xcodeproj/Makefile \ contrib/Makefile \ doc/Makefile \ doc/src/Makefile \ diff --git a/contrib/Debian/.gitignore b/contrib/Debian/.gitignore index 73c000d9..2b352d45 100644 --- a/contrib/Debian/.gitignore +++ b/contrib/Debian/.gitignore @@ -1,16 +1,7 @@ *.log *.debhelper *.substvars +debhelper-build-stamp files ngircd/ -ngircd-full/ ngircd.service -ngircd-full.default -ngircd-full.init -ngircd-full.postinst -ngircd-full.service -ngircd-full-dbg/ -ngircd-full-dbg.default -ngircd-full-dbg.init -ngircd-full-dbg.postinst -ngircd-full-dbg.service diff --git a/contrib/Debian/Makefile.am b/contrib/Debian/Makefile.am index 2cd5277c..bbc715ff 100644 --- a/contrib/Debian/Makefile.am +++ b/contrib/Debian/Makefile.am @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2017 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -9,22 +9,22 @@ # Please read the file COPYING, README and AUTHORS for more information. # -EXTRA_DIST = rules changelog compat control copyright \ - ngircd.init ngircd.default ngircd.pam ngircd.postinst \ +EXTRA_DIST = \ + changelog \ + control \ + copyright \ + ngircd.default \ + ngircd.pam \ + rules \ + watch \ source/format maintainer-clean-local: rm -f Makefile Makefile.in clean-local: - rm -f ngircd.postinst.debhelper ngircd.postrm.debhelper \ - ngircd.prerm.debhelper ngircd.substvars - rm -f ngircd-full.postinst.debhelper ngircd-full.postrm.debhelper \ - ngircd-full.prerm.debhelper ngircd-full.substvars - rm -f ngircd-full-dbg.postinst.debhelper \ - ngircd-full-dbg.postrm.debhelper ngircd-full-dbg.prerm.debhelper \ - ngircd-full-dbg.substvars - rm -rf ngircd ngircd-full ngircd-full-dbg - rm -f files + rm -f *.log *.debhelper *.substvars + rm -f debhelper-build-stamp files ngircd.service + rm -rf .debhelper/ ngircd/ # -eof- diff --git a/contrib/Debian/changelog b/contrib/Debian/changelog index bd88c26a..3d008ed3 100644 --- a/contrib/Debian/changelog +++ b/contrib/Debian/changelog @@ -1,3 +1,39 @@ +ngircd (27-0ab1) unstable; urgency=medium + + * New "upstream" release: ngIRCd 27. + + -- Alexander Barton Fri, 26 Apr 2024 16:52:14 +0200 + +ngircd (27~rc1-0ab1) unstable; urgency=medium + + * New "upstream" release candidate 1 for ngIRCd Release 27. + + -- Alexander Barton Sat, 13 Apr 2024 12:26:35 +0200 + +ngircd (26.1-0ab1) unstable; urgency=medium + + * New "upstream" release: ngIRCd 26.1. + + -- Alexander Barton Sat, 02 Jan 2021 14:31:51 +0100 + +ngircd (26-0ab1) unstable; urgency=medium + + * New "upstream" release: ngIRCd 26. + + -- Alexander Barton Sat, 20 Jun 2020 15:26:46 +0200 + +ngircd (26~rc2-0ab1) unstable; urgency=low + + * New "upstream" release candidate 2 for ngIRCd Release 26. + + -- Alexander Barton Thu, 11 Jun 2020 17:21:17 +0200 + +ngircd (26~rc1-0ab1) unstable; urgency=low + + * New "upstream" release candidate 1 for ngIRCd Release 26. + + -- Alexander Barton Sun, 10 May 2020 17:13:17 +0200 + ngircd (25-0ab1) unstable; urgency=low * New "upstream" release: ngIRCd 25. diff --git a/contrib/Debian/compat b/contrib/Debian/compat deleted file mode 100644 index ec635144..00000000 --- a/contrib/Debian/compat +++ /dev/null @@ -1 +0,0 @@ -9 diff --git a/contrib/Debian/control b/contrib/Debian/control index 82e506c1..e05ae647 100644 --- a/contrib/Debian/control +++ b/contrib/Debian/control @@ -2,65 +2,45 @@ Source: ngircd Section: net Priority: optional Maintainer: Alexander Barton -Build-Depends: debhelper (>> 9.0.0), - autotools-dev, - dh-systemd (>= 1.5), - expect, - libident-dev, - libpam0g-dev, - libssl-dev, - libwrap0-dev, - libz-dev, - telnet | telnet-ssl, -Standards-Version: 3.9.1 +Rules-Requires-Root: binary-targets +Build-Depends: debhelper-compat (= 13), + expect, + libident-dev, + libpam0g-dev, + libssl-dev, + libz-dev, + openssl, + procps, + telnet | telnet-ssl, +Standards-Version: 4.6.2 +Homepage: https://ngircd.barton.de +Vcs-Browser: https://github.com/ngircd/ngircd +Vcs-Git: https://github.com/ngircd/ngircd.git Package: ngircd Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} -Provides: ircd -Description: lightweight Internet Relay Chat server - This package provides ngIRCd, a portable and lightweight Internet Relay - Chat server for small or private networks, developed under the GNU - General Public License (GPL). It is simple to configure, can cope with - dynamic IP addresses, and supports IPv6 as well as SSL. It is written - from scratch and not based on the original IRCd. +Depends: + ${shlibs:Depends}, + ${misc:Depends}, +Conflicts: + ircd, +Provides: + ircd, +Description: lightweight Internet Relay Chat (IRC) server + ngIRCd is a free, portable and lightweight Internet Relay Chat (IRC) server + for small or private networks, developed under the terms of the GNU General + Public License (GPL). . - This package contains the "standard distribution", including support for - syslog logging and compressed server-links using zlib. Please have a look - at the "ngircd-full" package if you need advanced functionality like support - for IPv6 or SSL. - -Package: ngircd-full -Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} -Provides: ircd -Conflicts: ngircd, ngircd-dbg -Description: lightweight Internet Relay Chat server - This package provides ngIRCd, a portable and lightweight Internet Relay - Chat server for small or private networks, developed under the GNU - General Public License (GPL). It is simple to configure, can cope with - dynamic IP addresses, and supports IPv6 as well as SSL. It is written - from scratch and not based on the original IRCd. - . - In addition to the features of the "standard package", this package - includes support for TCP wrappers, IDENT requests, the IPv6 protocol and - SSL encrypted client and server links. - -Package: ngircd-full-dbg -Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} -Provides: ircd -Conflicts: ngircd, ngircd-full -Description: lightweight Internet Relay Chat server - This package provides ngIRCd, a portable and lightweight Internet Relay - Chat server for small or private networks, developed under the GNU - General Public License (GPL). It is simple to configure, can cope with - dynamic IP addresses, and supports IPv6 as well as SSL. It is written - from scratch and not based on the original IRCd. + The server is quite easy to configure and runs as a single-node server or can + be part of a network of ngIRCd servers in a LAN or across the internet. It + optionally supports the IPv6 protocol, SSL/TLS-protected client-server and + server-server links, the Pluggable Authentication Modules (PAM) system for + user authentication, IDENT requests, and character set conversion for legacy + clients. . - In addition to the features of the "standard package", this package - includes support for TCP wrappers, IDENT requests, the IPv6 protocol and - SSL encrypted client and server links. + The name ngIRCd stands for next-generation IRC daemon, which is a little bit + exaggerated: lightweight Internet Relay Chat server most probably would have + been a better name :-) . - And in addition to the "full" variant, the binaries contained in this - package are build with debug code and contain debug symbols. + This package is built with support for all optional features and uses the + OpenSSL library for SSL/TLS support. diff --git a/contrib/Debian/copyright b/contrib/Debian/copyright index 3c92f7c4..4b39bfa9 100644 --- a/contrib/Debian/copyright +++ b/contrib/Debian/copyright @@ -1,13 +1,58 @@ -This package was debianized by Alexander Barton on -Tue, 20 May 2003 15:47:40 +0200. +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Source: https://ngircd.barton.de +Upstream-Name: ngircd +Upstream-Contact: ngIRCd Mailing List -It was downloaded from ftp://Arthur.Ath.CX/pub/Users/alex/ngircd/ +Files: + * +Copyright: + 2001-2024 Alexander Barton and Contributors. +License: GPL-2.0+ +Comment: + See /usr/share/doc/ngircd/AUTHORS.md for the full list of authors and + contributors. -Upstream Author: Alexander Barton +Files: + contrib/de.barton.ngircd.metainfo.xml +Copyright: + 2001-2024 Alexander Barton and Contributors. +License: MIT +Comment: + See /usr/share/doc/ngircd/AUTHORS.md for the full list of authors and + contributors. -This software is copyright (c) 1999-2003 by Alexander Barton. +License: GPL-2.0+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see +Comment: + On Debian systems, the complete text of the GNU General + Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". -You are free to distribute this software under the terms of the -GNU General Public License. -On Debian systems, the complete text of the GNU General Public -License can be found in /usr/share/common-licenses/GPL file. +License: MIT + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to + deal in the Software without restriction, including without limitation the + rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + sell copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + . + The above copyright notice and this permission notice shall be included in + all copies or substantial portions of the Software. + . + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + IN THE SOFTWARE. diff --git a/contrib/Debian/ngircd.default b/contrib/Debian/ngircd.default index add278f9..062d3766 100644 --- a/contrib/Debian/ngircd.default +++ b/contrib/Debian/ngircd.default @@ -1,10 +1,7 @@ # -# Defaults for ngIRCd start and stop script +# Defaults for the ngIRCd daemon # # Parameters to pass to the ngircd daemon on startup, see ngircd(8) for # possible options (default: empty). - PARAMS="" - -# -eof- diff --git a/contrib/Debian/ngircd.init b/contrib/Debian/ngircd.init deleted file mode 100755 index 8127e8fd..00000000 --- a/contrib/Debian/ngircd.init +++ /dev/null @@ -1,176 +0,0 @@ -#!/bin/sh -# -# ngIRCd start and stop script for Debian-based systems -# Copyright 2008-2015 Alexander Barton -# - -### BEGIN INIT INFO -# Provides: ngircd -# Required-Start: $network $remote_fs -# Required-Stop: $network $remote_fs -# Should-Start: $syslog $named -# Should-Stop: $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Next Generation IRC Server -# Description: IRC daemon written from scratch -### END INIT INFO - -PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin -DAEMON=/usr/sbin/ngircd -NAME=ngIRCd -DESC="IRC daemon" -PARAMS="" -STARTTIME=1 -DIETIME=10 - -test -h "$0" && me=`readlink $0` || me="$0" -BASENAME=`basename $me` - -test -r /etc/default/$BASENAME && . /etc/default/$BASENAME - -test -x $DAEMON || exit 5 - -# LSB compatibility functions that become used if there is no local -# include file available. -log_daemon_msg() { - echo -n "$*" -} -log_end_msg() { - [ "$1" = "0" ] && echo "." || echo " failed!" -} -log_failure_msg() { - echo "$*" -} -log_warning_msg() { - log_failure_msg "$*" -} - -# Include LSB functions, if available: -test -r /lib/lsb/init-functions && . /lib/lsb/init-functions - -PIDFILE=`$DAEMON $PARAMS -t | tr -d ' ' | grep "^PidFile=" | cut -d'=' -f2` -[ -n "$PIDFILE" ] || PIDFILE="/var/run/ircd/ngircd.pid" - -r=3 - -Check_Config() -{ - # Make sure that the configuration of ngIRCd is valid: - $DAEMON $PARAMS --configtest >/dev/null 2>&1 - [ $? -eq 0 ] && return 0 - log_end_msg 1 - log_failure_msg "Configuration of $NAME is not valid, won't (re)start!" - log_failure_msg "Run \"$DAEMON --configtest\" and fix it up ..." - exit 6 -} - -Prepare() { - # Make sure the PID file directory exists and is writable: - user=`$DAEMON $PARAMS -t|tr -d ' '|grep "^ServerUID="|cut -d'=' -f2` - group=`$DAEMON $PARAMS -t|tr -d ' '|grep "^ServerGID="|cut -d'=' -f2` - piddir=`dirname "$PIDFILE"` - [ -d "$piddir" ] || mkdir -p "$piddir" 2>/dev/null - chown "$user:$group" "$piddir" 2>/dev/null - [ $? -eq 0 ] && return 0 - log_end_msg 1 - log_failure_msg "Failed to prepare '$piddir' for user '$user'!" - exit 1 -} - -Do_Start() { - if Do_Status; then - log_end_msg 0 - log_warning_msg "$NAME seems to be already running, nothing to do." - exit 0 - fi - rm -f "$PIDFILE" - start-stop-daemon --start \ - --quiet --exec $DAEMON -- $PARAMS - sleep $STARTTIME - Do_Status || return 7 - return 0 -} - -Do_Stop() { - if ! Do_Status; then - log_end_msg 0 - log_warning_msg "$NAME seems not to be running, nothing to do." - exit 0 - fi - Do_ForceStop - return $? -} - -Do_ForceStop() { - [ -e $PIDFILE ] \ - && pidfile="--pidfile $PIDFILE" \ - || pidfile="" - start-stop-daemon --stop \ - --quiet --oknodo --exec $DAEMON $pidfile - for i in `seq 1 $DIETIME`; do - Do_Status || return 0 - sleep 1 - done - return 1 -} - -Do_Reload() { - start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON - return $? -} - -Do_Status() { - [ -e $PIDFILE ] \ - && pidfile="--pidfile $PIDFILE" \ - || pidfile="" - start-stop-daemon --stop \ - --quiet --signal 0 --exec $DAEMON $pidfile >/dev/null - return $? -} - -case "$1" in - start) - log_daemon_msg "Starting $DESC" "$NAME" - Check_Config - Prepare - Do_Start; r=$? - log_end_msg $r - ;; - stop) - log_daemon_msg "Stopping $DESC" "$NAME" - Do_Stop; r=$? - log_end_msg $r - ;; - reload|force-reload) - log_daemon_msg "Reloading $DESC" "$NAME" - Check_Config - Do_Reload; r=$? - log_end_msg $r - ;; - restart) - log_daemon_msg "Restarting $DESC" "$NAME" - Check_Config - Prepare - Do_ForceStop - Do_Start; r=$? - log_end_msg $r - ;; - status) - log_daemon_msg "Checking for $DESC" "$NAME" - Do_Status; r=$? - log_end_msg $r - ;; - test) - Check_Config - echo "Configuration of $DAEMON seems to be ok."; r=0 - ;; - *) - N=/etc/init.d/$NAME; r=2 - echo "Usage: $N {start|stop|restart|reload|force-reload|status|test}" >&2 - ;; -esac - -exit $r - -# -eof- diff --git a/contrib/Debian/ngircd.pam b/contrib/Debian/ngircd.pam index 4468e56d..9d2f6d51 100644 --- a/contrib/Debian/ngircd.pam +++ b/contrib/Debian/ngircd.pam @@ -1,4 +1,10 @@ # /etc/pam.d/ngircd -# allow all connections to ngIRCd -auth required pam_permit.so +# You have to adjust this configuration to your local setup and needs. Keep in +# mind that all PAM modules are run with the privileges of the user account the +# ngIRCd daemon runs as ("irc" by default, not root!), so you can't use PAM +# modules requiring root privileges (like pam_unix, for example)! + +# Log and deny all connections to ngIRCd: +auth required pam_warn.so +auth required pam_deny.so diff --git a/contrib/Debian/ngircd.postinst b/contrib/Debian/ngircd.postinst deleted file mode 100755 index f6e3c4f7..00000000 --- a/contrib/Debian/ngircd.postinst +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/sh -# -# Debian post-installation script -# - -set -e - -case "$1" in - configure) - if [ -f /etc/ngircd/ngircd.conf ]; then - # make sure that the configuration file is not - # world-readable, it contains passwords! - chmod o= /etc/ngircd/ngircd.conf - chgrp irc /etc/ngircd/ngircd.conf - fi - ;; -esac - -#DEBHELPER# - -# -eof- diff --git a/contrib/Debian/rules b/contrib/Debian/rules index cdc1225b..561f765c 100755 --- a/contrib/Debian/rules +++ b/contrib/Debian/rules @@ -1,238 +1,72 @@ #!/usr/bin/make -f -# -# ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2016 Alexander Barton (alex@barton.de) and Contributors -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# Please read the file COPYING, README and AUTHORS for more information. -# -# debian/rules for ngIRCd -# -# Based on the sample debian/rules that uses debhelper, -# GNU copyright 1997 to 1999 by Joey Hess. -# -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 - -# These are used for cross-compiling and for saving the configure script -# from having to guess our platform (since we know it already) -DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) -DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) - -CFLAGS = -Wall -g - -ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) - CFLAGS += -O0 -else - CFLAGS += -O2 -endif -ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) - INSTALL_PROGRAM += -s -endif - -configure-ngircd: configure - dh_testdir - - # configure "standard" variant: - ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ - --prefix=/usr \ - --sysconfdir=/etc/ngircd \ - --mandir=\$${prefix}/share/man \ - --docdir=\$${prefix}/share/doc/ngircd \ - --with-syslog --with-zlib - -configure-ngircd-full: configure - dh_testdir - - # configure "full" variant: - ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ - --prefix=/usr \ - --sysconfdir=/etc/ngircd \ - --mandir=\$${prefix}/share/man \ - --docdir=\$${prefix}/share/doc/ngircd-full \ - --with-syslog --with-zlib \ - --with-openssl --with-iconv --with-ident --with-tcp-wrappers \ - --with-pam \ - --enable-ipv6 - -configure-ngircd-full-dbg: configure - dh_testdir - - # configure "full debug" variant: - ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ - --prefix=/usr \ - --sysconfdir=/etc/ngircd \ - --mandir=\$${prefix}/share/man \ - --docdir=\$${prefix}/share/doc/ngircd-full-dbg \ - --enable-debug --enable-sniffer \ - --with-syslog --with-zlib \ - --with-openssl --with-iconv --with-ident --with-tcp-wrappers \ - --with-pam \ - --enable-ipv6 - -build: - dh_prep - -build-ngircd: build-stamp-ngircd -build-stamp-ngircd: configure-ngircd - dh_testdir - rm -f build-stamp-* - - # Add here commands to compile the "standard" package: - $(MAKE) - - touch build-stamp-ngircd - -build-ngircd-full: build-stamp-ngircd-full -build-stamp-ngircd-full: configure-ngircd-full - dh_testdir - rm -f build-stamp-* - - # Add here commands to compile the "full" package: - $(MAKE) - - touch build-stamp-ngircd-full - -build-ngircd-full-dbg: build-stamp-ngircd-full-dbg -build-stamp-ngircd-full-dbg: configure-ngircd-full-dbg - dh_testdir - rm -f build-stamp-* - - # Add here commands to compile the "full debug" package: - $(MAKE) - - touch build-stamp-ngircd-full - -clean: - dh_testdir - dh_testroot - rm -f build-stamp* - rm -f $(CURDIR)/debian/ngircd.service - rm -f $(CURDIR)/debian/ngircd-full.default - rm -f $(CURDIR)/debian/ngircd-full.init - rm -f $(CURDIR)/debian/ngircd-full.postinst - rm -f $(CURDIR)/debian/ngircd-full.service - rm -f $(CURDIR)/debian/ngircd-full-dbg.default - rm -f $(CURDIR)/debian/ngircd-full-dbg.postinst - rm -f $(CURDIR)/debian/ngircd-full-dbg.init - rm -f $(CURDIR)/debian/ngircd-full-dbg.service - - # Add here commands to clean up after the build process: - [ ! -f Makefile ] || $(MAKE) distclean - -ifneq "$(wildcard /usr/share/misc/config.sub)" "" - cp -f /usr/share/misc/config.sub config.sub -endif -ifneq "$(wildcard /usr/share/misc/config.guess)" "" - cp -f /usr/share/misc/config.guess config.guess -endif - dh_clean - -install: install-ngircd install-ngircd-full install-ngircd-full-dbg - -install-ngircd: build-ngircd - dh_testdir - dh_testroot - dh_installdirs - - # Add here commands to install the "standard" package into debian/ngircd: - $(MAKE) install DESTDIR=$(CURDIR)/debian/ngircd - rm $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/INSTALL* - rm $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/COPYING* - cat $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/sample-ngircd.conf | \ - sed -e "s|;ServerUID = 65534|ServerUID = irc|g" | \ - sed -e "s|;ServerGID = 65534|ServerGID = irc|g" | \ - sed -e "s|;PidFile = /var/run/ngircd/ngircd.pid|PidFile = /var/run/ircd/ngircd.pid|g" \ - >$(CURDIR)/debian/ngircd/etc/ngircd/ngircd.conf - touch $(CURDIR)/debian/ngircd/etc/ngircd/ngircd.motd - -install-ngircd-full: build-ngircd-full - dh_testdir - dh_testroot - dh_installdirs - - # Add here commands to install the "full" package into debian/ngircd-full: - $(MAKE) install DESTDIR=$(CURDIR)/debian/ngircd-full - rm $(CURDIR)/debian/ngircd-full/usr/share/doc/ngircd-full/INSTALL* - rm $(CURDIR)/debian/ngircd-full/usr/share/doc/ngircd-full/COPYING* - cat $(CURDIR)/debian/ngircd-full/usr/share/doc/ngircd-full/sample-ngircd.conf | \ - sed -e "s|;ServerUID = 65534|ServerUID = irc|g" | \ - sed -e "s|;ServerGID = 65534|ServerGID = irc|g" | \ - sed -e "s|;PidFile = /var/run/ngircd/ngircd.pid|PidFile = /var/run/ircd/ngircd.pid|g" \ - >$(CURDIR)/debian/ngircd-full/etc/ngircd/ngircd.conf - touch $(CURDIR)/debian/ngircd-full/etc/ngircd/ngircd.motd - mkdir -p $(CURDIR)/debian/ngircd-full/etc/pam.d - cp $(CURDIR)/debian/ngircd.pam $(CURDIR)/debian/ngircd-full/etc/pam.d/ngircd - -install-ngircd-full-dbg: build-ngircd-full-dbg - dh_testdir - dh_testroot - dh_installdirs - - # Add here commands to install the "full" package into debian/ngircd-full: - $(MAKE) install DESTDIR=$(CURDIR)/debian/ngircd-full-dbg - rm $(CURDIR)/debian/ngircd-full-dbg/usr/share/doc/ngircd-full-dbg/INSTALL* - rm $(CURDIR)/debian/ngircd-full-dbg/usr/share/doc/ngircd-full-dbg/COPYING* - cat $(CURDIR)/debian/ngircd-full-dbg/usr/share/doc/ngircd-full-dbg/sample-ngircd.conf | \ - sed -e "s|;ServerUID = 65534|ServerUID = irc|g" | \ - sed -e "s|;ServerGID = 65534|ServerGID = irc|g" | \ - sed -e "s|;PidFile = /var/run/ngircd/ngircd.pid|PidFile = /var/run/ircd/ngircd.pid|g" \ - >$(CURDIR)/debian/ngircd-full-dbg/etc/ngircd/ngircd.conf - touch $(CURDIR)/debian/ngircd-full-dbg/etc/ngircd/ngircd.motd - mkdir -p $(CURDIR)/debian/ngircd-full-dbg/etc/pam.d - cp $(CURDIR)/debian/ngircd.pam $(CURDIR)/debian/ngircd-full-dbg/etc/pam.d/ngircd - -# Build architecture-independent files here. -binary-indep: - # We have nothing to do by default. - -# Build architecture-dependent files here. -binary-arch: build install - ln -s $(CURDIR)/contrib/ngircd.service \ - $(CURDIR)/debian/ngircd.service - - ln -s $(CURDIR)/debian/ngircd.default \ - $(CURDIR)/debian/ngircd-full.default - ln -s $(CURDIR)/debian/ngircd.init \ - $(CURDIR)/debian/ngircd-full.init - ln -s $(CURDIR)/debian/ngircd.postinst \ - $(CURDIR)/debian/ngircd-full.postinst - cp $(CURDIR)/contrib/ngircd.service \ - $(CURDIR)/debian/ngircd-full.service - echo "Alias=ngircd.service" >>$(CURDIR)/debian/ngircd-full.service - - ln -s $(CURDIR)/debian/ngircd.default \ - $(CURDIR)/debian/ngircd-full-dbg.default - ln -s $(CURDIR)/debian/ngircd.init \ - $(CURDIR)/debian/ngircd-full-dbg.init - ln -s $(CURDIR)/debian/ngircd.postinst \ - $(CURDIR)/debian/ngircd-full-dbg.postinst - cp $(CURDIR)/contrib/ngircd.service \ - $(CURDIR)/debian/ngircd-full-dbg.service - echo "Alias=ngircd.service" >>$(CURDIR)/debian/ngircd-full-dbg.service - - dh_testdir - dh_testroot - dh_installchangelogs -a -A ChangeLog - dh_installdocs -a - dh_systemd_enable -a - dh_installinit -a - dh_systemd_start -a - dh_strip -a --no-package=ngircd-full-dbg - dh_compress -a -XCommands.txt - dh_fixperms -a - dh_installdeb -a - dh_shlibdeps -a - dh_gencontrol -a - dh_md5sums -a - dh_builddeb -a - -binary: binary-indep binary-arch - -.PHONY: build clean binary-indep binary-arch binary install - -# -eof- +# See FEATURE AREAS in dpkg-buildflags(1). +export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +%: + dh $@ + +# Disable dh_autoreconf since we are using de-ANSI-fication which was removed +# from automake a while ago. See . +override_dh_autoreconf: + +override_dh_auto_configure: + dh_auto_configure -- \ + --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) \ + --prefix=/usr \ + --mandir=\$${prefix}/share/man \ + --sysconfdir=/etc/ngircd \ + --with-iconv \ + --with-ident \ + --with-openssl \ + --with-pam \ + --with-syslog \ + --with-zlib + +execute_before_dh_auto_install: + ln -fs $(CURDIR)/contrib/ngircd.service $(CURDIR)/debian/ngircd.service + +execute_after_dh_auto_install: +# Generate the default ngircd.conf: + install -o root -g irc -m 0640 -D /dev/null \ + $(CURDIR)/debian/ngircd/etc/ngircd/ngircd.conf + sed \ + -e "s|;ServerUID = 65534|ServerUID = irc|g" \ + -e "s|;ServerGID = 65534|ServerGID = irc|g" \ + -e "s|;PidFile = /var/run/ngircd/ngircd.pid|PidFile = /run/ircd/ngircd.pid|g" \ + -e "s|;PAM = yes|PAM = no|g" \ + -e "s|;\[SSL\]|[SSL]|g" \ + -e "s|;CAFile = /etc/ssl/CA/cacert.pem|CAFile = /etc/ssl/certs/ca-certificates.crt|g" \ + $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/sample-ngircd.conf \ + >>$(CURDIR)/debian/ngircd/etc/ngircd/ngircd.conf + +# Create drop-in configuration directory: + install -o root -g irc -m 0750 -d \ + $(CURDIR)/debian/ngircd/etc/ngircd/ngircd.conf.d + +# Install an empty MOTD file. + install -o root -g irc -m 0640 -D /dev/null \ + $(CURDIR)/debian/ngircd/etc/ngircd/ngircd.motd + +# Install the logcheck(8) configuration. + install -o root -g root -m 0644 -D \ + $(CURDIR)/contrib/ngircd.logcheck \ + $(CURDIR)/debian/ngircd/etc/logcheck/ignore.d.paranoid/ngircd + +# Install the fail2ban configuration. + install -o root -g root -m 0644 -D \ + $(CURDIR)/contrib/ngircd-fail2ban.conf \ + $(CURDIR)/debian/ngircd/etc/fail2ban/filter.d/ngircd.conf + +# Make lintian happy :-) + rm $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/COPYING + mv $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/ChangeLog \ + $(CURDIR)/debian/ngircd/usr/share/doc/ngircd/changelog + +override_dh_fixperms: +# Preserve the permissions of files installed in /etc/ngircd! + dh_fixperms -X/etc/ngircd + +override_dh_compress: +# The Commands.txt file is read by the daemon, don't compress it! + dh_compress -XCommands.txt diff --git a/contrib/Debian/source/format b/contrib/Debian/source/format index d3827e75..163aaf8d 100644 --- a/contrib/Debian/source/format +++ b/contrib/Debian/source/format @@ -1 +1 @@ -1.0 +3.0 (quilt) diff --git a/contrib/Debian/watch b/contrib/Debian/watch new file mode 100644 index 00000000..7943e691 --- /dev/null +++ b/contrib/Debian/watch @@ -0,0 +1,10 @@ +# Watch control file for uscan. +# See uscan(1) for format. + +# Compulsory line, this is a version 4 file. +version=4 + +# PGP signature mangle, so foo.tar.gz has foo.tar.gz.sig. +opts="pgpsigurlmangle=s%$%.sig%" + +https://arthur.barton.de/pub/@PACKAGE@/@PACKAGE@-([0-9\.]+)@ARCHIVE_EXT@ diff --git a/contrib/Dockerfile b/contrib/Dockerfile new file mode 100644 index 00000000..33eab278 --- /dev/null +++ b/contrib/Dockerfile @@ -0,0 +1,62 @@ +# ngIRCd -- The Next Generation IRC Daemon +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors + +# Build Container + +FROM docker.io/library/debian:stable-slim AS build +USER root +RUN apt-get -y update \ + && apt-get -y install --no-install-recommends \ + autoconf \ + automake \ + build-essential \ + expect \ + gawk \ + git \ + libgnutls28-dev \ + libident-dev \ + libpam0g-dev \ + openssl \ + pkg-config \ + telnet \ + zlib1g-dev \ + && mkdir -p /usr/local/src/ngircd /opt/ngircd \ + && chown bin:bin /usr/local/src/ngircd /opt/ngircd +WORKDIR /usr/local/src/ngircd +COPY . /usr/local/src/ngircd +RUN chown -R bin /usr/local/src/ngircd +USER bin +RUN ./autogen.sh --prefix=/opt/ngircd \ + --with-gnutls \ + --with-iconv \ + --with-ident \ + --with-pam \ + && make all \ + && make -C src/ngircd check \ + && make install \ + && printf \ + "# ngircd.conf\n\n[Global]\nServerGID=irc\nServerUID=irc\n\n[Options]\nIdent=no\nPAM=no\n\n[SSL]\nCAFile=/etc/ssl/certs/ca-certificates.crt\n" \ + >/opt/ngircd/etc/ngircd.conf \ + && chmod -R a+rX /opt/ngircd + +# Run container + +FROM docker.io/library/debian:stable-slim +USER root +RUN apt-get -y update \ + && apt-get -y install --no-install-recommends --no-install-suggests \ + ca-certificates \ + catatonit \ + libgnutls30 \ + libident \ + libpam0g \ + libwrap0 \ + zlib1g \ + && apt-get -y clean \ + && rm -rf /var/cache/debconf/*-old /var/lib/apt/lists/* +COPY --from=build /opt/ngircd /opt/ngircd +USER irc +ENTRYPOINT [ "/usr/bin/catatonit", "--", "/opt/ngircd/sbin/ngircd", "--nodaemon" ] +EXPOSE 6667 6697 +HEALTHCHECK --interval=30s --timeout=5s --retries=1 --start-period=5s \ + CMD [ "/usr/bin/grep", "-F", ":1A0B ", "/proc/net/tcp" ] diff --git a/contrib/MacOSX/.gitignore b/contrib/MacOSX/.gitignore deleted file mode 100644 index 260a9fd2..00000000 --- a/contrib/MacOSX/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -build -de.barton.ngircd.plist diff --git a/contrib/MacOSX/Makefile.am b/contrib/MacOSX/Makefile.am deleted file mode 100644 index abd799c5..00000000 --- a/contrib/MacOSX/Makefile.am +++ /dev/null @@ -1,52 +0,0 @@ -# -# ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2008 Alexander Barton -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# Please read the file COPYING, README and AUTHORS for more information. -# - -SUBDIRS = ngIRCd.xcodeproj ngIRCd.pmdoc - -EXTRA_DIST = de.barton.ngircd.plist.tmpl config.h preinstall.sh postinstall.sh - -SUFFIXES = .tmpl . - -.tmpl: - sed \ - -e s@:SBINDIR:@${sbindir}@ \ - <$< >$@ - -install-data-local: - [ `uname -s` != "Darwin" ] || make install-sys-darwin - -install-sys-darwin: - @if [ `id -u` -eq 0 ]; then \ - make install-sys-darwin-root; \ - else \ - echo; \ - echo " ** NOTE: Not installing with root privileges, so the LaunchDaemon script"; \ - echo " ** \"/Library/LaunchDaemons/de.barton.ngircd.plist\" can't be installed/updated!"; \ - echo; \ - fi - -install-sys-darwin-root: de.barton.ngircd.plist - install -d -m 755 -o root -g wheel $(DESTDIR)/Library/LaunchDaemons - install -c -m 644 -b -o root -g wheel de.barton.ngircd.plist \ - $(DESTDIR)/Library/LaunchDaemons/de.barton.ngircd.plist - @echo - @echo " ** \"/Library/LaunchDaemons/de.barton.ngircd.plist\" has been installed," - @echo " ** but is disabled. Use launchctl(8) to enable/run ngIRCd on Darwin/Mac OS X." - @echo - -clean-local: - rm -rf build - rm -f de.barton.ngircd.plist - -maintainer-clean-local: - rm -f Makefile Makefile.in - -# -eof- diff --git a/contrib/MacOSX/config.h b/contrib/MacOSX/config.h deleted file mode 100644 index 60bb630f..00000000 --- a/contrib/MacOSX/config.h +++ /dev/null @@ -1,136 +0,0 @@ -/* - * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2013 Alexander Barton (alex@barton.de) and Contributors. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * Please read the file COPYING, README and AUTHORS for more information. - * - * Static configuration file for Mac OS X Xcode project - */ - -#define PACKAGE_NAME "ngIRCd" -# define PACKAGE "ngircd" -#ifndef VERSION -# define VERSION "??("__DATE__")" -#endif - -#ifndef HOST_VENDOR -# define HOST_VENDOR "apple" -# define HOST_OS "darwin" -# ifdef __x86_64 -# define HOST_CPU "x86_64" -# endif -#endif - -#define SYSCONFDIR "/etc/ngircd" -#define DOCDIR "/usr/share/doc/ngircd" - -/* -- Build options -- */ - -/* Define if debug-mode should be enabled */ -#define DEBUG 1 - -/* Define if the server should do IDENT requests */ -/*#define IDENTAUTH 1*/ - -/* Define if IRC+ protocol should be used */ -#define IRCPLUS 1 - -/* Define if IRC sniffer should be enabled */ -/*#define SNIFFER 1*/ - -/* Define if syslog should be used for logging */ -#define SYSLOG 1 - -/* Define if TCP wrappers should be used */ -/*#define TCPWRAP 1*/ - -/* Define if zlib compression should be enabled */ -#define ZLIB 1 - -/* Define if IPV6 protocol should be enabled */ -#define WANT_IPV6 1 - -/* Define if PAM should be used */ -#define PAM 1 - -/* Define if libiconv can be used, e.g. for CHARCONV */ -#define ICONV 1 - -/* -- Supported features -- */ - -/* Define if SSP C support is enabled. */ -#define ENABLE_SSP_CC 1 - -/* Define to 1 if the C compiler supports function prototypes. */ -#define PROTOTYPES 1 -/* Define like PROTOTYPES; this can be used by system headers. */ -#define __PROTOTYPES 1 - -/* Define to 1 if you have the header file. */ -#define HAVE_SYS_TYPES_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_INTTYPES_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_STDDEF_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_STDBOOL_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_ARPA_INET_H 1 -/* Define to 1 if you have the header file. */ -#define HAVE_NETINET_IP_H 1 - -/* Define to 1 if you have the `gai_strerror' function. */ -#define HAVE_GAI_STRERROR 1 -/* Define to 1 if you have the `iconv_open' function. */ -#define HAVE_ICONV_OPEN 1 -/* Define to 1 if you have the `kqueue' function. */ -#define HAVE_KQUEUE 1 -/* Define to 1 if you have the `inet_ntoa' function. */ -#define HAVE_INET_NTOA 1 -/* Define to 1 if you have the `snprintf' function. */ -#define HAVE_SNPRINTF 1 -/* Define to 1 if you have the `strlcat' function. */ -#define HAVE_STRLCAT 1 -/* Define to 1 if you have the `strlcpy' function. */ -#define HAVE_STRLCPY 1 -/* Define to 1 if you have the `strdup' function. */ -#define HAVE_STRDUP 1 -/* Define to 1 if you have the `vsnprintf' function. */ -#define HAVE_VSNPRINTF 1 -/* Define to 1 if you have the `inet_aton' function. */ -#define HAVE_INET_ATON 1 -/* Define to 1 if you have the `getaddrinfo' function. */ -#define HAVE_GETADDRINFO 1 -/* getaddrinfo(0) */ -#define HAVE_WORKING_GETADDRINFO 1 -/* Define to 1 if you have the `getnameinfo' function. */ -#define HAVE_GETNAMEINFO 1 -/* Define to 1 if you have the `sigaction' function. */ -#define HAVE_SIGACTION 1 -/* Define to 1 if you have the `setsid' function. */ -#define HAVE_SETSID 1 -/* Define to 1 if you have the `strsignal' function. */ -#define HAVE_STRSIGNAL 1 - -/* Define if socklen_t exists */ -#define HAVE_socklen_t 1 - -#ifdef PAM -/* Define to 1 if you have the `pam_authenticate' function. */ -#define HAVE_PAM_AUTHENTICATE 1 -#if (__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1060) -/* Define to 1 if you have the header file. */ -#define HAVE_PAM_PAM_APPL_H 1 -/* Mac OS X <10.6 doesn't have pam_fail_delay() */ -#define NO_PAM_FAIL_DELAY 1 -#else -/* Define to 1 if you have the header file. */ -#define HAVE_SECURITY_PAM_APPL_H 1 -#endif -#endif - -/* -eof- */ diff --git a/contrib/MacOSX/de.barton.ngircd.plist.tmpl b/contrib/MacOSX/de.barton.ngircd.plist.tmpl deleted file mode 100644 index 7f38d114..00000000 --- a/contrib/MacOSX/de.barton.ngircd.plist.tmpl +++ /dev/null @@ -1,23 +0,0 @@ - - - - - Disabled - - KeepAlive - - Label - de.barton.ngIRCd - ProgramArguments - - :SBINDIR:/ngircd - --nodaemon - - RunAtLoad - - StandardErrorPath - /Library/Logs/ngIRCd.log - StandardOutPath - /Library/Logs/ngIRCd.log - - diff --git a/contrib/MacOSX/ngIRCd.pmdoc/01ngircd-contents.xml b/contrib/MacOSX/ngIRCd.pmdoc/01ngircd-contents.xml deleted file mode 100644 index a179c99e..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/01ngircd-contents.xml +++ /dev/null @@ -1 +0,0 @@ -groupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupownergroupowner \ No newline at end of file diff --git a/contrib/MacOSX/ngIRCd.pmdoc/01ngircd.xml b/contrib/MacOSX/ngIRCd.pmdoc/01ngircd.xml deleted file mode 100644 index 7823ca61..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/01ngircd.xml +++ /dev/null @@ -1 +0,0 @@ -de.barton.ngircd.daemon.pkg17.1../../ngircd.dest/extraFilesinstallToinstallTo.isAbsoluteTypescripts.preinstall.pathidentifierparentversioninstallTo.pathscripts.preupgrade.pathrequireAuthorization02ngircd-contents.xml/CVS$/\.svn$/\.cvsignore$/\.cvspass$/\.DS_Store$ \ No newline at end of file diff --git a/contrib/MacOSX/ngIRCd.pmdoc/02de-contents.xml b/contrib/MacOSX/ngIRCd.pmdoc/02de-contents.xml deleted file mode 100644 index 1c854e6d..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/02de-contents.xml +++ /dev/null @@ -1 +0,0 @@ -groupowner \ No newline at end of file diff --git a/contrib/MacOSX/ngIRCd.pmdoc/02de.xml b/contrib/MacOSX/ngIRCd.pmdoc/02de.xml deleted file mode 100644 index 600e53f9..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/02de.xml +++ /dev/null @@ -1 +0,0 @@ -de.barton.ngircd.launchscript.pkg17.1de.barton.ngircd.plist/Library/LaunchDaemonsscripts.preinstall.pathinstallToscripts.postinstall.pathscripts.postinstall.isRelativeTypeinstallFrom.isRelativeTypeinstallTo.isAbsoluteTypeversionparentscripts.preupgrade.pathidentifierscripts.postupgrade.pathrequireAuthorizationextraFilesscripts.postupgrade.isRelativeTypeinstallTo.pathpreinstall.shpostinstall.shpreinstall.shpostinstall.sh01de-contents.xml/CVS$/\.svn$/\.cvsignore$/\.cvspass$/\.DS_Store$ \ No newline at end of file diff --git a/contrib/MacOSX/ngIRCd.pmdoc/Makefile.am b/contrib/MacOSX/ngIRCd.pmdoc/Makefile.am deleted file mode 100644 index e11eeb1e..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/Makefile.am +++ /dev/null @@ -1,18 +0,0 @@ -# -# ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2008 Alexander Barton -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# Please read the file COPYING, README and AUTHORS for more information. -# - -EXTRA_DIST = index.xml \ - 01ngircd-contents.xml 01ngircd.xml 02de-contents.xml 02de.xml - -maintainer-clean-local: - rm -f Makefile Makefile.in - -# -eof- diff --git a/contrib/MacOSX/ngIRCd.pmdoc/index.xml b/contrib/MacOSX/ngIRCd.pmdoc/index.xml deleted file mode 100644 index 0c8cc553..00000000 --- a/contrib/MacOSX/ngIRCd.pmdoc/index.xml +++ /dev/null @@ -1,238 +0,0 @@ -ngIRCd../../ngIRCd.mpkgde.barton.ngircdngIRCd – next generation Internet Relay Chat (IRC) server - daemon../ngIRCd-Logo.gif02de.xml01ngircd.xmlextraFilesproperties.titleproperties.customizeOptiondescriptionproperties.anywhereDomainproperties.systemDomain diff --git a/contrib/MacOSX/ngIRCd.xcodeproj/.gitignore b/contrib/MacOSX/ngIRCd.xcodeproj/.gitignore deleted file mode 100644 index d6d065a7..00000000 --- a/contrib/MacOSX/ngIRCd.xcodeproj/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -project.xcworkspace -xcuserdata -*.mode1v3 -*.pbxuser diff --git a/contrib/MacOSX/ngIRCd.xcodeproj/Makefile.am b/contrib/MacOSX/ngIRCd.xcodeproj/Makefile.am deleted file mode 100644 index 84e66d2b..00000000 --- a/contrib/MacOSX/ngIRCd.xcodeproj/Makefile.am +++ /dev/null @@ -1,17 +0,0 @@ -# -# ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2008 Alexander Barton -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# Please read the file COPYING, README and AUTHORS for more information. -# - -EXTRA_DIST = project.pbxproj - -maintainer-clean-local: - rm -f Makefile Makefile.in - -# -eof- diff --git a/contrib/MacOSX/ngIRCd.xcodeproj/project.pbxproj b/contrib/MacOSX/ngIRCd.xcodeproj/project.pbxproj deleted file mode 100644 index c687bf7f..00000000 --- a/contrib/MacOSX/ngIRCd.xcodeproj/project.pbxproj +++ /dev/null @@ -1,808 +0,0 @@ -// !$*UTF8*$! -{ - archiveVersion = 1; - classes = { - }; - objectVersion = 46; - objects = { - -/* Begin PBXBuildFile section */ - FA2D564A11EA158B00D37A35 /* pam.c in Sources */ = {isa = PBXBuildFile; fileRef = FA2D564911EA158B00D37A35 /* pam.c */; }; - FA2D567B11EA1AB300D37A35 /* libpam.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = FA2D567A11EA1AB300D37A35 /* libpam.dylib */; }; - FA322D350CEF74B1001761B3 /* array.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CD90CEF74B1001761B3 /* array.c */; }; - FA322D360CEF74B1001761B3 /* channel.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CDB0CEF74B1001761B3 /* channel.c */; }; - FA322D370CEF74B1001761B3 /* client.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CDD0CEF74B1001761B3 /* client.c */; }; - FA322D380CEF74B1001761B3 /* conf.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CDF0CEF74B1001761B3 /* conf.c */; }; - FA322D390CEF74B1001761B3 /* conn-func.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CE10CEF74B1001761B3 /* conn-func.c */; }; - FA322D3A0CEF74B1001761B3 /* conn-zip.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CE30CEF74B1001761B3 /* conn-zip.c */; }; - FA322D3B0CEF74B1001761B3 /* conn.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CE50CEF74B1001761B3 /* conn.c */; }; - FA322D3C0CEF74B1001761B3 /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CE80CEF74B1001761B3 /* hash.c */; }; - FA322D3D0CEF74B1001761B3 /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CEA0CEF74B1001761B3 /* io.c */; }; - FA322D3E0CEF74B1001761B3 /* irc-channel.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CEC0CEF74B1001761B3 /* irc-channel.c */; }; - FA322D3F0CEF74B1001761B3 /* irc-info.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CEE0CEF74B1001761B3 /* irc-info.c */; }; - FA322D400CEF74B1001761B3 /* irc-login.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CF00CEF74B1001761B3 /* irc-login.c */; }; - FA322D410CEF74B1001761B3 /* irc-mode.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CF20CEF74B1001761B3 /* irc-mode.c */; }; - FA322D420CEF74B1001761B3 /* irc-op.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CF40CEF74B1001761B3 /* irc-op.c */; }; - FA322D430CEF74B1001761B3 /* irc-oper.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CF60CEF74B1001761B3 /* irc-oper.c */; }; - FA322D440CEF74B1001761B3 /* irc-server.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CF80CEF74B1001761B3 /* irc-server.c */; }; - FA322D450CEF74B1001761B3 /* irc-write.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CFA0CEF74B1001761B3 /* irc-write.c */; }; - FA322D460CEF74B1001761B3 /* irc.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CFC0CEF74B1001761B3 /* irc.c */; }; - FA322D470CEF74B1001761B3 /* lists.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322CFE0CEF74B1001761B3 /* lists.c */; }; - FA322D480CEF74B1001761B3 /* log.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D000CEF74B1001761B3 /* log.c */; }; - FA322D490CEF74B1001761B3 /* match.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D030CEF74B1001761B3 /* match.c */; }; - FA322D4A0CEF74B1001761B3 /* ngircd.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D060CEF74B1001761B3 /* ngircd.c */; }; - FA322D4B0CEF74B1001761B3 /* parse.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D080CEF74B1001761B3 /* parse.c */; }; - FA322D4D0CEF74B1001761B3 /* resolve.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D0C0CEF74B1001761B3 /* resolve.c */; }; - FA322DBE0CEF7766001761B3 /* tool.c in Sources */ = {isa = PBXBuildFile; fileRef = FA322D330CEF74B1001761B3 /* tool.c */; }; - FA322DC10CEF77CB001761B3 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = FA322DC00CEF77CB001761B3 /* libz.dylib */; }; - FA407F2E0DB159F400271AF1 /* ng_ipaddr.c in Sources */ = {isa = PBXBuildFile; fileRef = FA407F2C0DB159F400271AF1 /* ng_ipaddr.c */; }; - FA4F165A164836B100DBD011 /* irc-metadata.c in Sources */ = {isa = PBXBuildFile; fileRef = FA4F1659164836B100DBD011 /* irc-metadata.c */; }; - FA6BBC631605F0AC0004247A /* conn-encoding.c in Sources */ = {isa = PBXBuildFile; fileRef = FA6BBC5F1605F0AB0004247A /* conn-encoding.c */; }; - FA6BBC641605F0AC0004247A /* irc-encoding.c in Sources */ = {isa = PBXBuildFile; fileRef = FA6BBC611605F0AC0004247A /* irc-encoding.c */; }; - FA6BBC661605F6D60004247A /* libiconv.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = FA6BBC651605F6D60004247A /* libiconv.dylib */; }; - FA85178C0FA061EC006A1F5A /* op.c in Sources */ = {isa = PBXBuildFile; fileRef = FA85178B0FA061EC006A1F5A /* op.c */; }; - FA99428C10E82A27007F27ED /* proc.c in Sources */ = {isa = PBXBuildFile; fileRef = FA99428B10E82A27007F27ED /* proc.c */; }; - FAA3D27B0F139CDC00B2447E /* conn-ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = FAA3D2790F139CDC00B2447E /* conn-ssl.c */; }; - FAA97C57124A271400D5BBA9 /* sighandlers.c in Sources */ = {isa = PBXBuildFile; fileRef = FAA97C55124A271400D5BBA9 /* sighandlers.c */; }; - FAACD5F514A6099C006ED74F /* class.c in Sources */ = {isa = PBXBuildFile; fileRef = FAACD5F314A6099C006ED74F /* class.c */; }; - FAD5853215271AAB00328741 /* client-cap.c in Sources */ = {isa = PBXBuildFile; fileRef = FAD5853015271AAB00328741 /* client-cap.c */; }; - FAD5853515271AB800328741 /* irc-cap.c in Sources */ = {isa = PBXBuildFile; fileRef = FAD5853315271AB800328741 /* irc-cap.c */; }; - FAD5853815272C2600328741 /* login.c in Sources */ = {isa = PBXBuildFile; fileRef = FAD5853615272C2500328741 /* login.c */; }; - FAE5CC2E0CF2308A007D69B6 /* numeric.c in Sources */ = {isa = PBXBuildFile; fileRef = FAE5CC2D0CF2308A007D69B6 /* numeric.c */; }; -/* End PBXBuildFile section */ - -/* Begin PBXFileReference section */ - FA18A63E16CEDDCE00132F66 /* configure.ng */ = {isa = PBXFileReference; lastKnownFileType = text; name = configure.ng; path = ../../configure.ng; sourceTree = ""; }; - FA18A63F16CEDE2300132F66 /* ngircd.service */ = {isa = PBXFileReference; lastKnownFileType = text; path = ngircd.service; sourceTree = ""; }; - FA18A64016CEDE2300132F66 /* ngircd.socket */ = {isa = PBXFileReference; lastKnownFileType = text; path = ngircd.socket; sourceTree = ""; }; - FA18A64116CEDE3500132F66 /* ngircd.pam */ = {isa = PBXFileReference; lastKnownFileType = text; path = ngircd.pam; sourceTree = ""; }; - FA18A64216CEDE5700132F66 /* de.barton.ngircd.plist.tmpl */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = de.barton.ngircd.plist.tmpl; sourceTree = ""; }; - FA18A64316CEDE8100132F66 /* Makefile.am */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA18A64416CEDFCE00132F66 /* Commands.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = Commands.txt; sourceTree = ""; }; - FA18A64516CEE0C700132F66 /* Makefile.ng */ = {isa = PBXFileReference; lastKnownFileType = text; name = Makefile.ng; path = ipaddr/Makefile.ng; sourceTree = ""; }; - FA18A64616CEE0DD00132F66 /* Makefile.ng */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.ng; sourceTree = ""; }; - FA18A64716CEE14900132F66 /* Makefile.ng */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.ng; sourceTree = ""; }; - FA18A64A16CEE18100132F66 /* Makefile.ng */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.ng; sourceTree = ""; }; - FA18A64C16CEE1AC00132F66 /* mode-test.e */ = {isa = PBXFileReference; lastKnownFileType = text; path = "mode-test.e"; sourceTree = ""; }; - FA18A64D16CEE1D900132F66 /* whois-test.e */ = {isa = PBXFileReference; lastKnownFileType = text; path = "whois-test.e"; sourceTree = ""; }; - FA18A64E16CEE24B00132F66 /* misc-test.e */ = {isa = PBXFileReference; lastKnownFileType = text; path = "misc-test.e"; sourceTree = ""; }; - FA18A64F16CEE27700132F66 /* Makefile.ng */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.ng; sourceTree = ""; }; - FA1A6BBD0D6857D900AA8F71 /* who-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "who-test.e"; sourceTree = ""; }; - FA1DBB6716C707D200D4F838 /* irc-macros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "irc-macros.h"; sourceTree = ""; }; - FA2D564811EA158B00D37A35 /* pam.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = pam.h; sourceTree = ""; }; - FA2D564911EA158B00D37A35 /* pam.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = pam.c; sourceTree = ""; }; - FA2D567A11EA1AB300D37A35 /* libpam.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libpam.dylib; path = usr/lib/libpam.dylib; sourceTree = SDKROOT; }; - FA322BBA0CEF72E4001761B3 /* ngircd */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = ngircd; sourceTree = BUILT_PRODUCTS_DIR; }; - FA322CD60CEF74B1001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA322CD90CEF74B1001761B3 /* array.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = array.c; sourceTree = ""; }; - FA322CDA0CEF74B1001761B3 /* array.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = array.h; sourceTree = ""; }; - FA322CDB0CEF74B1001761B3 /* channel.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = channel.c; sourceTree = ""; }; - FA322CDC0CEF74B1001761B3 /* channel.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = channel.h; sourceTree = ""; }; - FA322CDD0CEF74B1001761B3 /* client.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = client.c; sourceTree = ""; }; - FA322CDE0CEF74B1001761B3 /* client.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = client.h; sourceTree = ""; }; - FA322CDF0CEF74B1001761B3 /* conf.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = conf.c; sourceTree = ""; }; - FA322CE00CEF74B1001761B3 /* conf.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = conf.h; sourceTree = ""; }; - FA322CE10CEF74B1001761B3 /* conn-func.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "conn-func.c"; sourceTree = ""; }; - FA322CE20CEF74B1001761B3 /* conn-func.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "conn-func.h"; sourceTree = ""; }; - FA322CE30CEF74B1001761B3 /* conn-zip.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "conn-zip.c"; sourceTree = ""; }; - FA322CE40CEF74B1001761B3 /* conn-zip.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "conn-zip.h"; sourceTree = ""; }; - FA322CE50CEF74B1001761B3 /* conn.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = conn.c; sourceTree = ""; }; - FA322CE60CEF74B1001761B3 /* conn.