ergo/irc/config.go

// Copyright (c) 2012-2014 Jeremy Latt
// Copyright (c) 2014-2015 Edmund Huber
// Copyright (c) 2016- Daniel Oaks <daniel@danieloaks.net>
// released under the MIT license

package irc

import (
	"crypto/tls"
	"errors"
	"io/ioutil"
	"log"

	"gopkg.in/yaml.v2"
)

type PassConfig struct {
	Password string
}

// TLSListenConfig defines configuration options for listening on TLS
type TLSListenConfig struct {
	Cert string
	Key  string
}

// Certificate returns the TLS certificate assicated with this TLSListenConfig
func (conf *TLSListenConfig) Config() (*tls.Config, error) {
	cert, err := tls.LoadX509KeyPair(conf.Cert, conf.Key)
	if err != nil {
		return nil, errors.New("tls cert+key: invalid pair")
	}

	return &tls.Config{
		Certificates: []tls.Certificate{cert},
	}, err
}

func (conf *PassConfig) PasswordBytes() []byte {
	bytes, err := DecodePassword(conf.Password)
	if err != nil {
		log.Fatal("decode password error: ", err)
	}
	return bytes
}

type AccountRegistrationConfig struct {
	Enabled          bool
	EnabledCallbacks []string `yaml:"enabled-callbacks"`
	Callbacks        struct {
		Mailto struct {
			Server string
			Port   int
			TLS    struct {
				Enabled            bool
				InsecureSkipVerify bool   `yaml:"insecure_skip_verify"`
				ServerName         string `yaml:"servername"`
			}
			Username             string
			Password             string
			Sender               string
			VerifyMessageSubject string `yaml:"verify-message-subject"`
			VerifyMessage        string `yaml:"verify-message"`
		}
	}
}

type Config struct {
	Network struct {
		Name string
	}

	Server struct {
		PassConfig
		Password         string
		Name             string
		Listen           []string
		Wslisten         string                      `yaml:"ws-listen"`
		TLSListeners     map[string]*TLSListenConfig `yaml:"tls-listeners"`
		CheckIdent       bool                        `yaml:"check-ident"`
		Log              string
		MOTD             string
		ProxyAllowedFrom []string `yaml:"proxy-allowed-from"`
	}

	Datastore struct {
		Path string
	}

	Registration struct {
		Accounts AccountRegistrationConfig
	}

	Operator map[string]*PassConfig

	Limits struct {
		NickLen       int  `yaml:"nicklen"`
		ChannelLen    int  `yaml:"channellen"`
		AwayLen       int  `yaml:"awaylen"`
		KickLen       int  `yaml:"kicklen"`
		TopicLen      int  `yaml:"topiclen"`
		WhowasEntries uint `yaml:"whowas-entries"`
	}
}

func (conf *Config) Operators() map[Name][]byte {
	operators := make(map[Name][]byte)
	for name, opConf := range conf.Operator {
		operators[NewName(name)] = opConf.PasswordBytes()
	}
	return operators
}

func (conf *Config) TLSListeners() map[Name]*tls.Config {
	tlsListeners := make(map[Name]*tls.Config)
	for s, tlsListenersConf := range conf.Server.TLSListeners {
		config, err := tlsListenersConf.Config()
		if err != nil {
			log.Fatal(err)
		}
		tlsListeners[NewName(s)] = config
	}
	return tlsListeners
}

func LoadConfig(filename string) (config *Config, err error) {
	data, err := ioutil.ReadFile(filename)
	if err != nil {
		return nil, err
	}

	err = yaml.Unmarshal(data, &config)
	if err != nil {
		return nil, err
	}

	// we need this so PasswordBytes returns the correct info
	if config.Server.Password != "" {
		config.Server.PassConfig.Password = config.Server.Password
	}

	if config.Network.Name == "" {
		return nil, errors.New("Network name missing")
	}
	if config.Server.Name == "" {
		return nil, errors.New("Server name missing")
	}
	if !IsHostname(config.Server.Name) {
		return nil, errors.New("Server name must match the format of a hostname")
	}
	if config.Datastore.Path == "" {
		return nil, errors.New("Datastore path missing")
	}
	if len(config.Server.Listen) == 0 {
		return nil, errors.New("Server listening addresses missing")
	}
	if config.Limits.NickLen < 1 || config.Limits.ChannelLen < 2 || config.Limits.AwayLen < 1 || config.Limits.TopicLen < 1 || config.Limits.TopicLen < 1 {
		return nil, errors.New("Limits aren't setup properly, check them and make them sane")
	}
	return config, nil
}
Attempt to add mostly-correct license info at the top of each file... track this stuff a bit better 2016-06-15 13:50:56 +02:00			`// Copyright (c) 2012-2014 Jeremy Latt`
			`// Copyright (c) 2014-2015 Edmund Huber`
			`// Copyright (c) 2016- Daniel Oaks <daniel@danieloaks.net>`
			`// released under the MIT license`

