diff --git a/.gitattributes b/.gitattributes index fd0eb49..7bf4a41 100644 --- a/.gitattributes +++ b/.gitattributes @@ -306,6 +306,7 @@ include/serno.h -text include/setup.h.in -text include/setup.h_vms -text include/sprintf_irc.h -text +include/ssl.h -text include/stdinc.h -text include/supported.h -text include/tools.h -text @@ -481,6 +482,7 @@ src/scache.c -text src/send.c -text src/snprintf.c -text src/sprintf_irc.c -text +src/ssl.c -text src/tools.c -text src/version.c.SH -text src/version.com -text diff --git a/ChangeLog b/ChangeLog index 2d9cfaf..b27624c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,7 @@ Symbols are: (HP) - Hybrid Team Patches to Hybrid Source * NeoIRCd Version 0.9.6 - 31st Oct (Halloween!), 2002 - Fish (HP) - Hybrid Team Halloween Special :) (No suprises this time!) (RC5 Merge) +(F) - Initial Support for SSL connections started * NeoIRCd Version 0.9.5 - 12th Oct, 2002 - Fish (S) - Fixed up event.c for a possible serious bug reported by Dianora from hybrid team diff --git a/autoconf/configure.in b/autoconf/configure.in index 0acfa81..d6e00ac 100644 --- a/autoconf/configure.in +++ b/autoconf/configure.in @@ -1,4 +1,4 @@ -dnl $Id: configure.in,v 1.6 2002/10/23 03:53:21 fishwaldo Exp $ +dnl $Id: configure.in,v 1.7 2002/11/04 08:14:00 fishwaldo Exp $ dnl Process this file with autoconf to produce a configure script. dnl AC_INIT(include/class.h) <- what is this ? -TimeMr14C @@ -391,27 +391,8 @@ int main(void) { if test "X$cf_openssl_version_ok" = "Xyes"; then AC_MSG_RESULT(ok) - dnl Do all the HAVE_LIBCRYPTO magic -- and check for ciphers - save_CPPFLAGS="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS $SSL_LIBS" - AC_CHECK_LIB(crypto, RSA_free) - if test "X$ac_cv_lib_crypto_RSA_free" = "Xyes"; then - cf_openssl_ciphers='' - AC_CHECK_FUNCS(EVP_bf_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}BF/256 BF/128 ") - AC_CHECK_FUNCS(EVP_cast5_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}CAST/128 ") - AC_CHECK_FUNCS(EVP_idea_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}IDEA/128 ") - AC_CHECK_FUNCS(EVP_rc5_32_12_16_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}RC5.16/128 RC5.12/128 RC5.8/128 ") - AC_CHECK_FUNCS(EVP_des_ede3_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}3DES/168 ") - AC_CHECK_FUNCS(EVP_des_cfb, - cf_openssl_ciphers="${cf_openssl_ciphers}DES/56 ") - fi - CPPFLAGS="$save_CPPFLAGS" - SSL_LIBS="$SSL_LIBS -lcrypto" + AC_DEFINE(USE_SSL) + SSL_LIBS="$SSL_LIBS -lcrypto -lssl" else AC_MSG_RESULT(no - OpenSSL support disabled) fi @@ -575,12 +556,12 @@ esac dnl Enable RT sigio - linux only AC_ARG_ENABLE(rtsigio, -[ --enable-rtsigio Enable SIGIO with RT Signals(Linux only). +[ --enable-rtsigio Enable SIGIO with RT Signals(Linux only) (UNSTABLE!). --disable-rtsigio Disable SIGIO with RT Signals(Linux only). ], [ case "$enableval" in yes) - echo "Forcing Linux RT Sigio to be enabled" + echo "Forcing Linux RT Sigio to be enabled (UNSTABLE)" ac_cv_func_rtsigio="yes" ;; no) @@ -625,6 +606,7 @@ if test "$SELECT_TYPE" != "kqueue" ; then elif test "$ac_cv_func_rtsigio" = "yes" ; then SELECT_TYPE="sigio" AC_DEFINE(USE_SIGIO) + AC_MSG_WARN(***rtsigio might be unstable on your machine***) elif test "$ac_cv_func_poll" = "yes" ; then SELECT_TYPE="poll" AC_DEFINE(USE_POLL) @@ -997,12 +979,5 @@ AC_OUTPUT( \ help/Makefile \ ) -if test "X${cf_openssl_ciphers}" != "X"; then - echo "" - echo "Available cryptlinks ciphers:" - echo "" - echo "${cf_openssl_ciphers}" - echo "" -fi AC_MSG_RESULT("Server is configured with NICKLEN=$ac_cv_nicklen and MAX_CLIENTS=$ac_cv_maxclients") diff --git a/configure b/configure index 6425dd9..9967d83 100755 --- a/configure +++ b/configure @@ -841,7 +841,7 @@ Optional Features: --disable-kqueue Disable kqueue() support. --enable-devpoll Enable /dev/poll support. --disable-devpoll Disable /dev/poll support. - --enable-rtsigio Enable SIGIO with RT Signals(Linux only). + --enable-rtsigio Enable SIGIO with RT Signals(Linux only) (UNSTABLE!). --disable-rtsigio Disable SIGIO with RT Signals(Linux only). --enable-ipv6 Enable IPV6 support. --disable-ipv6 Disable IPV6 support. @@ -5424,534 +5424,11 @@ fi if test "X$cf_openssl_version_ok" = "Xyes"; then echo "$as_me:$LINENO: result: ok" >&5 echo "${ECHO_T}ok" >&6 - save_CPPFLAGS="$CPPFLAGS" - CPPFLAGS="$CPPFLAGS $SSL_LIBS" - -echo "$as_me:$LINENO: checking for RSA_free in -lcrypto" >&5 -echo $ECHO_N "checking for RSA_free in -lcrypto... $ECHO_C" >&6 -if test "${ac_cv_lib_crypto_RSA_free+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lcrypto $LIBS" -cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" - -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char RSA_free (); -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -RSA_free (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_lib_crypto_RSA_free=yes -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -ac_cv_lib_crypto_RSA_free=no -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -echo "$as_me:$LINENO: result: $ac_cv_lib_crypto_RSA_free" >&5 -echo "${ECHO_T}$ac_cv_lib_crypto_RSA_free" >&6 -if test $ac_cv_lib_crypto_RSA_free = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBCRYPTO 1 + cat >>confdefs.h <<\_ACEOF +#define USE_SSL 1 _ACEOF - LIBS="-lcrypto $LIBS" - -fi - - if test "X$ac_cv_lib_crypto_RSA_free" = "Xyes"; then - cf_openssl_ciphers='' - -for ac_func in EVP_bf_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}BF/256 BF/128 " -fi -done - - -for ac_func in EVP_cast5_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}CAST/128 " -fi -done - - -for ac_func in EVP_idea_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}IDEA/128 " -fi -done - - -for ac_func in EVP_rc5_32_12_16_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}RC5.16/128 RC5.12/128 RC5.8/128 " -fi -done - - -for ac_func in EVP_des_ede3_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}3DES/168 " -fi -done - - -for ac_func in EVP_des_cfb -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6 -if eval "test \"\${$as_ac_var+set}\" = set"; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -#line $LINENO "configure" -#include "confdefs.h" -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. */ -#include -/* Override any gcc2 internal prototype to avoid an error. */ -#ifdef __cplusplus -extern "C" -#endif -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func (); -char (*f) (); - -#ifdef F77_DUMMY_MAIN -# ifdef __cplusplus - extern "C" -# endif - int F77_DUMMY_MAIN() { return 1; } -#endif -int -main () -{ -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -f = $ac_func; -#endif - - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - { ac_try='test -s conftest$ac_exeext' - { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 - (eval $ac_try) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -cat conftest.$ac_ext >&5 -eval "$as_ac_var=no" -fi -rm -f conftest.$ac_objext conftest$ac_exeext conftest.$ac_ext -fi -echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5 -echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6 -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - cf_openssl_ciphers="${cf_openssl_ciphers}DES/56 " -fi -done - - fi - CPPFLAGS="$save_CPPFLAGS" - SSL_LIBS="$SSL_LIBS -lcrypto" + SSL_LIBS="$SSL_LIBS -lcrypto -lssl" else echo "$as_me:$LINENO: result: no - OpenSSL support disabled" >&5 echo "${ECHO_T}no - OpenSSL support disabled" >&6 @@ -6398,7 +5875,7 @@ if test "${enable_rtsigio+set}" = set; then case "$enableval" in yes) - echo "Forcing Linux RT Sigio to be enabled" + echo "Forcing Linux RT Sigio to be enabled (UNSTABLE)" ac_cv_func_rtsigio="yes" ;; no) @@ -6740,6 +6217,8 @@ _ACEOF #define USE_SIGIO 1 _ACEOF + { echo "$as_me:$LINENO: WARNING: ***rtsigio might be unstable on your machine***" >&5 +echo "$as_me: WARNING: ***rtsigio might be unstable on your machine***" >&2;} elif test "$ac_cv_func_poll" = "yes" ; then SELECT_TYPE="poll" cat >>confdefs.h <<\_ACEOF @@ -9408,13 +8887,6 @@ if test "$no_create" != yes; then fi -if test "X${cf_openssl_ciphers}" != "X"; then - echo "" - echo "Available cryptlinks ciphers:" - echo "" - echo "${cf_openssl_ciphers}" - echo "" -fi