mirror of
https://github.com/osmarks/ngircd.git
synced 2025-10-24 02:27:38 +00:00
Move SSL-related configuration variables to new [SSL] section
This commit is contained in:
14
INSTALL
14
INSTALL
@@ -17,8 +17,8 @@ Differences to version 17
|
|||||||
- Support for ZeroConf/Bonjour/Rendezvous service registration has been
|
- Support for ZeroConf/Bonjour/Rendezvous service registration has been
|
||||||
removed. The configuration option "NoZeroconf" is no longer available.
|
removed. The configuration option "NoZeroconf" is no longer available.
|
||||||
|
|
||||||
- The structure of ngircd.conf has been cleaned up and two new configuration
|
- The structure of ngircd.conf has been cleaned up and three new configuration
|
||||||
sections have been introduced: [Limits] and [Options].
|
sections have been introduced: [Limits], [Options], and [SSL].
|
||||||
Lots of configuration variables stored in the [Global] section are now
|
Lots of configuration variables stored in the [Global] section are now
|
||||||
deprecated there and should be stored in one of these new sections (but
|
deprecated there and should be stored in one of these new sections (but
|
||||||
still work in [Global]):
|
still work in [Global]):
|
||||||
@@ -39,11 +39,11 @@ Differences to version 17
|
|||||||
"PingTimeout" -> [Limits]
|
"PingTimeout" -> [Limits]
|
||||||
"PongTimeout" -> [Limits]
|
"PongTimeout" -> [Limits]
|
||||||
"PredefChannelsOnly" -> [Options]
|
"PredefChannelsOnly" -> [Options]
|
||||||
"SSLCertFile" -> [Options]
|
"SSLCertFile" -> [SSL], and renamed to "CertFile"
|
||||||
"SSLDHFile" -> [Options]
|
"SSLDHFile" -> [SSL], and renamed to "DHFile"
|
||||||
"SSLKeyFile" -> [Options]
|
"SSLKeyFile" -> [SSL], and renamed to "KeyFile"
|
||||||
"SSLKeyFilePassword" -> [Options]
|
"SSLKeyFilePassword" -> [SSL], and renamed to "KeyFilePassword"
|
||||||
"SSLPorts" -> [Options]
|
"SSLPorts" -> [SSL], and renamed to "Ports"
|
||||||
"SyslogFacility" -> [Options]
|
"SyslogFacility" -> [Options]
|
||||||
"WebircPassword" -> [Options]
|
"WebircPassword" -> [Options]
|
||||||
You should adjust your ngircd.conf and run "ngircd --configtest" to make
|
You should adjust your ngircd.conf and run "ngircd --configtest" to make
|
||||||
|
@@ -12,7 +12,8 @@
|
|||||||
# Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the
|
# Use "ngircd --configtest" (see manual page ngircd(8)) to validate that the
|
||||||
# server interprets the configuration file as expected!
|
# server interprets the configuration file as expected!
|
||||||
#
|
#
|
||||||
# Please see ngircd.conf(5) for a complete list of configuration options.
|
# Please see ngircd.conf(5) for a complete list of configuration options
|
||||||
|
# and their descriptions.
|
||||||
#
|
#
|
||||||
|
|
||||||
[Global]
|
[Global]
|
||||||
@@ -165,6 +166,23 @@
|
|||||||
# "PONG" reply.
|
# "PONG" reply.
|
||||||
;RequireAuthPing = no
|
;RequireAuthPing = no
|
||||||
|
|
||||||
|
# Syslog "facility" to which ngIRCd should send log messages.
|
||||||
|
# Possible values are system dependent, but most probably auth, daemon,
|
||||||
|
# user and local1 through local7 are possible values; see syslog(3).
|
||||||
|
# Default is "local5" for historical reasons, you probably want to
|
||||||
|
# change this to "daemon", for example.
|
||||||
|
SyslogFacility = local1
|
||||||
|
|
||||||
|
# Password required for using the WEBIRC command used by some
|
||||||
|
# Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
|
||||||
|
# be used. (Default: not set)
|
||||||
|
;WebircPassword = xyz
|
||||||
|
|
||||||
|
;[SSL]