configure server with json 2014-02-09 16:53:42 +01:00			`package irc`

			`import (`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`"crypto/tls"`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`"errors"`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`"io/ioutil"`
do bcrypt in the client main routine 2014-02-24 07:21:39 +01:00			`"log"`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00
			`"gopkg.in/yaml.v2"`
configure server with json 2014-02-09 16:53:42 +01:00			`)`

switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`type PassConfig struct {`
			`Password string`
			`}`

restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`// TLSListenConfig defines configuration options for listening on TLS`
			`type TLSListenConfig struct {`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`Cert string`
			`Key string`
			`}`

restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`// Certificate returns the TLS certificate assicated with this TLSListenConfig`
			`func (conf TLSListenConfig) Config() (tls.Config, error) {`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`cert, err := tls.LoadX509KeyPair(conf.Cert, conf.Key)`
			`if err != nil {`
restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`return nil, errors.New("tls cert+key: invalid pair")`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`}`

			`return &tls.Config{`
			`Certificates: []tls.Certificate{cert},`
			`}, err`
			`}`

switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`func (conf *PassConfig) PasswordBytes() []byte {`
Merge remote-tracking branch 'origin/master' into gcfg Conflicts: ergonomadic.go irc/config.go irc/server.go 2014-03-02 20:41:24 +01:00			`bytes, err := DecodePassword(conf.Password)`
do bcrypt in the client main routine 2014-02-24 07:21:39 +01:00			`if err != nil {`
improve logging 2014-03-06 08:07:55 +01:00			`log.Fatal("decode password error: ", err)`
do bcrypt in the client main routine 2014-02-24 07:21:39 +01:00			`}`
			`return bytes`
			`}`

accounts: Add very initial, extremely broken account work (not including config changes) 2016-09-04 11:25:33 +02:00			`type AccountRegistrationConfig struct {`
			`Enabled bool`
			EnabledCallbacks []string `yaml:"enabled-callbacks"`
			`Callbacks struct {`
			`Mailto struct {`
			`Server string`
			`Port int`
			`TLS struct {`
			`Enabled bool`
			InsecureSkipVerify bool `yaml:"insecure_skip_verify"`
			ServerName string `yaml:"servername"`
			`}`
			`Username string`
			`Password string`
			`Sender string`
			VerifyMessageSubject string `yaml:"verify-message-subject"`
			VerifyMessage string `yaml:"verify-message"`
			`}`
			`}`
			`}`

configure server with json 2014-02-09 16:53:42 +01:00			`type Config struct {`
Support network name 2016-04-12 07:44:00 +02:00			`Network struct {`
			`Name string`
			`}`

switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`Server struct {`
			`PassConfig`
Fix PASS handling 2016-06-28 08:06:17 +02:00			`Password string`
PROXY: Restrict to specified addresses/hostnames 2016-04-21 08:39:31 +02:00			`Name string`
			`Listen []string`
restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			Wslisten string `yaml:"ws-listen"`
			TLSListeners map[string]*TLSListenConfig `yaml:"tls-listeners"`
Allow looking up usernames with ident on connection 2016-06-30 11:28:34 +02:00			CheckIdent bool `yaml:"check-ident"`
PROXY: Restrict to specified addresses/hostnames 2016-04-21 08:39:31 +02:00			`Log string`
			`MOTD string`
			ProxyAllowedFrom []string `yaml:"proxy-allowed-from"`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`}`
persistent channels persisted to a sqlite db 2014-02-25 20:11:34 +01:00
accounts: Add very initial, extremely broken account work (not including config changes) 2016-09-04 11:25:33 +02:00			`Datastore struct {`
db: Remove SQLite db, hopefully looking up clients still works.Channel persistence is broken by this, will fix it later. 2016-09-17 13:23:04 +02:00			`Path string`
accounts: Add very initial, extremely broken account work (not including config changes) 2016-09-04 11:25:33 +02:00			`}`

