summaryrefslogtreecommitdiff
path: root/chat/silc-server
AgeCommit message (Collapse)AuthorFilesLines
2005-12-29Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mkjlam1-2/+1
automatically detects whether we want the pkginstall machinery to be used by the package Makefile.
2005-12-15Update to version 1.0.2salo2-6/+6
Changes: - fix compilation on non-i386 (or non-gcc) systems
2005-12-09Update to version 1.0.1salo3-38/+6
Changes: - Fixed crashbug in key exchange, authentication and rekey protocols. - Fixed channel private key mode remove bug. - Fixed statistics temp file creation in debug mode. - Other bugfixes were also made.
2005-12-05Ran "pkglint --autofix", which corrected some of the quoting issues inrillig1-2/+2
CONFIGURE_ARGS.
2005-12-05Fixed pkglint warnings. The warnings are mostly quoting issues, forrillig1-3/+3
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some other changes are outlined in http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
2005-09-13Security fix:salo3-2/+34
- fix insecure file creation in /tmp, patch from silc cvs the impact of this issue is very low. it allows an attacker to overwrite arbitrary files owned by the user running silcd ("silcd", in pkgsrc) IFF the owner of the process or root send SIGUSR1 signal to the process to dump stats. the only file owned by the "silcd" user is typically the log file which resides in a directory inaccessible by anyone except the user itself and root so the potential attacker would need to guess its name. http://www.zataz.net/adviso/silc-server-toolkit-06152005.txt please note that the advisory also incorrectly states that silc-toolkit is vulnerable too. the code in question is never compiled in the toolkit so it's not affected. Bump PKGREVISION.
2005-08-23The real user name in PKG_USERS does not need to be escaped with doublerillig1-2/+2
backslashes anymore. A single backslash is enough. Changed the definition in all affected packages. For those that are not caught, an additional check is placed into bsd.pkginstall.mk.
2005-06-19Updated to version 1.0salo5-52/+45
Changes: 1.0: ==== Only minor bugfixes were made to the previous version. - Fixed channel public key list saving on backup router on JOIN command reply. - New optimized logging. 0.9.21: ======= A small bugfix release. - Added default limit how many channels one client can join (50). - Added missing getopt.[ch]. - Fixed compilation with pkg-config files 0.9.20: ======= A bugfix release to the SILC Server. In addition of various bugfixes, this version now also includes new math library that from now on will be included in all SILC distributions. - Added more liberal channel names from the previous more stricter identifier string change. - Added SERVICE command to server, though services aren't supported yet. - Fixed MOTD command to send empty reply if motd does not exist. - Fixed LIST command. - Fixed query to stop if client goes away. - Added pkg-config check to the configure. - Several other bugfixes were made.
2005-05-31Packages have no business modifying PKG_DEFAULT_OPTIONS -- it's adillo1-2/+3
user settable variable. Set PKG_SUGGESTED_OPTIONS instead. Also, make use of PKG_OPTIONS_LEGACY_VARS. Reviewed by wiz.
2005-05-02RCD_SCRIPTS_EXAMPLEDIR is no longer customizable.reed1-1/+2
And always is defined as share/examples/rc.d which was the default before. This rc.d scripts are not automatically added to PLISTs now also. So add to each corresponding PLIST as required. This was discussed on tech-pkg in late January and late April. Todo: remove the RCD_SCRIPTS_EXAMPLEDIR uses in MESSAGES and elsewhere and remove the RCD_SCRIPTS_EXAMPLEDIR itself.
2005-04-11Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.tv1-2/+1
2005-04-08Update to version 0.9.19p1salo7-102/+25
Changes: - convert to options.mk 0.9.19p1: ========= A little update with this 0.9.19p1. After such a major release problems were expected and the p1 fixes some crashes. Upgrade strongly recommended. 0.9.19: ======= And after a long break new SILC Server is out. This version finalizes the SILC protocol version 1.2 development and introduces UTF-8 nicknames, channel names, usernames and host names. It is now possible to create practically any kind of nicknames and channel names. Practically all letters, numbers and punctuation marks are supported. Special characters, control characters and various odd symbol characters however are not allowed. Several minor and major bugs has been fixed as well. Upgrading is strongly recommended. Old clients that does not yet support UTF-8 encoded nicknames and channel names are still able to connect and function normally as long as they do not need to handle odd UTF-8 encoded names. - Added support for UTF-8 encoded identifier strings, such as nicknames and channel names. - Fixed founder mode handling on JOIN on normal/backup on empty channels. - Fixed WATCH command handling on backup router. - Fixed WATCH command announcing. The WATCH and SILC Gaim buddy list should work better now. - Simplified INVITE and BAN string handling in server. Announcing INVITE and BAN strings should work more reliably now. - Fixed several bugs from the backup and resuming protocol. - Fixed, hopefully, all the wrong server statistics numbers. - Fixed CLOSE command to handle backup routers correctly. - Fixed various detaching and resuming bugs. - Fixed announcing to not announce unregistered (ghost) clients. - Fixed reconnect_keep_trying and QoS settings in server config files. - Several other bugfixes were made.