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = conn.h; sourceTree = ""; }; - FA322CE70CEF74B1001761B3 /* defines.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = defines.h; sourceTree = ""; }; - FA322CE80CEF74B1001761B3 /* hash.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = hash.c; sourceTree = ""; }; - FA322CE90CEF74B1001761B3 /* hash.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = hash.h; sourceTree = ""; }; - FA322CEA0CEF74B1001761B3 /* io.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = io.c; sourceTree = ""; }; - FA322CEB0CEF74B1001761B3 /* io.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = io.h; sourceTree = ""; }; - FA322CEC0CEF74B1001761B3 /* irc-channel.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-channel.c"; sourceTree = ""; }; - FA322CED0CEF74B1001761B3 /* irc-channel.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-channel.h"; sourceTree = ""; }; - FA322CEE0CEF74B1001761B3 /* irc-info.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-info.c"; sourceTree = ""; }; - FA322CEF0CEF74B1001761B3 /* irc-info.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-info.h"; sourceTree = ""; }; - FA322CF00CEF74B1001761B3 /* irc-login.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-login.c"; sourceTree = ""; }; - FA322CF10CEF74B1001761B3 /* irc-login.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-login.h"; sourceTree = ""; }; - FA322CF20CEF74B1001761B3 /* irc-mode.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-mode.c"; sourceTree = ""; }; - FA322CF30CEF74B1001761B3 /* irc-mode.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-mode.h"; sourceTree = ""; }; - FA322CF40CEF74B1001761B3 /* irc-op.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-op.c"; sourceTree = ""; }; - FA322CF50CEF74B1001761B3 /* irc-op.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-op.h"; sourceTree = ""; }; - FA322CF60CEF74B1001761B3 /* irc-oper.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-oper.c"; sourceTree = ""; }; - FA322CF70CEF74B1001761B3 /* irc-oper.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-oper.h"; sourceTree = ""; }; - FA322CF80CEF74B1001761B3 /* irc-server.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-server.c"; sourceTree = ""; }; - FA322CF90CEF74B1001761B3 /* irc-server.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-server.h"; sourceTree = ""; }; - FA322CFA0CEF74B1001761B3 /* irc-write.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "irc-write.c"; sourceTree = ""; }; - FA322CFB0CEF74B1001761B3 /* irc-write.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "irc-write.h"; sourceTree = ""; }; - FA322CFC0CEF74B1001761B3 /* irc.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = irc.c; sourceTree = ""; }; - FA322CFD0CEF74B1001761B3 /* irc.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = irc.h; sourceTree = ""; }; - FA322CFE0CEF74B1001761B3 /* lists.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = lists.c; sourceTree = ""; }; - FA322CFF0CEF74B1001761B3 /* lists.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = lists.h; sourceTree = ""; }; - FA322D000CEF74B1001761B3 /* log.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = log.c; sourceTree = ""; }; - FA322D010CEF74B1001761B3 /* log.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = log.h; sourceTree = ""; }; - FA322D030CEF74B1001761B3 /* match.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = match.c; sourceTree = ""; }; - FA322D040CEF74B1001761B3 /* match.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = match.h; sourceTree = ""; }; - FA322D050CEF74B1001761B3 /* messages.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = messages.h; sourceTree = ""; }; - FA322D060CEF74B1001761B3 /* ngircd.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = ngircd.c; sourceTree = ""; }; - FA322D070CEF74B1001761B3 /* ngircd.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = ngircd.h; sourceTree = ""; }; - FA322D080CEF74B1001761B3 /* parse.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = parse.c; sourceTree = ""; }; - FA322D090CEF74B1001761B3 /* parse.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = parse.h; sourceTree = ""; }; - FA322D0C0CEF74B1001761B3 /* resolve.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = resolve.c; sourceTree = ""; }; - FA322D0D0CEF74B1001761B3 /* resolve.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = resolve.h; sourceTree = ""; }; - FA322D100CEF74B1001761B3 /* ansi2knr.1 */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.man; path = ansi2knr.1; sourceTree = ""; }; - FA322D110CEF74B1001761B3 /* ansi2knr.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = ansi2knr.c; sourceTree = ""; }; - FA322D150CEF74B1001761B3 /* portab.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = portab.h; sourceTree = ""; }; - FA322D160CEF74B1001761B3 /* portabtest.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = portabtest.c; sourceTree = ""; }; - FA322D170CEF74B1001761B3 /* splint.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = splint.h; sourceTree = ""; }; - FA322D180CEF74B1001761B3 /* strdup.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = strdup.c; sourceTree = ""; }; - FA322D190CEF74B1001761B3 /* strlcpy.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = strlcpy.c; sourceTree = ""; }; - FA322D1A0CEF74B1001761B3 /* vsnprintf.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = vsnprintf.c; sourceTree = ""; }; - FA322D1D0CEF74B1001761B3 /* channel-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "channel-test.e"; sourceTree = ""; }; - FA322D1E0CEF74B1001761B3 /* check-idle.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "check-idle.e"; sourceTree = ""; }; - FA322D1F0CEF74B1001761B3 /* connect-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "connect-test.e"; sourceTree = ""; }; - FA322D200CEF74B1001761B3 /* functions.inc */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.pascal; path = functions.inc; sourceTree = ""; }; - FA322D210CEF74B1001761B3 /* getpid.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = getpid.sh; sourceTree = ""; }; - FA322D250CEF74B1001761B3 /* README */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = README; sourceTree = ""; }; - FA322D260CEF74B1001761B3 /* start-server.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = "start-server.sh"; sourceTree = ""; }; - FA322D270CEF74B1001761B3 /* stop-server.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = "stop-server.sh"; sourceTree = ""; }; - FA322D280CEF74B1001761B3 /* stress-A.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "stress-A.e"; sourceTree = ""; }; - FA322D290CEF74B1001761B3 /* stress-B.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "stress-B.e"; sourceTree = ""; }; - FA322D2A0CEF74B1001761B3 /* stress-server.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = "stress-server.sh"; sourceTree = ""; }; - FA322D2B0CEF74B1001761B3 /* test-loop.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = "test-loop.sh"; sourceTree = ""; }; - FA322D2C0CEF74B1001761B3 /* tests.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = tests.sh; sourceTree = ""; }; - FA322D2D0CEF74B1001761B3 /* wait-tests.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = "wait-tests.sh"; sourceTree = ""; }; - FA322D330CEF74B1001761B3 /* tool.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = tool.c; sourceTree = ""; }; - FA322D340CEF74B1001761B3 /* tool.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = tool.h; sourceTree = ""; }; - FA322D5A0CEF750F001761B3 /* AUTHORS */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = AUTHORS; path = ../../AUTHORS; sourceTree = SOURCE_ROOT; }; - FA322D5B0CEF750F001761B3 /* autogen.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; name = autogen.sh; path = ../../autogen.sh; sourceTree = SOURCE_ROOT; }; - FA322D5C0CEF750F001761B3 /* ChangeLog */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = ChangeLog; path = ../../ChangeLog; sourceTree = SOURCE_ROOT; }; - FA322D5E0CEF750F001761B3 /* config.guess */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; name = config.guess; path = ../../config.guess; sourceTree = SOURCE_ROOT; }; - FA322D5F0CEF750F001761B3 /* config.sub */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; name = config.sub; path = ../../config.sub; sourceTree = SOURCE_ROOT; }; - FA322D610CEF750F001761B3 /* COPYING */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = COPYING; path = ../../COPYING; sourceTree = SOURCE_ROOT; }; - FA322D620CEF750F001761B3 /* INSTALL */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = INSTALL; path = ../../INSTALL; sourceTree = SOURCE_ROOT; }; - FA322D630CEF750F001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = Makefile.am; path = ../../Makefile.am; sourceTree = SOURCE_ROOT; }; - FA322D640CEF750F001761B3 /* NEWS */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = NEWS; path = ../../NEWS; sourceTree = SOURCE_ROOT; }; - FA322D650CEF750F001761B3 /* README */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; name = README; path = ../../README; sourceTree = SOURCE_ROOT; }; - FA322D6A0CEF7523001761B3 /* changelog */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = changelog; sourceTree = ""; }; - FA322D6B0CEF7523001761B3 /* compat */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = compat; sourceTree = ""; }; - FA322D6C0CEF7523001761B3 /* control */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = control; sourceTree = ""; }; - FA322D6D0CEF7523001761B3 /* copyright */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = copyright; sourceTree = ""; }; - FA322D6E0CEF7523001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA322D6F0CEF7523001761B3 /* ngircd.default */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = ngircd.default; sourceTree = ""; }; - FA322D700CEF7523001761B3 /* ngircd.init */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = ngircd.init; sourceTree = ""; }; - FA322D710CEF7523001761B3 /* ngircd.postinst */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = ngircd.postinst; sourceTree = ""; }; - FA322D720CEF7523001761B3 /* rules */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = rules; sourceTree = ""; }; - FA322D8E0CEF7523001761B3 /* ngIRCd.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; path = ngIRCd.xcodeproj; sourceTree = ""; }; - FA322D920CEF7523001761B3 /* ngindent.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = ngindent.sh; sourceTree = ""; }; - FA322D940CEF7523001761B3 /* ngircd.spec */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = ngircd.spec; sourceTree = ""; }; - FA322D950CEF7523001761B3 /* README */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = README; sourceTree = ""; }; - FA322D9A0CEF752C001761B3 /* FAQ.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = FAQ.txt; sourceTree = ""; }; - FA322D9B0CEF752C001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA322D9C0CEF752C001761B3 /* Platforms.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Platforms.txt; sourceTree = ""; }; - FA322D9D0CEF752C001761B3 /* Protocol.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Protocol.txt; sourceTree = ""; }; - FA322D9E0CEF752C001761B3 /* README-AUX.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "README-AUX.txt"; sourceTree = ""; }; - FA322D9F0CEF752C001761B3 /* README-BeOS.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "README-BeOS.txt"; sourceTree = ""; }; - FA322DA00CEF752C001761B3 /* RFC.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = RFC.txt; sourceTree = ""; }; - FA322DA40CEF752C001761B3 /* Doxyfile */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Doxyfile; sourceTree = ""; }; - FA322DA50CEF752C001761B3 /* footer.inc.html */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.html; path = footer.inc.html; sourceTree = ""; }; - FA322DA70CEF752C001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA322DA90CEF752C001761B3 /* SSL.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = SSL.txt; sourceTree = ""; }; - FA322DAD0CEF7538001761B3 /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FA322DAE0CEF7538001761B3 /* ngircd.8.tmpl */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = ngircd.8.tmpl; sourceTree = ""; }; - FA322DAF0CEF7538001761B3 /* ngircd.conf.5.tmpl */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = ngircd.conf.5.tmpl; sourceTree = ""; }; - FA322DB10CEF7565001761B3 /* config.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = config.h; sourceTree = ""; }; - FA322DC00CEF77CB001761B3 /* libz.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libz.dylib; path = /usr/lib/libz.dylib; sourceTree = ""; }; - FA407F2C0DB159F400271AF1 /* ng_ipaddr.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; name = ng_ipaddr.c; path = ipaddr/ng_ipaddr.c; sourceTree = ""; }; - FA407F2D0DB159F400271AF1 /* ng_ipaddr.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; name = ng_ipaddr.h; path = ipaddr/ng_ipaddr.h; sourceTree = ""; }; - FA4B08E513E7F8FB00765BA3 /* ngircd-bsd.sh */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.script.sh; path = "ngircd-bsd.sh"; sourceTree = ""; }; - FA4B08E613E7F91700765BA3 /* ngIRCd-Logo.gif */ = {isa = PBXFileReference; lastKnownFileType = image.gif; path = "ngIRCd-Logo.gif"; sourceTree = ""; }; - FA4B08E713E7F91700765BA3 /* ngircd-redhat.init */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.script.sh; path = "ngircd-redhat.init"; sourceTree = ""; }; - FA4B08E813E7F91C00765BA3 /* platformtest.sh */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.script.sh; path = platformtest.sh; sourceTree = ""; }; - FA4B4F542055B47C00A04296 /* ngircd.logcheck */ = {isa = PBXFileReference; lastKnownFileType = text; path = ngircd.logcheck; sourceTree = ""; }; - FA4B4F552055B4C800A04296 /* source */ = {isa = PBXFileReference; lastKnownFileType = folder; path = source; sourceTree = ""; }; - FA4F1659164836B100DBD011 /* irc-metadata.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "irc-metadata.c"; sourceTree = ""; }; - FA4F165C164836BF00DBD011 /* irc-metadata.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "irc-metadata.h"; sourceTree = ""; }; - FA6BBC5F1605F0AB0004247A /* conn-encoding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "conn-encoding.c"; sourceTree = ""; }; - FA6BBC601605F0AC0004247A /* conn-encoding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "conn-encoding.h"; sourceTree = ""; }; - FA6BBC611605F0AC0004247A /* irc-encoding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "irc-encoding.c"; sourceTree = ""; }; - FA6BBC621605F0AC0004247A /* irc-encoding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "irc-encoding.h"; sourceTree = ""; }; - FA6BBC651605F6D60004247A /* libiconv.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libiconv.dylib; path = ../../../../../../../usr/lib/libiconv.dylib; sourceTree = ""; }; - FA77849A133FB9FF00740057 /* sample-ngircd.conf.tmpl */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = "sample-ngircd.conf.tmpl"; sourceTree = ""; }; - FA85178A0FA061EC006A1F5A /* op.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = op.h; sourceTree = ""; }; - FA85178B0FA061EC006A1F5A /* op.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = op.c; sourceTree = ""; }; - FA99428A10E82A27007F27ED /* proc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = proc.h; sourceTree = ""; }; - FA99428B10E82A27007F27ED /* proc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = proc.c; sourceTree = ""; }; - FAA3D2700F139CB300B2447E /* invite-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "invite-test.e"; sourceTree = ""; }; - FAA3D2710F139CB300B2447E /* join-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "join-test.e"; sourceTree = ""; }; - FAA3D2720F139CB300B2447E /* kick-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "kick-test.e"; sourceTree = ""; }; - FAA3D2730F139CB300B2447E /* message-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "message-test.e"; sourceTree = ""; }; - FAA3D2740F139CB300B2447E /* ngircd-test1.conf */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "ngircd-test1.conf"; sourceTree = ""; }; - FAA3D2750F139CB300B2447E /* ngircd-test2.conf */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "ngircd-test2.conf"; sourceTree = ""; }; - FAA3D2760F139CB300B2447E /* opless-channel-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "opless-channel-test.e"; sourceTree = ""; }; - FAA3D2770F139CB300B2447E /* server-link-test.e */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = "server-link-test.e"; sourceTree = ""; }; - FAA3D2780F139CDC00B2447E /* conf-ssl.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "conf-ssl.h"; sourceTree = ""; }; - FAA3D2790F139CDC00B2447E /* conn-ssl.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = "conn-ssl.c"; sourceTree = ""; }; - FAA3D27A0F139CDC00B2447E /* conn-ssl.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = "conn-ssl.h"; sourceTree = ""; }; - FAA3D27C0F139CF800B2447E /* strtok_r.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = strtok_r.c; sourceTree = ""; }; - FAA3D27D0F139CF800B2447E /* waitpid.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = waitpid.c; sourceTree = ""; }; - FAA3D2800F139D1500B2447E /* Services.txt */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Services.txt; sourceTree = ""; }; - FAA3D2820F139D2E00B2447E /* 01ngircd-contents.xml */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.xml; path = "01ngircd-contents.xml"; sourceTree = ""; }; - FAA3D2830F139D2E00B2447E /* 01ngircd.xml */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.xml; path = 01ngircd.xml; sourceTree = ""; }; - FAA3D2840F139D2E00B2447E /* 02de-contents.xml */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.xml; path = "02de-contents.xml"; sourceTree = ""; }; - FAA3D2850F139D2E00B2447E /* 02de.xml */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.xml; path = 02de.xml; sourceTree = ""; }; - FAA3D2860F139D2E00B2447E /* index.xml */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.xml; path = index.xml; sourceTree = ""; }; - FAA3D2880F139D2E00B2447E /* Makefile.am */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FAA3D28A0F139D2E00B2447E /* postinstall.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = postinstall.sh; sourceTree = ""; }; - FAA3D28B0F139D2E00B2447E /* preinstall.sh */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = text.script.sh; path = preinstall.sh; sourceTree = ""; }; - FAA97C55124A271400D5BBA9 /* sighandlers.c */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.c; path = sighandlers.c; sourceTree = ""; }; - FAA97C56124A271400D5BBA9 /* sighandlers.h */ = {isa = PBXFileReference; fileEncoding = 5; lastKnownFileType = sourcecode.c.h; path = sighandlers.h; sourceTree = ""; }; - FAA9C8162377186900A04296 /* nglog.sh */ = {isa = PBXFileReference; lastKnownFileType = text.script.sh; path = nglog.sh; sourceTree = ""; }; - FAACD5F314A6099C006ED74F /* class.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = class.c; sourceTree = ""; }; - FAACD5F414A6099C006ED74F /* class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = class.h; sourceTree = ""; }; - FAC4E5CD23A7DE2400A04296 /* Makefile.am */ = {isa = PBXFileReference; lastKnownFileType = text; path = Makefile.am; sourceTree = ""; }; - FAD5852F15271A7800328741 /* Capabilities.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = Capabilities.txt; sourceTree = ""; }; - FAD5853015271AAB00328741 /* client-cap.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "client-cap.c"; sourceTree = ""; }; - FAD5853115271AAB00328741 /* client-cap.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "client-cap.h"; sourceTree = ""; }; - FAD5853315271AB800328741 /* irc-cap.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "irc-cap.c"; sourceTree = ""; }; - FAD5853415271AB800328741 /* irc-cap.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "irc-cap.h"; sourceTree = ""; }; - FAD5853615272C2500328741 /* login.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = login.c; sourceTree = ""; }; - FAD5853715272C2500328741 /* login.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = login.h; sourceTree = ""; }; - FAE22BD215270EA300F1A5AB /* Bopm.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = Bopm.txt; sourceTree = ""; }; - FAE22BD415270EA300F1A5AB /* Contributing.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = Contributing.txt; sourceTree = ""; }; - FAE22BD515270EB500F1A5AB /* HowToRelease.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = HowToRelease.txt; sourceTree = ""; }; - FAE22BD615270EB500F1A5AB /* Modes.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = Modes.txt; sourceTree = ""; }; - FAE22BD715270EB500F1A5AB /* PAM.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = PAM.txt; sourceTree = ""; }; - FAE22BD815270EC400F1A5AB /* README-Interix.txt */ = {isa = PBXFileReference; lastKnownFileType = text; path = "README-Interix.txt"; sourceTree = ""; }; - FAE5CC2C0CF2308A007D69B6 /* numeric.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = numeric.h; sourceTree = ""; }; - FAE5CC2D0CF2308A007D69B6 /* numeric.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = numeric.c; sourceTree = ""; }; -/* End PBXFileReference section */ - -/* Begin PBXFrameworksBuildPhase section */ - 8DD76FAD0486AB0100D96B5E /* Frameworks */ = { - isa = PBXFrameworksBuildPhase; - buildActionMask = 2147483647; - files = ( - FA322DC10CEF77CB001761B3 /* libz.dylib in Frameworks */, - FA2D567B11EA1AB300D37A35 /* libpam.dylib in Frameworks */, - FA6BBC661605F6D60004247A /* libiconv.dylib in Frameworks */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXFrameworksBuildPhase section */ - -/* Begin PBXGroup section */ - 08FB7794FE84155DC02AAC07 /* ngIRCd */ = { - isa = PBXGroup; - children = ( - FA322D630CEF750F001761B3 /* Makefile.am */, - FA322D660CEF7523001761B3 /* contrib */, - FA322D970CEF752C001761B3 /* doc */, - FA322DAB0CEF7538001761B3 /* man */, - FA322CD40CEF74B0001761B3 /* src */, - FA322D5A0CEF750F001761B3 /* AUTHORS */, - FA322D5C0CEF750F001761B3 /* ChangeLog */, - FA322D610CEF750F001761B3 /* COPYING */, - FA322D620CEF750F001761B3 /* INSTALL */, - FA322D640CEF750F001761B3 /* NEWS */, - FA322D650CEF750F001761B3 /* README */, - FA322D5B0CEF750F001761B3 /* autogen.sh */, - FA322D5E0CEF750F001761B3 /* config.guess */, - FA322D5F0CEF750F001761B3 /* config.sub */, - FA18A63E16CEDDCE00132F66 /* configure.ng */, - 1AB674ADFE9D54B511CA2CBB /* Products */, - FA6BBC651605F6D60004247A /* libiconv.dylib */, - FA2D567A11EA1AB300D37A35 /* libpam.dylib */, - FA322DC00CEF77CB001761B3 /* libz.dylib */, - ); - indentWidth = 8; - name = ngIRCd; - sourceTree = ""; - tabWidth = 8; - usesTabs = 1; - wrapsLines = 0; - }; - 1AB674ADFE9D54B511CA2CBB /* Products */ = { - isa = PBXGroup; - children = ( - FA322BBA0CEF72E4001761B3 /* ngircd */, - ); - name = Products; - sourceTree = ""; - }; - FA322CD40CEF74B0001761B3 /* src */ = { - isa = PBXGroup; - children = ( - FA322CD60CEF74B1001761B3 /* Makefile.am */, - FA407F270DB1598D00271AF1 /* ipaddr */, - FA322CD70CEF74B1001761B3 /* ngircd */, - FA322D0E0CEF74B1001761B3 /* portab */, - FA322D1B0CEF74B1001761B3 /* testsuite */, - FA322D2E0CEF74B1001761B3 /* tool */, - ); - name = src; - path = ../../src; - sourceTree = SOURCE_ROOT; - }; - FA322CD70CEF74B1001761B3 /* ngircd */ = { - isa = PBXGroup; - children = ( - FA18A64616CEE0DD00132F66 /* Makefile.ng */, - FA322CD90CEF74B1001761B3 /* array.c */, - FA322CDA0CEF74B1001761B3 /* array.h */, - FA322CDB0CEF74B1001761B3 /* channel.c */, - FA322CDC0CEF74B1001761B3 /* channel.h */, - FAACD5F314A6099C006ED74F /* class.c */, - FAACD5F414A6099C006ED74F /* class.h */, - FA322CDD0CEF74B1001761B3 /* client.c */, - FA322CDE0CEF74B1001761B3 /* client.h */, - FAD5853015271AAB00328741 /* client-cap.c */, - FAD5853115271AAB00328741 /* client-cap.h */, - FA322CDF0CEF74B1001761B3 /* conf.c */, - FA322CE00CEF74B1001761B3 /* conf.h */, - FAA3D2780F139CDC00B2447E /* conf-ssl.h */, - FA322CE50CEF74B1001761B3 /* conn.c */, - FA322CE60CEF74B1001761B3 /* conn.h */, - FA6BBC5F1605F0AB0004247A /* conn-encoding.c */, - FA6BBC601605F0AC0004247A /* conn-encoding.h */, - FA322CE10CEF74B1001761B3 /* conn-func.c */, - FA322CE20CEF74B1001761B3 /* conn-func.h */, - FAA3D2790F139CDC00B2447E /* conn-ssl.c */, - FAA3D27A0F139CDC00B2447E /* conn-ssl.h */, - FA322CE30CEF74B1001761B3 /* conn-zip.c */, - FA322CE40CEF74B1001761B3 /* conn-zip.h */, - FA322CE70CEF74B1001761B3 /* defines.h */, - FA322CE80CEF74B1001761B3 /* hash.c */, - FA322CE90CEF74B1001761B3 /* hash.h */, - FA322CEA0CEF74B1001761B3 /* io.c */, - FA322CEB0CEF74B1001761B3 /* io.h */, - FA322CFC0CEF74B1001761B3 /* irc.c */, - FA322CFD0CEF74B1001761B3 /* irc.h */, - FAD5853315271AB800328741 /* irc-cap.c */, - FAD5853415271AB800328741 /* irc-cap.h */, - FA322CEC0CEF74B1001761B3 /* irc-channel.c */, - FA322CED0CEF74B1001761B3 /* irc-channel.h */, - FA6BBC611605F0AC0004247A /* irc-encoding.c */, - FA6BBC621605F0AC0004247A /* irc-encoding.h */, - FA322CEE0CEF74B1001761B3 /* irc-info.c */, - FA322CEF0CEF74B1001761B3 /* irc-info.h */, - FA322CF00CEF74B1001761B3 /* irc-login.c */, - FA322CF10CEF74B1001761B3 /* irc-login.h */, - FA1DBB6716C707D200D4F838 /* irc-macros.h */, - FA4F1659164836B100DBD011 /* irc-metadata.c */, - FA4F165C164836BF00DBD011 /* irc-metadata.h */, - FA322CF20CEF74B1001761B3 /* irc-mode.c */, - FA322CF30CEF74B1001761B3 /* irc-mode.h */, - FA322CF40CEF74B1001761B3 /* irc-op.c */, - FA322CF50CEF74B1001761B3 /* irc-op.h */, - FA322CF60CEF74B1001761B3 /* irc-oper.c */, - FA322CF70CEF74B1001761B3 /* irc-oper.h */, - FA322CF80CEF74B1001761B3 /* irc-server.c */, - FA322CF90CEF74B1001761B3 /* irc-server.h */, - FA322CFA0CEF74B1001761B3 /* irc-write.c */, - FA322CFB0CEF74B1001761B3 /* irc-write.h */, - FA322CFE0CEF74B1001761B3 /* lists.c */, - FA322CFF0CEF74B1001761B3 /* lists.h */, - FA322D000CEF74B1001761B3 /* log.c */, - FA322D010CEF74B1001761B3 /* log.h */, - FAD5853615272C2500328741 /* login.c */, - FAD5853715272C2500328741 /* login.h */, - FA322D030CEF74B1001761B3 /* match.c */, - FA322D040CEF74B1001761B3 /* match.h */, - FA322D050CEF74B1001761B3 /* messages.h */, - FA322D060CEF74B1001761B3 /* ngircd.c */, - FA322D070CEF74B1001761B3 /* ngircd.h */, - FAE5CC2D0CF2308A007D69B6 /* numeric.c */, - FAE5CC2C0CF2308A007D69B6 /* numeric.h */, - FA85178B0FA061EC006A1F5A /* op.c */, - FA85178A0FA061EC006A1F5A /* op.h */, - FA2D564911EA158B00D37A35 /* pam.c */, - FA2D564811EA158B00D37A35 /* pam.h */, - FA322D080CEF74B1001761B3 /* parse.c */, - FA322D090CEF74B1001761B3 /* parse.h */, - FA99428B10E82A27007F27ED /* proc.c */, - FA99428A10E82A27007F27ED /* proc.h */, - FA322D0C0CEF74B1001761B3 /* resolve.c */, - FA322D0D0CEF74B1001761B3 /* resolve.h */, - FAA97C55124A271400D5BBA9 /* sighandlers.c */, - FAA97C56124A271400D5BBA9 /* sighandlers.h */, - ); - path = ngircd; - sourceTree = ""; - }; - FA322D0E0CEF74B1001761B3 /* portab */ = { - isa = PBXGroup; - children = ( - FA18A64716CEE14900132F66 /* Makefile.ng */, - FA322D100CEF74B1001761B3 /* ansi2knr.1 */, - FA322D110CEF74B1001761B3 /* ansi2knr.c */, - FA322D150CEF74B1001761B3 /* portab.h */, - FA322D160CEF74B1001761B3 /* portabtest.c */, - FA322D170CEF74B1001761B3 /* splint.h */, - FA322D180CEF74B1001761B3 /* strdup.c */, - FA322D190CEF74B1001761B3 /* strlcpy.c */, - FAA3D27C0F139CF800B2447E /* strtok_r.c */, - FA322D1A0CEF74B1001761B3 /* vsnprintf.c */, - FAA3D27D0F139CF800B2447E /* waitpid.c */, - ); - path = portab; - sourceTree = ""; - }; - FA322D1B0CEF74B1001761B3 /* testsuite */ = { - isa = PBXGroup; - children = ( - FA18A64A16CEE18100132F66 /* Makefile.ng */, - FA322D250CEF74B1001761B3 /* README */, - FA322D1D0CEF74B1001761B3 /* channel-test.e */, - FA322D1E0CEF74B1001761B3 /* check-idle.e */, - FA322D1F0CEF74B1001761B3 /* connect-test.e */, - FAA3D2700F139CB300B2447E /* invite-test.e */, - FAA3D2710F139CB300B2447E /* join-test.e */, - FAA3D2720F139CB300B2447E /* kick-test.e */, - FAA3D2730F139CB300B2447E /* message-test.e */, - FA18A64E16CEE24B00132F66 /* misc-test.e */, - FA18A64C16CEE1AC00132F66 /* mode-test.e */, - FAA3D2760F139CB300B2447E /* opless-channel-test.e */, - FAA3D2770F139CB300B2447E /* server-link-test.e */, - FA322D280CEF74B1001761B3 /* stress-A.e */, - FA322D290CEF74B1001761B3 /* stress-B.e */, - FA1A6BBD0D6857D900AA8F71 /* who-test.e */, - FA18A64D16CEE1D900132F66 /* whois-test.e */, - FA322D200CEF74B1001761B3 /* functions.inc */, - FAA3D2740F139CB300B2447E /* ngircd-test1.conf */, - FAA3D2750F139CB300B2447E /* ngircd-test2.conf */, - FA322D210CEF74B1001761B3 /* getpid.sh */, - FA322D260CEF74B1001761B3 /* start-server.sh */, - FA322D270CEF74B1001761B3 /* stop-server.sh */, - FA322D2A0CEF74B1001761B3 /* stress-server.sh */, - FA322D2B0CEF74B1001761B3 /* test-loop.sh */, - FA322D2C0CEF74B1001761B3 /* tests.sh */, - FA322D2D0CEF74B1001761B3 /* wait-tests.sh */, - ); - path = testsuite; - sourceTree = ""; - }; - FA322D2E0CEF74B1001761B3 /* tool */ = { - isa = PBXGroup; - children = ( - FA18A64F16CEE27700132F66 /* Makefile.ng */, - FA322D330CEF74B1001761B3 /* tool.c */, - FA322D340CEF74B1001761B3 /* tool.h */, - ); - path = tool; - sourceTree = ""; - }; - FA322D660CEF7523001761B3 /* contrib */ = { - isa = PBXGroup; - children = ( - FAC4E5CD23A7DE2400A04296 /* Makefile.am */, - FA322D680CEF7523001761B3 /* Debian */, - FA322D730CEF7523001761B3 /* MacOSX */, - FA322D950CEF7523001761B3 /* README */, - FA322D920CEF7523001761B3 /* ngindent.sh */, - FA4B08E513E7F8FB00765BA3 /* ngircd-bsd.sh */, - FA4B08E613E7F91700765BA3 /* ngIRCd-Logo.gif */, - FA4B08E713E7F91700765BA3 /* ngircd-redhat.init */, - FA4B4F542055B47C00A04296 /* ngircd.logcheck */, - FA18A63F16CEDE2300132F66 /* ngircd.service */, - FA18A64016CEDE2300132F66 /* ngircd.socket */, - FA322D940CEF7523001761B3 /* ngircd.spec */, - FAA9C8162377186900A04296 /* nglog.sh */, - FA4B08E813E7F91C00765BA3 /* platformtest.sh */, - ); - name = contrib; - path = ..; - sourceTree = SOURCE_ROOT; - }; - FA322D680CEF7523001761B3 /* Debian */ = { - isa = PBXGroup; - children = ( - FA322D6E0CEF7523001761B3 /* Makefile.am */, - FA322D6A0CEF7523001761B3 /* changelog */, - FA322D6B0CEF7523001761B3 /* compat */, - FA322D6C0CEF7523001761B3 /* control */, - FA322D6D0CEF7523001761B3 /* copyright */, - FA322D6F0CEF7523001761B3 /* ngircd.default */, - FA322D700CEF7523001761B3 /* ngircd.init */, - FA18A64116CEDE3500132F66 /* ngircd.pam */, - FA322D710CEF7523001761B3 /* ngircd.postinst */, - FA322D720CEF7523001761B3 /* rules */, - FA4B4F552055B4C800A04296 /* source */, - ); - path = Debian; - sourceTree = ""; - }; - FA322D730CEF7523001761B3 /* MacOSX */ = { - isa = PBXGroup; - children = ( - FA18A64316CEDE8100132F66 /* Makefile.am */, - FAA3D2810F139D2E00B2447E /* ngIRCd.pmdoc */, - FA322DB10CEF7565001761B3 /* config.h */, - FA18A64216CEDE5700132F66 /* de.barton.ngircd.plist.tmpl */, - FA322D8E0CEF7523001761B3 /* ngIRCd.xcodeproj */, - FAA3D28A0F139D2E00B2447E /* postinstall.sh */, - FAA3D28B0F139D2E00B2447E /* preinstall.sh */, - ); - path = MacOSX; - sourceTree = ""; - }; - FA322D8F0CEF7523001761B3 /* Products */ = { - isa = PBXGroup; - children = ( - ); - name = Products; - sourceTree = ""; - }; - FA322D970CEF752C001761B3 /* doc */ = { - isa = PBXGroup; - children = ( - FA322D9B0CEF752C001761B3 /* Makefile.am */, - FA322DA20CEF752C001761B3 /* src */, - FAE22BD215270EA300F1A5AB /* Bopm.txt */, - FAD5852F15271A7800328741 /* Capabilities.txt */, - FA18A64416CEDFCE00132F66 /* Commands.txt */, - FAE22BD415270EA300F1A5AB /* Contributing.txt */, - FA322D9A0CEF752C001761B3 /* FAQ.txt */, - FAE22BD515270EB500F1A5AB /* HowToRelease.txt */, - FAE22BD615270EB500F1A5AB /* Modes.txt */, - FAE22BD715270EB500F1A5AB /* PAM.txt */, - FA322D9C0CEF752C001761B3 /* Platforms.txt */, - FA322D9D0CEF752C001761B3 /* Protocol.txt */, - FA322D9E0CEF752C001761B3 /* README-AUX.txt */, - FA322D9F0CEF752C001761B3 /* README-BeOS.txt */, - FAE22BD815270EC400F1A5AB /* README-Interix.txt */, - FA322DA00CEF752C001761B3 /* RFC.txt */, - FAA3D2800F139D1500B2447E /* Services.txt */, - FA322DA90CEF752C001761B3 /* SSL.txt */, - FA77849A133FB9FF00740057 /* sample-ngircd.conf.tmpl */, - ); - name = doc; - path = ../../doc; - sourceTree = SOURCE_ROOT; - }; - FA322DA20CEF752C001761B3 /* src */ = { - isa = PBXGroup; - children = ( - FA322DA70CEF752C001761B3 /* Makefile.am */, - FA322DA40CEF752C001761B3 /* Doxyfile */, - FA322DA50CEF752C001761B3 /* footer.inc.html */, - ); - path = src; - sourceTree = ""; - }; - FA322DAB0CEF7538001761B3 /* man */ = { - isa = PBXGroup; - children = ( - FA322DAD0CEF7538001761B3 /* Makefile.am */, - FA322DAE0CEF7538001761B3 /* ngircd.8.tmpl */, - FA322DAF0CEF7538001761B3 /* ngircd.conf.5.tmpl */, - ); - name = man; - path = ../../man; - sourceTree = SOURCE_ROOT; - }; - FA407F270DB1598D00271AF1 /* ipaddr */ = { - isa = PBXGroup; - children = ( - FA18A64516CEE0C700132F66 /* Makefile.ng */, - FA407F2C0DB159F400271AF1 /* ng_ipaddr.c */, - FA407F2D0DB159F400271AF1 /* ng_ipaddr.h */, - ); - name = ipaddr; - sourceTree = ""; - }; - FAA3D2810F139D2E00B2447E /* ngIRCd.pmdoc */ = { - isa = PBXGroup; - children = ( - FAA3D2880F139D2E00B2447E /* Makefile.am */, - FAA3D2860F139D2E00B2447E /* index.xml */, - FAA3D2830F139D2E00B2447E /* 01ngircd.xml */, - FAA3D2820F139D2E00B2447E /* 01ngircd-contents.xml */, - FAA3D2850F139D2E00B2447E /* 02de.xml */, - FAA3D2840F139D2E00B2447E /* 02de-contents.xml */, - ); - path = ngIRCd.pmdoc; - sourceTree = ""; - }; -/* End PBXGroup section */ - -/* Begin PBXNativeTarget section */ - 8DD76FA90486AB0100D96B5E /* ngIRCd */ = { - isa = PBXNativeTarget; - buildConfigurationList = 1DEB928508733DD80010E9CD /* Build configuration list for PBXNativeTarget "ngIRCd" */; - buildPhases = ( - 8DD76FAB0486AB0100D96B5E /* Sources */, - 8DD76FAD0486AB0100D96B5E /* Frameworks */, - ); - buildRules = ( - ); - dependencies = ( - ); - name = ngIRCd; - productInstallPath = "$(HOME)/bin"; - productName = ngIRCd; - productReference = FA322BBA0CEF72E4001761B3 /* ngircd */; - productType = "com.apple.product-type.tool"; - }; -/* End PBXNativeTarget section */ - -/* Begin PBXProject section */ - 08FB7793FE84155DC02AAC07 /* Project object */ = { - isa = PBXProject; - attributes = { - LastUpgradeCheck = 1130; - ORGANIZATIONNAME = "ngIRCd Development Team"; - }; - buildConfigurationList = 1DEB928908733DD80010E9CD /* Build configuration list for PBXProject "ngIRCd" */; - compatibilityVersion = "Xcode 3.2"; - developmentRegion = en; - hasScannedForEncodings = 1; - knownRegions = ( - en, - Base, - ); - mainGroup = 08FB7794FE84155DC02AAC07 /* ngIRCd */; - projectDirPath = ""; - projectReferences = ( - { - ProductGroup = FA322D8F0CEF7523001761B3 /* Products */; - ProjectRef = FA322D8E0CEF7523001761B3 /* ngIRCd.xcodeproj */; - }, - ); - projectRoot = ""; - targets = ( - 8DD76FA90486AB0100D96B5E /* ngIRCd */, - ); - }; -/* End PBXProject section */ - -/* Begin PBXSourcesBuildPhase section */ - 8DD76FAB0486AB0100D96B5E /* Sources */ = { - isa = PBXSourcesBuildPhase; - buildActionMask = 2147483647; - files = ( - FA322D350CEF74B1001761B3 /* array.c in Sources */, - FA322D360CEF74B1001761B3 /* channel.c in Sources */, - FA322D370CEF74B1001761B3 /* client.c in Sources */, - FA322D380CEF74B1001761B3 /* conf.c in Sources */, - FA322D390CEF74B1001761B3 /* conn-func.c in Sources */, - FA322D3A0CEF74B1001761B3 /* conn-zip.c in Sources */, - FA322D3B0CEF74B1001761B3 /* conn.c in Sources */, - FA322D3C0CEF74B1001761B3 /* hash.c in Sources */, - FA322D3D0CEF74B1001761B3 /* io.c in Sources */, - FA322D3E0CEF74B1001761B3 /* irc-channel.c in Sources */, - FA322D3F0CEF74B1001761B3 /* irc-info.c in Sources */, - FA322D400CEF74B1001761B3 /* irc-login.c in Sources */, - FA322D410CEF74B1001761B3 /* irc-mode.c in Sources */, - FA322D420CEF74B1001761B3 /* irc-op.c in Sources */, - FA322D430CEF74B1001761B3 /* irc-oper.c in Sources */, - FA322D440CEF74B1001761B3 /* irc-server.c in Sources */, - FA322D450CEF74B1001761B3 /* irc-write.c in Sources */, - FA322D460CEF74B1001761B3 /* irc.c in Sources */, - FA322D470CEF74B1001761B3 /* lists.c in Sources */, - FA322D480CEF74B1001761B3 /* log.c in Sources */, - FA322D490CEF74B1001761B3 /* match.c in Sources */, - FA322D4A0CEF74B1001761B3 /* ngircd.c in Sources */, - FA322D4B0CEF74B1001761B3 /* parse.c in Sources */, - FA322D4D0CEF74B1001761B3 /* resolve.c in Sources */, - FA322DBE0CEF7766001761B3 /* tool.c in Sources */, - FAE5CC2E0CF2308A007D69B6 /* numeric.c in Sources */, - FA407F2E0DB159F400271AF1 /* ng_ipaddr.c in Sources */, - FAA3D27B0F139CDC00B2447E /* conn-ssl.c in Sources */, - FA85178C0FA061EC006A1F5A /* op.c in Sources */, - FA99428C10E82A27007F27ED /* proc.c in Sources */, - FA2D564A11EA158B00D37A35 /* pam.c in Sources */, - FAA97C57124A271400D5BBA9 /* sighandlers.c in Sources */, - FAACD5F514A6099C006ED74F /* class.c in Sources */, - FAD5853215271AAB00328741 /* client-cap.c in Sources */, - FAD5853515271AB800328741 /* irc-cap.c in Sources */, - FAD5853815272C2600328741 /* login.c in Sources */, - FA6BBC631605F0AC0004247A /* conn-encoding.c in Sources */, - FA6BBC641605F0AC0004247A /* irc-encoding.c in Sources */, - FA4F165A164836B100DBD011 /* irc-metadata.c in Sources */, - ); - runOnlyForDeploymentPostprocessing = 0; - }; -/* End PBXSourcesBuildPhase section */ - -/* Begin XCBuildConfiguration section */ - 1DEB928708733DD80010E9CD /* Default */ = { - isa = XCBuildConfiguration; - buildSettings = { - }; - name = Default; - }; - 1DEB928B08733DD80010E9CD /* Default */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_WARN_ASSIGN_ENUM = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_SEMICOLON_BEFORE_METHOD_BODY = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_IMPLICIT_CONVERSION = YES; - CLANG_WARN_UNREACHABLE_CODE = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_MISSING_FIELD_INITIALIZERS = YES; - GCC_WARN_ABOUT_MISSING_NEWLINE = YES; - GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_FOUR_CHARACTER_CONSTANTS = YES; - GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES; - GCC_WARN_PEDANTIC = YES; - GCC_WARN_SHADOW = YES; - GCC_WARN_SIGN_COMPARE = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_LABEL = YES; - GCC_WARN_UNUSED_PARAMETER = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - MACOSX_DEPLOYMENT_TARGET = 10.6; - PRODUCT_NAME = ngircd; - }; - name = Default; - }; - FAB0570C105D917F006AF9E2 /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - ALWAYS_SEARCH_USER_PATHS = NO; - CLANG_WARN_ASSIGN_ENUM = YES; - CLANG_WARN_COMMA = YES; - CLANG_WARN_DOCUMENTATION_COMMENTS = YES; - CLANG_WARN_EMPTY_BODY = YES; - CLANG_WARN_INFINITE_RECURSION = YES; - CLANG_WARN_SEMICOLON_BEFORE_METHOD_BODY = YES; - CLANG_WARN_STRICT_PROTOTYPES = YES; - CLANG_WARN_SUSPICIOUS_IMPLICIT_CONVERSION = YES; - CLANG_WARN_UNREACHABLE_CODE = YES; - GCC_WARN_64_TO_32_BIT_CONVERSION = YES; - GCC_WARN_ABOUT_MISSING_FIELD_INITIALIZERS = YES; - GCC_WARN_ABOUT_MISSING_NEWLINE = YES; - GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES; - GCC_WARN_ABOUT_RETURN_TYPE = YES; - GCC_WARN_FOUR_CHARACTER_CONSTANTS = YES; - GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES; - GCC_WARN_PEDANTIC = YES; - GCC_WARN_SHADOW = YES; - GCC_WARN_SIGN_COMPARE = YES; - GCC_WARN_UNINITIALIZED_AUTOS = YES; - GCC_WARN_UNUSED_FUNCTION = YES; - GCC_WARN_UNUSED_LABEL = YES; - GCC_WARN_UNUSED_PARAMETER = YES; - GCC_WARN_UNUSED_VARIABLE = YES; - MACOSX_DEPLOYMENT_TARGET = 10.6; - ONLY_ACTIVE_ARCH = YES; - PRODUCT_NAME = ngircd; - SDKROOT = ""; - STRIP_INSTALLED_PRODUCT = NO; - }; - name = Debug; - }; - FAB0570D105D917F006AF9E2 /* Debug */ = { - isa = XCBuildConfiguration; - buildSettings = { - }; - name = Debug; - }; -/* End XCBuildConfiguration section */ - -/* Begin XCConfigurationList section */ - 1DEB928508733DD80010E9CD /* Build configuration list for PBXNativeTarget "ngIRCd" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - 1DEB928708733DD80010E9CD /* Default */, - FAB0570D105D917F006AF9E2 /* Debug */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Default; - }; - 1DEB928908733DD80010E9CD /* Build configuration list for PBXProject "ngIRCd" */ = { - isa = XCConfigurationList; - buildConfigurations = ( - 1DEB928B08733DD80010E9CD /* Default */, - FAB0570C105D917F006AF9E2 /* Debug */, - ); - defaultConfigurationIsVisible = 0; - defaultConfigurationName = Default; - }; -/* End XCConfigurationList section */ - }; - rootObject = 08FB7793FE84155DC02AAC07 /* Project object */; -} diff --git a/contrib/MacOSX/postinstall.sh b/contrib/MacOSX/postinstall.sh deleted file mode 100755 index a12169e2..00000000 --- a/contrib/MacOSX/postinstall.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -# ngIRCd Mac OS X postinstall/postupgrade script - -LDPLIST="/Library/LaunchDaemons/de.barton.ngircd.plist" - -if [ ! -e /etc/ngircd ]; then - echo "Creating symlink: /opt/ngircd/etc -> /etc/ngircd" - ln -s /opt/ngircd/etc /etc/ngircd || exit 1 -else - echo "/etc/ngircd already exists. Don't create symlink." -fi - -if [ ! -e /opt/ngircd/etc/ngircd.conf ]; then - echo "Creating default configuration: /opt/ngircd/etc/ngircd.conf" - cp /opt/ngircd/share/doc/ngircd/sample-ngircd.conf \ - /opt/ngircd/etc/ngircd.conf || exit 1 -else - echo "/opt/ngircd/etc/ngircd.conf exists. Don't copy sample file." -fi -chmod o-rwx /opt/ngircd/etc/ngircd.conf - -if [ ! -e /opt/ngircd/etc/ngircd.pam ]; then - echo "Creating default PAM configuration: /opt/ngircd/etc/ngircd.pam" - echo "# PAM configuration for ngIRCd" >/opt/ngircd/etc/ngircd.pam - echo "" >>/opt/ngircd/etc/ngircd.pam - echo "auth required pam_permit.so" >>/opt/ngircd/etc/ngircd.pam - echo "#auth required pam_opendirectory.so" >>/opt/ngircd/etc/ngircd.pam -fi -chmod 644 /opt/ngircd/etc/ngircd.pam - -if [ ! -e /etc/pam.d/ngircd ]; then - echo "Linkint /opt/ngircd/etc/ngircd.pam to /etc/pam.d/ngircd" - ln -s /opt/ngircd/etc/ngircd.pam /etc/pam.d/ngircd || exit 1 -fi - -if [ -f "$LDPLIST" ]; then - echo "Fixing ownership and permissions of LaunchDaemon script ..." - chown root:wheel "$LDPLIST" || exit 1 - chmod 644 "$LDPLIST" || exit 1 -fi - -if [ -f /tmp/ngircd_needs_restart ]; then - echo "ngIRCd should be (re-)started ..." - if [ -r "$LDPLIST" ]; then - echo "LaunchDaemon script found, starting daemon ..." - launchctl load -w "$LDPLIST" || exit 1 - echo "OK, LaunchDaemon script loaded successfully." - else - echo "LaunchDaemon script not installed. Can't start daemon." - fi -else - echo "Not loading LaunchDaemon script." -fi -rm -f /tmp/ngircd_needs_restart - -# -eof- diff --git a/contrib/MacOSX/preinstall.sh b/contrib/MacOSX/preinstall.sh deleted file mode 100755 index 0e13bacf..00000000 --- a/contrib/MacOSX/preinstall.sh +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -# ngIRCd Mac OS X preinstall/preupgrade script - -LDPLIST="/Library/LaunchDaemons/de.barton.ngircd.plist" - -rm -f /tmp/ngircd_needs_restart || exit 1 -if [ -r "$LDPLIST" ]; then - echo "LaunchDaemon script found, checking status ..." - launchctl list | fgrep "de.barton.ngIRCd" >/dev/null 2>&1 - if [ $? -eq 0 ]; then - # ngIRCd is already running; stop it and touch a - # "stamp file" so that we know that we have to - # restart it after installation/upgrade. - echo "ngIRCd is already running; stop it ..." - launchctl unload "$LDPLIST" || exit 1 - echo "Daemon has been stopped." - touch /tmp/ngircd_needs_restart || exit 1 - else - echo "ngIRCd is not running." - fi -else - echo "LaunchDaemon script not found." -fi - -# -eof- diff --git a/contrib/Makefile.am b/contrib/Makefile.am index cb651959..cd2eb05e 100644 --- a/contrib/Makefile.am +++ b/contrib/Makefile.am @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2020 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -9,11 +9,15 @@ # Please read the file COPYING, README and AUTHORS for more information. # -SUBDIRS = Debian MacOSX +SUBDIRS = Debian -EXTRA_DIST = README \ +EXTRA_DIST = README.md \ + de.barton.ngircd.metainfo.xml \ + de.barton.ngircd.plist \ + Dockerfile \ ngindent.sh \ ngircd-bsd.sh \ + ngircd-fail2ban.conf \ ngIRCd-Logo.gif \ ngircd-redhat.init \ ngircd.logcheck \ diff --git a/contrib/README b/contrib/README deleted file mode 100644 index 2eb137b4..00000000 --- a/contrib/README +++ /dev/null @@ -1,46 +0,0 @@ - - ngIRCd - Next Generation IRC Server - http://ngircd.barton.de/ - - (c)2001-2020 Alexander Barton and Contributors. - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- Contributions -- - - -Debian/ - - Various files for building Debian GNU/Linux packages (".deb's"). - - ngircd.init; ngircd.default: init script for Debian-based systems. - - ngircd.pam: example PAM configuration. - -MacOSX/ - - Project files for XCode, the "project builder" of Apple Mac OS X. - - de.barton.ngircd.plist[.tmpl]: launchd(8) property list. - -ngindent.sh - - Script to indent the code of ngIRCd in the "standard way". - -ngircd-bsd.sh - - Start script for FreeBSD. - -ngircd-redhat.init - - Start/stop script for RedHat-based distributions (like CentOS). - -ngircd.logcheck - - Sample rules for logcheck(8) to ignore "normal" log messages of ngIRCd. - -ngircd.service - - systemd(8) service unit configuration file. - -ngircd.socket - - systemd(8) socket unit configuration file for "socket activation". - -ngircd.spec - - RPM "spec" file. - -nglog.sh - - Colorizes the log messages of ngircd(8) accoring to their log level. - -platformtest.sh - - Build ngIRCd and output a "result line" suitable for doc/Platforms.txt. diff --git a/contrib/README.md b/contrib/README.md new file mode 100644 index 00000000..5ab57690 --- /dev/null +++ b/contrib/README.md @@ -0,0 +1,40 @@ +# [ngIRCd](https://ngircd.barton.de) - Supplemental Files + +This `contrib/` directory contains the following sub-folders and files: + +- `Debian/` folder: This subfolder contains the _rules_ file and additional + assets for building Debian packages. + +- `de.barton.ngircd.metainfo.xml`: AppStream metadata file. + +- `de.barton.ngircd.plist[.tmpl]`: launchd(8) property list file. + +- `Dockerfile`: Container definition file, for Docker or Podman for example. + More information can be found in the `doc/Container.md` file. + +- `ngindent.sh`: Script to indent the code of ngIRCd in the "standard way". + +- `ngircd-bsd.sh`: Start/stop script for FreeBSD. + +- `ngircd-fail2ban.conf`: fail2ban(1) filter configuration for ngIRCd. + +- `ngircd-redhat.init`: Start/stop script for old(er) RedHat-based + distributions (like CentOS and Fedora), which did _not_ use systemd(8). + +- `ngIRCd-Logo.gif`: The ngIRCd logo as GIF file. + +- `ngircd.logcheck`: Sample rules for logcheck(8) to ignore "normal" log + messages of ngIRCd. + +- `ngircd.service`: systemd(8) service unit configuration file. + +- `ngircd.socket`: systemd(8) socket unit configuration file for "socket + activation". + +- `ngircd.spec`: RPM "spec" file. + +- `nglog.sh`: Script for colorizing the log messages of ngircd(8) according to + their log level. Example: `./src/ngircd/ngircd -n | ./contrib/nglog.sh`. + +- `platformtest.sh`: Build ngIRCd and output a "result line" suitable for + the `doc/Platforms.txt` file. diff --git a/contrib/de.barton.ngircd.metainfo.xml b/contrib/de.barton.ngircd.metainfo.xml new file mode 100644 index 00000000..d06e3788 --- /dev/null +++ b/contrib/de.barton.ngircd.metainfo.xml @@ -0,0 +1,129 @@ + + + de.barton.ngircd + ngIRCd + Lightweight Internet Relay Chat server + MIT + GPL-2.0-or-later + Alexander Barton and Contributors + alex@barton.de + +

ngIRCd is a free, portable and lightweight Internet Relay Chat server for small or private networks, developed under the GNU General Public License (GPL).

+

The server is quite easy to configure and runs as a single-node server or can be part of a network of ngIRCd servers in a LAN or across the internet. It optionally supports the IPv6 protocol, SSL/TLS-protected client-server and server-server links, the Pluggable Authentication Modules (PAM) system for user authentication, IDENT requests, and character set conversion for legacy clients.

