1
0
mirror of https://github.com/osmarks/ngircd.git synced 2024-12-15 03:10:27 +00:00
Commit Graph

51 Commits

Author SHA1 Message Date
Alexander Barton
9c5e42458e Update documentation to reflect "[Channel]->Modes" changes
No longer mention "[Channel]->Key" and "[Channel]->MaxUsers".
2020-03-29 23:17:21 +02:00
Alexander Barton
e954b59d41 Fix some typos (documentation files, ngircd.conf manual page, ...)
Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph
Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!
2019-07-21 16:23:07 +02:00
shankari
fe01ef9a51 Fix documentation of MotdPhrase length (#254)
The max length is actually 126 (< 127), since the check errors out if
length >= 127. See
<https://github.com/ngircd/ngircd/blob/master/src/ngircd/conf.c#L1487>.

I didn't look through the history to see when the change happened. I
just happened to find during a migration that my 140 character MOTD
didn't work.

Update sample configuration file as well as the man page.
2019-01-03 14:06:01 +01:00
Alexander Barton
456eea6f18
Implement new configuration option "MaxPenaltyTime" (#251)
This option configures the maximum penalty time increase in seconds, per
penalty event. Set to -1 for no limit (the default), 0 to disable
penalties altogether. ngIRCd doesn't use penalty increases higher than 2
seconds during normal operation, so values higher than 1 rarely make
sense.

Disabling (or reducing) penalties can greatly speed up "make check" runs
for example, see below, but are mostly a debugging feature and normally
not meant to be used on production systems!

Some example timings running "make check" from my macOS workstation:

- MaxPenaltyTime not set: 4:41,79s
- "MaxPenaltyTime = 1":   3:14,71s
- "MaxPenaltyTime = 0":     25,46s

Closes #249.
2018-11-28 14:13:09 +01:00
Christian Aistleitner
e84000f7b8 Add PAMServiceName setting to specify the used PAM configuration
This setting allows to run multiple ngIRCd instances with
PAM configurations on each instance.
If one sets it to "ngircd-foo", PAM will use `/etc/pam.d/ngircd-foo`
instead of the default `/etc/pam.d/ngircd`.
2016-06-05 23:48:29 +02:00
Peter Powell
5545e1bebf Rename NoticeAuth to NoticeBeforeRegistration.
The old name is still supported for compatibility reasons.
2015-07-14 14:43:19 +01:00
Peter Powell
d118cd74b6 Use "NOTICE *" before registration instead of "NOTICE AUTH".
AUTH is a valid nickname so sending notices to it is probably not
a good idea. Use * as the target instead as done with numerics
when the nick is not available.

This mimics the behaviour in Charybdis, IRCD-Hybrid, InspIRCd 2.2,
Plexus 4, etc.
2015-07-14 14:37:42 +01:00
Alexander Barton
100de3e4cc Update "CipherList" to not enable SSLv3 by default
Idea, initial patch, and testing by Christoph Biedl
<ngircd.anoy@manchmal.in-ulm.de>
2014-10-16 13:42:24 +02:00
Alexander Barton
d314c75a37 Allow "DefaultUserModes" to set all possible modes
Let IRC_MODE() detect that the "fake" MODE command originated on the local
sever, which enables all modes to be settable using "DefaultUserModes"
that can be set by regular MODE commands, including modes only settable by
IRC Operators.
2014-03-18 16:43:21 +01:00
Alexander Barton
86bdf6e1d4 Implement new configuration option "Network"
The new configuration variable "Network" is used to set the (completely
optional) "network name", to which this instance of the daemon belongs.
When set, this name is used in the ISUPPORT(005) numeric which is sent to
all clients connecting to the server after logging in.

Closes bug #165.
2013-12-27 23:16:11 +01:00
Federico G. Schwindt
0985d69cc6 Change cipher defaults
Switch cipher defaults to HIGH:!aNULL:@STRENGTH (OpenSSL) or
SECURE128 (GnuTLS).
2013-09-17 17:15:24 +01:00
Alexander Barton
b9006acee3 Cipher list selection for GnuTLS
This patch implements the missing functionality for cipher list selection
using GnuTLS (our OpenSSL code has this already).
2013-09-15 17:57:47 +02:00
Alexander Barton
84ed46d4c1 Cipher list selection for OpenSSL
This patch introduces the possibility to arbitrarily select ciphers which
should be promoted resp. declined when establishing a SSL connection
with a client by implementing the new configuration option "CipherList".

By default, OpenSSL would accept low and medium strength and RC-4 ciphers,
which nowadays are known to be broken.

This patch only implements the feature for OpenSSL. A GnuTLS counterpart
has to be implemented in another patch ...

Original patch by Bastian <bastian-ngircd@t6l.de>.