2005-02-23Add RMD160 digests in addition to SHA1 onesagc1-1/+2
2004-12-29Use VARBASE.minskim1-4/+4
2004-12-28The default location of the pkgsrc-installed rc.d scripts is nowreed1-2/+2
under share/examples/rc.d. The variable name already was named RCD_SCRIPTS_EXAMPLEDIR. This is from ideas from Greg Woods and others. Also bumped PKGREVISION for all packages using RCD_SCRIPTS mechanism (as requested by wiz).
2004-10-03Libtool fix for PR pkg/26633, and other issues. Update libtool to 1.5.10tv1-2/+2
in the process. (More information on tech-pkg.) Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and installing .la files. Bump PKGREVISION (only) of all packages depending directly on the above via a buildlink3 include.
2004-09-22Mechanical changes to package PLISTs to make use of LIBTOOLIZE_PLIST.jlam1-4/+1
All library names listed by *.la files no longer need to be listed in the PLIST, e.g., instead of: lib/libfoo.a lib/libfoo.la lib/libfoo.so lib/libfoo.so.0 lib/libfoo.so.0.1 one simply needs: lib/libfoo.la and bsd.pkg.mk will automatically ensure that the additional library names are listed in the installed package +CONTENTS file. Also make LIBTOOLIZE_PLIST default to "yes".
2004-07-12Bring patch from SILC cvs, "extern inline" -> "static inline".salo2-1/+15
Fixes build on Solaris with SunPro compiler.
2004-06-11Add patches from silc cvs repository.salo4-1/+72
Should fix build on Darwin/Mac OS X.
2004-06-06Doesn't really need glib these days anymore.salo1-3/+1
2004-06-06PKGREVISION++salo4-46/+46
- Rework where silc-server is installed, make it consistent with silc-client changes. - Minor cleanups.
2004-04-23mk/bsd.pkg.install.mk now automatically registersreed1-2/+1
the RCD_SCRIPTS rc.d script(s) to the PLIST. This GENERATE_PLIST idea is part of Greg A. Woods' PR #22954. This helps when the RC_SCRIPTS are installed to a different ${RCD_SCRIPTS_EXAMPLEDIR}. (Later, the default RCD_SCRIPTS_EXAMPLEDIR will be changed to be more clear that they are the examples.) These patches also remove the etc/rc.d/ scripts from PLISTs (of packages that use RCD_SCRIPTS). (This also removes now unused references from openssh* makefiles. Note that qmail package has not been changed yet.) I have been doing automatic PLIST registration for RC_SCRIPTS for over a year. Not all of these packages have been tested, but many have been tested and used. Somethings maybe to do: - a few packages still manually install the rc.d scripts to hard-coded etc/rc.d. These need to be fixed. - maybe remove from mk/${OPSYS}.pkg.dist mtree specifications too.
2004-03-20Fix build on sparc64 with gcc2.snj1-1/+4
2004-03-03Update to version 0.9.18.salo2-7/+7
Changes: 0.9.18: ======= Upgrade release because of couple serious bugs in the 0.9.17. Especially backup router had stability problems with 0.9.17. This was due to a rekey bug when performing rekey with PFS, and because of another bug it caused the backup (and other servers too) to crash. If you are running a normal server or backup router then ugprading is strongly recommended. If you are running any kind of server with PFS enabled in rekey, upgrading is recommended. - Fixed protocol completion handling in connection closing. - Fixed rekey with PFS to work on backup with disabled connections. - Fixed CMODE command reply to return the user limit correctly. - Fixed the watch notify to be called for resuming clients. 0.9.17: ======= - Implemented the user limit to the CMODE_CHANGE notify and to the CMODE and JOIN command replies, as defined in the new protocol specs. - Implemented the public key support to WATCH command, as defined in the new protocol specs. - Added asynchronous connecting to remote router/server. - Fixed the WHOIS public key deleting. - Several other bugfixes were also made.
2004-02-18bl3ify.salo1-3/+3
2004-02-14LIBTOOL_OVERRIDE and SHLIBTOOL_OVERRIDE are now lists of shell globsjlam1-2/+2
relative to ${WRKSRC}. Remove redundant LIBTOOL_OVERRIDE settings that are automatically handled by the default setting in bsd.pkg.mk.
