From: Alexander Barton <alex@barton.de>
Date: Sun, 27 Mar 2011 18:58:18 +0000 (+0200)
Subject: Merge branch 'AuthPing'
X-Git-Tag: rel-18-rc1~25
X-Git-Url: https://arthur.barton.de/gitweb/?a=commitdiff_plain;h=d61fbfc6e3a0a85ced036d8c1fa161fab0d9ba3d;hp=-c;p=ngircd.git

Merge branch 'AuthPing'

* AuthPing:
  Add documentation for "RequireAuthPing" configuration option
  New configuration option "RequireAuthPing": PING-PONG on login
---

d61fbfc6e3a0a85ced036d8c1fa161fab0d9ba3d
diff --combined doc/sample-ngircd.conf.tmpl
index f9c96562,6e02048f..b5a36b84
--- a/doc/sample-ngircd.conf.tmpl
+++ b/doc/sample-ngircd.conf.tmpl
@@@ -154,11 -154,11 +154,16 @@@
  	# maximum nick name length!
  	;MaxNickLength = 9
  
 +	# Normally ngIRCd doesn't send any messages to a client until it is
 +	# registered. Enable this option to let the daemon send "NOTICE AUTH"
 +	# messages to clients while connecting.
 +	;NoticeAuth = no
 +
+ 	# Let ngIRCd send an "authentication PING" when a new client connects,
+ 	# and register this client only after receiving the corresponding
+ 	# "PONG" reply.
+ 	;RequireAuthPing = no
+ 
  	# Set this hostname for every client instead of the real one.
  	# Please note: don't use the percentage sign ("%"), it is reserved for
  	# future extensions!
diff --combined man/ngircd.conf.5.tmpl
index b2ce02ca,bcdad1f8..d1a0a64a
--- a/man/ngircd.conf.5.tmpl
+++ b/man/ngircd.conf.5.tmpl
@@@ -251,12 -251,12 +251,17 @@@ Maximum length of an user nick name (De
  note that all servers in an IRC network MUST use the same maximum nick name
  length!
  .TP
 -\fBRequireAuthPing\fR
 +\fBNoticeAuth\fR (boolean)
 +Normally ngIRCd doesn't send any messages to a client until it is registered.
 +Enable this option to let the daemon send "NOTICE AUTH" messages to clients
 +while connecting. Default: no.
 +.TP
++\fBRequireAuthPing\fR (boolean)
+ Let ngIRCd send an "authentication PING" when a new client connects, and
+ register this client only after receiving the corresponding "PONG" reply.
+ Default: no.
+ .TP
 -\fBCloakHost\fR
 +\fBCloakHost\fR (string)
  Set this hostname for every client instead of the real one. Default: empty,
  don't change.
  .PP
@@@ -266,7 -266,7 +271,7 @@@
  Don't use the percentage sign ("%"), it is reserved for future extensions!
  .RE
  .TP
 -\fBCloakUserToNick\fR
 +\fBCloakUserToNick\fR (boolean)
  Set every clients' user name to their nick name and hide the one supplied
  by the IRC client. Default: no.
  .SH [OPERATOR]
diff --combined src/ngircd/conf.c
index 568b9e7a,452f744f..a00049ee
--- a/src/ngircd/conf.c
+++ b/src/ngircd/conf.c
@@@ -352,11 -352,13 +352,14 @@@ Conf_Test( void 
  	printf("  MaxConnectionsIP = %d\n", Conf_MaxConnectionsIP);
  	printf("  MaxJoins = %d\n", Conf_MaxJoins > 0 ? Conf_MaxJoins : -1);
  	printf("  MaxNickLength = %u\n", Conf_MaxNickLength - 1);
 +	printf("  NoticeAuth = %s\n", yesno_to_str(Conf_NoticeAuth));
  	printf("  CloakHost = %s\n", Conf_CloakHost);
- 	printf("  CloakUserToNick = %s\n\n", yesno_to_str(Conf_CloakUserToNick));
+ 	printf("  CloakUserToNick = %s\n", yesno_to_str(Conf_CloakUserToNick));
+ #ifndef STRICT_RFC
+ 	printf("  RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
+ #endif
  
- 	puts("[FEATURES]");
+ 	printf("\n[FEATURES]\n");
  	printf("  DNS = %s\n", yesno_to_str(Conf_DNS));
  	printf("  Ident = %s\n", yesno_to_str(Conf_Ident));
  	printf("  PAM = %s\n", yesno_to_str(Conf_PAM));
@@@ -615,7 -617,6 +618,7 @@@ Set_Defaults(bool InitServers
  	Conf_PongTimeout = 20;
  	Conf_ConnectRetry = 60;
  	Conf_DNS = true;
 +	Conf_NoticeAuth = false;
  
  	Conf_Oper_Count = 0;
  	Conf_Channel_Count = 0;
@@@ -643,6 -644,11 +646,11 @@@
  	Conf_SyslogFacility = 0;
  #endif
  #endif
+ 
+ #ifndef STRICT_RFC
+ 	Conf_AuthPing = false;
+ #endif
+ 
  	Set_Defaults_Optional();
  
