Commit graph

24 commits

Author SHA1 Message Date
Elizabeth Myers
e6bbb41030 Add ability to change CertFP hash.
Presently this only supports SHA1, as the machinery to actually change
the cipher is not hooked up to anything yet.
2015-12-07 01:14:02 -06:00
Jail Bird
29c92cf95f Spring cleaning redux:
- Implemented changes suggested by Jilles
- Remove some unused parameters in functions
- Remove some unused ssl procs
- 63-bit time_t support in TS deltas
- const char * vs char * cleanup
- struct alignment (void *) casts
- signed vs unsigned fixes
- bad memset() call
- Bad LT_MAIN in libratbox
- char -> unsigned char casts for isdigit/isspace/etc calls

Thanks Jilles!
2015-04-20 00:55:20 -05:00
Keith Buck
55abcbb20a Remove trailing whitespace from all .c and .h files.
3134 bytes were removed.
2014-03-03 04:25:47 +00:00
William Pitcock
85e9bf4151 ssld: force the control buffer to be unsigned bytes except in special circumstances
This has the side effect of fixing GnuTLS.
2014-02-08 18:40:35 +00:00
Nathan Phillip Brink
634d4aad72 Fix inconsistency between --sysconfdir and --with-confdir, deprecate --with-confdir.
The inconsistency was created in
c74836dc4a where genssl.sh.in was made
to use sysconfdir while the IRCd and buildsystem still used confdir.
2012-03-02 01:11:42 +00:00
Nathan Phillip Brink
c74836dc4a Add explicit support for being installed into a system triggered with --enable-fhs-paths.
Add two mechanism for avoiding name-collisions in a system-wide
installation of charybdis. The ssld and bandb daemons, intended to be
directly used by ircd and not the user, install into libexec when
--enable-fhs-paths is set. For binaries which are meant to be in PATH
(bindir), such as ircd and viconf, there is now an option
--with-program-prefix=progprefix inspired by automake. If the user
specifies --with-program-prefix=charybdis, the ircd binary is named
charybdisircd when installed.

Add support for saving the pidfile to a rundir and storing the ban
database in localstatedir instead of in sysconfdir. This is, again,
conditional on --enable-fhs-paths.

Fix(?) genssl.sh to always write created SSL key/certificate/dh
parameters to the sysconfdir specified during ./configure. The
previous behavior was to assume that the user ran genssl.sh after
ensuring that his current working directory was either sysconfdir or a
sibling directory of sysconfdir.
2012-03-01 02:41:09 +00:00
William Pitcock
a7675ed255 ssld: Request fingerprint when connecting to the server, not just on inbound connections. 2010-12-14 21:28:35 -06:00
Jilles Tjoelker
7247337afa Add certfp support to libratbox and ssld.
This lets a user connect with a client certificate, and
passes the certificate's fingerprint to ircd, which
currently just notices it to the user.

A new ssld->ircd message 'F' is used to pass on the
fingerprint.

This is only for OpenSSL for now, not GNUTLS.
2010-01-31 19:04:20 +01:00
Jilles Tjoelker
e99f612205 ssld: Fix an fd leak when closing connections.
Lightly tested.
2009-11-15 23:11:18 +01:00
Jilles Tjoelker
c03677e9be ssld: Do not crash if not all fds in a message could be received.
Actually fill the mod_ctl_buf_t.nfds field.
2009-11-15 22:41:02 +01:00
Jilles Tjoelker
07c2bb757d Fix close detection with ssl+zip, porting more code from ircd-ratbox.
This tells the SSL ssld to report connection closure to ircd
using the new fd.
2009-03-07 03:23:17 +01:00
Jilles Tjoelker
464b7606a8 ssld: Do not do redundant rb_setselect().
Apparently solaris devpoll/ports may have a problem
with this.
from ircd-ratbox (androsyn)
2009-03-03 22:32:18 +01:00
androsyn
0bd120ed48 [svn r26332] get rid of the zip ready stuff 2009-01-01 14:50:21 +03:00
Valeriy Yatsko
3202e24921 Copied libratbox and related stuff from shadowircd upstream. 2008-12-03 02:49:39 +03:00
Jilles Tjoelker
e27ac6024d ssld: un #if 0 the /dev/null stuff out 2008-08-25 18:48:30 +02:00
Valery Yatsko
7edb4f163f ssld synced with ircd-ratbox3 svn 2008-07-30 02:57:01 +04:00
Jilles Tjoelker
a444bb7837 Show reason for failed outgoing SSL handshakes to opers.
Also add a comment that ircd does not care about the
reason for failed incoming SSL handshakes.
ircd-ratbox r25651
2008-06-29 21:56:31 +02:00
Valery V Yatsko
4b6a4d479c sync ssld with ratbox3 repository: now r25594 + charybdis related changes 2008-06-26 21:21:46 +04:00
Valery V Yatsko
21192997c1 Fix compilation without zlib headers present, from the ratbox3 upstream 2008-06-26 21:19:19 +04:00
Jilles Tjoelker
794816af01 Check for the -rpath linker flag.
This makes it build on MacOS X which neither
supports nor needs this flag.
2008-05-17 17:46:37 +02:00
Valery Yatsko
73d6283cfc Importing r25217, r25219 and r25221 from ratbox3 2008-04-10 20:37:42 +04:00
Valery Yatsko
8d99443b6b ssld from ratbox3 without automake dep 2008-04-06 14:46:52 +04:00
Valery Yatsko
54ac8b60a1 Reverting some changed related not to moving on libratbox3 but using ratbox3 source! 2008-04-02 19:37:50 +04:00
Valery Yatsko
18b94b70dc replacing ssld with servlink 2008-04-02 17:00:18 +04:00