Simon Arlott
5a9fa2e2fa
ssld: certfp change commands don't have any fds
2016-04-23 20:46:26 +01:00
Matt Ullman
909346edb7
ssld: Remove left over function
2016-03-27 06:13:11 -04:00
William Pitcock
de7cf7e009
ircd: client: substantially rework the connid registry system
...
now connid's are allocated on demand and clients may have as many connid's as necessary.
this allows us to build chains of helpers while ensuring the ircd properly tracks and GCs the resources.
2016-03-25 19:50:29 -05:00
Matt Ullman
25a899651d
ssld: Move plain_check_cork() to a boolean
2016-03-24 13:52:16 -04:00
William Pitcock
d35870ee36
ssld: do not shadow openssl-internal symbol "ssl_ok" (yeah, i know)
2016-03-19 00:58:15 -05:00
Elizabeth Myers
503727d1ee
More bool conversions
2016-03-09 02:19:31 -06:00
Elizabeth Myers
1b7a47417b
Remove more $Id tags.
2016-03-06 02:58:32 -06:00
William Pitcock
c83f2f5e12
rename libratbox to librb, since its pretty modified anyway
2016-03-06 02:30:20 -06:00
Elizabeth Myers
4dbb75ee84
Remove some leftover ircd-ratbox references.
2016-03-05 21:39:51 -06:00
William Pitcock
9ea48ec30a
remove presupplied autotools files
2016-03-05 17:47:48 -06:00
Simon Arlott
e9ffc3c153
ssld: provide version in stats S output
2016-03-03 22:14:50 +00:00
William Pitcock
c678fbc08b
ircd: remove broken USE_IODEBUG_HOOKS knob and related code
2016-02-20 12:02:49 -06:00
Simon Arlott
26b83fa09d
ssld: fix format string warnings for statistics
...
Cast the uint64_t format arguments to unsigned long long as
that's what the format string specifies.
2016-02-11 21:58:44 +00:00
William Pitcock
c84003aeb5
ssld: we use uint8_t for IPC buffers, not char
2016-02-10 21:03:09 -06:00
Simon Arlott
7beaee5239
ssld: change_connid may be called with an unknown ID
...
If change_connid is called with an unknown ID, conn will be
NULL, check this with an assert and then respond by reporting
the new ID as closed instead of dereferencing a NULL pointer.
2016-02-10 21:22:50 +00:00
Valerii Iatsko
5203cba5ce
Remove libratbox's snprintf.c, update related ircd code
2016-02-10 02:25:32 +01:00
Valerii Iatsko
84b49742ad
ssld: fix memleak
...
same as r29199 ircd-ratbox:
free zlib_stream_t with the rest of the conn_t
2016-02-09 10:41:36 -06:00
William Pitcock
9e45a5ca19
buildsystem: further cleanup
2016-01-08 07:01:00 -06:00
William Pitcock
f0718c93d5
configure: use correct path for libltdl
2016-01-08 06:50:01 -06:00
William Pitcock
5164a68650
buildsystem: update Makefile.in's
2016-01-08 05:20:32 -06:00
Aaron Jones
d8c4154da2
Fix LTDL conditional, remove some unnecessary and/or ugly configure tests
2016-01-07 17:15:55 +00:00
Aaron Jones
eec2776c6c
Fix some autotools discrepancies, disable SQLite threading code
2016-01-07 16:58:28 +00:00
William Pitcock
2a19fc3f57
general: remove last vestiges of static modules support (this hasn't ever actually worked...)