2004-02-05The long awaited update libtool to 1.5.2.skrll1-2/+1
Some pkgsrc things - Fix PLISTs for packages that use -release - Include canonicalisation of a couple of paths for the benefit of qt3-* - the normal version=sunos patching - fix all library_names_spec for the standard set of symlinks The libtool things some of which had already made it into pkgsrc libtool. New in 1.5.2: 2004-01-25; CVS version 1.5.0a, Libtool team: * lt_dlrealloc is an official part of the libltdl API. * --tag, --silent and --debug options are preserved and reused when libtool calls itself for relinking etc. * `-pthread' and similar options are honoured when linking shared libraries. * -no-suppress in compile mode shows compiler output for both PIC and non-PIC object compilation. * New link mode option `-precious-files-regex' to prevent accidental removal of files you want to keep, such as test coverage data, from the temporary output directory. * Directories specified in /etc/ld.so.conf are no longer hardcoded on Linux. * Recognises the 'R' symbol type on Solaris so read-only symbols can be exported. * Bug fixes. New in 1.5: 2003-04-14; CVS version 1.4e, Libtool team: * First stable release of multi-language architecture. * libtool and libltdl support for Mac OS/X. * libltdl will now use cygwins dlopen API instead of always forcing LoadLibrary. * Support auto-import patch to binutils on cygwin for much improved dll support. * Bug fixes. New in 1.4.3: 2002-10-13; CVS version 1.4.2a, Robert Boehne: * The libltdl subdirectory now bootstraps correctly with Automake 1.5. * srcdir != builddir builds with Automake 1.5 work correctly. * Support for mips-compaq-nonstopux. * New command line argument, --preserve-dup-deps prevents removal of duplicate dependent libraries. New in 1.4d: 2002-01-07; CVS version 1.4c, Libtool team: * Help strings display correctly again. * Better error messages when library linking fails. * Better error messages from libltdl when loading fails. * Better search path management in libltdl with `lt_dlinsertsearchdir' call. * Support /lib/w32api in recent cygwin releases. * Support cross compilation to mingw. * Support for .rc files (Windows resource compiler). * Improved handling of mingw gcc. * Improved handling of $PATH with entries containing spaces. * Improved support for linking with gcc on aix4* and aix5*. * Improved support for GCC 3.0. * Initial support for QNX RTOS, UnixWare 7 and OpenUNIX 8. * Bug fixes to the OpenBSD port. * Bug fixes. New in 1.4.2: 2001-09-11; CVS version 1.4.1a, Gary V. Vaughan: * libltdl now builds on solaris again * diagnose and warn about not-quite-working combinations of gcc and ld on solaris. * Improved OpenBSD support. * Improved cygwin support. * Bugfixes. New in 1.4.1: 2001-09-03; CVS version 1.4.0a, Libtool team: * Better error messages from libltdl when loading fails. * Don't leave here-doc files behind. * Improved support for OpenBSD. * Libtool will build with autoconf-2.50 and higher. * Plug memory management bugs in libltdl. * Prefer shl_load to dlopen for better operation on HP-UX. New in 1.4b: 2001-07-09; CVS version 1.4a, Libtool team: * Now bootstraps with autoconf-2.50 and automake-1.4-p4. * Always try to build at least a static lib, even if both static and shared libs were disabled. * Full support for C++ compiler. * Support for GNU gcj compiler. * libltdl can now load all modules in a given path according to user supplied criteria with `lt_dlforeachfile' call. * Improved support for AIX ia64, djgpp, HPUX, hurd, OpenBSD, sco3.2*. * Internal mutex handling no longer has namespace clashes on NCR MP-RAS. * New pdemo and tagdemo tests. * Bug fixes.
2004-01-03Update to version 0.9.16.salo3-15/+15
Changes: - Added public key based search support to WHOIS command. Users can be searched by their public key now. To search users by public key using SILC Client, do the following (see the /HELP WHOIS for revised help information on searching by public key): To search nickname 'nick' that has the specified public key, give: /WHOIS nick -pubkey /path/to/the/public_key.pub To search all usesr that has the specified public key, give: /WHOIS -pubkey /path/to/the/public_key.pub - Removed RC6 cipher. - Fixed the MOTD command to work properly. Motds can now be fetched from remote servers. - Fixed the INVITE string handling during joining to use correct server name. Invite strings such as *@sauna.silcnet.org!*@*foobar.com now works. - Fixed the CUMODE for founder mode work correctly when there is already a founder on channel. Normal server cannot anymore "replace" a founder which is founder on router (even if authentication works). User on router can "replace" founder that is on normal server assuming authentication is successful. - Fixed UMODE mode change bug when anonymous mode was already set. Now modes can be changed normally. - Minor fixes to backup router protocol. Some problems may still exist and testing this feature is recommended. - Improvements to router-to-router connections. Normal communication should work. NOTE: This is experimental and you can expect problems if you set up such network. - Several other bugfixes.