  	/* Initialize server configuration structures */
@@@ -1194,11 -1200,6 +1202,11 @@@ Handle_GLOBAL( int Line, char *Var, cha
  		Conf_MaxNickLength = Handle_MaxNickLength(Line, Arg);
  		return;
  	}
 +	if(strcasecmp(Var, "NoticeAuth") == 0) {
 +		/* send NOTICE AUTH messages to clients on connect */
 +		Conf_NoticeAuth = Check_ArgIsTrue(Arg);
 +		return;
 +	}
  
  	if( strcasecmp( Var, "Listen" ) == 0 ) {
  		/* IP-Address to bind sockets */
@@@ -1255,6 -1256,13 +1263,13 @@@
  							   Conf_SyslogFacility);
  		return;
  	}
+ #endif
+ #ifndef STRICT_RFC
+ 	if (strcasecmp(Var, "RequireAuthPing") == 0 ) {
+ 		/* Require new clients to do an "autheticatin PING-PONG" */
+ 		Conf_AuthPing = Check_ArgIsTrue(Arg);
+ 		return;
+ 	}
  #endif
  	Config_Error(LOG_ERR, "%s, line %d (section \"Global\"): Unknown variable \"%s\"!",
  								NGIRCd_ConfFile, Line, Var);
diff --combined src/ngircd/conf.h
index 1633bc99,a183fcec..80d18187
--- a/src/ngircd/conf.h
+++ b/src/ngircd/conf.h
@@@ -178,9 -178,6 +178,9 @@@ GLOBAL bool Conf_Ident
  /** Enable all usage of PAM, even when compiled with support for it */
  GLOBAL bool Conf_PAM;
  
 +/** Enable NOTICE AUTH messages on connect */
 +GLOBAL bool Conf_NoticeAuth;
 +
  /*
   * try to connect to remote systems using the ipv6 protocol,
   * if they have an ipv6 address? (default yes)
@@@ -202,6 -199,13 +202,13 @@@ GLOBAL int Conf_MaxConnectionsIP
  /** Maximum length of a nick name */
  GLOBAL unsigned int Conf_MaxNickLength;
  
+ #ifndef STRICT_RFC
+ 
+ /** Require "AUTH PING-PONG" on login */
+ GLOBAL bool Conf_AuthPing;
+ 
+ #endif
+ 
  #ifdef SYSLOG
  
  /* Syslog "facility" */
diff --combined src/ngircd/conn.c
index 9d17a738,275215d6..cc4364c4
--- a/src/ngircd/conn.c
+++ b/src/ngircd/conn.c
@@@ -1444,20 -1444,9 +1444,20 @@@ New_Connection(int Sock
  	if (!Conf_Ident)
  		identsock = -1;
  #endif
 -	if (Conf_DNS)
 +	if (Conf_DNS) {
 +		if (Conf_NoticeAuth) {
 +#ifdef IDENTAUTH
 +			if (Conf_Ident)
 +				(void)Conn_WriteStr(new_sock,
 +					"NOTICE AUTH :*** Looking up your hostname and checking ident");
 +			else
 +#endif
 +				(void)Conn_WriteStr(new_sock,
 +					"NOTICE AUTH :*** Looking up your hostname");
 +		}
  		Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
  			     identsock, cb_Read_Resolver_Result);
 +	}
  
  	Account_Connection();
  	return new_sock;
@@@ -2186,22 -2175,13 +2186,22 @@@ cb_Read_Resolver_Result( int r_fd, UNUS
  		strlcpy(My_Connections[i].host, readbuf,
  			sizeof(My_Connections[i].host));
  		Client_SetHostname(c, readbuf);
 +		if (Conf_NoticeAuth)
 +			(void)Conn_WriteStr(i,
 +					"NOTICE AUTH :*** Found your hostname");
  #ifdef IDENTAUTH
  		++identptr;
  		if (*identptr) {
  			Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
  			Client_SetUser(c, identptr, true);
 +			if (Conf_NoticeAuth)
 +				(void)Conn_WriteStr(i,
 +					"NOTICE AUTH :*** Got ident response");
  		} else {
  			Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
 +			if (Conf_NoticeAuth && Conf_Ident)
 +				(void)Conn_WriteStr(i,
 +					"NOTICE AUTH :*** No ident response");
  		}
  #endif
  	}
@@@ -2303,6 -2283,25 +2303,25 @@@ Conn_GetFromProc(int fd
  } /* Conn_GetFromProc */
  
  
+ #ifndef STRICT_RFC
+ 
+ GLOBAL long
+ Conn_GetAuthPing(CONN_ID Idx)
+ {
+ 	assert (Idx != NONE);
+ 	return My_Connections[Idx].auth_ping;
+ } /* Conn_GetAuthPing */
+ 
+ GLOBAL void
+ Conn_SetAuthPing(CONN_ID Idx, long ID)
+ {
+ 	assert (Idx != NONE);
+ 	My_Connections[Idx].auth_ping = ID;
+ } /* Conn_SetAuthPing */
+ 
+ #endif
+ 
+ 
  #ifdef SSL_SUPPORT
  
  /**