|
||||||
|
# SSL-related configuration options. Please note that this section
|
||||||
|
# is only available when ngIRCd is compiled with support for SSL!
|
||||||
|
# So don't forget to remove the ";" above if this is the case ...
|
||||||
|
|
||||||
# SSL Server Key Certificate
|
# SSL Server Key Certificate
|
||||||
;SSLCertFile = :ETCDIR:/ssl/server-cert.pem
|
;SSLCertFile = :ETCDIR:/ssl/server-cert.pem
|
||||||
|
|
||||||
@@ -180,18 +198,6 @@
|
|||||||
# Additional Listen Ports that expect SSL/TLS encrypted connections
|
# Additional Listen Ports that expect SSL/TLS encrypted connections
|
||||||
;SSLPorts = 6697, 9999
|
;SSLPorts = 6697, 9999
|
||||||
|
|
||||||
# Syslog "facility" to which ngIRCd should send log messages.
|
|
||||||
# Possible values are system dependent, but most probably auth, daemon,
|
|
||||||
# user and local1 through local7 are possible values; see syslog(3).
|
|
||||||
# Default is "local5" for historical reasons, you probably want to
|
|
||||||
# change this to "daemon", for example.
|
|
||||||
SyslogFacility = local1
|
|
||||||
|
|
||||||
# Password required for using the WEBIRC command used by some
|
|
||||||
# Web-to-IRC gateways. If not set/empty, the WEBIRC command can't
|
|
||||||
# be used. (Default: not set)
|
|
||||||
;WebircPassword = xyz
|
|
||||||
|
|
||||||
[Operator]
|
[Operator]
|
||||||
# [Operator] sections are used to define IRC Operators. There may be
|
# [Operator] sections are used to define IRC Operators. There may be
|
||||||
# more than one [Operator] block, one for each local operator.
|
# more than one [Operator] block, one for each local operator.
|
||||||
|
@@ -52,8 +52,8 @@ for numbers all decimal integer values are valid.
|
|||||||
In addition, some string or numerical variables accept lists of values,
|
In addition, some string or numerical variables accept lists of values,
|
||||||
separated by commas (",").
|
separated by commas (",").
|
||||||
.SH "SECTION OVERVIEW"
|
.SH "SECTION OVERVIEW"
|
||||||
The file can contain blocks of four types: [Global], [Limits], [Options],
|
The file can contain blocks of seven types: [Global], [Limits], [Options],
|
||||||
[Operator], [Server], and [Channel].
|
[SSL], [Operator], [Server], and [Channel].
|
||||||
.PP
|
.PP
|
||||||
The main configuration of the server is stored in the
|
The main configuration of the server is stored in the
|
||||||
.I [Global]
|
.I [Global]
|
||||||
@@ -68,8 +68,10 @@ block are used to tweak different limits and timeouts of the daemon, like the
|
|||||||
maximum number of clients allowed to connect to this server. Variables in the
|
maximum number of clients allowed to connect to this server. Variables in the
|
||||||
.I [Options]
|
.I [Options]
|
||||||
section can be used to enable or disable specific features of ngIRCd, like
|
section can be used to enable or disable specific features of ngIRCd, like
|
||||||
support for IDENT, PAM, IPv6, SSL, and protocol and cloaking features. These
|
support for IDENT, PAM, IPv6, and protocol and cloaking features. The
|
||||||
two sections are both optional.
|
.I [SSL]
|
||||||
|
block contains all SSL-related configuration variables. These three sections
|
||||||
|
are all optional.
|
||||||
.PP
|
.PP
|
||||||
IRC operators of this server are defined in
|
IRC operators of this server are defined in
|
||||||
.I [Operator]
|
.I [Operator]
|
||||||
@@ -81,7 +83,7 @@ blocks are used to configure pre-defined ("persistent") IRC channels.
|
|||||||
.PP
|
.PP
|
||||||
There can be more than one [Operator], [Server] and [Channel] section per
|
There can be more than one [Operator], [Server] and [Channel] section per
|
||||||
configuration file (one for each operator, server, and channel), but only
|
configuration file (one for each operator, server, and channel), but only
|
||||||
exactly one [Global], one [Limits], and one [Options] section.
|
exactly one [Global], one [Limits], one [Options], and one [SSL] section.
|
||||||
.SH [GLOBAL]
|
.SH [GLOBAL]
|
||||||
The
|
The
|
||||||
.I [Global]
|
.I [Global]
|
||||||
@@ -276,6 +278,23 @@ Let ngIRCd send an "authentication PING" when a new client connects, and
|
|||||||
register this client only after receiving the corresponding "PONG" reply.
