| 45 |
|
#include "rng_mt.h" |
| 46 |
|
#include "s_auth.h" |
| 47 |
|
#include "s_bsd.h" |
| 48 |
< |
#include "s_conf.h" |
| 49 |
< |
#include "s_log.h" |
| 48 |
> |
#include "conf.h" |
| 49 |
> |
#include "log.h" |
| 50 |
|
#include "s_misc.h" |
| 51 |
|
#include "s_serv.h" /* try_connections */ |
| 52 |
|
#include "send.h" |
| 72 |
|
struct admin_info AdminInfo = { NULL, NULL, NULL }; |
| 73 |
|
struct Counter Count = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; |
| 74 |
|
struct ServerState_t server_state = { 0 }; |
| 75 |
< |
struct logging_entry ConfigLoggingEntry = { 1 }; |
| 75 |
> |
struct logging_entry ConfigLoggingEntry = { .use_logging = 1 }; |
| 76 |
|
struct ServerStatistics ServerStats; |
| 77 |
|
struct timeval SystemTime; |
| 78 |
|
struct Client me; /* That's me */ |
| 91 |
|
* initialize_server_capabs |
| 92 |
|
*/ |
| 93 |
|
int default_server_capabs = 0; |
| 94 |
– |
|
| 95 |
– |
#ifdef HAVE_LIBCRYPTO |
| 96 |
– |
int bio_spare_fd = -1; |
| 97 |
– |
#endif |
| 98 |
– |
|
| 94 |
|
unsigned int splitmode; |
| 95 |
|
unsigned int splitchecking; |
| 96 |
|
unsigned int split_users; |
| 142 |
|
|
| 143 |
|
static int printVersion = 0; |
| 144 |
|
|
| 145 |
< |
struct lgetopt myopts[] = { |
| 145 |
> |
static struct lgetopt myopts[] = { |
| 146 |
|
{"dlinefile", &ConfigFileEntry.dlinefile, |
| 147 |
|
STRING, "File to use for dline.conf"}, |
| 148 |
|
{"configfile", &ConfigFileEntry.configfile, |
| 320 |
|
add_capability("QS", CAP_QS, 1); |
| 321 |
|
add_capability("EOB", CAP_EOB, 1); |
| 322 |
|
add_capability("TS6", CAP_TS6, 0); |
| 328 |
– |
add_capability("ZIP", CAP_ZIP, 0); |
| 323 |
|
add_capability("CLUSTER", CAP_CLUSTER, 1); |
| 324 |
|
add_capability("SVS", CAP_SVS, 1); |
| 325 |
|
#ifdef HALFOPS |
| 336 |
|
static void |
| 337 |
|
write_pidfile(const char *filename) |
| 338 |
|
{ |
| 339 |
< |
FBFILE *fb; |
| 339 |
> |
FILE *fb; |
| 340 |
|
|
| 341 |
< |
if ((fb = fbopen(filename, "w"))) |
| 341 |
> |
if ((fb = fopen(filename, "w"))) |
| 342 |
|
{ |
| 343 |
|
char buff[32]; |
| 344 |
|
unsigned int pid = (unsigned int)getpid(); |
| 351 |
– |
size_t nbytes = snprintf(buff, sizeof(buff), "%u\n", pid); |
| 345 |
|
|
| 346 |
< |
if ((fbputs(buff, fb, nbytes) == -1)) |
| 346 |
> |
snprintf(buff, sizeof(buff), "%u\n", pid); |
| 347 |
> |
|
| 348 |
> |
if ((fputs(buff, fb) == -1)) |
| 349 |
|
ilog(LOG_TYPE_IRCD, "Error writing %u to pid file %s (%s)", |
| 350 |
|
pid, filename, strerror(errno)); |
| 351 |
|
|
| 352 |
< |
fbclose(fb); |
| 358 |
< |
return; |
| 352 |
> |
fclose(fb); |
| 353 |
|
} |
| 354 |
|
else |
| 355 |
|
{ |
| 368 |
|
static void |
| 369 |
|
check_pidfile(const char *filename) |
| 370 |
|
{ |
| 371 |
< |
FBFILE *fb; |
| 371 |
> |
FILE *fb; |
| 372 |
|
char buff[32]; |
| 373 |
|
pid_t pidfromfile; |
| 374 |
|
|
| 375 |
|
/* Don't do logging here, since we don't have log() initialised */ |
| 376 |
< |
