ngIRCd Users März 2014

ngircd@lists.barton.de

4 Teilnehmer
4 Diskussionen

ngIRCd 21.1
by Alexander Barton 07 Mai '14

07 Mai '14

Hi all! Today I released ngIRCd 21.1, a bug-fix only release for ngIRCd 21. This release doesn't contain new features, but fixes a few "glitches" in ngIRCd 21 that have been reported over the past few months. The NEWS file lists the following: • Don't ignore but use the server password when PAM is compiled in but disabled. Thanks to Roy Sindre Norangshol <roy.sindre(a)norangshol.no>! • doc/Platforms.txt: Update from master branch. • doc/Services.txt: Update information for Anope 2.x. • configure: add support for the LDFLAGS_END and LIBS_END variables to add linker flags and libraries at the end of the configure run (CFLAGS_END has been implemented already). • Update Copyright notices for 2014 :-) There are no security fixes included, nevertheless all installations should update: ngIRCd 21.1 is fully backwards compatible and the update should be straight forward, no configuration changes are required. You can find the NEWS file (listing all new and changed features) and the ChangeLog file (listing all changes in greater detail) in the distribution archives as well as online: • <http://ngircd.barton.de/doc/NEWS> • <http://ngircd.barton.de/doc/ChangeLog> And even more information can be found here: • Homepage: <http://ngircd.barton.de/> (<http://ngircd.mirror.3rz.org>) • Bug tracker: <http://ngircd.barton.de/bugzilla/> • Downloads: • HTTP 1: <http://ngircd.barton.de/pub/ngircd/> • HTTP 2: <http://ngircd.mirror.3rz.org/pub/ngircd/> Please note: The BerliOS platform is shutting down, so our BerliOS mirror site will become unavailable and all old links to BerliOS will become unreachable! (see <http://developer.berlios.de/forum/forum.php?forum_id=39220>) But don't worry too much, ngIRCd already gained a new mirror site, located at <http://ngircd.mirror.3rz.org>, provided by Götz Hoffart. Thanks a lot! And as usual, a big thanks to all users, bug reporters, contributors, packagers, and supporters! Regards Alex

