ngIRCd 0.8.2, the "hey there are contributors" release has just hit the
Many thanks go to Florian Westphal for his work!
Everybody running an older version of ngIRCd should upgrade to this
version because some remotely exploitable security related bugs (that
could cause the daemon to crash) have been fixed!
Note: if you are using the CVS HEAD branch then you should run an CVS
update and use the current code base.
Changes since version 0.8.1 are:
- Added doc/SSL.txt to distribution.
- Fixed a buffer overflow that could cause the daemon to crash. Bug
by Florian Westphal, <westphal(a)foo.fh-furtwangen.de>.
- Fixed a possible buffer underrun when reading the MOTD file. Thanks
to Florian Westphal, <westphal(a)foo.fh-furtwangen.de>.
- Fixed detection of IRC lines which are too long to send. Detected by
Florian Westphal, <westphal(a)foo.fh-furtwangen.de>.
- Fixed return values of our own implementation of strlcpy(). The
been taken from rsync and they fixed it, but we didn't until today
It has only been used when the system didn't implement strlcpy by
not on "modern" systems. Florian Westphal,
You can download ngIRCd 0.8.2 (~271 KB) from:
And the patch from 0.8.1 to 0.8.2 (~3 KB) as well as GnuPG signatures
can be found here:
This release has been tagged as "rel-0-8-2" in the CVS.
Alexander Barton, Freiburg, Germany
Got a couple oddball feature requests I'd like to bounce off you...
1 - External Auth Mechanism
Currently, ngircd supports a single global server password option. I'd
like to be able to do specific user/pass pairs on connect. Either
setting them up in the conf, an external flat file, or the option to
call an external script, pass it the user/pass pair, and allow the
connect if it returns without error (allowing radius/ldap/etc based
auth without having to support it directly in ngricd) would be slick.
2 - Toggle to restrict use of /nick and channel creation to those with
+o. By itself this doesn't do much, but in combination with the above,
this allows much more control of the ircd's use, making it appropriate
to use in an internal LAN/buisiness environment.
One last question, have the services provisions been fleshed out enough
to warrant trying third party service apps, or are they still too
the strlcpy() included with ngircd is broken. It will always return values smaller than the
specified buffer length. This is very bad because you can no longer tell if truncation
occured by looking at the return value (hence, the truncation checks in ngircd won't work if
the included strlcpy is used).
Trivial patch is attached.
Attached is a small patch to NGIRCd CVS that writes the daemons pid to
a file (Default: /var/run/ngircd/ngircd.pid).
The pidfile can be changed via the -P <pidfile> or --pidfile <pidfile> options.
The getpid.sh script included with ngircd does not work on FreeBSD 5.3-Stable
(ps needs -ax switches). Also, the sample configuration file says
'one port, separated with ";"' ( the given example uses the correct "," seperator).
I am currently configuring a connection between ngircd 0.8.1 and
a machine running irc 2.10.3p5. This failed at first because
ngircd restricts passwords to 8 characters in length.
I took a quick glance at RFC 1459, but i couldnt find any specification of
a maximum password length, so I bumped CLIENT_PASS_LEN to 17 in
src/ngircd/defines.h . Is there a particular reason why it is restricted
to 8? (Or why it was chosen in the first place?)