if ((fb = fbopen(filename, "r"))) |
| 376 |
> |
if ((fb = fopen(filename, "r"))) |
| 377 |
|
{ |
| 378 |
< |
if (fbgets(buff, 20, fb) == NULL) |
| 378 |
> |
if (fgets(buff, 20, fb) == NULL) |
| 379 |
|
{ |
| 380 |
|
/* log(L_ERROR, "Error reading from pid file %s (%s)", filename, |
| 381 |
|
* strerror(errno)); |
| 393 |
|
} |
| 394 |
|
} |
| 395 |
|
|
| 396 |
< |
fbclose(fb); |
| 396 |
> |
fclose(fb); |
| 397 |
|
} |
| 398 |
|
else if (errno != ENOENT) |
| 399 |
|
{ |
| 440 |
|
{ |
| 441 |
|
const char *s; |
| 442 |
|
|
| 443 |
< |
fprintf(stderr, "ERROR: Could not initialize the SSL context -- %s\n", |
| 443 |
> |
fprintf(stderr, "ERROR: Could not initialize the SSL Server context -- %s\n", |
| 444 |
|
s = ERR_lib_error_string(ERR_get_error())); |
| 445 |
< |
ilog(LOG_TYPE_IRCD, "ERROR: Could not initialize the SSL context -- %s\n", s); |
| 445 |
> |
ilog(LOG_TYPE_IRCD, "ERROR: Could not initialize the SSL Server context -- %s\n", s); |
| 446 |
|
} |
| 447 |
|
|
| 448 |
< |
SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv2); |
| 448 |
> |
SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1); |
| 449 |
|
SSL_CTX_set_options(ServerInfo.server_ctx, SSL_OP_TLS_ROLLBACK_BUG|SSL_OP_ALL); |
| 450 |
|
SSL_CTX_set_verify(ServerInfo.server_ctx, SSL_VERIFY_NONE, NULL); |
| 451 |
|
|
| 452 |
< |
bio_spare_fd = save_spare_fd("SSL private key validation"); |
| 452 |
> |
if ((ServerInfo.client_ctx = SSL_CTX_new(SSLv23_client_method())) == NULL) |
| 453 |
> |
{ |
| 454 |
> |
const char *s; |
| 455 |
> |
|
| 456 |
> |
fprintf(stderr, "ERROR: Could not initialize the SSL Client context -- %s\n", |
| 457 |
> |
s = ERR_lib_error_string(ERR_get_error())); |
| 458 |
> |
ilog(LOG_TYPE_IRCD, "ERROR: Could not initialize the SSL Client context -- %s\n", s); |
| 459 |
> |
} |
| 460 |
> |
|
| 461 |
> |
SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1); |
| 462 |
> |
SSL_CTX_set_options(ServerInfo.client_ctx, SSL_OP_TLS_ROLLBACK_BUG|SSL_OP_ALL); |
| 463 |
> |
SSL_CTX_set_verify(ServerInfo.client_ctx, SSL_VERIFY_NONE, NULL); |
| 464 |
|
#endif /* HAVE_LIBCRYPTO */ |
| 465 |
|
} |
| 466 |
|
|
| 475 |
|
{ |
| 476 |
|
iorecv_cb = register_callback("iorecv", iorecv_default); |
| 477 |
|
iosend_cb = register_callback("iosend", iosend_default); |
| 473 |
– |
iorecvctrl_cb = register_callback("iorecvctrl", NULL); |
| 474 |
– |
iosendctrl_cb = register_callback("iosendctrl", NULL); |
| 478 |
|
} |
| 479 |
|
|
| 480 |
|
int |
| 650 |
|
/* No, 'cause after a restart it would cause all sorts of nick collides */ |
| 651 |
|
eventAddIsh("try_connections", try_connections, NULL, STARTUP_CONNECTIONS_TIME); |
| 652 |
|
|
| 650 |
– |
eventAddIsh("collect_zipstats", collect_zipstats, NULL, ZIPSTATS_TIME); |
| 651 |
– |
|
| 653 |
|
/* Setup the timeout check. I'll shift it later :) -- adrian */ |
| 654 |
|
eventAddIsh("comm_checktimeouts", comm_checktimeouts, NULL, 1); |
| 655 |
|
|