3 3

Ngircd shutting down constantly by client?
by Michiel van Es 30 Mär '14

30 Mär '14

Hello, I am running Ngircd 21 on CentOS 6.5 64 bit. I compiled Ngircd from source with OpenSSL and PAM to provide the CIA triad (Confidentiality, Integrity and Authentication). I store my passwords with htpassword with crypt and a salt (crypt() alone is not safe enough). I have noticed that my Ngircd daemon shuts down whenever a client or an ip makes a connection to my port and sends a bogus SSL handshake: Mar 29 03:42:06 mail ngircd[29098]: Accepted connection 8 from "222.151.83.101:6728" on socket 7. Mar 29 03:42:06 mail ngircd[29098]: SSL protocol error: SSL_accept (error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol) Mar 29 03:42:06 mail ngircd[29098]: Shutting down connection 8 (SSL accept error, closing socket) with "222.151.83.101:6728" ... Mar 29 03:42:06 mail ngircd[29098]: Client unregistered (connection 8): SSL accept error, closing socket. Mar 29 03:42:06 mail ngircd[29098]: Connection 8 with "222.151.83.101:6728" closed (in: 0.0k, out: 0.0k). Mar 29 03:43:06 mail ngircd[29098]: Server going down NOW! Mar 29 03:43:06 mail ngircd[29098]: Shutting down all listening sockets (1 total) ... Mar 29 03:43:06 mail ngircd[29098]: ngIRCd done, served 1 connection. I automatically restart the Ngircd daemon with a check script but directly after it gets hit again: Mar 29 03:44:01 mail ngircd[29168]: ngIRCd 21-IRCPLUS+PAM+SSL+SYSLOG+ZLIB-x86_64/unknown/linux-gnu started. Mar 29 03:44:01 mail ngircd[29168]: Using configuration file "/usr/local/etc/ngircd.conf" ... Mar 29 03:44:01 mail ngircd[29168]: Configuration option "DHFile" not set! Mar 29 03:44:01 mail ngircd[29168]: OpenSSL 1.0.1e-fips 11 Feb 2013 initialized. Mar 29 03:44:01 mail ngircd[29169]: Running as user ngircd(494), group ngircd(495), with PID 29169. Mar 29 03:44:01 mail ngircd[29169]: Not running with changed root directory. Mar 29 03:44:01 mail ngircd[29169]: IO subsystem: epoll (hint size 100, initial maxfd 100, masterfd 4). Mar 29 03:44:01 mail ngircd[29169]: Created pre-defined channel "#pragmasec". Mar 29 03:44:01 mail ngircd[29169]: Created pre-defined channel "#prive". Mar 29 03:44:01 mail ngircd[29169]: Now listening on [0.0.0.0]:6667 (socket 7). Mar 29 03:44:23 mail ngircd[29169]: Accepted connection 8 from "222.151.83.101:62835" on socket 7. Mar 29 03:44:23 mail ngircd[29169]: SSL protocol error: SSL_accept (error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol) Mar 29 03:44:23 mail ngircd[29169]: Shutting down connection 8 (SSL accept error, closing socket) with "222.151.83.101:62835" ... Mar 29 03:44:23 mail ngircd[29169]: Client unregistered (connection 8): SSL accept error, closing socket. Mar 29 03:44:23 mail ngircd[29169]: Connection 8 with "222.151.83.101:62835" closed (in: 0.0k, out: 0.0k). Mar 29 03:45:23 mail ngircd[29169]: Server going down NOW! Mar 29 03:45:23 mail ngircd[29169]: Shutting down all listening sockets (1 total) ... Mar 29 03:45:23 mail ngircd[29169]: ngIRCd done, served 1 connection. This continues all during the night and I notice that the connection is coming from Japan (if the IP is not spoofed or a Tor endpoint): [user@mail ~]$ host 222.151.83.101 101.83.151.222.in-addr.arpa domain name pointer 222-151-083-101.jp.fiberbit.net. I can offcourse block the ip but it seems Ngircd can not withstand the strange SSL connection from the client and shuts itself down. My config is here: http://www.pragmasec.nl/ngircd.txt (its also a manual how to setup Ngircd + SSL + PAM with hashed+salted passwords - something I think a lot of users are looking for who are wanting PAM auth) How can I fix this? Is it Ngircd related or related to my config? THanks for any tips or help. Regards, Michiel

3 5

ngIRCd 21.1 on OS X 10.9.2, llvm/clang
by Götz Hoffart 27 Mär '14

27 Mär '14

1 0

ngIRCd 21.1 on … Open64, Solaris Studio, tcc
by Götz Hoffart 27 Mär '14

27 Mär '14

the executable works ("runs") as expected --+ tests run successfully ("make check") --+ | ngIRCd compiles ("make") --+ | | ./configure works --+ | | | | | | | Platform Compiler ngIRCd Date Tester C M T R * --------------------------- ------------ ---------- -------- -------- - - - - - x86_64/unknown/linux-gnu Open64 21.1 14-03-27 goetz Y Y Y Y 1 the executable works ("runs") as expected --+ tests run successfully ("make check") --+ | ngIRCd compiles ("make") --+ | | ./configure works --+ | | | | | | | Platform Compiler ngIRCd Date Tester C M T R * --------------------------- ------------ ---------- -------- -------- - - - - - x86_64/unknown/linux-gnu unknown 21.1 14-03-27 goetz Y Y Y Y 1 (Solaris Studio 12.3, 'cc') the executable works ("runs") as expected --+ tests run successfully ("make check") --+ | ngIRCd compiles ("make") --+ | | ./configure works --+ | | | | | | | Platform Compiler ngIRCd Date Tester C M T R * --------------------------- ------------ ---------- -------- -------- - - - - - x86_64/unknown/linux-gnu tcc 0.9.25 21.1 14-03-27 goetz Y Y Y Y 1 Grüße Götz

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

ngIRCd Users März 2014