echo "$as_me:$LINENO: result: \"Server is configured with NICKLEN=$ac_cv_nicklen and MAX_CLIENTS=$ac_cv_maxclients\"" >&5 echo "${ECHO_T}\"Server is configured with NICKLEN=$ac_cv_nicklen and MAX_CLIENTS=$ac_cv_maxclients\"" >&6 diff --git a/include/client.h b/include/client.h index d6aa97b..a528566 100644 --- a/include/client.h +++ b/include/client.h @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: client.h,v 1.10 2002/10/31 13:01:54 fishwaldo Exp $ + * $Id: client.h,v 1.11 2002/11/04 08:14:00 fishwaldo Exp $ */ #ifndef INCLUDED_client_h @@ -30,12 +30,19 @@ #if !defined(CONFIG_H_LEVEL_7) #error Incorrect config.h for this revision of ircd. #endif +#include "common.h" +#include "stdinc.h" +#include "ircd_defs.h" + #include "ircd_defs.h" #include "ircd_handler.h" #include "linebuf.h" #include "channel.h" #include "res.h" + + + #ifdef IPV6 #define HOSTIPLEN 53 /* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */ #else @@ -222,6 +229,10 @@ struct LocalUser time_t first_received_message_time; int received_number_of_privmsgs; int flood_noticed; +#ifdef USE_SSL + SSL *ssl; /* clients SSL info, if ssl client */ + struct X509 *ssl_cert; /* clients SSL cert info, if ssl client */ +#endif /* Send and receive linebuf queues .. */ buf_head_t buf_sendq; @@ -277,6 +288,7 @@ struct LocalUser char out_key[CIPHERKEYLEN]; #endif + int fd; /* >= 0, for local clients */ #ifndef HAVE_SOCKETPAIR int fd_r; /* fd for reading */ @@ -396,6 +408,7 @@ struct LocalUser #define FLAGS_SERVLINK 0x10000 /* servlink has servlink process */ #define FLAGS_MARK 0x20000 /* marked client */ #define FLAGS_CANFLOOD 0x40000 /* client has the ability to flood */ +#define FLAGS_SSL 0x80000 /* client is connected via SSL */ /* umodes, settable flags */ #define FLAGS_SERVNOTICE 0x0001 /* server notices such as kill */ @@ -455,6 +468,7 @@ struct LocalUser #define FLAGS2_CBURST 0x10000 /* connection burst being sent */ #define FLAGS2_PING_COOKIE 0x20000 /* PING Cookie */ #define FLAGS2_IDLE_LINED 0x40000 +#define FLAGS2_SSLOK 0x80000 /* ssl connection is established */ #define FLAGS2_FLOODDONE 0x200000 /* Flood grace period has * been ended. */ @@ -501,6 +515,10 @@ struct LocalUser #define SetCanFlood(x) ((x)->flags |= FLAGS_CANFLOOD) #define ClearCanFlood(x) ((x)->flags &= FLAGS_CANFLOOD) #define IsCanFlood(x) ((x)->flags & FLAGS_CANFLOOD) +#define SetSSL(x) ((x)->flags |= FLAGS_SSL) +#define IsSSL(x) ((x)->flags & FLAGS_SSL) +#define SetSSLOK(x) ((x)->flags2 |= FLAGS2_SSLOK) +#define IsSSLOK(x) ((x)->flags2 & FLAGS2_SSLOK) /* oper flags */ diff --git a/include/linebuf.h b/include/linebuf.h index 2981d17..5ba9786 100644 --- a/include/linebuf.h +++ b/include/linebuf.h @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: linebuf.h,v 1.3 2002/09/13 06:50:06 fishwaldo Exp $ + * $Id: linebuf.h,v 1.4 2002/11/04 08:14:00 fishwaldo Exp $ */ #ifndef __LINEBUF_H__ @@ -77,7 +77,11 @@ extern int linebuf_parse(buf_head_t *, char *, int, int); extern int linebuf_get(buf_head_t *, char *, int, int, int); extern void linebuf_putmsg(buf_head_t *, const char *, va_list *, const char *, ...); +#ifdef USE_SSL +extern int linebuf_flush(int, buf_head_t *, SSL *); +#else extern int linebuf_flush(int, buf_head_t *); +#endif extern void linebuf_attach(buf_head_t *, buf_head_t *); extern void count_linebuf_memory(int *, u_long *); #endif diff --git a/include/listener.h b/include/listener.h index 8407872..462d5b7 100644 --- a/include/listener.h +++ b/include/listener.h @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: listener.h,v 1.3 2002/09/13 06:50:06 fishwaldo Exp $ + * $Id: listener.h,v 1.4 2002/11/04 08:14:00 fishwaldo Exp $ */ #ifndef INCLUDED_listener_h @@ -35,6 +35,7 @@ struct Listener { int fd; /* file descriptor */ int port; /* listener IP port */ int ref_count; /* number of connection references */ + int isssl; /* is it a ssl port? */ int active; /* current state of listener */ int index; /* index into poll array */ time_t last_accept; /* last time listener accepted */ @@ -47,7 +48,9 @@ struct Listener { char vhost[HOSTLEN + 1]; /* virtual name of listener */ }; -extern void add_listener(int port, const char* vaddr_ip); +#define IsPSSL(x) ((x)->isssl & 1) + +extern void add_listener(int port, int isssl, const char* vaddr_ip); extern void close_listener(struct Listener* listener); extern void close_listeners(void); extern const char* get_listener_name(const struct Listener* listener); diff --git a/include/setup.h.in b/include/setup.h.in index 9957707..a1bcad9 100644 --- a/include/setup.h.in +++ b/include/setup.h.in @@ -196,3 +196,7 @@ /* Define if you have the backtrace call */ #undef HAVE_BACKTRACE + +/* Define if you are using SSL */ +#undef USE_SSL + diff --git a/include/ssl.h b/include/ssl.h new file mode 100644 index 0000000..6f15f49 --- /dev/null +++ b/include/ssl.h @@ -0,0 +1,49 @@ +/* + * NeoIRCd: NeoStats Group. Based on Hybird7 + * ssl.h: The ssl header. + * + * Copyright (C) 2002 by the past and present ircd coders, and others. + * Originally from Ultimate3, modified to work with NeoIRCd + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA + * + * $Id: ssl.h,v 1.1 2002/11/04 08:14:00 fishwaldo Exp $ + */ + +#ifndef SSL_H +#define SSL_H + +#ifdef USE_SSL +#include +#include +#include +#include /* OpenSSL stuff */ +#include +#include +#include +#include +#include +#include "client.h" + + +int safe_SSL_read(struct Client *, void *, int); +int safe_SSL_write(struct Client *, const void *, int); +int safe_SSL_accept(struct Client *, int); +int SSL_smart_shutdown(struct Client *); +int initssl(void); + +#endif +#endif diff --git a/include/stdinc.h b/include/stdinc.h index 3e7b340..437cf96 100644 --- a/include/stdinc.h +++ b/include/stdinc.h @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: stdinc.h,v 1.3 2002/09/13 06:50:06 fishwaldo Exp $ + * $Id: stdinc.h,v 1.4 2002/11/04 08:14:00 fishwaldo Exp $ * */ @@ -99,3 +99,7 @@ extern int errno; #ifdef VMS #include #endif + +#ifdef USE_SSL +#include +#endif diff --git a/servlink/servlink.c b/servlink/servlink.c index c46b3b9..a895f1a 100644 --- a/servlink/servlink.c +++ b/servlink/servlink.c @@ -15,7 +15,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * - * $Id: servlink.c,v 1.2 2002/08/13 14:45:12 fishwaldo Exp $ + * $Id: servlink.c,v 1.3 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "setup.h" @@ -29,6 +29,7 @@ #include #include + #ifdef HAVE_LIBCRYPTO #include #include diff --git a/src/.depend b/src/.depend index 4651280..542bfa5 100644 --- a/src/.depend +++ b/src/.depend @@ -3,54 +3,58 @@ adns.o: adns.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/ircd_defs.h ../adns/adns.h ../include/ircd.h \ ../include/tools.h ../include/memory.h ../include/balloc.h \ ../include/irc_string.h ../include/sprintf_irc.h ../include/send.h \ - ../include/s_conf.h ../include/motd.h ../include/class.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/s_bsd.h ../include/fdlist.h \ - ../include/s_log.h ../include/event.h ../include/numeric.h \ - ../adns/internal.h ../adns/dlist.h + ../include/ssl.h ../include/s_conf.h ../include/motd.h \ + ../include/class.h ../include/client.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/s_bsd.h \ + ../include/fdlist.h ../include/s_log.h ../include/event.h \ + ../include/numeric.h ../adns/internal.h ../adns/dlist.h balloc.o: balloc.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd_defs.h \ ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/s_log.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/res.h ../include/fileio.h \ - ../adns/adns.h ../include/sprintf_irc.h ../include/fdlist.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/res.h \ + ../include/fileio.h ../adns/adns.h ../include/sprintf_irc.h \ + ../include/fdlist.h channel.o: channel.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/channel.h ../include/ircd_defs.h ../include/channel_mode.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/hash.h \ - ../include/list.h ../include/numeric.h ../include/s_serv.h \ - ../include/s_user.h ../include/send.h ../include/whowas.h \ - ../include/s_conf.h ../include/motd.h ../include/class.h \ - ../include/event.h ../include/resv.h ../include/s_log.