ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/conf_parser.y

Comparing ircd-hybrid/trunk/src/conf_parser.y (file contents):
Revision 1751 by michael, Wed Jan 16 18:30:52 2013 UTC vs.
Revision 1752 by michael, Wed Jan 16 19:17:40 2013 UTC

#	Line 56 | Line 56
56		#include <openssl/dh.h>
57		#endif
58
59	+	#include "rsa.h"
60	+
61		int yylex(void);
62
63		static struct
#	Line 495 | Line 497 | serverinfo_ssl_certificate_file: SSL_CER
497		{
498		if (!ServerInfo.rsa_private_key_file)
499		{
500	<	yyerror("No rsa_private_key_file specified, SSL disabled");
500	>	conf_error_report("No rsa_private_key_file specified, SSL disabled");
501		break;
502		}
503
#	Line 504 | Line 506 | serverinfo_ssl_certificate_file: SSL_CER
506		SSL_CTX_use_certificate_file(ServerInfo.client_ctx, yylval.string,
507		SSL_FILETYPE_PEM) <= 0)
508		{
509	<	yyerror(ERR_lib_error_string(ERR_get_error()));
509	>	report_crypto_errors();
510	>	conf_error_report("Could not open/read certificate file");
511		break;
512		}
513
#	Line 513 | Line 516 | serverinfo_ssl_certificate_file: SSL_CER
516		SSL_CTX_use_PrivateKey_file(ServerInfo.client_ctx, ServerInfo.rsa_private_key_file,
517		SSL_FILETYPE_PEM) <= 0)
518		{
519	<	yyerror(ERR_lib_error_string(ERR_get_error()));
519	>	report_crypto_errors();
520	>	conf_error_report("Could not read RSA private key");
521		break;
522		}
523
524		if (!SSL_CTX_check_private_key(ServerInfo.server_ctx) ||
525		!SSL_CTX_check_private_key(ServerInfo.client_ctx))
526		{
527	<	yyerror(ERR_lib_error_string(ERR_get_error()));
527	>	report_crypto_errors("Could not read RSA private key");
528	>	conf_error_report(ERR_lib_error_string(ERR_get_error()));
529		break;
530		}
531		}
#	Line 550 | Line 555 | serverinfo_rsa_private_key_file: RSA_PRI
555
556		if ((file = BIO_new_file(yylval.string, "r")) == NULL)
557		{
558	<	yyerror("File open failed, ignoring");
558	>	conf_error_report("File open failed, ignoring");
559		break;
560		}
561
#	Line 561 | Line 566 | serverinfo_rsa_private_key_file: RSA_PRI
566
567		if (ServerInfo.rsa_private_key == NULL)
568		{
569	<	yyerror("Couldn't extract key, ignoring");
569	>	conf_error_report("Couldn't extract key, ignoring");
570		break;
571		}
572
#	Line 570 | Line 575 | serverinfo_rsa_private_key_file: RSA_PRI
575		RSA_free(ServerInfo.rsa_private_key);
576		ServerInfo.rsa_private_key = NULL;
577
578	<	yyerror("Invalid key, ignoring");
578	>	conf_error_report("Invalid key, ignoring");
579		break;
580		}
581
#	Line 580 | Line 585 | serverinfo_rsa_private_key_file: RSA_PRI
585		RSA_free(ServerInfo.rsa_private_key);
586		ServerInfo.rsa_private_key = NULL;
587
588	<	yyerror("Not a 2048 bit key, ignoring");
588	>	conf_error_report("Not a 2048 bit key, ignoring");
589		}
590		}
591		#endif
#	Line 603 | Line 608 | serverinfo_ssl_dh_param_file: SSL_DH_PAR
608		if (dh)
609		{
610		if (DH_size(dh) < 128)
611	<	ilog(LOG_TYPE_IRCD, "Ignoring serverinfo::ssl_dh_param_file -- need at least a 1024 bit DH prime size");
611	>	conf_error_report("Ignoring serverinfo::ssl_dh_param_file -- need at least a 1024 bit DH prime size");
612		else
613		SSL_CTX_set_tmp_dh(ServerInfo.server_ctx, dh);
614
#	Line 631 | Line 636 | serverinfo_name: NAME '=' QSTRING ';'
636		ServerInfo.name = xstrdup(yylval.string);
637		else
638		{
639	<	ilog(LOG_TYPE_IRCD, "Ignoring serverinfo::name -- invalid name. Aborting.");
639	>	conf_error_report("Ignoring serverinfo::name -- invalid name. Aborting.");
640		exit(0);
641		}
642		}
#	Line 646 | Line 651 | serverinfo_sid: IRCD_SID '=' QSTRING ';'
651		ServerInfo.sid = xstrdup(yylval.string);
652		else
653		{
654	<	ilog(LOG_TYPE_IRCD, "Ignoring serverinfo::sid -- invalid SID. Aborting.");