+

The name ngIRCd stands for next-generation IRC daemon, which is a little bit exaggerated: lightweight Internet Relay Chat server most probably would have been a better name :-)

+ + https://ngircd.barton.de/common/ngircd-300x300.png + + Network + + https://ngircd.barton.de + https://ngircd.barton.de/bugtracker + https://ngircd.barton.de/support + + ngircd + + ngircd + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/contrib/de.barton.ngircd.plist b/contrib/de.barton.ngircd.plist new file mode 100644 index 00000000..38754b5c --- /dev/null +++ b/contrib/de.barton.ngircd.plist @@ -0,0 +1,23 @@ + + + + + Disabled + + KeepAlive + + Label + de.barton.ngIRCd + ProgramArguments + + /opt/ngircd/sbin/ngircd + --nodaemon + + RunAtLoad + + StandardErrorPath + /Library/Logs/ngIRCd.log + StandardOutPath + /Library/Logs/ngIRCd.log + + diff --git a/contrib/ngircd-fail2ban.conf b/contrib/ngircd-fail2ban.conf new file mode 100644 index 00000000..c9903e0c --- /dev/null +++ b/contrib/ngircd-fail2ban.conf @@ -0,0 +1,25 @@ +# Fail2ban filter for ngIRCd +# +# Put into /etc/fail2ban/filter.d/ngircd.conf and enable in your jail.local +# configuration like this: +# +# [ngircd] +# enabled = true +# backend = systemd +# + +[INCLUDES] + +before = common.conf + +[DEFAULT] + +_daemon = ngircd + +[Definition] + +failregex = ^%(__prefix_line)sRefused connection from on socket \d+: + +[Init] + +journalmatch = _SYSTEMD_UNIT=ngircd.service + _COMM=ngircd diff --git a/contrib/ngircd.logcheck b/contrib/ngircd.logcheck index 2a749f37..598ed177 100644 --- a/contrib/ngircd.logcheck +++ b/contrib/ngircd.logcheck @@ -1,61 +1,54 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: ".*" added ".*" to G-Line list: ".*" \([0-9]+ seconds\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: (GnuTLS|OpenSSL) .* initialized\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Accepted connection [0-9]+ from ".*:[0-9]+" on socket [0-9]+\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't resolve address ".*": Name or service not known \[.*\]\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't resolve ".*": host not found$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't resolve ".*": Name or service not known$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't resolve ".*": No address associated with hostname$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Can't connect\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Client closed connection\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Got QUIT command\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Read error\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): SSL accept error, closing socket\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client ".*" unregistered (connection [0-9]+): Timeout\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Timeout\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client unregistered \(connection [0-9]+\): Write error\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+: initialized SSL3\.0 using cipher .*\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+: initialized TLS1\.[012] using cipher .*\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+: initialized TLSv1\.[012] using cipher .*\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+: initialized TLSv1 using cipher .*\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Address mismatch: +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't create pre-defined channel ".*": name already in use\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Can't resolve( address)? ".*": (Name or service not known|No address associated with hostname|Temporary failure in name resolution)( \[.*\]\.)?$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Client( ".*")? unregistered \(connection [0-9]+\): (Can't connect|Client closed connection|Got QUIT command|Read error|Server configuration already in use|SSL accept error, closing socket|Timeout|Write error)\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+ \(socket [0-9]+\) with ".*:[0-9]+" established\. Now logging in \.\.\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+ with ".*:[0-9]+" closed \(in: .*, out: .*\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Connection [0-9]+: initialized TLSv?1\.[0123] using cipher .*\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Created pre-defined channel ".*", mode ".*" \((channel key set|no channel key), user limit [0-9]+\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Deleted ".*" \(".*"\) from G-Line list \(expired\)\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Enabled link compression \(zlib\) on connection [0-9]+\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Establishing connection for ".*" to ".*:[0-9]+" \(.*\), socket [0-9]+ \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: IDENT lookup for connection [0-9]+: ".*"\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: IDENT lookup for connection [0-9]+: no result\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: File descriptor limit is [0-9]+; "MaxConnections" is (not set|set to [0-9]+)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Got (valid server|unchecked peer) certificate: .*\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Got signal "(Hangup|Terminated)" \.\.\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Got valid OPER for ".*" from ".*", user is an IRC operator now\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: IDENT lookup for connection [0-9]+: (no result|".*")\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: IO subsystem: epoll \(hint size 100, initial maxfd 100, masterfd [0-9]+\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Not running with changed root directory\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Now listening on .*:[0-9]+ \(socket [0-9]+\)\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: OpenSSL .* initialized\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Possible forgery: .* resolved to ".*", which has no IP address!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Peer did not present a certificate\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Peer on connection [0-9]+ announces itself as .* using protocol .* \(flags: ".*"\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Possible forgery: .* resolved to ".*", which (has no IP address|points to a different address)!$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Preparing to establish a new server link for ".*" \.\.\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Re-reading configuration NOW!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Re-reading of configuration done\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Read error on connection [0-9]+ \(socket [0-9]+\): Connection reset by peer!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Running as user .*, group .*, with PID [0-9]+\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL connection on socket [0-9]+ failed!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error, client disconnected \[in .*\(\)\]!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: (Connection reset by peer|Broken pipe) \[in .*\]!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL protocol error: (ConnSSL_Read|ConnSSL_Write|SSL_accept) \(.*\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" \(on ".*"\) ready\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" registered \(connection [0-9]+, 1 hop - direct link\)\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" registered \(via .*, connected to .*, [0-9]+ hops\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" unregistered \(connection [0-9]+\): Ping timeout: [0-9]+ seconds\. +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" unregistered( \(connection [0-9]+\))?: .* \(Server going down\)\. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" unregistered: .* .*\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server ".*" unregistered: ".*" \(SQUIT from .*\)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server \".*\" \(on ".*"\) ready\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Server going down NOW!$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down all listening sockets \([0-9]+ total\) \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Can't connect\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Client closed connection\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Got QUIT command\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Ping timeout: [0-9]+ seconds\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Read error\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Server going down\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(SSL accept error, closing socket\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Timeout\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Write error\) with ".*:[0-9]+" \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL connection [0-9]+ shutting down \.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL connection [0-9]+ with ".*:[0-9]+" established\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL connection on socket [0-9]+ failed!$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: A TLS packet with unexpected length was received\. \[ConnSSL_Read\]\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: A TLS packet with unexpected length was received\. \[gnutls_handshake\]\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: Broken pipe \[in ConnSSL_Write\(\)\]!$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: Connection reset by peer \[in ConnSSL_Read\(\)\]!$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL error: Connection reset by peer \[in SSL_connect\(\)\]!$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: SSL protocol error: SSL_accept \(.*\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Shutting down connection [0-9]+ \(Can't connect|Client closed connection|Closing connection: .* \(Server going down\)|Got QUIT command|ID ".*" already registered|Ping timeout: [0-9]+ seconds|Read error|SSL accept error, closing socket|Server configuration already in use|Server going down|Timeout|Write error|".*" \((G-Line|SQUIT from .*)\)\) with ".*:[0-9]+" \.\.\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Synchronization with ".*" done \(connection [0-9]+\): [0-9]+ seconds? \[[0-9]+ users, [0-9]+ channels\]\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" changed nick \(connection [0-9]+\): ".*" -> ".*"\.$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" registered \(connection [0-9]+\)\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): Client closed connection\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): Got QUIT command\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): Ping timeout: [0-9]+ seconds\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): Read error\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): Server going down\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: User ".*!.*@.*" unregistered \(connection [0-9]+\): (Client closed connection|Got QUIT command|Ping timeout: [0-9]+ seconds|Read error|Server going down)\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Using (default|specified) configuration file ".*" \.\.\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Write error on connection [0-9]+ \(socket [0-9]+\): (Broken pipe|Connection reset by peer)!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: ngIRCd [0-9].* starting \.\.\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: ngIRCd done, served [0-9]+ connections?\.$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: warning: /etc/hosts\.allow, line [0-9]+: (can't verify hostname|host name/address mismatch): getaddrinfo\(.*, AF_INET\) failed$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: warning: can't get client address: Connection reset by peer$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: warning: /etc/hosts\.allow, line [0-9]+: can't verify hostname: getaddrinfo\(.*, AF_INET\) failed$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Write error on connection [0-9]+ \(socket [0-9]+\): Broken pipe!$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ngircd\[[0-9]+\]: Write error on connection [0-9]+ \(socket [0-9]+\): Connection reset by peer!$ diff --git a/contrib/ngircd.service b/contrib/ngircd.service index e4c30e25..311bc0d8 100644 --- a/contrib/ngircd.service +++ b/contrib/ngircd.service @@ -6,12 +6,12 @@ Description=Next Generation IRC Daemon Documentation=man:ngircd(8) man:ngircd.conf(5) https://ngircd.barton.de After=network.target Wants=anope.service atheme.service irc-services.service -Wants=bopm.service +Wants=bopm.service hopm.service Before=anope.service atheme.service irc-services.service -Before=bopm.service +Before=bopm.service hopm.service [Service] -Type=forking +Type=notify User=irc Group=irc # Settings & limits: @@ -29,14 +29,19 @@ RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX RestrictRealtime=yes RuntimeDirectory=ircd RuntimeDirectoryMode=750 +StandardError=journal +StandardOutput=journal # Try to load "default files" from any Debian package variant to keep this # unit generic. EnvironmentFile=-/etc/default/ngircd EnvironmentFile=-/etc/default/ngircd-full EnvironmentFile=-/etc/default/ngircd-full-dbg # Start ngIRCd. Note: systemd doesn't allow to use $DAEMON here! -ExecStart=/usr/sbin/ngircd $PARAMS +ExecStart=/usr/sbin/ngircd --nodaemon --syslog $PARAMS ExecReload=/bin/kill -HUP $MAINPID +# Error handling: +# ngIRCd tries to "ping" the service manager every 3 seconds. +WatchdogSec=10 Restart=on-failure [Install] diff --git a/contrib/ngircd.spec b/contrib/ngircd.spec index be766783..3d4eefc7 100644 --- a/contrib/ngircd.spec +++ b/contrib/ngircd.spec @@ -1,5 +1,5 @@ %define name ngircd -%define version 25 +%define version 27 %define release 1 %define prefix %{_prefix} @@ -15,19 +15,15 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: zlib-devel, openssl-devel %description -This package provides ngIRCd, a portable and lightweight Internet Relay -Chat server for small or private networks, developed under the GNU -General Public License (GPL). It is simple to configure, can cope with -dynamic IP addresses, and supports IPv6 as well as SSL. It is written -from scratch and not based on the original IRCd. - -Advantages: - - well arranged (lean) configuration file - - simple to build/install, configure and maintain - - supports IPv6 and SSL - - no problems with servers that have dynamic IP addresses - - freely available, modern, portable and tidy C-source - - ngIRCd is being actively developed since 2001 +ngIRCd is a free, portable and lightweight Internet Relay Chat server for small +or private networks, developed under the GNU General Public License (GPL). + +The server is quite easy to configure, can handle dynamic IP addresses, and +optionally supports IDENT, IPv6 connections, SSL-protected links, and PAM for +user authentication as well as character set conversion for legacy clients. The +server has been written from scratch and is not based on the forefather, the +daemon of IRCNet. + %prep %setup -q @@ -54,7 +50,7 @@ make %{?_smp_mflags} %files %defattr(755,root,root) -%doc AUTHORS COPYING ChangeLog INSTALL NEWS README doc/* +%doc AUTHORS.md COPYING ChangeLog INSTALL.md NEWS README.md doc/* %config(noreplace) /etc %{_prefix}/sbin %{_mandir}/man5/ngircd.conf* diff --git a/contrib/nglog.sh b/contrib/nglog.sh index c96f993a..cb4eb3e9 100755 --- a/contrib/nglog.sh +++ b/contrib/nglog.sh @@ -1,7 +1,7 @@ -#!/bin/sh +#!/bin/bash # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2019 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2020 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -10,11 +10,11 @@ # Please read the file COPYING, README and AUTHORS for more information. # # This script parses the log output of ngircd(8), and colorizes the messages -# accoring to their log level. Example usage: +# according to their log level. Example usage: # ./src/ngircd/ngircd -f $PWD/doc/sample-ngircd.conf -np | ./contrib/nglog.sh # -awk ' +gawk ' /^\[[[:digit:]]+:0 / {print "\033[1;95m" $0 "\033[0m"} /^\[[[:digit:]]+:1 / {print "\033[1;35m" $0 "\033[0m"} /^\[[[:digit:]]+:2 / {print "\033[1;91m" $0 "\033[0m"} @@ -23,4 +23,6 @@ awk ' /^\[[[:digit:]]+:5 / {print "\033[1m" $0 "\033[0m"} /^\[[[:digit:]]+:6 / {print $0} /^\[[[:digit:]]+:7 / {print "\033[90m" $0 "\033[0m"} -' +' . +# to the ngIRCd mailing list: . NAME=$(basename "$0") VERBOSE= @@ -174,8 +174,7 @@ if [ -r "Makefile" ]; then if [ $? -eq 0 ]; then COMPILER=$($CC --version 2>/dev/null | head -1 \ | cut -d'(' -f1 | cut -d'-' -f1 \ - | sed -e 's/version //g' | sed -e 's/Apple /A-/g' \ - | sed -e 's/Debian //g' | sed -e 's/LLVM /clang /g') + | sed -e 's/version //g; s/^\([A-Z]\)[A-Za-z]* clang/\1-clang/g; s/LLVM /clang /g') fi $CC -version 2>&1 | grep -i "tcc" >/dev/null if [ $? -eq 0 ]; then diff --git a/doc/Commands.txt b/doc/Commands.txt index 0accc5c2..0ca8703c 100644 --- a/doc/Commands.txt +++ b/doc/Commands.txt @@ -874,6 +874,10 @@ Server Protocol Commands CHANINFO is used by servers to inform each other about a channel: its modes, channel key, user limits and its topic. . + Note: even when don't include "k" (key) or "l" (limit), both + parameters must be given when used; use "*" for "no key" and 0 for + "no limit" for the unused parameter in this case. + . The CHANINFO command is allowed on server-links only. References: diff --git a/doc/Container.md b/doc/Container.md new file mode 100644 index 00000000..b50f2e9f --- /dev/null +++ b/doc/Container.md @@ -0,0 +1,83 @@ +# [ngIRCd](https://ngircd.barton.de) - Container How-To + +The ngIRCd daemon can be run as a containerized application, for example using +Docker or Podman (the latter being preferred and used in the examples below). +The container definition file, also known as "Docker file", is bundled with this +distribution as `contrib/Dockerfile` and based on the official "stable-slim" +container of the Debian project (see https://hub.docker.com/_/debian). + +## Building the container + +You can use the following command to build the ngIRCd container image: + +```bash +podman build --format=docker -f contrib/Dockerfile . +``` + +The `Dockerfile` includes a `HEALTHCHECK` directive, which is not supported by +the default OCI 1.0 image format, therefore we use the "docker" format here. + +If you are using Git, you can tag the built image like this (use the ID of the +newly built image!): + +```bash +tag=$(git describe --tags | sed 's/rel-//g') +podman tag "ngircd:${tag}" +``` + +## Running the container + +You can use this command to run the ngIRCd container using Podman, for example: + +```bash +podman run --name=ngircd --detach \ + -p 127.0.0.1:6667:6667 \ + ngircd: +``` + +This creates and starts a new container named "ngircd" from the image +"ngircd:" (you habe to substitute __ with the real tag name here!) and +maps the host port 6667 on localhost to the port 6667 inside of the container. + +### Configuring the container + +The ngIRCd inside of the container is installed inside of `/opt/ngircd/` and the +default drop-in directory is `/opt/ngircd/etc/ngircd.conf.d`. Therefore you can +map a host folder to this drop-in directory inside of the container and place +drop-in configuration file(s) in the host path like this: + +```bash +mkdir -p /host/path/to/ngircd/conf.d +touch /host/path/to/ngircd/conf.d/my.conf +podman run --name=ngircd --detach \ + -p 127.0.0.1:6667:6667 \ + -v "/host/path/to/ngircd/conf.d:/opt/ngircd/etc/ngircd.conf.d" \ + ngircd: +``` + +### Testing the configuration + +As with the native daemon, it is a very good idea to validate the configuration +of the daemon after making changes. + +With Docker and Podman, you can pass arguments to the `ngircd` binary inside of +the container by simply appending it to the "run" command line like this: + +```bash +podman run --rm -it \ + -v "/host/path/to/ngircd/conf.d:/opt/ngircd/etc/ngircd.conf.d" \ + ngircd: \ + --configtest +``` + +### Reloading the daemon configuration in a running container + +To activate changed configuration of ngIRCd, you can either restart the +container (which will disconnect all currently connected clients) or signal +`ngircd`(8) inside of the running container to reload its configuration file(s). + +The latter can be done with this command, for example: + +```bash +podman exec -it ngircd /bin/bash -c 'kill -HUP $(/usr/bin/pidof -s ngircd)' +``` diff --git a/doc/FAQ.md b/doc/FAQ.md new file mode 100644 index 00000000..2a0ae1dc --- /dev/null +++ b/doc/FAQ.md @@ -0,0 +1,176 @@ +# [ngIRCd](https://ngircd.barton.de) - FAQ, Tips & Tricks + +# General + +## Is it possible to link ngIRCd with other non-ngIRCd servers? + +Yes and no. Back in the beginning (2001, 2002, ...) the server-server protocol +used by ngIRCd was compatible to the original ircd used by IRCNet at that time, +version 2.10.3p3. And most probably this is still the case today, although not +actively tested for a long time. + +Please note that newer ircd versions (2.11.x) are *not* compatible any more! + +And other server-server protocols were never supported. + +## Is there a homepage with further information and downloads? + +Yes. Please visit https://ngircd.barton.de :-) + +## Why should I use ngIRCd instead of the original one? + +The `README.md` file and the [homepage](https://ngircd.barton.de) list a few +advantages of ngIRCd: + +- Well arranged (lean) configuration file. +- Simple to build, install, configure, and maintain. +- Supports IPv6 and SSL. +- Can use PAM for user authentication. +- Lots of popular user and channel modes are implemented. +- Supports "cloaking" of users. +- No problems with servers that have dynamic IP addresses. +- Freely available, modern, portable and tidy C source. +- Wide field of supported platforms, including AIX, A/UX, FreeBSD, HP-UX, + IRIX, Linux, macOS, NetBSD, OpenBSD, Solaris and Windows with WSL or Cygwin. + +# Building and Compilation + +## The `./configure` script is missing in the source directory!? + +When using sources checked out via *Git*, the `configure` script as well as the +`Makefile.in` templates must be generated using the GNU *automake*, *autoconf* +and *pkg-config* tools. To simplify this task run the `./autogen.sh` script +which will execute the required commands for you; then continue with executing +the `./configure` script as usual. + +Please see the `INSTALL.md` file for details! + +## Error message `aclocal: command not found` + +GNU *automake* is missing on your system but required for building Git versions +of ngIRCd. Install GNU automake 1.6 or later and try again. + +## Error message `autoheader: command not found`? + +GNU *autoconf* is missing on your system but required for building Git versions +of ngIRCd. Install GNU autoconf 2.52 or later and try again. + +## Error message `automake: configure.in: AM_INIT_AUTOMAKE must be used`? + +Most probably you are using version 1.5 of GNU automake which seems to be +incompatible to the build system of ngIRCd. Solution: upgrade to at least +version 1.6 of GNU automake. + +(If you are using Debian 3.0 "Woody" you can try to downgrade to version 1.4 of +GNU automake shipped with this distribution; it should work, too.) + +# Troubleshooting ngIRCd Runtime Issues + +Always start with: + +1. Make sure that ngIRCd parsed its configuration file as it was intended! + Run `ngircd --configest` and double-check its output! + +2. Check the logs of your system, especially the entries generated by ngIRCd! + Where you can find the log messages depends on your system and your setup: + it can be plain text files in `/var/log/` (syslog) or the systemd journal + database, for example. + +3. Ensure that the daemon started up successfully, is actually running and did + not stop/crash in the meantime. You can check this with your service + manager (like `systemctl status ngircd` on Linux systems using systemd) or + using `pgrep -l ngircd` to check for "ngircd" processes. If ngIRCd is not + running, try to restart the service and check the service status and the + logs (syslog, systemd journal) again! + +## Where is the log file stored? + +See introduction to this section above :-) + +## "Connection refused" errors + +1. Is the daemon really running? See introduction to this section above! + +2. Does ngIRCd listen on the correct interface(s) and port(s)? On Linux, you + can check this with `sudo ss -ltnp|awk '/ngircd/{print $4}`, for example. + Check your `Listen` and `Ports` settings in the `[Global]` (and `[SSL]`) + sections and the startup messages of the daemon, especially the lines + stating "Now listening on xxx:yyy (socket zzz)"! + +3. Are you able to connect to the ngIRCd service locally from the system the + daemon runs on? Test all the interface IP addresses you expect ngIRCd to + listen on, for example with a regular IRC client or tools like `telnet` or + `nc` ("net cat"): `telnet localhost 6667`, `nc 192.168.1.2 6667`, ... + + If all the above works as expected, the issue most probably is not with + ngIRCd or its configuration but the network layer. + +4. Are the port(s) ngIRCd listens on open and not blocked by a firewall? Check + the logs of your firewall solution (on the server itself and all firewalls + "in front of it") and use tools like `tcpdump` to check the network layer! + +## Issues related to running ngIRCd inside of a `chroot` environment + +**I cannot connect to remote peers when I use the chroot option, the following +is logged: `Can't resolve example.com: unknown error!`** + +See next question blow ... + +**When running ngIRCd inside a chroot, no IP addresses can be translated in DNS +names, errors like "Name or service not known" are logged!** + +On Linux/glibc with chroot enabled you need to put some libraries inside +the chroot as well, notably `libnss_dns`; maybe others. Unfortunately, even +linking ngIRCd statically does not help this. So you can either copy +all the required files into the chroot directory: + +``` bash +mkdir -p ./chroot/etc ./chroot/lib +cp -a /etc/hosts /etc/resolv.conf /etc/nsswitch.conf ./chroot/etc/ +cp -a /lib/libresolv* /lib/libnss_* ./chroot/lib/ +``` + +Or you can try to link ngIRCd against an other C library (like dietlibc) that do +not depend on NSS modules and these files. + +# IRC Features + +## I have added an `[Oper]` section, but how do I log in as an IRC operator? + +You can use the `/OPER ` command in your IRC client to become +an IRC operator as defined in an `[Oper]` block in your configuration file. + +ngIRCd will also log all OPER requests (using syslog), and if an OPER command +fails you can look there to determine why it did not work (bad password, +unauthorized host mask, ...). + +Please keep in mind that the "name" in the `/OPER` command is *not* related to +your nick name at all! + +## I am an IRC operator, but MODE doesn't work! + +By default, IRC operators are still not allowed to use `/MODE` globally. + +If you set `OperCanUseMode = yes` in your configuration, then IRC operators can +use the `/MODE` command for changing modes even when they are not joined to the +specific channel. + +## How can I "auto-op" users in channels? + +ngIRCd can't do this: you would have to use some "IRC Services", like +[Atheme](http://atheme.net/atheme.html) or [Anope](http://www.anope.org). + +See `doc/Services.txt` for setup instructions. + +# Bugs!? + +## Is there a list of known bugs and desired feature enhancements? + +Yes. Have a look at the bug tracking system (GitHub issues) for ngIRCd located +at . There you can file bug reports and +feature requests as well as search the bug database. + +## What should I do if I found a bug? + +Please file a bug report at ! +The authors will be notified automagically :-) diff --git a/doc/FAQ.txt b/doc/FAQ.txt deleted file mode 100644 index 3856ae09..00000000 --- a/doc/FAQ.txt +++ /dev/null @@ -1,109 +0,0 @@ - - ngIRCd - Next Generation IRC Server - - (c)2001-2010 by Alexander Barton, - alex@barton.de, http://www.barton.de/ - - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- FAQ: Frequently Asked Questions -- - - -I. General -~~~~~~~~~~ - -Q: Is it possible to link the ngIRCd with non-ngIRCd servers? -A: Yes. ngIRCd is compatible to the original ircd used by IRCNet. Actually - this is being tested with version 2.10.3p3. Please note that newer - versions (2.11.x) aren't compatible any more! - -Q: Is there a homepage with further information and downloads? -A: Yes. Please visit . - -Q: Why should I use ngIRCd instead of the original one? -A: ngIRCd offers several benefits: no problems with dynamic IPs, easy to - configure, open source (GPL), under active development. - - -II. Compilation -~~~~~~~~~~~~~~~ - -Q: I did a "CVS checkout" but can't execute ./configure because the script - is missing in the generated directory!? -A: When using development versions via CVS, the configure script as well as - the Makefile.in templates must be generated using GNU automake and GNU - autoconf. To simplify this task run the ./autogen.sh script which will - execute the required tools for you; then continue with executing the - ./configure script as usual. - -Q: The ./autogen.sh script complains "aclocal: command not found". -A: GNU automake is missing on your system but required for building CVS - versions of ngIRCd. Install GNU automake 1.6 or later and try again. - -Q: The ./autogen.sh script stops with "autoheader: command not found". -A: GNU autoconf is missing on your system but required for building CVS - versions of ngIRCd. Install GNU autoconf 2.52 or later and try again. - -Q: The ./autogen.sh script fails and the message "automake: configure.in: - AM_INIT_AUTOMAKE must be used" is displayed. -A: Most probably you are using version 1.5 of GNU automake which seems to be - incompatible to the build system of ngIRCd. Solution: upgrade to at least - version 1.6 of GNU automake. - (If you are using Debian 3.0 "Woody" you can try to downgrade to version - 1.4 of GNU automake shipped with this distribution; it should work, too.) - - -III. Runtime -~~~~~~~~~~~~ - -Q: Where is the log file located? -A: ngIRCd does not write its own log file. Instead, ngIRCd uses syslog(3). - Check the files in /var/log/ and/or consult the documentation for your - system logger daemon. - -Q: I cannot connect to remote peers when I use the chroot option, the - following is logged: "Can't resolve example.com: unknown error!". -A: see next question blow ... - -Q: When running ngIRCd inside a chroot, no IP addresses can be translated - in DNS names, errors like "Name or service not known" are logged. -A: On Linux/glibc with chroot enabled you need to put some libraries inside - the chroot as well, notably libnss_dns; maybe others. Unfortunately, even - linking ngIRCd statically does not help this. So you can either copy - all the required files into the chroot directory: - $ mkdir -p ./chroot/etc ./chroot/lib - $ cp -a /etc/hosts /etc/resolv.conf /etc/nsswitch.conf ./chroot/etc/ - $ cp -a /lib/libresolv* /lib/libnss_* ./chroot/lib/ - Or you can try to link ngIRCd against an other C library (like dietlibc) - that doesn't depend on NSS modules and/or these files. - -Q: I have added an [Oper] section, how do i log on as IRC operator? -A: You can use the /OPER command in your IRC client to become an IRC operator. - ngIRCd will also log all OPER requests (using syslog), if OPER fails you - can look there to determine why it did not work (bad password, unauthorized - host mask, etc.) - -Q: I am an IRC operator, but MODE doesn't work! -A: You need to set 'OperCanUseMode = yes' in ngircd.conf, then IRC operators - can use the MODE command for changing modes even when they are not joined - to the specific channel. - -Q: How can I "auto-op" users in channels? -A: ngIRCd can't do this: you would have to use some "IRC Services", like - Atheme () or Anope (). - See "doc/Services.txt" for setup instructions. - - -IV. Bugs!? -~~~~~~~~~~ - -Q: Is there a list of known bugs and desired feature enhancements? -A: Yes. Have a look at the bug tracking system (GitHub issues) for ngIRCd located - at . There you can file bug - reports and feature requests as well as search the bug database. - -Q: What should I do if I found a bug? -A: Please file a bug report at ! - The author will be notified automagically :-) - diff --git a/doc/HowToRelease.txt b/doc/HowToRelease.txt index 81eae40d..35514230 100644 --- a/doc/HowToRelease.txt +++ b/doc/HowToRelease.txt @@ -2,7 +2,7 @@ ngIRCd - Next Generation IRC Server http://ngircd.barton.de/ - (c)2001-2020 Alexander Barton and Contributors. + (c)2001-2024 Alexander Barton and Contributors. ngIRCd is free software and published under the terms of the GNU General Public License. @@ -35,19 +35,28 @@ up-to-date (e.g. using ./autogen.sh) before generating the archives! II. How to prepare a new ngIRCd release? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -a) Make sure the source tree is in a releasable state ;-) - - is the AUTHORS file up to date? - -b) Make sure you have working versions of GNU autoconf and GNU automake +a) Make sure you have working versions of GNU autoconf and GNU automake installed on the system you use for generating the release: - as of October 2010 we are using GNU autoconf 2.67 and GNU automake 1.11.1 + as of May 2020 we are using GNU autoconf 2.69 and GNU automake 1.11.6 which seem to work just fine. + NOTE: new releases of GNU automake DO NOT work, as they lack support for + the "ansi2knr" wrapper and "de-ANSI-fication" support! + +b) Make sure the source tree is in a releasable state ;-) + - Are all branches & patches merged? Check GitHub issues, pull requests + and milestones! + - Run as many tests as you can! + - Is the AUTHORS.md file up to date? This command may be helpful: + "( grep '>$' AUTHORS.md; git shortlog -se|cut -c8-|sed 's/^/- /' ) \ + | grep -Ev '(alex@barton.de|fw@strlen.de)' \ + | LC_ALL=de_DE.UTF-8 sort -u" c) Update the files describing the new release: - ChangeLog - NEWS d) Update the version numbers in the following files: + - contrib/de.barton.ngircd.metainfo.xml - contrib/ngircd.spec e) Generate a new Debian change log entry in the following file, e.g. using @@ -65,8 +74,8 @@ h) Run "./autogen.sh" to update the ./configure script with the correct i) Run "./configure" to rebuild all generated Makefiles. -j) Run "make distcheck" (and "make dist-tarZ dist-xz") to generate all of the - distribution archives. +j) Run "make distcheck" (and "make dist-tarZ && make dist-xz") to generate all + of the distribution archives. k) Sign the distribution archive(s) using GnuPG: "gpg -b " diff --git a/doc/Makefile.am b/doc/Makefile.am index 5913c94e..d37c9b38 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2015 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -21,8 +21,9 @@ static_docs = \ Bopm.txt \ Capabilities.txt \ Commands.txt \ + Container.md \ Contributing.txt \ - FAQ.txt \ + FAQ.md \ HowToRelease.txt \ Modes.txt \ PAM.txt \ @@ -33,13 +34,13 @@ static_docs = \ README-Interix.txt \ RFC.txt \ Services.txt \ - SSL.txt + SSL.md doc_templates = sample-ngircd.conf.tmpl generated_docs = sample-ngircd.conf -toplevel_docs = ../AUTHORS ../COPYING ../ChangeLog ../INSTALL ../NEWS ../README +toplevel_docs = ../AUTHORS.md ../COPYING ../ChangeLog ../INSTALL.md ../NEWS ../README.md SUBDIRS = src @@ -55,7 +56,7 @@ all: $(generated_docs) install-data-hook: $(static_docs) $(toplevel_docs) $(generated_docs) $(MKDIR_P) -m 755 $(DESTDIR)$(sysconfdir) @if [ ! -f $(DESTDIR)$(sysconfdir)/ngircd.conf ]; then \ - make install-config; \ + ${MAKE} install-config; \ fi $(MKDIR_P) -m 755 $(DESTDIR)$(docdir) for f in $(static_docs) $(toplevel_docs); do \ @@ -75,7 +76,7 @@ install-config: uninstall-hook: rm -rf $(DESTDIR)$(docdir) @if cmp --silent sample-ngircd.conf $(DESTDIR)$(sysconfdir)/ngircd.conf; then \ - make uninstall-config; \ + ${MAKE} uninstall-config; \ else \ echo; \ echo " ** NOTE: Not uninstalling changed configuration file:"; \ @@ -86,9 +87,6 @@ uninstall-hook: uninstall-config: rm -f $(DESTDIR)$(sysconfdir)/ngircd.conf -srcdoc: - make -C src srcdoc - -.PHONY: install-config uninstall-config srcdoc +.PHONY: install-config uninstall-config # -eof- diff --git a/doc/Platforms.txt b/doc/Platforms.txt index 75c0e085..f982c0c4 100644 --- a/doc/Platforms.txt +++ b/doc/Platforms.txt @@ -2,7 +2,7 @@ ngIRCd - Next Generation IRC Server http://ngircd.barton.de/ - (c)2001-2019 Alexander Barton and Contributors. + (c)2001-2024 Alexander Barton and Contributors. ngIRCd is free software and published under the terms of the GNU General Public License. @@ -26,6 +26,9 @@ for inclusion here. Thanks for your help! | | | | Platform Compiler ngIRCd Date Tester C M T R * --------------------------- ------------ ---------- -------- -------- - - - - - +aarch64/apple/darwin A-clang 12.0 26 20-12-10 goetz N Y Y Y 3 +aarch64/apple/darwin23.4.0 A-clang 15.0 27~rc1 24-04-13 alex Y Y Y Y 3 +aarch64/unknown/linux-gnu gcc 12.2.0 27~rc1 24-04-21 alex Y Y Y Y 1 alpha/unknown/netbsd3.0 gcc 3.3.3 CVSHEAD 06-05-07 fw Y Y Y Y 3 armv6l/unk./linux-gnueabi gcc 4.7.2 20.2 13-03-08 goetz Y Y Y Y 5 armv6l/unk./linux-gnueabihf gcc 4.6.3 21~rc2 13-10-26 pi Y Y Y Y 5 @@ -71,6 +74,7 @@ i686/pc/linux-gnu gcc 4.3.2 14.1 09-08-04 alex Y Y Y Y 1 i686/pc/minix gcc 4.4.6 21~rc2 13-10-27 alex Y Y N N i686/unknown/gnu0.3 gcc 4.4.5 19 12-02-29 alex Y Y Y Y i686/unknown/gnu0.5 gcc 4.9.1 22~rc1-3 14-10-11 alex Y Y Y Y +i686/unknown/gnu0.9 gcc 12.2.0 27~rc1 24-04-21 alex Y Y Y Y i686/unkn./kfreebsd7.2-gnu gcc 4.3.4 15 09-12-02 alex Y Y Y Y 3 m68k/apple/aux3.0.1 gcc 2.7.2 17 10-11-07 alex Y Y N Y m68k/apple/aux3.0.1 Orig. A/UX 17 10-11-07 alex Y Y N Y 2 @@ -78,12 +82,14 @@ m68k/apple/aux3.1.1 gcc 2.7.2 19 12-02-26 alex Y Y N Y m68k/apple/aux3.1.1 Orig. A/UX 19 12-02-26 alex Y Y N Y 2 m68k/hp/hp-ux9.10 Orig. HPUX 0.7.x-CVS 03-04-30 goetz Y Y Y Y m88k/dg/dgux5.4R3.10 gcc 2.5.8 CVSHEAD 04-03-15 alex Y Y ? ? +mips/sgi/irix6.5 SGI 25 19-12-29 goetz Y Y ? ? mipsel/openwrt/linux-uclibc gcc 4.8 24~9-g619a 18-01-28 goetz - - - Y 6 mipsel/unknown/linux-gnu gcc 4.1.2 18 11-07-05 goetz Y Y N Y 1 mipsel/unknown/linux-gnu gcc 4.4.5 21 13-11-24 goetz Y Y Y Y 1 +mipsel/unknown/netbsd8.0 gcc 5.5.0 25 19-08-09 root Y Y y Y 3 powerpc/apple/darwin6.8 gcc 3.1 21 14-01-03 goetz Y Y Y Y powerpc/apple/darwin7.9.0 gcc 3.3 22 15-03-22 goetz Y Y Y Y 3 -powerpc/apple/darwin8.11.0 gcc 4.0.1 18 11-07-02 goetz Y Y Y Y 3 +powerpc/apple/darwin8.11.0 gcc 4.0.1 26 20-07-08 goetz Y Y Y Y 3 powerpc/apple/darwin9.8.0 gcc 4.0.1 21 14-01-04 goetz Y Y Y Y 3 powerpc/unknown/linux-gnu gcc 3.3.3 0.8.0 04-05-30 alex Y Y Y Y powerpc/unknown/openbsd3.6 gcc 2.95.3 0.10.0 06-10-08 alex Y Y N Y @@ -99,15 +105,23 @@ x86_64/apple/darwin15.6.0 A-clang 8.0 23~38-g455 16-11-04 alex Y Y Y Y 3 x86_64/apple/darwin16.5.0 A-clang 8.1 25~rc1-7-g 18-11-04 alex Y Y Y Y 3 x86_64/apple/darwin17.7.0 A-clang 10.0 25~rc1 18-11-04 alex Y Y Y Y 3 x86_64/apple/darwin18.2.0 A-clang 10.0 25~rc1-11 19-01-23 alex Y Y Y Y 3 +x86_64/apple/darwin19.4.0 A-clang 11.0 26~rc1 20-05-10 alex Y Y Y Y 3 +x86_64/apple/darwin19.6.0 A-clang 12.0 26 20-10-20 alex Y Y Y Y 3 +x86_64/apple/darwin20.1.0 A-clang 12.0 26 21-01-01 alex Y Y Y Y 3 +x86_64/apple/darwin23.4.0 A-clang 15.0 27~rc1 24-04-21 alex Y Y Y Y 3 x86_64/unknown/dragonfly3.4 gcc 4.7.2 21 13-11-12 goetz Y Y N Y 3 x86_64/unkn./freebsd8.1-gnu gcc 4.4.5 19 12-02-26 alex Y Y Y Y 3 x86_64/unknown/freebsd8.4 gcc 4.2.1 24~rc1-7 17-01-20 alex Y Y Y Y 3 x86_64/unknown/freebsd9.2 gcc 4.2.1 22~rc1-3 14-10-10 alex Y Y Y Y 3 x86_64/unknown/freebsd10.3 F-clang 3.4 24 17-01-20 goetz Y Y Y Y 3 x86_64/unknown/freebsd11.0 F-clang 3.8 24 17-01-21 goetz Y Y Y Y 3 +x86_64/unknown/freebsd12.1 F-clang 8.0 26 20-08-28 alex Y Y Y Y 3 +x86_64/unknown/freebsd14.0 F-clang 16.0 27~rc1 24-04-21 alex Y Y Y Y 3 x86_64/unknown/haiku gcc 7.3.0 25~rc1-11 19-01-06 alex Y Y N Y +x86_64/unknown/haiku gcc 13.2.0 27~rc1 24-04-21 user Y Y Y Y x86_64/unknown/linux-gnu clang 3.3 21 14-01-07 alex Y Y Y Y 1 x86_64/unknown/linux-gnu clang 3.4 22~rc1-3 14-10-11 alex Y Y Y Y 1 +x86_64/pc/linux-gnu D-clang 14.0 27~rc1 24-04-21 alex Y Y Y Y 1 x86_64/pc/linux-gnu gcc 4.4.5 24~rc1-7 17-01-20 alex Y Y Y Y 1 x86_64/unknown/linux-gnu gcc 4.7.2 23~rc1-3 15-11-15 alex Y Y Y Y 1 x86_64/pc/linux-gnu gcc 4.8.4 24~rc1-7 17-01-20 alex Y Y Y Y 1 @@ -116,14 +130,25 @@ x86_64/unknown/linux-gnu gcc 5.3.0 23 15-12-14 goetz Y Y Y Y 1 x86_64/pc/linux-gnu [WSL] gcc 5.4.0 24 18-03-07 goetz Y Y y Y 7 x86_64/pc/linux-gnu gcc 6.2.1 24~rc1-7 17-01-20 alex Y Y Y Y 1 x86_64/pc/linux-gnu gcc 6.3.0 25~rc1-11 19-01-23 alex Y Y Y Y 1 +x86_64/pc/linux-gnu gcc 8.3.0 26 20-08-28 alex Y Y Y Y 1 +x86_64/pc/linux-gnu gcc 11.4.0 27~rc1 24-04-21 alex Y Y Y Y 1 +x86_64/pc/linux-gnu gcc 12.2.0 27~rc1 24-04-21 alex Y Y Y Y 1 +x86_64/pc/linux-gnu gcc 13.2.1 27~rc1 24-04-21 alex Y Y Y Y 1 +x86_64/pc/solaris2.11 gcc 10.3.0 27~rc1 24-04-26 alex Y Y y Y 5 x86_64/unknown/linux-gnu icc 16 23 16-01-13 goetz Y Y Y Y 1 x86_64/unknown/linux-gnu nwcc 0.8.2 21 13-12-01 goetz Y Y Y Y 1 x86_64/unknown/linux-gnu Open64 21.1 14-03-27 goetz Y Y Y Y 1 x86_64/unknown/linux-gnu Sun C 5.12 21.1 14-03-27 goetz Y Y Y Y 1 +x86_64/unknown/netbsd9.0 gcc 7.4.0 26 20-08-28 alex Y Y y Y 3 +x86_64/unknown/netbsd10.0 gcc 10.5.0 27~rc1 24-04-21 alex Y Y Y Y 3 x86_64/unknown/openbsd4.7 gcc 3.3.5 20~rc1 12-02-26 alex Y Y Y Y 3 x86_64/unknown/openbsd4.8 gcc 4.2.1 22~rc1-3 14-10-10 alex Y Y y Y 3 x86_64/unknown/openbsd5.1 gcc 4.2.1 21 13-12-28 alex Y Y Y Y 3 x86_64/unknown/openbsd5.5 gcc 4.2.1 22~rc1-3 14-10-10 alex Y Y Y Y 3 +x86_64/unknown/openbsd6.6 gcc 4.2.1 26 20-08-28 alex Y Y Y Y 3 +x86_64/unknown/openbsd6.6 O-clang 8.0 26 20-08-28 alex Y Y Y Y 3 +x86_64/unknown/openbsd6.7 gcc 4.2.1 26 20-09-26 goetz Y Y y Y 3 +x86_64/unknown/openbsd7.4 O-clang 13.0 27~rc1 24-04-21 alex Y Y Y Y 3 * Notes @@ -132,8 +157,8 @@ x86_64/unknown/openbsd5.5 gcc 4.2.1 22~rc1-3 14-10-10 alex Y Y Y Y 3 (1) */*/linux-gnu (Linux platforms): ngIRCd has been tested with various Linux distributions, such as ArchLinux, Debian, Gentoo, Red Hat (Fedora) and SuSE using Linux kernels 2.2.x, 2.4.x, - 2.6.x, 3.x, and 4.x, with various versions of the GNU C compiler (starting - with 2.95.x) and Clang. The eldest glibc used was glibc-2.0.7. + 2.6.x, 3.x, 4.x and 5.x, with various versions of the GNU C compiler + (starting with 2.95.x) and Clang. The eldest glibc used was glibc-2.0.7. ngIRCd compiled and ran on all of these systems successfully. Current Linux kernels (starting with 2.6.x) and glibc's support the more efficient epoll() IO interface, see (5) below. diff --git a/doc/QuickStart.md b/doc/QuickStart.md new file mode 100644 index 00000000..abea9cd4 --- /dev/null +++ b/doc/QuickStart.md @@ -0,0 +1,126 @@ +# [ngIRCd](https://ngircd.barton.de) - Quick Start + +This *Quick Start* document explains how to configure ngIRCd, the lightweight +Internet Relay Chat (IRC) server, using some "real world" scenarios. + +## Introduction + +The ngIRCd daemon can be run without any configuration file using built-in +defaults. These defaults are probably sufficient for very simple single-node +setups, but most probably need further tweaking for more "advanced" setups. + +You can check the current settings by running `ngircd --configtest`. This +command not only shows the settings, it shows error, warning and hints, if it +detects any. + +Therefore it is definitely best practice to *always run this check* after +making any changes to the configuration file(s) and double-check that +everything was parsed as expected! + +### Configuration File and Drop-in Directory + +After installing ngIRCd, a sample configuration file should have been set up if +none existed already. By default, when installing from sources, the file is +named `/usr/local/etc/ngircd.conf` (other common names, especially for +distribution packages, are `/etc/ngircd.conf` or `/etc/ngircd/ngircd.conf`). +Run the command `ngircd --configtest` to check the name of the configuration +file which is used by default on your local system. + +In addition, ngIRCd supports configuration file snippets in a "drop-in" +directory which is configured with the `IncludeDir` variable in the `[Options]` +section and has a built-in default value (like `/etc/ngircd/ngircd.conf.d/`). +All configuration files matching the `*.conf` pattern are read-in from this +directory after the main `ngircd.conf` file. + +It is a good idea to not edit the default `ngircd.conf` file but to create one +ore more new files in this include directory, overriding the defaults as +needed. This way you don't get any clashes when updating ngIRCd to newer +releases. + +You can find the template of the sample configuration file in the `doc/` +directory as `sample-ngircd.conf` and +[online](https://ngircd.barton.de/doc/sample-ngircd.conf) on the homepage. It +contains all available options. + +## Configuration File Syntax + +The configuration consists of sections and parameters. + +A section begins with the name of the section in square brackets (like +`[Example]`) and continues until the next section begins. Sections contain +parameters of the form `name = value`. + +Section and parameter names are not case sensitive. + +Please see the `ngircd.conf`(5) manual page for an in-depth description of the +configuration file, its syntax and all supported configuration options. + +The sample configuration file uses comments beginning with `#` *or* `;` -- this +is only for the better understanding of the file, both comment styles are +equal. The lines commented out with `;` show example or default settings, +whereas the lines using `#` are descriptions of the options. + +## Simple Single-Instance Server + +A good starting point is to configure a valid (and unique!) IRC server name +(which is *not* related to a host name, it is purely a unique *server ID* that +must contain at least one dot "."). + +This looks like this: + +``` ini +[Global] +Name = my.irc.server +``` + +This results in the following *warning* in the logs when starting the daemon: +`No administrative information configured but required by RFC!` -- which works, +but is a bit ugly. So let's fix that by adding some *admin info*: + +``` ini +[Global] +Name = irc.example.net +AdminInfo1 = Example IRC Server +AdminInfo2 = Anywhere On Earth +AdminEMail = admin@irc.example.net +``` + +*Please Note*: The server `Name` looks like a DNS host name, but it is not: in +fact it is not related to your server's fully qualified domain name (FQDN) in +any way and can be an arbitrary string -- but it *must* contain at least +one dot (".") character! + +## Add a Local IRC Operator + +Some IRC commands, like `REHASH` which reloads the server configuration on the +fly, require the user to authenticate to the daemon to become an *IRC +Operator* first. + +So let's configure an *Operator* account in the configuration file (in +addition to what we configured above): + +``` ini +[Operator] +# ID of the operator (may be different of the nickname) +Name = BigOp +# Password of the IRC operator +Password = secret +# Optional Mask from which /OPER will be accepted +;Mask = *!ident@somewhere.example.com +``` + +Now you can use the IRC command `OPER BigOp secret` to get *IRC Operator* +status on that server. + +Please choose a sensible password, and keep in mind that the *name* is not +related to the *nickname* used by the user at all! + +We don't make use of the `Mask` setting in the example above (commented out +with the `;` character), but it is a good idea to enable it whenever possible! + +And you can have as many *Operator blocks* as you like, configuring multiple +different IRC Operators. + +## Configuring SSL/TLS Encryption + +Please see the file `SSL.md` for details. diff --git a/doc/SSL.md b/doc/SSL.md new file mode 100644 index 00000000..a2e029b2 --- /dev/null +++ b/doc/SSL.md @@ -0,0 +1,80 @@ +# [ngIRCd](https://ngircd.barton.de) - SSL/TLS Encrypted Connections + +ngIRCd supports SSL/TLS encrypted connections using the *OpenSSL* or *GnuTLS* +libraries. Both encrypted server-server links as well as client-server links +are supported. + +SSL is a compile-time option which is disabled by default. Use one of these +options of the ./configure script to enable it: + +- `--with-openssl`: enable SSL support using OpenSSL. +- `--with-gnutls`: enable SSL support using GnuTLS. + +You can check the output of `ngircd --version` to validate if your executable +includes support for SSL or not: "+SSL" must be listed in the feature flags. + +You also need a SSL key and certificate, for example using Let's Encrypt, which +is out of the scope of this document. + +From a feature point of view, ngIRCds support for both libraries is +comparable. The only major difference (at this time) is that ngIRCd with GnuTLS +does not support password protected private keys. + +## Configuration + +SSL-encrypted connections and plain-text connects can't run on the same network +port (which is a limitation of the IRC protocol); therefore you have to define +separate port(s) in your `[SSL]` block in the configuration file. + +A minimal configuration for *accepting* SSL-encrypted client & server +connections looks like this: + +``` ini +[SSL] +CertFile = /etc/ssl/certs/my-fullchain.pem +KeyFile = /etc/ssl/certs/my-privkey.pem +Ports = 6697, 6698 +``` + +In this case, the server only deals with *incoming* connections and never has to +validate SSL certificates itself, and therefore no "Certificate Authorities" are +needed. + +If you want to use *outgoing* SSL-connections to other servers, you need to add: + +``` ini +[SSL] +... +CAFile = /etc/ssl/certs/ca-certificates.crt +DHFile = /etc/ngircd/dhparams.pem + +[SERVER] +... +SSLConnect = yes +``` + +The `CAFile` option configures a file listing all the certificates of the +trusted Certificate Authorities. + +The Diffie-Hellman parameters file `dhparams.pem` can be created like this: + +- OpenSSL: `openssl dhparam -2 -out /etc/ngircd/dhparams.pem 4096` +- GnuTLS: `certtool --generate-dh-params --bits 4096 --outfile /etc/ngircd/dhparams.pem` + +Note that enabling `SSLConnect` not only enforces SSL-encrypted links for +*outgoing* connections to other servers, but for *incoming* connections as well: +If a server configured with `SSLConnect = yes` tries to connect on a plain-text +connection, it won't be accepted to prevent data leakage! Therefore you should +set this for *all* servers you expect to use SSL-encrypted connections! + +## Accepting untrusted Remote Certificates + +If you are using self-signed certificates or otherwise invalid certificates, +which ngIRCd would reject by default, you can force ngIRCd to skip certificate +validation on a per-server basis and continue establishing outgoing connections +to the respective peer by setting `SSLVerify = no` in the `[SERVER]` block of +this remote server in your configuration. + +But please think twice before doing so: the established connection is still +encrypted but the remote site is *not verified at all* and man-in-the-middle +attacks are possible! diff --git a/doc/SSL.txt b/doc/SSL.txt deleted file mode 100644 index 28ea2cd9..00000000 --- a/doc/SSL.txt +++ /dev/null @@ -1,108 +0,0 @@ - - ngIRCd - Next Generation IRC Server - - (c)2001-2008 Alexander Barton, - alex@barton.de, http://www.barton.de/ - - ngIRCd is free software and published under the - terms of the GNU General Public License. - - -- SSL.txt -- - - -ngIRCd supports SSL/TLSv1 encrypted connections using the OpenSSL or GnuTLS -libraries. Both encrypted server-server links as well as client-server links -are supported. - -SSL is a compile-time option which is disabled by default. Use one of these -options of the ./configure script to enable it: - - --with-openssl enable SSL support using OpenSSL - --with-gnutls enable SSL support using GnuTLS - -You also need a key/certificate, see below for how to create a self-signed one. - -From a feature point of view, ngIRCds support for both libraries is -comparable. The only major difference (at this time) is that ngircd with gnutls -does not support password protected private keys. - -Configuration -~~~~~~~~~~~~~ - -To enable SSL connections a separate port must be configured: it is NOT -possible to handle unencrypted and encrypted connections on the same port! -This is a limitation of the IRC protocol ... - -You have to set (at least) the following configuration variables in the -[SSL] section of ngircd.conf(5): Ports, KeyFile, and CertFile. - -Now IRC clients are able to connect using SSL on the configured port(s). -(Using port 6697 for encrypted connections is common.) - -To enable encrypted server-server links, you have to additionally set -SSLConnect to "yes" in the corresponding [SERVER] section. - - -Creating a self-signed certificate -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -OpenSSL: - -Creating a self-signed certificate and key: - $ openssl req -newkey rsa:2048 -x509 -keyout server-key.pem -out server-cert.pem -days 1461 -Create DH parameters (optional): - $ openssl dhparam -2 -out dhparams.pem 4096 - -GnuTLS: - -Creating a self-signed certificate and key: - $ certtool --generate-privkey --bits 2048 --outfile server-key.pem - $ certtool --generate-self-signed --load-privkey server-key.pem --outfile server-cert.pem -Create DH parameters (optional): - $ certtool --generate-dh-params --bits 4096 --outfile dhparams.pem - - -Alternate approach using stunnel(1) -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - -Alternatively (or if you are using ngIRCd compiled without support -for GnuTLS/OpenSSL), you can use external programs/tools like stunnel(1) to -get SSL encrypted connections: - - - - -Stefan Sperling (stefan at binarchy dot net) mailed the following text as a -short "how-to", thanks Stefan! - -=== snip === - ! This guide applies to stunnel 4.x ! - - Put this in your stunnel.conf: - - [ircs] - accept = 6667 - connect = 6668 - - This makes stunnel listen for incoming connections - on port 6667 and forward decrypted data to port 6668. - We call the connection 'ircs'. Stunnel will use this - name when logging connection attempts via syslog. - You can also use the name in /etc/hosts.{allow,deny} - if you run tcp-wrappers. - - To make sure ngircd is listening on the port where - the decrypted data arrives, set - - Ports = 6668 - - in your ngircd.conf. - - Start stunnel and restart ngircd. - - That's it. - Don't forget to activate ssl support in your irc client ;) - The main drawback of this approach compared to using builtin ssl - is that from ngIRCds point of view, all ssl-enabled client connections will - originate from the host running stunnel. -=== snip === diff --git a/doc/Services.txt b/doc/Services.txt index 56c81425..f945bbf1 100644 --- a/doc/Services.txt +++ b/doc/Services.txt @@ -15,7 +15,7 @@ using the IRC protocol as defined in RFC 1459 or RFC 2812. Support for Services has been tested using - Anope 1.9.8 or later () - - Atheme 7.0.2 or later () + - Atheme 7.0.2 or later () - "IRC Services" 5.1.x by Andrew Church () This document describes setting up ngIRCd and these services. @@ -101,7 +101,7 @@ In conf/nickserv.conf: Setting up Atheme 7.0.2 or later ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Atheme 7.0.2 or later () may be used with ngIRCd using +Atheme 7.0.2 or later () may be used with ngIRCd using the "ngircd" protocol module. The following settings need to be in atheme.conf: diff --git a/doc/sample-ngircd.conf.tmpl b/doc/sample-ngircd.conf.tmpl index cccc7e92..2a08bb43 100644 --- a/doc/sample-ngircd.conf.tmpl +++ b/doc/sample-ngircd.conf.tmpl @@ -24,8 +24,9 @@ # make sure that they correspond to your installation and setup! # Server name in the IRC network, must contain at least one dot - # (".") and be unique in the IRC network. Required! - Name = irc.example.net + # (".") and be unique in the IRC network. When not set, ngIRCd tries + # to deduce a valid IRC server name from the local host name. + ;Name = irc.example.net # Information about the server and the administrator, used by the # ADMIN command. Not required by server but by RFC! @@ -34,12 +35,14 @@ ;AdminEMail = admin@irc.server # Text file which contains the ngIRCd help text. This file is required - # to display help texts when using the "HELP " command. + # to display help texts when using the "HELP " command. Default: a + # built-in standard path (check "ngircd --configtest"). ;HelpFile = :DOCDIR:/Commands.txt # Info text of the server. This will be shown by WHOIS and - # LINKS requests for example. - Info = Server Info Text + # LINKS requests for example. Set to the server software name and + # version by default. + ;Info = Server Info Text # Comma separated list of IP addresses on which the server should # listen. Default values are: @@ -48,7 +51,8 @@ ;Listen = 127.0.0.1,192.168.0.1 # Text file with the "message of the day" (MOTD). This message will - # be shown to all users connecting to the server: + # be shown to all users connecting to the server: Default: a built-in + # standard path (check "ngircd --configtest"). ;MotdFile = :ETCDIR:/ngircd.motd # A simple Phrase (<127 chars) if you don't want to use a motd file. @@ -192,6 +196,9 @@ # Directory containing configuration snippets (*.conf), that should # be read in after parsing this configuration file. + # Default: a built-in directory name when no configuration file was + # explicitly given on the command line (check "ngircd --configtest"), + # none (empty) otherwise. ;IncludeDir = :ETCDIR:/conf.d # Enhance user privacy slightly (useful for IRC server on TOR or I2P) @@ -266,6 +273,14 @@ # is only available when ngIRCd is compiled with support for SSL! # So don't forget to remove the ";" above if this is the case ... + # SSL Trusted CA Certificates File for verifying peer certificates. + # (Default: not set; so no certificates are trusted) + ;CAFile = /etc/ssl/CA/cacert.pem + + # Certificate Revocation File (for marking otherwise valid + # certficates as invalid) + ;CRLFile = /etc/ssl/CA/crl.pem + # SSL Server Key Certificate ;CertFile = :ETCDIR:/ssl/server-cert.pem @@ -357,6 +372,10 @@ # Connect to the remote server using TLS/SSL (Default: false) ;SSLConnect = yes + # Verify the TLS certificate presented by the remote server + # (Default: yes) + ;SSLVerify = yes + # Define a (case insensitive) list of masks matching nicknames that # should be treated as IRC services when introduced via this remote # server, separated by commas (","). @@ -385,19 +404,21 @@ # Topic for this channel ;Topic = a great topic - # Initial channel modes - ;Modes = tnk + # Initial channel modes, as used in "MODE" commands. Modifying lists + # (ban list, invite list, exception list) is supported. + # This option can be specified multiple times, evaluated top to bottom. + ;Modes = +tnk mykey +l 5 + ;Modes = +b nick!~user@bad.host.example.com - # initial channel password (mode k) - ;Key = Secret + # Should ngIRCd automatically join ("autojoin") all users to this + # channel on connect? Note: The users must have permissions to access + # the channel, otherwise joining them will fail! + ;Autojoin = yes # Key file, syntax for each line: "::". # Default: none. ;KeyFile = :ETCDIR:/#chan.key - # maximum users per channel (mode l) - ;MaxUsers = 23 - [Channel] # More [Channel] sections, if you like ... diff --git a/doc/src/footer.inc.html b/doc/src/footer.inc.html index ba05dcfc..6189afb3 100644 --- a/doc/src/footer.inc.html +++ b/doc/src/footer.inc.html @@ -2,9 +2,10 @@

ngIRCd - Homepage, - GIT-Repository, - Bug-Tracker. + Homepage. + GitHub: + Code Repository, + Bug-Tracker.