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/hash.h ../include/list.h \ + ../include/numeric.h ../include/s_serv.h ../include/s_user.h \ + ../include/send.h ../include/whowas.h ../include/s_conf.h \ + ../include/motd.h ../include/class.h ../include/event.h \ + ../include/resv.h ../include/s_log.h channel_mode.o: channel_mode.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/channel.h ../include/ircd_defs.h ../include/channel_mode.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/hash.h \ - ../include/list.h ../include/numeric.h ../include/s_serv.h \ - ../include/s_user.h ../include/send.h ../include/whowas.h \ - ../include/s_conf.h ../include/motd.h ../include/class.h \ - ../include/event.h ../include/s_log.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/hash.h ../include/list.h \ + ../include/numeric.h ../include/s_serv.h ../include/s_user.h \ + ../include/send.h ../include/whowas.h ../include/s_conf.h \ + ../include/motd.h ../include/class.h ../include/event.h \ + ../include/s_log.h class.o: class.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ - ../include/class.h ../include/client.h ../include/ircd_defs.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/list.h \ - ../include/numeric.h ../include/s_conf.h ../include/motd.h \ - ../include/send.h ../include/s_debug.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_defs.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/list.h ../include/numeric.h \ + ../include/s_conf.h ../include/motd.h ../include/send.h \ + ../include/s_debug.h client.o: client.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/class.h ../include/channel_mode.h \ ../include/common.h ../include/event.h ../include/fdlist.h \ @@ -65,40 +69,40 @@ dynlink.o: dynlink.c ../include/stdinc.h ../include/config.h \ ../include/parse.h ../include/ircd_handler.h ../include/msg.h \ ../include/memory.h ../include/ircd_defs.h ../include/balloc.h \ ../include/tools.h ../include/s_log.h ../include/client.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/ssl.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/irc_string.h ../include/sprintf_irc.h ../include/send.h event.o: event.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd.h \ ../include/tools.h ../include/memory.h ../include/ircd_defs.h \ ../include/balloc.h ../include/event.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h \ - ../include/irc_string.h ../include/sprintf_irc.h ../include/send.h \ - ../include/s_log.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/send.h ../include/s_log.h fdlist.o: fdlist.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/fdlist.h \ ../include/ircd_defs.h ../include/res.h ../include/fileio.h \ ../adns/adns.h ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/event.h ../include/s_bsd.h \ - ../include/send.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/event.h \ + ../include/s_bsd.h ../include/send.h fileio.o: fileio.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/fileio.h \ - ../include/irc_string.h ../include/client.h ../include/ircd_defs.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ - ../include/channel.h ../include/res.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/sprintf_irc.h \ - ../include/send.h ../include/fdlist.h + ../include/irc_string.h ../include/client.h ../include/ssl.h \ + ../include/ircd_defs.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/tools.h ../include/channel.h ../include/res.h ../adns/adns.h \ + ../include/ircd.h ../include/memory.h ../include/balloc.h \ + ../include/sprintf_irc.h ../include/send.h ../include/fdlist.h getopt.o: getopt.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd_getopt.h hash.o: hash.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/s_conf.h \ ../include/fileio.h ../include/ircd_defs.h ../include/motd.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../adns/adns.h ../include/ircd.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ ../include/common.h ../include/hash.h ../include/resv.h \ ../include/numeric.h ../include/send.h ../include/s_debug.h \ @@ -111,125 +115,131 @@ hostmask.o: hostmask.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/memory.h \ ../include/ircd_defs.h ../include/balloc.h ../include/tools.h \ ../include/s_conf.h ../include/fileio.h ../include/motd.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../adns/adns.h ../include/ircd.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/hostmask.h ../include/numeric.h \ - ../include/send.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../adns/adns.h ../include/ircd.h \ + ../include/irc_string.h ../include/sprintf_irc.h ../include/hostmask.h \ + ../include/numeric.h ../include/send.h irc_string.o: irc_string.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ - ../include/irc_string.h ../include/client.h ../include/ircd_defs.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/sprintf_irc.h \ - ../include/list.h + ../include/irc_string.h ../include/client.h ../include/ssl.h \ + ../include/ircd_defs.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/sprintf_irc.h ../include/list.h ircd.o: ircd.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/ircd.h \ ../include/memory.h ../include/ircd_defs.h ../include/balloc.h \ ../include/channel.h ../include/channel_mode.h ../include/class.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h \ - ../include/irc_string.h ../include/sprintf_irc.h ../include/common.h \ - ../include/event.h ../include/fdlist.h ../include/hash.h \ - ../include/ircdauth.h ../include/ircd_signal.h ../include/list.h \ - ../include/s_gline.h ../include/motd.h ../include/md5.h \ - ../include/msg.h ../include/hostmask.h ../include/numeric.h \ - ../include/parse.h ../include/restart.h ../include/s_auth.h \ - ../include/s_bsd.h ../include/s_conf.h ../include/s_debug.h \ - ../include/s_log.h ../include/s_misc.h ../include/s_serv.h \ - ../include/s_stats.h ../include/scache.h ../include/send.h \ - ../include/whowas.h ../include/modules.h ../include/hook.h \ - ../include/ircd_getopt.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/event.h ../include/fdlist.h \ + ../include/hash.h ../include/ircdauth.h ../include/ircd_signal.h \ + ../include/list.h ../include/s_gline.h ../include/motd.h \ + ../include/md5.h ../include/msg.h ../include/hostmask.h \ + ../include/numeric.h ../include/parse.h ../include/restart.h \ + ../include/s_auth.h ../include/s_bsd.h ../include/s_conf.h \ + ../include/s_debug.h ../include/s_log.h ../include/s_misc.h \ + ../include/s_serv.h ../include/s_stats.h ../include/scache.h \ + ../include/send.h ../include/whowas.h ../include/modules.h \ + ../include/hook.h ../include/ircd_getopt.h ircd_signal.o: ircd_signal.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd_signal.h \ ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/ircd_defs.h ../include/balloc.h ../include/restart.h \ ../include/s_log.h ../include/s_bsd.h ../include/fdlist.h \ ../include/res.h ../include/fileio.h ../adns/adns.h \ - ../include/irc_string.h ../include/sprintf_irc.h + ../include/irc_string.h ../include/sprintf_irc.h ../include/send.h \ + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h kdparse.o: kdparse.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/s_log.h ../include/s_conf.h ../include/fileio.h \ ../include/ircd_defs.h ../include/motd.h ../include/class.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/res.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/hostmask.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/res.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/hostmask.h linebuf.o: linebuf.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/event.h ../include/list.h \ ../include/hook.h list.o: list.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/channel.h \ ../include/ircd_defs.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/common.h ../include/list.h \ ../include/hostmask.h ../include/numeric.h ../include/restart.h \ ../include/s_log.h ../include/send.h listener.o: listener.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/listener.h \ - ../include/ircd_defs.