			`Registration struct {`
			`Accounts AccountRegistrationConfig`
			`}`

switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`Operator map[string]*PassConfig`
adding theater-mode, fixes #15 2014-03-13 09:55:46 +01:00
server: Add configurable NICKLEN and CHANNELLEN 2016-08-12 14:20:32 +02:00			`Limits struct {`
WHOWAS: Make maximum number of entries configurable 2016-08-14 06:07:50 +02:00			NickLen int `yaml:"nicklen"`
			ChannelLen int `yaml:"channellen"`
client: Add AWAYLEN 2016-09-12 04:40:09 +02:00			AwayLen int `yaml:"awaylen"`
channel: Add KICKLEN and TOPICLEN 2016-09-12 04:22:50 +02:00			KickLen int `yaml:"kicklen"`
			TopicLen int `yaml:"topiclen"`
WHOWAS: Make maximum number of entries configurable 2016-08-14 06:07:50 +02:00			WhowasEntries uint `yaml:"whowas-entries"`
server: Add configurable NICKLEN and CHANNELLEN 2016-08-12 14:20:32 +02:00			`}`
do bcrypt in the client main routine 2014-02-24 07:21:39 +01:00			`}`

mark unicode normalization with type 2014-03-09 21:45:36 +01:00			`func (conf *Config) Operators() map[Name][]byte {`
			`operators := make(map[Name][]byte)`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`for name, opConf := range conf.Operator {`
mark unicode normalization with type 2014-03-09 21:45:36 +01:00			`operators[NewName(name)] = opConf.PasswordBytes()`
many changes - load config sub files relative to config file dir - load config file by name - expect bcrypt for passwords - -genpasswd for generating config-file-safe passwords - block client thread while checking passwords (PASS and OPER) 2014-02-24 18:41:09 +01:00			`}`
			`return operators`
			`}`

restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`func (conf Config) TLSListeners() map[Name]tls.Config {`
			`tlsListeners := make(map[Name]*tls.Config)`
			`for s, tlsListenersConf := range conf.Server.TLSListeners {`
			`config, err := tlsListenersConf.Config()`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`if err != nil {`
			`log.Fatal(err)`
			`}`
restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`tlsListeners[NewName(s)] = config`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`}`
restructure SSL/TLS a bit, name config items better 2016-04-28 12:12:23 +02:00			`return tlsListeners`
Add native SSL/TLS listener support from @enmand for our new config 2016-04-13 12:45:09 +02:00			`}`

do bcrypt in the client main routine 2014-02-24 07:21:39 +01:00			`func LoadConfig(filename string) (config *Config, err error) {`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`data, err := ioutil.ReadFile(filename)`
configure server with json 2014-02-09 16:53:42 +01:00			`if err != nil {`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`return nil, err`
configure server with json 2014-02-09 16:53:42 +01:00			`}`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00
			`err = yaml.Unmarshal(data, &config)`
			`if err != nil {`
			`return nil, err`
			`}`

Fix PASS handling 2016-06-28 08:06:17 +02:00			`// we need this so PasswordBytes returns the correct info`
			`if config.Server.Password != "" {`
			`config.Server.PassConfig.Password = config.Server.Password`
			`}`

Support network name 2016-04-12 07:44:00 +02:00			`if config.Network.Name == "" {`
			`return nil, errors.New("Network name missing")`
			`}`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`if config.Server.Name == "" {`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`return nil, errors.New("Server name missing")`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`}`
Require that server names must be hostnames, and nicks cannot be hostnames 2016-04-21 02:48:15 +02:00			`if !IsHostname(config.Server.Name) {`
			`return nil, errors.New("Server name must match the format of a hostname")`
			`}`
db: Add very initial buntdb datastore 2016-08-19 15:21:52 +02:00			`if config.Datastore.Path == "" {`
			`return nil, errors.New("Datastore path missing")`
			`}`
switch to gcfg for conf file - add some validation for config file - add comments explaining config - remove TLS listener since most clients can't use it anyway - remove unused nick generation function 2014-03-01 23:34:51 +01:00			`if len(config.Server.Listen) == 0 {`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`return nil, errors.New("Server listening addresses missing")`
configure ipv4/6 in config file 2014-02-10 22:52:28 +01:00			`}`
client: Add AWAYLEN 2016-09-12 04:40:09 +02:00			`if config.Limits.NickLen < 1 \|\| config.Limits.ChannelLen < 2 \|\| config.Limits.AwayLen < 1 \|\| config.Limits.TopicLen < 1 \|\| config.Limits.TopicLen < 1 {`
server: Add configurable NICKLEN and CHANNELLEN 2016-08-12 14:20:32 +02:00			`return nil, errors.New("Limits aren't setup properly, check them and make them sane")`
			`}`
Use docopt for command-line processing and new YAML configuration format 2016-04-12 15:00:09 +02:00			`return config, nil`
configure server with json 2014-02-09 16:53:42 +01:00			`}`