|
register this client only after receiving the corresponding "PONG" reply.
|
||||||
Default: no.
|
Default: no.
|
||||||
.TP
|
.TP
|
||||||
|
\fBSyslogFacility\fR (string)
|
||||||
|
Syslog "facility" to which ngIRCd should send log messages. Possible
|
||||||
|
values are system dependent, but most probably "auth", "daemon", "user"
|
||||||
|
and "local1" through "local7" are possible values; see syslog(3).
|
||||||
|
Default is "local5" for historical reasons, you probably want to
|
||||||
|
change this to "daemon", for example.
|
||||||
|
.TP
|
||||||
|
\fBWebircPassword\fR (string)
|
||||||
|
Password required for using the WEBIRC command used by some Web-to-IRC
|
||||||
|
gateways. If not set or empty, the WEBIRC command can't be used.
|
||||||
|
Default: not set.
|
||||||
|
.SH [SSL]
|
||||||
|
All SSL-related configuration variables are located in the
|
||||||
|
.I [SSL]
|
||||||
|
section. Please note that this whole section is only recognized by ngIRCd
|
||||||
|
when it is compiled with support for SSL using OpenSSL or GnuTLS!
|
||||||
|
.TP
|
||||||
\fBSSLCertFile\fR (string)
|
\fBSSLCertFile\fR (string)
|
||||||
SSL Certificate file of the private server key.
|
SSL Certificate file of the private server key.
|
||||||
.TP
|
.TP
|
||||||
@@ -298,18 +317,6 @@ OpenSSL only: Password to decrypt the private key file.
|
|||||||
Same as \fBPorts\fR , except that ngIRCd will expect incoming connections
|
Same as \fBPorts\fR , except that ngIRCd will expect incoming connections
|
||||||
to be SSL/TLS encrypted. Common port numbers for SSL-encrypted IRC are 6669
|
to be SSL/TLS encrypted. Common port numbers for SSL-encrypted IRC are 6669
|
||||||
and 6697. Default: none.
|
and 6697. Default: none.
|
||||||
.TP
|
|
||||||
\fBSyslogFacility\fR (string)
|
|
||||||
Syslog "facility" to which ngIRCd should send log messages. Possible
|
|
||||||
values are system dependent, but most probably "auth", "daemon", "user"
|
|
||||||
and "local1" through "local7" are possible values; see syslog(3).
|
|
||||||
Default is "local5" for historical reasons, you probably want to
|
|
||||||
change this to "daemon", for example.
|
|
||||||
.TP
|
|
||||||
\fBWebircPassword\fR (string)
|
|
||||||
Password required for using the WEBIRC command used by some Web-to-IRC
|
|
||||||
gateways. If not set or empty, the WEBIRC command can't be used.
|
|
||||||
Default: not set.
|
|
||||||
.SH [OPERATOR]
|
.SH [OPERATOR]
|
||||||
.I [Operator]
|
.I [Operator]
|
||||||
sections are used to define IRC Operators. There may be more than one
|
sections are used to define IRC Operators. There may be more than one
|
||||||
|
@@ -89,6 +89,8 @@ static void Init_Server_Struct PARAMS(( CONF_SERVER *Server ));
|
|||||||
|
|
||||||
#ifdef SSL_SUPPORT
|
#ifdef SSL_SUPPORT
|
||||||
|
|
||||||
|
static void Handle_SSL PARAMS(( int Line, char *Var, char *Ark ));
|
||||||
|
|
||||||
struct SSLOptions Conf_SSLOptions;
|
struct SSLOptions Conf_SSLOptions;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -377,18 +379,6 @@ Conf_Test( void )
|
|||||||
#ifndef STRICT_RFC
|
#ifndef STRICT_RFC
|
||||||
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
|
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
|
||||||
#endif
|
#endif
|
||||||
#ifdef SSL_SUPPORT
|
|
||||||
printf(" SSLCertFile = %s\n", Conf_SSLOptions.CertFile);
|
|
||||||