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/fdlist.h ../include/numeric.h \ - ../include/s_bsd.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h ../include/s_stats.h ../include/send.h + ../include/ircd_defs.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/fdlist.h ../include/numeric.h ../include/s_bsd.h \ + ../include/s_conf.h ../include/motd.h ../include/class.h \ + ../include/s_stats.h ../include/send.h m_error.o: m_error.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/handlers.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/numeric.h \ - ../include/send.h ../include/s_debug.h ../include/msg.h \ - ../include/s_log.h + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/numeric.h ../include/send.h \ + ../include/s_debug.h ../include/msg.h ../include/s_log.h match.o: match.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/irc_string.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/sprintf_irc.h + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/sprintf_irc.h md5.o: md5.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/memory.h ../include/ircd_defs.h \ ../include/balloc.h ../include/tools.h ../include/s_log.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/res.h ../include/fileio.h \ - ../adns/adns.h ../include/ircd.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/md5.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/res.h \ + ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/irc_string.h ../include/sprintf_irc.h ../include/md5.h memory.o: memory.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd_defs.h \ ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/list.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h ../include/res.h ../include/fileio.h \ - ../adns/adns.h ../include/sprintf_irc.h ../include/send.h \ - ../include/s_log.h ../include/restart.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h ../include/res.h \ + ../include/fileio.h ../adns/adns.h ../include/sprintf_irc.h \ + ../include/send.h ../include/s_log.h ../include/restart.h modules.o: modules.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/modules.h \ ../include/parse.h ../include/ircd_handler.h ../include/msg.h \ ../include/memory.h ../include/ircd_defs.h ../include/balloc.h \ ../include/tools.h ../include/s_log.h ../include/ircd.h \ - ../include/client.h ../include/linebuf.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h \ - ../include/irc_string.h ../include/sprintf_irc.h ../include/send.h \ - ../include/s_conf.h ../include/motd.h ../include/class.h \ - ../include/handlers.h ../include/numeric.h ../include/list.h + ../include/client.h ../include/ssl.h ../include/linebuf.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/send.h ../include/s_conf.h ../include/motd.h \ + ../include/class.h ../include/handlers.h ../include/numeric.h \ + ../include/list.h motd.o: motd.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/motd.h \ ../include/ircd_defs.h ../include/ircd.h ../include/memory.h \ ../include/balloc.h ../include/fdlist.h ../include/res.h \ ../include/fileio.h ../adns/adns.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/s_bsd.h ../include/s_conf.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/send.h \ - ../include/numeric.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/send.h ../include/numeric.h numeric.o: numeric.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/numeric.h \ ../include/irc_string.h ../include/common.h ../include/memory.h \ @@ -241,29 +251,31 @@ packet.o: packet.c ../include/stdinc.h ../include/config.h \ ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/s_serv.h \ - ../include/common.h ../include/list.h ../include/parse.h \ - ../include/packet.h ../include/hook.h ../include/send.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/s_serv.h ../include/common.h ../include/list.h \ + ../include/parse.h ../include/packet.h ../include/hook.h \ + ../include/send.h parse.o: parse.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/parse.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/handlers.h ../include/common.h \ - ../include/hash.h ../include/numeric.h ../include/s_log.h \ - ../include/s_stats.h ../include/send.h ../include/s_debug.h \ - ../include/msg.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h ../include/s_serv.h + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/handlers.h ../include/common.h ../include/hash.h \ + ../include/numeric.h ../include/s_log.h ../include/s_stats.h \ + ../include/send.h ../include/s_debug.h ../include/msg.h \ + ../include/s_conf.h ../include/motd.h ../include/class.h \ + ../include/s_serv.h rsa.o: rsa.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/memory.h ../include/ircd_defs.h \ ../include/balloc.h ../include/tools.h ../include/rsa.h \ ../include/s_conf.h ../include/fileio.h ../include/motd.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/channel.h ../include/res.h \ - ../adns/adns.h ../include/ircd.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/s_log.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ + ../include/res.h ../adns/adns.h ../include/ircd.h \ + ../include/irc_string.h ../include/sprintf_irc.h ../include/s_log.h restart.o: restart.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/restart.h ../include/common.h ../include/fdlist.h \ @@ -271,8 +283,8 @@ restart.o: restart.c ../include/stdinc.h ../include/config.h \ ../adns/adns.h ../include/ircd.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ ../include/send.h ../include/s_debug.h ../include/s_log.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/channel.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/channel.h resv.o: resv.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/restart.h \ ../include/common.h ../include/fdlist.h ../include/ircd_defs.h \ @@ -280,8 +292,8 @@ resv.o: resv.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/send.h ../include/s_debug.h \ ../include/numeric.h ../include/s_log.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/resv.h ../include/hash.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/resv.h ../include/hash.h s_auth.o: s_auth.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/list.h ../include/memory.h ../include/ircd_defs.h \ @@ -289,24 +301,24 @@ s_auth.o: s_auth.c ../include/stdinc.h ../include/config.h \ ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/irc_string.h ../include/sprintf_irc.h ../include/s_conf.h \ ../include/motd.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/common.h ../include/event.h ../include/fdlist.h \ - ../include/ircdauth.h ../include/numeric.h ../include/packet.h \ - ../include/s_bsd.h ../include/s_log.h ../include/s_stats.h \ - ../include/send.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/common.h ../include/event.h \ + ../include/fdlist.h ../include/ircdauth.h ../include/numeric.h \ + ../include/packet.h ../include/s_bsd.h ../include/s_log.h \ + ../include/s_stats.h ../include/send.h s_bsd.o: s_bsd.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/fdlist.h \ ../include/ircd_defs.h ../include/res.h ../include/fileio.h \ ../adns/adns.h ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ ../include/s_bsd.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/common.h ../include/event.h ../include/ircdauth.h \ - ../include/list.h ../include/listener.h ../include/numeric.h \ - ../include/packet.h ../include/restart.h ../include/s_auth.h \ - ../include/s_conf.h ../include/motd.h ../include/s_log.h \ - ../include/s_serv.h ../include/s_stats.h ../include/send.h \ - ../include/s_debug.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/common.h ../include/event.h \ + ../include/ircdauth.h ../include/list.h ../include/listener.h \ + ../include/numeric.h ../include/packet.h ../include/restart.h \ + ../include/s_auth.h ../include/s_conf.h ../include/motd.h \ + ../include/s_log.h ../include/s_serv.h ../include/s_stats.h \ + ../include/send.h ../include/s_debug.h s_bsd_kqueue.o: s_bsd_kqueue.c ../include/config.h ../include/setup.h \ ../include/defaults.h s_bsd_poll.o: s_bsd_poll.c ../include/config.h ../include/setup.h \ @@ -315,12 +327,13 @@ s_bsd_poll.o: s_bsd_poll.c ../include/config.h ../include/setup.h \ ../adns/adns.h ../include/ircd.h ../include/tools.h ../include/memory.h \ ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ ../include/s_bsd.