diff --git a/man/ngircd.8.tmpl b/man/ngircd.8.tmpl index 0ee2a12f..d82d137d 100644 --- a/man/ngircd.8.tmpl +++ b/man/ngircd.8.tmpl @@ -1,7 +1,7 @@ .\" .\" ngircd(8) manual page template .\" -.TH ngircd 8 "Jan 2020" ngIRCd "ngIRCd Manual" +.TH ngircd 8 "Sep 2023" ngIRCd "ngIRCd Manual" .SH NAME ngIRCd \- the "next generation" IRC daemon .SH SYNOPSIS @@ -11,24 +11,22 @@ ngIRCd \- the "next generation" IRC daemon ] .SH DESCRIPTION .BR ngIRCd -is a free, portable and lightweight Internet Relay Chat server for small +is a free, portable and lightweight Internet Relay Chat (IRC) server for small or private networks, developed under the GNU General Public License (GPL). -It is easy to configure, can cope with dynamic IP addresses, and supports -IPv6, SSL-protected connections as well as PAM for authentication. -It is written from scratch and not based on the original IRCd. .PP -The name ngIRCd means -.IR "next generation IRC daemon", +The server is quite easy to configure and runs as a single-node server or can +be part of a network of ngIRCd servers in a LAN or across the internet. It +optionally supports the IPv6 protocol, SSL/TLS-protected client-server and +server-server links, the Pluggable Authentication Modules (PAM) system for user +authentication, IDENT requests, and character set conversion for legacy +clients. +.PP +The name ngIRCd stands for +.IR "next-generation IRC daemon", which is a little bit exaggerated: .IR "lightweight Internet Relay Chat server" most probably would have been a better name :-) .PP -Currently supported platforms include AIX, A/UX, FreeBSD, HP-UX, Hurd, IRIX, -Linux, Mac OS X, Minix, NetBSD, OpenBSD, Solaris, and Windows with Cygwin. -As ngIRCd relies on UNIX standards and uses GNU automake and GNU autoconf -there are good chances that it also supports other UNIX-based operating -systems as well. -.PP By default ngIRCd logs diagnostic and informational messages using the syslog mechanism, or writes directly to the console when running in the foreground (see below). @@ -54,14 +52,25 @@ terminate the server. Disable automatic connections to other servers. You can use the IRC command CONNECT later on as IRC Operator to link this ngIRCd to other servers. .TP +\fB\-y\fR, \fB\-\-syslog\fR +Write log messages to the syslog even when running in the foreground. This only +makes sense when +.I \-n/\-\-nodaemon +was given on the command line +.I before +this option! +.PP +The following options prevent ngIRCd from starting regularly, but perform a +specific action and then exit the daemon again: +.TP +\fB\-h\fR, \fB\-\-help\fR +Display a brief help text and exit. +.TP \fB\-t\fR, \fB\-\-configtest\fR Read, validate and display the configuration; then exit. .TP \fB\-V\fR, \fB\-\-version\fR Output version information and exit. -.TP -\fB\-h\fR, \fB\-\-help\fR -Display a brief help text and exit. .SH FILES .I :ETCDIR:/ngircd.conf .RS @@ -81,14 +90,28 @@ Shut down all connections and terminate the daemon. Shut down all listening sockets, re-read the configuration file and re-initialize the daemon. .SH HINTS -It's wise to use "ngircd \-\-configtest" to validate the configuration file -after changing it. +It is +.I always wise +to use "ngircd \-\-configtest" to validate the configuration of ngIRCd after +making changes to the configuration files! .SH DEBUGGING -When ngIRCd is compiled with debug code, that is, its source code has -been ./configure'd with "\-\-enable\-debug" and/or "\-\-enable\-sniffer" (witch -enables debug mode automatically as well), you can use two more command -line options and two more signals to debug problems with the daemon itself -or IRC clients: +ngIRCd can log additional debug messages, which can be enabled with the command +line option \-\-debug (\-d) or by sending the USR1 signal to the running daemon. +Some of those messages may leak personal information, be very technical and can +be very verbose. Therefore the debug mode is meant for troubleshooting only and +should definitely be disabled during normal operation! +.PP +In addition, a "protocol sniffer" can be enabled on build time by passing the +"\-\-enable\-sniffer" option to the ./configure script which enables the +"\-\-sniffer" (\-s) command line option (which is not available by default): +this "sniffer" logs all incoming and outgoing IRC commands on all connections, +which can be handy to debug problems with the daemon itself or IRC clients. +.PP +Both modes are indicated in the version string shown by the IRC "VERSION" +command: if the version ends in a dot (like in "26.1."), the daemon operates in +"normal" mode (the version used in the example is "26.1"). If it ends in ".1" +(like in "26.1.1") the "debug-mode" is enabled; and if it ends in ".2" (like in +"26.1.2") the "IRC sniffer" is enabled, too. .PP \fBOptions:\fR .TP @@ -101,6 +124,9 @@ the console/syslog. This option requires that ngIRCd has been ./configure'd with "\-\-enable\-sniffer" and enables debug mode automatically, too. .PP \fBSignals:\fR +.PP +Note: Usage of these signals is broadcasted to all users with the +s ("receive +server notices") mode set! .TP \fBUSR1\fR Toggle debug mode on and off during runtime. diff --git a/man/ngircd.conf.5.tmpl b/man/ngircd.conf.5.tmpl index 0971f376..68ee9093 100644 --- a/man/ngircd.conf.5.tmpl +++ b/man/ngircd.conf.5.tmpl @@ -1,7 +1,7 @@ .\" .\" ngircd.conf(5) manual page template .\" -.TH ngircd.conf 5 "Jan 2020" ngIRCd "ngIRCd Manual" +.TH ngircd.conf 5 "Sep 2023" ngIRCd "ngIRCd Manual" .SH NAME ngircd.conf \- configuration file of ngIRCd .SH SYNOPSIS @@ -93,10 +93,11 @@ like the server name and the ports on which the server should be listening. These settings depend on your personal preferences, so you should make sure that they correspond to your installation and setup! .TP -\fBName\fR (string; required) +\fBName\fR (string) Server name in the IRC network. This is an individual name of the IRC server, it is not related to the DNS host name. It must be unique in the -IRC network and must contain at least one dot (".") character. +IRC network and must contain at least one dot (".") character. When not set, +ngIRCd tries to deduce a valid IRC server name from the local host name. .TP \fBAdminInfo1\fR, \fBAdminInfo2\fR, \fBAdminEMail\fR (string) Information about the server and the administrator, used by the ADMIN @@ -106,11 +107,12 @@ command. This information is not required by the server but by RFC! Text file which contains the ngIRCd help text. This file is required to display help texts when using the "HELP " command. Please note: Changes made to this file take effect when ngircd starts up -or is instructed to re-read its configuration file. +or is instructed to re-read its configuration file. Default: a built-in +standard path. .TP \fBInfo\fR (string) Info text of the server. This will be shown by WHOIS and LINKS requests for -example. +example. Set to the server software name and version by default. .TP \fBListen\fR (list of strings) A comma separated list of IP address on which the server should listen. @@ -122,7 +124,7 @@ IP addresses and interfaces by default. Text file with the "message of the day" (MOTD). This message will be shown to all users connecting to the server. Please note: Changes made to this file take effect when ngircd starts up or is instructed to re-read its -configuration file. +configuration file. Default: a built-in standard path. .TP \fBMotdPhrase\fR (string) A simple Phrase (<127 chars) if you don't want to use a MOTD file. @@ -293,7 +295,17 @@ Default: yes. \fBIncludeDir\fR (string) Directory containing configuration snippets (*.conf), that should be read in after parsing the current configuration file. -Default: none. +Default: a built-in directory name when no configuration file was explicitly +given on the command line (check "ngircd --configtest"), none (empty) +otherwise. +.PP +.RS +This way no default include directory is used when a possibly non-default +configuration file was explicitly specified using "--config"/"-f" on the +command line which (intentionally) did not specify an +.I "IncludeDir" +directive. +.RE .TP \fBMorePrivacy\fR (boolean) This will cause ngIRCd to censor user idle time, logon time as well as the @@ -385,6 +397,10 @@ All SSL-related configuration variables are located in the section. Please note that this whole section is only recognized by ngIRCd when it is compiled with support for SSL using OpenSSL or GnuTLS! .TP +\fBCAFile\fR (string) +Filename pointing to the Trusted CA Certificates. This is required for +verifying peer certificates. Default: not set, so no certificates are trusted. +.TP \fBCertFile\fR (string) SSL Certificate file of the private server key. .TP @@ -394,6 +410,9 @@ Select cipher suites allowed for SSL/TLS connections. This defaults to Please see 'man 1ssl ciphers' (OpenSSL) and 'man 3 gnutls_priority_init' (GnuTLS) for details. .TP +\fBCRLFile\fR (string) +Filename of Certificate Revocation List. +.TP \fBDHFile\fR (string) Name of the Diffie-Hellman Parameter file. Can be created with GnuTLS "certtool \-\-generate-dh-params" or "openssl dhparam". If this file is not @@ -479,6 +498,9 @@ You can use the IRC Operator command CONNECT later on to create the link. \fBSSLConnect\fR (boolean) Connect to the remote server using TLS/SSL. Default: false. .TP +\fBSSLVerify\fR (boolean) +Verify the TLS certificate presented by the remote server. Default: yes. +.TP \fBServiceMask\fR (string) Define a (case insensitive) list of masks matching nicknames that should be treated as IRC services when introduced via this remote server, separated @@ -510,10 +532,17 @@ Name of the channel, including channel prefix ("#" or "&"). Topic for this channel. .TP \fBModes\fR (string) -Initial channel modes. +Initial channel modes, as used in "MODE" commands. Modifying lists (ban list, +invite list, exception list) is supported. +.PP +.RS +This option can be specified multiple times, evaluated top to bottom. +.RE .TP -\fBKey\fR (string) -Sets initial channel key (only relevant if channel mode "k" is set). +\fBAutojoin\fR (boolean) +Should ngIRCd automatically join ("autojoin") all users to this channel on +connect? Note: The users must have permissions to access the channel, otherwise +joining them will fail! .TP \fBKeyFile\fR (string) Path and file name of a "key file" containing individual channel keys for @@ -557,10 +586,6 @@ The file is not reopened on each access, so you can modify and overwrite it without problems, but moving or deleting the file will have not effect until the daemon re-reads its configuration! .RE -.TP -\fBMaxUsers\fR (number) -Set maximum user limit for this channel (only relevant if channel mode "l" -is set). .SH HINTS It's wise to use "ngircd \-\-configtest" to validate the configuration file after changing it. See diff --git a/src/ngircd/Makefile.ng b/src/ngircd/Makefile.ng index 21e606d7..5045ebae 100644 --- a/src/ngircd/Makefile.ng +++ b/src/ngircd/Makefile.ng @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2012 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -15,9 +15,6 @@ EXTRA_DIST = Makefile.ng AM_CPPFLAGS = -I$(srcdir)/../portab -I$(srcdir)/../tool -I$(srcdir)/../ipaddr -LINTARGS = -weak -warnunixlib +unixlib -booltype BOOLEAN \ - -varuse -retvalother -emptyret -unrecog - sbin_PROGRAMS = ngircd ngircd_SOURCES = \ @@ -107,7 +104,7 @@ noinst_HEADERS = \ sighandlers.h clean-local: - rm -f check-version check-help lint.out + rm -f check-version check-help maintainer-clean-local: rm -f Makefile Makefile.in Makefile.am @@ -122,32 +119,6 @@ check-help: Makefile echo "./ngircd --help | grep help >/dev/null 2>&1" >>check-help chmod 755 check-help -lint: - @splint --version >/dev/null 2>&1 \ - || ( echo; echo "Error: \"splint\" not found!"; echo; exit 1 ) - @echo; warnings=0; files=0; \ - for f in *.c; do \ - echo "checking $$f ..."; \ - splint $$f $(LINTARGS) -I$(srcdir) -I$(srcdir)/.. \ - $(AM_CPPFLAGS) $(AM_CFLAGS) >lint.out 2>&1; \ - grep "no warnings" lint.out > /dev/null 2>&1; \ - if [ $$? -ne 0 ]; then \ - waswarning=1; \ - echo; grep -v "^Command Line: " lint.out; echo; \ - w=$$( grep "code warning" lint.out | $(AWK) "{ print \$$4 }" ); \ - [ "$$w" -gt 0 ] && warnings=`expr $$warnings + $$w`; \ - files=`expr $$files + 1`; \ - else \ - waswarning=0; \ - fi; \ - rm -f lint.out; \ - done; \ - [ $$waswarning -eq 0 ] && echo; \ - [ $$warnings -gt 0 ] \ - && echo "Result: $$warnings warning(s) in $$files file(s)!" \ - || echo "Result: no warnings found."; \ - echo; [ $$warnings -gt 0 ] && exit 1 - TESTS = check-version check-help # -eof- diff --git a/src/ngircd/array.c b/src/ngircd/array.c index 4cc793f1..6d1ab338 100644 --- a/src/ngircd/array.c +++ b/src/ngircd/array.c @@ -68,7 +68,7 @@ array_alloc(array * a, size_t size, size_t pos) if (a->allocated < alloc) { #if DEBUG_ARRAY - Log(LOG_DEBUG, "array_alloc(): changing size from %u to %u bytes.", + LogDebug("array_alloc(): changing size from %u to %u bytes.", a->allocated, alloc); #endif tmp = realloc(a->mem, alloc); @@ -169,7 +169,7 @@ array_catb(array * dest, const char *src, size_t len) assert(ptr != NULL); #if DEBUG_ARRAY - Log(LOG_DEBUG, + LogDebug( "array_catb(): appending %u bytes to array (now %u bytes in array).", len, tmp); #endif @@ -249,7 +249,7 @@ array_free(array * a) { assert(a != NULL); #if DEBUG_ARRAY - Log(LOG_DEBUG, + LogDebug( "array_free(): %u bytes free'd (%u bytes still used at time of free()).", a->allocated, a->used); #endif @@ -315,7 +315,7 @@ array_moveleft(array * a, size_t membersize, size_t pos) return; /* nothing to do */ #if DEBUG_ARRAY - Log(LOG_DEBUG, + LogDebug( "array_moveleft(): %u bytes used in array, starting at position %u.", a->used, bytepos); #endif diff --git a/src/ngircd/channel.c b/src/ngircd/channel.c index 53c385c2..2d77ec9c 100644 --- a/src/ngircd/channel.c +++ b/src/ngircd/channel.c @@ -36,6 +36,8 @@ #include "log.h" #include "messages.h" #include "match.h" +#include "parse.h" +#include "irc-mode.h" #define REMOVE_PART 0 #define REMOVE_QUIT 1 @@ -93,9 +95,11 @@ GLOBAL void Channel_InitPredefined( void ) { CHANNEL *new_chan; + REQUEST Req; const struct Conf_Channel *conf_chan; - const char *c; - size_t i, channel_count = array_length(&Conf_Channels, sizeof(*conf_chan)); + char *c; + char modes[COMMAND_LEN], name[CHANNEL_NAME_LEN]; + size_t i, n, channel_count = array_length(&Conf_Channels, sizeof(*conf_chan)); conf_chan = array_start(&Conf_Channels); @@ -126,24 +130,63 @@ Channel_InitPredefined( void ) conf_chan->name); continue; } - Log(LOG_INFO, "Created pre-defined channel \"%s\".", - conf_chan->name); - Channel_ModeAdd(new_chan, 'P'); if (conf_chan->topic[0]) Channel_SetTopic(new_chan, NULL, conf_chan->topic); - c = conf_chan->modes; - while (*c) - Channel_ModeAdd(new_chan, *c++); + /* Evaluate modes strings with fake requests */ + if (conf_chan->modes_num) { + /* Prepare fake request structure */ + strlcpy(name, conf_chan->name, sizeof(name)); + LogDebug("Evaluating predefined channel modes for \"%s\" ...", name); + Req.argv[0] = name; + Req.prefix = Client_ID(Client_ThisServer()); + Req.command = "MODE"; + + /* Iterate over channel modes strings */ + for (n = 0; n < conf_chan->modes_num; n++) { + Req.argc = 1; + strlcpy(modes, conf_chan->modes[n], sizeof(modes)); + LogDebug("Evaluate \"MODE %s %s\".", name, modes); + c = strtok(modes, " "); + while (c && Req.argc < 15) { + Req.argv[Req.argc++] = c; + c = strtok(0, " "); + } + + if (Req.argc > 1) { + /* Handling of legacy "Key" and "MaxUsers" settings: + * Enforce setting the respective mode(s), to support + * the legacy "Mode = kl" notation, which was valid but + * is an invalid MODE string: key and limit are missing! + * So set them manually when "k" or "l" are detected in + * the first MODE parameter ... */ + if (Req.argc > 1 && strchr(Req.argv[1], 'k')) { + Channel_SetKey(new_chan, conf_chan->key); + Channel_ModeAdd(new_chan, 'k'); + } + if (strchr(Req.argv[1], 'l')) { + Channel_SetMaxUsers(new_chan, conf_chan->maxusers); + Channel_ModeAdd(new_chan, 'l'); + } + + IRC_MODE(Client_ThisServer(), &Req); + } + + /* Original channel modes strings are no longer needed */ + free(conf_chan->modes[n]); + } + } - Channel_SetKey(new_chan, conf_chan->key); - Channel_SetMaxUsers(new_chan, conf_chan->maxusers); Set_KeyFile(new_chan, conf_chan->keyfile); + + Log(LOG_INFO, + "Created pre-defined channel \"%s\", mode \"%s\" (%s, user limit %d).", + new_chan->name, new_chan->modes, + new_chan->key[0] ? "channel key set" : "no channel key", + new_chan->maxusers); } - if (channel_count) - array_free(&Conf_Channels); /* Make sure the local &SERVER channel exists */ if (!Channel_Search("&SERVER")) { @@ -736,10 +779,28 @@ Channel_UserModes( CHANNEL *Chan, CLIENT *Client ) } /* Channel_UserModes */ +/** + * Test if a user has a given channel user mode. + * + * @param Chan The channel to check. + * @param Client The client to check. + * @param Mode The channel user mode to test for. + * @return true if the user has the given channel user mode set. + */ GLOBAL bool Channel_UserHasMode( CHANNEL *Chan, CLIENT *Client, char Mode ) { - return strchr(Channel_UserModes(Chan, Client), Mode) != NULL; + char *channel_user_modes; + + assert(Chan != NULL); + assert(Client != NULL); + assert(Mode > 0); + + channel_user_modes = Channel_UserModes(Chan, Client); + if (!channel_user_modes || !*channel_user_modes) + return false; + + return strchr(channel_user_modes, Mode) != NULL; } /* Channel_UserHasMode */ diff --git a/src/ngircd/channel.h b/src/ngircd/channel.h index 0e96703d..edf6a836 100644 --- a/src/ngircd/channel.h +++ b/src/ngircd/channel.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2012 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ * Channel management (header) */ -#if defined(__channel_c__) | defined(S_SPLINT_S) +#if defined(__channel_c__) #include "lists.h" #include "defines.h" diff --git a/src/ngircd/client.c b/src/ngircd/client.c index a453312c..70ac28f0 100644 --- a/src/ngircd/client.c +++ b/src/ngircd/client.c @@ -213,7 +213,7 @@ Init_New_Client(CONN_ID Idx, CLIENT *Introducer, CLIENT *TopServer, Generate_MyToken(client); if (Client_HasMode(client, 'a')) - client->away = strndup(DEFAULT_AWAY_MSG, CLIENT_AWAY_LEN - 1); + client->away = strdup(DEFAULT_AWAY_MSG); client->next = (POINTER *)My_Clients; My_Clients = client; @@ -337,9 +337,11 @@ Client_SetHostname( CLIENT *Client, const char *Hostname ) assert(Client != NULL); assert(Hostname != NULL); - /* Only cloak the hostmask if it has not yet been cloaked (the period - * indicates it's still an IP address). */ - if (Conf_CloakHost[0] && strchr(Client->host, '.')) { + /* Only cloak the hostmask if it has not yet been cloaked. + * The period or colon indicates it's still an IP address. + * An empty string means a rDNS lookup did not happen (yet). */ + if (Conf_CloakHost[0] && (!Client->host[0] || strchr(Client->host, '.') + || strchr(Client->host, ':'))) { char cloak[GETID_LEN]; strlcpy(cloak, Hostname, GETID_LEN); @@ -651,7 +653,7 @@ Client_SearchServer(const char *Mask) /** - * Get client structure ("introducer") identfied by a server token. + * Get client structure ("introducer") identified by a server token. * @return CLIENT structure or NULL if none could be found. */ GLOBAL CLIENT * @@ -696,10 +698,8 @@ Client_ID( CLIENT *Client ) { assert( Client != NULL ); -#ifdef DEBUG if(Client->type == CLIENT_USER) assert(strlen(Client->id) < Conf_MaxNickLength); -#endif if( Client->id[0] ) return Client->id; else return "*"; @@ -1313,12 +1313,14 @@ Client_Reject(CLIENT *Client, const char *Reason, bool InformClient) GLOBAL void Client_Introduce(CLIENT *From, CLIENT *Client, int Type) { + int server; + /* Set client type (user or service) */ Client_SetType(Client, Type); if (From) { - if (Conf_NickIsService(Conf_GetServer(Client_Conn(From)), - Client_ID(Client))) + server = Conf_GetServer(Client_Conn(From)); + if (server > NONE && Conf_NickIsService(server, Client_ID(Client))) Client_SetType(Client, CLIENT_SERVICE); LogDebug("%s \"%s\" (+%s) registered (via %s, on %s, %d hop%s).", Client_TypeText(Client), Client_Mask(Client), @@ -1376,7 +1378,7 @@ MyCount( CLIENT_TYPE Type ) /** - * Allocate and initialize new CLIENT strcuture. + * Allocate and initialize new CLIENT structure. * * @return Pointer to CLIENT structure or NULL on error. */ @@ -1495,9 +1497,7 @@ Client_RegisterWhowas( CLIENT *Client ) slot = Last_Whowas + 1; if( slot >= MAX_WHOWAS || slot < 0 ) slot = 0; -#ifdef DEBUG - Log( LOG_DEBUG, "Saving WHOWAS information to slot %d ...", slot ); -#endif + LogDebug( "Saving WHOWAS information to slot %d ...", slot ); My_Whowas[slot].time = now; strlcpy( My_Whowas[slot].id, Client_ID( Client ), @@ -1692,17 +1692,16 @@ Client_Announce(CLIENT * Client, CLIENT * Prefix, CLIENT * User) } /* Client_Announce */ -#ifdef DEBUG GLOBAL void Client_DebugDump(void) { CLIENT *c; - Log(LOG_DEBUG, "Client status:"); + LogDebug("Client status:"); c = My_Clients; while (c) { - Log(LOG_DEBUG, + LogDebug( " - %s: type=%d, host=%s, user=%s, conn=%d, start=%ld, flags=%s", Client_ID(c), Client_Type(c), Client_Hostname(c), Client_User(c), Client_Conn(c), Client_StartTime(c), @@ -1711,7 +1710,6 @@ Client_DebugDump(void) } } /* Client_DumpClients */ -#endif /* -eof- */ diff --git a/src/ngircd/client.h b/src/ngircd/client.h index 4185d217..91a717cd 100644 --- a/src/ngircd/client.h +++ b/src/ngircd/client.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2013 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,7 +36,7 @@ #include "defines.h" -#if defined(__client_c__) | defined(__client_cap_c__) | defined(S_SPLINT_S) +#if defined(__client_c__) | defined(__client_cap_c__) typedef struct _CLIENT { @@ -182,9 +182,7 @@ GLOBAL void Client_UpdateCloakedHostname PARAMS((CLIENT *Client, const char *hostname)); -#ifdef DEBUG GLOBAL void Client_DebugDump PARAMS((void)); -#endif #endif diff --git a/src/ngircd/conf-ssl.h b/src/ngircd/conf-ssl.h index af715af8..a8896a1f 100644 --- a/src/ngircd/conf-ssl.h +++ b/src/ngircd/conf-ssl.h @@ -40,6 +40,7 @@ struct ConnSSL_State { gnutls_session_t gnutls_session; void *cookie; /* pointer to server configuration structure (for outgoing connections), or NULL. */ + size_t x509_cred_idx; /* index of active x509 credential record */ #endif char *fingerprint; }; diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index ef36a2fe..e4cd8963 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2019 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -33,6 +33,11 @@ #include #include #include +#include + +#ifdef HAVE_SYS_RESOURCE_H +# include +#endif #include "ngircd.h" #include "conn.h" @@ -112,6 +117,12 @@ ConfSSL_Init(void) free(Conf_SSLOptions.CertFile); Conf_SSLOptions.CertFile = NULL; + free(Conf_SSLOptions.CAFile); + Conf_SSLOptions.CAFile = NULL; + + free(Conf_SSLOptions.CRLFile); + Conf_SSLOptions.CRLFile = NULL; + free(Conf_SSLOptions.DHFile); Conf_SSLOptions.DHFile = NULL; array_free_wipe(&Conf_SSLOptions.KeyFilePassword); @@ -328,7 +339,7 @@ Conf_Test( void ) { struct passwd *pwd; struct group *grp; - unsigned int i; + unsigned int i, j; bool config_valid; size_t predef_channel_count; struct Conf_Channel *predef_chan; @@ -388,7 +399,7 @@ Conf_Test( void ) printf(" MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP); printf(" MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1); printf(" MaxNickLength = %u\n", Conf_MaxNickLength - 1); - printf(" MaxPenaltyTime = %ld\n", Conf_MaxPenaltyTime); + printf(" MaxPenaltyTime = %ld\n", (long)Conf_MaxPenaltyTime); printf(" MaxListSize = %d\n", Conf_MaxListSize); printf(" PingTimeout = %d\n", Conf_PingTimeout); printf(" PongTimeout = %d\n", Conf_PongTimeout); @@ -408,7 +419,7 @@ Conf_Test( void ) #endif printf(" DefaultUserModes = %s\n", Conf_DefaultUserModes); printf(" DNS = %s\n", yesno_to_str(Conf_DNS)); -#ifdef IDENT +#ifdef IDENTAUTH printf(" Ident = %s\n", yesno_to_str(Conf_Ident)); #endif printf(" IncludeDir = %s\n", Conf_IncludeDir); @@ -435,10 +446,14 @@ Conf_Test( void ) #ifdef SSL_SUPPORT puts("[SSL]"); + printf(" CAFile = %s\n", Conf_SSLOptions.CAFile + ? Conf_SSLOptions.CAFile : ""); printf(" CertFile = %s\n", Conf_SSLOptions.CertFile ? Conf_SSLOptions.CertFile : ""); printf(" CipherList = %s\n", Conf_SSLOptions.CipherList ? Conf_SSLOptions.CipherList : DEFAULT_CIPHERS); + printf(" CRLFile = %s\n", Conf_SSLOptions.CRLFile + ? Conf_SSLOptions.CRLFile : ""); printf(" DHFile = %s\n", Conf_SSLOptions.DHFile ? Conf_SSLOptions.DHFile : ""); printf(" KeyFile = %s\n", Conf_SSLOptions.KeyFile @@ -464,13 +479,16 @@ Conf_Test( void ) printf( " Host = %s\n", Conf_Server[i].host ); printf( " Port = %u\n", (unsigned int)Conf_Server[i].port ); #ifdef SSL_SUPPORT - printf( " SSLConnect = %s\n", Conf_Server[i].SSLConnect?"yes":"no"); + printf(" SSLConnect = %s\n", + yesno_to_str(Conf_Server[i].SSLConnect)); + printf(" SSLVerify = %s\n", + yesno_to_str(Conf_Server[i].SSLVerify)); #endif printf( " MyPassword = %s\n", Conf_Server[i].pwd_in ); printf( " PeerPassword = %s\n", Conf_Server[i].pwd_out ); printf( " ServiceMask = %s\n", Conf_Server[i].svs_mask); printf( " Group = %d\n", Conf_Server[i].group ); - printf( " Passive = %s\n\n", Conf_Server[i].flags & CONF_SFLAG_DISABLED ? "yes" : "no"); + printf( " Passive = %s\n\n", yesno_to_str(Conf_Server[i].flags & CONF_SFLAG_DISABLED)); } predef_channel_count = array_length(&Conf_Channels, sizeof(*predef_chan)); @@ -483,10 +501,12 @@ Conf_Test( void ) /* Valid "Channel" section */ puts( "[CHANNEL]" ); printf(" Name = %s\n", predef_chan->name); - printf(" Modes = %s\n", predef_chan->modes); + for(j = 0; j < predef_chan->modes_num; j++) + printf(" Modes = %s\n", predef_chan->modes[j]); printf(" Key = %s\n", predef_chan->key); printf(" MaxUsers = %lu\n", predef_chan->maxusers); printf(" Topic = %s\n", predef_chan->topic); + printf(" Autojoin = %s\n", yesno_to_str(predef_chan->autojoin)); printf(" KeyFile = %s\n\n", predef_chan->keyfile); } @@ -852,7 +872,7 @@ no_listenports(void) static bool Read_TextFile(const char *Filename, const char *Name, array *Destination) { - char line[127]; + char line[COMMAND_LEN]; FILE *fp; int line_no = 1; @@ -900,29 +920,46 @@ Read_Config(bool TestOnly, bool IsStarting) struct dirent *entry; int i, n; FILE *fd; - DIR *dh; + DIR *dh = NULL; + + if (!NGIRCd_ConfFile[0]) { + /* No configuration file name explicitly given on the command + * line, use defaults but ignore errors when this file can't be + * read later on. */ + strlcpy(file, SYSCONFDIR, sizeof(file)); + strlcat(file, CONFIG_FILE, sizeof(file)); + ptr = file; + } else + ptr = NGIRCd_ConfFile; - Log(LOG_INFO, "Using configuration file \"%s\" ...", NGIRCd_ConfFile); + Config_Error(LOG_INFO, "Using %s configuration file \"%s\" ...", + !NGIRCd_ConfFile[0] ? "default" : "specified", ptr); /* Open configuration file */ - fd = fopen( NGIRCd_ConfFile, "r" ); - if( ! fd ) { - /* No configuration file found! */ - Config_Error( LOG_ALERT, "Can't read configuration \"%s\": %s", - NGIRCd_ConfFile, strerror( errno )); - if (!IsStarting) - return false; - Config_Error( LOG_ALERT, "%s exiting due to fatal errors!", PACKAGE_NAME ); - exit( 1 ); + fd = fopen(ptr, "r"); + if (!fd) { + if (NGIRCd_ConfFile[0]) { + Config_Error(LOG_ALERT, + "Can't read specified configuration file \"%s\": %s", + ptr, strerror(errno)); + if (IsStarting) { + Config_Error(LOG_ALERT, + "%s exiting due to fatal errors!", + PACKAGE_NAME); + exit(1); + } + } + Config_Error(LOG_WARNING, + "Can't read default configuration file \"%s\": %s - Ignored.", + ptr, strerror(errno)); } opers_free(); Set_Defaults(IsStarting); - if (TestOnly) + if (TestOnly && fd) Config_Error(LOG_INFO, - "Reading configuration from \"%s\" ...", - NGIRCd_ConfFile ); + "Reading configuration from \"%s\" ...", ptr); /* Clean up server configuration structure: mark all already * configured servers as "once" so that they are deleted @@ -941,16 +978,13 @@ Read_Config(bool TestOnly, bool IsStarting) if( Conf_Server[i].conn_id == Conf_Server[n].conn_id ) { Init_Server_Struct( &Conf_Server[n] ); -#ifdef DEBUG - Log(LOG_DEBUG,"Deleted unused duplicate server %d (kept %d).", - n, i ); -#endif + LogDebug("Deleted unused duplicate server %d (kept %d).", n, i); } } } else { /* Mark server as "once" */ Conf_Server[i].flags |= CONF_SFLAG_ONCE; - Log( LOG_DEBUG, "Marked server %d as \"once\"", i ); + LogDebug("Marked server %d as \"once\"", i); } } } @@ -962,16 +996,23 @@ Read_Config(bool TestOnly, bool IsStarting) ConfSSL_Init(); #endif - Read_Config_File(NGIRCd_ConfFile, fd); - fclose(fd); + if (fd) { + Read_Config_File(ptr, fd); + fclose(fd); + } if (Conf_IncludeDir[0]) { + /* Include directory was set in the main configuration file. So + * use it and show errors. */ dh = opendir(Conf_IncludeDir); if (!dh) Config_Error(LOG_ALERT, "Can't open include directory \"%s\": %s", Conf_IncludeDir, strerror(errno)); - } else { + } else if (!NGIRCd_ConfFile[0]) { + /* No include dir set in the configuration file used (if any) + * but no config file explicitly specified either: so use the + * default include path here as well! */ strlcpy(Conf_IncludeDir, SYSCONFDIR, sizeof(Conf_IncludeDir)); strlcat(Conf_IncludeDir, CONFIG_DIR, sizeof(Conf_IncludeDir)); dh = opendir(Conf_IncludeDir); @@ -1289,121 +1330,11 @@ WarnPAM(const char UNUSED *File, int UNUSED Line) #endif } -/** - * Handle legacy "NoXXX" options in [GLOBAL] section. - * - * TODO: This function and support for "NoXXX" could be removed starting - * with ngIRCd release 19 (one release after marking it "deprecated"). - * - * @param Var Variable name. - * @param Arg Argument string. - * @returns true if a NoXXX option has been processed; false otherwise. - */ -static bool -CheckLegacyNoOption(const char *Var, const char *Arg) -{ - if(strcasecmp(Var, "NoDNS") == 0) { - Conf_DNS = !Check_ArgIsTrue( Arg ); - return true; - } - if (strcasecmp(Var, "NoIdent") == 0) { - Conf_Ident = !Check_ArgIsTrue(Arg); - return true; - } - if(strcasecmp(Var, "NoPAM") == 0) { - Conf_PAM = !Check_ArgIsTrue(Arg); - return true; - } - return false; -} - -/** - * Handle deprecated legacy options in [GLOBAL] section. - * - * TODO: This function and support for these options in the [Global] section - * could be removed starting with ngIRCd release 19 (one release after - * marking it "deprecated"). - * - * @param Var Variable name. - * @param Arg Argument string. - * @returns true if a legacy option has been processed; false otherwise. - */ -static const char* -CheckLegacyGlobalOption(const char *File, int Line, char *Var, char *Arg) -{ - if (strcasecmp(Var, "AllowRemoteOper") == 0 - || strcasecmp(Var, "ChrootDir") == 0 - || strcasecmp(Var, "ConnectIPv4") == 0 - || strcasecmp(Var, "ConnectIPv6") == 0 - || strcasecmp(Var, "OperCanUseMode") == 0 - || strcasecmp(Var, "OperChanPAutoOp") == 0 - || strcasecmp(Var, "OperServerMode") == 0 - || strcasecmp(Var, "PredefChannelsOnly") == 0 - || strcasecmp(Var, "SyslogFacility") == 0 - || strcasecmp(Var, "WebircPassword") == 0) { - Handle_OPTIONS(File, Line, Var, Arg); - return "[Options]"; - } - if (strcasecmp(Var, "ConnectRetry") == 0 - || strcasecmp(Var, "IdleTimeout") == 0 - || strcasecmp(Var, "MaxConnections") == 0 - || strcasecmp(Var, "MaxConnectionsIP") == 0 - || strcasecmp(Var, "MaxJoins") == 0 - || strcasecmp(Var, "MaxNickLength") == 0 - || strcasecmp(Var, "PingTimeout") == 0 - || strcasecmp(Var, "PongTimeout") == 0) { - Handle_LIMITS(File, Line, Var, Arg); - return "[Limits]"; - } -#ifdef SSL_SUPPORT - if (strcasecmp(Var, "SSLCertFile") == 0 - || strcasecmp(Var, "SSLDHFile") == 0 - || strcasecmp(Var, "SSLKeyFile") == 0 - || strcasecmp(Var, "SSLKeyFilePassword") == 0 - || strcasecmp(Var, "SSLPorts") == 0) { - Handle_SSL(File, Line, Var + 3, Arg); - return "[SSL]"; - } -#endif - - return NULL; -} - -/** - * Strip "no" prefix of a string. - * - * TODO: This function and support for "NoXXX" should be removed starting - * with ngIRCd release 19! (One release after marking it "deprecated"). - * - * @param str Pointer to input string starting with "no". - * @returns New pointer to string without "no" prefix. - */ -static const char * -NoNo(const char *str) -{ - assert(strncasecmp("no", str, 2) == 0 && str[2]); - return str + 2; -} - -/** - * Invert "boolean" string. - * - * TODO: This function and support for "NoXXX" should be removed starting - * with ngIRCd release 19! (One release after marking it "deprecated"). - * - * @param arg "Boolean" input string. - * @returns Pointer to inverted "boolean string". - */ -static const char * -InvertArg(const char *arg) -{ - return yesno_to_str(!Check_ArgIsTrue(arg)); -} /** * Handle variable in [Global] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -1413,7 +1344,6 @@ Handle_GLOBAL(const char *File, int Line, char *Var, char *Arg ) struct passwd *pwd; struct group *grp; size_t len; - const char *section; char *ptr; assert(File != NULL); @@ -1553,43 +1483,13 @@ Handle_GLOBAL(const char *File, int Line, char *Var, char *Arg ) return; } - if (CheckLegacyNoOption(Var, Arg)) { - /* TODO: This function and support for "NoXXX" could be - * be removed starting with ngIRCd release 19 (one release - * after marking it "deprecated"). */ - Config_Error(LOG_WARNING, - "%s, line %d (section \"Global\"): \"No\"-Prefix is deprecated, use \"%s = %s\" in [Options] section!", - File, Line, NoNo(Var), InvertArg(Arg)); - if (strcasecmp(Var, "NoIdent") == 0) - WarnIdent(File, Line); - else if (strcasecmp(Var, "NoPam") == 0) - WarnPAM(File, Line); - return; - } - if ((section = CheckLegacyGlobalOption(File, Line, Var, Arg))) { - /** TODO: This function and support for these options in the - * [Global] section could be removed starting with ngIRCd - * release 19 (one release after marking it "deprecated"). */ - if (strncasecmp(Var, "SSL", 3) == 0) { - Config_Error(LOG_WARNING, - "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s and rename to \"%s\"!", - File, Line, Var, section, - Var + 3); - } else { - Config_Error(LOG_WARNING, - "%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!", - File, Line, Var, section); - } - return; - } - Config_Error_Section(File, Line, Var, "Global"); } /** * Handle variable in [Limits] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -1678,7 +1578,7 @@ Handle_LIMITS(const char *File, int Line, char *Var, char *Arg) /** * Handle variable in [Options] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -1807,18 +1707,6 @@ Handle_OPTIONS(const char *File, int Line, char *Var, char *Arg) Conf_MorePrivacy = Check_ArgIsTrue(Arg); return; } - if (strcasecmp(Var, "NoticeAuth") == 0) { - /* - * TODO: This section and support for "NoticeAuth" variable - * could be removed starting with ngIRCd release 24 (one - * release after marking it "deprecated") ... - */ - Config_Error(LOG_WARNING, - "%s, line %d (section \"Options\"): \"%s\" is deprecated, please use \"NoticeBeforeRegistration\"!", - File, Line, Var); - Conf_NoticeBeforeRegistration = Check_ArgIsTrue(Arg); - return; - } if (strcasecmp(Var, "NoticeBeforeRegistration") == 0) { Conf_NoticeBeforeRegistration = Check_ArgIsTrue(Arg); return; @@ -1850,22 +1738,6 @@ Handle_OPTIONS(const char *File, int Line, char *Var, char *Arg) Config_Error_TooLong(File, Line, Var); return; } - if (strcasecmp(Var, "PredefChannelsOnly") == 0) { - /* - * TODO: This section and support for "PredefChannelsOnly" - * could be removed starting with ngIRCd release 22 (one - * release after marking it "deprecated") ... - */ - Config_Error(LOG_WARNING, - "%s, line %d (section \"Options\"): \"%s\" is deprecated, please use \"AllowedChannelTypes\"!", - File, Line, Var); - if (Check_ArgIsTrue(Arg)) - Conf_AllowedChannelTypes[0] = '\0'; - else - strlcpy(Conf_AllowedChannelTypes, CHANTYPES, - sizeof(Conf_AllowedChannelTypes)); - return; - } #ifndef STRICT_RFC if (strcasecmp(Var, "RequireAuthPing") == 0) { Conf_AuthPing = Check_ArgIsTrue(Arg); @@ -1898,7 +1770,7 @@ Handle_OPTIONS(const char *File, int Line, char *Var, char *Arg) /** * Handle variable in [SSL] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -1942,6 +1814,16 @@ Handle_SSL(const char *File, int Line, char *Var, char *Arg) Conf_SSLOptions.CipherList = strdup_warn(Arg); return; } + if (strcasecmp(Var, "CAFile") == 0) { + assert(Conf_SSLOptions.CAFile == NULL); + Conf_SSLOptions.CAFile = strdup_warn(Arg); + return; + } + if (strcasecmp(Var, "CRLFile") == 0) { + assert(Conf_SSLOptions.CRLFile == NULL); + Conf_SSLOptions.CRLFile = strdup_warn(Arg); + return; + } Config_Error_Section(File, Line, Var, "SSL"); } @@ -1951,7 +1833,7 @@ Handle_SSL(const char *File, int Line, char *Var, char *Arg) /** * Handle variable in [Operator] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -1998,7 +1880,7 @@ Handle_OPERATOR(const char *File, int Line, char *Var, char *Arg ) /** * Handle variable in [Server] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -2072,7 +1954,11 @@ Handle_SERVER(const char *File, int Line, char *Var, char *Arg ) if( strcasecmp( Var, "SSLConnect" ) == 0 ) { New_Server.SSLConnect = Check_ArgIsTrue(Arg); return; - } + } + if (strcasecmp(Var, "SSLVerify") == 0) { + New_Server.SSLVerify = Check_ArgIsTrue(Arg); + return; + } #endif if( strcasecmp( Var, "Group" ) == 0 ) { /* Server group */ @@ -2128,7 +2014,7 @@ Handle_Channelname(struct Conf_Channel *new_chan, const char *name) /** * Handle variable in [Channel] configuration section. * - * @param Line Line numer in configuration file. + * @param Line Line number in configuration file. * @param Var Variable name. * @param Arg Variable argument. */ @@ -2155,8 +2041,12 @@ Handle_CHANNEL(const char *File, int Line, char *Var, char *Arg) } if (strcasecmp(Var, "Modes") == 0) { /* Initial modes */ - len = strlcpy(chan->modes, Arg, sizeof(chan->modes)); - if (len >= sizeof(chan->modes)) + if(chan->modes_num >= sizeof(chan->modes)) { + Config_Error(LOG_ERR, "Too many Modes, option ignored."); + return; + } + chan->modes[chan->modes_num++] = strndup(Arg, COMMAND_LEN); + if(strlen(Arg) >= COMMAND_LEN) Config_Error_TooLong(File, Line, Var); return; } @@ -2167,11 +2057,19 @@ Handle_CHANNEL(const char *File, int Line, char *Var, char *Arg) Config_Error_TooLong(File, Line, Var); return; } + if( strcasecmp( Var, "Autojoin" ) == 0 ) { + /* Check autojoin */ + chan->autojoin = Check_ArgIsTrue(Arg); + return; + } if( strcasecmp( Var, "Key" ) == 0 ) { /* Initial Channel Key (mode k) */ len = strlcpy(chan->key, Arg, sizeof(chan->key)); if (len >= sizeof(chan->key)) Config_Error_TooLong(File, Line, Var); + Config_Error(LOG_WARNING, + "%s, line %d (section \"Channel\"): \"%s\" is deprecated here, use \"Modes = +k \"!", + File, Line, Var); return; } if( strcasecmp( Var, "MaxUsers" ) == 0 ) { @@ -2179,6 +2077,9 @@ Handle_CHANNEL(const char *File, int Line, char *Var, char *Arg) chan->maxusers = (unsigned long) atol(Arg); if (!chan->maxusers && strcmp(Arg, "0")) Config_Error_NaN(File, Line, Var); + Config_Error(LOG_WARNING, + "%s, line %d (section \"Channel\"): \"%s\" is deprecated here, use \"Modes = +l \"!", + File, Line, Var); return; } if (strcasecmp(Var, "KeyFile") == 0) { @@ -2207,11 +2108,14 @@ Validate_Config(bool Configtest, bool Rehash) { /* Validate configuration settings. */ -#ifdef DEBUG int i, servers, servers_once; -#endif + struct hostent *h; bool config_valid = true; char *ptr; +#ifdef HAVE_SETRLIMIT + struct rlimit rlim; + long fd_lim_old; +#endif /* Emit a warning when the config file is not a full path name */ if (NGIRCd_ConfFile[0] && NGIRCd_ConfFile[0] != '/') { @@ -2220,6 +2124,28 @@ Validate_Config(bool Configtest, bool Rehash) NGIRCd_ConfFile); } + if (!Conf_ServerName[0]) { + /* No server name configured, try to get a sane name from the + * host name. Note: the IRC server name MUST contain + * at least one dot, so the "node name" is not sufficient! */ + gethostname(Conf_ServerName, sizeof(Conf_ServerName)); + if (Conf_DNS) { + /* Try to get a proper host name ... */ + h = gethostbyname(Conf_ServerName); + if (h) + strlcpy(Conf_ServerName, h->h_name, + sizeof(Conf_ServerName)); + } + if (!strchr(Conf_ServerName, '.')) { + /* (Still) No