| Age | Commit message (Collapse) | Author |
|---|
|
Now build system will handle header file changes correctly as well
|
|
So now it is impossible to accidentally start from the wrong place,
and this structure also implicitly tells you how to build
|
|
Well, since this is actually one big Makefile concatenated of smaller
ones, all the *CFLAGS are global and therefore should be set once
|
|
Now one global makefile is generated using includes, so dependencies
are handled properly
|
|
|
|
The new configuration option "DefaultChannelModes" lists channel modes that
become automatically set on new channels on creation.
Default: set no modes.
Closes #333.
|
|
servers
Ignore passwords sent by clients when not configured/needed.
Closes #332.
|
|
Closes #334.
|
|
Do not ignore newer configuration value, always use the latest value set.
And do not assert() SSL-related string options and break, but properly
free them and use the latest value set – even in debug mode. In
non-debug mode, this was already the case anyway, but we leaked some
memory ...
|
|
|
|
|
|
ngIRCd 27 now checks server certificates, and without `CAFile` set will
reject all server/server connections with a confusing error.
Update documentation to say that `CAFile` is needed to accept incoming
server connections.
Closes #320.
|
|
While it is common for IRC servers to use ERR_NOSUCHNICK instead of
ERR_NOSUCHCHANNEL when a target can be either a channel or a nick, it seems
every other IRCd but UnrealIRCd uses ERR_NOSUCHCHANNEL in this particular case.
|
|
|
|
|
|
This fixes the following compiler warning, for example on OpenSolaris:
conn.c: In function 'Conn_Handler':
conn.c:798:28: warning: format '%ld' expects argument of type 'long int',
but argument 4 has type 'size_t' {aka 'unsigned int'} [-Wformat=]
|
|
|
|
|
|
|
|
|
|
References:
- https://modern.ircdocs.horse/#rplnamreply-353
- https://datatracker.ietf.org/doc/html/rfc2812#page-47
- (RFC 1459 is irrelevant here, as
https://datatracker.ietf.org/doc/html/rfc1459#page-51 uses a different
format)
Closes #313.
|
|
Both setgid(2) as well as setuid(2) can fail with EINVAL in addition to
EPERM, their manual pages state "EINVAL: The user/group ID specified in
uid/gid is not valid in this user namespace ".
So not only treat EPERM as an "acceptable error" and continue with
logging the error, but do the same for EINVAL.
This was triggered by the Void Linux xbps-uunshare(1) tool used for
building "XBPS source packages" and reported by luca in #ngircd. Thanks!
|
|
|
|
Thanks for reporting this on IRC, luca!
|
|
|
|
The LOGNAME environment variable is not set in GitHub "actions", for
example ...
|
|
|
|
|
|
|
|
Periodically "ping" the service manager (every 3 seconds) and set a
status message showing connection statistics.
This enables using the systemd(8) watchdog functionality for the
"ngircd.service" unit.
|
|
This allows the "ngircd.service" systemd(8) unit to use the "notify"
service type, which allows for better status tracking by the service
manager.
|
|
|
|
Wait for the "ERROR :Closing connection" message sent by ngIRCd when
handling the QUIT command, do not wait for "Connection closed" which is
actually output by the telnet(1) command and is implementation
dependant! For example, on Haiku OS, this is not always(!) echoed (the
command seems to hang sometimes?) which results in unpredictable
failures in the test suite ...
|
|
- Try to only search for processes of the current user.
- Prefer using pgrep (in addition to pidof) when available.
- Streamline system overrides.
- Get rid of HEAD_FLAGS: all systems so far support "-1".
- Use "ps -o pid,comm" as the default, which is POSIX.1.
- Use "sort -r" to hopefully get the newest (=highest) PID, which is the
case on older systems not using randomized PIDs at least.
|
|
- Reformat code.
- Cleanup some glitches, streamline scripts ...
- Enable "set -u": Error on unset variables.
- Detect "$srcdir" in prep-server3 script, too.
|
|
Although this is a nice looking solution, it is not that portable: for
example, the "openssl s_client" command of LibreSSL 3.8.2 on OpenBSD 7.4
does not support it.
So let's revert back to the "uglier" but working variant ...
This reverts commit bdb55fb4b322b2c84530855a3b5148a0e387f5b4.
|
|
|
|
This completes commit f96966a6.
|
|
|
|
The number of possible parallel connections is limited by the process
file descriptor limit (among other things). Therefore try to upgrade the
current "soft" limit to its "hard" maximum (but limit it to 100000), and
show an information or even warning, wenn still less than the configured
"MaxConnections" setting.
Please note that ngIRCd and its linked libraries (like PAM) need file
descriptors not only for incoming and outgoing IRC connections, but for
reading files and inter-process communication, too! Therefore the actual
connection limit is _less_ than the file descriptor limit!
This introduces the new MAX_FD_LIMIT (100000) #define.
|
|
|
|
|
|
|
|
|
|
|
|
No longer describe creating self-signed certificates or using "stunnel",
as both is not recommended.
|
|
|
|
This is already mentioned as the default in the manual page and the
sample configuration file, but was actually not enabled in the code!
|
|
|
|
Show proper certificate information for incoming connections, too, and
not "peer did not present a certificate", regardless if the client sent
a certificate or not.
This change is for GnuTLS and similar to what was implemented in commit
for OpenSSL in "S2S-TLS/OpenSSL: Fix handling of certificate information
for incoming connections".
|