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/common.h ../include/ircdauth.h ../include/list.h \ - ../include/listener.h ../include/numeric.h ../include/packet.h \ - ../include/restart.h ../include/s_auth.h ../include/s_conf.h \ - ../include/motd.h ../include/s_log.h ../include/s_serv.h \ - ../include/s_stats.h ../include/send.h ../include/s_debug.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/common.h ../include/ircdauth.h \ + ../include/list.h ../include/listener.h ../include/numeric.h \ + ../include/packet.h ../include/restart.h ../include/s_auth.h \ + ../include/s_conf.h ../include/motd.h ../include/s_log.h \ + ../include/s_serv.h ../include/s_stats.h ../include/send.h \ + ../include/s_debug.h s_bsd_select.o: s_bsd_select.c ../include/config.h ../include/setup.h \ ../include/defaults.h s_bsd_devpoll.o: s_bsd_devpoll.c ../include/config.h ../include/setup.h \ @@ -331,63 +344,63 @@ s_conf.o: s_conf.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/ircd_defs.h \ ../include/tools.h ../include/s_conf.h ../include/fileio.h \ ../include/motd.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ - ../include/res.h ../adns/adns.h ../include/ircd.h ../include/memory.h \ - ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ - ../include/s_serv.h ../include/resv.h ../include/s_stats.h \ - ../include/common.h ../include/event.h ../include/hash.h \ - ../include/list.h ../include/listener.h ../include/hostmask.h \ - ../include/modules.h ../include/parse.h ../include/msg.h \ - ../include/numeric.h ../include/fdlist.h ../include/s_bsd.h \ - ../include/s_log.h ../include/send.h ../include/s_gline.h \ - ../include/s_debug.h + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/channel.h ../include/res.h ../adns/adns.h ../include/ircd.h \ + ../include/memory.h ../include/balloc.h ../include/irc_string.h \ + ../include/sprintf_irc.h ../include/s_serv.h ../include/resv.h \ + ../include/s_stats.h ../include/common.h ../include/event.h \ + ../include/hash.h ../include/list.h ../include/listener.h \ + ../include/hostmask.h ../include/modules.h ../include/parse.h \ + ../include/msg.h ../include/numeric.h ../include/fdlist.h \ + ../include/s_bsd.h ../include/s_log.h ../include/send.h \ + ../include/s_gline.h ../include/s_debug.h s_debug.o: s_debug.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/s_debug.h ../include/channel.h ../include/ircd_defs.h \ - ../include/class.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/res.h ../include/fileio.h \ - ../adns/adns.h ../include/ircd.h ../include/memory.h \ - ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ - ../include/common.h ../include/fdlist.h ../include/hash.h \ - ../include/list.h ../include/numeric.h ../include/s_conf.h \ - ../include/motd.h ../include/s_log.h ../include/scache.h \ - ../include/send.h ../include/whowas.h + ../include/class.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/res.h \ + ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/memory.h ../include/balloc.h ../include/irc_string.h \ + ../include/sprintf_irc.h ../include/common.h ../include/fdlist.h \ + ../include/hash.h ../include/list.h ../include/numeric.h \ + ../include/s_conf.h ../include/motd.h ../include/s_log.h \ + ../include/scache.h ../include/send.h ../include/whowas.h s_gline.o: s_gline.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/handlers.h ../include/channel.h ../include/ircd_defs.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/m_kline.h \ - ../include/hostmask.h ../include/numeric.h ../include/fdlist.h \ - ../include/s_bsd.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h ../include/s_misc.h ../include/scache.h \ - ../include/send.h ../include/msg.h ../include/s_serv.h \ - ../include/s_gline.h ../include/hash.h ../include/event.h \ - ../include/list.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/m_kline.h ../include/hostmask.h \ + ../include/numeric.h ../include/fdlist.h ../include/s_bsd.h \ + ../include/s_conf.h ../include/motd.h ../include/class.h \ + ../include/s_misc.h ../include/scache.h ../include/send.h \ + ../include/msg.h ../include/s_serv.h ../include/s_gline.h \ + ../include/hash.h ../include/event.h ../include/list.h s_log.o: s_log.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/client.h \ - ../include/ircd_defs.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/tools.h ../include/channel.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/ssl.h ../include/ircd_defs.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/tools.h ../include/channel.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/s_log.h ../include/s_misc.h \ ../include/event.h ../include/s_conf.h ../include/motd.h \ ../include/class.h s_misc.o: s_misc.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/s_misc.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/numeric.h \ - ../include/fdlist.h ../include/s_bsd.h ../include/s_conf.h \ - ../include/motd.h ../include/class.h ../include/s_serv.h \ - ../include/send.h + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/numeric.h ../include/fdlist.h \ + ../include/s_bsd.h ../include/s_conf.h ../include/motd.h \ + ../include/class.h ../include/s_serv.h ../include/send.h s_serv.o: s_serv.c ../include/stdinc.h ../include/config.h \ - ../include/setup.h ../include/defaults.h ../include/rsa.h \ - ../include/tools.h ../include/s_serv.h ../include/channel_mode.h \ - ../include/ircd_defs.h ../include/class.h ../include/client.h \ + ../include/setup.h ../include/defaults.h ../include/tools.h \ + ../include/s_serv.h ../include/channel_mode.h ../include/ircd_defs.h \ + ../include/class.h ../include/client.h ../include/ssl.h \ ../include/ircd_handler.h ../include/linebuf.h ../include/channel.h \ ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ @@ -397,21 +410,22 @@ s_serv.o: s_serv.c ../include/stdinc.h ../include/config.h \ ../include/s_bsd.h ../include/s_conf.h ../include/motd.h \ ../include/s_log.h ../include/s_stats.h ../include/s_user.h \ ../include/scache.h ../include/send.h ../include/s_debug.h \ - ../include/hook.h + ../include/hook.h ../include/resv.h ../include/s_gline.h s_stats.o: s_stats.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/s_stats.h \ - ../include/client.h ../include/ircd_defs.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/numeric.h ../include/fdlist.h \ - ../include/s_bsd.h ../include/send.h + ../include/client.h ../include/ssl.h ../include/ircd_defs.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/numeric.h ../include/fdlist.h ../include/s_bsd.h \ + ../include/send.h s_user.o: s_user.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h \ ../include/s_user.h ../include/channel.h ../include/ircd_defs.h \ ../include/channel_mode.h ../include/class.h ../include/client.h \ - ../include/ircd_handler.h ../include/linebuf.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/ssl.h ../include/ircd_handler.h ../include/linebuf.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/common.h ../include/fdlist.h \ ../include/hash.h ../include/list.h ../include/listener.h \ @@ -422,45 +436,54 @@ s_user.o: s_user.c ../include/stdinc.h ../include/config.h \ ../include/md5.h ../include/packet.h scache.o: scache.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/client.h \ - ../include/ircd_defs.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/tools.h ../include/channel.h ../include/res.h \ - ../include/fileio.h ../adns/adns.h ../include/ircd.h \ + ../include/ssl.h ../include/ircd_defs.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/tools.h ../include/channel.h \ + ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ ../include/memory.h ../include/balloc.h ../include/irc_string.h \ ../include/sprintf_irc.h ../include/common.h ../include/numeric.h \ ../include/send.h ../include/scache.h send.o: send.c ../include/stdinc.h ../include/config.h ../include/setup.h \ ../include/defaults.h ../include/tools.h ../include/send.h \ ../include/channel.h ../include/ircd_defs.h ../include/class.h \ - ../include/client.h ../include/ircd_handler.h ../include/linebuf.