dot in the name! */ + strlcat(Conf_ServerName, ".host", + sizeof(Conf_ServerName)); + } + Config_Error(LOG_WARNING, + "No server name configured, using host name \"%s\".", + Conf_ServerName); + } + /* Validate configured server name, see RFC 2812 section 2.3.1 */ ptr = Conf_ServerName; do { @@ -2234,13 +2160,10 @@ Validate_Config(bool Configtest, bool Rehash) break; } while (*(++ptr)); - if (!Conf_ServerName[0] || !strchr(Conf_ServerName, '.')) - { - /* No server name configured! */ + if (!Conf_ServerName[0] || !strchr(Conf_ServerName, '.')) { config_valid = false; Config_Error(LOG_ALERT, - "No (valid) server name configured in \"%s\" (section 'Global': 'Name')!", - NGIRCd_ConfFile); + "No (valid) server name configured (section 'Global': 'Name')!"); if (!Configtest && !Rehash) { Config_Error(LOG_ALERT, "%s exiting due to fatal errors!", @@ -2254,8 +2177,7 @@ Validate_Config(bool Configtest, bool Rehash) /* No administrative contact configured! */ config_valid = false; Config_Error(LOG_ALERT, - "No administrator email address configured in \"%s\" ('AdminEMail')!", - NGIRCd_ConfFile); + "No administrator email address configured ('AdminEMail')!"); if (!Configtest) { Config_Error(LOG_ALERT, "%s exiting due to fatal errors!", @@ -2283,7 +2205,48 @@ Validate_Config(bool Configtest, bool Rehash) "Maximum penalty increase ('MaxPenaltyTime') is set to %ld, this is not recommended!", Conf_MaxPenaltyTime); -#ifdef DEBUG +#ifdef HAVE_SETRLIMIT + if(getrlimit(RLIMIT_NOFILE, &rlim) == 0) { + LogDebug("Current file descriptor limit is %ld, maximum %ld. \"MaxConnections\" is %ld.", + (long)rlim.rlim_cur, (long)rlim.rlim_max, + Conf_MaxConnections); + fd_lim_old = rlim.rlim_cur; + /* Don't request "infinite" file descriptors, use a limit! */ + if (rlim.rlim_max != RLIM_INFINITY && rlim.rlim_max < MAX_FD_LIMIT) + rlim.rlim_cur = rlim.rlim_max; + else + rlim.rlim_cur = MAX_FD_LIMIT; + if ((long)rlim.rlim_cur != fd_lim_old) { + /* Try to adjust the current file descriptor limit: */ + LogDebug("Trying to upgrade \"soft\" file descriptor limit: %ld -> %ld ...", + fd_lim_old, (long)rlim.rlim_cur); + if(setrlimit(RLIMIT_NOFILE, &rlim) != 0) + Config_Error(LOG_ERR, "Failed to adjust file descriptor limit from %ld to %ld: %s", + fd_lim_old, (long)rlim.rlim_cur, + strerror(errno)); + } + /* Check the (updated?) file descriptor limit: */ + getrlimit(RLIMIT_NOFILE, &rlim); + if (rlim.rlim_cur != RLIM_INFINITY + && (long)rlim.rlim_cur <= (long)Conf_MaxConnections) { + Config_Error(LOG_WARNING, + "Current file descriptor limit (%ld) is not higher than configured \"MaxConnections\" (%ld)!", + (long)rlim.rlim_cur, Conf_MaxConnections); + } else if (!Configtest) { + if (Conf_MaxConnections > 0) + Log(LOG_INFO, + "File descriptor limit is %ld; \"MaxConnections\" is set to %ld.", + (long)rlim.rlim_cur, Conf_MaxConnections); + else + Log(LOG_INFO, + "File descriptor limit is %ld; \"MaxConnections\" is not set.", + (long)rlim.rlim_cur); + } + } else + Config_Error(LOG_ERR, "Failed to get file descriptor limit: %s", + strerror(errno)); +#endif + servers = servers_once = 0; for (i = 0; i < MAX_SERVERS; i++) { if (Conf_Server[i].name[0]) { @@ -2292,12 +2255,10 @@ Validate_Config(bool Configtest, bool Rehash) servers_once++; } } - Log(LOG_DEBUG, - "Configuration: Operators=%ld, Servers=%d[%d], Channels=%ld", + LogDebug("Configuration: Operators=%ld, Servers=%d[%d], Channels=%ld", array_length(&Conf_Opers, sizeof(struct Conf_Oper)), servers, servers_once, array_length(&Conf_Channels, sizeof(struct Conf_Channel))); -#endif return config_valid; } @@ -2384,7 +2345,6 @@ va_dcl Log(Level, "%s", msg); } -#ifdef DEBUG /** * Dump internal state of the "configuration module". @@ -2394,11 +2354,11 @@ Conf_DebugDump(void) { int i; - Log(LOG_DEBUG, "Configured servers:"); + LogDebug("Configured servers:"); for (i = 0; i < MAX_SERVERS; i++) { if (! Conf_Server[i].name[0]) continue; - Log(LOG_DEBUG, + LogDebug( " - %s: %s:%d, last=%ld, group=%d, flags=%d, conn=%d", Conf_Server[i].name, Conf_Server[i].host, Conf_Server[i].port, Conf_Server[i].lasttry, @@ -2407,7 +2367,6 @@ Conf_DebugDump(void) } } -#endif /** * Initialize server configuration structure to default values. @@ -2429,6 +2388,11 @@ Init_Server_Struct( CONF_SERVER *Server ) Proc_InitStruct(&Server->res_stat); Server->conn_id = NONE; memset(&Server->bind_addr, 0, sizeof(Server->bind_addr)); + +#ifdef SSL_SUPPORT + /* Verify SSL connections by default! */ + Server->SSLVerify = true; +#endif } /* -eof- */ diff --git a/src/ngircd/conf.h b/src/ngircd/conf.h index 8029c0f7..9378d17c 100644 --- a/src/ngircd/conf.h +++ b/src/ngircd/conf.h @@ -29,7 +29,7 @@ /** * Configured IRC operator. - * Please note that the name of the IRC operaor and his nick have nothing to + * Please note that the name of the IRC operator and his nick have nothing to * do with each other! The IRC operator is only identified by the name and * password configured in this structure. */ @@ -61,6 +61,7 @@ typedef struct _Conf_Server ng_ipaddr_t dst_addr[2]; /**< List of addresses to connect to */ #ifdef SSL_SUPPORT bool SSLConnect; /**< Establish connection using SSL? */ + bool SSLVerify; /**< Verify server certificate using CA? */ #endif char svs_mask[CLIENT_ID_LEN]; /**< Mask of nicknames that should be treated and counted as services */ @@ -76,6 +77,8 @@ struct SSLOptions { array ListenPorts; /**< Array of listening SSL ports */ array KeyFilePassword; /**< Key file password */ char *CipherList; /**< Set SSL cipher list to use */ + char *CAFile; /**< Trusted CA certificates file */ + char *CRLFile; /**< Certificate revocation file */ }; #endif @@ -83,11 +86,13 @@ struct SSLOptions { /** Pre-defined channels */ struct Conf_Channel { char name[CHANNEL_NAME_LEN]; /**< Name of the channel */ - char modes[CHANNEL_MODE_LEN]; /**< Initial channel modes */ + char *modes[512]; /**< Initial channel modes to evaluate */ char key[CLIENT_PASS_LEN]; /**< Channel key ("password", mode "k" ) */ char topic[COMMAND_LEN]; /**< Initial topic */ char keyfile[512]; /**< Path and name of channel key file */ + bool autojoin; /**< 1 to make all users autojoin this channel */ unsigned long maxusers; /**< User limit for this channel, mode "l" */ + unsigned int modes_num; /**< Number of channel modes to evaluate */ }; @@ -221,7 +226,7 @@ GLOBAL bool Conf_ConnectIPv6; /** Try to connect to remote systems using the IPv4 protocol (true) */ GLOBAL bool Conf_ConnectIPv4; -/** Idle timout (seconds), after which the daemon should exit */ +/** Idle timeout (seconds), after which the daemon should exit */ GLOBAL int Conf_IdleTimeout; /** Maximum number of simultaneous connections to this server */ @@ -239,7 +244,7 @@ GLOBAL unsigned int Conf_MaxNickLength; /** Maximum number of channels returned to /list */ GLOBAL int Conf_MaxListSize; -/** Maximium seconds to add per "penalty". -1 = unlimited. */ +/** Maximum seconds to add per "penalty". -1 = unlimited. */ GLOBAL time_t Conf_MaxPenaltyTime; #ifndef STRICT_RFC @@ -279,9 +284,7 @@ GLOBAL bool Conf_SSLInUse PARAMS((void)); /* Password required by WEBIRC command */ GLOBAL char Conf_WebircPwd[CLIENT_PASS_LEN]; -#ifdef DEBUG GLOBAL void Conf_DebugDump PARAMS((void)); -#endif #endif diff --git a/src/ngircd/conn-func.c b/src/ngircd/conn-func.c index 72d38b86..c14a56ae 100644 --- a/src/ngircd/conn-func.c +++ b/src/ngircd/conn-func.c @@ -21,11 +21,8 @@ #include #include -#ifdef DEBUG -# include "log.h" -#endif +#include "log.h" #include "conn.h" - #include "conf.h" #include "conn-func.h" @@ -45,13 +42,17 @@ Conn_UpdateIdle(CONN_ID Idx) /** * Update "ping timestamp", the time of the last outgoing PING request. * + * the value 0 signals a newly connected client including servers during the + * initial "server burst"; and 1 means that no PONG is pending for a PING. + * * @param Idx Connection index. + * @param TimeStamp 0, 1, or time stamp. */ GLOBAL void -Conn_UpdatePing(CONN_ID Idx) +Conn_UpdatePing(CONN_ID Idx, time_t TimeStamp) { assert(Idx > NONE); - My_Connections[Idx].lastping = time(NULL); + My_Connections[Idx].lastping = TimeStamp; } /* @@ -67,7 +68,7 @@ Conn_GetSignon(CONN_ID Idx) GLOBAL time_t Conn_GetIdle( CONN_ID Idx ) { - /* Return Idle-Timer of a connetion */ + /* Return Idle-Timer of a connection */ assert( Idx > NONE ); return time( NULL ) - My_Connections[Idx].lastprivmsg; } /* Conn_GetIdle */ @@ -112,13 +113,10 @@ Conn_SetPenalty(CONN_ID Idx, time_t Seconds) My_Connections[Idx].delaytime += Seconds; -#ifdef DEBUG - Log(LOG_DEBUG, - "Add penalty time on connection %d: %ld second%s, total %ld second%s.", + LogDebug("Add penalty time on connection %d: %ld second%s, total %ld second%s.", Idx, (long)Seconds, Seconds != 1 ? "s" : "", My_Connections[Idx].delaytime - t, My_Connections[Idx].delaytime - t != 1 ? "s" : ""); -#endif } /* Conn_SetPenalty */ GLOBAL void diff --git a/src/ngircd/conn-func.h b/src/ngircd/conn-func.h index 1d05acc8..37f70363 100644 --- a/src/ngircd/conn-func.h +++ b/src/ngircd/conn-func.h @@ -30,7 +30,7 @@ GLOBAL void Conn_UpdateIdle PARAMS((CONN_ID Idx)); -GLOBAL void Conn_UpdatePing PARAMS((CONN_ID Idx)); +GLOBAL void Conn_UpdatePing PARAMS((CONN_ID Idx, time_t TimeStamp)); GLOBAL time_t Conn_GetSignon PARAMS((CONN_ID Idx)); GLOBAL time_t Conn_GetIdle PARAMS(( CONN_ID Idx )); diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c index 3f482dc7..abcf53c2 100644 --- a/src/ngircd/conn-ssl.c +++ b/src/ngircd/conn-ssl.c @@ -43,11 +43,15 @@ extern struct SSLOptions Conf_SSLOptions; #include #include #include +#include + +#define MAX_CERT_CHAIN_LENGTH 10 /* XXX: do not hardcode */ static SSL_CTX * ssl_ctx; static DH *dh_params; static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c )); +static bool ConnSSL_SetVerifyProperties_openssl PARAMS((SSL_CTX * c)); #endif #ifdef HAVE_LIBGNUTLS @@ -62,10 +66,19 @@ static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c )); #define MAX_HASH_SIZE 64 /* from gnutls-int.h */ -static gnutls_certificate_credentials_t x509_cred; +typedef struct { + int refcnt; + gnutls_certificate_credentials_t x509_cred; + gnutls_dh_params_t dh_params; +} x509_cred_slot; + +static array x509_creds = INIT_ARRAY; +static size_t x509_cred_idx; + static gnutls_dh_params_t dh_params; -static gnutls_priority_t priorities_cache; +static gnutls_priority_t priorities_cache = NULL; static bool ConnSSL_LoadServerKey_gnutls PARAMS(( void )); +static bool ConnSSL_SetVerifyProperties_gnutls PARAMS((void)); #endif #define SHA256_STRING_LEN (32 * 2 + 1) @@ -123,9 +136,37 @@ out: /** * Log OpenSSL error message. * + * @param level The log level * @param msg The error message. * @param info Additional information text or NULL. */ +static void +LogOpenSSL_CertInfo(int level, X509 * cert, const char *msg) +{ + BIO *mem; + char *memptr; + long len; + + assert(cert); + assert(msg); + + if (!cert) + return; + mem = BIO_new(BIO_s_mem()); + if (!mem) + return; + X509_NAME_print_ex(mem, X509_get_subject_name(cert), 0, + XN_FLAG_ONELINE); + X509_NAME_print_ex(mem, X509_get_issuer_name(cert), 2, XN_FLAG_ONELINE); + if (BIO_write(mem, "", 1) == 1) { + len = BIO_get_mem_data(mem, &memptr); + if (memptr && len > 0) + Log(level, "%s: \"%s\".", msg, memptr); + } + (void)BIO_set_close(mem, BIO_CLOSE); + BIO_free(mem); +} + static void LogOpenSSLError(const char *error, const char *info) { @@ -168,8 +209,24 @@ pem_passwd_cb(char *buf, int size, int rwflag, void *password) static int -Verify_openssl(UNUSED int preverify_ok, UNUSED X509_STORE_CTX *x509_ctx) +Verify_openssl(int preverify_ok, X509_STORE_CTX * ctx) { +#ifdef DEBUG + if (!preverify_ok) { + int err = X509_STORE_CTX_get_error(ctx); + LogDebug("Certificate validation failed: %s", + X509_verify_cert_error_string(err)); + } +#else + (void)preverify_ok; + (void)ctx; +#endif + + /* Always(!) return success as we have to deal with invalid + * (self-signed, expired, ...) client certificates and with invalid + * server certificates when "SSLVerify" is disabled, which we don't + * know at this stage. Therefore we postpone this check, it will be + * (and has to be!) handled in cb_connserver_login_ssl(). */ return 1; } #endif @@ -266,6 +323,21 @@ void ConnSSL_Free(CONNECTION *c) gnutls_bye(sess, GNUTLS_SHUT_RDWR); gnutls_deinit(sess); } + x509_cred_slot *slot = array_get(&x509_creds, sizeof(x509_cred_slot), c->ssl_state.x509_cred_idx); + assert(slot != NULL); + assert(slot->refcnt > 0); + assert(slot->x509_cred != NULL); + slot->refcnt--; + if ((c->ssl_state.x509_cred_idx != x509_cred_idx) && (slot->refcnt <= 0)) { + LogDebug("Discarding X509 certificate credentials from slot %zd.", + c->ssl_state.x509_cred_idx); + gnutls_certificate_free_keys(slot->x509_cred); + gnutls_certificate_free_credentials(slot->x509_cred); + slot->x509_cred = NULL; + gnutls_dh_params_deinit(slot->dh_params); + slot->dh_params = NULL; + slot->refcnt = 0; + } #endif assert(Conn_OPTION_ISSET(c, CONN_SSL)); /* can't just set bitmask to 0 -- there are other, non-ssl related flags, e.g. CONN_ZIP. */ @@ -331,10 +403,13 @@ ConnSSL_InitLibrary( void ) } SSL_CTX_set_session_id_context(newctx, (unsigned char *)"ngircd", 6); - SSL_CTX_set_options(newctx, SSL_OP_SINGLE_DH_USE|SSL_OP_NO_SSLv2); + if (!ConnSSL_SetVerifyProperties_openssl(newctx)) + goto out; + SSL_CTX_set_options(newctx, + SSL_OP_SINGLE_DH_USE | SSL_OP_NO_SSLv2 | + SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | + SSL_OP_NO_COMPRESSION); SSL_CTX_set_mode(newctx, SSL_MODE_ENABLE_PARTIAL_WRITE); - SSL_CTX_set_verify(newctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, - Verify_openssl); SSL_CTX_free(ssl_ctx); ssl_ctx = newctx; Log(LOG_INFO, "%s initialized.", OpenSSL_version(OPENSSL_VERSION)); @@ -348,22 +423,21 @@ out: int err; static bool initialized; - if (initialized) { - /* TODO: cannot reload gnutls keys: can't simply free x509 - * context -- it may still be in use */ - return false; - } - - err = gnutls_global_init(); - if (err) { - Log(LOG_ERR, "Failed to initialize GnuTLS: %s", - gnutls_strerror(err)); - goto out; + if (!initialized) { + err = gnutls_global_init(); + if (err) { + Log(LOG_ERR, "Failed to initialize GnuTLS: %s", + gnutls_strerror(err)); + goto out; + } } if (!ConnSSL_LoadServerKey_gnutls()) goto out; + if (priorities_cache != NULL) { + gnutls_priority_deinit(priorities_cache); + } if (gnutls_priority_init(&priorities_cache, Conf_SSLOptions.CipherList, NULL) != GNUTLS_E_SUCCESS) { Log(LOG_ERR, @@ -372,6 +446,9 @@ out: goto out; } + if (!ConnSSL_SetVerifyProperties_gnutls()) + goto out; + Log(LOG_INFO, "GnuTLS %s initialized.", gnutls_check_version(NULL)); initialized = true; return true; @@ -383,12 +460,49 @@ out: #ifdef HAVE_LIBGNUTLS +static bool +ConnSSL_SetVerifyProperties_gnutls(void) +{ + int err; + + if (!Conf_SSLOptions.CAFile) + return true; + + x509_cred_slot *slot = array_get(&x509_creds, sizeof(x509_cred_slot), x509_cred_idx); + gnutls_certificate_credentials_t x509_cred = slot->x509_cred; + + err = gnutls_certificate_set_x509_trust_file(x509_cred, + Conf_SSLOptions.CAFile, + GNUTLS_X509_FMT_PEM); + if (err < 0) { + Log(LOG_ERR, "Failed to load x509 trust file %s: %s", + Conf_SSLOptions.CAFile, gnutls_strerror(err)); + return false; + } + if (Conf_SSLOptions.CRLFile) { + err = + gnutls_certificate_set_x509_crl_file(x509_cred, + Conf_SSLOptions.CRLFile, + GNUTLS_X509_FMT_PEM); + if (err < 0) { + Log(LOG_ERR, "Failed to load x509 crl file %s: %s", + Conf_SSLOptions.CRLFile, gnutls_strerror(err)); + return false; + } + } + return true; +} + + static bool ConnSSL_LoadServerKey_gnutls(void) { int err; const char *cert_file; + x509_cred_slot *slot = NULL; + gnutls_certificate_credentials_t x509_cred; + err = gnutls_certificate_allocate_credentials(&x509_cred); if (err < 0) { Log(LOG_ERR, "Failed to allocate certificate credentials: %s", @@ -396,12 +510,6 @@ ConnSSL_LoadServerKey_gnutls(void) return false; } - cert_file = Conf_SSLOptions.CertFile ? Conf_SSLOptions.CertFile:Conf_SSLOptions.KeyFile; - if (!cert_file) { - Log(LOG_ERR, "No SSL server key configured!"); - return false; - } - if (array_bytes(&Conf_SSLOptions.KeyFilePassword)) Log(LOG_WARNING, "Ignoring SSL \"KeyFilePassword\": Not supported by GnuTLS."); @@ -410,15 +518,61 @@ ConnSSL_LoadServerKey_gnutls(void) return false; gnutls_certificate_set_dh_params(x509_cred, dh_params); - err = gnutls_certificate_set_x509_key_file(x509_cred, cert_file, Conf_SSLOptions.KeyFile, GNUTLS_X509_FMT_PEM); - if (err < 0) { - Log(LOG_ERR, - "Failed to set certificate key file (cert %s, key %s): %s", - cert_file, - Conf_SSLOptions.KeyFile ? Conf_SSLOptions.KeyFile : "(NULL)", - gnutls_strerror(err)); - return false; + gnutls_certificate_set_flags(x509_cred, GNUTLS_CERTIFICATE_VERIFY_CRLS); + + cert_file = Conf_SSLOptions.CertFile ? + Conf_SSLOptions.CertFile : Conf_SSLOptions.KeyFile; + if (Conf_SSLOptions.KeyFile) { + err = gnutls_certificate_set_x509_key_file(x509_cred, cert_file, + Conf_SSLOptions.KeyFile, + GNUTLS_X509_FMT_PEM); + if (err < 0) { + Log(LOG_ERR, + "Failed to set certificate key file (cert %s, key %s): %s", + cert_file, + Conf_SSLOptions.KeyFile ? Conf_SSLOptions.KeyFile : "(NULL)", + gnutls_strerror(err)); + return false; + } + } + + /* Free currently active x509 context (if any) unless it is still in use */ + slot = array_get(&x509_creds, sizeof(x509_cred_slot), x509_cred_idx); + if ((slot != NULL) && (slot->refcnt <= 0) && (slot->x509_cred != NULL)) { + LogDebug("Discarding X509 certificate credentials from slot %zd.", + x509_cred_idx); + gnutls_certificate_free_keys(slot->x509_cred); + gnutls_certificate_free_credentials(slot->x509_cred); + slot->x509_cred = NULL; + gnutls_dh_params_deinit(slot->dh_params); + slot->dh_params = NULL; + slot->refcnt = 0; } + + /* Find free slot */ + x509_cred_idx = (size_t) -1; + size_t i; + for (slot = array_start(&x509_creds), i = 0; + i < array_length(&x509_creds, sizeof(x509_cred_slot)); + slot++, i++) { + if (slot->refcnt <= 0) { + x509_cred_idx = i; + break; + } + } + /* ... allocate new slot otherwise. */ + if (x509_cred_idx == (size_t) -1) { + x509_cred_idx = array_length(&x509_creds, sizeof(x509_cred_slot)); + slot = array_alloc(&x509_creds, sizeof(x509_cred_slot), x509_cred_idx); + if (slot == NULL) { + Log(LOG_ERR, "Failed to allocate new slot for certificate credentials"); + return false; + } + } + LogDebug("Storing new X509 certificate credentials in slot %zd.", x509_cred_idx); + slot->x509_cred = x509_cred; + slot->refcnt = 0; + return true; } #endif @@ -431,14 +585,12 @@ ConnSSL_LoadServerKey_openssl(SSL_CTX *ctx) char *cert_key; assert(ctx); - if (!Conf_SSLOptions.KeyFile) { - Log(LOG_ERR, "No SSL server key configured!"); - return false; - } - SSL_CTX_set_default_passwd_cb(ctx, pem_passwd_cb); SSL_CTX_set_default_passwd_cb_userdata(ctx, &Conf_SSLOptions.KeyFilePassword); + if (!Conf_SSLOptions.KeyFile) + return true; + if (SSL_CTX_use_PrivateKey_file(ctx, Conf_SSLOptions.KeyFile, SSL_FILETYPE_PEM) != 1) { array_free_wipe(&Conf_SSLOptions.KeyFilePassword); LogOpenSSLError("Failed to add private key", Conf_SSLOptions.KeyFile); @@ -469,6 +621,56 @@ ConnSSL_LoadServerKey_openssl(SSL_CTX *ctx) } +static bool +ConnSSL_SetVerifyProperties_openssl(SSL_CTX * ctx) +{ + X509_STORE *store = NULL; + X509_LOOKUP *lookup; + bool ret = false; + + if (!Conf_SSLOptions.CAFile) + return true; + + if (SSL_CTX_load_verify_locations(ctx, Conf_SSLOptions.CAFile, NULL) != + 1) { + LogOpenSSLError("SSL_CTX_load_verify_locations", NULL); + goto out; + } + + if (Conf_SSLOptions.CRLFile) { + X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new(); + X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK); + SSL_CTX_set1_param(ctx, param); + + store = SSL_CTX_get_cert_store(ctx); + assert(store); + lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); + if (!lookup) { + LogOpenSSLError("X509_STORE_add_lookup", + Conf_SSLOptions.CRLFile); + goto out; + } + + if (X509_load_crl_file + (lookup, Conf_SSLOptions.CRLFile, X509_FILETYPE_PEM) != 1) { + LogOpenSSLError("X509_load_crl_file", + Conf_SSLOptions.CRLFile); + goto out; + } + } + + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, + Verify_openssl); + SSL_CTX_set_verify_depth(ctx, MAX_CERT_CHAIN_LENGTH); + ret = true; +out: + if (Conf_SSLOptions.CRLFile) + free(Conf_SSLOptions.CRLFile); + Conf_SSLOptions.CRLFile = NULL; + return ret; +} + + #endif static bool ConnSSL_Init_SSL(CONNECTION *c) @@ -520,8 +722,13 @@ ConnSSL_Init_SSL(CONNECTION *c) (gnutls_transport_ptr_t) (long) c->sock); gnutls_certificate_server_set_request(c->ssl_state.gnutls_session, GNUTLS_CERT_REQUEST); + + LogDebug("Using X509 credentials from slot %zd.", x509_cred_idx); + c->ssl_state.x509_cred_idx = x509_cred_idx; + x509_cred_slot *slot = array_get(&x509_creds, sizeof(x509_cred_slot), x509_cred_idx); + slot->refcnt++; ret = gnutls_credentials_set(c->ssl_state.gnutls_session, - GNUTLS_CRD_CERTIFICATE, x509_cred); + GNUTLS_CRD_CERTIFICATE, slot->x509_cred); if (ret != 0) { Log(LOG_ERR, "Failed to set SSL credentials: %s", gnutls_strerror(ret)); @@ -535,27 +742,45 @@ ConnSSL_Init_SSL(CONNECTION *c) bool -ConnSSL_PrepareConnect(CONNECTION *c, UNUSED CONF_SERVER *s) +ConnSSL_PrepareConnect(CONNECTION * c, CONF_SERVER * s) { bool ret; #ifdef HAVE_LIBGNUTLS int err; + (void)s; err = gnutls_init(&c->ssl_state.gnutls_session, GNUTLS_CLIENT); if (err) { Log(LOG_ERR, "Failed to initialize new SSL session: %s", gnutls_strerror(err)); return false; - } + } #endif ret = ConnSSL_Init_SSL(c); if (!ret) return false; Conn_OPTION_ADD(c, CONN_SSL_CONNECT); + #ifdef HAVE_LIBSSL assert(c->ssl_state.ssl); - SSL_set_verify(c->ssl_state.ssl, SSL_VERIFY_NONE, NULL); + + X509_VERIFY_PARAM *param = SSL_get0_param(c->ssl_state.ssl); + X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); + int err = X509_VERIFY_PARAM_set1_host(param, s->host, 0); + if (err != 1) { + Log(LOG_ERR, + "Cannot set up hostname verification for '%s': %u", + s->host, err); + return false; + } + + if (s->SSLVerify) + SSL_set_verify(c->ssl_state.ssl, SSL_VERIFY_PEER, + Verify_openssl); + else + SSL_set_verify(c->ssl_state.ssl, SSL_VERIFY_NONE, NULL); #endif + return true; } @@ -612,9 +837,12 @@ ConnSSL_HandleError(CONNECTION * c, const int code, const char *fname) "SSL error, client disconnected [in %s()]!", fname); break; - case -1: /* low level socket I/O error, check errno */ - Log(LOG_ERR, "SSL error: %s [in %s()]!", - strerror(real_errno), fname); + case -1: + /* Low level socket I/O error, check errno. But + * we don't need to log this here, the generic + * connection layer will take care of it. */ + LogDebug("SSL error: %s [in %s()]!", + strerror(real_errno), fname); } } break; @@ -642,8 +870,10 @@ ConnSSL_HandleError(CONNECTION * c, const int code, const char *fname) default: assert(code < 0); if (gnutls_error_is_fatal(code)) { - Log(LOG_ERR, "SSL error: %s [%s].", - gnutls_strerror(code), fname); + /* We don't need to log this here, the generic + * connection layer will take care of it. */ + LogDebug("SSL error: %s [%s].", + gnutls_strerror(code), fname); ConnSSL_Free(c); return -1; } @@ -653,18 +883,114 @@ ConnSSL_HandleError(CONNECTION * c, const int code, const char *fname) } +#ifdef HAVE_LIBGNUTLS +static void * +LogMalloc(size_t s) +{ + void *mem = malloc(s); + if (!mem) + Log(LOG_ERR, "Out of memory: Could not allocate %lu byte", + (unsigned long)s); + return mem; +} + + +static void +LogGnuTLS_CertInfo(int level, gnutls_x509_crt_t cert, const char *msg) +{ + char *dn, *issuer_dn; + size_t size = 0; + int err = gnutls_x509_crt_get_dn(cert, NULL, &size); + if (size == 0) { + Log(LOG_ERR, "gnutls_x509_crt_get_dn: size == 0"); + return; + } + if (err && err != GNUTLS_E_SHORT_MEMORY_BUFFER) + goto err_crt_get; + dn = LogMalloc(size); + if (!dn) + return; + err = gnutls_x509_crt_get_dn(cert, dn, &size); + if (err) + goto err_crt_get; + gnutls_x509_crt_get_issuer_dn(cert, NULL, &size); + assert(size); + issuer_dn = LogMalloc(size); + if (!issuer_dn) { + Log(level, "%s: Distinguished Name \"%s\".", msg, dn); + free(dn); + return; + } + gnutls_x509_crt_get_issuer_dn(cert, issuer_dn, &size); + Log(level, "%s: Distinguished Name \"%s\", Issuer \"%s\".", msg, dn, + issuer_dn); + free(dn); + free(issuer_dn); + return; + + err_crt_get: + Log(LOG_ERR, "gnutls_x509_crt_get_dn: %s", gnutls_strerror(err)); + return; +} +#endif + + static void -ConnSSL_LogCertInfo( CONNECTION *c ) +ConnSSL_LogCertInfo( CONNECTION * c, bool connect) { + bool cert_seen = false, cert_ok = false; + char msg[128]; #ifdef HAVE_LIBSSL + const char *comp_alg = "no compression"; + const void *comp; + X509 *peer_cert = NULL; SSL *ssl = c->ssl_state.ssl; assert(ssl); - Log(LOG_INFO, "Connection %d: initialized %s using cipher %s.", - c->sock, SSL_get_version(ssl), SSL_get_cipher(ssl)); + comp = SSL_get_current_compression(ssl); + if (comp) + comp_alg = SSL_COMP_get_name(comp); + Log(LOG_INFO, "Connection %d: initialized %s using cipher %s, %s.", + c->sock, SSL_get_version(ssl), SSL_get_cipher(ssl), comp_alg); + peer_cert = SSL_get_peer_certificate(ssl); + if (peer_cert) { + cert_seen = true; + + if (connect) { + /* Outgoing connection. Verify the remote server! */ + int err = SSL_get_verify_result(ssl); + if (err == X509_V_OK) { + const char *peername = SSL_get0_peername(ssl); + if (peername != NULL) + cert_ok = true; + LogDebug("X509_V_OK, peername = '%s'", peername); + } else + Log(LOG_WARNING, "Certificate validation failed: %s!", + X509_verify_cert_error_string(err)); + + snprintf(msg, sizeof(msg), "Got %svalid server certificate", + cert_ok ? "" : "in"); + LogOpenSSL_CertInfo(LOG_INFO, peer_cert, msg); + } else { + /* Incoming connection. + * Accept all certificates, don't depend on their + * validity: for example, we don't know the hostname + * to check, because we not yet even know if this is a + * server connection at all and if so, which one, so we + * don't know a host name to look for. On the other + * hand we want client certificates, for example for + * "CertFP" authentication with services ... */ + LogOpenSSL_CertInfo(LOG_INFO, peer_cert, + "Got unchecked peer certificate"); + } + + X509_free(peer_cert); + } #endif #ifdef HAVE_LIBGNUTLS + unsigned int status; + gnutls_credentials_type_t cred; gnutls_session_t sess = c->ssl_state.gnutls_session; gnutls_cipher_algorithm_t cipher = gnutls_cipher_get(sess); @@ -673,7 +999,86 @@ ConnSSL_LogCertInfo( CONNECTION *c ) gnutls_protocol_get_name(gnutls_protocol_get_version(sess)), gnutls_cipher_get_name(cipher), gnutls_mac_get_name(gnutls_mac_get(sess))); + cred = gnutls_auth_get_type(c->ssl_state.gnutls_session); + if (cred == GNUTLS_CRD_CERTIFICATE) { + gnutls_x509_crt_t cert; + unsigned cert_list_size; + const gnutls_datum_t *cert_list = + gnutls_certificate_get_peers(sess, &cert_list_size); + + if (!cert_list || cert_list_size == 0) + goto done_cn_validation; + + cert_seen = true; + int err = gnutls_x509_crt_init(&cert); + if (err < 0) { + Log(LOG_ERR, + "Failed to initialize x509 certificate: %s", + gnutls_strerror(err)); + goto done_cn_validation; + } + err = gnutls_x509_crt_import(cert, cert_list, + GNUTLS_X509_FMT_DER); + if (err < 0) { + Log(LOG_ERR, "Failed to parse the certificate: %s", + gnutls_strerror(err)); + goto done_cn_validation; + } + + if (connect) { + int verify = + gnutls_certificate_verify_peers2(c-> + ssl_state.gnutls_session, + &status); + if (verify < 0) { + Log(LOG_ERR, + "gnutls_certificate_verify_peers2 failed: %s", + gnutls_strerror(verify)); + goto done_cn_validation; + } else if (status) { + gnutls_datum_t out; + + if (gnutls_certificate_verification_status_print + (status, gnutls_certificate_type_get(sess), &out, + 0) == GNUTLS_E_SUCCESS) { + Log(LOG_ERR, + "Certificate validation failed: %s", + out.data); + gnutls_free(out.data); + } + } + + err = gnutls_x509_crt_check_hostname(cert, c->host); + if (err == 0) + Log(LOG_ERR, + "Failed to verify the hostname, expected \"%s\"", + c->host); + else + cert_ok = verify == 0 && status == 0; + + snprintf(msg, sizeof(msg), "Got %svalid server certificate", + cert_ok ? "" : "in"); + LogGnuTLS_CertInfo(LOG_INFO, cert, msg); + } else { + /* Incoming connection. Please see comments for OpenSSL! */ + LogGnuTLS_CertInfo(LOG_INFO, cert, + "Got unchecked peer certificate"); + } + + gnutls_x509_crt_deinit(cert); +done_cn_validation: + ; + } #endif + /* + * can be used later to check if connection was authenticated, e.g. + * if inbound connection tries to register itself as server. + * Could also restrict /OPER to authenticated connections, etc. + */ + if (cert_ok) + Conn_OPTION_ADD(c, CONN_SSL_PEERCERT_OK); + if (!cert_seen) + Log(LOG_INFO, "Peer did not present a certificate."); } @@ -812,7 +1217,7 @@ ConnectAccept( CONNECTION *c, bool connect) (void)ConnSSL_InitCertFp(c); Conn_OPTION_DEL(c, (CONN_SSL_WANT_WRITE|CONN_SSL_WANT_READ|CONN_SSL_CONNECT)); - ConnSSL_LogCertInfo(c); + ConnSSL_LogCertInfo(c, connect); Conn_StartLogin(CONNECTION2ID(c)); return 1; diff --git a/src/ngircd/conn-zip.c b/src/ngircd/conn-zip.c index fe7f2fb0..36816bdd 100644 --- a/src/ngircd/conn-zip.c +++ b/src/ngircd/conn-zip.c @@ -142,7 +142,7 @@ Zip_Flush( CONN_ID Idx ) out->avail_out = (uInt)sizeof zipbuf; #if DEBUG_ZIP - Log(LOG_DEBUG, "out->avail_in %d, out->avail_out %d", + LogDebug("out->avail_in %d, out->avail_out %d", out->avail_in, out->avail_out); #endif result = deflate( out, Z_SYNC_FLUSH ); @@ -165,7 +165,7 @@ Zip_Flush( CONN_ID Idx ) zipbuf_used = WRITEBUFFER_SLINK_LEN - out->avail_out; #if DEBUG_ZIP - Log(LOG_DEBUG, "zipbuf_used: %d", zipbuf_used); + LogDebug("zipbuf_used: %d", zipbuf_used); #endif if (!array_catb(&My_Connections[Idx].wbuf, (char *)zipbuf, (size_t) zipbuf_used)) { @@ -217,7 +217,7 @@ Unzip_Buffer( CONN_ID Idx ) in->avail_out = (uInt)sizeof unzipbuf; #if DEBUG_ZIP - Log(LOG_DEBUG, "in->avail_in %d, in->avail_out %d", + LogDebug("in->avail_in %d, in->avail_out %d", in->avail_in, in->avail_out); #endif result = inflate( in, Z_SYNC_FLUSH ); @@ -232,7 +232,7 @@ Unzip_Buffer( CONN_ID Idx ) in_len = z_rdatalen - in->avail_in; unzipbuf_used = READBUFFER_LEN - in->avail_out; #if DEBUG_ZIP - Log(LOG_DEBUG, "unzipbuf_used: %d - %d = %d", READBUFFER_LEN, + LogDebug("unzipbuf_used: %d - %d = %d", READBUFFER_LEN, in->avail_out, unzipbuf_used); #endif assert(unzipbuf_used <= READBUFFER_LEN); diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index f62e9675..68a901d0 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2019 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -10,6 +10,7 @@ */ #define CONN_MODULE +#define CONN_MODULE_GLOBAL_INIT #include "portab.h" @@ -65,6 +66,7 @@ #include "ng_ipaddr.h" #include "parse.h" #include "resolve.h" +#include "sighandlers.h" #define SERVER_WAIT (NONE - 1) /** "Wait for outgoing connection" flag */ @@ -478,6 +480,15 @@ Conn_InitListeners( void ) /* not using systemd socket activation, initialize listening sockets: */ +#ifdef SSL_SUPPORT + if (!Conf_SSLOptions.KeyFile && + array_length(&Conf_SSLOptions.ListenPorts, sizeof (UINT16))) { + Log(LOG_ERR, + "Ignoring SSL-enabled listening ports: No key file set!"); + array_free(&Conf_SSLOptions.ListenPorts); + } +#endif + /* can't use Conf_ListenAddress directly, see below */ copy = strdup(Conf_ListenAddress); if (!copy) { @@ -565,7 +576,7 @@ InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port /** * Set a socket to "IPv6 only". If the given socket doesn't belong to the * AF_INET6 family, or the operating system doesn't support this functionality, - * this function retruns silently. + * this function returns silently. * * @param af Address family of the socket. * @param sock Socket handle. @@ -590,7 +601,7 @@ set_v6_only(int af, int sock) /** * Initialize new listening port. * - * @param listen_addr Local address to bind the socet to (can be 0.0.0.0). + * @param listen_addr Local address to bind the socket to (can be 0.0.0.0). * @param Port Port number on which the new socket should be listening. * @returns file descriptor of the socket or -1 on failure. */ @@ -658,13 +669,17 @@ Conn_Handler(void) int i; size_t wdatalen; struct timeval tv; - time_t t; + time_t t, notify_t = 0; + bool command_available; + char status[200]; Log(LOG_NOTICE, "Server \"%s\" (on \"%s\") ready.", Client_ID(Client_ThisServer()), Client_Hostname(Client_ThisServer())); + Signal_NotifySvcMgr("READY=1\n"); while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) { t = time(NULL); + command_available = false; /* Check configured servers and established links */ Check_Servers(); @@ -733,16 +748,31 @@ Conn_Handler(void) continue; } + if (array_bytes(&My_Connections[i].rbuf) >= COMMAND_LEN) { + /* There is still more data in the read buffer + * than a single valid command can get long: + * so either there is a complete command, or + * invalid data. Therefore don't try to read in + * even more data from the network but wait for + * this command(s) to be handled first! */ + io_event_del(My_Connections[i].sock, + IO_WANTREAD); + command_available = true; + continue; + } + io_event_add(My_Connections[i].sock, IO_WANTREAD); } - /* Set the timeout for reading from the network to 1 second, - * which is the granularity with witch we handle "penalty - * times" for example. + /* Don't wait for data when there is still at least one command + * available in a read buffer which can be handled immediately; + * set the timeout for reading from the network to 1 second + * otherwise, which is the granularity with witch we handle + * "penalty times" for example. * Note: tv_sec/usec are undefined(!) after io_dispatch() * returns, so we have to set it before each call to it! */ tv.tv_usec = 0; - tv.tv_sec = 1; + tv.tv_sec = command_available ? 0 : 1; /* Wait for activity ... */ i = io_dispatch(&tv); @@ -754,20 +784,34 @@ Conn_Handler(void) exit(1); } - /* Should ngIRCd timeout when idle? */ + t = time(NULL); if (Conf_IdleTimeout > 0 && NumConnectionsAccepted > 0 - && idle_t > 0 && time(NULL) - idle_t >= Conf_IdleTimeout) { + && idle_t > 0 && t - idle_t >= Conf_IdleTimeout) { + /* Should ngIRCd timeout when idle? */ LogDebug("Server idle timeout reached: %d second%s. Initiating shutdown ...", Conf_IdleTimeout, Conf_IdleTimeout == 1 ? "" : "s"); NGIRCd_SignalQuit = true; + } else if (Signal_NotifySvcMgr_Possible() && t - notify_t > 3) { + /* Send the current status to the service manager. */ + snprintf(status, sizeof(status), + "WATCHDOG=1\nSTATUS=%ld connection%s established (%ld user%s, %ld server%s), %ld maximum. %ld accepted in total.\n", + (long)NumConnections, NumConnections == 1 ? "" : "s", + Client_MyUserCount(), Client_MyUserCount() == 1 ? "" : "s", + Client_MyServerCount(), Client_MyServerCount() == 1 ? "" : "s", + (long)NumConnectionsMax, (long)NumConnectionsAccepted); + Signal_NotifySvcMgr(status); + notify_t = t; } } - if (NGIRCd_SignalQuit) + if (NGIRCd_SignalQuit) { Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!"); - else if (NGIRCd_SignalRestart) + Signal_NotifySvcMgr("STOPPING=1\n"); + } else if (NGIRCd_SignalRestart) { Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!"); + Signal_NotifySvcMgr("RELOADING=1\n"); + } } /* Conn_Handler */ /** @@ -777,7 +821,7 @@ Conn_Handler(void) * the result is a valid IRC message (oversized messages are shortened, for * example). Then it calls the Conn_Write() function to do the actual sending. * - * @param Idx Index fo the connection. + * @param Idx Index of the connection. * @param Format Format string, see printf(). * @returns true on success, false otherwise. */ @@ -857,7 +901,7 @@ va_dcl #ifdef SNIFFER if (NGIRCd_Sniffer) - Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer); + LogDebug("-> connection %d: '%s'.", Idx, buffer); #endif len = strlcat( buffer, "\r\n", sizeof( buffer )); @@ -1037,8 +1081,10 @@ Conn_Close(CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClien } #endif /* Send ERROR to client (see RFC 2812, section 3.1.7) */ - if (FwdMsg) - Conn_WriteStr(Idx, "ERROR :%s", FwdMsg); + if (c) + Conn_WriteStr(Idx, "ERROR :Closing connection: %s[%s@%s] (%s)", + Client_ID(c), Client_User(c), Client_Hostname(c), + FwdMsg ? FwdMsg : "\"\""); else Conn_WriteStr(Idx, "ERROR :Closing connection"); } @@ -1157,7 +1203,7 @@ Conn_CountMax(void) } /* Conn_CountMax */ /** - * Get number of connections accepted since the daemon startet. + * Get number of connections accepted since the daemon started. * * @returns Number of connections accepted. */ @@ -1271,14 +1317,15 @@ Handle_Write( CONN_ID Idx ) if (errno == EAGAIN || errno == EINTR) return true; - if (!Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ISCLOSING)) + if (!Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ISCLOSING)) { Log(LOG_ERR, "Write error on connection %d (socket %d): %s!", Idx, My_Connections[Idx].sock, strerror(errno)); - else + Conn_Close(Idx, "Write error", NULL, false); + } else LogDebug("Recursive write error on connection %d (socket %d): %s!", Idx, My_Connections[Idx].sock, strerror(errno)); - Conn_Close(Idx, "Write error", NULL, false); + return false; } @@ -1335,13 +1382,14 @@ New_Connection(int Sock, UNUSED bool IsSSL) new_sock = accept(Sock, (struct sockaddr *)&new_addr, (socklen_t *)&new_sock_len); if (new_sock < 0) { - Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno)); + Log(LOG_CRIT, "Can't accept connection on socket %d: %s!", + Sock, strerror(errno)); return -1; } NumConnectionsAccepted++; if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) { - Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock); + Log(LOG_CRIT, "Can't convert peer IP address of socket %d!", new_sock); Simple_Message(new_sock, "ERROR :Internal Server Error"); close(new_sock); return -1; @@ -1354,7 +1402,8 @@ New_Connection(int Sock, UNUSED bool IsSSL) fromhost(&req); if (!hosts_access(&req)) { Log(deny_severity, - "Refused connection from %s (by TCP Wrappers)!", ip_str); + "Refused connection from %s on socket %d (by TCP Wrappers)!", + ip_str, Sock); Simple_Message(new_sock, "ERROR :Connection refused"); close(new_sock); return -1; @@ -1379,8 +1428,8 @@ New_Connection(int Sock, UNUSED bool IsSSL) if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) { /* Access denied, too many connections from this IP address! */ Log(LOG_ERR, - "Refused connection from %s: too may connections (%ld) from this IP address!", - ip_str, cnt); + "Refused connection from %s on socket %d: too may connections (%ld) from this IP address!", + ip_str, Sock, cnt); Simple_Message(new_sock, "ERROR :Connection refused, too many connections from your IP address"); close(new_sock); @@ -1433,7 +1482,7 @@ New_Connection(int Sock, UNUSED bool IsSSL) Account_Connection(); #ifdef SSL_SUPPORT - /* Delay connection initalization until SSL handshake is finished */ + /* Delay connection initialization until SSL handshake is finished */ if (!IsSSL) #endif Conn_StartLogin(new_sock); @@ -1453,10 +1502,6 @@ Conn_StartLogin(CONN_ID Idx) assert(Idx >= 0); - /* Nothing to do if DNS (and resolver subprocess) is disabled */ - if (!Conf_DNS) - return; - #ifdef IDENTAUTH /* Should we make an IDENT request? */ if (Conf_Ident) @@ -1466,13 +1511,21 @@ Conn_StartLogin(CONN_ID Idx) if (Conf_NoticeBeforeRegistration) { /* Send "NOTICE *" messages to the client */ #ifdef IDENTAUTH - if (Conf_Ident) - (void)Conn_WriteStr(Idx, - "NOTICE * :*** Looking up your hostname and checking ident"); - else + if (Conf_Ident) { + if (Conf_DNS) + (void)Conn_WriteStr(Idx, + "NOTICE * :*** Looking up your hostname and checking ident"); + else + (void)Conn_WriteStr(Idx, + "NOTICE * :*** Checking ident"); + } else #endif + if(Conf_DNS) (void)Conn_WriteStr(Idx, "NOTICE * :*** Looking up your hostname"); + else + (void)Conn_WriteStr(Idx, + "NOTICE * :*** Processing your connection"); /* Send buffered data to the client, but break on errors * because Handle_Write() would have closed the connection * again in this case! */ @@ -1480,8 +1533,9 @@ Conn_StartLogin(CONN_ID Idx) return; } - Resolve_Addr(&My_Connections[Idx].proc_stat, &My_Connections[Idx].addr, - ident_sock, cb_Read_Resolver_Result); + Resolve_Addr_Ident(&My_Connections[Idx].proc_stat, + &My_Connections[Idx].addr, + ident_sock, cb_Read_Resolver_Result); } /** @@ -1503,7 +1557,7 @@ Account_Connection(void) * a 1:1 mapping today) and enlarge the "connection pool" accordingly. * * @param Sock Socket handle. - * @returns Connecion index or NONE when the pool is too small. + * @returns Connection index or NONE when the pool is too small. */ static CONN_ID Socket2Index( int Sock ) @@ -1539,16 +1593,21 @@ Socket2Index( int Sock ) * @param Idx Connection index. */ static void -Read_Request( CONN_ID Idx ) +Read_Request(CONN_ID Idx) { ssize_t len; static const unsigned int maxbps = COMMAND_LEN / 2; char readbuf[READBUFFER_LEN]; time_t t; CLIENT *c; - assert( Idx > NONE ); - assert( My_Connections[Idx].sock > NONE ); + assert(Idx > NONE); + assert(My_Connections[Idx].sock > NONE); + + /* Check if the read buffer is "full". Basically this shouldn't happen + * here, because as long as there possibly are commands in the read + * buffer (buffer usage > COMMAND_LEN), the socket shouldn't be + * scheduled for reading in Conn_Handler() at all ... */ #ifdef ZLIB if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) || (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN)) @@ -1556,7 +1615,6 @@ Read_Request( CONN_ID Idx ) if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) #endif { - /* Read buffer is full */ Log(LOG_ERR, "Receive buffer space exhausted (connection %d): %d/%d bytes", Idx, array_bytes(&My_Connections[Idx].rbuf), READBUFFER_LEN); @@ -1564,12 +1622,14 @@ Read_Request( CONN_ID Idx ) return; } + /* Now read new data from the network, up to READBUFFER_LEN bytes ... */ #ifdef SSL_SUPPORT if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL)) - len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf)); + len = ConnSSL_Read(&My_Connections[Idx], readbuf, sizeof(readbuf)); else #endif - len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf)); + len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf)); + if (len == 0) { LogDebug("Client \"%s:%u\" is closing connection %d ...", My_Connections[Idx].host, @@ -1579,13 +1639,20 @@ Read_Request( CONN_ID Idx ) } if (len < 0) { - if( errno == EAGAIN ) return; + if (errno == EAGAIN) + return; + Log(LOG_ERR, "Read error on connection %d (socket %d): %s!", Idx, My_Connections[Idx].sock, strerror(errno)); Conn_Close(Idx, "Read error", "Client closed connection", false); return; } + + /* Now append the newly received data to the connection buffer. + * NOTE: This can lead to connection read buffers being bigger(!) than + * READBUFFER_LEN bytes, as we add up to READBUFFER_LEN new bytes to a + * buffer possibly being "almost" READBUFFER_LEN bytes already! */ #ifdef ZLIB if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) { if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf, @@ -1832,6 +1899,9 @@ Check_Connections(void) CLIENT *c; CONN_ID i; char msg[64]; + time_t time_now; + + time_now = time(NULL); for (i = 0; i < Pool_Size; i++) { if (My_Connections[i].sock < 0) @@ -1846,7 +1916,7 @@ Check_Connections(void) My_Connections[i].lastdata) { /* We already sent a ping */ if (My_Connections[i].lastping < - time(NULL) - Conf_PongTimeout) { + time_now - Conf_PongTimeout) { /* Timeout */ snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", @@ -1855,10 +1925,10 @@ Check_Connections(void) Conn_Close(i, NULL, msg, true); } } else if (My_Connections[i].lastdata < - time(NULL) - Conf_PingTimeout) { + time_now - Conf_PingTimeout) { /* We need to send a PING ... */ LogDebug("Connection %d: sending PING ...", i); - Conn_UpdatePing(i); + Conn_UpdatePing(i, time_now); Conn_WriteStr(i, "PING :%s", Client_ID(Client_ThisServer())); } @@ -1869,7 +1939,7 @@ Check_Connections(void) * still not registered. */ if (My_Connections[i].lastdata < - time(NULL) - Conf_PongTimeout) { + time_now - Conf_PongTimeout) { LogDebug ("Unregistered connection %d timed out ...", i); @@ -2250,13 +2320,16 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events ) * the resolver results, so we don't have to worry to override settings * from these commands here. */ if(Client_Type(c) == CLIENT_UNKNOWN) { - strlcpy(My_Connections[i].host, readbuf, - sizeof(My_Connections[i].host)); - Client_SetHostname(c, readbuf); - if (Conf_NoticeBeforeRegistration) - (void)Conn_WriteStr(i, + if (readbuf[0]) { + /* We got a hostname */ + strlcpy(My_Connections[i].host, readbuf, + sizeof(My_Connections[i].host)); + Client_SetHostname(c, readbuf); + if (Conf_NoticeBeforeRegistration) + (void)Conn_WriteStr(i, "NOTICE * :*** Found your hostname: %s", My_Connections[i].host); + } #ifdef IDENTAUTH ++identptr; if (*identptr) { @@ -2304,10 +2377,8 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events ) Class_HandleServerBans(c); } -#ifdef DEBUG else LogDebug("Resolver: discarding result for already registered connection %d.", i); -#endif } /* cb_Read_Resolver_Result */ /** @@ -2502,6 +2573,13 @@ cb_listen_ssl(int sock, short irrelevant) /** * IO callback for new outgoing SSL-enabled server connections. * + * IMPORTANT: The SSL session has been validated before, but all errors have + * been ignored so far! The reason for this is that the generic SSL code has no + * idea if the new session actually belongs to a server, as this only becomes + * clear when the remote peer sends its PASS command (and we have to handle + * invalid client certificates!). Therefore, it is important to check the + * status of the SSL session first before continuing the server handshake here! + * * @param sock Socket descriptor. * @param unused (ignored IO specification) */ @@ -2509,6 +2587,7 @@ static void cb_connserver_login_ssl(int sock, short unused) { CONN_ID idx = Socket2Index(sock); + int serveridx; (void) unused; @@ -2527,9 +2606,26 @@ cb_connserver_login_ssl(int sock, short unused) return; } - Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx, - My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port ); + serveridx = Conf_GetServer(idx); + assert(serveridx >= 0); + /* The SSL handshake is done, but validation results were ignored so + * far, so let's see where we are: */ + LogDebug("SSL handshake on socket %d done.", idx); + if (!Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_PEERCERT_OK)) { + if (Conf_Server[serveridx].SSLVerify) { + Log(LOG_ERR, + "Peer certificate check failed for \"%s\" on connection %d!", + My_Connections[idx].host, idx); + Conn_Close(idx, "Valid certificate required", + NULL, false); + return; + } + Log(LOG_WARNING, + "Peer certificate check failed for \"%s\" on connection %d, but \"SSLVerify\" is disabled. Continuing ...", + My_Connections[idx].host, idx); + } + LogDebug("Server certificate accepted, continuing server login ..."); server_login(idx); } @@ -2651,7 +2747,6 @@ Conn_SetCertFp(UNUSED CONN_ID Idx, UNUSED const char *fingerprint) #endif /* SSL_SUPPORT */ -#ifdef DEBUG /** * Dump internal state of the "connection module". @@ -2661,11 +2756,11 @@ Conn_DebugDump(void) { int i; - Log(LOG_DEBUG, "Connection status:"); + LogDebug("Connection status:"); for (i = 0; i < Pool_Size; i++) { if (My_Connections[i].sock == NONE) continue; - Log(LOG_DEBUG, + LogDebug( " - %d: host=%s, lastdata=%ld, lastping=%ld, delaytime=%ld, flag=%d, options=%d, bps=%d, client=%s", My_Connections[i].sock, My_Connections[i].host, My_Connections[i].lastdata, My_Connections[i].lastping, @@ -2675,6 +2770,5 @@ Conn_DebugDump(void) } } /* Conn_DumpClients */ -#endif /* DEBUG */ /* -eof- */ diff --git a/src/ngircd/conn.h b/src/ngircd/conn.h index c642541f..d53cb0c6 100644 --- a/src/ngircd/conn.h +++ b/src/ngircd/conn.h @@ -40,7 +40,8 @@ #define CONN_SSL 32 /* this connection is SSL encrypted */ #define CONN_SSL_WANT_WRITE 64 /* SSL/TLS library needs to write protocol data */ #define CONN_SSL_WANT_READ 128 /* SSL/TLS library needs to read protocol data */ -#define CONN_SSL_FLAGS_ALL (CONN_SSL_CONNECT|CONN_SSL|CONN_SSL_WANT_WRITE|CONN_SSL_WANT_READ) +#define CONN_SSL_PEERCERT_OK 256 /* peer presented a valid certificate (used to check inbound server auth */ +#define CONN_SSL_FLAGS_ALL (CONN_SSL_CONNECT|CONN_SSL|CONN_SSL_WANT_WRITE|CONN_SSL_WANT_READ|CONN_SSL_PEERCERT_OK) #endif typedef int CONN_ID; @@ -105,9 +106,17 @@ typedef struct _Connection #endif } CONNECTION; -GLOBAL CONNECTION *My_Connections; -GLOBAL CONN_ID Pool_Size; -GLOBAL long WCounter; + +#ifdef CONN_MODULE_GLOBAL_INIT +CONNECTION *My_Connections; +CONN_ID Pool_Size; +long WCounter; +#else +extern CONNECTION *My_Connections; +extern CONN_ID Pool_Size; +extern long WCounter; +#endif + #define CONNECTION2ID(x) (long)(x - My_Connections) @@ -158,9 +167,7 @@ GLOBAL long Conn_GetAuthPing PARAMS((CONN_ID Idx)); GLOBAL void Conn_SetAuthPing PARAMS((CONN_ID Idx, long ID)); #endif -#ifdef DEBUG GLOBAL void Conn_DebugDump PARAMS((void)); -#endif #endif diff --git a/src/ngircd/defines.h b/src/ngircd/defines.h index ff8cd226..e3df44b9 100644 --- a/src/ngircd/defines.h +++ b/src/ngircd/defines.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,7 +39,7 @@ #define LINE_LEN 1024 /** Max. length of a log message. */ -#define MAX_LOG_MSG_LEN 256 +#define MAX_LOG_MSG_LEN 1024 /** Max. length of file name. */ #define FNAME_LEN 256 @@ -64,6 +64,9 @@ /** Size of buffer for PAM service name. */ #define MAX_PAM_SERVICE_NAME_LEN 64 +/** Maximum number of file descriptors to request. */ +#define MAX_FD_LIMIT 100000 + /* Hard-coded (default) options */ @@ -123,7 +126,7 @@ /** Max. host name length (including NULL). */ #define CLIENT_HOST_LEN 64 -/** Max. mask lenght (including NULL). */ +/** Max. mask length (including NULL). */ #define MASK_LEN (2 * CLIENT_HOST_LEN) /** Max. length of all client modes (including NULL). */ @@ -203,7 +206,7 @@ /* Defaults and limits for IRC commands */ -/** Max. number of elemets allowed in channel invite and ban lists. */ +/** Max. number of elements allowed in channel invite and ban lists. */ #define MAX_HNDL_CHANNEL_LISTS 50 /** Max. number of channel modes with arguments per MODE command. */ diff --git a/src/ngircd/hash.c b/src/ngircd/hash.c index cdac5e8d..c078443b 100644 --- a/src/ngircd/hash.c +++ b/src/ngircd/hash.c @@ -108,16 +108,27 @@ jenkins_hash(UINT8 *k, UINT32 length, UINT32 initval) { case 12: c+=((UINT32)k[11])<<24; + /* fall through */ case 11: c+=((UINT32)k[10]<<16); + /* fall through */ case 10: c+=((UINT32)k[9]<<8); + /* fall through */ case 9 : c+=k[8]; + /* fall through */ case 8 : b+=((UINT32)k[7]<<24); + /* fall through */ case 7 : b+=((UINT32)k[6]<<16); + /* fall through */ case 6 : b+=((UINT32)k[5]<<8); + /* fall through */ case 5 : b+=k[4]; + /* fall through */ case 4 : a+=((UINT32)k[3]<<24); + /* fall through */ case 3 : a+=((UINT32)k[2]<<16); + /* fall through */ case 2 : a+=((UINT32)k[1]<<8); + /* fall through */ case 1 : a+=k[0]; break; case 0 : return c; diff --git a/src/ngircd/io.c b/src/ngircd/io.c index 037c4afc..2a1e941e 100644 --- a/src/ngircd/io.c +++ b/src/ngircd/io.c @@ -148,7 +148,7 @@ static void io_docallback PARAMS((int fd, short what)); static void io_debug(const char *s, int fd, int what) { - Log(LOG_DEBUG, "%s: %d, %d\n", s, fd, what); + LogDebug("%s: %d, %d\n", s, fd, what); } #else static inline void diff --git a/src/ngircd/irc-channel.c b/src/ngircd/irc-channel.c index 812429bb..a1bb4ef5 100644 --- a/src/ngircd/irc-channel.c +++ b/src/ngircd/irc-channel.c @@ -176,7 +176,7 @@ join_set_channelmodes(CHANNEL *chan, CLIENT *target, const char *flags) * and MODE commands. * * @param To Forward JOIN (and MODE) command to this peer server - * @param Prefix Client used to prefix the genrated commands + * @param Prefix Client used to prefix the generated commands * @param Data Parameters of JOIN command to forward, probably * containing channel modes separated by ASCII 7. */ @@ -209,7 +209,7 @@ cb_join_forward(CLIENT *To, CLIENT *Prefix, void *Data) * This function calls cb_join_forward(), which differentiates between * protocol implementations (e.g. RFC 2812, RFC 1459). * - * @param Client Client used to prefix the genrated commands + * @param Client Client used to prefix the generated commands * @param target Forward JOIN (and MODE) command to this peer server * @param chan Channel structure * @param channame Channel name @@ -248,46 +248,38 @@ join_forward(CLIENT *Client, CLIENT *target, CHANNEL *chan, } /* join_forward */ /** - * Acknowledge user JOIN request and send "channel info" numerics. + * Send channel TOPIC and NAMES list to a newly (N)JOIN'ed client. * - * @param Client Client used to prefix the genrated commands - * @param target Forward commands/numerics to this user - * @param chan Channel structure - * @param channame Channel name + * @param Client Client used to prefix the generated commands + * @param Chan Channel structure */ -static bool -join_send_topic(CLIENT *Client, CLIENT *target, CHANNEL *chan, - const char *channame) +GLOBAL bool +IRC_Send_Channel_Info(CLIENT *Client, CHANNEL *Chan) { const char *topic; - if (Client_Type(Client) != CLIENT_USER) - return true; - /* acknowledge join */ - if (!IRC_WriteStrClientPrefix(Client, target, "JOIN :%s", channame)) - return false; - - /* Send topic to client, if any */ - topic = Channel_Topic(chan); + /* Send the topic (if any) to the new client: */ + topic = Channel_Topic(Chan); assert(topic != NULL); if (*topic) { if (!IRC_WriteStrClient(Client, RPL_TOPIC_MSG, - Client_ID(Client), channame, topic)) + Client_ID(Client), Channel_Name(Chan), topic)) return false; #ifndef STRICT_RFC if (!IRC_WriteStrClient(Client, RPL_TOPICSETBY_MSG, - Client_ID(Client), channame, - Channel_TopicWho(chan), - Channel_TopicTime(chan))) + Client_ID(Client), Channel_Name(Chan), + Channel_TopicWho(Chan), + Channel_TopicTime(Chan))) return false; #endif } - /* send list of channel members to client */ - if (!IRC_Send_NAMES(Client, chan)) + + /* Send list of channel members to the new client: */ + if (!IRC_Send_NAMES(Client, Chan)) return false; - return IRC_WriteStrClient(Client, RPL_ENDOFNAMES_MSG, Client_ID(Client), - Channel_Name(chan)); -} /* join_send_topic */ + return IRC_WriteStrClient(Client, RPL_ENDOFNAMES_MSG, + Client_ID(Client), Channel_Name(Chan)); +} /** * Handler for the IRC "JOIN" command. @@ -408,8 +400,15 @@ IRC_JOIN( CLIENT *Client, REQUEST *Req ) join_forward(Client, target, chan, channame); - if (!join_send_topic(Client, target, chan, channame)) - break; /* write error */ + if (Client_Type(Client) == CLIENT_USER) { + /* Acknowledge join ... */ + if (!IRC_WriteStrClientPrefix(Client, target, + "JOIN :%s", channame)) + break; /* write error */ + /* ... and greet new user: */ + if (!IRC_Send_Channel_Info(Client, chan)) + break; /* write error */ + } join_next: /* next channel? */ diff --git a/src/ngircd/irc-channel.h b/src/ngircd/irc-channel.h index 685ec0c3..77f00f86 100644 --- a/src/ngircd/irc-channel.h +++ b/src/ngircd/irc-channel.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001,2002 by Alexander Barton (alex@barton.de) + * Copyright (c)2001-2022 by Alexander Barton (alex@barton.de) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -25,6 +25,8 @@ GLOBAL bool IRC_LIST PARAMS((CLIENT *Client, REQUEST *Req )); GLOBAL bool IRC_CHANINFO PARAMS((CLIENT *Client, REQUEST *Req )); +GLOBAL bool IRC_Send_Channel_Info PARAMS((CLIENT *Client, CHANNEL *Chan)); + #endif /* -eof- */ diff --git a/src/ngircd/irc-info.c b/src/ngircd/irc-info.c index 82bd5518..7287f3ca 100644 --- a/src/ngircd/irc-info.c +++ b/src/ngircd/irc-info.c @@ -138,7 +138,7 @@ who_flags_qualifier(CLIENT *Client, const char *chan_user_modes, static bool IRC_WHO_Channel(CLIENT *Client, CHANNEL *Chan, bool OnlyOps) { - bool is_visible, is_member, is_ircop; + bool is_visible, is_member, is_ircop, is_oper; CL2CHAN *cl2chan; char flags[10]; CLIENT *c; @@ -148,9 +148,10 @@ IRC_WHO_Channel(CLIENT *Client, CHANNEL *Chan, bool OnlyOps) assert( Chan != NULL ); is_member = Channel_IsMemberOf(Chan, Client); + is_oper = Client_HasMode(Client, 'o'); /* Secret channel? */ - if (!is_member && Channel_HasMode(Chan, 's')) + if (!is_member && !is_oper && Channel_HasMode(Chan, 's')) return IRC_WriteStrClient(Client, RPL_ENDOFWHO_MSG, Client_ID(Client), Channel_Name(Chan)); @@ -163,7 +164,7 @@ IRC_WHO_Channel(CLIENT *Client, CHANNEL *Chan, bool OnlyOps) continue; is_visible = !Client_HasMode(c, 'i'); - if (is_member || is_visible) { + if (is_member || is_visible || is_oper) { memset(flags, 0, sizeof(flags)); if (Client_HasMode(c, 'a')) @@ -817,7 +818,7 @@ IRC_NAMES( CLIENT *Client, REQUEST *Req ) /* Now print all clients which are not in any channel */ c = Client_First(); - snprintf(rpl, sizeof(rpl), RPL_NAMREPLY_MSG, Client_ID(from), "*", "*"); + snprintf(rpl, sizeof(rpl), RPL_NAMREPLY_MSG, Client_ID(from), '*', "*"); while (c) { if (Client_Type(c) == CLIENT_USER && Channel_FirstChannelOf(c) == NULL @@ -829,11 +830,11 @@ IRC_NAMES( CLIENT *Client, REQUEST *Req ) strlcat(rpl, Client_ID(c), sizeof(rpl)); if (strlen(rpl) > COMMAND_LEN - CLIENT_NICK_LEN - 4) { - /* Line is gwoing too long, send now */ + /* Line is going too long, send now */ if (!IRC_WriteStrClient(from, "%s", rpl)) return DISCONNECTED; snprintf(rpl, sizeof(rpl), RPL_NAMREPLY_MSG, - Client_ID(from), "*", "*"); + Client_ID(from), '*', "*"); } } c = Client_Next(c); @@ -909,7 +910,7 @@ IRC_STATS( CLIENT *Client, REQUEST *Req ) if (!Op_Check(from, Req)) return Op_NoPrivileges(from, Req); more_links = true; - + /* fall through */ case 'l': /* Link status (servers and own link) */ time_now = time(NULL); for (con = Conn_First(); con != NONE; con = Conn_Next(con)) { @@ -1264,6 +1265,8 @@ IRC_WHOIS( CLIENT *Client, REQUEST *Req ) if (Client_Type(c) != CLIENT_USER) continue; + if (Client_HasMode(c, 'i')) + continue; if (!MatchCaseInsensitive(query, Client_ID(c))) continue; if (!IRC_WHOIS_SendReply(Client, from, c)) @@ -1372,7 +1375,7 @@ IRC_WHOWAS( CLIENT *Client, REQUEST *Req ) /** * Send LUSERS reply to a client. * - * @param Client The receipient of the information. + * @param Client The recipient of the information. * @return CONNECTED or DISCONNECTED. */ GLOBAL bool @@ -1497,6 +1500,8 @@ IRC_Send_NAMES(CLIENT * Client, CHANNEL * Chan) char str[COMMAND_LEN]; CL2CHAN *cl2chan; CLIENT *cl; + bool secret_channel; + char chan_symbol; assert(Client != NULL); assert(Chan != NULL); @@ -1511,10 +1516,13 @@ IRC_Send_NAMES(CLIENT * Client, CHANNEL * Chan) return CONNECTED; /* Secret channel? */ - if (!is_member && Channel_HasMode(Chan, 's')) + secret_channel = Channel_HasMode(Chan, 's'); + if (!is_member && secret_channel) return CONNECTED; - snprintf(str, sizeof(str), RPL_NAMREPLY_MSG, Client_ID(Client), "=", + chan_symbol = secret_channel ? '@' : '='; + + snprintf(str, sizeof(str), RPL_NAMREPLY_MSG, Client_ID(Client), chan_symbol, Channel_Name(Chan)); cl2chan = Channel_FirstMember(Chan); while (cl2chan) { @@ -1537,7 +1545,7 @@ IRC_Send_NAMES(CLIENT * Client, CHANNEL * Chan) if (!IRC_WriteStrClient(Client, "%s", str)) return DISCONNECTED; snprintf(str, sizeof(str), RPL_NAMREPLY_MSG, - Client_ID(Client), "=", + Client_ID(Client), chan_symbol, Channel_Name(Chan)); } } diff --git a/src/ngircd/irc-login.c b/src/ngircd/irc-login.c index 846b10d6..fb221922 100644 --- a/src/ngircd/irc-login.c +++ b/src/ngircd/irc-login.c @@ -774,7 +774,7 @@ IRC_PING(CLIENT *Client, REQUEST *Req) return IRC_WriteErrClient(Client, ERR_NOSUCHSERVER_MSG, Client_ID(Client), Req->prefix); - Log(LOG_DEBUG, "Connection %d: got PING, sending PONG ...", + LogDebug("Connection %d: got PING, sending PONG ...", Client_Conn(Client)); #ifdef STRICT_RFC @@ -877,11 +877,17 @@ IRC_PONG(CLIENT *Client, REQUEST *Req) (long)(time(NULL) - Conn_GetSignon(conn)), time(NULL) - Conn_GetSignon(conn) == 1 ? "" : "s", Client_UserCount(), Channel_CountVisible(NULL)); - Conn_UpdatePing(conn); - } else - LogDebug("Connection %d: received PONG. Lag: %ld seconds.", - conn, (long)(time(NULL) - Conn_LastPing(conn))); + } else { + if (Conn_LastPing(conn) > 1) + LogDebug("Connection %d: received PONG. Lag: %ld seconds.", + conn, (long)(time(NULL) - Conn_LastPing(conn))); + else + LogDebug("Got unexpected PONG on connection %d. Ignored.", + conn); + } + /* We got a PONG, so signal that none is pending on this connection. */ + Conn_UpdatePing(conn, 1); return CONNECTED; } /* IRC_PONG */ diff --git a/src/ngircd/irc-metadata.c b/src/ngircd/irc-metadata.c index 2a3de1b4..00205f16 100644 --- a/src/ngircd/irc-metadata.c +++ b/src/ngircd/irc-metadata.c @@ -72,7 +72,9 @@ IRC_METADATA(CLIENT *Client, REQUEST *Req) } if (strcasecmp(Req->argv[1], "cloakhost") == 0) { - Client_UpdateCloakedHostname(target, prefix, Req->argv[2]); + /* Set or remove a "cloaked hostname". */ + Client_UpdateCloakedHostname(target, prefix, + *Req->argv[2] ? Req->argv[2] : NULL); if (Client_Conn(target) > NONE && Client_HasMode(target, 'x')) IRC_WriteStrClientPrefix(target, prefix, RPL_HOSTHIDDEN_MSG, Client_ID(target), diff --git a/src/ngircd/irc-mode.c b/src/ngircd/irc-mode.c index 99255df1..89a07042 100644 --- a/src/ngircd/irc-mode.c +++ b/src/ngircd/irc-mode.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2023 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -281,7 +281,7 @@ Client_Mode( CLIENT *Client, REQUEST *Req, CLIENT *Origin, CLIENT *Target ) break; default: if (Client_Type(Client) != CLIENT_SERVER) { - Log(LOG_DEBUG, + LogDebug( "Unknown mode \"%c%c\" from \"%s\"!?", set ? '+' : '-', *mode_ptr, Client_ID(Origin)); @@ -292,7 +292,7 @@ Client_Mode( CLIENT *Client, REQUEST *Req, CLIENT *Origin, CLIENT *Target ) *mode_ptr); x[0] = '\0'; } else { - Log(LOG_DEBUG, + LogDebug( "Handling unknown mode \"%c%c\" from \"%s\" for \"%s\" ...", set ? '+' : '-', *mode_ptr, Client_ID(Origin), Client_ID(Target)); @@ -575,6 +575,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Client_ID(Origin), Channel_Name(Channel)); goto chan_exit; } + /* fall through */ case 'i': /* Invite only */ case 'V': /* Invite disallow */ case 'M': /* Only identified nicks can write */ @@ -609,33 +610,43 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); break; } - if (arg_arg > mode_arg) { - if (is_oper || is_machine || is_owner || - is_admin || is_op || is_halfop) { - Channel_ModeDel(Channel, 'k'); - Channel_SetKey(Channel, - Req->argv[arg_arg]); - strlcpy(argadd, Channel_Key(Channel), - sizeof(argadd)); - x[0] = *mode_ptr; - } else { + if (arg_arg <= mode_arg) { + if (is_machine) + Log(LOG_ERR, + "Got MODE +k without key for \"%s\" from \"%s\"! Ignored.", + Channel_Name(Channel), Client_ID(Origin)); + else connected = IRC_WriteErrClient(Origin, - ERR_CHANOPRIVSNEEDED_MSG, + ERR_NEEDMOREPARAMS_MSG, + Client_ID(Origin), Req->command); + goto chan_exit; + } + if (!Req->argv[arg_arg][0] || strchr(Req->argv[arg_arg], ' ')) { + if (is_machine) + Log(LOG_ERR, + "Got invalid key on MODE +k for \"%s\" from \"%s\"! Ignored.", + Channel_Name(Channel), Client_ID(Origin)); + else + connected = IRC_WriteErrClient(Origin, + ERR_INVALIDMODEPARAM_MSG, Client_ID(Origin), - Channel_Name(Channel)); - } - Req->argv[arg_arg][0] = '\0'; - arg_arg++; + Channel_Name(Channel), 'k'); + goto chan_exit; + } + if (is_oper || is_machine || is_owner || + is_admin || is_op || is_halfop) { + Channel_ModeDel(Channel, 'k'); + Channel_SetKey(Channel, Req->argv[arg_arg]); + strlcpy(argadd, Channel_Key(Channel), sizeof(argadd)); + x[0] = *mode_ptr; } else { -#ifdef STRICT_RFC - /* Only send error message in "strict" mode, - * this is how ircd2.11 and others behave ... */ connected = IRC_WriteErrClient(Origin, - ERR_NEEDMOREPARAMS_MSG, - Client_ID(Origin), Req->command); -#endif - goto chan_exit; + ERR_CHANOPRIVSNEEDED_MSG, + Client_ID(Origin), + Channel_Name(Channel)); } + Req->argv[arg_arg][0] = '\0'; + arg_arg++; break; case 'l': /* Member limit */ if (Mode_Limit_Reached(Client, mode_arg_count++)) @@ -651,35 +662,44 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); break; } - if (arg_arg > mode_arg) { - if (is_oper || is_machine || is_owner || - is_admin || is_op || is_halfop) { - l = atol(Req->argv[arg_arg]); - if (l > 0 && l < 0xFFFF) { - Channel_ModeDel(Channel, 'l'); - Channel_SetMaxUsers(Channel, l); - snprintf(argadd, sizeof(argadd), - "%ld", l); - x[0] = *mode_ptr; - } - } else { + if (arg_arg <= mode_arg) { + if (is_machine) + Log(LOG_ERR, + "Got MODE +l without limit for \"%s\" from \"%s\"! Ignored.", + Channel_Name(Channel), Client_ID(Origin)); + else connected = IRC_WriteErrClient(Origin, - ERR_CHANOPRIVSNEEDED_MSG, + ERR_NEEDMOREPARAMS_MSG, + Client_ID(Origin), Req->command); + goto chan_exit; + } + l = atol(Req->argv[arg_arg]); + if (l <= 0 || l >= 0xFFFF) { + if (is_machine) + Log(LOG_ERR, + "Got MODE +l with invalid limit for \"%s\" from \"%s\"! Ignored.", + Channel_Name(Channel), Client_ID(Origin)); + else + connected = IRC_WriteErrClient(Origin, + ERR_INVALIDMODEPARAM_MSG, Client_ID(Origin), - Channel_Name(Channel)); - } - Req->argv[arg_arg][0] = '\0'; - arg_arg++; + Channel_Name(Channel), 'l'); + goto chan_exit; + } + if (is_oper || is_machine || is_owner || + is_admin || is_op || is_halfop) { + Channel_ModeDel(Channel, 'l'); + Channel_SetMaxUsers(Channel, l); + snprintf(argadd, sizeof(argadd), "%ld", l); + x[0] = *mode_ptr; } else { -#ifdef STRICT_RFC - /* Only send error message in "strict" mode, - * this is how ircd2.11 and others behave ... */ connected = IRC_WriteErrClient(Origin, - ERR_NEEDMOREPARAMS_MSG, - Client_ID(Origin), Req->command); -#endif - goto chan_exit; + ERR_CHANOPRIVSNEEDED_MSG, + Client_ID(Origin), + Channel_Name(Channel)); } + Req->argv[arg_arg][0] = '\0'; + arg_arg++; break; case 'O': /* IRC operators only */ if (set) { @@ -721,6 +741,14 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) break; /* --- Channel user modes --- */ case 'q': /* Owner */ + if(!is_oper && !is_machine && !is_owner) { + connected = IRC_WriteErrClient(Origin, + ERR_CHANOPPRIVTOOLOW_MSG, + Client_ID(Origin), + Channel_Name(Channel)); + goto chan_exit; + } + /* fall through */ case 'a': /* Channel admin */ if(!is_oper && !is_machine && !is_owner && !is_admin) { connected = IRC_WriteErrClient(Origin, @@ -729,6 +757,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); goto chan_exit; } + /* fall through */ case 'o': /* Channel operator */ if(!is_oper && !is_machine && !is_owner && !is_admin && !is_op) { @@ -738,6 +767,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); goto chan_exit; } + /* fall through */ case 'h': /* Half Op */ if(!is_oper && !is_machine && !is_owner && !is_admin && !is_op) { @@ -747,6 +777,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); goto chan_exit; } + /* fall through */ case 'v': /* Voice */ if (arg_arg > mode_arg) { if (is_oper || is_machine || is_owner || @@ -823,7 +854,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) break; default: if (Client_Type(Client) != CLIENT_SERVER) { - Log(LOG_DEBUG, + LogDebug( "Unknown mode \"%c%c\" from \"%s\" on %s!?", set ? '+' : '-', *mode_ptr, Client_ID(Origin), Channel_Name(Channel)); @@ -833,7 +864,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) Channel_Name(Channel)); x[0] = '\0'; } else { - Log(LOG_DEBUG, + LogDebug( "Handling unknown mode \"%c%c\" from \"%s\" on %s ...", set ? '+' : '-', *mode_ptr, Client_ID(Origin), Channel_Name(Channel)); @@ -904,7 +935,7 @@ Channel_Mode(CLIENT *Client, REQUEST *Req, CLIENT *Origin, CHANNEL *Channel) if (Client_Type(Client) == CLIENT_SERVER) { /* MODE requests for local channels from other servers * are definitely invalid! */ - if (Channel_IsLocal(Channel)) { + if (Channel_IsLocal(Channel) && Client != Client_ThisServer()) { Log(LOG_ALERT, "Got remote MODE command for local channel!? Ignored."); return CONNECTED; } diff --git a/src/ngircd/irc-op.c b/src/ngircd/irc-op.c index a309ee9f..2bf9e349 100644 --- a/src/ngircd/irc-op.c +++ b/src/ngircd/irc-op.c @@ -222,9 +222,9 @@ IRC_INVITE(CLIENT *Client, REQUEST *Req) if (Client_Conn(target) > NONE) { /* The target user is local, so we have to send the status code */ - if (!IRC_WriteStrClientPrefix(from, target, RPL_INVITING_MSG, - Client_ID(from), Req->argv[0], - colon_if_necessary, Req->argv[1])) + if (!IRC_WriteStrClient(from, RPL_INVITING_MSG, + Client_ID(from), Req->argv[0], + colon_if_necessary, Req->argv[1])) return DISCONNECTED; if (Client_HasMode(target, 'a') && diff --git a/src/ngircd/irc-oper.c b/src/ngircd/irc-oper.c index e877213e..df8e2269 100644 --- a/src/ngircd/irc-oper.c +++ b/src/ngircd/irc-oper.c @@ -399,7 +399,7 @@ IRC_xLINE(CLIENT *Client, REQUEST *Req) Client_ID(Client), Req->command); if (!Conf_AllowRemoteOper && Client_Type(Client) == CLIENT_SERVER) { - /* Explicitely forbid remote servers to modify "x-lines" when + /* Explicitly forbid remote servers to modify "x-lines" when * the "AllowRemoteOper" configuration option isn't set, even * when the command seems to originate from the remote server * itself: this prevents GLINE's to become set during server @@ -447,10 +447,11 @@ IRC_xLINE(CLIENT *Client, REQUEST *Req) if (Class_AddMask(class, Req->argv[0], timeout, Req->argv[2])) { - Log(LOG_NOTICE|LOG_snotice, - "\"%s\" added \"%s\" to %c-Line list: \"%s\" (%ld seconds).", - Client_Mask(from), Req->argv[0], class_c, - Req->argv[2], atol(Req->argv[1])); + if (Client_Type(from) != CLIENT_SERVER) + Log(LOG_NOTICE|LOG_snotice, + "\"%s\" added \"%s\" to %c-Line list: \"%s\" (%ld seconds).", + Client_Mask(from), Req->argv[0], class_c, + Req->argv[2], atol(Req->argv[1])); if (class == CLASS_GLINE) { /* Inform other servers */ IRC_WriteStrServersPrefix(Client, from, diff --git a/src/ngircd/irc-server.c b/src/ngircd/irc-server.c index 317a3e1a..6aa37574 100644 --- a/src/ngircd/irc-server.c +++ b/src/ngircd/irc-server.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -32,6 +32,7 @@ #include "numeric.h" #include "ngircd.h" #include "irc.h" +#include "irc-channel.h" #include "irc-info.h" #include "irc-write.h" #include "op.h" @@ -87,6 +88,19 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req ) return DISCONNECTED; } +#ifdef SSL_SUPPORT + /* Does this server require an SSL connection? */ + if (Conf_Server[i].SSLConnect && + !(Conn_Options(Client_Conn(Client)) & CONN_SSL)) { + Log(LOG_ERR, + "Connection %d: Server \"%s\" requires a secure connection!", + Client_Conn(Client), Req->argv[0]); + Conn_Close(Client_Conn(Client), NULL, + "Secure connection required", true); + return DISCONNECTED; + } +#endif + /* Check server password */ if (strcmp(Conn_Password(Client_Conn(Client)), Conf_Server[i].pwd_in) != 0) { @@ -186,6 +200,15 @@ IRC_SERVER( CLIENT *Client, REQUEST *Req ) if (!Client_CheckID(Client, Req->argv[0])) return DISCONNECTED; + if (!Req->prefix) { + /* We definitely need a prefix here! */ + Log(LOG_ALERT, "Got SERVER command without prefix! (on connection %d)", + Client_Conn(Client)); + Conn_Close(Client_Conn(Client), NULL, + "SERVER command without prefix", true); + return DISCONNECTED; + } + from = Client_Search( Req->prefix ); if (! from) { /* Uh, Server, that introduced the new server is unknown?! */ @@ -289,7 +312,7 @@ IRC_NJOIN( CLIENT *Client, REQUEST *Req ) "Failed to join client \"%s\" to channel \"%s\" (NJOIN): killing it!", ptr, channame); IRC_KillClient(NULL, NULL, ptr, "Internal NJOIN error!"); - Log(LOG_DEBUG, "... done."); + LogDebug("... done."); goto skip_njoin; } @@ -311,6 +334,12 @@ IRC_NJOIN( CLIENT *Client, REQUEST *Req ) IRC_WriteStrChannelPrefix(Client, chan, c, false, "JOIN :%s", channame); + /* If the client is connected to this server, it was remotely + * joined to the channel by another server/service: So send + * TOPIC and NAMES messages like on a regular JOIN command! */ + if(Client_Conn(c) != NONE) + IRC_Send_Channel_Info(c, chan); + /* Announce "channel user modes" to the channel, if any */ strlcpy(modes, Channel_UserModes(chan, c), sizeof(modes)); if (modes[0]) @@ -358,7 +387,7 @@ IRC_SQUIT(CLIENT * Client, REQUEST * Req) { char msg[COMMAND_LEN], logmsg[COMMAND_LEN]; CLIENT *from, *target; - CONN_ID con; + CONN_ID con, client_con; int loglevel; assert(Client != NULL); @@ -398,6 +427,7 @@ IRC_SQUIT(CLIENT * Client, REQUEST * Req) return CONNECTED; } + client_con = Client_Conn(Client); con = Client_Conn(target); if (Req->argv[1][0]) @@ -419,7 +449,7 @@ IRC_SQUIT(CLIENT * Client, REQUEST * Req) Req->argv[0], Client_ID(from), Req->argv[1][0] ? Req->argv[1] : "-"); Conn_Close(con, NULL, msg, true); - if (con == Client_Conn(Client)) + if (con == client_con) return DISCONNECTED; } else { /* This server is not directly connected, so the SQUIT must diff --git a/src/ngircd/irc-write.c b/src/ngircd/irc-write.c index 8f3fd53d..a3700c83 100644 --- a/src/ngircd/irc-write.c +++ b/src/ngircd/irc-write.c @@ -406,7 +406,7 @@ IRC_WriteStrServersPrefixFlag_CB(CLIENT *ExceptOf, CLIENT *Prefix, char Flag, /** * Send a message to all "related" clients. * - * Related clients are the one that share one ore more channels with the client + * Related clients are the one that share one or more channels with the client * sending this message. * * The message is only sent once per remote server. diff --git a/src/ngircd/irc.c b/src/ngircd/irc.c index 3113a4ba..3b098d0a 100644 --- a/src/ngircd/irc.c +++ b/src/ngircd/irc.c @@ -131,7 +131,7 @@ IRC_ERROR(CLIENT *Client, REQUEST *Req) * in this case, and the prefix in Req is NULL. * * @param Client The client from which this command has been received or - * Client_ThisServer() when generated interanlly. + * Client_ThisServer() when generated internally. * @param Req Request structure with prefix and all parameters. * @return CONNECTED or DISCONNECTED. */ @@ -358,7 +358,7 @@ IRC_KillClient(CLIENT *Client, CLIENT *From, const char *Nick, const char *Reaso /* Do we know such a client in the network? */ c = Client_Search(Nick); if (!c) { - LogDebug("Client with nick \"%s\" is unknown, not forwaring.", Nick); + LogDebug("Client with nick \"%s\" is unknown, not forwarding.", Nick); return CONNECTED; } @@ -514,7 +514,7 @@ Option_String(UNUSED CONN_ID Idx) /** * Send a message to target(s). * - * This function is used by IRC_{PRIVMSG|NOTICE|SQUERY} to actualy + * This function is used by IRC_{PRIVMSG|NOTICE|SQUERY} to actually * send the message(s). * * @param Client The client from which this command has been received. @@ -572,6 +572,13 @@ Send_Message(CLIENT * Client, REQUEST * Req, int ForceType, bool SendErrors) #endif message = Req->argv[1]; + if (message[0] == '\0') { + if (!SendErrors) + return CONNECTED; + return IRC_WriteErrClient(Client, ERR_NOTEXTTOSEND_MSG, + Client_ID(Client)); + } + /* handle msgtarget = msgto *("," msgto) */ currentTarget = strtok_r(currentTarget, ",", &strtok_last); ngt_UpperStr(Req->command); diff --git a/src/ngircd/lists.c b/src/ngircd/lists.c index 38b3b0e8..69ea79a4 100644 --- a/src/ngircd/lists.c +++ b/src/ngircd/lists.c @@ -341,7 +341,7 @@ Lists_CheckReason(struct list_head *h, CLIENT *Client, char *reason, size_t len) while (e) { next = e->next; - if (MatchCaseInsensitive(e->mask, Client_MaskCloaked(Client))) { + if (MatchCaseInsensitive(e->mask, Client_MaskCloaked(Client)) || MatchCaseInsensitive(e->mask, Client_Mask(Client))) { if (len && e->reason) strlcpy(reason, e->reason, len); if (e->onlyonce) { diff --git a/src/ngircd/log.c b/src/ngircd/log.c index a47ce92c..bb849981 100644 --- a/src/ngircd/log.c +++ b/src/ngircd/log.c @@ -39,13 +39,13 @@ #include "log.h" -static bool Is_Daemon; +static bool Use_Syslog; static void Log_Message(int Level, const char *msg) { - if (!Is_Daemon) { + if (!Use_Syslog) { /* log to console */ fprintf(stdout, "[%ld:%d %4ld] %s\n", (long)getpid(), Level, (long)(time(NULL) - NGIRCd_Start), msg); @@ -60,15 +60,15 @@ Log_Message(int Level, const char *msg) /** - * Initialitze logging. + * Initialize logging. * This function is called before the configuration file is read in. * - * @param Daemon_Mode Set to true if ngIRCd is running as daemon. + * @param Syslog_Mode Set to true if ngIRCd is configured to log to the syslog. */ GLOBAL void -Log_Init(bool Daemon_Mode) +Log_Init(bool Syslog_Mode) { - Is_Daemon = Daemon_Mode; + Use_Syslog = Syslog_Mode; #ifdef SYSLOG #ifndef LOG_CONS /* Kludge: mips-dec-ultrix4.5 has no LOG_CONS */ @@ -121,7 +121,6 @@ Log_Exit( void ) * @param Format Format string like printf(). * @param ... Further arguments. */ -#ifdef DEBUG # ifdef PROTOTYPES GLOBAL void LogDebug( const char *Format, ... ) @@ -145,7 +144,6 @@ va_dcl va_end( ap ); Log(LOG_DEBUG, "%s", msg); } -#endif /* DEBUG */ /** @@ -184,11 +182,7 @@ va_dcl } else snotice = false; -#ifdef DEBUG if(( Level == LOG_DEBUG ) && ( ! NGIRCd_Debug )) return; -#else - if( Level == LOG_DEBUG ) return; -#endif #ifdef PROTOTYPES va_start( ap, Format ); @@ -215,20 +209,16 @@ Log_Init_Subprocess(char UNUSED *Name) #ifdef SYSLOG openlog(PACKAGE, LOG_CONS|LOG_PID, Conf_SyslogFacility); #endif -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "%s sub-process starting, PID %ld.", Name, (long)getpid()); -#endif } GLOBAL void Log_Exit_Subprocess(char UNUSED *Name) { -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "%s sub-process %ld done.", Name, (long)getpid()); -#endif #ifdef SYSLOG closelog( ); #endif @@ -251,13 +241,8 @@ va_dcl assert(Format != NULL); -#ifdef DEBUG if ((Level == LOG_DEBUG) && (!NGIRCd_Debug)) return; -#else - if (Level == LOG_DEBUG) - return; -#endif #ifdef PROTOTYPES va_start(ap, Format); diff --git a/src/ngircd/log.h b/src/ngircd/log.h index f582e6c8..0ac4c4d9 100644 --- a/src/ngircd/log.h +++ b/src/ngircd/log.h @@ -32,7 +32,7 @@ #define LOG_snotice 1024 -GLOBAL void Log_Init PARAMS(( bool Daemon_Mode )); +GLOBAL void Log_Init PARAMS(( bool Syslog_Mode )); GLOBAL void Log_Exit PARAMS(( void )); GLOBAL void Log PARAMS(( int Level, const char *Format, ... )); @@ -40,20 +40,14 @@ GLOBAL void Log_ReInit PARAMS((void)); GLOBAL void Log_ServerNotice PARAMS((char UserMode, const char *Format, ...)); -#ifdef DEBUG GLOBAL void LogDebug PARAMS(( const char *Format, ... )); -#else -static inline void LogDebug PARAMS(( UNUSED const char *Format, ... )){/* Do nothing. The compiler should optimize this out, please ;-) */} -#endif GLOBAL void Log_Init_Subprocess PARAMS((char *Name)); GLOBAL void Log_Exit_Subprocess PARAMS((char *Name)); GLOBAL void Log_Subprocess PARAMS((const int Level, const char *Format, ...)); -#ifdef DEBUG GLOBAL void Log_InitErrorfile PARAMS(( void )); -#endif #endif diff --git a/src/ngircd/login.c b/src/ngircd/login.c index ba9378f8..3412e337 100644 --- a/src/ngircd/login.c +++ b/src/ngircd/login.c @@ -31,6 +31,7 @@ #include "log.h" #include "messages.h" #include "ngircd.h" +#include "irc-channel.h" #include "irc-info.h" #include "irc-mode.h" #include "irc-write.h" @@ -201,9 +202,41 @@ Login_User_PostAuth(CLIENT *Client) } else IRC_SetPenalty(Client, 1); + /* Autojoin clients to the channels */ + Login_Autojoin(Client); + return CONNECTED; } +/** + * Autojoin clients to the channels set by administrator + * + * Do nothing if autojoin is not set in the configuration or the channel is not + * available (any more). + **/ +GLOBAL void +Login_Autojoin(CLIENT *Client) +{ + REQUEST Req; + const struct Conf_Channel *conf_chan; + size_t i, channel_count = array_length(&Conf_Channels, sizeof(*conf_chan)); + + conf_chan = array_start(&Conf_Channels); + assert(channel_count == 0 || conf_chan != NULL); + + for (i = 0; i < channel_count; i++, conf_chan++) { + if(!conf_chan->autojoin) + continue; + if (!Channel_Search(conf_chan->name)) + continue; + Req.prefix = Client_ID(Client_ThisServer()); + Req.command = "JOIN"; + Req.argc = 1; + Req.argv[0] = (char *)conf_chan->name; + IRC_JOIN(Client, &Req); + } +} + #ifdef PAM /** @@ -248,7 +281,7 @@ cb_Read_Auth_Result(int r_fd, UNUSED short events) if (result == true) { /* Authentication succeeded, now set the correct user name - * supplied by the client (without prepended '~' for exmaple), + * supplied by the client (without prepended '~' for example), * but cut it at the first '@' character: */ strlcpy(user, Client_OrigUser(client), sizeof(user)); ptr = strchr(user, '@'); diff --git a/src/ngircd/login.h b/src/ngircd/login.h index 6e3a21d6..b5d7be1e 100644 --- a/src/ngircd/login.h +++ b/src/ngircd/login.h @@ -19,6 +19,7 @@ GLOBAL bool Login_User PARAMS((CLIENT * Client)); GLOBAL bool Login_User_PostAuth PARAMS((CLIENT *Client)); +GLOBAL void Login_Autojoin PARAMS((CLIENT *Client)); #endif diff --git a/src/ngircd/messages.h b/src/ngircd/messages.h index 90292a2b..5c33b35d 100644 --- a/src/ngircd/messages.h +++ b/src/ngircd/messages.