2003-11-01Updated to version 0.9.15.salo2-5/+5
This release focuses especially fixing the remaining MAC failed errors that people have been experiencing and the infamous Error in select() error which should now finally be gone. Upgrading is strongly recommended. Changes: - Fixed KICK command to not send the command reply twice. - Fixed the QoS unregistering to avoid the errors in select() for invalid socket connection. - Fixed the rekey protocol timeout handling - Fixed the packet processing to avoid clearing QoS data underneath the QoS.
2003-10-16Updated to version 0.9.14.salo7-53/+24
This version is a major upgrade release and everyone running older version is strongly recommended to upgrade to this version. This version introduces several bugfixes, security fixes and bunch of new features. This also completes the development work for the SILC protocol version 1.2. Changes: - removed patch-ac, merged into distribution - create server keys with strict permissions 0.9.14: ======= - Several bugfixes and security fixes were made. A major remote exploit was also fixed. - The SILC Server now ignores SIGXFSZ and SIGXCPU signals which will terminate the process if they occur. They can occur in poorly configured environment. - Fixed SERVER_SIGNOFF notify handling which caused ghosts to remain in the network. - Fixed inviting and banning by public key. Fixed invite and ban string handling. Implemented SILC 1.2 complying invite and ban data distribution between routers and servers. To also comply with SILC 1.2, prohibited using '@' and '!' characters in invite and ban strings. - Support for channel public keys added. A new feature in SILC 1.2, that allows join authentication using digital signatures. Use the latest SILC Client to take advantage of this feature. - Support for SILC 1.2 backup protocol. This version introduces rewritten version of the backup router protocol. The purpose of the backup router protocol is to prevent servers from splitting from the rest of the SILC network if the primary router becomes unresponsive. There are no changes to the configuration of the backup router support, and old configurations will work with this version too. This version is now able to detect much better different network failure situations and understand how to work with them. The servers are now able to actually detect when the backup router can/must be used. They are also able, in case of error in backup router protocol, to resume back to either to the backup router or to the primary router, and always recover from desyncs automatically (usually within 60 seconds). - Support for command reply error arguments was added. This allows clients to better handle error conditions within command execution. - The founder public key distribution now complies with the SILC 1.2.
2003-08-30Add definitions for DEINSTALL_EXTRA_TMPL and INSTALL_EXTRA_TMPL ifjlam1-1/+3
USE_PKGINSTALL is "YES". bsd.pkg.install.mk will no longer automatically pick up a INSTALL/DEINSTALL script in the package directory and assume that you want it for the corresponding *_EXTRA_TMPL variable.
2003-07-17s/netbsd.org/NetBSD.org/grant1-2/+2
2003-05-02Dependency bumps, needed because of devel/pth's major bump, and relatedwiz1-1/+2
dependency bumps.
2003-03-17Updated to version 0.9.13.salo6-25/+32
Changes: - Fixed EOF handling in SILC Config. - Do not send full INVITE and BAN lists in INVITE and BAN notifys, only the changed information. - Fixed INVITE notify sending in INVITE command, send it only when needed. - Handle the founder key change properly in CMODE_CHANGE notify. Bug #122. - Remove the mark for output (mark it only for input) after purging outgoing queue. Prevents the "Error in select()" floods. - Check server private key file permissions before starting the server. - NULL terminate allocated string in silc_buffer_strformat. - Rewrote the invite/ban list string handling in server to use SilcBuffer instead. - Fixed double free in CMODE command when setting new HMAC for channel. - Added couple of missing memset's to zero sensitive memory.
2003-01-28Instead of including bsd.pkg.install.mk directly in a package Makefile,jlam1-3/+4
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set to "YES". This enforces the requirement that bsd.pkg.install.mk be included at the end of a package Makefile. Idea suggested by Julio M. Merino Vidal <jmmv at menta.net>.
2003-01-26Update to version 0.9.12.salo2-17/+6
- use SHLIBTOOL_OVERRIDE instead of LIBTOOL_OVERRIDE, the ugly static libraries hack is now gone. Changes from 0.9.11 to 0.9.12 ============================= * Added macros SILC_SWAB_[16|32] to swab byte order of 16-bit and 32-bit unsigned integers. * Use the SILC_SWAB_16 instead of htons() in server when handling ports since the ports in structures are always in little-endian order (regardless of platform). * Send DISCONNECT in close admin command in server. * Check whether we are already connecting to a remote router (in addition of checking whether we are already connected) before creating new connection. * Check that socket is valid after QoS is applied to data. * Make sure the socket connecetion is not closed to early when closing connection in server. Also make sure the connection is always closed after error in a protocol. * Fixed server crash with double Primary block in config file. * Fixed various memory leaks around the config file parser. * Fixed a double free in INVITE command error handling in server.