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/handlers.h \ - ../include/numeric.h ../include/fdlist.h ../include/s_bsd.h \ - ../include/s_serv.h ../include/s_conf.h ../include/motd.h \ - ../include/list.h ../include/s_debug.h ../include/s_log.h \ - ../include/hook.h + ../include/client.h ../include/ssl.h ../include/ircd_handler.h \ + ../include/linebuf.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/handlers.h ../include/numeric.h \ + ../include/fdlist.h ../include/s_bsd.h ../include/s_serv.h \ + ../include/s_conf.h ../include/motd.h ../include/list.h \ + ../include/s_debug.h ../include/s_log.h ../include/hook.h sprintf_irc.o: sprintf_irc.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/sprintf_irc.h \ ../include/irc_string.h +ssl.o: ssl.c ../include/stdinc.h ../include/config.h ../include/setup.h \ + ../include/defaults.h ../include/ircd_defs.h ../include/s_log.h \ + ../include/common.h ../include/ssl.h ../include/client.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/send.h tools.o: tools.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/tools.h whowas.o: whowas.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/whowas.h \ - ../include/ircd_defs.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/hash.h \ - ../include/numeric.h ../include/s_serv.h ../include/s_user.h \ - ../include/send.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h + ../include/ircd_defs.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/hash.h ../include/numeric.h \ + ../include/s_serv.h ../include/s_user.h ../include/send.h \ + ../include/s_conf.h ../include/motd.h ../include/class.h cloak.o: cloak.c ../include/stdinc.h ../include/config.h \ ../include/setup.h ../include/defaults.h ../include/whowas.h \ - ../include/ircd_defs.h ../include/client.h ../include/ircd_handler.h \ - ../include/linebuf.h ../include/tools.h ../include/channel.h \ - ../include/res.h ../include/fileio.h ../adns/adns.h ../include/ircd.h \ - ../include/memory.h ../include/balloc.h ../include/irc_string.h \ - ../include/sprintf_irc.h ../include/common.h ../include/hash.h \ - ../include/numeric.h ../include/s_serv.h ../include/s_user.h \ - ../include/send.h ../include/s_conf.h ../include/motd.h \ - ../include/class.h + ../include/ircd_defs.h ../include/client.h ../include/ssl.h \ + ../include/ircd_handler.h ../include/linebuf.h ../include/tools.h \ + ../include/channel.h ../include/res.h ../include/fileio.h \ + ../adns/adns.h ../include/ircd.h ../include/memory.h \ + ../include/balloc.h ../include/irc_string.h ../include/sprintf_irc.h \ + ../include/common.h ../include/hash.h ../include/numeric.h \ + ../include/s_serv.h ../include/s_user.h ../include/send.h \ + ../include/s_conf.h ../include/motd.h ../include/class.h \ + ../include/s_log.h diff --git a/src/Makefile.in b/src/Makefile.in index 863d1d5..595b84c 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -1,7 +1,7 @@ # # Makefile.in for ircd/src # -# $Id: Makefile.in,v 1.3 2002/09/02 04:11:00 fishwaldo Exp $ +# $Id: Makefile.in,v 1.4 2002/11/04 08:14:00 fishwaldo Exp $ # CC = @CC@ INSTALL = @INSTALL@ @@ -106,6 +106,7 @@ BASE_SRCS = \ send.c \ sprintf_irc.c \ @SNPRINTF_C@ \ + ssl.c \ tools.c \ whowas.c \ cloak.c diff --git a/src/adns.c b/src/adns.c index 9db8cab..113f1b7 100644 --- a/src/adns.c +++ b/src/adns.c @@ -20,7 +20,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: adns.c,v 1.4 2002/10/31 13:01:57 fishwaldo Exp $ + * $Id: adns.c,v 1.5 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -29,6 +29,7 @@ #include "fileio.h" #include "res.h" #include "send.h" +#include "stdinc.h" #include "s_conf.h" #include "s_bsd.h" #include "s_log.h" diff --git a/src/ircd.c b/src/ircd.c index 820bef6..cf63d60 100644 --- a/src/ircd.c +++ b/src/ircd.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: ircd.c,v 1.7 2002/09/13 16:30:04 fishwaldo Exp $ + * $Id: ircd.c,v 1.8 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -623,6 +623,7 @@ int main(int argc, char *argv[]) /* Init the event subsystem */ eventInit(); init_sys(); + initssl(); if (!server_state.foreground) { diff --git a/src/ircd_lexer.l b/src/ircd_lexer.l index 929f048..61187ae 100644 --- a/src/ircd_lexer.l +++ b/src/ircd_lexer.l @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: ircd_lexer.l,v 1.7 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: ircd_lexer.l,v 1.8 2002/11/04 08:14:00 fishwaldo Exp $ */ %option case-insensitive @@ -164,6 +164,7 @@ dot_in_ip6_addr { return DOT_IN_IP6_ADDR; } dots_in_ident { return DOTS_IN_IDENT; } egdpool_path { return EGDPOOL_PATH; } email { return EMAIL; } +enable_ssl { return ENABLESSL; } encrypted { return ENCRYPTED; } exceed_limit { return EXCEED_LIMIT; } exempt { return EXEMPT; } diff --git a/src/ircd_parser.y b/src/ircd_parser.y index 75b01a7..3fc8bf3 100644 --- a/src/ircd_parser.y +++ b/src/ircd_parser.y @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: ircd_parser.y,v 1.12 2002/10/31 13:18:11 fishwaldo Exp $ + * $Id: ircd_parser.y,v 1.13 2002/11/04 08:14:00 fishwaldo Exp $ */ %{ @@ -77,6 +77,7 @@ int class_max_number_var; int class_sendq_var; static char *listener_address; +static int listener_ssl; char *resv_reason; @@ -126,6 +127,7 @@ int class_redirport_var; %token DOTS_IN_IDENT %token EGDPOOL_PATH %token EMAIL +%token ENABLESSL %token ENCRYPTED %token EXCEED_LIMIT %token EXEMPT @@ -952,17 +954,19 @@ class_sendq: SENDQ '=' sizespec ';' listen_entry: LISTEN { listener_address = NULL; + listener_ssl = -1; } '{' listen_items '}' ';' { MyFree(listener_address); listener_address = NULL; + listener_ssl = -1; }; listen_items: listen_items listen_item | listen_item; -listen_item: listen_port | listen_address | listen_host | error; +listen_item: listen_port | listen_address | listen_host | listen_ssl | error; listen_port: PORT '=' port_items ';' ; @@ -970,13 +974,13 @@ port_items: port_items ',' port_item | port_item; port_item: NUMBER { - add_listener($1, listener_address); + add_listener($1, listener_ssl, listener_address); } | NUMBER TWODOTS NUMBER { int i; for (i = $1; i <= $3; i++) { - add_listener(i, listener_address); + add_listener(i, listener_ssl, listener_address); } }; @@ -984,6 +988,7 @@ listen_address: IP '=' QSTRING ';' { MyFree(listener_address); DupString(listener_address, yylval.string); + }; listen_host: HOST '=' QSTRING ';' @@ -991,6 +996,11 @@ listen_host: HOST '=' QSTRING ';' MyFree(listener_address); DupString(listener_address, yylval.string); }; +listen_ssl: ENABLESSL '=' TYES ';' + { + listener_ssl = 1; + }; + /*************************************************************************** * section auth diff --git a/src/linebuf.c b/src/linebuf.c index 5160e42..3acd787 100644 --- a/src/linebuf.c +++ b/src/linebuf.c @@ -20,7 +20,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: linebuf.c,v 1.5 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: linebuf.c,v 1.6 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -629,8 +629,13 @@ linebuf_putmsg(buf_head_t *bufhead, const char *format, va_list *va_args, * and tag it so that we don't re-schedule another write until * we have a CRLF. */ +#ifdef USE_SSL +int +linebuf_flush(int fd, buf_head_t *bufhead, SSL *ssl) +#else int linebuf_flush(int fd, buf_head_t *bufhead) +#endif { buf_line_t *bufline; int retval; @@ -660,9 +665,14 @@ linebuf_flush(int fd, buf_head_t *bufhead) } /* Now, try writing data */ - retval = send(fd, bufline->buf + bufhead->writeofs, bufline->len +#ifdef USE_SSL + if (ssl != NULL) + retval = safe_SSL_write(ssl, bufline->buf + bufhead->writeofs, bufline->len - bufhead->writeofs); + else +#endif + retval = send(fd, bufline->buf + bufhead->writeofs, bufline->len - bufhead->writeofs, 0); - +printf("send retval %d\n", retval); /* Deal with return code */ if (retval < 0) return retval; diff --git a/src/listener.c b/src/listener.c index 67e60e9..a75420f 100644 --- a/src/listener.c +++ b/src/listener.