Closes bug #162.
2013-09-15 15:09:36 +02:00
Alexander Barton
2bacb8210b Implement new configuration option "DefaultUserModes"
The new configuration option "DefaultUserModes" lists user modes that
become automatically set on new local clients right after login.

Please note that only modes can be set that the client could set on
itself, you can't set "a" (away) or "o" (IRC Op), for example! User
modes "i" (invisible) or "x" (cloaked) etc. are "interesting", though.

Default: set no modes (like without this patch).

Closes bug #160.
2013-08-26 21:17:10 +02:00
Alexander Barton
5258fb7f7c Implement new configuration option "AllowedChannelTypes"
The new configuration variable "AllowedChannelTypes" lists all allowed
channel types (channel prefixes) for newly created channels on the local
server. By default, all supported channel types are allowed.

If set to the empty string, local clients can't create new channels at
all, which equals the old "PredefChannelsOnly = yes" setting.

This patch deprecates the "PredefChannelsOnly" variable, too, but it is
still supported and translated to the apropriate "AllowedChannelTypes"
setting. When "PredefChannelsOnly" is processed, a warning message is
logged.

Closes bug #152.
2013-08-04 14:10:12 +02:00
Alexander Barton
f206fda8ae Implement new configuration option "IncludeDir"
The option "IncludeDir" in the [Options] section can be used
to specify a directory which can contain further configuration
files and configuration file snippets matching the pattern
"*.conf" that should be read in after the main configuration
file ("ngircd.conf" by default) has been parsed.

Closes bug #157.
2013-05-24 22:34:53 +02:00
Alexander Barton
f295117fba New configuration option "IdleTimeout": exit daemon when idle
This patch implements a new configuration option "IdleTimeout" in the
[Limits] section of the configuration file which can be used to set a
timeout (in seconds) after which the whole daemon will shutdown when no
more connections are left active after handling at least one client.

The default is 0, "never".

This can be useful for testing or when ngIRCd is started using "socket
activation" with systemd(8), for example.
2013-02-04 23:15:53 +01:00
Alexander Barton
950aeec3ff Use "${docdir}/Commands.txt" as help text file 2013-01-01 19:25:06 +01:00
Alexander Barton
d2a1f6aa4b Document "HelpFile" in sample-ngircd.conf and ngircd.conf.5 2012-12-31 21:03:23 +01:00
Alexander Barton
48326e061a Spelling fix: "nick name" -> "nickname" 2012-11-02 14:30:19 +01:00
Brett Smith
32f63abb59 Make the maximum /list reply length a configurable limit. 2012-10-25 14:46:29 -04:00
DNS777
808c291c76 New configuration option "OperChanPAutoOp"
If disabled, IRC operators don't become channel operators in persistent
channels when joining. Enabled by default, which has been the behavior
of ngIRCd up to this patch.

Closes bug #135.

(Cosmetic fixes by Alex.)
2012-09-25 13:08:39 +02:00
Alexander Barton
360a254be0 Enhance "ServiceMask" to handle a list of masks
The "ServiceMask" variable in "Server" blocks now can handle more than
one mask using the new MatchCaseInsensitiveList() function.

This makes marking "service clients" much more specific, which is a
good thing per se, but which is the prerequisite for reasonably
blocking these nick names, too (see commit a6dd2e3 for details).
2012-08-26 13:24:54 +02:00
Sebastian Köhler
d0bb185cf5 Hashed hostnames for CloakHost
Implemented support for hashed hostnames for CloakHost. The admin can
use '%x' in both the CloakHost and CloakHostModeX setting. The config
option CloakHostModeX was renamed to CloakHostSalt. This salt is used
for both cloaking options.
2012-08-03 04:10:11 +02:00
Sebastian Köhler
49385a98b2 Implemented hashed cloaked hostnames for +x
CloakHostModeX can now contain '%x'. It will be replace by the hash of
the original client hostname. The new config option CloakHostModeXSalt
defines the salt for the hash function. When CloakHostModeXSalt is not
set a random salt will be generated after each server restart.

Spelling fix in defines.h
2012-08-03 04:09:37 +02:00
Alexander Barton
bf121ae95f Describe "CloakHostModeX" in sample-ngircd.conf an ngircd.conf(5) 2012-06-09 02:04:50 +02:00
Alexander Barton
56b7e67307 New configuration option "PAMIsOptional"
When "PAMIsOptional" is set, clients not sending a password are still
allowed to connect: they won't become "identified" and keep the "~"
character prepended to their supplied user name.
2012-01-01 17:12:36 +01:00
Alexander Barton
e4a06844a3 sample-ngircd.conf: show correct default for "PAM" variable
The default of "PAM" is "yes" when ngIRCd has been configured to use it,
so show the correct default value in the sample configuration file.

