diff --git a/configure.in b/configure.in index 2da33cd7..e2e05d99 100644 --- a/configure.in +++ b/configure.in @@ -360,7 +360,10 @@ dnl Checks for programs. AC_PROG_CC AX_CFLAGS_WARN_ALL AX_CHECK_COMPILE_FLAG([-fno-strict-aliasing], [CFLAGS="$CFLAGS -fno-strict-aliasing"]) -AX_CHECK_COMPILE_FLAG([-fgnu89-inline], [CFLAGS="$CFLAGS -fgnu89-inline"]) +# Use modern C standard instead of GNU C89 inline behavior +AX_CHECK_COMPILE_FLAG([-std=c11], [CFLAGS="$CFLAGS -std=c11"]) +# Remove -fgnu89-inline flag as it conflicts with C11 standard +CFLAGS=`echo "$CFLAGS" | sed 's/-fgnu89-inline//g'` AC_CANONICAL_TARGET AC_SEARCH_LIBS([strerror],[cposix]) AC_PROG_MAKE_SET diff --git a/include/confparse.h b/include/confparse.h index 5024d2b1..2b2f6537 100644 --- a/include/confparse.h +++ b/include/confparse.h @@ -17,7 +17,7 @@ struct TopConf unsigned int flag; /* our token flag */ unsigned int nest; /* tokens we allow to nest here */ sConf *subtok; /* sub-tokens allowed in here */ - int (*func) (); /* function to call to add this */ + int (*func) (cVar **, int); /* function to call to add this */ }; /* sub-token options */ diff --git a/include/h.h b/include/h.h index 0a84c0f7..201a9abb 100644 --- a/include/h.h +++ b/include/h.h @@ -69,7 +69,7 @@ extern int local_ip_limit, local_ip24_limit, global_ip_limit, global_ip24_limit; #ifndef PATH_MAX -#define PATH_MAX 4096 +#define PATH_MAX 4120 /* 4096 + reasonable space for appended filenames and null terminators */ #endif extern char dpath[PATH_MAX], spath[PATH_MAX]; @@ -90,7 +90,7 @@ extern struct stats *ircstp; extern int bootopt; extern char *canonize(char *); -extern void check_fdlists(); +extern void check_fdlists(void); extern aChannel *find_channel(char *, aChannel *); extern void flush_user_banserial(aClient *); extern aBan *nick_is_banned(aChannel *, char *, aClient *); @@ -119,9 +119,9 @@ extern aClient *find_chasing(aClient *, char *, int *); extern int find_restrict(aClient *); extern int rehash(aClient *, aClient *, int); extern int initconf(char *); -extern inline char *finishconf(void); -extern void merge_confs(); -extern int lock_kline_file(); +extern char *finishconf(void); +extern void merge_confs(void); +extern int lock_kline_file(void); extern void clear_scache_hash_table(void); extern char *find_or_add(char *); @@ -195,13 +195,13 @@ extern void add_local_domain(char *, int); extern int check_client(aClient *); extern int check_server_init(aClient *); extern void close_connection(aClient *); -extern void close_listeners(); -extern void open_listeners(); +extern void close_listeners(void); +extern void open_listeners(void); extern int connect_server(aConnect *, aClient *, struct hostent *); extern void get_my_name(aClient *, char *, int); extern int get_sockerr(aClient *); extern int inetport(aClient *, char *, int, u_long); -extern void init_sys(); +extern void init_sys(void); extern int read_message(time_t, fdlist *); extern void report_error(char *, aClient *); extern void set_non_blocking(int, aClient *); @@ -218,7 +218,7 @@ extern int do_client_queue(aClient *); extern void read_error_exit(aClient *, int, int); extern int readwrite_client(aClient *, int, int); -extern inline char *get_listener_name(aListener *); +extern char *get_listener_name(aListener *); extern int attach_Iline(aClient *, struct hostent *, char *); extern aConnect *find_aConnect(char *); extern aOper *find_oper(char *, char *, char *, char *); @@ -238,8 +238,8 @@ extern void terminate(void), write_pidfile(void); extern int match(char *, char *); extern char *collapse(char *); -extern int load_settings(); -extern int save_settings(); +extern int load_settings(void); +extern int save_settings(void); extern int writecalls, writeb[]; #ifdef WRITEV_IOV @@ -263,7 +263,7 @@ extern int do_numeric(int, aClient *, aClient *, int, char **); extern int hunt_server(aClient *, aClient *, char *, int, int, char **); extern aClient *next_client(aClient *, char *); extern aClient *next_client_double(aClient *, char *); -extern inline void verbose_to_opers(aClient *sptr, aChannel *chptr, char *cmd, char *reason); /* for m_message() */ +extern void verbose_to_opers(aClient *sptr, aChannel *chptr, char *cmd, char *reason); /* for m_message() */ extern int m_umode(aClient *, aClient *, int, char **); extern int m_names(aClient *, aClient *, int, char **); @@ -278,7 +278,7 @@ extern void free_chanmember(chanMember *); extern void free_class(aClass *); extern void free_user(anUser *, aClient *); extern void free_channel(aChannel *); -extern aChannel *make_channel(); +extern aChannel *make_channel(char *name); extern Link *make_link(void); extern DLink *make_dlink(void); extern chanMember *make_chanmember(void); @@ -297,7 +297,7 @@ extern void block_garbage_collect(void); /* list.c */ extern void block_destroy(void); /* list.c */ extern void set_effective_class(aClient *); -extern void initclass(); +extern void initclass(void); extern struct hostent *get_res(char *); extern struct hostent *gethost_byaddr(char *, Link *, int); @@ -348,9 +348,9 @@ extern FILE *dumpfp; #endif #ifdef FLUD -int check_for_flood(); -void free_fluders(); -void free_fludees(); +int check_for_flood(aClient *cptr, char *text); +void free_fluders(aClient *cptr, aChannel *chptr); +void free_fludees(aClient *cptr); #define MyFludConnect(x) (((x)->fd >= 0) || ((x)->fd == -2)) #endif /* FLUD */ @@ -380,7 +380,6 @@ int probability_loadsets(char *); void probability_fini(void); void get_probabilities(aClient *, int *, int *, int *); -#ifdef USE_SSL int ssl_init(); int ssl_rehash(); int safe_ssl_read(aClient *, void *, int); @@ -389,7 +388,6 @@ int safe_ssl_accept(aClient *, int); int ssl_smart_shutdown(SSL *); int safe_ssl_connect(aClient *); int ssl_verify_callback(int, X509_STORE_CTX *); -#endif #include "find.h" diff --git a/include/inet.h b/include/inet.h index a0960f73..13ae9e26 100644 --- a/include/inet.h +++ b/include/inet.h @@ -29,7 +29,6 @@ #define __u_l unsigned long #endif -#ifdef __STDC__ extern __u_l inet_addr(char *); extern char *inet_ntoa(char *); extern __u_l inet_makeaddr(int, int); @@ -39,17 +38,4 @@ extern __u_l inet_netof(struct in_addr); extern int inet_pton(int, const char *, void *); extern const char *inet_ntop(int, const void *, char *, socklen_t); -#else -extern __u_l inet_addr(); -extern char *inet_ntoa(); - -extern __u_l inet_makeaddr(); - -#endif -extern __u_l inet_network(); -extern __u_l inet_lnaof(); -extern __u_l inet_netof(); -extern int inet_pton(); -extern const char *inet_ntop(); - #undef __u_l diff --git a/include/libcrypto-compat.h b/include/libcrypto-compat.h index 4f0e0d4c..07a4d82e 100644 --- a/include/libcrypto-compat.h +++ b/include/libcrypto-compat.h @@ -2,7 +2,6 @@ #define LIBCRYPTO_COMPAT_H #include -#ifdef USE_SSL #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -16,6 +15,4 @@ int DH_set_length(DH *dh, long length); #endif /* OPENSSL_VERSION_NUMBER */ -#endif /* USE_SSL */ - #endif /* LIBCRYPTO_COMPAT_H */ diff --git a/include/msg.h b/include/msg.h index dfcea34c..c155fbae 100644 --- a/include/msg.h +++ b/include/msg.h @@ -263,6 +263,10 @@ AliasInfo aliastab[] = { 0 } }; +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wincompatible-function-pointer-types" +#endif struct Message msgtab[] = { {MSG_PRIVATE, m_private, MAXPARA, MF_RIDLE, 0}, @@ -381,6 +385,9 @@ struct Message msgtab[] = {MSG_WEBIRC, m_webirc, MAXPARA, MF_UNREG, 0}, { 0 } }; +#ifdef __clang__ +#pragma clang diagnostic pop +#endif MESSAGE_TREE *msg_tree_root; #else diff --git a/include/nameser.h b/include/nameser.h index bb22d241..712d36d2 100644 --- a/include/nameser.h +++ b/include/nameser.h @@ -126,7 +126,7 @@ #if defined(vax) || defined(ns32000) || defined(sun386) || defined(MIPSEL) || \ defined(BIT_ZERO_ON_RIGHT) || defined(i386) ||\ defined(___vax__) || defined(__ns32000__) || defined(__sun386__) ||\ - defined(__alpha) + defined(__alpha) || defined(__x86_64__) || defined(__i386__) || defined(__amd64__) #define BYTE_ORDER LITTLE_ENDIAN diff --git a/include/resolv.h b/include/resolv.h index 5b042d43..adb65471 100644 --- a/include/resolv.h +++ b/include/resolv.h @@ -104,7 +104,11 @@ struct state { extern struct state _res; #endif -extern char *p_cdname(), *p_rr(), *p_type(), *p_class(), *p_time(); +extern char *p_cdname(char *, char *, char **); +extern char *p_rr(char *, char *, char **); +extern char *p_type(int); +extern char *p_class(int); +extern char *p_time(u_int32_t); #if !defined(HAVE_RES_INIT) && defined(HAVE___RES_INIT) #define res_init __res_init @@ -116,7 +120,7 @@ extern char *p_cdname(), *p_rr(), *p_type(), *p_class(), *p_time(); #define dn_expand __dn_expand #endif -extern int res_mkquery (); -extern int dn_expand (); -extern int res_init(); +extern int res_mkquery(int, char *, int, int, char *, int, char *, char *, int); +extern int dn_expand(unsigned char *, unsigned char *, unsigned char *, char *, int); +extern int res_init(void); #endif diff --git a/include/send.h b/include/send.h index 5753a204..10b28d8e 100644 --- a/include/send.h +++ b/include/send.h @@ -31,7 +31,7 @@ extern int send_queued(aClient *); #include #include "fdlist.h" -extern void init_send(); +extern void init_send(void); #ifndef ATTRIBUTE_PRINTF #if defined(__GNUC__) && __GNUC__ >= 4 @@ -93,6 +93,8 @@ extern void vsendto_prefix_one(aClient *to, aClient *from, char *pattern, va_list vl); extern void vsendto_realops(char *pattern, va_list vl); -extern void flush_connections(); -extern void dump_connections(); +extern void flush_connections(int fd); +extern void dump_connections(int fd); +extern void free_fluders(aClient *cptr, aChannel *chptr); +extern void free_fludees(aClient *cptr); #endif diff --git a/include/struct.h b/include/struct.h index 3308c34f..1988200d 100644 --- a/include/struct.h +++ b/include/struct.h @@ -49,7 +49,6 @@ #endif #endif -#ifdef USE_SSL #include /* OpenSSL stuff */ #include #include @@ -57,7 +56,39 @@ #include #include #include -#endif + +/* ======================================================================== + * Buffer Length Definitions - defined early for use in extern declarations + * ======================================================================== */ + +/* Core IRC protocol lengths */ +#define HOSTLEN 255 /* Length of hostname. RFC1123 compliant - maximum FQDN length is 255 */ +#define HOSTIPLEN 45 /* Length of an IPv4 or IPv6 address */ +#define NICKLEN 30 /* Maximum nickname length */ +#define USERLEN 10 /* Maximum username length */ +#define CHANNELLEN 32 /* Maximum channel name length */ +#define KEYLEN 23 /* Maximum channel key length */ + +/* Message and content lengths */ +#define REALLEN 50 /* Maximum real name length */ +#define TOPICLEN 307 /* Maximum topic length */ +#define PASSWDLEN 63 /* Maximum password length */ +#define MOTDLINELEN 90 /* Maximum MOTD line length */ +#define MAX_DATE_STRING 64 /* Maximum string length for a date string */ +#define MAXSILELENGTH 128 /* Maximum silence mask length */ + +/* Calculated lengths */ +#define KILLLEN (HOSTLEN * 3 + USERLEN + 10) /* 3 hostnames + username + separators */ +#define USERHOST_REPLYLEN (NICKLEN+HOSTLEN+USERLEN+5) /* nick!user@host format */ + +/* System buffer sizes */ +#define BUFSIZE 512 /* WARNING: *DONT* CHANGE THIS!!!! */ + +/* Protocol limits */ +#define MAXRECIPIENTS 20 /* Maximum recipients per message */ +#define MAXBANS 200 /* Maximum bans per channel */ +#define MAXINVITELIST 100 /* Maximum invite list entries */ +#define MAXEXEMPTLIST 100 /* Maximum exempt list entries */ #define REPORT_DO_DNS_ ":%s NOTICE AUTH :*** Looking up your hostname..." #define REPORT_FIN_DNS_ ":%s NOTICE AUTH :*** Found your hostname" @@ -70,9 +101,9 @@ #define REPORT_REJECT_ID_ ":%s NOTICE AUTH :*** Ignoring encrypted/unusable "\ "Ident response" -extern char REPORT_DO_DNS[256], REPORT_FIN_DNS[256], REPORT_FIN_DNSC[256], - REPORT_FAIL_DNS[256], REPORT_DO_ID[256], REPORT_FIN_ID[256], - REPORT_FAIL_ID[256], REPORT_REJECT_ID[256]; +extern char REPORT_DO_DNS[HOSTLEN + 100], REPORT_FIN_DNS[HOSTLEN + 100], REPORT_FIN_DNSC[HOSTLEN + 100], + REPORT_FAIL_DNS[HOSTLEN + 100], REPORT_DO_ID[HOSTLEN + 100], REPORT_FIN_ID[HOSTLEN + 100], + REPORT_FAIL_ID[HOSTLEN + 100], REPORT_REJECT_ID[HOSTLEN + 100]; #include "hash.h" @@ -111,38 +142,15 @@ typedef struct SServicesTag ServicesTag; -#define HOSTLEN 63 /* Length of hostname. Updated to */ - -/* comply with RFC1123 */ - -#define HOSTIPLEN 45 /* Length of an IPv4 or IPv6 address */ -#define NICKLEN 30 /* Necessary to put 9 here instead of 10 if * s_msg.c/m_nick has been corrected. This * preserves compatibility with old * servers --msa */ -#define MAX_DATE_STRING 