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: listener.c,v 1.4 2002/09/13 16:30:04 fishwaldo Exp $ + * $Id: listener.c,v 1.5 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -60,6 +60,7 @@ make_listener(int port, struct irc_inaddr *addr) listener->name = me.name; listener->fd = -1; + listener->isssl = -1; copy_s_addr(IN_ADDR(listener->addr),PIN_ADDR(addr)); listener->port = port; @@ -109,8 +110,8 @@ get_listener_name(const struct Listener* listener) assert(NULL != listener); if(listener == NULL) return NULL; - ircsprintf(buf, "%s[%s/%u]", - me.name, listener->name, listener->port); + ircsprintf(buf, "%s[%s/%u]%s", + me.name, listener->name, listener->port, listener->isssl ? "SSL" : "Normal"); return buf; } @@ -134,7 +135,8 @@ show_ports(struct Client* source_p) listener->port, IsOperAdmin(source_p) ? listener->name : me.name, listener->ref_count, - (listener->active)?"active":"disabled"); + (listener->active)?"active":"disabled", + (listener->isssl > 0)?"SSL":"NORMAL"); } } @@ -271,7 +273,7 @@ find_listener(int port, struct irc_inaddr *addr) * the format "255.255.255.255" */ void -add_listener(int port, const char* vhost_ip) +add_listener(int port, int isssl, const char* vhost_ip) { struct Listener* listener; struct irc_inaddr vaddr; @@ -307,6 +309,11 @@ add_listener(int port, const char* vhost_ip) } listener->fd = -1; + if (isssl > 0) + listener->isssl = 1; + else + listener->isssl = -1; + if (inetport(listener)) listener->active = 1; @@ -421,7 +428,11 @@ accept_connection(int pfd, void *data) get_listener_name(listener)); last_oper_notice = CurrentTime; } - send(fd, "ERROR :All connections in use\r\n", 32, 0); +#ifdef USE_SSL + if(listener->isssl < 0) +#endif + send(fd, "ERROR :All connections in use\r\n", 32, 0); + fd_close(fd); /* Re-register a new IO request for the next accept .. */ comm_setselect(listener->fd, FDLIST_SERVICE, COMM_SELECT_READ, @@ -437,10 +448,16 @@ accept_connection(int pfd, void *data) switch (pe) { case BANNED_CLIENT: - send(fd, DLINE_WARNING, sizeof(DLINE_WARNING)-1, 0); +#ifdef USE_SSL + if (listener->isssl < 0) +#endif + send(fd, DLINE_WARNING, sizeof(DLINE_WARNING)-1, 0); break; case TOO_FAST: - send(fd, TOOFAST_WARNING, sizeof(TOOFAST_WARNING)-1, 0); +#ifdef USE_SSL + if (listener->isssl < 0) +#endif + send(fd, TOOFAST_WARNING, sizeof(TOOFAST_WARNING)-1, 0); break; } fd_close(fd); diff --git a/src/messages.tab b/src/messages.tab index 1b02196..e87c641 100644 --- a/src/messages.tab +++ b/src/messages.tab @@ -16,7 +16,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * - * $Id: messages.tab,v 1.7 2002/09/21 06:26:13 fishwaldo Exp $ + * $Id: messages.tab,v 1.8 2002/11/04 08:14:00 fishwaldo Exp $ */ static char * replies[] = { @@ -240,7 +240,7 @@ static char * replies[] = { /* 217 RPL_STATSQLINE, */ ":%s 217 %s %c %s :%s", /* 218 RPL_STATSYLINE, */ ":%s 218 %s %c %s %d %d %d %lu", /* 219 RPL_ENDOFSTATS, */ ":%s 219 %s %s :End of /STATS report", -/* 220 RPL_STATSPLINE, */ ":%s 220 %s %c %d %s %d :%s", +/* 220 RPL_STATSPLINE, */ ":%s 220 %s %c %d %s %d :%s %s", /* 221 RPL_UMODEIS, */ ":%s 221 %s %s", /* 222 */ NULL, /* 223 */ NULL, diff --git a/src/packet.c b/src/packet.c index 0eaaf4c..28ed21e 100644 --- a/src/packet.c +++ b/src/packet.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: packet.c,v 1.5 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: packet.c,v 1.6 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" #include "tools.h" @@ -377,8 +377,24 @@ read_packet(int fd, void *data) * I personally think it makes the code too hairy to make sane. * -- adrian */ - length = recv(fd_r, readBuf, READBUF_SIZE, 0); + +#ifdef USE_SSL + if (IsSSL(client_p)) + length = safe_SSL_read(client_p, readBuf, READBUF_SIZE); + if (!IsSSLOK(client_p) && length > 0) { + SetSSLOK(client_p); + start_auth(client_p); + } else if (length == 0) { + comm_setselect(fd_r, FDLIST_SERVICE, COMM_SELECT_READ, read_packet, client_p, 0); + return; + } + + else +#endif + length = recv(fd_r, readBuf, READBUF_SIZE, 0); +printf("leng %d\n", length); +/* THIS WAS <= 0, should it stay? */ if (length <= 0) { if((length == -1) && ignoreErrno(errno)) @@ -428,6 +444,7 @@ read_packet(int fd, void *data) lclient_p->actually_read += lbuf_len; + /* Attempt to parse what we have */ parse_client_queued(client_p); diff --git a/src/s_auth.c b/src/s_auth.c index 4c7e5c1..2d5c304 100644 --- a/src/s_auth.c +++ b/src/s_auth.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: s_auth.c,v 1.7 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: s_auth.c,v 1.8 2002/11/04 08:14:00 fishwaldo Exp $ */ /* @@ -90,6 +90,9 @@ typedef enum { #define sendheader(c, r) \ send((c)->localClient->fd, HeaderMessages[(r)].message, HeaderMessages[(r)].length, 0) +#define sendsslheader(c, r) \ + safe_SSL_write(c, HeaderMessages[(r)].message, HeaderMessages[(r)].length) + /* */ dlink_list auth_client_list; @@ -196,8 +199,18 @@ auth_dns_callback(void* vptr, adns_answer* reply) if(strlen(*reply->rrs.str) <= HOSTLEN) { strlcpy(auth->client->host, *reply->rrs.str, sizeof(auth->client->host)); - sendheader(auth->client, REPORT_FIN_DNS); +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FIN_DNS); + else +#endif + sendheader(auth->client, REPORT_FIN_DNS); } else +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_HOST_TOOLONG); + else +#endif sendheader(auth->client, REPORT_HOST_TOOLONG); } else @@ -213,6 +226,11 @@ auth_dns_callback(void* vptr, adns_answer* reply) return; } #endif +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FAIL_DNS); + else +#endif sendheader(auth->client, REPORT_FAIL_DNS); } @@ -246,6 +264,11 @@ static void auth_error(struct AuthRequest* auth) auth->fd = -1; ClearAuth(auth); +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FAIL_ID); + else +#endif sendheader(auth->client, REPORT_FAIL_ID); if (!IsDNSPending(auth)) @@ -293,6 +316,11 @@ static int start_auth_query(struct AuthRequest* auth) return 0; } +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_DO_ID); + else +#endif sendheader(auth->client, REPORT_DO_ID); if (!set_non_blocking(fd)) { @@ -404,6 +432,11 @@ void start_auth(struct Client* client) client->localClient->dns_query->ptr = auth; client->localClient->dns_query->callback = auth_dns_callback; +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_DO_DNS); + else +#endif sendheader(client, REPORT_DO_DNS); /* No DNS cache now, remember? -- adrian */ @@ -435,12 +468,23 @@ timeout_auth_queries_event(void *notused) if (auth->fd >= 0) fd_close(auth->fd); - if (IsDoingAuth(auth)) + if (IsDoingAuth(auth)) { +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FAIL_ID); + else +#endif sendheader(auth->client, REPORT_FAIL_ID); + } if (IsDNSPending(auth)) { delete_adns_queries(auth->client->localClient->dns_query); auth->client->localClient->dns_query->query = NULL; +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FAIL_DNS); + else +#endif sendheader(auth->client, REPORT_FAIL_DNS); } ilog(L_INFO, "DNS/AUTH timeout %s", @@ -577,6 +621,11 @@ read_auth_reply(int fd, void *data) } else { +#ifdef USE_SSL + if (IsSSL(auth->client)) + sendsslheader(auth->client, REPORT_FIN_ID); + else +#endif sendheader(auth->client, REPORT_FIN_ID); ++ServerStats->is_asuc; SetGotId(auth->client); diff --git a/src/s_bsd.c b/src/s_bsd.c index 472207b..603c567 100644 --- a/src/s_bsd.c +++ b/src/s_bsd.