Commit graph

28 commits

Author SHA1 Message Date
William Pitcock
42dbc23943 ssld: enable sending SSL cipher information if available 2015-12-11 08:32:19 -06:00
William Pitcock
408a29c65a ssld: integrate some cleanups from ratbox 3.1 2015-12-10 23:40:24 -06:00
William Pitcock
c7708a0994 ssld: update for protocol changes 2015-12-08 14:26:26 -06:00
William Pitcock
772c95cc7a ssld: we only will continue supporting one fingerprint method at a time 2015-12-07 01:21:26 -06:00
Elizabeth Myers
e6bbb41030 Add ability to change CertFP hash.
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:14:02 -06:00
Jail Bird
29c92cf95f Spring cleaning redux:
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls

Thanks Jilles!
2015-04-20 00:55:20 -05:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
William Pitcock
85e9bf4151 ssld: force the control buffer to be unsigned bytes except in special circumstances
This has the side effect of fixing GnuTLS.
2014-02-08 18:40:35 +00:00
Nathan Phillip Brink
634d4aad72 Fix inconsistency between --sysconfdir and --with-confdir, deprecate --with-confdir.
The inconsistency was created in
c74836dc4a where genssl.sh.in was made
to use sysconfdir while the IRCd and buildsystem still used confdir.
2012-03-02 01:11:42 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
William Pitcock
a7675ed255 ssld: Request fingerprint when connecting to the server, not just on inbound connections. 2010-12-14 21:28:35 -06:00
Jilles Tjoelker
7247337afa Add certfp support to libratbox and ssld.
This lets a user connect with a client certificate, and
passes the certificate's fingerprint to ircd, which
currently just notices it to the user.

A new ssld->ircd message 'F' is used to pass on the
fingerprint.

This is only for OpenSSL for now, not GNUTLS.
2010-01-31 19:04:20 +01:00
Jilles Tjoelker
e99f612205 ssld: Fix an fd leak when closing connections.
Lightly tested.
2009-11-15 23:11:18 +01:00
Jilles Tjoelker
c03677e9be ssld: Do not crash if not all fds in a message could be received.
Actually fill the mod_ctl_buf_t.nfds field.
2009-11-15 22:41:02 +01:00
Jilles Tjoelker
07c2bb757d Fix close detection with ssl+zip, porting more code from ircd-ratbox.
This tells the SSL ssld to report connection closure to ircd
using the new fd.
2009-03-07 03:23:17 +01:00
Jilles Tjoelker
464b7606a8 ssld: Do not do redundant rb_setselect().
Apparently solaris devpoll/ports may have a problem
with this.
from ircd-ratbox (androsyn)
2009-03-03 22:32:18 +01:00
androsyn
0bd120ed48 [svn r26332] get rid of the zip ready stuff 2009-01-01 14:50:21 +03:00
Valeriy Yatsko
3202e24921 Copied libratbox and related stuff from shadowircd upstream. 2008-12-03 02:49:39 +03:00
Jilles Tjoelker
e27ac6024d ssld: un #if 0 the /dev/null stuff out 2008-08-25 18:48:30 +02:00
Valery Yatsko
7edb4f163f ssld synced with ircd-ratbox3 svn 2008-07-30 02:57:01 +04:00
Jilles Tjoelker
a444bb7837 Show reason for failed outgoing SSL handshakes to opers.
Also add a comment that ircd does not care about the
reason for failed incoming SSL handshakes.
ircd-ratbox r25651
2008-06-29 21:56:31 +02:00
Valery V Yatsko
4b6a4d479c sync ssld with ratbox3 repository: now r25594 + charybdis related changes 2008-06-26 21:21:46 +04:00
Valery V Yatsko
21192997c1 Fix compilation without zlib headers present, from the ratbox3 upstream 2008-06-26 21:19:19 +04:00
Jilles Tjoelker
794816af01 Check for the -rpath linker flag.
This makes it build on MacOS X which neither
supports nor needs this flag.
2008-05-17 17:46:37 +02:00
Valery Yatsko
73d6283cfc Importing r25217, r25219 and r25221 from ratbox3 2008-04-10 20:37:42 +04:00
Valery Yatsko
8d99443b6b ssld from ratbox3 without automake dep 2008-04-06 14:46:52 +04:00
Valery Yatsko
54ac8b60a1 Reverting some changed related not to moving on libratbox3 but using ratbox3 source! 2008-04-02 19:37:50 +04:00
Valery Yatsko
18b94b70dc replacing ssld with servlink 2008-04-02 17:00:18 +04:00