Commit Graph

21 Commits

Author SHA1 Message Date
Nathan Phillip Brink e8da6ccee6 Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide installation of charybdis. The ssld and bandb daemons, intended to be directly used by ircd and not the user, install into libexec when --enable-fhs-paths is set. For binaries which are meant to be in PATH (bindir), such as ircd and viconf, there is now an option --with-program-prefix=progprefix inspired by automake. If the user specifies --with-program-prefix=charybdis, the ircd binary is named charybdisircd when installed. Add support for saving the pidfile to a rundir and storing the ban database in localstatedir instead of in sysconfdir. This is, again, conditional on --enable-fhs-paths. Fix(?) genssl.sh to always write created SSL key/certificate/dh parameters to the sysconfdir specified during ./configure. The previous behavior was to assume that the user ran genssl.sh after ensuring that his current working directory was either sysconfdir or a sibling directory of sysconfdir.
2012-02-29 23:16:29 -05:00
Jilles Tjoelker 54656d7650 Pass certfp to other servers and show it in whois. Do not show it on connect.
The server protocol for this is
:<uid> ENCAP * CERTFP :<40 hex chars>
both in new user introductions and in burst.

As in oftc-hybrid, only the user themselves and opers can see the certfp.

Displaying the certfp on connect seems unnecessary to me,
the user can whois themselves if needed.
2010-02-06 00:18:27 +01:00
William Pitcock 09fb2d185d Clarify CertFP message. 2010-01-31 17:35:15 -06:00
Jilles Tjoelker a099270d45 Add certfp support to libratbox and ssld.
This lets a user connect with a client certificate, and
passes the certificate's fingerprint to ircd, which
currently just notices it to the user.

A new ssld->ircd message 'F' is used to pass on the
fingerprint.

This is only for OpenSSL for now, not GNUTLS.
2010-01-31 19:04:20 +01:00
Jilles Tjoelker 8479094d8f Check the return value on rb_pipe.
from ircd-ratbox (r26515) (androsyn)
2009-05-13 22:07:57 +02:00
Jilles Tjoelker e421505e8c More rb_socketpair() return value checks.
from ircd-ratbox (r26507) (androsyn)
2009-05-12 23:30:46 +02:00
Jilles Tjoelker 9bf8f69cc6 Fix close detection with ssl+zip, porting more code from ircd-ratbox.
This tells the SSL ssld to report connection closure to ircd
using the new fd.
2009-03-07 03:23:17 +01:00
Jilles Tjoelker 1a4058095d Fix an off by one error with zipstats processing
from ircd-ratbox (androsyn)
2009-02-07 23:26:05 +01:00
Jilles Tjoelker cffd37ee37 [ratbox3 svn r26397] Make it more likely that error messages on ssld connections get through.
When ssld reports a connection closure because of
"Remote host closed the connection" and the connection
is any server or a registered client, try a
read_packet() on the client.
This should mainly help LIBRB_USE_IOTYPE=poll which
iterates over the ready file descriptors in numerical
order, processing the ssld control connection before the
closing data connection.
2009-01-15 20:08:46 +03:00
androsyn 6f3b64079f [svn r26332] get rid of the zip ready stuff 2009-01-01 14:50:21 +03:00
Aaron Sethman 62271ba929 re-enable ziplinks + ssl 2008-12-13 23:20:59 +03:00
androsyn 0dc49ff2f4 cast getpid() to int 2008-12-10 12:46:23 +03:00
Jilles Tjoelker 2cf629d9b5 Put back conditionally netwide ssld error snote. 2008-12-03 00:55:58 +01:00
Valeriy Yatsko 94b4fbf93a Copied libratbox and related stuff from shadowircd upstream. 2008-12-03 02:49:39 +03:00
Valery V Yatsko a0775df0ed fixed typo in sslproc.c 2008-08-08 20:01:52 +04:00
Jilles Tjoelker 8789299343 Put back netwide snotes for ssld errors from remote connects. 2008-07-30 14:50:12 +02:00
Valery Yatsko f5bdde4b42 sslproc.c synced with ircd-ratbox3 svn 2008-07-30 02:55:08 +04:00
Jilles Tjoelker e5cdec73ac Log ssld errors for servers and handshakes.
(serverlog)
2008-06-30 00:28:00 +02:00
Jilles Tjoelker cd0ba90750 Send ssld error netwide if it was a remote connect and a handshake. 2008-06-29 22:02:32 +02:00
Valery Yatsko 79c3c679ad Removing UMODE_ALL, replacing all sendto_realops_flags in sslproc.c with snomasks 2008-04-08 20:16:19 +04:00
William Pitcock 2b6c877341 make this compile again 2008-04-06 11:33:34 -05:00