printf(" SSLDHFile = %s\n", Conf_SSLOptions.DHFile);
|
|
||||||
printf(" SSLKeyFile = %s\n", Conf_SSLOptions.KeyFile);
|
|
||||||
if (array_bytes(&Conf_SSLOptions.KeyFilePassword))
|
|
||||||
puts(" SSLKeyFilePassword = <secret>");
|
|
||||||
else
|
|
||||||
puts(" SSLKeyFilePassword = ");
|
|
||||||
array_free_wipe(&Conf_SSLOptions.KeyFilePassword);
|
|
||||||
printf(" SSLPorts = ");
|
|
||||||
ports_puts(&Conf_SSLOptions.ListenPorts);
|
|
||||||
#endif
|
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
printf(" SyslogFacility = %s\n",
|
printf(" SyslogFacility = %s\n",
|
||||||
ngt_SyslogFacilityName(Conf_SyslogFacility));
|
ngt_SyslogFacilityName(Conf_SyslogFacility));
|
||||||
@@ -396,6 +386,24 @@ Conf_Test( void )
|
|||||||
printf(" WebircPassword = %s\n", Conf_WebircPwd);
|
printf(" WebircPassword = %s\n", Conf_WebircPwd);
|
||||||
puts("");
|
puts("");
|
||||||
|
|
||||||
|
#ifdef SSL_SUPPORT
|
||||||
|
puts("[SSL]");
|
||||||
|
printf(" CertFile = %s\n", Conf_SSLOptions.CertFile
|
||||||
|
? Conf_SSLOptions.CertFile : "");
|
||||||
|
printf(" DHFile = %s\n", Conf_SSLOptions.DHFile
|
||||||
|
? Conf_SSLOptions.DHFile : "");
|
||||||
|
printf(" KeyFile = %s\n", Conf_SSLOptions.KeyFile
|
||||||
|
? Conf_SSLOptions.KeyFile : "");
|
||||||
|
if (array_bytes(&Conf_SSLOptions.KeyFilePassword))
|
||||||
|
puts(" KeyFilePassword = <secret>");
|
||||||
|
else
|
||||||
|
puts(" KeyFilePassword = ");
|
||||||
|
array_free_wipe(&Conf_SSLOptions.KeyFilePassword);
|
||||||
|
printf(" Ports = ");
|
||||||
|
ports_puts(&Conf_SSLOptions.ListenPorts);
|
||||||
|
puts("");
|
||||||
|
#endif
|
||||||
|
|
||||||
opers_puts();
|
opers_puts();
|
||||||
|
|
||||||
for( i = 0; i < MAX_SERVERS; i++ ) {
|
for( i = 0; i < MAX_SERVERS; i++ ) {
|
||||||
@@ -847,7 +855,8 @@ Read_Config( bool ngircd_starting )
|
|||||||
strlcpy( section, str, sizeof( section ));
|
strlcpy( section, str, sizeof( section ));
|
||||||
if (strcasecmp(section, "[GLOBAL]") == 0 ||
|
if (strcasecmp(section, "[GLOBAL]") == 0 ||
|
||||||
strcasecmp(section, "[LIMITS]") == 0 ||
|
strcasecmp(section, "[LIMITS]") == 0 ||
|
||||||
strcasecmp(section, "[OPTIONS]") == 0)
|
strcasecmp(section, "[OPTIONS]") == 0 ||
|
||||||
|
strcasecmp(section, "[SSL]") == 0)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
if( strcasecmp( section, "[SERVER]" ) == 0 ) {
|
if( strcasecmp( section, "[SERVER]" ) == 0 ) {
|
||||||
@@ -906,6 +915,10 @@ Read_Config( bool ngircd_starting )
|
|||||||
Handle_LIMITS(line, var, arg);
|
Handle_LIMITS(line, var, arg);
|
||||||
else if(strcasecmp(section, "[OPTIONS]") == 0)
|
else if(strcasecmp(section, "[OPTIONS]") == 0)
|
||||||
Handle_OPTIONS(line, var, arg);
|
Handle_OPTIONS(line, var, arg);
|
||||||
|
#ifdef SSL_SUPPORT
|
||||||
|
else if(strcasecmp(section, "[SSL]") == 0)
|
||||||
|
Handle_SSL(line, var, arg);
|
||||||
|
#endif
|
||||||
else if(strcasecmp(section, "[OPERATOR]") == 0)
|
else if(strcasecmp(section, "[OPERATOR]") == 0)
|
||||||
Handle_OPERATOR(line, var, arg);
|
Handle_OPERATOR(line, var, arg);
|
||||||
else if(strcasecmp(section, "[SERVER]") == 0)
|
else if(strcasecmp(section, "[SERVER]") == 0)
|
||||||
@@ -952,9 +965,9 @@ Read_Config( bool ngircd_starting )
|
|||||||
|
|
||||||
#ifdef SSL_SUPPORT
|
#ifdef SSL_SUPPORT
|
||||||
/* Make sure that all SSL-related files are readable */
|
/* Make sure that all SSL-related files are readable */
