Add two mechanism for avoiding name-collisions in a system-wide installation of charybdis. The ssld and bandb daemons, intended to be directly used by ircd and not the user, install into libexec when --enable-fhs-paths is set. For binaries which are meant to be in PATH (bindir), such as ircd and viconf, there is now an option --with-program-prefix=progprefix inspired by automake. If the user specifies --with-program-prefix=charybdis, the ircd binary is named charybdisircd when installed. Add support for saving the pidfile to a rundir and storing the ban database in localstatedir instead of in sysconfdir. This is, again, conditional on --enable-fhs-paths. Fix(?) genssl.sh to always write created SSL key/certificate/dh parameters to the sysconfdir specified during ./configure. The previous behavior was to assume that the user ran genssl.sh after ensuring that his current working directory was either sysconfdir or a sibling directory of sysconfdir.
The server protocol for this is
:<uid> ENCAP * CERTFP :<40 hex chars>
both in new user introductions and in burst.
As in oftc-hybrid, only the user themselves and opers can see the certfp.
Displaying the certfp on connect seems unnecessary to me,
the user can whois themselves if needed.
This lets a user connect with a client certificate, and
passes the certificate's fingerprint to ircd, which
currently just notices it to the user.
A new ssld->ircd message 'F' is used to pass on the
fingerprint.
This is only for OpenSSL for now, not GNUTLS.
When ssld reports a connection closure because of
"Remote host closed the connection" and the connection
is any server or a registered client, try a
read_packet() on the client.
This should mainly help LIBRB_USE_IOTYPE=poll which
iterates over the ready file descriptors in numerical
order, processing the ssld control connection before the
closing data connection.