2003-01-08Update to version 0.9.11salo5-61/+28
IMPORTANT NOTE: This version does not include backwards support for the old style SILC private key so if you skipped 0.9.10 version you won't be able to run this server without generating new key pair. Changes from 0.9.10 to 0.9.11 ============================= * Workaround GCC bug which causes memory exhaustion when compiling sha1 with optimizations on UltraSPARC. from openbsd * Added some sanity checks in server for correctness of the server configuration. * More log printing during backup router protocol. * Removed backwards support for old private key file format. * Removed backwards support for not-so-strict decryption length check, it's strict now. * Fixed error handling of invalid client entry when calling commands in server. Fixes a crash. * Fixed double free in async host lookup code. * On backup router handle now the SERVER_SIGNOFF from router for local connected servers too, and close the connections. Do not process them as normally signing off servers when they really signoff by sending EOF fe, but always assume that router sends the SERVER_SIGNOFF. * Fixed socket unsetting when closing connections. * Fixed close command to use the port correctly when closing server connections. * Check for NULL outbuf in silc_socket_write. It is possible that it is NULL is some odd case. * Do not call final protocol callback for backup router resuming protocol when closing connection. It is closed by timeout in case of error. * Backup reconnect to router if backup resuming protocol failed. * Fixed double free in SKE library error hadling when signature error occurred. * Fixed double free in invite list adding code when adding invite strings.
2002-12-06An important note to all server users:salo7-54/+73
The private key file format has changed due to a bug in the older code. When you run this server version it automatically changes your private key file to the correct format. The future versions of the SILC Server will not do that, so do not skip this version or you will need to generate new key pair after 0.9.11 is released. Also backup router bugs was fixed which caused several interesting decryption problems, so upgrading regardless if you are runinng normal server, backup router or primary router is strongly recommended. Changes from 0.9.9.1 to 0.9.10 ============================== * Added the config directive PublicKeyDir for the client block. * Extended the SILC_SERVER_LOG_ERROR macro to all available logging channels. * Load only files with .pub suffix in PublicKeyDir. * Fixed a typo in resuming code that fixed detach/resume code in server. * Fixed CMODE setting in server when founder mode was set. * Fixed wrong invite and ban list handling in server command reply. * Fixed CUMODE founder authentication in server to not check for client's public key since it's not supposed to do that. * Fixed backup router bugs: When backup resumes router and receives a CHANNEL_MESSAGE packet the backup must not act as router since the packet header decryption would be different. Also, when relaying packets to channel, do not re-encrypt packets on backup that came from the primary since the connection isn't really router-router connection.
2002-12-04Update to version 0.9.9.1.salo5-68/+63
Changes from 0.9.8 to 0.9.9.1 ============================= * Updated protocol version to 1.2. Clients and servers with support for 1.1 are not compatible with the new protocol! * Print notify for server opers when backup router comes online. * Resolve the client's public key in JOIN command if the founder auth data is being requested but we don't know the client's public key. * Added idle and signon fields to the ATTRIBUTE_SERVICE attribute to indicate the user's current idle and signon timeof a service. * Added MAC field to the Private Message Payload to protect against chosen ciphertext attacks. * Defined the SILC_MESSAGE_FLAG_SIGNED. * Added ERR_UNSUPPORTED_PUBLIC_KEY and ERR_OPERATION_ALLOWED status types. * Added support for normal client to kill its own entries from the network. * Compute maximum padding for authentication packets to make passphrase approximation attacks impossible (padding must be at least 8 bytes now). * Added support for rekey before 2^32 sequence number wraps. * Added Encrypt-Then-MAC order to SILC packet MAC generation. Deprecated the old Encrypt-And-MAC order. * Added Encrypt-Then-MAC order to Channel Message Payload MAC generation. * Added support for setting FOUNDER mode on channel with specific public key which can be set with CMODE command. * Don't wait for EOF after socket error has occurred, but close the connection. * Assure the RESUME_CLIENT packet is not sent to twice to backup router if the detached client was originated from the backup. * Added support for removing client from invite list when kicked from channel, as SILC 1.2 dictates. * Added support for the SILC 1.2 BAN and INVITEcommands and new ban and invite lists to server. * Remove client from invite list in KILLED notify and in KILL command. * Do not send invite list back unless asked (when sending no arguments) or when list was modified. * MARS is now gone. * Added manual pages for silcd(8) and silcd.conf(5). * Fixed WATCH command reply handling on normal server which was missing altogether. * Fixed double free in WHOIS query on normal server when forwarding query to router. * Fixed MOTD command reply sending. * Fixed the INVITE command to send the invite list in command reply. * Fixed PING command sending in client library and handling in server. The server ID must be ID Payload, not raw ID data. * Fixed NICK command to not crash if nickname was not sent. * Fixed channel's global_user boolean checking after detaching. Check it after changing the owner of the client not before. * Fixed channel key distribution after resuming detached client. * Fixed memory leaks with SIMs in server. * Fixed bugs in invite list handling in INVITE command.