Closes #119.
2011-11-08 21:12:01 +01:00
Alexander Barton
bd118c65fd Fix some wording, use spellchecker ;-) 2011-06-28 13:12:06 +02:00
Alexander Barton
d99edb7728 Merge branch 'MorePrivacy'
* MorePrivacy:
  New configuration opion "MorePrivacy" to "censor" some user information
2011-06-26 15:41:27 +02:00
Alexander Barton
cb28c4ff03 sample-ngircd.conf: remove "SSL" prefix from SSL-related variables 2011-06-26 15:39:39 +02:00
Alexander Barton
269310f04b Merge branch 'ScrubCTCP'
* ScrubCTCP:
  Add documentation for "ScrubCTCP" configuration option
  New option to scrub incoming CTCP commands
2011-06-26 15:38:53 +02:00
Alexander Barton
3d0ce77f12 sample-ngircd.conf: "SyslogFacility" should be commented out 2011-06-26 00:10:22 +02:00
Alexander Barton
946d838de4 Move SSL-related configuration variables to new [SSL] section 2011-06-26 00:09:36 +02:00
xor
5410d96748 Add documentation for "ScrubCTCP" configuration option 2011-06-25 22:27:56 +02:00
xor
b80e115f39 New configuration opion "MorePrivacy" to "censor" some user information
this patch contains:

  * Fix for Conf_CloakUserToNick to make it conceal user details
  * Adds MorePrivacy-feature

MorePrivacy censors some user information from being reported by the
server. Signon time and idle time is censored. Part and quit messages
are made to look the same. WHOWAS requests are silently dropped. All
of this is useful if one wish to conceal users that access the ngircd
servers from TOR or I2P.
2011-06-25 22:21:20 +02:00
Alexander Barton
eba14d937d Update sample config file and manual page for new config structure 2011-06-25 14:58:12 +02:00
Alexander Barton
d61fbfc6e3 Merge branch 'AuthPing'
* AuthPing:
  Add documentation for "RequireAuthPing" configuration option
  New configuration option "RequireAuthPing": PING-PONG on login
2011-03-27 20:58:18 +02:00
Alexander Barton
680db6755b Add documentation for "NoticeAuth" configuration option 2011-03-27 20:40:28 +02:00
Alexander Barton
fc0b026149 Add documentation for "RequireAuthPing" configuration option 2011-03-27 20:34:44 +02:00
Alexander Barton
acd7a5d6d4 Add a note not to use a percent sign ("%") in CloakHost variable
The percent sign is reserved for future extensions, for example to
expand some variables like %H to a hash value of the real host name ...

Idea by kaFux in #ngircd.
2011-03-19 17:04:57 +01:00
Alexander Barton
ae7470ceb5 Rename ClientHost to CloakHost, and ClientUserNick to CloakUserToNick 2011-03-19 16:58:29 +01:00
Alexander Barton
fc55c945db Don't use "the.net" in sample-ngircd.conf, use "example.net"
"the.net" is an existing domain of the Texas Higher Education Network ...
See RFC 2606.
2011-03-18 10:46:56 +01:00
Alexander Barton
25dd193e9b Move "ClientHost" and "ClientUserNick" to end of [Global] section 2011-03-16 23:43:29 +01:00
Gabor Adam Toth
71d8c37171 ClientUserNick setting 2011-03-16 23:15:50 +01:00
Gabor Adam Toth
52f59149ad ClientHost setting 2011-03-16 23:15:50 +01:00
Alexander Barton
6600ce3445 Remove ZeroConf variable from sample-ngircd.conf 2011-01-10 00:10:01 +01:00
Florian Westphal
1964bda252 conf: move 'run-time-feature-disable' options to new FEATURE section 2011-01-09 19:42:42 +01:00
Florian Westphal
1dca082fc6 config: deprecate NoXX-Options
ngircd unfortunately uses several options using double-negation, e.g.

NoIdent = No, NoPam = No, etc.

This renames all options by dropping the "No" prefix, e.g.
"NoIdent = no" becomes "Ident = yes".

The old options will continue to work, but will cause a warning
message.

Also update man pages and default config.

To prevent silly
'Ident = yes' from appearing in  --configtest output in the
'ident support not compiled in and Ident Option not used' case,
make default value depend on feature availability.
If feature is available, enable by default, otherwise disable.

We might consider moving these options to a new
[Feature]

section, or something like that, because none of these options are
essential.

Another possible improvement:

'Ident = yes' option in ngircd.conf causes a warning if ngircd was
built without ident support.

This does not happen with e.g. zeroconf....
2011-01-09 13:59:33 +01:00
Alexander Barton
30b6e72b96 Fix up generation and distribution of sample-ngircd.conf
- Add generated sample-ngircd.conf to new .gitignore file,
- refactor Makefile.am to generate sample-ngircd.conf on "make all",
  to clean it up on "make clean", and to install it to the correct place.
- Make sure path names in sample-ngircd.conf are separated by "/".
2010-11-03 23:47:21 +01:00