2016-01-06 01:28:20 -06:00
William Pitcock
c52df12552
buildsystem: convert to automake + libtool
2016-01-05 21:20:25 -06:00
William Pitcock
a5ddb7df2e
ssld: check conn->plain_fd when setting conn->plain_fd type to RB_FD_SOCKET
2015-12-16 07:32:12 -06:00
William Pitcock
c1725bda3c
ssl: allow cipher list to be overridden ( closes #67 )
2015-12-12 07:50:48 -06:00
William Pitcock
94356462c0
ssld: use uint64_t explicitly when we want 64-bit counters
2015-12-12 04:51:43 -06:00
William Pitcock
74ff144d33
ssld: fix a type warning pointed out by clang
2015-12-12 04:50:35 -06:00
William Pitcock
6cd1aca7f1
ssld: take inbuf/outbuf out of global scope, since its unnecessary
2015-12-12 04:50:15 -06:00
William Pitcock
42dbc23943
ssld: enable sending SSL cipher information if available
2015-12-11 08:32:19 -06:00
William Pitcock
408a29c65a
ssld: integrate some cleanups from ratbox 3.1
2015-12-10 23:40:24 -06:00
William Pitcock
c7708a0994
ssld: update for protocol changes
2015-12-08 14:26:26 -06:00
William Pitcock
772c95cc7a
ssld: we only will continue supporting one fingerprint method at a time
2015-12-07 01:21:26 -06:00
Elizabeth Myers
e6bbb41030
Add ability to change CertFP hash.
...
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:14:02 -06:00
Jail Bird
29c92cf95f
Spring cleaning redux:
...
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls
Thanks Jilles!
2015-04-20 00:55:20 -05:00
Keith Buck
55abcbb20a
Remove trailing whitespace from all .c and .h files.
...
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
William Pitcock
85e9bf4151
ssld: force the control buffer to be unsigned bytes except in special circumstances
...
This has the side effect of fixing GnuTLS.
2014-02-08 18:40:35 +00:00
Nathan Phillip Brink
634d4aad72
Fix inconsistency between --sysconfdir and --with-confdir, deprecate --with-confdir.
...
The inconsistency was created in
c74836dc4a
where genssl.sh.in was made
to use sysconfdir while the IRCd and buildsystem still used confdir.
2012-03-02 01:11:42 +00:00
Nathan Phillip Brink
c74836dc4a
Add explicit support for being installed into a system triggered with --enable-fhs-paths.
...
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.
Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.
Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
William Pitcock
a7675ed255
ssld: Request fingerprint when connecting to the server, not just on inbound connections.
2010-12-14 21:28:35 -06:00
Jilles Tjoelker
7247337afa
Add certfp support to libratbox and ssld.
...
This lets a user connect with a client certificate, and
passes the certificate's fingerprint to ircd, which
currently just notices it to the user.
A new ssld->ircd message 'F' is used to pass on the
fingerprint.
This is only for OpenSSL for now, not GNUTLS.
2010-01-31 19:04:20 +01:00
Jilles Tjoelker
e99f612205
ssld: Fix an fd leak when closing connections.
...
Lightly tested.
2009-11-15 23:11:18 +01:00
Jilles Tjoelker
c03677e9be
ssld: Do not crash if not all fds in a message could be received.
...
Actually fill the mod_ctl_buf_t.nfds field.
2009-11-15 22:41:02 +01:00
Jilles Tjoelker
07c2bb757d
Fix close detection with ssl+zip, porting more code from ircd-ratbox.
...
This tells the SSL ssld to report connection closure to ircd
using the new fd.
2009-03-07 03:23:17 +01:00
Jilles Tjoelker
464b7606a8
ssld: Do not do redundant rb_setselect().
...
Apparently solaris devpoll/ports may have a problem
with this.
from ircd-ratbox (androsyn)
2009-03-03 22:32:18 +01:00
androsyn
0bd120ed48
[svn r26332] get rid of the zip ready stuff
2009-01-01 14:50:21 +03:00
Valeriy Yatsko
3202e24921
Copied libratbox and related stuff from shadowircd upstream.
2008-12-03 02:49:39 +03:00
Jilles Tjoelker
e27ac6024d
ssld: un #if 0 the /dev/null stuff out
2008-08-25 18:48:30 +02:00
Valery Yatsko
7edb4f163f
ssld synced with ircd-ratbox3 svn
2008-07-30 02:57:01 +04:00
Jilles Tjoelker
a444bb7837
Show reason for failed outgoing SSL handshakes to opers.
...
Also add a comment that ircd does not care about the
reason for failed incoming SSL handshakes.
ircd-ratbox r25651
2008-06-29 21:56:31 +02:00