|
||||||
CheckFileReadable("SSLCertFile", Conf_SSLOptions.CertFile);
|
CheckFileReadable("CertFile", Conf_SSLOptions.CertFile);
|
||||||
CheckFileReadable("SSLDHFile", Conf_SSLOptions.DHFile);
|
CheckFileReadable("DHFile", Conf_SSLOptions.DHFile);
|
||||||
CheckFileReadable("SSLKeyFile", Conf_SSLOptions.KeyFile);
|
CheckFileReadable("KeyFile", Conf_SSLOptions.KeyFile);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
@@ -1100,13 +1113,6 @@ CheckLegacyGlobalOption(int Line, char *Var, char *Arg)
|
|||||||
|| strcasecmp(Var, "OperCanUseMode") == 0
|
|| strcasecmp(Var, "OperCanUseMode") == 0
|
||||||
|| strcasecmp(Var, "OperServerMode") == 0
|
|| strcasecmp(Var, "OperServerMode") == 0
|
||||||
|| strcasecmp(Var, "PredefChannelsOnly") == 0
|
|| strcasecmp(Var, "PredefChannelsOnly") == 0
|
||||||
#ifdef SSL_SUPPORT
|
|
||||||
|| strcasecmp(Var, "SSLCertFile") == 0
|
|
||||||
|| strcasecmp(Var, "SSLDHFile") == 0
|
|
||||||
|| strcasecmp(Var, "SSLKeyFile") == 0
|
|
||||||
|| strcasecmp(Var, "SSLKeyFilePassword") == 0
|
|
||||||
|| strcasecmp(Var, "SSLPorts") == 0
|
|
||||||
#endif
|
|
||||||
|| strcasecmp(Var, "SyslogFacility") == 0
|
|| strcasecmp(Var, "SyslogFacility") == 0
|
||||||
|| strcasecmp(Var, "WebircPassword") == 0) {
|
|| strcasecmp(Var, "WebircPassword") == 0) {
|
||||||
Handle_OPTIONS(Line, Var, Arg);
|
Handle_OPTIONS(Line, Var, Arg);
|
||||||
@@ -1122,6 +1128,16 @@ CheckLegacyGlobalOption(int Line, char *Var, char *Arg)
|
|||||||
Handle_LIMITS(Line, Var, Arg);
|
Handle_LIMITS(Line, Var, Arg);
|
||||||
return "[Limits]";
|
return "[Limits]";
|
||||||
}
|
}
|
||||||
|
#ifdef SSL_SUPPORT
|
||||||
|
if (strcasecmp(Var, "SSLCertFile") == 0
|
||||||
|
|| strcasecmp(Var, "SSLDHFile") == 0
|
||||||
|
|| strcasecmp(Var, "SSLKeyFile") == 0
|
||||||
|
|| strcasecmp(Var, "SSLKeyFilePassword") == 0
|
||||||
|
|| strcasecmp(Var, "SSLPorts") == 0) {
|
||||||
|
Handle_SSL(Line, Var + 3, Arg);
|
||||||
|
return "[SSL]";
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -1302,9 +1318,16 @@ Handle_GLOBAL( int Line, char *Var, char *Arg )
|
|||||||
/** TODO: This function and support for these options in the
|
/** TODO: This function and support for these options in the
|
||||||
* [Global] section could be removed starting with ngIRCd
|
* [Global] section could be removed starting with ngIRCd
|
||||||
* release 19 (one release after marking it "deprecated"). */
|
* release 19 (one release after marking it "deprecated"). */
|
||||||
Config_Error(LOG_WARNING,
|
if (strncasecmp(Var, "SSL", 3) == 0) {
|
||||||
"%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!",
|
Config_Error(LOG_WARNING,
|
||||||
NGIRCd_ConfFile, Line, Var, section);
|
"%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s and rename to \"%s\"!",
|
||||||
|
NGIRCd_ConfFile, Line, Var, section,
|
||||||
|
Var + 3);
|
||||||
|
} else {
|
||||||
|
Config_Error(LOG_WARNING,
|
||||||
|
"%s, line %d (section \"Global\"): \"%s\" is deprecated here, move it to %s!",
|
||||||
|
NGIRCd_ConfFile, Line, Var, section);
|
||||||
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1462,36 +1485,6 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
#ifdef SSL_SUPPORT
|
|
||||||
if (strcasecmp(Var, "SSLCertFile") == 0) {
|
|
||||||
assert(Conf_SSLOptions.CertFile == NULL);
|
|
||||||