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2023 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -23,7 +23,7 @@ #define RPL_MYINFO_MSG "004 %s %s ngircd-%s %s %s" #define RPL_ISUPPORTNET_MSG "005 %s NETWORK=%s :is my network name" #define RPL_ISUPPORT1_MSG "005 %s RFC2812 IRCD=ngIRCd CHARSET=UTF-8 CASEMAPPING=ascii PREFIX=(qaohv)~&@%%+ CHANTYPES=%s CHANMODES=beI,k,l,imMnOPQRstVz CHANLIMIT=%s:%d :are supported on this server" -#define RPL_ISUPPORT2_MSG "005 %s CHANNELLEN=%d NICKLEN=%d TOPICLEN=%d AWAYLEN=%d KICKLEN=%d MODES=%d MAXLIST=beI:%d EXCEPTS=e INVEX=I PENALTY :are supported on this server" +#define RPL_ISUPPORT2_MSG "005 %s CHANNELLEN=%d NICKLEN=%d TOPICLEN=%d AWAYLEN=%d KICKLEN=%d MODES=%d MAXLIST=beI:%d EXCEPTS=e INVEX=I PENALTY FNC :are supported on this server" #define RPL_TRACELINK_MSG "200 %s Link %s-%s %s %s V%s %ld %d %d" #define RPL_TRACEOPERATOR_MSG "204 %s Oper 2 :%s" @@ -84,7 +84,7 @@ #define RPL_ENDOFEXCEPTLIST_MSG "349 %s %s :End of channel exception list" #define RPL_VERSION_MSG "351 %s %s-%s.%s %s :%s" #define RPL_WHOREPLY_MSG "352 %s %s %s %s %s %s %s :%d %s" -#define RPL_NAMREPLY_MSG "353 %s %s %s :" +#define RPL_NAMREPLY_MSG "353 %s %c %s :" #define RPL_LINKS_MSG "364 %s %s %s :%d %s" #define RPL_ENDOFLINKS_MSG "365 %s %s :End of LINKS list" #define RPL_ENDOFNAMES_MSG "366 %s %s :End of NAMES list" @@ -162,6 +162,8 @@ #define ERR_USERNOTONSERV_MSG "504 %s %s :User is not on this server" #define ERR_NOINVITE_MSG "518 %s :Cannot invite to %s (+V)" +#define ERR_INVALIDMODEPARAM_MSG "696 %s %s %c * :Invalid mode parameter" + #ifdef ZLIB # define RPL_STATSLINKINFOZIP_MSG "211 %s %s %d %ld %ld/%ld %ld %ld/%ld :%ld" #endif diff --git a/src/ngircd/ngircd.c b/src/ngircd/ngircd.c index 7166640b..c2169c43 100644 --- a/src/ngircd/ngircd.c +++ b/src/ngircd/ngircd.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2020 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -9,6 +9,7 @@ * Please read the file COPYING, README and AUTHORS for more information. */ +#define GLOBAL_INIT #include "portab.h" /** @@ -73,7 +74,7 @@ GLOBAL int main(int argc, const char *argv[]) { bool ok, configtest = false; - bool NGIRCd_NoDaemon = false; + bool NGIRCd_NoDaemon = false, NGIRCd_NoSyslog = false; int i; size_t n; @@ -87,14 +88,10 @@ main(int argc, const char *argv[]) NGIRCd_SignalQuit = NGIRCd_SignalRestart = false; NGIRCd_Passive = false; -#ifdef DEBUG NGIRCd_Debug = false; -#endif #ifdef SNIFFER NGIRCd_Sniffer = false; #endif - strlcpy(NGIRCd_ConfFile, SYSCONFDIR, sizeof(NGIRCd_ConfFile)); - strlcat(NGIRCd_ConfFile, CONFIG_FILE, sizeof(NGIRCd_ConfFile)); Fill_Version(); @@ -116,12 +113,10 @@ main(int argc, const char *argv[]) configtest = true; ok = true; } -#ifdef DEBUG if (strcmp(argv[i], "--debug") == 0) { NGIRCd_Debug = true; ok = true; } -#endif if (strcmp(argv[i], "--help") == 0) { Show_Version(); puts(""); Show_Help( ); puts( "" ); @@ -129,6 +124,7 @@ main(int argc, const char *argv[]) } if (strcmp(argv[i], "--nodaemon") == 0) { NGIRCd_NoDaemon = true; + NGIRCd_NoSyslog = true; ok = true; } if (strcmp(argv[i], "--passive") == 0) { @@ -140,6 +136,12 @@ main(int argc, const char *argv[]) NGIRCd_Sniffer = true; ok = true; } +#endif +#ifdef SYSLOG + if (strcmp(argv[i], "--syslog") == 0) { + NGIRCd_NoSyslog = false; + ok = true; + } #endif if (strcmp(argv[i], "--version") == 0) { Show_Version(); @@ -150,12 +152,10 @@ main(int argc, const char *argv[]) /* short option */ for (n = 1; n < strlen(argv[i]); n++) { ok = false; -#ifdef DEBUG if (argv[i][n] == 'd') { NGIRCd_Debug = true; ok = true; } -#endif if (argv[i][n] == 'f') { if (!argv[i][n+1] && i+1 < argc) { /* Ok, next character is a blank */ @@ -177,6 +177,7 @@ main(int argc, const char *argv[]) if (argv[i][n] == 'n') { NGIRCd_NoDaemon = true; + NGIRCd_NoSyslog = true; ok = true; } if (argv[i][n] == 'p') { @@ -198,6 +199,12 @@ main(int argc, const char *argv[]) Show_Version(); exit(1); } +#ifdef SYSLOG + if (argv[i][n] == 'y') { + NGIRCd_NoSyslog = false; + ok = true; + } +#endif if (!ok) { fprintf(stderr, @@ -222,10 +229,8 @@ main(int argc, const char *argv[]) /* Debug level for "VERSION" command */ NGIRCd_DebugLevel[0] = '\0'; -#ifdef DEBUG if (NGIRCd_Debug) strcpy(NGIRCd_DebugLevel, "1"); -#endif #ifdef SNIFFER if (NGIRCd_Sniffer) { NGIRCd_Debug = true; @@ -248,7 +253,7 @@ main(int argc, const char *argv[]) NGIRCd_SignalRestart = false; NGIRCd_SignalQuit = false; - Log_Init(!NGIRCd_NoDaemon); + Log_Init(!NGIRCd_NoSyslog); Random_Init(); Conf_Init(); Log_ReInit(); @@ -450,7 +455,7 @@ static void Show_Version( void ) { puts( NGIRCd_Version ); - puts( "Copyright (c)2001-2020 Alexander Barton () and Contributors." ); + puts( "Copyright (c)2001-2024 Alexander Barton () and Contributors." ); puts( "Homepage: \n" ); puts( "This is free software; see the source for copying conditions. There is NO" ); puts( "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." ); @@ -465,9 +470,7 @@ Show_Version( void ) static void Show_Help( void ) { -#ifdef DEBUG puts( " -d, --debug log extra debug messages" ); -#endif puts( " -f, --config use file as configuration file" ); puts( " -n, --nodaemon don't fork and don't detach from controlling terminal" ); puts( " -p, --passive disable automatic connections to other servers" ); @@ -476,6 +479,9 @@ Show_Help( void ) #endif puts( " -t, --configtest read, validate and display configuration; then exit" ); puts( " -V, --version output version information and exit" ); +#ifdef SYSLOG + puts( " -y, --syslog log to syslog even when running in the foreground (-n)" ); +#endif puts( " -h, --help display this help and exit" ); } /* Show_Help */ @@ -489,9 +495,7 @@ Pidfile_Delete( void ) /* Pidfile configured? */ if( ! Conf_PidFile[0] ) return; -#ifdef DEBUG - Log( LOG_DEBUG, "Removing PID file (%s) ...", Conf_PidFile ); -#endif + LogDebug( "Removing PID file (%s) ...", Conf_PidFile ); if( unlink( Conf_PidFile )) Log( LOG_ERR, "Error unlinking PID file (%s): %s", Conf_PidFile, strerror( errno )); @@ -513,9 +517,7 @@ Pidfile_Create(pid_t pid) /* Pidfile configured? */ if( ! Conf_PidFile[0] ) return; -#ifdef DEBUG - Log( LOG_DEBUG, "Creating PID file (%s) ...", Conf_PidFile ); -#endif + LogDebug( "Creating PID file (%s) ...", Conf_PidFile ); pidfd = open( Conf_PidFile, O_RDWR|O_CREAT|O_EXCL, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); if ( pidfd < 0 ) { @@ -720,7 +722,7 @@ NGIRCd_Init(bool NGIRCd_NoDaemon) Log(LOG_ERR, "Can't change group ID to %s(%u): %s!", grp ? grp->gr_name : "?", Conf_GID, strerror(real_errno)); - if (real_errno != EPERM) + if (real_errno != EPERM && real_errno != EINVAL) goto out; } #ifdef HAVE_SETGROUPS @@ -746,7 +748,7 @@ NGIRCd_Init(bool NGIRCd_NoDaemon) Log(LOG_ERR, "Can't change user ID to %s(%u): %s!", pwd ? pwd->pw_name : "?", Conf_UID, strerror(real_errno)); - if (real_errno != EPERM) + if (real_errno != EPERM && real_errno != EINVAL) goto out; } } @@ -754,7 +756,7 @@ NGIRCd_Init(bool NGIRCd_NoDaemon) initialized = true; /* Normally a child process is forked which isn't any longer - * connected to ther controlling terminal. Use "--nodaemon" + * connected to the controlling terminal. Use "--nodaemon" * to disable this "daemon mode" (useful for debugging). */ if (!NGIRCd_NoDaemon) { pid = fork(); @@ -816,7 +818,7 @@ NGIRCd_Init(bool NGIRCd_NoDaemon) if (pwd) { if (chdir(pwd->pw_dir) == 0) - Log(LOG_DEBUG, + LogDebug( "Changed working directory to \"%s\" ...", pwd->pw_dir); else @@ -824,7 +826,7 @@ NGIRCd_Init(bool NGIRCd_NoDaemon) "Can't change working directory to \"%s\": %s!", pwd->pw_dir, strerror(errno)); } else - Log(LOG_ERR, "Can't get user informaton for UID %d!?", Conf_UID); + Log(LOG_ERR, "Can't get user information for UID %d!?", Conf_UID); return true; out: diff --git a/src/ngircd/ngircd.h b/src/ngircd/ngircd.h index 2efb8a94..c3ae0fee 100644 --- a/src/ngircd/ngircd.h +++ b/src/ngircd/ngircd.h @@ -35,10 +35,8 @@ GLOBAL char NGIRCd_Version[126]; /** String specifying the compile-time options and target platform */ GLOBAL char NGIRCd_VersionAddition[126]; -#ifdef DEBUG /** Flag indicating if debug mode is active (true) or not (false) */ GLOBAL bool NGIRCd_Debug; -#endif #ifdef SNIFFER /** Flag indication if sniffer is active (true) or not (false) */ diff --git a/src/ngircd/numeric.c b/src/ngircd/numeric.c index 380b9078..99741068 100644 --- a/src/ngircd/numeric.c +++ b/src/ngircd/numeric.c @@ -214,13 +214,11 @@ Synchronize_Lists(CLIENT * Client) static bool Send_CHANINFO(CLIENT * Client, CHANNEL * Chan) { - char *modes, *topic; + char *modes, *topic, *key; bool has_k, has_l; -#ifdef DEBUG Log(LOG_DEBUG, "Sending CHANINFO commands for \"%s\" ...", Channel_Name(Chan)); -#endif modes = Channel_Modes(Chan); topic = Channel_Topic(Chan); @@ -243,9 +241,10 @@ Send_CHANINFO(CLIENT * Client, CHANNEL * Chan) Channel_Name(Chan), modes, topic); } /* "CHANINFO + :" */ + key = Channel_Key(Chan); return IRC_WriteStrClient(Client, "CHANINFO %s +%s %s %lu :%s", Channel_Name(Chan), modes, - has_k ? Channel_Key(Chan) : "*", + has_k ? (key && *key ? key : "*") : "*", has_l ? Channel_MaxUsers(Chan) : 0, topic); } /* Send_CHANINFO */ diff --git a/src/ngircd/parse.c b/src/ngircd/parse.c index 51834133..7b5d28c2 100644 --- a/src/ngircd/parse.c +++ b/src/ngircd/parse.c @@ -183,7 +183,7 @@ Parse_Request( CONN_ID Idx, char *Request ) assert( Request != NULL ); #ifdef SNIFFER - if( NGIRCd_Sniffer ) Log( LOG_DEBUG, " <- connection %d: '%s'.", Idx, Request ); + if( NGIRCd_Sniffer ) LogDebug( " <- connection %d: '%s'.", Idx, Request ); #endif Init_Request( &req ); diff --git a/src/ngircd/parse.h b/src/ngircd/parse.h index 859c7ce5..48260c67 100644 --- a/src/ngircd/parse.h +++ b/src/ngircd/parse.h @@ -25,7 +25,7 @@ typedef struct _REQUEST char *prefix; /**< Prefix */ char *command; /**< IRC command */ char *argv[15]; /**< Parameters, at most 15 (0..14) */ - int argc; /**< Number of given paramaters */ + int argc; /**< Number of given parameters */ } REQUEST; /** IRC command handling structure */ diff --git a/src/ngircd/proc.c b/src/ngircd/proc.c index d68d714d..af00dd3d 100644 --- a/src/ngircd/proc.c +++ b/src/ngircd/proc.c @@ -114,14 +114,10 @@ Proc_GenericSignalHandler(int Signal) { switch(Signal) { case SIGTERM: -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "Child got TERM signal, exiting."); -#endif exit(1); case SIGALRM: -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "Child got ALARM signal, exiting."); -#endif exit(1); } } diff --git a/src/ngircd/resolve.c b/src/ngircd/resolve.c index 109d8b6c..25be58a4 100644 --- a/src/ngircd/resolve.c +++ b/src/ngircd/resolve.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -42,7 +42,7 @@ #include "resolve.h" -static void Do_ResolveAddr PARAMS(( const ng_ipaddr_t *Addr, int Sock, int w_fd )); +static void Do_ResolveAddr_Ident PARAMS(( const ng_ipaddr_t *Addr, int Sock, int w_fd )); static void Do_ResolveName PARAMS(( const char *Host, int w_fd )); #ifdef WANT_IPV6 @@ -52,11 +52,11 @@ extern bool Conf_ConnectIPv6; /** - * Resolve IP (asynchronous!). + * Resolve IP address and do IDENT lookup asynchronously. */ GLOBAL bool -Resolve_Addr(PROC_STAT * s, const ng_ipaddr_t *Addr, int identsock, - void (*cbfunc) (int, short)) +Resolve_Addr_Ident(PROC_STAT * s, const ng_ipaddr_t *Addr, int identsock, + void (*cbfunc) (int, short)) { int pipefd[2]; pid_t pid; @@ -71,7 +71,7 @@ Resolve_Addr(PROC_STAT * s, const ng_ipaddr_t *Addr, int identsock, /* Sub process */ Log_Init_Subprocess("Resolver"); Conn_CloseAllSockets(identsock); - Do_ResolveAddr(Addr, identsock, pipefd[1]); + Do_ResolveAddr_Ident(Addr, identsock, pipefd[1]); Log_Exit_Subprocess("Resolver"); exit(0); } @@ -93,9 +93,7 @@ Resolve_Name( PROC_STAT *s, const char *Host, void (*cbfunc)(int, short)) pid = Proc_Fork(s, pipefd, cbfunc, RESOLVER_TIMEOUT); if (pid > 0) { /* Main process */ -#ifdef DEBUG Log( LOG_DEBUG, "Resolver for \"%s\" created (PID %d).", Host, pid ); -#endif return true; } else if( pid == 0 ) { /* Sub process */ @@ -140,15 +138,11 @@ Do_IdentQuery(int identsock, array *resolved_addr) if (identsock < 0) return; -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "Doing IDENT lookup on socket %d ...", identsock); -#endif res = ident_id( identsock, 10 ); -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "Ok, IDENT lookup on socket %d done: \"%s\"", identsock, res ? res : "(NULL)"); -#endif if (!res) /* no result */ return; if (!array_cats(resolved_addr, res)) @@ -245,9 +239,6 @@ ForwardLookup(const char *hostname, array *IpAddr, UNUSED int af) struct addrinfo *a, *ai_results; static struct addrinfo hints; -#ifdef AI_ADDRCONFIG /* glibc has this, but not e.g. netbsd 4.0 */ - hints.ai_flags = AI_ADDRCONFIG; -#endif hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP; hints.ai_family = af; @@ -365,7 +356,7 @@ ArrayWrite(int fd, const array *a) static void -Do_ResolveAddr(const ng_ipaddr_t *Addr, int identsock, int w_fd) +Do_ResolveAddr_Ident(const ng_ipaddr_t *Addr, int identsock, int w_fd) { /* Resolver sub-process: resolve IP address and write result into * pipe to parent. */ @@ -374,11 +365,16 @@ Do_ResolveAddr(const ng_ipaddr_t *Addr, int identsock, int w_fd) size_t len; array resolved_addr; + hostname[0] = '\0'; array_init(&resolved_addr); ng_ipaddr_tostr_r(Addr, tmp_ip_str); -#ifdef DEBUG + + /* Skip DNS lookup when DNS is disabled; just return an empty ("") host + * name but still issue an IDENT query, if supported and enabled. */ + if (!Conf_DNS) + goto dns_done; + Log_Subprocess(LOG_DEBUG, "Now resolving %s ...", tmp_ip_str); -#endif if (!ReverseLookup(Addr, hostname, sizeof(hostname))) goto dns_done; @@ -391,9 +387,7 @@ Do_ResolveAddr(const ng_ipaddr_t *Addr, int identsock, int w_fd) Log_Forgery_NoIP(tmp_ip_str, hostname); strlcpy(hostname, tmp_ip_str, sizeof(hostname)); } -#ifdef DEBUG Log_Subprocess(LOG_DEBUG, "Ok, translated %s to \"%s\".", tmp_ip_str, hostname); -#endif dns_done: len = strlen(hostname); hostname[len] = '\n'; @@ -410,7 +404,7 @@ Do_ResolveAddr(const ng_ipaddr_t *Addr, int identsock, int w_fd) ArrayWrite(w_fd, &resolved_addr); array_free(&resolved_addr); -} /* Do_ResolveAddr */ +} /* Do_ResolveAddr_Ident */ static void @@ -420,10 +414,8 @@ Do_ResolveName( const char *Host, int w_fd ) * to parent. */ array IpAddrs; int af; -#ifdef DEBUG ng_ipaddr_t *addr; size_t len; -#endif Log_Subprocess(LOG_DEBUG, "Now resolving \"%s\" ...", Host); array_init(&IpAddrs); @@ -443,7 +435,6 @@ Do_ResolveName( const char *Host, int w_fd ) close(w_fd); return; } -#ifdef DEBUG len = array_length(&IpAddrs, sizeof(*addr)); assert(len > 0); addr = array_start(&IpAddrs); @@ -452,7 +443,6 @@ Do_ResolveName( const char *Host, int w_fd ) Log_Subprocess(LOG_DEBUG, "translated \"%s\" to %s.", Host, ng_ipaddr_tostr(addr)); } -#endif /* Write result into pipe to parent */ ArrayWrite(w_fd, &IpAddrs); diff --git a/src/ngircd/resolve.h b/src/ngircd/resolve.h index c0b734b8..92257c39 100644 --- a/src/ngircd/resolve.h +++ b/src/ngircd/resolve.h @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2010 by Alexander Barton (alex@barton.de) + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -17,7 +17,7 @@ * Asynchronous resolver (header) */ -GLOBAL bool Resolve_Addr PARAMS((PROC_STAT * s, const ng_ipaddr_t * Addr, +GLOBAL bool Resolve_Addr_Ident PARAMS((PROC_STAT * s, const ng_ipaddr_t * Addr, int identsock, void (*cbfunc) (int, short))); GLOBAL bool Resolve_Name PARAMS((PROC_STAT * s, const char *Host, void (*cbfunc) (int, short))); diff --git a/src/ngircd/sighandlers.c b/src/ngircd/sighandlers.c index 8275123e..00f5ae85 100644 --- a/src/ngircd/sighandlers.c +++ b/src/ngircd/sighandlers.c @@ -1,6 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001-2015 Alexander Barton (alex@barton.de) and Contributors. + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -26,6 +26,11 @@ #include #include +#ifdef HAVE_SYS_UN_H +# include +# include +#endif + #include "conn.h" #include "channel.h" #include "conf.h" @@ -41,25 +46,23 @@ static const int signals_catch[] = { SIGINT, SIGQUIT, SIGTERM, SIGHUP, SIGCHLD, SIGUSR1, SIGUSR2 }; -#ifdef DEBUG static void Dump_State(void) { - Log(LOG_DEBUG, "--- Internal server state: %s ---", + LogDebug("--- Internal server state: %s ---", Client_ID(Client_ThisServer())); #ifdef HAVE_LONG_LONG - Log(LOG_DEBUG, "time()=%llu", (unsigned long long)time(NULL)); + LogDebug("time()=%llu", (unsigned long long)time(NULL)); #else - Log(LOG_DEBUG, "time()=%lu", (unsigned long)time(NULL)); + LogDebug("time()=%lu", (unsigned long)time(NULL)); #endif Conf_DebugDump(); Conn_DebugDump(); Client_DebugDump(); - Log(LOG_DEBUG, "--- End of state dump ---"); + LogDebug("--- End of state dump ---"); } /* Dump_State */ -#endif static void Signal_Block(int sig) @@ -102,14 +105,17 @@ Rehash(void) unsigned old_nicklen; Log( LOG_NOTICE|LOG_snotice, "Re-reading configuration NOW!" ); + Signal_NotifySvcMgr("RELOADING=1\n"); /* Remember old server name and nickname length */ strlcpy( old_name, Conf_ServerName, sizeof old_name ); old_nicklen = Conf_MaxNickLength; /* Re-read configuration ... */ - if (!Conf_Rehash( )) + if (!Conf_Rehash()) { + Signal_NotifySvcMgr("READY=1\n"); return; + } /* Close down all listening sockets */ Conn_ExitListeners( ); @@ -141,6 +147,7 @@ Rehash(void) Conn_SyncServerStruct( ); Log( LOG_NOTICE|LOG_snotice, "Re-reading of configuration done." ); + Signal_NotifySvcMgr("READY=1\n"); } /* Rehash */ /** @@ -174,7 +181,6 @@ Signal_Handler(int Signal) while (waitpid( -1, NULL, WNOHANG) > 0) ; return; -#ifdef DEBUG case SIGUSR1: if (! NGIRCd_Debug) { Log(LOG_INFO|LOG_snotice, @@ -197,7 +203,6 @@ Signal_Handler(int Signal) #endif /* SNIFFER */ } return; -#endif } /* @@ -226,7 +231,6 @@ Signal_Handler_BH(int Signal) /* re-read configuration */ Rehash(); break; -#ifdef DEBUG case SIGUSR2: if (NGIRCd_Debug) { Log(LOG_INFO|LOG_snotice, @@ -235,8 +239,7 @@ Signal_Handler_BH(int Signal) } break; default: - Log(LOG_DEBUG, "Got signal %d! Ignored.", Signal); -#endif + LogDebug("Got signal %d! Ignored.", Signal); } Signal_Unblock(Signal); } @@ -345,4 +348,104 @@ Signals_Exit(void) signalpipe[0] = signalpipe[1] = 0; } -/* -eof- */ +/** + * Check if the service manager of the system can be notified. + * + * @returns true if notifying the service manager is theoretically possible. + */ +GLOBAL bool +Signal_NotifySvcMgr_Possible(void) +{ +#if !defined(HAVE_SYS_UN_H) || !defined(SOCK_CLOEXEC) + return false; +#else + return getenv("NOTIFY_SOCKET") != NULL; +#endif +} + +/** + * Notify the service manager using the "sd_notify" protocol. + * + * This function is based on the example notify() function shown in the + * sd_notify(3) manual page, with one significant difference: we keep the file + * descriptor open to reduce overhead when called multiple times. + * + * @param message: The message to pass to the service manager including "\n". + */ +GLOBAL void +#if !defined(HAVE_SYS_UN_H) || !defined(SOCK_CLOEXEC) +Signal_NotifySvcMgr(UNUSED const char *message) +{ + return; +#else +Signal_NotifySvcMgr(const char *message) +{ + struct sockaddr_un socket_addr; + const char *socket_path; + size_t path_length, message_length; + static int fd = NONE; + + assert(message != NULL); + assert(message[0] != '\0'); + + if (fd == NONE) { + /* No socket to the service manager open: Check if a path name + * is given in the environment and try to open it! */ + socket_path = getenv("NOTIFY_SOCKET"); + if (!socket_path) + return; /* No socket specified, nothing to do. */ + + /* Only AF_UNIX is supported, with path or abstract sockets */ + if (socket_path[0] != '/' && socket_path[0] != '@') { + Log(LOG_CRIT, + "Failed to notify service manager: Unsupported socket path!"); + return; + } + + path_length = strlen(socket_path); + + /* Ensure there is room for NUL byte */ + if (path_length >= sizeof(socket_addr.sun_path)) { + Log(LOG_CRIT, + "Failed to notify service manager: Socket path too long!"); + return; + } + + memset(&socket_addr, 0, sizeof(struct sockaddr_un)); + socket_addr.sun_family = AF_UNIX; + memcpy(socket_addr.sun_path, socket_path, path_length); + + /* Support for abstract socket */ + if (socket_addr.sun_path[0] == '@') + socket_addr.sun_path[0] = 0; + + fd = socket(AF_UNIX, SOCK_DGRAM | SOCK_CLOEXEC, 0); + if (fd < 0) { + Log(LOG_CRIT, + "Failed to notify service manager: %s [socket()]", + strerror(errno)); + return; + } + + if (connect(fd, (struct sockaddr *)&socket_addr, + sizeof(struct sockaddr_un)) != 0) { + Log(LOG_CRIT, + "Failed to notify service manager: %s [connect()]", + strerror(errno)); + close(fd); + fd = NONE; + return; + } + } + + message_length = strlen(message); + ssize_t written = write(fd, message, message_length); + if (written != (ssize_t)message_length) { + Log(LOG_CRIT, + "Failed to notify service manager: %s [write()]", + strerror(errno)); + close(fd); + fd = NONE; + } +#endif +} diff --git a/src/ngircd/sighandlers.h b/src/ngircd/sighandlers.h index 68491d94..a7cafd1f 100644 --- a/src/ngircd/sighandlers.h +++ b/src/ngircd/sighandlers.h @@ -1,5 +1,6 @@ /* * ngIRCd -- The Next Generation IRC Daemon + * Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,6 +22,9 @@ bool Signals_Init PARAMS((void)); void Signals_Exit PARAMS((void)); +GLOBAL bool Signal_NotifySvcMgr_Possible PARAMS((void)); +GLOBAL void Signal_NotifySvcMgr PARAMS((const char *message)); + #endif /* -eof- */ diff --git a/src/portab/Makefile.ng b/src/portab/Makefile.ng index 30b77fc3..9be5f567 100644 --- a/src/portab/Makefile.ng +++ b/src/portab/Makefile.ng @@ -1,6 +1,6 @@ # # ngIRCd -- The Next Generation IRC Daemon -# Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -31,7 +31,7 @@ portabtest_LDFLAGS = -L. portabtest_LDADD = -lngportab -noinst_HEADERS = portab.h splint.h +noinst_HEADERS = portab.h maintainer-clean-local: rm -f Makefile Makefile.in Makefile.am diff --git a/src/portab/portab.h b/src/portab/portab.h index 70d5ed3e..e0ec3e1e 100644 --- a/src/portab/portab.h +++ b/src/portab/portab.h @@ -19,6 +19,8 @@ #include "config.h" +/* remove assert() macro at compile time if DEBUG is not set. */ + #ifndef DEBUG # define NDEBUG #endif @@ -102,12 +104,10 @@ typedef unsigned char bool; #endif #undef GLOBAL +#ifdef GLOBAL_INIT #define GLOBAL - -/* SPLint */ - -#ifdef S_SPLINT_S -# include "splint.h" +#else +#define GLOBAL extern #endif /* target constants */ diff --git a/src/portab/portabtest.c b/src/portab/portabtest.c index e7b0dcc8..5ad37b99 100644 --- a/src/portab/portabtest.c +++ b/src/portab/portabtest.c @@ -104,9 +104,10 @@ Check_strlcat(void) static void Check_strtok_r(void) { - char *ptr, *last; + char *str, *ptr, *last; ptr = strdup("12,abc"); + str = ptr; ptr = strtok_r(ptr, ",", &last); if (!ptr) @@ -123,6 +124,8 @@ Check_strtok_r(void) ptr = strtok_r(NULL, ",", &last); if (ptr) Panic("strtok_r result #3"); + + free(str); } #ifdef PROTOTYPES diff --git a/src/portab/splint.h b/src/portab/splint.h deleted file mode 100644 index be33e475..00000000 --- a/src/portab/splint.h +++ /dev/null @@ -1,41 +0,0 @@ -/* - * ngIRCd -- The Next Generation IRC Daemon - * Copyright (c)2001,2002 by Alexander Barton (alex@barton.de) - * - * Dieses Programm ist freie Software. Sie koennen es unter den Bedingungen - * der GNU General Public License (GPL), wie von der Free Software Foundation - * herausgegeben, weitergeben und/oder modifizieren, entweder unter Version 2 - * der Lizenz oder (wenn Sie es wuenschen) jeder spaeteren Version. - * Naehere Informationen entnehmen Sie bitter der Datei COPYING. Eine Liste - * der an ngIRCd beteiligten Autoren finden Sie in der Datei AUTHORS. - */ - -#ifndef __splint__ -#define __splint__ - -/** - * @file - * Header file which is included for SPLint code checks - * - * This header is only included by portab.h if a SPLint code check is - * running (when S_SPLINT_S is defined). It makes some definitions to - * prevent SPLint from issuing false warnings. - */ - -#define SYSCONFDIR "/" -#define LOCALSTATEDIR "/" - -#define LOG_EMERG 0 -#define LOG_ALERT 1 -#define LOG_CRIT 2 -#define LOG_ERR 3 -#define LOG_WARNING 4 -#define LOG_NOTICE 5 -#define LOG_INFO 6 -#define LOG_DEBUG 7 - -#define WNOHANG 0 - -#endif - -/* -eof- */ diff --git a/src/portab/vsnprintf.c b/src/portab/vsnprintf.c index 4c65db1f..d3b2a888 100644 --- a/src/portab/vsnprintf.c +++ b/src/portab/vsnprintf.c @@ -45,7 +45,7 @@ * probably requires libm on most operating systems. Don't yet * support the exponent (e,E) and sigfig (g,G). Also, fmtint() * was pretty badly broken, it just wasn't being exercised in ways - * which showed it, so that's been fixed. Also, formated the code + * which showed it, so that's been fixed. Also, formatted the code * to mutt conventions, and removed dead code left over from the * original. Also, there is now a builtin-test, just compile with: * gcc -DTEST_SNPRINTF -o snprintf snprintf.c -lm diff --git a/src/testsuite/Makefile.ng b/src/testsuite/Makefile.ng index 96d37f19..f866e608 100644 --- a/src/testsuite/Makefile.ng +++ b/src/testsuite/Makefile.ng @@ -23,13 +23,19 @@ EXTRA_DIST = \ stress-A.e stress-B.e \ server-login-test.e \ start-server1 stop-server1 ngircd-test1.conf \ - start-server2 stop-server2 ngircd-test2.conf + start-server2 stop-server2 ngircd-test2.conf \ + start-server3 stop-server3 ngircd-test3.conf \ + reload-server3 reload-server.sh prep-server3 cleanup-server3 switch-server3 \ + connect-ssl-cert1-test.e connect-ssl-cert2-test.e \ + ssl/cert-my-first-domain-tld.pem ssl/cert-my-second-domain-tld.pem \ + ssl/dhparams-my-first-domain-tld.pem ssl/dhparams-my-second-domain-tld.pem \ + ssl/key-my-first-domain-tld.pem ssl/key-my-second-domain-tld.pem all: clean-local: rm -rf logs tests *-test ngircd-test*.log procs.tmp tests-skipped.lst \ - T-ngircd1 ngircd-test1.motd T-ngircd2 ngircd-test2.motd + T-ngircd1 ngircd-test1.motd T-ngircd2 ngircd-test2.motd T-ngircd3 ngircd-test3.motd maintainer-clean-local: rm -f Makefile Makefile.in Makefile.am @@ -39,6 +45,7 @@ check_SCRIPTS = ngircd-TEST-Binary tests.sh ngircd-TEST-Binary: cp ../ngircd/ngircd T-ngircd1 cp ../ngircd/ngircd T-ngircd2 + cp ../ngircd/ngircd T-ngircd3 [ -f getpid.sh ] || ln -s $(srcdir)/getpid.sh . rm -f tests-skipped.lst @@ -46,6 +53,14 @@ connect-test: tests.sh rm -f connect-test ln -s $(srcdir)/tests.sh connect-test +connect-ssl-cert1-test: tests.sh + rm -f connect-ssl-cert1-test + ln -s $(srcdir)/tests.sh connect-ssl-cert1-test + +connect-ssl-cert2-test: tests.sh + rm -f connect-ssl-cert2-test + ln -s $(srcdir)/tests.sh connect-ssl-cert2-test + channel-test: tests.sh rm -f channel-test ln -s $(srcdir)/tests.sh channel-test @@ -113,4 +128,16 @@ TESTS = start-server1 \ stress-server.sh \ stop-server1 +if HAVE_SSL +TESTS += \ + prep-server3 \ + start-server3 \ + connect-ssl-cert1-test \ + switch-server3 \ + reload-server3 \ + connect-ssl-cert2-test \ + cleanup-server3 \ + stop-server3 +endif + # -eof- diff --git a/src/testsuite/README b/src/testsuite/README index 4ff5ea9f..33855fb0 100644 --- a/src/testsuite/README +++ b/src/testsuite/README @@ -71,7 +71,7 @@ tests.sh test-loop.sh [ []] This script runs all the tests times (default: 5) and pauses - seconds (default: 5) betweed runs. + seconds (default: 5) between runs. It isn't used by "make check" or "make testsuite". wait-tests.sh [] diff --git a/src/testsuite/channel-test.e b/src/testsuite/channel-test.e index f65c5196..5e0afab3 100644 --- a/src/testsuite/channel-test.e +++ b/src/testsuite/channel-test.e @@ -103,5 +103,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/check-idle.e b/src/testsuite/check-idle.e index ad112b25..3c37e80b 100644 --- a/src/testsuite/check-idle.e +++ b/src/testsuite/check-idle.e @@ -25,7 +25,7 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } exit $r diff --git a/src/testsuite/cleanup-server3 b/src/testsuite/cleanup-server3 new file mode 100755 index 00000000..a80fe730 --- /dev/null +++ b/src/testsuite/cleanup-server3 @@ -0,0 +1,2 @@ +#!/bin/sh +rm ssl/cert.pem ssl/key.pem ssl/dhparams.pem diff --git a/src/testsuite/connect-ssl-cert1-test.e b/src/testsuite/connect-ssl-cert1-test.e new file mode 100644 index 00000000..37abb762 --- /dev/null +++ b/src/testsuite/connect-ssl-cert1-test.e @@ -0,0 +1,21 @@ +# ngIRCd test suite +# Server connect test + +spawn openssl s_client -quiet -connect 127.0.0.1:6790 +expect { + timeout { exit 1 } + "*CN*=*my.first.domain.tld" +} + +sleep 2 +send "oper\r" +expect { + timeout { exit 1 } + "451" +} + +send "quit\r" +expect { + timeout { exit 1 } + "ERROR :Closing connection" +} diff --git a/src/testsuite/connect-ssl-cert2-test.e b/src/testsuite/connect-ssl-cert2-test.e new file mode 100644 index 00000000..0e67d75b --- /dev/null +++ b/src/testsuite/connect-ssl-cert2-test.e @@ -0,0 +1,21 @@ +# ngIRCd test suite +# Server connect test + +spawn openssl s_client -quiet -connect 127.0.0.1:6790 +expect { + timeout { exit 1 } + "*CN*=*my.second.domain.tld" +} + +sleep 2 +send "oper\r" +expect { + timeout { exit 1 } + "451" +} + +send "quit\r" +expect { + timeout { exit 1 } + "ERROR :Closing connection" +} diff --git a/src/testsuite/connect-test.e b/src/testsuite/connect-test.e index b51be0db..f3015d8a 100644 --- a/src/testsuite/connect-test.e +++ b/src/testsuite/connect-test.e @@ -16,5 +16,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/getpid.sh b/src/testsuite/getpid.sh index 04708e6c..7a3dbe37 100755 --- a/src/testsuite/getpid.sh +++ b/src/testsuite/getpid.sh @@ -1,51 +1,67 @@ #!/bin/sh # ngIRCd Test Suite +# +# Try to detect the PID of a running process of the current user. +# -# did we get a name? -[ $# -ne 1 ] && exit 1 +set -u -[ -x /bin/pidof ] && exec /bin/pidof -s $@ +# did we get a name? +if [ $# -ne 1 ]; then + echo "Usage: $0 " >&2 + exit 1 +fi -# detect flags for "ps" and "head" UNAME=`uname` -if [ $UNAME = "FreeBSD" ]; then - PS_FLAGS="-a"; PS_PIDCOL="1"; HEAD_FLAGS="-n 1" -elif [ $UNAME = "A/UX" ]; then - PS_FLAGS="-af"; PS_PIDCOL="2"; HEAD_FLAGS="-1" -elif [ $UNAME = "GNU" ]; then - PS_FLAGS="-ax"; PS_PIDCOL="2"; HEAD_FLAGS="-n 1" -elif [ $UNAME = "Haiku" ]; then - PS_FLAGS="-o Id -o Team"; PS_PIDCOL="1"; HEAD_FLAGS="-1" -elif [ $UNAME = "Linux" ]; then - PS_FLAGS="ax"; PS_PIDCOL="1"; HEAD_FLAGS="-n 1" -elif [ $UNAME = "SunOS" ]; then - PS_FLAGS="-af"; PS_PIDCOL=2; HEAD_FLAGS="-n 1" -else - PS_FLAGS="-af"; PS_PIDCOL="2"; HEAD_FLAGS="-n 1" - ps $PS_FLAGS > /dev/null 2>&1 - if [ $? -ne 0 ]; then PS_FLAGS="a"; PS_PIDCOL="1"; fi + +# Use pgrep(1) whenever possible +if [ -x /usr/bin/pgrep ]; then + case "$UNAME" in + "FreeBSD") + PGREP_FLAGS="-a" + ;; + *) + PGREP_FLAGS="" + esac + if [ -n "${LOGNAME:-}" ] || [ -n "${USER:-}" ]; then + # Try to narrow the search down to the current user ... + exec /usr/bin/pgrep $PGREP_FLAGS -n -u "${LOGNAME:-$USER}" "$1" + else + # ... but neither LOGNAME nor USER were set! + exec /usr/bin/pgrep $PGREP_FLAGS -n "$1" + fi fi -# debug output -#echo "$0: UNAME=$UNAME" -#echo "$0: PS_FLAGS=$PS_FLAGS" -#echo "$0: PS_PIDCOL=$PS_PIDCOL" -#echo "$0: HEAD_FLAGS=$HEAD_FLAGS" +# pidof(1) could be a good alternative on elder Linux systems +if [ -x /bin/pidof ]; then + exec /bin/pidof -s "$1" +fi + +# fall back to ps(1) and parse its output: +# detect flags for "ps" and "head" +PS_PIDCOL=1 +case "$UNAME" in + "A/UX"|"GNU"|"SunOS") + PS_FLAGS="-a"; PS_PIDCOL=2 + ;; + "Haiku") + PS_FLAGS="-o Id -o Team" + ;; + *) + # Linux (GNU coreutils), Free/Net/OpenBSD, ... + PS_FLAGS="-o pid,comm" +esac # search PID -ps $PS_FLAGS > procs.tmp -cat procs.tmp | \ - grep -v "$0" | grep "$1" | \ - awk "{print \$$PS_PIDCOL}" | \ - sort -n > pids.tmp -pid=`head $HEAD_FLAGS pids.tmp` +ps $PS_FLAGS >procs.tmp +grep -v "$$" procs.tmp | grep "$1" | \ + awk "{print \$$PS_PIDCOL}" | \ + sort -nr >pids.tmp +pid=`head -1 pids.tmp` rm -rf procs.tmp pids.tmp # validate PID -[ "$pid" -gt 1 ] > /dev/null 2>&1 -[ $? -ne 0 ] && exit 1 +[ "$pid" -gt 1 ] >/dev/null 2>&1 || exit 1 echo $pid exit 0 - -# -eof- diff --git a/src/testsuite/invite-test.e b/src/testsuite/invite-test.e index b9e0c3f9..f3115a3d 100644 --- a/src/testsuite/invite-test.e +++ b/src/testsuite/invite-test.e @@ -110,5 +110,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/join-test.e b/src/testsuite/join-test.e index c088f5cc..7e6a29a3 100644 --- a/src/testsuite/join-test.e +++ b/src/testsuite/join-test.e @@ -61,9 +61,52 @@ expect { timeout { exit 1 } "405" } +send "JOIN 0\r" + +send "JoIn #MultiMode\r" +expect { + timeout { exit 1 } + "474 nick #MultiMode" +} + +send "OPer TestOp 123\r" +expect { + timeout { exit 1 } + "381" +} + +send "Mode #MultiMode -b nick!~user\r" +expect { + timeout { exit 1 } + "MODE #MultiMode -b nick!~user@*" +} + +send "jOiN #MULTIMODE\r" +expect { + timeout { exit 1 } + "@* JOIN :#MULTIMODE" +} +expect { + timeout { exit 1 } + "366" +} +send "ModE #MULTImode\r" +expect { + timeout { exit 1 } + "324 nick #MultiMode +Pnt" +} +send "mODe #multimode +b\r" +expect { + timeout { exit 1 } + "367 nick #MultiMode banned!~ghost@example.com ngircd.test.server" +} +expect { + timeout { exit 1 } + "368 nick #MultiMode" +} send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/kick-test.e b/src/testsuite/kick-test.e index 89da611d..a8038796 100644 --- a/src/testsuite/kick-test.e +++ b/src/testsuite/kick-test.e @@ -109,5 +109,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/message-test.e b/src/testsuite/message-test.e index 9eb22e77..28d4a93f 100644 --- a/src/testsuite/message-test.e +++ b/src/testsuite/message-test.e @@ -148,5 +148,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/misc-test.e b/src/testsuite/misc-test.e index f69e7c3c..8896624b 100644 --- a/src/testsuite/misc-test.e +++ b/src/testsuite/misc-test.e @@ -160,5 +160,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "ERROR" + "ERROR :Closing connection" } diff --git a/src/testsuite/mode-test.e b/src/testsuite/mode-test.e index 86e4f2df..668e57c6 100644 --- a/src/testsuite/mode-test.e +++ b/src/testsuite/mode-test.e @@ -171,5 +171,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/ngircd-test1.conf b/src/testsuite/ngircd-test1.conf index ab240a7c..233238aa 100644 --- a/src/testsuite/ngircd-test1.conf +++ b/src/testsuite/ngircd-test1.conf @@ -63,4 +63,10 @@ Name = +ModelessChannel Topic = A modeless Channel +[Channel] + Name = MultiMode + Modes = +n +b nick!~user + Modes = +t + Modes = +b banned!~ghost@example.com + # -eof- diff --git a/src/testsuite/ngircd-test3.conf b/src/testsuite/ngircd-test3.conf new file mode 100644 index 00000000..1117e37b --- /dev/null +++ b/src/testsuite/ngircd-test3.conf @@ -0,0 +1,31 @@ +# ngIRCd test suite +# configuration file for test server #1 + +[Global] + Name = ngircd.test.server + Info = ngIRCd Test-Server 3 + Listen = 127.0.0.1 + Ports = 6789 + MotdFile = ngircd-test3.motd + AdminEMail = admin@irc.server + +[SSL] + CertFile = ssl/cert.pem + KeyFile = ssl/key.pem + DHFile = ssl/dhparams.pem + Ports = 6790 + + +[Limits] + MaxConnectionsIP = 0 + MaxJoins = 4 + MaxPenaltyTime = 1 + +[Options] + OperCanUseMode = yes + Ident = no + IncludeDir = /var/empty + DNS = no + PAM = no + +# -eof- diff --git a/src/testsuite/opless-channel-test.e b/src/testsuite/opless-channel-test.e index 4611fe17..cd4f9a0b 100644 --- a/src/testsuite/opless-channel-test.e +++ b/src/testsuite/opless-channel-test.e @@ -29,5 +29,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/prep-server3 b/src/testsuite/prep-server3 new file mode 100755 index 00000000..c76b2502 --- /dev/null +++ b/src/testsuite/prep-server3 @@ -0,0 +1,7 @@ +#!/bin/sh -e +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -eu +mkdir -p ssl +cp "${srcdir}"/ssl/cert-my-first-domain-tld.pem ssl/cert.pem +cp "${srcdir}"/ssl/key-my-first-domain-tld.pem ssl/key.pem +cp "${srcdir}"/ssl/dhparams-my-first-domain-tld.pem ssl/dhparams.pem diff --git a/src/testsuite/reload-server.sh b/src/testsuite/reload-server.sh new file mode 100755 index 00000000..8d6fd2bc --- /dev/null +++ b/src/testsuite/reload-server.sh @@ -0,0 +1,31 @@ +#!/bin/sh +# ngIRCd Test Suite + +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u + +# read in functions +. "${srcdir}/functions.inc" + +if [ -n "$1" ]; then + id="$1"; shift +else + id="1" +fi + +echo_n "reloading server ${id} ..." + +# reload (sighup) test-server ... +pid=`./getpid.sh T-ngircd${id}` +if [ -z "$pid" ]; then + echo " failure: no running server found!?" + exit 1 +fi +kill -HUP $pid >/dev/null 2>&1; r=$? +if [ $r -eq 0 ]; then + sleep 2 + echo " ok". + kill -0 $pid && exit 0 +fi +echo " failure: server ${id} could not be reloaded!" +exit 1 diff --git a/src/testsuite/reload-server3 b/src/testsuite/reload-server3 new file mode 100755 index 00000000..da7b37eb --- /dev/null +++ b/src/testsuite/reload-server3 @@ -0,0 +1,7 @@ +#!/bin/sh +# ngIRCd Test Suite + +[ -z "$srcdir" ] && srcdir=`dirname $0` +${srcdir}/reload-server.sh 3 + +# -eof- diff --git a/src/testsuite/server-link-test.e b/src/testsuite/server-link-test.e index 910f8c84..48230afe 100644 --- a/src/testsuite/server-link-test.e +++ b/src/testsuite/server-link-test.e @@ -46,5 +46,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "ERROR" + "ERROR :Closing connection" } diff --git a/src/testsuite/server-login-test.e b/src/testsuite/server-login-test.e index b5226a7d..bdf95e09 100644 --- a/src/testsuite/server-login-test.e +++ b/src/testsuite/server-login-test.e @@ -45,7 +45,7 @@ expect { } expect { timeout { exit 1 } - ":ngircd.test.server CHANINFO #FullKeyed +Plk Secret 0 :" + ":ngircd.test.server CHANINFO #FullKeyed +Pkl Secret 0 :" } expect { timeout { exit 1 } diff --git a/src/testsuite/ssl/cert-my-first-domain-tld.pem b/src/testsuite/ssl/cert-my-first-domain-tld.pem new file mode 100644 index 00000000..1b3961d9 --- /dev/null +++ b/src/testsuite/ssl/cert-my-first-domain-tld.