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: s_bsd.c,v 1.8 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: s_bsd.c,v 1.9 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -47,9 +47,11 @@ #include "s_stats.h" #include "send.h" #include "s_debug.h" +#ifdef USE_SSL +#include "ssl.h" +#endif #include "memory.h" - #ifndef IN_LOOPBACKNET #define IN_LOOPBACKNET 0x7f #endif @@ -350,6 +352,7 @@ void add_connection(struct Listener* listener, int fd) socklen_t len = sizeof(struct irc_sockaddr); struct irc_sockaddr irn; + int ssl_ret; assert(NULL != listener); #ifdef USE_IAUTH @@ -418,10 +421,59 @@ void add_connection(struct Listener* listener, int fd) new_client->localClient->listener = listener; ++listener->ref_count; +#ifdef USE_SSL + if (listener->isssl > 0) + { + extern SSL_CTX *ircdssl_ctx; + + new_client->localClient->ssl = NULL; + + /* init the ssl stuff */ + if ((new_client->localClient->ssl = SSL_new(ircdssl_ctx)) == NULL) + { + sendto_realops_flags(FLAGS_DEBUG, L_ALL, "SSL creation of new client failed (Client %s)", new_client->localClient->sockhost); + ServerStats->is_ref++; + fd_close(fd); + free_client(new_client); + return; + --listener->ref_count; + } + SetSSL(new_client); + SSL_set_fd(new_client->localClient->ssl, fd); + } +#endif + if (!set_non_blocking(new_client->localClient->fd)) report_error(L_ALL, NONB_ERROR_MSG, get_client_name(new_client, SHOW_IP), errno); if (!disable_sock_options(new_client->localClient->fd)) report_error(L_ALL, OPT_ERROR_MSG, get_client_name(new_client, SHOW_IP), errno); + +#ifdef USE_SSL + /* now accept the ssl connection */ + if (IsSSL(new_client)) + { + ssl_ret = safe_SSL_accept(new_client, fd); + + if (ssl_ret < 0 ) + { + SSL_set_shutdown(new_client->localClient->ssl, SSL_RECEIVED_SHUTDOWN); + SSL_smart_shutdown(new_client); + SSL_free(new_client->localClient->ssl); + ServerStats->is_ref++; + fd_close(fd); + free_client(new_client); + return; + --listener->ref_count; + return; + } + /* ssl still wants to talk */ + if (ssl_ret == 0) + read_packet(new_client->localClient->fd, new_client); + return; + + ilog(L_DEBUG, "SSL accept was successfull"); + } +#endif start_auth(new_client); } diff --git a/src/send.c b/src/send.c index 7e84319..380a997 100644 --- a/src/send.c +++ b/src/send.c @@ -19,7 +19,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: send.c,v 1.9 2002/10/31 13:01:58 fishwaldo Exp $ + * $Id: send.c,v 1.10 2002/11/04 08:14:00 fishwaldo Exp $ */ #include "stdinc.h" @@ -296,7 +296,12 @@ send_queued_write(int fd, void *data) if (linebuf_len(&to->localClient->buf_sendq)) { +#ifdef USE_SSL + + while((retlen = linebuf_flush(to->localClient->fd, &to->localClient->buf_sendq, to->localClient->ssl)) > 0) +#else while((retlen = linebuf_flush(to->localClient->fd, &to->localClient->buf_sendq)) > 0) +#endif { /* We have some data written .. update counters */ #ifndef NDEBUG diff --git a/src/ssl.c b/src/ssl.c new file mode 100644 index 0000000..3cf1df6 --- /dev/null +++ b/src/ssl.c @@ -0,0 +1,273 @@ +/* + * NeoIRCd: NeoStats Group. Based on Hybird7 + * ssl.c: Listens on a port. + * + * Copyright (C) 2002 by the past and present ircd coders, and others. + * Originally copied from Ultimate3, modified to work with NeoIRCd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA + * + * $Id: ssl.c,v 1.1 2002/11/04 08:14:01 fishwaldo Exp $ + */ + +#include "stdinc.h" +#include "config.h" +#include "ircd_defs.h" +#include "s_log.h" +#include "common.h" +#include "ssl.h" +#include "client.h" +#include "send.h" + +#ifdef USE_SSL +#define IRCDSSL_CPATH "/home/fish/ircd/etc/ircd.crt" +#define IRCDSSL_KPATH "/home/fish/ircd/etc/ircd.key" + + +#define SAFE_SSL_READ 1 +#define SAFE_SSL_WRITE 2 +#define SAFE_SSL_ACCEPT 3 + +extern int errno; + +SSL_CTX *ircdssl_ctx; +int ssl_capable = 0; + +int +initssl (void) +{ + SSL_load_error_strings (); + SSLeay_add_ssl_algorithms (); + ircdssl_ctx = SSL_CTX_new (SSLv23_server_method ()); + if (!ircdssl_ctx) + { + ilog(L_ERROR, "initssl(): Failed to Create SSL context"); + return 0; + } + if (SSL_CTX_use_certificate_file (ircdssl_ctx, + IRCDSSL_CPATH, SSL_FILETYPE_PEM) <= 0) + { + ilog(L_ERROR, "initssl(): Failed to initilize SSL Certificate File"); + SSL_CTX_free (ircdssl_ctx); + return 0; + } + if (SSL_CTX_use_PrivateKey_file (ircdssl_ctx, + IRCDSSL_KPATH, SSL_FILETYPE_PEM) <= 0) + { + ilog(L_ERROR, "initssl(): Failed to use Private Certificate"); + SSL_CTX_free (ircdssl_ctx); + return 0; + } + if (!SSL_CTX_check_private_key (ircdssl_ctx)) + { + ilog(L_ERROR, "Server certificate does not match Server key"); + SSL_CTX_free (ircdssl_ctx); + return 0; + } + ilog(L_INFO, "SSL Initilized Successfully"); + return 1; +} + +static int fatal_ssl_error (int, int, struct Client *); + +int +safe_SSL_read (struct Client * client_p, void *buf, int sz) +{ + int len, ssl_err; + + len = SSL_read(client_p->localClient->ssl, buf, sz); +printf("ssl read %s\n", buf); + + if (len <= 0) + { + switch (ssl_err = SSL_get_error (client_p->localClient->ssl, len)) + { + case SSL_ERROR_SYSCALL: + if (errno == EWOULDBLOCK || errno == EAGAIN || errno == EINTR) + { + case SSL_ERROR_WANT_READ: + errno = EWOULDBLOCK; +#ifdef DEBUG + printf("SSL_ERROR_WANT_READ\n"); + fatal_ssl_error(ssl_err, SAFE_SSL_READ, client_p); +#endif + return -1; + } + case SSL_ERROR_SSL: +#ifdef DEBUG + printf("SSL_ERROR_SSL\n"); + fatal_ssl_error(ssl_err, SAFE_SSL_READ, client_p); +#endif + if (errno == EAGAIN) + return -1; + default: + printf("fatal error\n"); + return fatal_ssl_error (ssl_err, SAFE_SSL_READ, client_p); + } + } + return len; +} + +int +safe_SSL_write (struct Client *client_p, const void *buf, int sz) +{ + int len, ssl_err; + +printf("ssl write %s %d(%d)\n", buf, strlen(buf), sz); + len = SSL_write (client_p->localClient->ssl, buf, sz); +printf("len %d\n", len); + if (len <= 0) + { + switch (ssl_err = SSL_get_error (client_p->localClient->ssl, len)) + { + case SSL_ERROR_SYSCALL: + if (errno == EWOULDBLOCK || errno == EAGAIN || errno == EINTR) + { + case SSL_ERROR_WANT_WRITE: + errno = EWOULDBLOCK; + return 0; + } + case SSL_ERROR_SSL: + if (errno == EAGAIN) + return 0; + default: + return fatal_ssl_error (ssl_err, SAFE_SSL_WRITE, client_p); + } + } + return len; +} + +int +safe_SSL_accept (struct Client *client_p, int fd) +{ + + int ssl_err; + + if ((ssl_err = SSL_accept (client_p->localClient->ssl)) <= 0) + { + switch (ssl_err = SSL_get_error (client_p->localClient->ssl, ssl_err)) + { + case SSL_ERROR_SYSCALL: + if (errno == EINTR || errno == EWOULDBLOCK || errno == EAGAIN) + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + /* handshake will be completed later . . */ +#ifdef DEBUG + fatal_ssl_error(ssl_err, SAFE_SSL_ACCEPT, client_p); +#endif + return 0; + default: + return fatal_ssl_error (ssl_err, SAFE_SSL_ACCEPT, client_p); + + } + /* NOTREACHED */ + return -1; + } + return 1; +} + +int +SSL_smart_shutdown (struct Client *client_p) +{ + char i; + int rc; + + rc = 0; + for (i = 0; i < 4; i++) + { + if ((rc = SSL_shutdown (client_p->localClient->ssl))) + break; + } + + return rc; +} + +static int +fatal_ssl_error (int ssl_error, int where, struct Client *client_p) +{ + /* don`t alter errno */ + int errtmp = errno; + char *errstr = strerror (errtmp); + char *ssl_errstr, *ssl_func; + + switch (where) + { + case SAFE_SSL_READ: + ssl_func = "SSL_read()"; + break; + case SAFE_SSL_WRITE: + ssl_func = "SSL_write()"; + break; + case SAFE_SSL_ACCEPT: + ssl_func = "SSL_accept()"; + break; + default: + ssl_func = + "undefined SSL func [this is a bug] reporto to fish@dynam.ac"; + } + + switch (ssl_error) + { + case SSL_ERROR_NONE: + ssl_errstr = "No error"; + break; + case SSL_ERROR_SSL: + ssl_errstr = "Internal OpenSSL error or protocol error"; + break; + case SSL_ERROR_WANT_READ: + ssl_errstr = "OpenSSL functions requested a read()"; + break; + case SSL_ERROR_WANT_WRITE: + ssl_errstr = "OpenSSL functions requested a write()"; + break; + case SSL_ERROR_WANT_X509_LOOKUP: + ssl_errstr = "OpenSSL requested a X509 lookup which didn`t arrive"; + break; + case SSL_ERROR_SYSCALL: + ssl_errstr = "Underlying syscall error"; + break; + case SSL_ERROR_ZERO_RETURN: + ssl_errstr = "Underlying socket operation returned zero"; + break; + case SSL_ERROR_WANT_CONNECT: + ssl_errstr = "OpenSSL functions wanted a connect()"; + break; + default: + ssl_errstr = "Unknown OpenSSL error (huh?)"; + } + + sendto_realops_flags(FLAGS_DEBUG,L_ALL, "%s to %s!%s@%s aborted with %serror (%s). [%s]", + ssl_func, client_p->name ? client_p->name : "", + client_p->username, + client_p->host, + (errno > 0) ? " " : " no ", errstr, ssl_errstr); + ilog (L_ERROR, "SSL error in %s: %s [%s]", ssl_func, errstr, ssl_errstr); + + /* if we reply() something here, we might just trigger another + * fatal_ssl_error() call and loop until a stack overflow... + * the client won`t get the ERROR : ... string, but this is + * the only way to do it. + * IRC protocol wasn`t SSL enabled .. --vejeta + */ + + errno = errtmp ? errtmp : EIO; /* Stick a generic I/O error */ +#if 0 + sptr->sockerr = IRCERR_SSL; + sptr->flags |= FLAGS_DEADSOCKET; +#endif + return -1; +} +#endif