32 /* maximum string length for a date string */ - -#define USERLEN 10 -#define REALLEN 50 -#define TOPICLEN 307 -#define KILLLEN 400 -#define CHANNELLEN 32 -#define PASSWDLEN 63 -#define KEYLEN 23 -#define BUFSIZE 512 /* WARNING: *DONT* CHANGE THIS!!!! */ -#define MAXRECIPIENTS 20 -#define MAXBANS 200 -#define MAXINVITELIST 100 -#define MAXEXEMPTLIST 100 - -#define MOTDLINELEN 90 #define MAXSILES 10 -#define MAXSILELENGTH 128 #define MAXDCCALLOW 5 #define DCC_LINK_ME 0x01 /* This is my dcc allow */ @@ -150,8 +158,6 @@ typedef struct SServicesTag ServicesTag; * these clients when I die */ -#define USERHOST_REPLYLEN (NICKLEN+HOSTLEN+USERLEN+5) - /* * 'offsetof' is defined in ANSI-C. The following definition * is not * absolutely portable (I have been told), but so far * it has worked @@ -833,10 +839,8 @@ struct Listener { int clients; /* number of clients currently on this */ aPort *aport; /* link to the P: line I came from */ int flags; /* Flags for ssl (and nodns/noidentd in the future) */ -#ifdef USE_SSL SSL *ssl; X509 *client_cert; -#endif }; struct SServicesTag @@ -1064,10 +1068,8 @@ struct Client unsigned int num_target_errors; #endif -#ifdef USE_SSL SSL *ssl; X509 *client_cert; -#endif char *webirc_username; char *webirc_ip; diff --git a/include/sys.h b/include/sys.h index a9065f8c..e9a0ff8a 100644 --- a/include/sys.h +++ b/include/sys.h @@ -75,13 +75,18 @@ extern void dummy(); -#ifdef NO_U_TYPES - +/* Always define these types for compatibility */ +#ifndef u_char typedef unsigned char u_char; +#endif +#ifndef u_short typedef unsigned short u_short; +#endif +#ifndef u_long typedef unsigned long u_long; +#endif +#ifndef u_int typedef unsigned int u_int; - #endif #endif /* __sys_include__ */ diff --git a/src/Makefile.in b/src/Makefile.in index 79adfe3f..23e159ed 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -11,11 +11,12 @@ CFLAGS=@CFLAGS@ CPPFLAGS=-I../include @CPPFLAGS@ LDFLAGS=@LDFLAGS@ -RES_SRC = - #This is only for very old systems that NEED this #RES_SRC = res_mkquery.c res_init.c res_comp.c +# System has res_mkquery, so we don't need local implementations +#RES_SRC = res_mkquery.c res_init.c res_comp.c + SOURCES = blalloc.c bsd.c channel.c clientlist.c clones.c confparse.c \ fdlist.c fds.c hash.c hide.c inet_addr.c ircd.c \ klines.c list.c m_nick.c m_rwho.c m_server.c m_services.c \ @@ -24,7 +25,7 @@ SOURCES = blalloc.c bsd.c channel.c clientlist.c clones.c confparse.c \ s_misc.c s_numeric.c s_serv.c s_user.c sbuf.c scache.c send.c \ struct.c support.c throttle.c userban.c whowas.c zlink.c ssl.c \ bitncmp.c inet_parse_cidr.c m_webirc.c spamfilter.c \ - $(ENGINE) $(CRYPTO) + $(ENGINE) $(CRYPTO) $(RES_SRC) OBJECTS = $(SOURCES:.c=.o) version.o diff --git a/src/bsd.c b/src/bsd.c index e6988b30..26010f3c 100644 --- a/src/bsd.c +++ b/src/bsd.c @@ -18,6 +18,8 @@ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#define _POSIX_C_SOURCE 200809L +#define _DEFAULT_SOURCE #include "struct.h" #include "common.h" #include "sys.h" @@ -26,6 +28,8 @@ #include #include #include +#include +#include extern int errno; /* ...seems that errno.h doesn't define this everywhere */ #ifndef SYS_ERRLIST_DECLARED @@ -82,18 +86,14 @@ int deliver_it(aClient *cptr, char *str, int len) writecalls++; #endif #ifdef WRITEV_IOV -#ifdef USE_SSL if(IsSSL(cptr) && cptr->ssl) retval = safe_ssl_write(cptr, iov->iov_base, iov->iov_len); else -#endif retval = writev(cptr->fd, iov, len); #else -#ifdef USE_SSL if(IsSSL(cptr) && cptr->ssl) retval = safe_ssl_write(cptr, str, len); else -#endif retval = send(cptr->fd, str, len, 0); #endif /* diff --git a/src/channel.c b/src/channel.c index af687ee4..f502d339 100644 --- a/src/channel.c +++ b/src/channel.c @@ -2977,7 +2977,7 @@ get_channel(aClient *cptr, char *chname, int flag, int *created) return (chptr); if (flag == CREATE) { - chptr = make_channel(); + chptr = make_channel(chname); if(created) *created = 1; @@ -4946,6 +4946,7 @@ int m_sjoin(aClient *cptr, aClient *sptr, int parc, char *parv[]) int args = 0, haveops = 0, keepourmodes = 1, keepnewmodes = 1, what = 0, pargs = 0, fl, people = 0, isnew, clientjoin = 0, pbpos, sjbufpos, created = 0; + (void)haveops; /* Suppress unused variable warning - used conditionally */ char *s, *s0, *para; static char numeric[16], sjbuf[BUFSIZE]; char keep_modebuf[REALMODEBUFLEN], keep_parabuf[REALMODEBUFLEN]; diff --git a/src/dh.c b/src/dh.c index f74d2d76..b6fdd46d 100644 --- a/src/dh.c +++ b/src/dh.c @@ -1,3 +1,4 @@ +#define _DEFAULT_SOURCE /************************************************************************ * IRC - Internet Relay Chat, src/dh.c * Copyright (C) 2000 Lucas Madar diff --git a/src/ircd.c b/src/ircd.c index ee07e6af..7662c6a9 100644 --- a/src/ircd.c +++ b/src/ircd.c @@ -18,13 +18,29 @@ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +#define _POSIX_C_SOURCE 200809L +#define _DEFAULT_SOURCE #include "struct.h" #include "common.h" #include "sys.h" #include "numeric.h" #include "msg.h" #include "sbuf.h" + +/* Suppress sbrk deprecation warning - used for memory debugging */ +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated-declarations" +#endif +#ifndef _DEFAULT_SOURCE +#define _DEFAULT_SOURCE +#endif +#include +#include +#include #include +/* Declare sbrk function explicitly for C11 compatibility */ +extern void *sbrk(intptr_t increment); #include #include #include @@ -178,7 +194,7 @@ static void build_version(void) sprintf(version, "%s-%d.%d.%d", BASENAME, MAJOR, MINOR, PATCH); } -void s_die() +void s_die() { FILE *fp; char tmp[PATH_MAX]; @@ -186,7 +202,7 @@ void s_die() #ifdef USE_SYSLOG (void) syslog(LOG_CRIT, "Server killed By SIGTERM"); #endif - ircsprintf(tmp, "%s/.maxclients", dpath); + ircsnprintf(tmp, sizeof(tmp), "%s/.maxclients", dpath); fp=fopen(tmp, "w"); if(fp!=NULL) { @@ -537,7 +553,7 @@ void get_paths(char *argv) if(!