2002-11-21update to version 0.9.8salo4-7/+44
Changes from 0.9.5 to 0.9.8 =========================== * Added support for aborting automatically pending commands that never receives the reply (to avoid memory leaks). * Added support for removing explicitly added client connections in rehash and closing the client connections if they were unconfigured in the rehash. * Rewrote WHOIS, WHOWAS and IDENTIFY commands in the server. * If packet processing fails (like integrity check fails) the connection is closed now. * Normal server now reconnects to backup router automatically if connection is lost to it. * Added support for replying on behalf of the user to the Requested Attributes in WHOIS command in the server. * Failed OPER and SILCOPER authentications are now logged. * Added sort-of "Quality of Service" (QoS) support. Data reception can be controlled with rate limit per second and/or read data length limit. * Added support for encrypted private key files. Now passphrase must be provided when new key pair is created , and prompted when loading the private key. * Resumed client packet handling from server put the resumed client on wrong list on router and caused the client not be present on the network anymore. * Various cleanup in error message output in config parsing code and in server init code. Fixed error log files containing too many newlines in some situations. * Assure that channel key is set before sending it. May crash server otherwise. * Don't swtich to become primary router if we are backup if decryption error has occurred. * Fixed a bug in backup router IP address comparison * Fixed a crashbug in incoming server accepting. * Fixed packet decryption problem when backup router encrypted channel message with wrong key during backup resuming protocol. * Fixed memory leaks in server. * Fixed channel key packet processing bug on backup router during backup resuming protocol.
2002-09-20Belatedly note that the example rc.d file moved to ${PREFIX}/etc/rc.d.jlam1-2/+2
2002-09-20Make these scripts more portable by taking advantage of automatic rc.dgrant1-2/+2
script handling and using @RCD_SCRIPTS_SHELL@. as discussed with jlam.
2002-09-19Take advantage of the auto-generation and installation of rc.d scripts.jlam1-12/+7
2002-09-18When using bsd.pkg.install.mk, if a DEINSTALL or INSTALL file alreadyjlam1-3/+1
exists, then use it as the default value of DEINSTALL_EXTRA_TMPL or INSTALL_EXTRA_TMPL.
2002-09-14Maintainer update of chat/silc-server to version 0.9.5. Changes:hubertf8-95/+103
buildlink->buildlink2 Main changes from 0.9.2 to 0.9.5 ================================= * Use the primary router as the origin of the locally connected server when it is disconnecting from the backup router since that's where it really is coming from. Now the clients from the disconnecting server are removed correctly and "shadow" clients are not left to the backup router. * If normal server is standalone and found existing but disabled channel, do not re-create the channel since it creates duplicate same channels. * Added anonymous client connections support to server. New "anonymous" configuration option to ConnectionParams section added. If set to true, the username and hostname information of the client will be scrambled and anonymous user mode is set automatically to the user. * In JOIN notify handling, mark that the cache entry of the client cannot be expired. Can cause crashes on normal server (asserts client->channels). * Added silcd configuration option Timestamp in the Logging section. * Fixed fingerprint checking to check for entirely empty fingerprint instead of two first bytes when determining if it is set. * Remove server/router operator privileges in DETACH command, since it's possible to resume to server where these privileges would not be allowed. * Do not re-create channel keys and send them when removing clients in server shutdown. * Completed backup router support for standalone routers. Supports also servers in the cell that do not use the backup at all. Server/router operator now receives notify when network switches to backup router and when it resumes the use of primary router. * Added -D option to server. It can be used to give debug level. The levels are from 0 - 99, and are predefined for smooth server debugging. Patch submitted by Lubomir Sedlacik <salo@Xtrmntr.org> in PR 18278.
2002-06-21Add patch that escaped the last commit. Part of the update to 0.9.2jschauma1-15/+30
2002-06-21Update to version 0.9.2 using patch provided by MAINTAINER in PR pkg/17304,jschauma2-7/+7
closing this PR. Thank to Lubomir Sedlacik. Changes from 0.9.1 to 0.9.2 =========================== * Support for multiple interfaces so now it's possible e.g. to listen on IPv4 and IPv6 within one daemon incarnation. WARNING: you will need to update your silcd.conf to reflect changes! * Added lots of new statistics updating that was missing from the server and router code. Sending SIGUSR1 signal to server now dumps the current server statistics into /tmp directory. * Implemented the SILC_CHANNEL_UMODE_QUIET mode that can be used to silence a user on a channel. * Fixed various fatal bugs,in handling of malformed command payload, double free when announcing channel users to router, missing parameter in a function call that caused server crash when a non-allowed connection arrived. * Fixed some backup data sending around the code to work better if the router is standalone router and fixed the router connectin when connecting to multiple routers. * Fixed detach timeout handling to use Client ID and not the actual client entry which may be freed in the callback.