Conf_SSLOptions.CertFile = strdup_warn(Arg);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if (strcasecmp(Var, "SSLDHFile") == 0) {
|
|
||||||
assert(Conf_SSLOptions.DHFile == NULL);
|
|
||||||
Conf_SSLOptions.DHFile = strdup_warn(Arg);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if (strcasecmp(Var, "SSLKeyFile") == 0) {
|
|
||||||
assert(Conf_SSLOptions.KeyFile == NULL);
|
|
||||||
Conf_SSLOptions.KeyFile = strdup_warn(Arg);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if (strcasecmp(Var, "SSLKeyFilePassword") == 0) {
|
|
||||||
assert(array_bytes(&Conf_SSLOptions.KeyFilePassword) == 0);
|
|
||||||
if (!array_copys(&Conf_SSLOptions.KeyFilePassword, Arg))
|
|
||||||
Config_Error(LOG_ERR,
|
|
||||||
"%s, line %d (section \"Global\"): Could not copy %s: %s!",
|
|
||||||
NGIRCd_ConfFile, Line, Var,
|
|
||||||
strerror(errno));
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
if (strcasecmp(Var, "SSLPorts") == 0) {
|
|
||||||
ports_parse(&Conf_SSLOptions.ListenPorts, Line, Arg);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
if (strcasecmp(Var, "SyslogFacility") == 0) {
|
if (strcasecmp(Var, "SyslogFacility") == 0) {
|
||||||
Conf_SyslogFacility = ngt_SyslogFacilityID(Arg,
|
Conf_SyslogFacility = ngt_SyslogFacilityID(Arg,
|
||||||
@@ -1509,6 +1502,56 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
|
|||||||
Config_Error_Section(Line, Var, "Options");
|
Config_Error_Section(Line, Var, "Options");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#ifdef SSL_SUPPORT
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handle variable in [SSL] configuration section.
|
||||||
|
*
|
||||||
|
* @param Line Line numer in configuration file.
|
||||||
|
* @param Var Variable name.
|
||||||
|
* @param Arg Variable argument.
|
||||||
|
*/
|
||||||
|
static void
|
||||||
|
Handle_SSL(int Line, char *Var, char *Arg)
|
||||||
|
{
|
||||||
|
assert(Line > 0);
|
||||||
|
assert(Var != NULL);
|
||||||
|
assert(Arg != NULL);
|
||||||
|
|
||||||
|
if (strcasecmp(Var, "CertFile") == 0) {
|
||||||
|
assert(Conf_SSLOptions.CertFile == NULL);
|
||||||
|
Conf_SSLOptions.CertFile = strdup_warn(Arg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (strcasecmp(Var, "DHFile") == 0) {
|
||||||
|
assert(Conf_SSLOptions.DHFile == NULL);
|
||||||
|
Conf_SSLOptions.DHFile = strdup_warn(Arg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (strcasecmp(Var, "KeyFile") == 0) {
|
||||||
|
assert(Conf_SSLOptions.KeyFile == NULL);
|
||||||
|
Conf_SSLOptions.KeyFile = strdup_warn(Arg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (strcasecmp(Var, "KeyFilePassword") == 0) {
|
||||||
|
assert(array_bytes(&Conf_SSLOptions.KeyFilePassword) == 0);
|
||||||
|
if (!array_copys(&Conf_SSLOptions.KeyFilePassword, Arg))
|
||||||
|
Config_Error(LOG_ERR,
|
||||||
|
"%s, line %d (section \"SSL\"): Could not copy %s: %s!",
|
||||||
|
NGIRCd_ConfFile, Line, Var,
|
||||||
|
strerror(errno));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if (strcasecmp(Var, "Ports") == 0) {
|
||||||
|
ports_parse(&Conf_SSLOptions.ListenPorts, Line, Arg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
Config_Error_Section(Line, Var, "SSL");
|
||||||
|
}
|
||||||
|
|
||||||
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Handle variable in [Operator] configuration section.
|
* Handle variable in [Operator] configuration section.
|
||||||
*
|
*
|
||||||
|
Reference in New Issue
Block a user