654	>	conf_error_report("Ignoring serverinfo::sid -- invalid SID. Aborting.");
655		exit(0);
656		}
657		}
#	Line 752 | Line 757 | serverinfo_max_clients: T_MAX_CLIENTS '=
757		char buf[IRCD_BUFSIZE];
758
759		snprintf(buf, sizeof(buf), "MAXCLIENTS too low, setting to %d", MAXCLIENTS_MIN);
760	<	yyerror(buf);
760	>	conf_error_report(buf);
761		ServerInfo.max_clients = MAXCLIENTS_MIN;
762		}
763		else if ($3 > MAXCLIENTS_MAX)
#	Line 760 | Line 765 | serverinfo_max_clients: T_MAX_CLIENTS '=
765		char buf[IRCD_BUFSIZE];
766
767		snprintf(buf, sizeof(buf), "MAXCLIENTS too high, setting to %d", MAXCLIENTS_MAX);
768	<	yyerror(buf);
768	>	conf_error_report(buf);
769		ServerInfo.max_clients = MAXCLIENTS_MAX;
770		}
771		else
#	Line 1007 | Line 1012 | oper_entry: OPERATOR
1012
1013		if ((file = BIO_new_file(block_state.file.buf, "r")) == NULL)
1014		{
1015	<	yyerror("Ignoring rsa_public_key_file -- file doesn't exist");
1015	>	conf_error_report("Ignoring rsa_public_key_file -- file doesn't exist");
1016		break;
1017		}
1018
1019		if ((pkey = PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL)) == NULL)
1020	<	yyerror("Ignoring rsa_public_key_file -- Key invalid; check key syntax.");
1020	>	conf_error_report("Ignoring rsa_public_key_file -- Key invalid; check key syntax.");
1021
1022		conf->rsa_public_key = pkey;
1023		BIO_set_close(file, BIO_CLOSE);
#	Line 1435 | Line 1440 | port_item: NUMBER
1440		if (!ServerInfo.server_ctx)
1441		#endif
1442		{
1443	<	yyerror("SSL not available - port closed");
1443	>	conf_error_report("SSL not available - port closed");
1444		break;
1445		}
1446		add_listener($1, block_state.addr.buf, block_state.flags.value);
#	Line 1451 | Line 1456 | port_item: NUMBER
1456		if (!ServerInfo.server_ctx)
1457		#endif
1458		{
1459	<	yyerror("SSL not available - port closed");
1459	>	conf_error_report("SSL not available - port closed");
1460		break;
1461		}
1462
#	Line 1977 | Line 1982 | connect_send_password: SEND_PASSWORD '='
1982		break;
1983
1984		if ($3[0] == ':')
1985	<	yyerror("Server passwords cannot begin with a colon");
1985	>	conf_error_report("Server passwords cannot begin with a colon");
1986		else if (strchr($3, ' ') != NULL)
1987	<	yyerror("Server passwords cannot contain spaces");
1987	>	conf_error_report("Server passwords cannot contain spaces");
1988		else
1989		strlcpy(block_state.spass.buf, yylval.string, sizeof(block_state.spass.buf));
1990		};
#	Line 1990 | Line 1995 | connect_accept_password: ACCEPT_PASSWORD
1995		break;
1996
1997		if ($3[0] == ':')
1998	<	yyerror("Server passwords cannot begin with a colon");
1998	>	conf_error_report("Server passwords cannot begin with a colon");
1999		else if (strchr($3, ' ') != NULL)
2000	<	yyerror("Server passwords cannot contain spaces");
2000	>	conf_error_report("Server passwords cannot contain spaces");
2001		else
2002		strlcpy(block_state.rpass.buf, yylval.string, sizeof(block_state.rpass.buf));
2003		};
#	Line 2067 | Line 2072 | connect_ssl_cipher_list: T_SSL_CIPHER_LI
2072		strlcpy(block_state.ciph.buf, yylval.string, sizeof(block_state.ciph.buf));
2073		#else
2074		if (conf_parser_ctx.pass == 2)
2075	<	yyerror("Ignoring connect::ciphers -- no OpenSSL support");
2075	>	conf_error_report("Ignoring connect::ciphers -- no OpenSSL support");
2076		#endif
2077		};
2078
#	Line 2279 | Line 2284 | gecos_entry: GECOS
2284		conf = conf_make(CONF_RXLINE);
2285		conf->regexuser = exp_p;
2286		#else
2287	<	ilog(LOG_TYPE_IRCD, "Failed to add regular expression based X-Line: no PCRE support");
2287	>	conf_error_report("Failed to add regular expression based X-Line: no PCRE support");
2288		break;
2289		#endif
2290		}

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)