2002-05-24Update silc-server to version 0.9.1. Changes:hubertf4-16/+19
* Fixed CUMODE_CHANGE notify handling in server. * Fixed USERS command to support empty channels. * Check the watcher list before sending signoff notifys when closing client connection. * Added better CMODE command rights checking. * Fixed watcher list checking during server signoff. It crashed the server. * The JOIN command reply returns now the founder's public key. * Announce the channel mode, and the mode properties with CMODE_CHANGE notify. * Mark new channels by default disabled, untill at least one user joins the channel. * The nickname argument to watch notify can be optional. Fixes a crash in server. * Check the watcher list before and after changing nickname when the NICK_CHANGE notify is received. * Added the founder's public key delivery to the CUMODE_CHANGE notify type as well. Updated the protocol specs and the code. * Added support for sending the founder's public key in the CMODE_CHANGE notify packet in the server. * Changed the FOUNDER_AUTH authentication to use only public key authentication as defined by new protocol specs. Passphrase authentication with that mode cannot be used anymore. It is now possible to reclaim founder mode from any server in the network. * Added permanent channels support by making the channel permanent when FOUNDER_AUTH mode is set on the channel. The channel will not be destroyed even if channel is empty when that mode is set. Protocol TODO #17. * Added BLOCK_INVITE user mode to be able to block incoming invite notifications. Protoocol TODO #26. * Disconnect Payload includes now the status type. Updated the protocol specs and the code. Protocol TODO #25. * Defined that the nickname hash in Client ID MUST be from lowercase nickname. This effectively changes nicknames in SILC to case-insensitive. Updated the protocol specs and the code. * Added new channel user modes BLOCK_MESSAGES_USERS and BLOCK_MESSAGES_ROBOTS. Updated the protocol specs and the code. * Added support for watch list. It is possible to add nicknames to be watched, and when they come to network, leave network or user mode changes the watcher will be notified of this change. Added SILC_COMMAND_WATCH command, added new notify type SILC_NOTIFY_TYPE_WATCH to deliver the watch notifications. Updated the protocol specs and implemented this to library, client and server. Protocol TODO #21. * Fixed a bug in the pid writing function, which couldn't be written in a root-owned directory. * Added detach_disabled and detach_timeout server config options to the server. * Defined that server receives WHOIS command reply for private and secret channels too. Updated protocol specs and the code in server. * Defined <channel user mode list> argument to WHOIS command reply for returning user modes on the channels. The channel list now doesn't include the user mode anymore but the actual channel mode. Updated protocol specs and the code in client and server. * Save the channels list in WHOIS command reply in normal server so that WHOIS always shows joined channels also in normal server and not just on router. * Defined that server receives USERS command reply for private and secret channels too. Updated protocol specs and the code in server. * Changed the UMODE's mode mask argument to be optional. If not provided then the command merely returns the current mode mask to the client. * Added SILC session detachment/resuming support. It is possible to detach by closing the network connection and then re-connect and resume to the old client session. Added DETACHED user mode that server will set for detached client. Added new packet RESUME_CLIENT which is used to perform the resuming process. Added DETACH command. Updated the protocol specs, core library, client and server. Protocol TODO #22. * Changed the CMODE's mode mask argument to be optional. If not provided then the command merely returns the current mode mask to the client. Updated protocol specs and the server. * Added new user modes ANONYMOUS for special anonymous servers that may set the mode for client, and BLOCK_PRIVMSG which client may set to block incoming private messages unless the Private Message Key flag is set (using private keys to protect private messages). Updated protocol specs and code in client and server and core library. Protocol TODO #23. * Added new channel user mode BLOCK_MESSAGES which the client may set to itself to tell server not send channel messages. Other packets such as channel key packets are still sent. Protocol TODO #23. Updated the protocol specs, client and server. * Fixed a bug in the fetch_logging() config callback. * Drop root privileges when started in foreground. Don't drop them if debugging also. * Added STATS command to the protocol after all, to return various statistical information about the network. It can be used by clients to retrieve statistical information, and servers may use it to to fetch cell and network wide statistics from router. Updated the protocol specs and implemented it to the server. Protocol TODO #16. * Rewrote the version SKE version checking in client libary and in server to use the silc_parse_version_string. * Added two new channel modes: SILC_CMODE_SILENCE_USERS and SILC_CMODE_SILENCE_OPERS which can be used to moderate the channel. Updated protocol