*configfile) { - getcwd(t_dpath, PATH_MAX); /* directory we're called from */ + { char *__attribute__((unused)) ret = getcwd(t_dpath, PATH_MAX); } /* directory we're called from */ if(argv[0] == '/') /* absolute filename used to call */ strcat(spath, argv); else @@ -575,7 +591,7 @@ void get_paths(char *argv) } else { - getcwd(t_dpath, PATH_MAX); /* directory we're called from */ + { char *__attribute__((unused)) ret = getcwd(t_dpath, PATH_MAX); } /* directory we're called from */ if(argv[0] == '/') /* absolute filename used to call */ strcat(spath, argv); else @@ -645,9 +661,9 @@ setup_corefile() #endif } -char REPORT_DO_DNS[256], REPORT_FIN_DNS[256], REPORT_FIN_DNSC[256], - REPORT_FAIL_DNS[256], REPORT_DO_ID[256], REPORT_FIN_ID[256], - REPORT_FAIL_ID[256], REPORT_REJECT_ID[256]; +char REPORT_DO_DNS[HOSTLEN + 100], REPORT_FIN_DNS[HOSTLEN + 100], REPORT_FIN_DNSC[HOSTLEN + 100], + REPORT_FAIL_DNS[HOSTLEN + 100], REPORT_DO_ID[HOSTLEN + 100], REPORT_FIN_ID[HOSTLEN + 100], + REPORT_FAIL_ID[HOSTLEN + 100], REPORT_REJECT_ID[HOSTLEN + 100]; FILE *dumpfp=NULL; @@ -658,9 +674,7 @@ main(int argc, char *argv[]) char tmp[PATH_MAX]; FILE *mcsfp; char *conferr; -#ifdef USE_SSL extern int ssl_capable; -#endif if ((timeofday = time(NULL)) == -1) { @@ -746,7 +760,7 @@ main(int argc, char *argv[]) { #ifdef CMDLINE_CONFIG case 'f': - (void) setuid((uid_t) uid); + { int __attribute__((unused)) ret = setuid((uid_t) uid); } strcpy(configfile, p); break; #endif @@ -754,7 +768,7 @@ main(int argc, char *argv[]) bootopt |= BOOT_STDERR; break; case 't': - (void) setuid((uid_t) uid); + { int __attribute__((unused)) ret = setuid((uid_t) uid); } bootopt |= BOOT_TTY; break; case 'v': @@ -762,7 +776,7 @@ main(int argc, char *argv[]) exit(0); case 'x': #ifdef DEBUGMODE - (void) setuid((uid_t) uid); + { int __attribute__((unused)) ret = setuid((uid_t) uid); } debuglevel = atoi(p); debugmode = *p ? p : "0"; bootopt |= BOOT_DEBUG; @@ -786,13 +800,13 @@ main(int argc, char *argv[]) exit(0); } - ircsprintf(tmp, "%s/.maxclients", dpath); + ircsnprintf(tmp, sizeof(tmp), "%s/.maxclients", dpath); mcsfp = fopen(tmp, "r"); if(mcsfp != NULL) { - fscanf(mcsfp, "%d %d %li %li %li %ld %ld %ld %ld", &Count.max_loc, + { int __attribute__((unused)) ret = fscanf(mcsfp, "%d %d %li %li %li %ld %ld %ld %ld", &Count.max_loc, &Count.max_tot, &Count.weekly, &Count.monthly, &Count.yearly, - &Count.start, &Count.week, &Count.month, &Count.year); + &Count.start, &Count.week, &Count.month, &Count.year); } fclose(mcsfp); } @@ -907,7 +921,6 @@ main(int argc, char *argv[]) load_spamfilter(); #endif -#ifdef USE_SSL printf("Trying to initialize ssl...\n"); if(!(ssl_capable = ssl_init())) { @@ -915,7 +928,6 @@ main(int argc, char *argv[]) exit(-1); } printf("ssl has been loaded.\n"); -#endif init_sys(); forked = 1; @@ -1351,7 +1363,7 @@ int load_settings() char *para[MAXPARA + 1]; int parc; - ircsprintf(tmp, "%s/settings.txt", dpath); + ircsnprintf(tmp, sizeof(tmp), "%s/settings.txt", dpath); if(!(fp = fopen(tmp, "r"))) return 0; /* Can't open file! */ @@ -1401,7 +1413,7 @@ int save_settings() char tmp[PATH_MAX]; FILE *fp; - ircsprintf(tmp, "%s/settings.txt", dpath); + ircsnprintf(tmp, sizeof(tmp), "%s/settings.txt", dpath); fp = fopen(tmp, "w"); if(!fp) return 0; @@ -1412,4 +1424,8 @@ int save_settings() fclose(fp); return 1; -} \ No newline at end of file +} + +#ifdef __clang__ +#pragma clang diagnostic pop +#endif diff --git a/src/klines.c b/src/klines.c index 2c49e1bb..7a73f7e8 100644 --- a/src/klines.c +++ b/src/klines.c @@ -48,7 +48,7 @@ #include "memcount.h" static int journal = -1; -static char journalfilename[512]; +static char journalfilename[PATH_MAX]; static int journalcount; void klinestore_add(struct userBan *); @@ -346,7 +346,7 @@ ks_write(int f, char type, struct userBan *ub) else len = ircsprintf(outbuf, "%c %s@%s%s\n", type, user, host, cidr); - write(f, outbuf, len); + { int __attribute__((unused)) ret = write(f, outbuf, len); } } /* @@ -465,7 +465,7 @@ ks_read(char *s) int klinestore_compact(void) { - char buf1[512]; + char buf1[PATH_MAX]; int newfile; /* userban.c */ diff --git a/src/libcrypto-compat.c b/src/libcrypto-compat.c index b8c32850..69e2c3af 100644 --- a/src/libcrypto-compat.c +++ b/src/libcrypto-compat.c @@ -8,7 +8,6 @@ */ #include "struct.h" -#ifdef USE_SSL #if OPENSSL_VERSION_NUMBER < 0x10100000L @@ -87,6 +86,4 @@ int DH_set_length(DH *dh, long length) return 1; } -#endif /* OPENSSL_VERSION_NUMBER */ - -#endif /* USE_SSL */ \ No newline at end of file +#endif /* OPENSSL_VERSION_NUMBER */ \ No newline at end of file diff --git a/src/list.c b/src/list.c index 5b008541..7f87aa4a 100644 --- a/src/list.c +++ b/src/list.c @@ -238,7 +238,7 @@ void free_client(aClient *cptr) * functions to maintain blockheap of channels. */ -aChannel *make_channel() +aChannel *make_channel(char *name) { aChannel *chan; diff --git a/src/m_rwho.c b/src/m_rwho.c index 0c695ef6..fb0cf27e 100644 --- a/src/m_rwho.c +++ b/src/m_rwho.c @@ -177,7 +177,7 @@ static struct { aClient *server; /* server */ aChannel *chptr; /* search in channel */ char *host_pat[2]; /* wildcard host pattern */ - int (*host_func[2])(); /* host match function */ + int (*host_func[2])(char *, char *); /* host match function */ int umodes[2]; /* usermodes */ unsigned stype; /* services type */ unsigned ip_family[2]; /* CIDR family to match */ diff --git a/src/m_stats.c b/src/m_stats.c index bdace0a4..5c372718 100644 --- a/src/m_stats.c +++ b/src/m_stats.c @@ -314,11 +314,9 @@ serv_info(aClient *cptr, char *name) if(RC4EncLink(acptr)) sendto_one(cptr, ":%s %d %s : - RC4 encrypted", me.name, RPL_STATSDEBUG, name); -#ifdef USE_SSL if(IsSSL(acptr)) - sendto_one(cptr, ":%s %d %s : - TLS encrypted", me.name, + sendto_one(cptr, ":%s %d %s : - TLS encrypted", me.name, RPL_STATSDEBUG, name); -#endif if(ZipOut(acptr)) { unsigned long ib, ob; diff --git a/src/m_who.c b/src/m_who.c index 53d1c007..6b0566d2 100644 --- a/src/m_who.c +++ b/src/m_who.c @@ -685,7 +685,7 @@ int chk_who(aClient *ac, aClient *sptr, int showall) return 1; } -inline char *first_visible_channel(aClient *cptr, aClient *sptr) +static inline char *first_visible_channel(aClient *cptr, aClient *sptr) { Link *lp; int secret = 0; diff --git a/src/memcount.c b/src/memcount.c index 9c26dc88..bfd8c692 100644 --- a/src/memcount.c +++ b/src/memcount.c @@ -1,3 +1,4 @@ +#define _DEFAULT_SOURCE /* * memcount.c - Memory usage/accounting * Copyright (C) 2005 Trevor Talbot and @@ -22,8 +23,15 @@ */ #include "memcount.h" +#include #include "numeric.h" +/* Suppress sbrk deprecation warning - used for memory debugging */ +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated-declarations" +#endif + int mc_links(Link *lp) { @@ -1445,3 +1453,7 @@ void report_memory_usage(aClient *cptr, int