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEDDCCAnSgAwIBAgIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNteS5m +aXJzdC5kb21haW4udGxkMB4XDTIwMDQyNDA4MjQyNVoXDTQ3MDkxMDA4MjQyNVow +HjEcMBoGA1UEAxMTbXkuZmlyc3QuZG9tYWluLnRsZDCCAaIwDQYJKoZIhvcNAQEB +BQADggGPADCCAYoCggGBAJ3HvAIDQxL/o7yoemMH5OZEXyFTQ/Q838UY0lXbWBb0 +Lsz9ft0UFtu/SSabHLLJHQME99IyleYiMwi0Y3oqDCVZp6eqeKS7MTRIot2D1m4T +QsK13dAvZOaEYPsltdsFDCP75s07tDp9aYYsHDsNhHu8LxUachmb3747/v1E1TGZ +T5BSnzGxEsQo1vzKKMpMbjct1d3zdQRB1o/r6BlaPykTAaB1DkM7GOOdtprhO/Sh +PbfXL+BHgldPbxboul7NTt1r2CfqFmz4Pi4PbCruv0HVG8N8egN6Jb80UuwOiCcM +BxY9uhCh6ZPoZ9ufmGALhkgD0rlt/sQfKQ0EImzx8cC/6zvSfJQ0WazLp/wCImkP +QZwKm/U6RMHWtthHg4pJRsYF5rL2+YMqebTcG655+fgQm9EI+ZcAqWIbnogGA046 +oS1X7805ogBo7OPMlJ19NjxOc3yS9dXlk6hEe0AKSCCusy4lI4gcGd2gwmAtXp3i +ZVkFBsUsmBe3x5sEAEVVyQIDAQABo1UwUzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQM +MAoGCCsGAQUFBwMBMA8GA1UdDwEB/wQFAwMHoAAwHQYDVR0OBBYEFFst+QAEUdCP +V80/hmOEBKtjOMRLMA0GCSqGSIb3DQEBCwUAA4IBgQCOEIJgi0H1lc33dU8Na4// +CI3rOOYwFnSiiUe8A5n38LsU2ZrwwJmn60JgNdAmrNkXTI8qNTuTU6XIOAqq32FY +wdNqPt7wE7UDRMQeMDlLNo+lnuI1XrBxk9mEpfmyGeGqeIDIr5vlEWs4Snr73RC0 +iQBUD6qGdhZa/ABm342psSA4OxtjCn6mBBT/gSi8yCO0Po8yFvndGMe3kNQFwir4 +supxptzqFDCDOQOYSgUy2QT7wlFAqPdZWMSepdeoaBYrqBsvf9shWC0iChKJxnCp +SVZpoPysxuVyQMKjjzTJcNDwydMyIny4Z9rt+kkvgn/JDxIQe1+jJ8dJR+VWQeNe +we604uEsN0hWq1FkkMO8NQdbM4xipDciEanHunWvwFkXuIuc0aEpqIchU32O2wav +ck8ytssLLQDGaJLHx6iOB2MCi8HbS8U9xfrg8JJIFnxmnkKdI6x2akzYm+nqDxqQ +dGeoVJgegiamYlydkGskw04oGkD16H0LQwlzsDwgvP8= +-----END CERTIFICATE----- diff --git a/src/testsuite/ssl/cert-my-second-domain-tld.pem b/src/testsuite/ssl/cert-my-second-domain-tld.pem new file mode 100644 index 00000000..f8d89850 --- /dev/null +++ b/src/testsuite/ssl/cert-my-second-domain-tld.pem @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEDjCCAnagAwIBAgIBATANBgkqhkiG9w0BAQsFADAfMR0wGwYDVQQDExRteS5z +ZWNvbmQuZG9tYWluLnRsZDAeFw0yMDA0MjQwODIzNDBaFw00NzA5MTAwODIzNDBa +MB8xHTAbBgNVBAMTFG15LnNlY29uZC5kb21haW4udGxkMIIBojANBgkqhkiG9w0B +AQEFAAOCAY8AMIIBigKCAYEA4+442scsdqSf6O4UO/RskMzOX8BhDcSwrhGe97jd +CuQKUqS6OT1UoHK0DdMkxHlOMhifPzKxoBQlI/02l14tV//xNArKj4a+BZzNS1mp +3adjgTc3uRDQHmHVZUzH4VXhL2zZ1EXVaJULZVWJYAqMW8GOObs+Kwijo+zxBGRs +96Re9sg3XMkCUN+ZMoCpqoU4R/QiJ5z7B4AXS9CVcvczQKiULn1otP+UQQ4ABHlN +t8pZzR6P/WGy91PvGt5wWfpReGveP/Zl2tksVXXs0CQgteneblYVzj01MaobVW59 +/LGUpe0oQy2rtzQVX3DZkDoGwGh4lof2Af+xMjCbVL6oDbPPooXG8TJnDP3AVhMG +KIb+EhBUIEJnd/z6ZXTWbv0KQOt4wiVBzuXVBf7xxn/aH4+3kyrnj7CsUHXM4++x +KRZq7gaP7nRbN22rw+WCHnqvMfAGnS7/6AjKFUWxmNWxRXMX+ehsSbT/XQnQm88e +oUBLzQc4JrNSPklVJ82Qp19tAgMBAAGjVTBTMAwGA1UdEwEB/wQCMAAwEwYDVR0l +BAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUdnjZogYk +7JK21Fj2NfYwrtJzK1EwDQYJKoZIhvcNAQELBQADggGBABDreWdgeyLMvqv1fO1f +zbkSxUp57XoQsX3G/1nUfjT2Zujxwvu8D9N74R3I/BsxVTiI4RL2LZj33q+eq0KX +LG/zBH2DEBheMmQtbMS6Ah+MTSlvG8SDlRRYPEVdYYtXOwskGNyIwcqNTr0j2Mrn +Zlre0VJQc5r94seoVCjCseio26I9qf0LW2QsGfk4vSMJlhTRkcbBjKABG8xGXv61 ++Hd4OFA0e/gOzFZFwDxWEsks5d8w6kzyipdGcCezBhlDi/qNCAex1GVTdUsCbGNS +9N2i1Cty01AJbrkfWwKCc/Xg/YV/9PVncoiwJSIILllmFvLPu0vRof8AX/4DxEkS +YFnN2x+qyukW+DfSnC3YSqyKdKtvB0U0Xf4tcHQfX2kHS/PqOIR6F9trY45ZlXoA +nQKf1vcsIJzHW1mi9SvyVgyp3HftPw5xIU15mHRHBfBEzkVNwZJxyCl6nd++4vMS +DmzpJPCT/a8rl1Jj5yyQ5zJp06Z7FbPpkT9kiAB5+U/vKw== +-----END CERTIFICATE----- diff --git a/src/testsuite/ssl/dhparams-my-first-domain-tld.pem b/src/testsuite/ssl/dhparams-my-first-domain-tld.pem new file mode 100644 index 00000000..011750bb --- /dev/null +++ b/src/testsuite/ssl/dhparams-my-first-domain-tld.pem @@ -0,0 +1,77 @@ + +Recommended key length: 256 bits + +generator: + 39:76:54:fb:49:4c:58:2c:f6:62:3a:81:d1:1e:ef:55 + 97:da:5a:9c:f8:11:e4:23:26:91:e2:d4:14:94:14:e1 + d2:82:69:b6:f0:2e:af:08:cc:bc:21:0d:e5:a7:40:f9 + 8d:18:a2:52:6a:41:de:57:c7:17:0d:23:b9:36:3c:33 + ef:ff:0b:85:b1:a9:59:65:49:46:36:3b:57:e4:b7:91 + 4b:6c:56:1a:47:44:d8:5b:8a:bd:93:93:41:81:01:9d + 31:8d:3d:b8:a6:6c:7e:48:aa:86:b6:68:eb:66:0b:f3 + 42:58:c5:ef:65:75:9d:8d:0f:18:21:25:86:40:a6:fd + 23:15:58:82:57:df:b6:0d:e5:c9:f1:85:ef:ec:ae:4a + b4:1b:70:ac:f5:c8:75:57:d6:4b:17:ca:f1:a1:45:13 + c0:e7:2b:b9:26:92:c0:a1:c4:ba:87:4e:b7:37:2f:6c + 02:51:86:95:2d:f3:c1:7e:c1:f7:00:52:00:0d:43:f2 + aa:8d:af:f6:5a:4f:a8:65:a5:26:af:58:fa:5d:fb:77 + 42:e2:1e:19:f5:0f:8a:f2:9b:6b:9a:c0:2c:60:4f:45 + da:9c:54:97:67:6a:e3:62:b9:c1:a0:3d:bf:cb:aa:22 + 23:3b:08:bc:29:6a:a5:91:5e:76:1b:60:1d:c2:02:85 + 2e:c6:85:20:5a:6e:0b:84:e3:e3:88:4e:c5:48:f3:c8 + c1:71:b0:22:22:70:00:27:99:c6:dc:50:62:2d:be:55 + 65:af:60:d7:43:44:2f:97:72:a2:66:48:fa:ee:af:7a + 81:cc:77:97:95:61:74:37:44:f2:b9:8e:9a:90:e4:45 + 89:69:66:fe:52:fe:82:d2:de:4c:11:64:a2:c3:6e:00 + e4:a7:58:4f:e9:61:0d:d2:72:a1:fb:72:89:84:73:64 + de:1a:2c:0f:7e:46:5f:73:f6:67:3f:14:86:1c:90:bf + 49:d6:d1:3c:6a:6a:8b:42:29:22:02:47:c4:b9:bb:64 + + +prime: + 90:cb:d2:ec:9f:0c:6c:69:f5:c0:46:e1:9c:fc:4d:3b + ff:65:40:32:66:d5:fa:e0:ee:88:7d:35:ad:5e:1a:37 + 07:db:c0:ed:a4:b2:94:ed:41:b4:be:be:35:e3:36:ff + 04:c2:48:4d:f0:e9:d2:54:54:de:10:4b:1c:6b:0e:e6 + 8f:c1:8a:9f:9d:e2:f0:9e:35:52:b7:2a:29:5e:e1:95 + c0:e0:6e:2b:a9:eb:00:fb:fe:90:d9:aa:02:2d:52:e5 + 09:fe:5a:e9:5e:73:e1:94:d1:a5:a1:f5:3b:97:e8:53 + 67:ea:86:a7:f2:70:5c:31:7f:ed:23:f1:ce:01:62:e5 + 0c:7b:7c:18:67:ec:42:35:e8:d1:3d:e1:74:f9:77:02 + fb:8d:24:a7:bf:3a:38:36:cf:82:9e:90:b2:7c:c3:f3 + d3:e4:f1:55:ca:4b:1e:5e:50:b9:3b:d8:6a:6c:c2:51 + a9:a7:e2:86:02:ef:7b:c2:d1:80:e2:dd:e0:7c:e2:03 + e5:b1:e9:5b:45:c7:56:bb:37:56:9a:4a:0e:7e:b6:f6 + a5:95:ef:93:5f:f9:38:16:e3:73:b5:68:a7:98:15:a2 + 6c:ff:6b:2e:89:f7:9f:f8:a9:d7:ce:a4:9a:de:cb:42 + 90:40:7b:fe:6c:3a:e0:4c:42:fe:0c:af:4e:7f:37:be + fd:3b:31:17:f6:30:0d:52:a5:ca:19:c3:c6:a4:dc:48 + ec:59:02:6e:5a:80:b8:09:7d:3d:9a:00:32:7a:d7:fe + 84:38:12:22:7f:c6:97:88:91:05:7f:ba:74:2b:8c:36 + a0:e4:d7:1c:22:2f:0b:6a:cb:a8:71:40:d2:b1:ed:9f + 43:79:2f:a6:34:7d:c0:65:c4:04:fa:d4:5c:14:7c:4b + 6f:cb:b2:f8:f0:91:05:33:b7:23:58:e8:4d:ff:3f:ef + a4:f3:17:78:9b:5b:f6:f1:49:82:12:de:5d:f7:1d:47 + 1e:08:7f:ee:2d:10:68:f8:a5:97:03:9d:32:d2:9c:b7 + + + +-----BEGIN DH PARAMETERS----- +MIIDDQKCAYEAkMvS7J8MbGn1wEbhnPxNO/9lQDJm1frg7oh9Na1eGjcH28DtpLKU +7UG0vr414zb/BMJITfDp0lRU3hBLHGsO5o/Bip+d4vCeNVK3Kile4ZXA4G4rqesA ++/6Q2aoCLVLlCf5a6V5z4ZTRpaH1O5foU2fqhqfycFwxf+0j8c4BYuUMe3wYZ+xC +NejRPeF0+XcC+40kp786ODbPgp6QsnzD89Pk8VXKSx5eULk72GpswlGpp+KGAu97 +wtGA4t3gfOID5bHpW0XHVrs3VppKDn629qWV75Nf+TgW43O1aKeYFaJs/2suifef ++KnXzqSa3stCkEB7/mw64ExC/gyvTn83vv07MRf2MA1SpcoZw8ak3EjsWQJuWoC4 +CX09mgAyetf+hDgSIn/Gl4iRBX+6dCuMNqDk1xwiLwtqy6hxQNKx7Z9DeS+mNH3A +ZcQE+tRcFHxLb8uy+PCRBTO3I1joTf8/76TzF3ibW/bxSYIS3l33HUceCH/uLRBo ++KWXA50y0py3AoIBgDl2VPtJTFgs9mI6gdEe71WX2lqc+BHkIyaR4tQUlBTh0oJp +tvAurwjMvCEN5adA+Y0YolJqQd5XxxcNI7k2PDPv/wuFsalZZUlGNjtX5LeRS2xW +GkdE2FuKvZOTQYEBnTGNPbimbH5Iqoa2aOtmC/NCWMXvZXWdjQ8YISWGQKb9IxVY +glfftg3lyfGF7+yuSrQbcKz1yHVX1ksXyvGhRRPA5yu5JpLAocS6h063Ny9sAlGG +lS3zwX7B9wBSAA1D8qqNr/ZaT6hlpSavWPpd+3dC4h4Z9Q+K8ptrmsAsYE9F2pxU +l2dq42K5waA9v8uqIiM7CLwpaqWRXnYbYB3CAoUuxoUgWm4LhOPjiE7FSPPIwXGw +IiJwACeZxtxQYi2+VWWvYNdDRC+XcqJmSPrur3qBzHeXlWF0N0TyuY6akORFiWlm +/lL+gtLeTBFkosNuAOSnWE/pYQ3ScqH7comEc2TeGiwPfkZfc/ZnPxSGHJC/SdbR +PGpqi0IpIgJHxLm7ZAICAQA= +-----END DH PARAMETERS----- diff --git a/src/testsuite/ssl/dhparams-my-second-domain-tld.pem b/src/testsuite/ssl/dhparams-my-second-domain-tld.pem new file mode 100644 index 00000000..a1588610 --- /dev/null +++ b/src/testsuite/ssl/dhparams-my-second-domain-tld.pem @@ -0,0 +1,77 @@ + +Recommended key length: 256 bits + +generator: + da:16:f5:61:0c:09:de:cd:9b:be:b8:2b:c9:96:97:1b + fc:29:b2:a5:1b:ee:d3:36:bd:6c:73:7e:1c:2a:35:71 + 26:c6:54:b6:28:24:db:87:9d:fc:9e:26:28:e9:01:b8 + 85:f2:02:9b:6a:c3:f5:3a:85:ae:1d:8c:e9:e8:c4:41 + 3a:78:2f:9e:f0:2a:77:18:99:a6:91:2b:2b:8c:10:98 + 89:04:d9:03:5f:4f:77:d6:27:1d:5e:ee:a2:d0:b1:c8 + a7:64:b4:7a:67:5f:aa:3f:02:b0:d2:f7:cd:4c:7a:9d + 63:57:99:8c:89:17:3f:2d:2d:1d:f5:58:61:49:62:54 + 55:17:be:ea:43:03:44:d7:02:39:67:26:b3:7a:4f:00 + a3:a1:3b:d9:f3:aa:7a:c5:00:46:86:92:e2:2e:d8:09 + ee:ca:97:06:c5:33:e5:99:f3:4c:46:81:50:59:6b:60 + fb:a3:24:2a:f8:8f:e0:fb:a5:c3:9a:7d:f7:f2:d7:30 + e5:1b:fa:15:a0:ca:6d:f5:64:4f:20:a3:fb:f4:31:55 + b5:58:c4:6f:06:7d:5d:36:16:03:31:73:57:6b:39:c6 + 10:21:d9:f0:eb:74:43:2e:b0:da:ee:96:86:6e:0c:b5 + 08:78:af:3d:9b:66:71:bc:05:63:9d:aa:a6:2e:bc:c9 + c0:e4:a4:c6:60:e8:5d:d2:96:55:a3:72:4e:7a:ec:b2 + a8:23:b9:3f:7c:33:5d:f0:5f:29:57:cd:8e:9a:fd:7b + b6:83:7f:56:ba:64:bd:a8:1c:83:7f:ee:04:f1:bb:1f + 70:6d:08:46:a2:95:e6:6e:2a:54:44:d9:af:9d:22:a4 + 50:6d:88:65:de:05:89:99:75:7e:0c:12:d9:25:43:f7 + da:b6:41:f8:60:68:f7:6a:f6:a4:8d:8b:93:82:87:56 + c1:80:4d:e6:66:37:1e:22:5c:86:90:d1:8e:02:3a:18 + 34:84:6a:da:e5:4f:a5:4f:29:78:46:97:71:24:80:92 + + +prime: + f8:98:84:b9:b2:75:39:d5:da:14:fa:4a:03:96:57:78 + 95:4e:8c:ba:c3:89:de:36:2c:4a:2b:0a:31:08:09:89 + bb:f6:00:a1:0b:64:02:52:1e:3f:23:67:df:2c:97:7a + 7a:81:e0:b0:ae:00:bf:a6:8f:02:e1:62:d4:dc:9e:62 + 9a:27:f2:cf:4f:88:73:96:de:8a:61:1c:ac:3f:bb:f3 + 0d:be:5e:07:3b:6f:da:0c:10:03:b5:b2:5a:60:3e:c8 + 6f:aa:2c:3e:92:b9:ec:ee:08:29:90:c3:5e:8e:c1:a4 + a7:1a:ab:87:f8:70:13:e8:b1:2f:b5:79:c1:bb:8f:21 + 76:b4:1f:ba:91:62:f9:d3:3a:d7:c8:23:00:3e:fe:a5 + 49:51:f8:eb:9f:46:e3:7d:1a:d3:54:a1:3a:d1:4b:05 + ec:77:6e:80:dc:1b:22:e1:36:2a:a1:75:20:8c:48:bd + 53:a6:24:c0:b2:47:36:51:0d:69:b3:cc:e6:fe:8c:34 + 0e:1f:16:03:af:81:b7:62:11:a8:82:06:c2:70:00:23 + fe:0e:e0:fa:a1:e7:3d:cc:81:ae:76:f4:3e:66:84:df + 3f:63:ba:4e:aa:21:1d:5c:a2:a2:55:0e:53:31:40:7d + 7a:99:20:77:23:82:0c:a7:b3:1b:dd:13:fc:23:5f:6d + 58:6c:a7:1f:f6:1a:7c:2a:57:31:c1:10:7b:f1:54:a9 + 8c:49:7f:17:14:5f:a4:69:16:11:6c:7d:1d:eb:d4:88 + ab:6b:f8:8d:8b:be:0d:45:c7:7b:04:4f:a3:5f:f4:4f + 83:12:0c:00:73:5d:57:02:0c:95:b6:ce:70:60:52:80 + 05:79:55:ed:99:e3:0c:23:dc:23:cd:9b:d3:a5:8e:4d + 94:c8:61:2d:56:b1:15:19:ca:b2:2c:76:7c:89:04:44 + 18:5c:72:1e:03:9b:e0:dd:69:44:9f:68:0d:c4:2a:34 + 5e:bd:4f:6c:14:41:93:08:0d:4b:4d:de:97:41:9b:8d + + + +-----BEGIN DH PARAMETERS----- +MIIDDgKCAYEA+JiEubJ1OdXaFPpKA5ZXeJVOjLrDid42LEorCjEICYm79gChC2QC +Uh4/I2ffLJd6eoHgsK4Av6aPAuFi1NyeYpon8s9PiHOW3ophHKw/u/MNvl4HO2/a +DBADtbJaYD7Ib6osPpK57O4IKZDDXo7BpKcaq4f4cBPosS+1ecG7jyF2tB+6kWL5 +0zrXyCMAPv6lSVH4659G430a01ShOtFLBex3boDcGyLhNiqhdSCMSL1TpiTAskc2 +UQ1ps8zm/ow0Dh8WA6+Bt2IRqIIGwnAAI/4O4Pqh5z3Mga529D5mhN8/Y7pOqiEd +XKKiVQ5TMUB9epkgdyOCDKezG90T/CNfbVhspx/2GnwqVzHBEHvxVKmMSX8XFF+k +aRYRbH0d69SIq2v4jYu+DUXHewRPo1/0T4MSDABzXVcCDJW2znBgUoAFeVXtmeMM +I9wjzZvTpY5NlMhhLVaxFRnKsix2fIkERBhcch4Dm+DdaUSfaA3EKjRevU9sFEGT +CA1LTd6XQZuNAoIBgQDaFvVhDAnezZu+uCvJlpcb/CmypRvu0za9bHN+HCo1cSbG +VLYoJNuHnfyeJijpAbiF8gKbasP1OoWuHYzp6MRBOngvnvAqdxiZppErK4wQmIkE +2QNfT3fWJx1e7qLQscinZLR6Z1+qPwKw0vfNTHqdY1eZjIkXPy0tHfVYYUliVFUX +vupDA0TXAjlnJrN6TwCjoTvZ86p6xQBGhpLiLtgJ7sqXBsUz5ZnzTEaBUFlrYPuj +JCr4j+D7pcOafffy1zDlG/oVoMpt9WRPIKP79DFVtVjEbwZ9XTYWAzFzV2s5xhAh +2fDrdEMusNruloZuDLUIeK89m2ZxvAVjnaqmLrzJwOSkxmDoXdKWVaNyTnrssqgj +uT98M13wXylXzY6a/Xu2g39WumS9qByDf+4E8bsfcG0IRqKV5m4qVETZr50ipFBt +iGXeBYmZdX4MEtklQ/fatkH4YGj3avakjYuTgodWwYBN5mY3HiJchpDRjgI6GDSE +atrlT6VPKXhGl3EkgJICAgEA +-----END DH PARAMETERS----- diff --git a/src/testsuite/ssl/key-my-first-domain-tld.pem b/src/testsuite/ssl/key-my-first-domain-tld.pem new file mode 100644 index 00000000..667ffacc --- /dev/null +++ b/src/testsuite/ssl/key-my-first-domain-tld.pem @@ -0,0 +1,182 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: High (3072 bits) + +modulus: + 00:9d:c7:bc:02:03:43:12:ff:a3:bc:a8:7a:63:07:e4 + e6:44:5f:21:53:43:f4:3c:df:c5:18:d2:55:db:58:16 + f4:2e:cc:fd:7e:dd:14:16:db:bf:49:26:9b:1c:b2:c9 + 1d:03:04:f7:d2:32:95:e6:22:33:08:b4:63:7a:2a:0c + 25:59:a7:a7:aa:78:a4:bb:31:34:48:a2:dd:83:d6:6e + 13:42:c2:b5:dd:d0:2f:64:e6:84:60:fb:25:b5:db:05 + 0c:23:fb:e6:cd:3b:b4:3a:7d:69:86:2c:1c:3b:0d:84 + 7b:bc:2f:15:1a:72:19:9b:df:be:3b:fe:fd:44:d5:31 + 99:4f:90:52:9f:31:b1:12:c4:28:d6:fc:ca:28:ca:4c + 6e:37:2d:d5:dd:f3:75:04:41:d6:8f:eb:e8:19:5a:3f + 29:13:01:a0:75:0e:43:3b:18:e3:9d:b6:9a:e1:3b:f4 + a1:3d:b7:d7:2f:e0:47:82:57:4f:6f:16:e8:ba:5e:cd + 4e:dd:6b:d8:27:ea:16:6c:f8:3e:2e:0f:6c:2a:ee:bf + 41:d5:1b:c3:7c:7a:03:7a:25:bf:34:52:ec:0e:88:27 + 0c:07:16:3d:ba:10:a1:e9:93:e8:67:db:9f:98:60:0b + 86:48:03:d2:b9:6d:fe:c4:1f:29:0d:04:22:6c:f1:f1 + c0:bf:eb:3b:d2:7c:94:34:59:ac:cb:a7:fc:02:22:69 + 0f:41:9c:0a:9b:f5:3a:44:c1:d6:b6:d8:47:83:8a:49 + 46:c6:05:e6:b2:f6:f9:83:2a:79:b4:dc:1b:ae:79:f9 + f8:10:9b:d1:08:f9:97:00:a9:62:1b:9e:88:06:03:4e + 3a:a1:2d:57:ef:cd:39:a2:00:68:ec:e3:cc:94:9d:7d + 36:3c:4e:73:7c:92:f5:d5:e5:93:a8:44:7b:40:0a:48 + 20:ae:b3:2e:25:23:88:1c:19:dd:a0:c2:60:2d:5e:9d + e2:65:59:05:06:c5:2c:98:17:b7:c7:9b:04:00:45:55 + c9: + +public exponent: + 01:00:01: + +private exponent: + 45:26:8b:e4:c9:ef:34:bd:6b:d2:bc:78:5f:3c:cf:7a + 88:4e:b5:39:5c:18:08:31:fe:9d:21:5a:55:b6:e6:e0 + 80:3e:81:7f:7f:7f:55:81:5b:f5:c0:80:cc:f4:22:a6 + 9f:73:26:f6:2e:0b:7a:80:54:a3:a5:03:d0:3f:eb:70 + d7:39:5e:87:9d:36:7d:80:54:2c:dd:8c:7e:42:95:9d + c5:6d:b6:ed:8f:57:a6:3e:4d:98:7f:9a:08:79:04:5e + 4c:cb:13:5d:b1:a4:0c:da:78:4c:40:ba:e2:ba:ca:ec + bc:0e:5a:8e:6b:a1:83:aa:6d:22:b8:5f:e2:32:19:f9 + da:60:23:85:f7:ee:66:8e:28:64:09:08:c5:15:dc:a7 + 95:71:76:41:3f:79:72:b3:34:49:81:98:08:bc:7f:e0 + 0d:9f:71:e6:bb:a8:85:97:23:f3:34:5b:ef:09:2a:ef + 1c:30:9d:94:33:14:c4:30:65:f5:07:32:5a:b4:40:00 + 77:4e:93:b3:f4:6a:9d:9f:dc:6b:8f:0b:43:81:43:ff + d5:43:a9:93:68:f5:ab:2b:b9:8e:36:7b:13:0e:11:51 + 5f:aa:46:24:a7:3b:19:4d:31:e9:2a:a2:7b:d4:a8:68 + 38:9e:70:dd:68:9a:a0:f8:f3:27:40:b2:24:1b:80:93 + 7e:ae:d1:25:6e:90:7d:7f:52:84:a8:46:1b:54:c9:c7 + 9a:e5:a0:06:94:bd:d4:94:33:c7:25:f4:6c:13:e3:38 + e0:83:97:51:aa:52:25:06:d9:64:b2:dc:79:53:e5:37 + 0e:e4:33:e6:f4:bb:10:1a:66:11:9f:86:69:b0:2f:9c + b4:f8:89:e6:a4:a1:96:5e:14:3d:a4:24:51:21:98:17 + 28:46:79:85:75:e6:f4:79:26:8a:db:18:94:35:07:ab + de:5f:49:e5:88:02:95:13:d6:ac:ca:e6:4d:65:be:8f + a5:f5:27:da:a9:72:b0:d5:6d:9a:4d:45:b6:69:a4:4d + + +prime1: + 00:c2:19:9f:3e:b1:d3:f8:18:d0:79:56:3f:6d:d5:67 + 6b:0b:48:bd:4a:b6:c1:c9:1d:70:b5:ff:73:cf:bc:37 + 09:e9:b0:15:a6:6c:ff:bd:20:c9:ea:67:09:ce:f7:fe + d1:74:c3:d4:4b:87:38:47:9f:7b:b2:77:a3:a2:db:7d + 64:d2:77:dc:50:a3:56:2e:44:2a:1c:90:5d:f2:f9:e8 + 4f:84:43:83:a6:b2:48:c4:dc:26:bd:87:d3:e3:f3:be + 20:cb:7e:ce:ea:b7:93:1f:b9:6b:57:ee:73:d7:d6:08 + 35:b9:10:2f:60:03:e5:68:d5:5d:59:c7:e8:66:7a:51 + 6a:59:75:71:4a:be:1f:83:9c:01:bc:d0:5c:e5:7b:a6 + 5d:7f:f2:4a:e0:a2:31:58:c3:5d:c7:a5:2f:19:1e:10 + 56:c0:fb:83:35:84:c3:d7:ca:f7:3d:9f:1d:95:5e:3f + 7d:d9:9d:ef:15:a2:15:c2:ae:ff:92:74:db:92:ae:21 + 43: + +prime2: + 00:d0:18:f2:f7:da:77:4a:6f:60:a0:93:92:d6:7e:da + bf:86:19:df:70:f5:41:99:eb:13:49:6d:c2:79:7c:51 + 20:4f:b0:10:01:0d:87:17:90:87:78:41:22:95:f1:72 + 2b:78:97:c3:12:6a:ca:49:73:50:68:fa:d7:12:56:5e + d5:bc:3f:eb:e5:ec:55:82:1b:2d:c8:15:da:d4:63:81 + 0e:b3:45:bb:1f:52:9b:b6:3a:96:36:87:79:43:cd:58 + 5d:a4:11:f6:a4:77:5f:9e:df:26:b2:e1:5d:0a:8d:bf + 32:9d:52:1e:9b:21:66:ca:45:23:23:f4:04:71:23:9a + 4b:19:e3:10:ff:12:9c:90:b5:ae:80:3e:0e:a8:67:64 + 61:ff:4e:83:db:ae:34:22:94:58:b9:e1:c3:bf:c5:39 + d2:60:a0:b2:7e:e0:08:92:b7:f2:8c:28:69:2c:9c:97 + 59:b6:55:d9:0a:ff:c3:d3:b4:a6:eb:5a:55:35:59:26 + 03: + +coefficient: + 51:2c:52:fc:45:b3:05:bf:1b:ca:e3:12:a6:b1:20:8a + 52:98:d0:87:84:a0:a5:04:12:19:af:13:4c:8c:3c:d7 + 91:bb:c8:0d:cc:7e:14:89:4c:bf:05:c2:fe:f2:7e:29 + 5c:5a:3e:37:6e:9f:16:66:5f:93:83:87:c8:e9:3c:0e + de:00:44:18:3b:7a:76:d8:fb:32:b2:4b:db:af:c3:11 + 45:3e:55:ae:ac:94:a5:20:ba:11:d5:4f:01:64:a4:c3 + 70:af:4b:e9:23:a1:9e:b8:7a:3f:79:27:e1:2b:ff:a8 + ed:1f:7e:0c:27:11:6e:4d:8c:1f:37:90:a6:98:b9:e3 + 5a:a5:04:65:5e:36:a6:1b:2e:32:f3:14:0f:94:3b:88 + be:94:ee:5d:b0:0b:3f:3e:8b:9b:b6:60:5c:94:5c:88 + 01:54:90:07:8b:69:ab:fe:72:4d:6b:6a:6c:5f:c1:b9 + 5b:52:ef:c6:38:03:06:0c:25:78:73:d1:e1:db:54:46 + + +exp1: + 33:25:37:3d:f8:f3:c6:db:1b:0b:ed:fb:16:c0:f5:d8 + 52:07:df:c1:31:39:0c:fa:91:f9:93:0f:7c:3c:b7:30 + 08:80:da:a3:98:f3:26:6d:de:66:c2:b1:e5:f4:99:13 + ae:35:ef:d9:db:0e:ac:68:cc:da:71:06:10:62:cf:be + e2:6a:ad:06:1e:94:15:ea:e6:41:d2:94:be:f2:b5:11 + 46:e3:d7:6b:f4:6c:92:5b:04:66:4a:c5:3d:ba:bb:6d + be:d1:72:4a:8d:06:da:84:2c:51:e6:46:66:28:42:cf + 8d:2d:43:9e:84:48:4e:00:72:f1:b6:68:79:a0:5f:95 + ab:6e:f3:e4:63:06:c0:d2:39:ee:fb:e4:8e:9f:af:6d + d1:ca:11:8a:f1:92:19:36:99:9e:82:db:4f:3e:09:c6 + 22:61:e3:e8:15:4c:d9:ae:e4:c9:3b:05:3b:97:b3:19 + 41:5f:89:61:64:ed:60:f8:65:e5:bc:9f:23:1e:79:2b + + +exp2: + 5f:18:97:a7:d6:49:1f:55:e8:85:59:0b:08:44:6e:38 + 89:d2:b6:fe:4a:c5:d0:cd:d1:41:84:0c:14:32:50:6c + 80:9e:07:a2:43:89:51:a6:75:91:e9:ca:21:55:76:04 + 11:96:e0:c9:40:cd:f2:64:e5:01:24:68:36:74:0b:e0 + 86:a7:7b:68:d5:e8:79:8d:6c:0d:7c:97:44:e9:b7:e7 + 7c:db:47:d8:d7:8a:5a:eb:49:0b:e0:3a:f5:56:18:a4 + aa:3e:9f:44:a7:5c:a6:20:79:f1:d2:f5:0e:c6:99:f2 + 4a:5c:65:aa:24:c8:71:74:c8:cb:3c:4e:ef:59:02:c0 + 81:32:f7:e8:68:9b:ed:b1:68:ee:27:ed:d0:dd:76:cd + 25:bb:be:9c:1c:6e:ac:c2:b8:0d:31:f3:9f:66:44:b7 + 33:fb:1b:b6:c9:30:81:c3:d7:ee:5e:e5:39:42:d2:13 + 68:34:b0:fb:ca:c7:b5:ae:5f:7d:3c:09:a6:58:77:fb + + + +Public Key PIN: + pin-sha256:nCxZsiBRLBQ0Lz6/eXIc9kEBwXZg06i/XORB+NNXVrE= +Public Key ID: + sha256:9c2c59b220512c14342f3ebf79721cf64101c17660d3a8bf5ce441f8d35756b1 + sha1:5b2df9000451d08f57cd3f86638404ab6338c44b + +-----BEGIN RSA PRIVATE KEY----- +MIIG4gIBAAKCAYEAnce8AgNDEv+jvKh6Ywfk5kRfIVND9DzfxRjSVdtYFvQuzP1+ +3RQW279JJpscsskdAwT30jKV5iIzCLRjeioMJVmnp6p4pLsxNEii3YPWbhNCwrXd +0C9k5oRg+yW12wUMI/vmzTu0On1phiwcOw2Ee7wvFRpyGZvfvjv+/UTVMZlPkFKf +MbESxCjW/MooykxuNy3V3fN1BEHWj+voGVo/KRMBoHUOQzsY4522muE79KE9t9cv +4EeCV09vFui6Xs1O3WvYJ+oWbPg+Lg9sKu6/QdUbw3x6A3olvzRS7A6IJwwHFj26 +EKHpk+hn25+YYAuGSAPSuW3+xB8pDQQibPHxwL/rO9J8lDRZrMun/AIiaQ9BnAqb +9TpEwda22EeDiklGxgXmsvb5gyp5tNwbrnn5+BCb0Qj5lwCpYhueiAYDTjqhLVfv +zTmiAGjs48yUnX02PE5zfJL11eWTqER7QApIIK6zLiUjiBwZ3aDCYC1eneJlWQUG +xSyYF7fHmwQARVXJAgMBAAECggGARSaL5MnvNL1r0rx4XzzPeohOtTlcGAgx/p0h +WlW25uCAPoF/f39VgVv1wIDM9CKmn3Mm9i4LeoBUo6UD0D/rcNc5XoedNn2AVCzd +jH5ClZ3Fbbbtj1emPk2Yf5oIeQReTMsTXbGkDNp4TEC64rrK7LwOWo5roYOqbSK4 +X+IyGfnaYCOF9+5mjihkCQjFFdynlXF2QT95crM0SYGYCLx/4A2fcea7qIWXI/M0 +W+8JKu8cMJ2UMxTEMGX1BzJatEAAd06Ts/RqnZ/ca48LQ4FD/9VDqZNo9asruY42 +exMOEVFfqkYkpzsZTTHpKqJ71KhoOJ5w3WiaoPjzJ0CyJBuAk36u0SVukH1/UoSo +RhtUycea5aAGlL3UlDPHJfRsE+M44IOXUapSJQbZZLLceVPlNw7kM+b0uxAaZhGf +hmmwL5y0+InmpKGWXhQ9pCRRIZgXKEZ5hXXm9HkmitsYlDUHq95fSeWIApUT1qzK +5k1lvo+l9SfaqXKw1W2aTUW2aaRNAoHBAMIZnz6x0/gY0HlWP23VZ2sLSL1KtsHJ +HXC1/3PPvDcJ6bAVpmz/vSDJ6mcJzvf+0XTD1EuHOEefe7J3o6LbfWTSd9xQo1Yu +RCockF3y+ehPhEODprJIxNwmvYfT4/O+IMt+zuq3kx+5a1fuc9fWCDW5EC9gA+Vo +1V1Zx+hmelFqWXVxSr4fg5wBvNBc5XumXX/ySuCiMVjDXcelLxkeEFbA+4M1hMPX +yvc9nx2VXj992Z3vFaIVwq7/knTbkq4hQwKBwQDQGPL32ndKb2Cgk5LWftq/hhnf +cPVBmesTSW3CeXxRIE+wEAENhxeQh3hBIpXxcit4l8MSaspJc1Bo+tcSVl7VvD/r +5exVghstyBXa1GOBDrNFux9Sm7Y6ljaHeUPNWF2kEfakd1+e3yay4V0Kjb8ynVIe +myFmykUjI/QEcSOaSxnjEP8SnJC1roA+DqhnZGH/ToPbrjQilFi54cO/xTnSYKCy +fuAIkrfyjChpLJyXWbZV2Qr/w9O0putaVTVZJgMCgcAzJTc9+PPG2xsL7fsWwPXY +UgffwTE5DPqR+ZMPfDy3MAiA2qOY8yZt3mbCseX0mROuNe/Z2w6saMzacQYQYs++ +4mqtBh6UFermQdKUvvK1EUbj12v0bJJbBGZKxT26u22+0XJKjQbahCxR5kZmKELP +jS1DnoRITgBy8bZoeaBflatu8+RjBsDSOe775I6fr23RyhGK8ZIZNpmegttPPgnG +ImHj6BVM2a7kyTsFO5ezGUFfiWFk7WD4ZeW8nyMeeSsCgcBfGJen1kkfVeiFWQsI +RG44idK2/krF0M3RQYQMFDJQbICeB6JDiVGmdZHpyiFVdgQRluDJQM3yZOUBJGg2 +dAvghqd7aNXoeY1sDXyXROm353zbR9jXilrrSQvgOvVWGKSqPp9Ep1ymIHnx0vUO +xpnySlxlqiTIcXTIyzxO71kCwIEy9+hom+2xaO4n7dDdds0lu76cHG6swrgNMfOf +ZkS3M/sbtskwgcPX7l7lOULSE2g0sPvKx7WuX308CaZYd/sCgcBRLFL8RbMFvxvK +4xKmsSCKUpjQh4SgpQQSGa8TTIw815G7yA3MfhSJTL8Fwv7yfilcWj43bp8WZl+T +g4fI6TwO3gBEGDt6dtj7MrJL26/DEUU+Va6slKUguhHVTwFkpMNwr0vpI6GeuHo/ +eSfhK/+o7R9+DCcRbk2MHzeQppi541qlBGVeNqYbLjLzFA+UO4i+lO5dsAs/Poub +tmBclFyIAVSQB4tpq/5yTWtqbF/BuVtS78Y4AwYMJXhz0eHbVEY= +-----END RSA PRIVATE KEY----- diff --git a/src/testsuite/ssl/key-my-second-domain-tld.pem b/src/testsuite/ssl/key-my-second-domain-tld.pem new file mode 100644 index 00000000..8cfe8d09 --- /dev/null +++ b/src/testsuite/ssl/key-my-second-domain-tld.pem @@ -0,0 +1,182 @@ +Public Key Info: + Public Key Algorithm: RSA + Key Security Level: High (3072 bits) + +modulus: + 00:e3:ee:38:da:c7:2c:76:a4:9f:e8:ee:14:3b:f4:6c + 90:cc:ce:5f:c0:61:0d:c4:b0:ae:11:9e:f7:b8:dd:0a + e4:0a:52:a4:ba:39:3d:54:a0:72:b4:0d:d3:24:c4:79 + 4e:32:18:9f:3f:32:b1:a0:14:25:23:fd:36:97:5e:2d + 57:ff:f1:34:0a:ca:8f:86:be:05:9c:cd:4b:59:a9:dd + a7:63:81:37:37:b9:10:d0:1e:61:d5:65:4c:c7:e1:55 + e1:2f:6c:d9:d4:45:d5:68:95:0b:65:55:89:60:0a:8c + 5b:c1:8e:39:bb:3e:2b:08:a3:a3:ec:f1:04:64:6c:f7 + a4:5e:f6:c8:37:5c:c9:02:50:df:99:32:80:a9:aa:85 + 38:47:f4:22:27:9c:fb:07:80:17:4b:d0:95:72:f7:33 + 40:a8:94:2e:7d:68:b4:ff:94:41:0e:00:04:79:4d:b7 + ca:59:cd:1e:8f:fd:61:b2:f7:53:ef:1a:de:70:59:fa + 51:78:6b:de:3f:f6:65:da:d9:2c:55:75:ec:d0:24:20 + b5:e9:de:6e:56:15:ce:3d:35:31:aa:1b:55:6e:7d:fc + b1:94:a5:ed:28:43:2d:ab:b7:34:15:5f:70:d9:90:3a + 06:c0:68:78:96:87:f6:01:ff:b1:32:30:9b:54:be:a8 + 0d:b3:cf:a2:85:c6:f1:32:67:0c:fd:c0:56:13:06:28 + 86:fe:12:10:54:20:42:67:77:fc:fa:65:74:d6:6e:fd + 0a:40:eb:78:c2:25:41:ce:e5:d5:05:fe:f1:c6:7f:da + 1f:8f:b7:93:2a:e7:8f:b0:ac:50:75:cc:e3:ef:b1:29 + 16:6a:ee:06:8f:ee:74:5b:37:6d:ab:c3:e5:82:1e:7a + af:31:f0:06:9d:2e:ff:e8:08:ca:15:45:b1:98:d5:b1 + 45:73:17:f9:e8:6c:49:b4:ff:5d:09:d0:9b:cf:1e:a1 + 40:4b:cd:07:38:26:b3:52:3e:49:55:27:cd:90:a7:5f + 6d: + +public exponent: + 01:00:01: + +private exponent: + 30:61:85:91:f2:cb:1e:57:ed:55:8d:0b:a0:7a:4e:7d + 21:ec:00:69:1e:70:c4:ba:58:08:87:7c:bf:b1:b3:b9 + 19:f3:d6:e1:6c:7a:f7:36:a3:82:52:98:e9:ea:06:71 + b1:b2:86:42:ec:e8:c5:38:e1:75:55:2f:3c:4c:12:45 + e6:9e:f5:54:01:11:1c:21:c3:a1:37:f6:71:8e:db:ec + c6:f3:4b:9c:39:5d:37:3f:eb:b6:57:2d:48:14:2d:9d + 81:ea:92:06:3b:d8:83:bd:77:50:c8:2a:43:c7:99:69 + 74:99:52:e9:ca:d5:69:9d:0a:93:a5:c9:2f:e3:ed:60 + e7:83:6c:96:4b:cc:a3:00:35:a6:18:11:35:72:6b:9a + b9:b3:39:78:bd:1a:8f:ca:01:a7:e7:1b:81:ee:b4:e3 + 59:a5:32:85:0e:2f:b5:3c:6b:de:a3:e4:4f:37:4e:f6 + d5:be:f3:68:ce:f8:e8:fb:14:c6:e1:26:2c:24:fd:3b + dd:4b:70:c1:20:aa:0b:b5:0d:16:a8:45:4c:97:e9:0b + 08:97:c3:e9:ae:bf:0b:f7:1c:b1:81:63:ea:f4:72:dd + b7:da:5d:ab:21:06:c9:e3:99:3e:6c:c7:15:ca:79:fb + 44:7b:77:06:69:d9:59:a2:3c:b0:96:7b:66:6f:48:0c + 42:87:9c:df:4b:3a:dc:15:1f:48:0a:eb:b0:b1:38:98 + 5b:6d:7f:34:ce:43:60:25:64:7c:8d:c0:d1:69:27:b8 + ac:33:85:be:26:65:98:9f:8a:eb:cf:9a:6b:d7:5b:a3 + 49:60:f9:ff:fb:5f:67:d9:08:20:a1:d8:d0:20:25:d5 + 62:f9:d6:07:82:f6:c6:a6:55:65:71:3f:b8:64:b4:bd + 35:a9:2d:62:6c:cb:2c:e1:96:f0:9e:40:39:03:3b:10 + 38:72:ac:af:6e:0a:ba:ea:f5:c1:c0:c6:86:60:58:a9 + 28:23:6c:dd:8a:f2:84:76:a5:db:ef:f9:29:b9:b4:81 + + +prime1: + 00:f5:32:7d:80:4d:14:b1:3d:a1:ef:1b:7f:22:87:9f + d4:3d:4d:ce:e2:11:96:29:0f:ea:0b:c4:24:9c:9a:fa + 8a:4c:9a:5e:cd:48:aa:ce:6d:c0:fd:d4:53:46:1f:06 + f4:4f:da:2c:e5:f1:cb:19:19:a3:a4:37:11:47:ed:3d + fc:4c:b8:f1:93:b8:d8:f7:6a:dd:5c:bd:51:4d:c6:09 + 27:bc:c9:9a:19:05:0a:e9:00:ec:72:75:7f:89:0d:63 + 65:e2:89:ac:ce:f1:78:20:0a:b8:fd:fd:a5:88:a7:7c + 38:1e:55:7d:16:23:6a:4d:dc:87:56:ef:ff:02:db:bd + 1b:61:60:b5:8f:7a:e1:d1:26:e3:2d:d5:21:bb:03:84 + e2:a8:34:d6:7f:16:61:3c:a2:55:e1:c4:8a:82:61:74 + e0:63:cb:53:fd:6d:6a:0d:f5:b5:55:e0:ef:83:2a:46 + 80:7f:85:57:60:d3:b6:c3:2b:ba:af:88:c8:b8:3c:2c + a1: + +prime2: + 00:ed:f8:fc:68:1c:ae:2e:6d:63:f1:8b:6f:85:5c:5b + ba:3e:68:f9:61:03:44:60:83:90:26:8e:4c:8b:e0:49 + c1:5a:a1:5c:e5:f1:67:43:0b:f6:b5:29:84:40:a8:0f + e8:bf:bf:62:7e:33:ca:86:a2:c4:47:3b:4a:d6:9c:09 + a0:bb:10:00:ec:e6:81:f2:bc:86:3f:58:4d:3a:a4:98 + 94:7e:5d:43:7d:33:3f:53:76:55:d1:73:a4:1f:fb:76 + 75:92:70:8e:82:68:d8:f4:f7:b7:36:fa:3e:cc:a7:7a + fc:a4:7b:8c:72:b4:83:d7:ce:d8:f8:b2:35:ce:36:59 + 7e:95:55:b8:c4:a9:44:26:a1:fe:be:f4:b9:67:bc:12 + c8:e7:c3:0b:8a:51:b6:5c:1b:77:58:1f:53:ac:30:41 + 43:5f:97:a2:fd:70:ac:4a:91:e0:bc:f6:4f:b1:06:47 + 2d:89:77:ae:59:e0:5a:e2:31:c7:d9:a6:10:b8:7e:13 + 4d: + +coefficient: + 2a:54:f9:93:b2:32:7a:c4:b6:41:0e:1a:8a:0e:d9:db + 4b:02:68:8d:15:10:84:42:ba:c9:35:e5:6d:ac:8e:ca + 47:5d:6f:fe:e4:81:c6:ce:ab:7c:b8:5a:59:12:96:a4 + 0b:af:fb:d0:d7:e2:92:60:1b:81:05:4f:43:4c:5c:98 + e1:84:a8:6e:bf:ad:cc:ac:de:26:d5:a8:58:09:45:ec + 38:d8:5d:ec:a7:39:46:88:d1:cc:ea:b9:13:5c:9d:bb + db:69:d0:a7:e4:0e:33:b1:71:eb:13:14:28:72:45:b0 + 71:05:2a:a1:45:26:6c:a1:35:bf:a8:b0:1d:01:80:d9 + af:66:71:3a:f4:e4:3c:fe:e8:68:2b:aa:64:a7:43:f3 + 7f:38:4b:51:a1:ed:73:69:52:30:25:b8:62:5b:c7:cd + 02:f5:6f:4a:21:94:cb:29:44:76:f0:f8:96:50:57:33 + 8c:eb:7b:08:70:fc:bc:fd:69:c1:3a:3a:82:5a:4c:15 + + +exp1: + 71:83:42:5e:97:50:b1:0d:1b:5e:9a:98:2c:e0:24:ba + 18:f7:60:83:80:28:c8:31:b9:e4:60:95:a2:7a:8c:ea + 61:b4:45:97:3b:c0:f7:78:10:14:72:ab:6a:97:0a:9d + 28:2a:95:06:8e:fd:bb:4d:07:59:0a:b5:51:5b:1f:8b + 21:e9:ac:cc:fa:92:57:58:7d:ca:65:4a:b2:7a:af:da + 59:a7:eb:53:11:e6:8f:20:02:56:aa:d6:b4:18:22:a0 + 14:54:30:50:4d:b1:93:03:e3:c8:92:18:84:3f:25:5e + c5:8c:46:30:6d:8c:d5:26:f6:f0:e4:82:66:4c:5c:2b + c4:d5:04:b8:bb:e6:b6:f1:0d:d3:36:0c:3b:8b:d1:85 + 2c:e1:e9:3b:44:9d:17:78:ff:d1:59:2f:d6:54:4f:cb + 61:e7:cb:a6:53:74:f9:a9:7a:9d:9b:58:c6:9c:57:af + 3d:59:f9:ad:b5:d5:b2:5d:18:3c:13:52:f9:17:c2:81 + + +exp2: + 10:56:1e:65:bb:4a:4d:cf:9e:a3:cf:51:a9:93:0c:8c + fd:89:d1:4c:d2:9f:98:0c:90:11:c5:85:05:b9:30:f7 + 00:14:c1:be:db:52:9e:6c:ac:d4:04:f4:9a:47:af:47 + e8:19:e8:56:07:92:28:a9:f5:d5:7a:01:8a:38:0e:05 + 25:b2:54:8d:ee:c9:0e:f3:d8:37:73:05:62:38:38:6d + 41:3b:7f:cd:91:7e:10:69:b8:3c:77:b6:d5:a7:3a:9b + 99:a0:f6:77:87:61:15:78:07:f0:d3:3f:0a:67:98:ee + cd:0f:da:35:69:a4:ff:64:a8:ca:71:d9:75:bd:8f:69 + 3c:31:35:4c:f2:dd:c5:d5:2b:1a:ca:cc:0b:8e:02:b0 + 1e:10:ea:b2:e5:27:22:ad:94:04:cd:a9:bd:d1:56:39 + 9c:cf:59:16:12:ed:10:f5:70:bb:28:21:92:62:7e:f2 + 66:54:7b:f8:99:89:43:ab:ed:2f:48:d2:2f:08:20:a5 + + + +Public Key PIN: + pin-sha256:NiuGB0c98aUqMKk4SVQIIwXNglOf+6m1LuVn6aQ2A1U= +Public Key ID: + sha256:362b8607473df1a52a30a9384954082305cd82539ffba9b52ee567e9a4360355 + sha1:7678d9a20624ec92b6d458f635f630aed2732b51 + +-----BEGIN RSA PRIVATE KEY----- +MIIG4gIBAAKCAYEA4+442scsdqSf6O4UO/RskMzOX8BhDcSwrhGe97jdCuQKUqS6 +OT1UoHK0DdMkxHlOMhifPzKxoBQlI/02l14tV//xNArKj4a+BZzNS1mp3adjgTc3 +uRDQHmHVZUzH4VXhL2zZ1EXVaJULZVWJYAqMW8GOObs+Kwijo+zxBGRs96Re9sg3 +XMkCUN+ZMoCpqoU4R/QiJ5z7B4AXS9CVcvczQKiULn1otP+UQQ4ABHlNt8pZzR6P +/WGy91PvGt5wWfpReGveP/Zl2tksVXXs0CQgteneblYVzj01MaobVW59/LGUpe0o +Qy2rtzQVX3DZkDoGwGh4lof2Af+xMjCbVL6oDbPPooXG8TJnDP3AVhMGKIb+EhBU +IEJnd/z6ZXTWbv0KQOt4wiVBzuXVBf7xxn/aH4+3kyrnj7CsUHXM4++xKRZq7gaP +7nRbN22rw+WCHnqvMfAGnS7/6AjKFUWxmNWxRXMX+ehsSbT/XQnQm88eoUBLzQc4 +JrNSPklVJ82Qp19tAgMBAAECggGAMGGFkfLLHlftVY0LoHpOfSHsAGkecMS6WAiH +fL+xs7kZ89bhbHr3NqOCUpjp6gZxsbKGQuzoxTjhdVUvPEwSReae9VQBERwhw6E3 +9nGO2+zG80ucOV03P+u2Vy1IFC2dgeqSBjvYg713UMgqQ8eZaXSZUunK1WmdCpOl +yS/j7WDng2yWS8yjADWmGBE1cmuaubM5eL0aj8oBp+cbge6041mlMoUOL7U8a96j +5E83TvbVvvNozvjo+xTG4SYsJP073UtwwSCqC7UNFqhFTJfpCwiXw+muvwv3HLGB +Y+r0ct232l2rIQbJ45k+bMcVynn7RHt3BmnZWaI8sJZ7Zm9IDEKHnN9LOtwVH0gK +67CxOJhbbX80zkNgJWR8jcDRaSe4rDOFviZlmJ+K68+aa9dbo0lg+f/7X2fZCCCh +2NAgJdVi+dYHgvbGplVlcT+4ZLS9NaktYmzLLOGW8J5AOQM7EDhyrK9uCrrq9cHA +xoZgWKkoI2zdivKEdqXb7/kpubSBAoHBAPUyfYBNFLE9oe8bfyKHn9Q9Tc7iEZYp +D+oLxCScmvqKTJpezUiqzm3A/dRTRh8G9E/aLOXxyxkZo6Q3EUftPfxMuPGTuNj3 +at1cvVFNxgknvMmaGQUK6QDscnV/iQ1jZeKJrM7xeCAKuP39pYinfDgeVX0WI2pN +3IdW7/8C270bYWC1j3rh0SbjLdUhuwOE4qg01n8WYTyiVeHEioJhdOBjy1P9bWoN +9bVV4O+DKkaAf4VXYNO2wyu6r4jIuDwsoQKBwQDt+PxoHK4ubWPxi2+FXFu6Pmj5 +YQNEYIOQJo5Mi+BJwVqhXOXxZ0ML9rUphECoD+i/v2J+M8qGosRHO0rWnAmguxAA +7OaB8ryGP1hNOqSYlH5dQ30zP1N2VdFzpB/7dnWScI6CaNj097c2+j7Mp3r8pHuM +crSD187Y+LI1zjZZfpVVuMSpRCah/r70uWe8EsjnwwuKUbZcG3dYH1OsMEFDX5ei +/XCsSpHgvPZPsQZHLYl3rlngWuIxx9mmELh+E00CgcBxg0Jel1CxDRtempgs4CS6 +GPdgg4AoyDG55GCVonqM6mG0RZc7wPd4EBRyq2qXCp0oKpUGjv27TQdZCrVRWx+L +IemszPqSV1h9ymVKsnqv2lmn61MR5o8gAlaq1rQYIqAUVDBQTbGTA+PIkhiEPyVe +xYxGMG2M1Sb28OSCZkxcK8TVBLi75rbxDdM2DDuL0YUs4ek7RJ0XeP/RWS/WVE/L +YefLplN0+al6nZtYxpxXrz1Z+a211bJdGDwTUvkXwoECgcAQVh5lu0pNz56jz1Gp +kwyM/YnRTNKfmAyQEcWFBbkw9wAUwb7bUp5srNQE9JpHr0foGehWB5IoqfXVegGK +OA4FJbJUje7JDvPYN3MFYjg4bUE7f82RfhBpuDx3ttWnOpuZoPZ3h2EVeAfw0z8K +Z5juzQ/aNWmk/2SoynHZdb2PaTwxNUzy3cXVKxrKzAuOArAeEOqy5ScirZQEzam9 +0VY5nM9ZFhLtEPVwuyghkmJ+8mZUe/iZiUOr7S9I0i8IIKUCgcAqVPmTsjJ6xLZB +DhqKDtnbSwJojRUQhEK6yTXlbayOykddb/7kgcbOq3y4WlkSlqQLr/vQ1+KSYBuB +BU9DTFyY4YSobr+tzKzeJtWoWAlF7DjYXeynOUaI0czquRNcnbvbadCn5A4zsXHr +ExQockWwcQUqoUUmbKE1v6iwHQGA2a9mcTr05Dz+6GgrqmSnQ/N/OEtRoe1zaVIw +JbhiW8fNAvVvSiGUyylEdvD4llBXM4zrewhw/Lz9acE6OoJaTBU= +-----END RSA PRIVATE KEY----- diff --git a/src/testsuite/start-server.sh b/src/testsuite/start-server.sh index 3d19ffb5..bc6eb7ea 100755 --- a/src/testsuite/start-server.sh +++ b/src/testsuite/start-server.sh @@ -1,10 +1,11 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u # read in functions -. ${srcdir}/functions.inc +. "${srcdir}/functions.inc" if [ -n "$1" ]; then id="$1"; shift @@ -19,36 +20,34 @@ echo_n "starting server ${id} ..." # check weather getpid.sh returns valid PIDs. If not, don't start up the # test-server, because we won't be able to kill it at the end of the test. -./getpid.sh sh > /dev/null 2>&1 +./getpid.sh sh >/dev/null if [ $? -ne 0 ]; then - echo " getpid.sh failed!" - exit 1 + echo " getpid.sh failed!" + exit 1 fi # check if there is a test-server already running ./getpid.sh T-ngircd${id} >/dev/null 2>&1 if [ $? -eq 0 ]; then - echo " failure: test-server ${id} already running!" - exit 1 + echo " failure: test-server ${id} already running!" + exit 1 fi # generate MOTD for test-server -echo "This is an ngIRCd Test Server" > ngircd-test${id}.motd +echo "This is an ngIRCd Test Server" >ngircd-test${id}.motd # glibc memory checking, see malloc(3) MALLOC_CHECK_=3 export MALLOC_CHECK_ # starting up test-server ... -./T-ngircd${id} -n -f ${srcdir}/ngircd-test${id}.conf $* \ +./T-ngircd${id} -n -f "${srcdir}/ngircd-test${id}.conf" "$@" \ >ngircd-test${id}.log 2>&1 & sleep 1 # validate running test-server +r=1 pid=`./getpid.sh T-ngircd${id}` -[ -n "$pid" ] && kill -0 $pid > /dev/null 2>&1; r=$? - +[ -n "$pid" ] && kill -0 $pid >/dev/null 2>&1; r=$? [ $r -eq 0 ] && echo " ok." || echo " failure!" exit $r - -# -eof- diff --git a/src/testsuite/start-server1 b/src/testsuite/start-server1 index 7fb4e94c..ced37c47 100755 --- a/src/testsuite/start-server1 +++ b/src/testsuite/start-server1 @@ -1,7 +1,6 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` -${srcdir}/start-server.sh 1 - -# -eof- +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/start-server.sh" 1 diff --git a/src/testsuite/start-server2 b/src/testsuite/start-server2 index 2c4ffa6b..ca05bcf6 100755 --- a/src/testsuite/start-server2 +++ b/src/testsuite/start-server2 @@ -1,7 +1,6 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` -${srcdir}/start-server.sh 2 - -# -eof- +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/start-server.sh" 2 diff --git a/src/testsuite/start-server3 b/src/testsuite/start-server3 new file mode 100755 index 00000000..167040b5 --- /dev/null +++ b/src/testsuite/start-server3 @@ -0,0 +1,6 @@ +#!/bin/sh +# ngIRCd Test Suite + +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/start-server.sh" 3 diff --git a/src/testsuite/stop-server.sh b/src/testsuite/stop-server.sh index c531137e..c5a9486c 100755 --- a/src/testsuite/stop-server.sh +++ b/src/testsuite/stop-server.sh @@ -1,10 +1,11 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u # read in functions -. ${srcdir}/functions.inc +. "${srcdir}/functions.inc" if [ -n "$1" ]; then id="$1"; shift @@ -17,21 +18,19 @@ echo_n "stopping server ${id} ..." # stop test-server ... pid=`./getpid.sh T-ngircd${id}` if [ -z "$pid" ]; then - echo " failure: no running server found!?" - exit 1 + echo " failure: no running server found!?" + exit 1 fi -kill $pid > /dev/null 2>&1 || exit 1 +kill $pid >/dev/null 2>&1 || exit 1 # waiting ... for i in 1 2 3 4 5; do - kill -0 $pid > /dev/null 2>&1; r=$? - if [ $r -ne 0 ]; then - echo " ok". - exit 0 - fi - sleep 1 + kill -0 $pid >/dev/null 2>&1; r=$? + if [ $r -ne 0 ]; then + echo " ok". + exit 0 + fi + sleep 1 done echo " failure: server ${id} still running!?" exit 1 - -# -eof- diff --git a/src/testsuite/stop-server1 b/src/testsuite/stop-server1 index 9b562076..aad0c851 100755 --- a/src/testsuite/stop-server1 +++ b/src/testsuite/stop-server1 @@ -1,7 +1,6 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` -${srcdir}/stop-server.sh 1 - -# -eof- +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/stop-server.sh" 1 diff --git a/src/testsuite/stop-server2 b/src/testsuite/stop-server2 index 304d1749..104a096c 100755 --- a/src/testsuite/stop-server2 +++ b/src/testsuite/stop-server2 @@ -1,7 +1,6 @@ #!/bin/sh # ngIRCd Test Suite -[ -z "$srcdir" ] && srcdir=`dirname $0` -${srcdir}/stop-server.sh 2 - -# -eof- +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/stop-server.sh" 2 diff --git a/src/testsuite/stop-server3 b/src/testsuite/stop-server3 new file mode 100755 index 00000000..a9515ed0 --- /dev/null +++ b/src/testsuite/stop-server3 @@ -0,0 +1,6 @@ +#!/bin/sh +# ngIRCd Test Suite + +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u +"${srcdir}/stop-server.sh" 3 diff --git a/src/testsuite/stress-B.e b/src/testsuite/stress-B.e index 95156cbb..53c75a04 100644 --- a/src/testsuite/stress-B.e +++ b/src/testsuite/stress-B.e @@ -72,5 +72,5 @@ sleep 1 send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/stress-server.sh b/src/testsuite/stress-server.sh index 1e823253..a9ef5076 100755 --- a/src/testsuite/stress-server.sh +++ b/src/testsuite/stress-server.sh @@ -1,7 +1,7 @@ #!/bin/sh # # ngIRCd Test Suite -# Copyright (c)2001-2012 Alexander Barton (alex@barton.de) and Contributors. +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -10,79 +10,79 @@ # Please read the file COPYING, README and AUTHORS for more information. # -# detect source directory -[ -z "$srcdir" ] && srcdir=`dirname $0` - # parse command line -[ "$1" -gt 0 ] 2> /dev/null && CLIENTS="$1" || CLIENTS=5 -[ "$2" -gt 0 ] 2> /dev/null && MAX="$2" || MAX=-1 +[ "$1" -gt 0 ] 2>/dev/null && CLIENTS="$1" || CLIENTS=5 +[ "$2" -gt 0 ] 2>/dev/null && MAX="$2" || MAX=-1 + +# detect source directory +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u # get our name -name=`basename $0` +name=`basename "$0"` # create directories [ -d logs ] || mkdir logs [ -d tests ] || mkdir tests # test for required external tools -type expect > /dev/null 2>&1 +type expect >/dev/null 2>&1 if [ $? -ne 0 ]; then - echo "${name}: \"expect\" not found."; exit 77 + echo "${name}: \"expect\" not found." + exit 77 fi -type telnet > /dev/null 2>&1 +type telnet >/dev/null 2>&1 if [ $? -ne 0 ]; then - echo "${name}: \"telnet\" not found."; exit 77 + echo "${name}: \"telnet\" not found."; + exit 77 fi # hello world! :-) echo "stressing server with $CLIENTS clients (be patient!):" # read in functions -. ${srcdir}/functions.inc +. "${srcdir}/functions.inc" # create scripts for expect(1) no=0 while [ ${no} -lt $CLIENTS ]; do - cat ${srcdir}/stress-A.e > tests/${no}.e - echo "send \"nick test${no}\\r\"" >> tests/${no}.e - cat ${srcdir}/stress-B.e >> tests/${no}.e - no=`expr ${no} + 1` + cat "${srcdir}/stress-A.e" >tests/${no}.e + echo "send \"nick test${no}\\r\"" >>tests/${no}.e + cat "${srcdir}/stress-B.e" >>tests/${no}.e + no=`expr ${no} + 1` done # run first script and check if it succeeds echo_n "checking stress script ..." -expect tests/0.e > logs/stress-0.log 2> /dev/null +expect tests/0.e >logs/stress-0.log 2>/dev/null if [ $? -ne 0 ]; then - echo " failure!" - exit 1 + echo " failure!" + exit 1 else - echo " ok." + echo " ok." fi no=0 while [ ${no} -lt $CLIENTS ]; do - expect tests/${no}.e > logs/stress-${no}.log 2> /dev/null & + expect tests/${no}.e >logs/stress-${no}.log 2>/dev/null & - no=`expr ${no} + 1` - echo "started client $no/$CLIENTS." + no=`expr ${no} + 1` + echo "started client $no/$CLIENTS." - [ $MAX -gt 0 ] && $srcdir/wait-tests.sh $MAX + [ $MAX -gt 0 ] && "$srcdir/wait-tests.sh" $MAX done echo_n "waiting for clients to complete: ." touch logs/check-idle.log while true; do - expect ${srcdir}/check-idle.e >> logs/check-idle.log; res=$? - echo "====================" >> logs/check-idle.log - [ $res -ne 99 ] && break + expect "${srcdir}/check-idle.e" >>logs/check-idle.log; res=$? + echo "====================" >>logs/check-idle.log + [ $res -ne 99 ] && break - # there are still clients connected. Wait ... - sleep 3 - echo_n "." + # there are still clients connected. Wait ... + sleep 3 + echo_n "." done [ $res -eq 0 ] && echo " ok." || echo " failure!" - exit $res - -# -eof- diff --git a/src/testsuite/switch-server3 b/src/testsuite/switch-server3 new file mode 100755 index 00000000..4087e24d --- /dev/null +++ b/src/testsuite/switch-server3 @@ -0,0 +1,4 @@ +#!/bin/sh -e +cp "${srcdir}"/ssl/cert-my-second-domain-tld.pem ssl/cert.pem +cp "${srcdir}"/ssl/key-my-second-domain-tld.pem ssl/key.pem +cp "${srcdir}"/ssl/dhparams-my-second-domain-tld.pem ssl/dhparams.pem diff --git a/src/testsuite/test-loop.sh b/src/testsuite/test-loop.sh index 68c87d28..18fe9a55 100755 --- a/src/testsuite/test-loop.sh +++ b/src/testsuite/test-loop.sh @@ -1,7 +1,7 @@ #!/bin/sh # # ngIRCd Test Suite -# Copyright (c)2002-2004 by Alexander Barton (alex@barton.de) +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -9,29 +9,26 @@ # (at your option) any later version. # Please read the file COPYING, README and AUTHORS for more information. # -# $Id: test-loop.sh,v 1.2 2004/09/04 19:14:46 alex Exp $ -# - -# detect source directory -[ -z "$srcdir" ] && srcdir=`dirname $0` # parse command line -[ "$1" -gt 0 ] 2> /dev/null && LOOPS="$1" || LOOPS=5 -[ "$2" -gt 0 ] 2> /dev/null && WAIT="$2" || WAIT=5 +[ "$1" -gt 0 ] 2>/dev/null && LOOPS="$1" || LOOPS=5 +[ "$2" -gt 0 ] 2>/dev/null && WAIT="$2" || WAIT=5 + +# detect source directory +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u loop=0 while [ ${loop} -lt $LOOPS ]; do - loop=`expr ${loop} + 1` - echo " loop $loop/$LOOPS starting:" - for s in $srcdir/*-test; do - sh $s; r=$? - [ $r -ne 0 ] && exit $r - sleep 1 - done - if [ ${loop} -lt $LOOPS ]; then - echo " waiting $WAIT seconds ..." - sleep $WAIT - fi + loop=`expr ${loop} + 1` + echo " loop $loop/$LOOPS starting:" + for s in "$srcdir"/*-test; do + sh "$s"; r=$? + [ $r -ne 0 ] && exit $r + sleep 1 + done + if [ ${loop} -lt $LOOPS ]; then + echo " waiting $WAIT seconds ..." + sleep $WAIT + fi done - -# -eof- diff --git a/src/testsuite/tests.sh b/src/testsuite/tests.sh index fc4a4d5d..3e46c187 100755 --- a/src/testsuite/tests.sh +++ b/src/testsuite/tests.sh @@ -1,7 +1,7 @@ #!/bin/sh # # ngIRCd Test Suite -# Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors. +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -11,32 +11,46 @@ # # detect source directory -[ -z "$srcdir" ] && srcdir=`dirname $0` +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u -name=`basename $0` +name=`basename "$0"` test=`echo ${name} | cut -d '.' -f 1` [ -d logs ] || mkdir logs if [ ! -r "$test" ]; then - echo "$test: test not found" >>tests-skipped.lst - echo "${name}: test \"$test\" not found!"; exit 77 - exit 1 + echo "$test: test not found" >>tests-skipped.lst + echo "${name}: test \"$test\" not found!"; exit 77 + exit 1 fi # read in functions -. ${srcdir}/functions.inc +. "${srcdir}/functions.inc" -type expect > /dev/null 2>&1 +type expect >/dev/null 2>&1 if [ $? -ne 0 ]; then - echo "$test: \"expect\" not found" >>tests-skipped.lst - echo "${name}: \"expect\" not found."; exit 77 + echo "$test: \"expect\" not found" >>tests-skipped.lst + echo "${name}: \"expect\" not found." + exit 77 fi -type telnet > /dev/null 2>&1 +type telnet >/dev/null 2>&1 if [ $? -ne 0 ]; then - echo "$test: \"telnet\" not found" >>tests-skipped.lst - echo "${name}: \"telnet\" not found."; exit 77 + echo "$test: \"telnet\" not found" >>tests-skipped.lst + echo "${name}: \"telnet\" not found." + exit 77 fi +case "$test" in + *ssl*) + type openssl >/dev/null 2>&1 + if [ $? -ne 0 ]; then + echo "$test: \"openssl\" not found" >>tests-skipped.lst + echo "${name}: \"openssl\" not found." + exit 77 + fi + ;; +esac + # prepare expect script e_in="${srcdir}/${test}.e" e_tmp="${test}.e_" @@ -48,10 +62,8 @@ if test -t 1 2>/dev/null; then fi echo_n "running ${test} ..." -expect "$e_exec" > logs/${test}.log; r=$? +expect "$e_exec" >logs/${test}.log; r=$? [ $r -eq 0 ] && echo " ok." || echo " failure!" rm -f "$e_tmp" exit $r - -# -eof- diff --git a/src/testsuite/wait-tests.sh b/src/testsuite/wait-tests.sh index fb3be185..b6fa08f5 100755 --- a/src/testsuite/wait-tests.sh +++ b/src/testsuite/wait-tests.sh @@ -1,7 +1,7 @@ #!/bin/sh # # ngIRCd Test Suite -# Copyright (c)2002-2004 by Alexander Barton (alex@barton.de) +# Copyright (c)2001-2024 Alexander Barton (alex@barton.de) and Contributors. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -9,39 +9,36 @@ # (at your option) any later version. # Please read the file COPYING, README and AUTHORS for more information. # -# $Id: wait-tests.sh,v 1.5 2005/08/12 21:34:19 alex Exp $ -# -[ "$1" -gt 0 ] 2> /dev/null && MAX="$1" || MAX=5 +[ "$1" -gt 0 ] 2>/dev/null && MAX="$1" || MAX=5 # detect source directory -[ -z "$srcdir" ] && srcdir=`dirname $0` +[ -z "$srcdir" ] && srcdir=`dirname "$0"` +set -u PS_FLAGS="-f" ps $PS_FLAGS >/dev/null 2>&1 [ $? -ne 0 ] && PS_FLAGS="a" # read in functions -. ${srcdir}/functions.inc +. "${srcdir}/functions.inc" msg=0 while true; do - count=`ps $PS_FLAGS | grep "expect " | wc -l` - count=`expr $count - 1` + count=`ps $PS_FLAGS | grep "expect " | wc -l` + count=`expr $count - 1` - [ $count -le $MAX ] && break + [ $count -le $MAX ] && break - if [ $msg -lt 1 ]; then - echo_n " waiting for processes to settle: " - msg=1 - fi + if [ $msg -lt 1 ]; then + echo_n " waiting for processes to settle: " + msg=1 + fi - # there are still clients connected. Wait ... - echo_n "$count>$MAX " - sleep 1 + # there are still clients connected. Wait ... + echo_n "$count>$MAX " + sleep 1 done [ $msg -gt 0 ] && echo "done: $count" exit 0 - -# -eof- diff --git a/src/testsuite/who-test.e b/src/testsuite/who-test.e index 39e3a2f1..55c65702 100644 --- a/src/testsuite/who-test.e +++ b/src/testsuite/who-test.e @@ -199,5 +199,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "Connection closed" + "ERROR :Closing connection" } diff --git a/src/testsuite/whois-test.e b/src/testsuite/whois-test.e index 44eee668..74442ed4 100644 --- a/src/testsuite/whois-test.e +++ b/src/testsuite/whois-test.e @@ -73,5 +73,5 @@ expect { send "quit\r" expect { timeout { exit 1 } - "ERROR" + "ERROR :Closing connection" }