specs and impelemented this to client and server. Protocol TODO #6. * Deprecated all administrative commands from SILC protocol since they are highly implementation specific commands. Updated protocol specs. Moved the old commands in implementations to private range of command types. * Fixed a bug in server where sending unknown command crashes the server. * Fixed the rekey protocol with PFS, which was totally broken. * Merged version 1.1.4 of zlib. Even if it not currently in use, it's good not to have security holes here. * Fixed a negative refcount situtuation for the config context. Affected file is silcd/serverconfig.c. changes in silc-server package: =============================== - removed INSTALL file, don't generate server keys during installation, if missing, generate them on server startup Patch contributed by Lubomir Sedlacik <salo@Xtrmntr.org> in PR 16981
2002-05-03Update silc-server pkg to 0.8.4. Changes:hubertf4-8/+95
changes in silc-server package: =============================== - upgraded to version 0.8.4 - added generic startup script for Solaris and Linux (i can't test it on Darwin/Mac OS X because i don't have any.. please let me know if it works for you. thanks) You will need to copy ${PREFIX}/etc/rc.d/silcd to appropriate location in your system and do neccessary actions to enable it. e.g. Solaris: copy ${PREFIX}/etc/rc.d/silcd to /etc/init.d/ and make links in /etc/rc2.d/, /etc/rc1.d/, /etc/rc0.d/. changes in silc-server since 0.8.1: =================================== * Fixed a bug in library where sending a bogus authentication payload would lead to a crash. * Fixed a bug in the fetch_logging() config callback. * Drop root privileges when started in foreground. Don't drop them if debugging also. * Added better error logging in rekey protocol. * Do not check public key types in SKE during rekey. * Fixed the rekey protocol with PFS, which was totally broken. * Fixed a negative refcount situtuation for the config context. * Fixed memory leaks from config object. * Added support for adding new connections to the server in rehash. After rehash they take effect. * Added support for changing the maximum allowed connections in rehash. The number can grow but going smaller is not supported. * Added preliminary checking during config parsing for a valid public/private key and removed further checks in the code. * Fixed silc_net_gethostbyaddr to correctly resolve by address. * Fixed the notify relaying to client. The HMAC to be used with relayed packets ws wrong and caused decryption failure at the client end. * Fixed the silc_log_quick handling in the logging routines. It didn't log quickly when it was TRUE. Also the flush delay was set even if it was 0 in config file. * Added support for changing key pair of the server in rehash. * Fixed the TOPIC_SET notify to not crash. It changed the topic too early, before getting the channel entry. * Added rehash support. Added function silc_server_rehash() that will perform all the basic tasks of the rehashing procedure. * Added command line option `-x, --hexdump'. This will enable the SILC_LOG_HEXDUMP calls that are no longer enabled with `--debug'. The option `--hexdump' implies `--debug'. * Fixed a bad bug in the logging APIs (silcutil library) where the application would crash after calling silc_log_reset_all(). Contributed by Lubomir Sedlacik <salo@xtrmntr.org> in PR 16612
2002-03-29Update silc-server to 0.8.1. Update provided by the package maintainer,rh3-49/+32
Lubomir Sedlacik <salo@silcnet.org> in PR pkg/16099, thanks! Changes from 0.8 to 0.8.1 ========================= * IPv6 fixes. IPv6 should work without problems now. * Fixed a minor bug in looking up correct client entry in KICKED notify in server. * Don't change the topic if olod topic is same as new one. * Packet relaying is now done by router without any extra memory allocations. * Fixed the INVITE notify handling. It took wrong arguments as invite list and invite delete. * Added check for INVITE, TOPIC_SET, KICKED, CMODE_CHANGE notify types that particular action is allowed by the client. * Fixed a packet sending bug on very high load, where outgoing packet queue wasn't handled correctly and packets got corrupted. * Added checks for maximum length of channel message payload and private message payload also. * Added checks for maximum packet length in server and in client library. * Added new configuration params: version_protocol, version_software and version_software_vendor to specify what version the remote host must at least be to be able to connect to server. The vendor string can be regex matched too. * Added new function silc_server_connection_allowed to check maximum number of allowed connections, and allowed versions for incoming connections. * Added logging of DISCONNECT packet message in the server. * Check for valid socket connection in client entries before sending any messages. Fixes a crash, but doesn't fix some other underlaying bug that is lurking there. * Added support for specifying multiple public keys for Client connection section in server configuration file. This makes it possible to accept multiple public keys from same host, or to make a section that accepts any incoming host, and have the accepted public keys listed in the section. * Added more error printing to logs in server code.