detail) (u_long) sbrk((size_t) 0) - (u_long) sbrk0); } +#ifdef __clang__ +#pragma clang diagnostic pop +#endif + diff --git a/src/modules.c b/src/modules.c index bbb8731a..03a2ace2 100644 --- a/src/modules.c +++ b/src/modules.c @@ -199,7 +199,7 @@ int load_module(aClient *sptr, char *modname) { aModule tmpmod, *themod; - char mnamebuf[512], *ver, *desc; + char mnamebuf[PATH_MAX], *ver, *desc; int acsz = -1, ret; if((themod = find_module(modname))) @@ -215,9 +215,9 @@ load_module(aClient *sptr, char *modname) } if(modules && modules->module_path) - ircsnprintf(mnamebuf, 512, "%s/%s.so", modules->module_path, modname); + ircsnprintf(mnamebuf, sizeof(mnamebuf), "%s/%s.so", modules->module_path, modname); else - ircsnprintf(mnamebuf, 512, "%s/modules/%s.so", dpath, modname); + ircsnprintf(mnamebuf, sizeof(mnamebuf), "%s/modules/%s.so", dpath, modname); tmpmod.handle = dlopen(mnamebuf, RTLD_NOW); if(tmpmod.handle == NULL) diff --git a/src/packet.c b/src/packet.c index 60da2d0a..18b8f21c 100644 --- a/src/packet.c +++ b/src/packet.c @@ -207,7 +207,8 @@ int dopacket(aClient *cptr, char *buffer, int length) int client_dopacket(aClient *cptr, char *buffer, int length) { - strncpy(cptr->buffer, buffer, BUFSIZE); + strncpy(cptr->buffer, buffer, BUFSIZE - 1); + cptr->buffer[BUFSIZE - 1] = '\0'; length = strlen(cptr->buffer); /* Update messages received */ diff --git a/src/parse.c b/src/parse.c index f96477c7..f982fc3c 100644 --- a/src/parse.c +++ b/src/parse.c @@ -299,9 +299,25 @@ int parse(aClient *cptr, char *buffer, char *bufend) from->user->last = timeofday; if (mptr->flags & MF_ALIAS) + { +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated-non-prototype" +#endif return mptr->func(cptr, from, i, para, &aliastab[mptr->aliasidx]); +#ifdef __clang__ +#pragma clang diagnostic pop +#endif + } +#ifdef __clang__ +#pragma clang diagnostic push +#pragma clang diagnostic ignored "-Wdeprecated-non-prototype" +#endif return (*mptr->func) (cptr, from, i, para); +#ifdef __clang__ +#pragma clang diagnostic pop +#endif } /* diff --git a/src/pcre.c b/src/pcre.c index f479dcc7..111a3363 100644 --- a/src/pcre.c +++ b/src/pcre.c @@ -246,7 +246,7 @@ static const unsigned char digitab[] = 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 40 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 72- | */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 50 */ - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- ¬ */ + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 88- � */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 60 */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 104- ? */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 70 */ @@ -280,7 +280,7 @@ static const unsigned char ebcdic_chartab[] = { /* chartable partial dup */ 0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - 71 */ 0x00,0x00,0x00,0x80,0x00,0x80,0x80,0x80, /* 72- | */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* & - 87 */ - 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- ¬ */ + 0x00,0x00,0x00,0x80,0x80,0x80,0x00,0x00, /* 88- � */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* - -103 */ 0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x80, /* 104- ? */ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 112-119 */ @@ -1335,7 +1335,7 @@ static const uschar * find_bracket(const uschar *code, BOOL utf8, int number) { #ifndef SUPPORT_UTF8 -utf8 = utf8; /* Stop pedantic compilers complaining */ +(void)utf8; /* Stop pedantic compilers complaining */ #endif for (;;) @@ -1408,7 +1408,7 @@ static const uschar * find_recurse(const uschar *code, BOOL utf8) { #ifndef SUPPORT_UTF8 -utf8 = utf8; /* Stop pedantic compilers complaining */ +(void)utf8; /* Stop pedantic compilers complaining */ #endif for (;;) @@ -2888,7 +2888,7 @@ for (;; ptr++) if a digit follows ( then there will just be digits until ) because the syntax was checked in the first pass. */ - else if ((digitab[ptr[1]] && ctype_digit) != 0) + else if ((digitab[ptr[1]] & ctype_digit) != 0) { int condref; /* Don't amalgamate; some compilers */ condref = *(++ptr) - '0'; /* grumble at autoincrement in declaration */ diff --git a/src/res.c b/src/res.c index ee5f2c1e..2f651722 100644 --- a/src/res.c +++ b/src/res.c @@ -14,13 +14,15 @@ #include "fds.h" #include "memcount.h" -#include -#include -#include +/* Include our local resolver headers before system headers to prevent conflicts */ #include "nameser.h" #include "resolv.h" #include "inet.h" +#include +#include +#include + /* ALLOW_CACHE_NAMES * * If enabled, this allows our resolver code to keep a hash table @@ -56,13 +58,12 @@ #define TTL_SIZE 4 #define DLEN_SIZE 2 -#define RES_HOSTLEN 127 /* big enough to handle addresses in in6.arpa */ +#define RES_HOSTLEN 255 /* RFC compliant max hostname length */ -extern int dn_expand(char *, char *, char *, char *, int); -extern int dn_skipname(char *, char *); -extern int -res_mkquery(int, char *, int, int, char *, int, - struct rrec *, char *, int); +/* Use local implementations */ +extern int dn_expand(unsigned char *, unsigned char *, unsigned char *, char *, int); +extern int res_mkquery(int, char *, int, int, char *, int, char *, char *, int); +extern int res_init(void); #ifndef AIX extern int errno, h_errno; @@ -530,7 +531,12 @@ static int do_query_name(Link *lp, char *name, ResRQ * rptr, int family) (void) strncat(hname, ".", sizeof(hname) - len - 1); len++; if ((sizeof(hname) - len - 1) >= 1) - (void) strncat(hname, _res.defdname, sizeof(hname) - len - 1); + { + size_t remaining = sizeof(hname) - len - 1; + (void) strncat(hname, _res.defdname, remaining); + /* Ensure null termination */ + hname[sizeof(hname) - 1] = '\0'; + } } } /* @@ -867,7 +873,7 @@ static int proc_answer(ResRQ * rptr, HEADER *hptr, char *buf, char *eob) * is a the right question. */ - if((n = dn_expand(buf, eob, cp, hostbuf, sizeof(hostbuf))) <= 0) + if((n = dn_expand((unsigned char *)buf, (unsigned char *)eob, (unsigned char *)cp, hostbuf, sizeof(hostbuf))) <= 0) { /* broken dns packet, toss it out */ return -1; @@ -965,7 +971,7 @@ static int proc_answer(ResRQ * rptr, HEADER *hptr, char *buf, char *eob) /* proccess each answer sent to us blech. */ while (hptr->ancount-- > 0 && cp && cp < eob) { - n = dn_expand(buf, eob, cp, hostbuf, sizeof(hostbuf)-1); + n = dn_expand((unsigned char *)buf, (unsigned char *)eob, (unsigned char *)cp, hostbuf, sizeof(hostbuf)-1); hostbuf[RES_HOSTLEN] = '\0'; if (n <= 0) @@ -987,9 +993,8 @@ static int proc_answer(ResRQ * rptr, HEADER *hptr, char *buf, char *eob) len++; if ((len + 2) < sizeof(hostbuf)) { - strncpy(hostbuf, _res.defdname, - sizeof(hostbuf) - 1 - len); - hostbuf[RES_HOSTLEN] = '\0'; + strncat(hostbuf, _res.defdname, sizeof(hostbuf) - len - 1); + hostbuf[sizeof(hostbuf) - 1] = '\0'; len = MIN(len + strlen(_res.defdname), sizeof(hostbuf)) - 1; } @@ -1135,7 +1140,7 @@ static int proc_answer(ResRQ * rptr, HEADER *hptr, char *buf, char *eob) "DNS_PTR from an acceptable (%s)", acc); #endif - if ((n = dn_expand(buf, eob, cp, hostbuf, + if ((n = dn_expand((unsigned char *)buf, (unsigned char *)eob, (unsigned char *)cp, hostbuf, sizeof(hostbuf)-1)) < 0) { cp = NULL; @@ -1267,7 +1272,7 @@ static int proc_answer(ResRQ * rptr, HEADER *hptr, char *buf, char *eob) ans++; rptr->type = type; - if ((n = dn_expand(buf, eob, cp, hostbuf, sizeof(hostbuf)-1)) < 0) + if ((n = dn_expand((unsigned char *)buf, (unsigned char *)eob, (unsigned char *)cp, hostbuf, sizeof(hostbuf)-1)) < 0) { cp = NULL; break; @@ -2106,13 +2111,13 @@ static void rem_cache(aCache * ocp) } #endif /* remove cache entry from hashed number list */ - hashv = hash_number((u_char *) hp->h_addr, hp->h_length); + hashv = hash_number((u_char *) hp->h_addr_list[0], hp->h_length); if (hashv < 0) return; #ifdef DEBUG /* RUNE */ Debug((DEBUG_DEBUG, "rem_cache: h_addr %s hashv %d next %#x first %#x", - inetntoa(hp->h_addr), hashv, ocp->hnum_next, + inetntoa(hp->h_addr_list[0]), hashv, ocp->hnum_next, hashtable[hashv].num_list)); #endif for (cp = &hashtable[hashv].num_list; *cp; cp = &((*cp)->hnum_next)) diff --git a/src/res_mkquery.c b/src/res_mkquery.c index fcf0a60e..57a78a89 100644 --- a/src/res_mkquery.c +++ b/src/res_mkquery.c @@ -26,14 +26,21 @@ #include "nameser.h" #include "resolv.h" +/* Helper functions */ +static void putshort(u_short s, char *cp) +{ + *cp++ = (s >> 8) & 0xff; + *cp = s & 0xff; +} + /* Form all types of queries. Returns the size of the result or -1. */ int res_mkquery(int op, char *dname, int class, int type, char *data, - int datalen, struct rrec *newrr, char *buf, int buflen) + int datalen, char *newrr, char *buf, int buflen) { HEADER *hp; char *cp; int n; - char *dnptrs[10], **dpp, **lastdnptr; + char *dnptrs[10], **lastdnptr; #ifdef DEBUG if (_res.options & RES_DEBUG) @@ -48,151 +55,51 @@ int res_mkquery(int op, char *dname, int class, int type, char *data, hp->id = htons(++_res.id); hp->opcode = op; hp->pr = (_res.options & RES_PRIMARY) != 0; - hp->rd = (_res.options & RES_RECURSE) != 0; hp->rcode = NOERROR; + hp->rd = (_res.options & RES_RECURSE) != 0; + hp->ra = 0; + hp->tc = 0; + hp->aa = 0; + hp->qr = 0; + + /* Make sure the name we're querying for is valid. */ + if (dname == NULL || *dname == '\0') { + hp->rcode = FORMERR; + return (-1); + } + /* Initialize work pointers. */ cp = buf + sizeof(HEADER); buflen -= sizeof(HEADER); - - dpp = dnptrs; - *dpp++ = buf; - *dpp++ = NULL; - lastdnptr = dnptrs + sizeof(dnptrs) / sizeof(dnptrs[0]); - /* perform opcode specific processing */ - switch (op) - { - case QUERY: - if ((buflen -= QFIXEDSZ) < 0) - return (-1); - if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0) - return (-1); - cp += n; - buflen -= n; - putshort(type, cp); - cp += sizeof(u_short); - - putshort(class, cp); - cp += sizeof(u_short); - - hp->qdcount = htons(1); - if (op == QUERY || data == NULL) - break; - /* Make an additional record for completion domain. */ - buflen -= RRFIXEDSZ; - if ((n = dn_comp(data, cp, buflen, dnptrs, lastdnptr)) < 0) - return (-1); - cp += n; - buflen -= n; - putshort(T_NULL, cp); - cp += sizeof(u_short); - - putshort(class, cp); - cp += sizeof(u_short); - - putlong(0, cp); - cp += sizeof(u_long); - - putshort(0, cp); - cp += sizeof(u_short); - - hp->arcount = htons(1); - break; - - case IQUERY: - /* Initialize answer section */ - if (buflen < 1 + RRFIXEDSZ + datalen) - return (-1); - *cp++ = '\0'; /* no domain name */ - putshort(type, cp); - cp += sizeof(u_short); - - putshort(class, cp); - cp += sizeof(u_short); - putlong(0, cp); - cp += sizeof(u_long); - - putshort(datalen, cp); - cp += sizeof(u_short); - - if (datalen) - { - memcpy(cp, data, datalen); - cp += datalen; - } - hp->ancount = htons(1); - break; - -#ifdef ALLOW_UPDATES - /* - * For UPDATEM/UPDATEMA, do UPDATED/UPDATEDA followed by - * UPDATEA (Record to be modified is followed by its - * replacement in msg.) - */ - case UPDATEM: - case UPDATEMA: - - case UPDATED: - /* - * The res code for UPDATED and UPDATEDA is the same; - * user calls them differently: specifies data for - * UPDATED; server ignores data if specified for - * UPDATEDA. - */ - case UPDATEDA: - buflen -= RRFIXEDSZ + datalen; - if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0) - return (-1); - cp += n; - putshort(type, cp); - cp += sizeof(u_short); - - putshort(class, cp); - cp += sizeof(u_short); - - putlong(0, cp); - cp += sizeof(u_long); - - putshort(datalen, cp); - cp += sizeof(u_short); - - if (datalen) - { - memcpy(cp, data, datalen); - cp += datalen; - } - if ((op == UPDATED) || (op == UPDATEDA)) - { - hp->ancount = htons(0); - break; - } - /* Else UPDATEM/UPDATEMA, so drop into code for UPDATEA */ + /* Expand name and check length. */ + if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0) + return (-1); + cp += n; + buflen -= n; - case UPDATEA: /* Add new resource record */ - buflen -= RRFIXEDSZ + datalen; - if ((n = dn_comp(dname, cp, buflen, dnptrs, lastdnptr)) < 0) + /* Add query type and class. */ + if (buflen < sizeof(u_short) * 2) + return (-1); + putshort(type, cp); + cp += sizeof(u_short); + putshort(class, cp); + cp += sizeof(u_short); + buflen -= sizeof(u_short) * 2; + + /* Add additional data if present. */ + if (data != NULL && datalen > 0) { + if (buflen < datalen) return (-1); - cp += n; - putshort(newrr->r_type, cp); - cp += sizeof(u_short); - - putshort(newrr->r_class, cp); - cp += sizeof(u_short); - - putlong(0, cp); - cp += sizeof(u_long); - - putshort(newrr->r_size, cp); - cp += sizeof(u_short); + memcpy(cp, data, datalen); + cp += datalen; + buflen -= datalen; + } - if (newrr->r_size) - { - memcpy(cp, newrr->r_data, newrr->r_size); - cp += newrr->r_size; - } - hp->ancount = htons(0); - break; + /* Set question count. */ + hp->qdcount = htons(1); + hp->ancount = 0; + hp->nscount = 0; + hp->arcount = 0; -#endif /* ALLOW_UPDATES */ - } return (cp - buf); -} +} \ No newline at end of file diff --git a/src/s_bsd.c b/src/s_bsd.c index af7984e2..68745e88 100644 --- a/src/s_bsd.c +++ b/src/s_bsd.c @@ -1,3 +1,4 @@ +#define _GNU_SOURCE /************************************************************************ * IRC - Internet Relay Chat, src/s_bsd.c * Copyright (C) 1990 Jarkko Oikarinen and @@ -28,6 +29,7 @@ #include "throttle.h" #include "userban.h" #include +#include #include #include #include @@ -121,9 +123,7 @@ static char readbuf[8192]; #endif #endif -#ifdef USE_SSL extern int mydata_index; -#endif /* * add_local_domain() @@ -179,7 +179,7 @@ void report_error(char *text, aClient * cptr) char *host; int err; unsigned int len = sizeof(err); - extern char *strerror(); + extern char *strerror(int); host = (cptr) ? get_client_name(cptr, (IsServer(cptr) ? HIDEME : FALSE)) : ""; @@ -215,7 +215,7 @@ void report_listener_error(char *text, aListener *lptr) char *host; int err; unsigned int len = sizeof(err); - extern char *strerror(); + extern char *strerror(int); host = get_listener_name(lptr); @@ -282,9 +282,7 @@ int add_listener(aPort *aport) struct sockaddr_in6 addr6; } server; unsigned int len = sizeof(server); -#ifdef USE_SSL extern int ssl_capable; -#endif memset(&lstn, 0, sizeof(aListener)); lstn.port = aport->port; @@ -386,14 +384,12 @@ int add_listener(aPort *aport) aport->lstn = lptr; lptr->flags = aport->flags; -#ifdef USE_SSL if(lptr->flags & CONF_FLAGS_P_SSL && ssl_capable) { SetSSL(lptr); lptr->ssl = NULL; lptr->client_cert = NULL; } -#endif set_listener_non_blocking(lptr->fd, lptr); add_fd(lptr->fd, FDT_LISTENER, lptr); @@ -548,7 +544,7 @@ void init_sys() if ((pid = fork()) < 0) { if ((fd = open("/dev/tty", O_RDWR)) >= 0) - write(fd, "Couldn't fork!\n", 15); /* crude, but effective */ + { int __attribute__((unused)) ret = write(fd, "Couldn't fork!\n", 15); } /* crude, but effective */ exit(0); } else if (pid > 0) @@ -571,12 +567,18 @@ void write_pidfile() { #ifdef IRCD_PIDFILE int fd; - char buff[20]; - - if ((fd = open(IRCD_PIDFILE, O_CREAT | O_WRONLY, 0600)) >= 0) - { - ircsprintf(buff, "%5d\n", (int) getpid()); - if (write(fd, buff, strlen(buff)) == -1) + char buff[32]; /* Larger buffer to accommodate long PIDs */ + pid_t pid; + ssize_t bytes_written; + + /* Open with O_TRUNC to ensure file is truncated */ + if ((fd = open(IRCD_PIDFILE, O_CREAT | O_WRONLY | O_TRUNC, 0600)) >= 0) + { + pid = getpid(); + /* Use proper format for pid_t and bounds-checked formatting */ + ircsnprintf(buff, sizeof(buff), "%ld\n", (long) pid); + bytes_written = write(fd, buff, strlen(buff)); + if (bytes_written == -1) Debug((DEBUG_NOTICE, "Error writing to pid file %s", IRCD_PIDFILE)); close(fd); return; @@ -769,9 +771,9 @@ int check_server_init(aClient * cptr) const char *h_addr_str; if (hp->h_addrtype == AF_INET) - h_addr_str = inetntoa((char *)hp->h_addr); + h_addr_str = inetntoa((char *)hp->h_addr_list[0]); else if (hp->h_addrtype == AF_INET6) - h_addr_str = inet6ntoa((char *)hp->h_addr); + h_addr_str = inet6ntoa((char *)hp->h_addr_list[0]); else h_addr_str = "invalid.address.family.invalid"; @@ -860,12 +862,12 @@ int completed_connection(aClient * cptr) { aConnect *aconn; - /* make sure SSL verification was successful, + /* make sure SSL verification was successful, otherwise we drop the client - skill */ if (IsSSL(cptr) && cptr->ssl) { long verify_result = SSL_get_verify_result(cptr->ssl); - + switch (verify_result) { case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: @@ -1001,12 +1003,9 @@ void close_connection(aClient *cptr) if (cptr->fd >= 0) { -#ifdef USE_SSL if(!IsDead(cptr)) -#endif dump_connections(cptr->fd); local[cptr->fd] = NULL; -#ifdef USE_SSL if(IsSSL(cptr) && cptr->ssl) { SSL_set_shutdown(cptr->ssl, SSL_RECEIVED_SHUTDOWN); @@ -1014,7 +1013,6 @@ void close_connection(aClient *cptr) SSL_free(cptr->ssl); cptr->ssl = NULL; } -#endif del_fd(cptr->fd); close(cptr->fd); cptr->fd = -2; @@ -1444,7 +1442,6 @@ aClient *add_connection(aListener *lptr, int fd) #endif check_client_fd(acptr); -#ifdef USE_SSL if(IsSSL(lptr)) { extern SSL_CTX *ircdssl_ctx; @@ -1477,7 +1474,6 @@ aClient *add_connection(aListener *lptr, int fd) return NULL; } } -#endif return acptr; } @@ -1566,25 +1562,19 @@ int read_packet(aClient * cptr) #if defined(MAXBUFFERS) if (IsPerson(cptr)) { -#ifdef USE_SSL if(IsSSL(cptr) && cptr->ssl) length = safe_ssl_read(cptr, readbuf, 8192 * sizeof(char)); else -#endif length = recv(cptr->fd, readbuf, 8192 * sizeof(char), 0); } -#ifdef USE_SSL else if(IsSSL(cptr) && cptr->ssl) length = safe_ssl_read(cptr, readbuf, rcvbufmax * sizeof(char)); -#endif else length = recv(cptr->fd, readbuf, rcvbufmax * sizeof(char), 0); #else -#ifdef USE_SSL if(IsSSL(cptr) && cptr->ssl) length = safe_ssl_read(cptr, readbuf, sizeof(readbuf)); else -#endif length = recv(cptr->fd, readbuf, sizeof(readbuf), 0); #endif @@ -1778,7 +1768,6 @@ int readwrite_client(aClient *cptr, int isread, int iswrite) * - the socket is blocked */ -#ifdef USE_SSL if(cptr->ssl && IsSSL(cptr) && !SSL_is_init_finished(cptr->ssl)) { if(IsDead(cptr) || !safe_ssl_accept(cptr, cptr->fd)) @@ -1789,7 +1778,6 @@ int readwrite_client(aClient *cptr, int isread, int iswrite) } return 1; } -#endif if(iswrite) { @@ -1934,7 +1922,7 @@ int connect_server(aConnect *aconn, aClient * by, struct hostent *hp) return 0; aconn->ipnum_family = hp->h_addrtype; - memcpy((char *) &aconn->ipnum, hp->h_addr, hp->h_length); + memcpy((char *) &aconn->ipnum, hp->h_addr_list[0], hp->h_length); } } cptr = make_client(NULL, &me); @@ -1972,13 +1960,12 @@ int connect_server(aConnect *aconn, aClient * by, struct hostent *hp) return -1; } -#ifdef USE_SSL if (aconn->flags & CONN_TLS) { extern SSL_CTX *server_ssl_ctx; cptr->ssl = NULL; - if ((cptr->ssl = SSL_new(server_ssl_ctx)) == NULL) + if ((cptr->ssl = SSL_new(server_ssl_ctx)) == NULL) { sendto_realops_lev(DEBUG_LEV, "SSL_new failed for %s", cptr->name); close(cptr->fd); @@ -2005,7 +1992,6 @@ int connect_server(aConnect *aconn, aClient * by, struct hostent *hp) return -1; } } -#endif make_server(cptr); cptr->serv->aconn = aconn; @@ -2083,7 +2069,7 @@ connect_inet(aConnect *aconn, aClient *cptr, int *lenp) return NULL; } aconn->ipnum_family = hp->h_addrtype; - memcpy((char *) &aconn->ipnum, hp->h_addr, hp->h_length); + memcpy((char *) &aconn->ipnum, hp->h_addr_list[0], hp->h_length); } if (aconn->ipnum_family == AF_INET) @@ -2235,7 +2221,7 @@ void get_my_name(aClient * cptr, char *name, int len) strncpyzt(name, hp->h_name, len); else strncpyzt(name, tmp, len); - memcpy((char *) &mysk.sin_addr, hp->h_addr, sizeof(struct in_addr)); + memcpy((char *) &mysk.sin_addr, hp->h_addr_list[0], sizeof(struct in_addr)); Debug((DEBUG_DEBUG, "local name is %s", get_client_name(&me, TRUE))); } @@ -2288,7 +2274,7 @@ void do_dns_async() if (hp && aconn) { aconn->ipnum_family = hp->h_addrtype; - memcpy((char *) &aconn->ipnum, hp->h_addr, hp->h_length); + memcpy((char *) &aconn->ipnum, hp->h_addr_list[0], hp->h_length); connect_server(aconn, NULL, hp); } @@ -2301,7 +2287,7 @@ void do_dns_async() if (hp && aconn) { aconn->ipnum_family = hp->h_addrtype; - memcpy((char *) &aconn->ipnum, hp->h_addr, + memcpy((char *) &aconn->ipnum, hp->h_addr_list[0], hp->h_length); } break; diff --git a/src/s_conf.c b/src/s_conf.c index 1166bd0e..fa9ae70d 100644 --- a/src/s_conf.c +++ b/src/s_conf.c @@ -2357,11 +2357,9 @@ int rehash(aClient *cptr, aClient *sptr, int sig) if (sig == SIGHUP) { -#ifdef USE_SSL /* Rehash SSL so we can automate certificate renewals and updates externally, i.e. from a cron job --xPsycho */ sendto_ops("Got signal SIGHUP, rehashing SSL"); ssl_rehash(); -#endif sendto_ops("Got signal SIGHUP, reloading ircd conf. file"); remove_userbans_match_flags(UBAN_NETWORK, 0); /* remove all but kill {} blocks from conf */ @@ -2488,7 +2486,7 @@ static int lookup_confhost(aConnect *aconn) if ((hp = gethost_byname(s, &ln, family))) { aconn->ipnum_family = hp->h_addrtype; - memcpy((char *) &aconn->ipnum, hp->h_addr, hp->h_length); + memcpy((char *) &aconn->ipnum, hp->h_addr_list[0], hp->h_length); } } } diff --git a/src/s_serv.c b/src/s_serv.c index da31130a..fcbfb763 100644 --- a/src/s_serv.c +++ b/src/s_serv.c @@ -443,10 +443,8 @@ m_info(aClient *cptr, aClient *sptr, int parc, char *parv[]) uninfo.release, uninfo.machine, uninfo.version); sendto_one(sptr, ":%s %d %s :Socket Engine Type: %s", me.name, RPL_INFO, parv[0], engine_name()); -#ifdef USE_SSL sendto_one(sptr, ":%s %d %s :OpenSSL Version: %s", me.name, RPL_INFO, parv[0], SSLeay_version(SSLEAY_VERSION)); -#endif sendto_one(sptr, ":%s %d %s :zlib version: %s", me.name, RPL_INFO, parv[0], ZLIB_VERSION); sendto_one(sptr, ":%s %d %s :FD_SETSIZE=%d WRITEV_IOV=%d " @@ -842,7 +840,7 @@ int send_lusers(aClient *cptr, aClient *sptr, int parc, char *parv[]) char tmp[PATH_MAX]; last_stat_save = timeofday; - ircsprintf(tmp, "%s/.maxclients", dpath); + ircsnprintf(tmp, sizeof(tmp), "%s/.maxclients", dpath); fp = fopen(tmp, "w"); if (fp != NULL) { @@ -1804,7 +1802,6 @@ local_rehash(aClient *cptr, aClient *sptr, char *sender, char *option) sendto_ops("%s is rehashing temporary sqlines/sglines", sender); return 0; } -#ifdef USE_SSL else if (mycmp(option, "SSL") == 0) { ssl_rehash(); @@ -1812,7 +1809,6 @@ local_rehash(aClient *cptr, aClient *sptr, char *sender, char *option) sendto_ops("%s is rehashing SSL", sender); return 0; } -#endif else if (mycmp(option, "CONF") == 0) { if (!MyClient(sptr)) diff --git a/src/s_user.c b/src/s_user.c index 9ba1161a..eb6dce29 100644 --- a/src/s_user.c +++ b/src/s_user.c @@ -991,7 +991,7 @@ register_user(aClient *cptr, aClient *sptr, char *nick, char *username, sptr->ip_family = AF_INET; memset(&sptr->ip, 0, sizeof(sptr->ip)); strcpy(sptr->hostip, "0.0.0.0"); - strncpy(sptr->sockhost, Staff_Address, HOSTLEN + 1); + strncpyzt(sptr->sockhost, Staff_Address, HOSTLEN + 1); #ifdef USER_HOSTMASKING strncpyzt(sptr->user->mhost, Staff_Address, HOSTLEN + 1); if(uhm_type > 0) sptr->umode &= ~UMODE_H; /* It's already masked anyway */ @@ -2354,10 +2354,8 @@ do_user(char *nick, aClient *cptr, aClient *sptr, char *username, char *host, #ifndef NO_DEFAULT_INVISIBLE sptr->umode |= UMODE_i; #endif -#ifdef USE_SSL if(IsSSL(sptr)) sptr->umode |= UMODE_S; -#endif #ifdef NO_USER_SERVERKILLS sptr->umode &= ~UMODE_k; #endif @@ -2579,7 +2577,7 @@ m_kill(aClient *cptr, aClient *sptr, int parc, char *parv[]) else reason = "(No reason specified)"; - strncpy(myname, me.name, HOSTLEN + 1); + strncpyzt(myname, me.name, HOSTLEN + 1); if((s = strchr(myname, '.'))) *s = 0; @@ -2688,10 +2686,14 @@ m_kill(aClient *cptr, aClient *sptr, int parc, char *parv[]) sendto_prefix_one(acptr, sptr, ":%s KILL %s :%s %s", parv[0], acptr->name, mypath, reason); - if (MyConnect(acptr) && MyConnect(sptr) && IsAnOper(sptr)) - ircsprintf(buf2, "Local kill by %s %s", sptr->name, reason); - else - ircsprintf(buf2, "Killed (%s %s)", sptr->name, reason); + { + char kill_msg[KILLLEN + 100]; /* Larger buffer for kill messages */ + if (MyConnect(acptr) && MyConnect(sptr) && IsAnOper(sptr)) + ircsnprintf(kill_msg, sizeof(kill_msg), "Local kill by %s %s", sptr->name, reason); + else + ircsnprintf(kill_msg, sizeof(kill_msg), "Killed (%s %s)", sptr->name, reason); + strncpyzt(buf2, kill_msg, sizeof(buf2)); + } #else if (MyConnect(acptr)) sendto_one(acptr, ":%s KILL %s :%s %s", diff --git a/src/ssl.c b/src/ssl.c index 00c07869..35a963f6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -25,8 +25,6 @@ #include #include "h.h" -#ifdef USE_SSL - #define SAFE_SSL_READ 1 #define SAFE_SSL_WRITE 2 @@ -461,7 +459,7 @@ int ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) if (!common_name_str) return preverify_ok; - if (!mycmp(common_name_str, conn->name)) + if (!mycmp((char *)common_name_str, conn->name)) { sendto_realops_lev(DEBUG_LEV, "SSL: Valid certificate cn: %s, name: %s", common_name_str, conn->name); return 1; @@ -481,4 +479,3 @@ int ssl_verify_callback(int preverify_ok, X509_STORE_CTX *ctx) return preverify_ok; } -#endif diff --git a/tools/mkpasswd.c b/tools/mkpasswd.c index 1aeff4e8..ff142431 100644 --- a/tools/mkpasswd.c +++ b/tools/mkpasswd.c @@ -4,12 +4,14 @@ */ #include "sys.h" +#define _DEFAULT_SOURCE #include +#include extern char *getpass(); extern char *crypt(); -/* extern long random(); */ -/* extern int srandom(unsigned); */ +extern long random(); +extern int srandom(unsigned); int main(argc, argv) int argc;