From c41d003cbf3b14b83e0f9bf6c4787c3bd60bb7ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Thu, 10 Nov 2016 14:01:51 +0100 Subject: Update the doc to say that we support xep 0059 --- doc/biboumi.1.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 49c0fe4..1df125d 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -322,8 +322,8 @@ List channels You can list the IRC channels on a given IRC server by sending an XMPP disco items request on the IRC server JID. The number of channels on some servers -is huge, and biboumi does not (yet) support result set management (XEP 0059) -so the result stanza may be very big. +is huge so the result stanza may be very big, unless your client supports +result set management (XEP 0059) Nicknames --------- -- cgit v1.2.3 From d872c2b49214c0a4db40a9e2d860802d9eedc563 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Tue, 15 Nov 2016 00:23:19 +0100 Subject: Support the ident protocol fix #3211 --- doc/biboumi.1.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 1df125d..06f32ff 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -152,6 +152,12 @@ for example use outgoing_bind=192.168.1.11 to force biboumi to use the interface with this address. Note that this is only used for connections to IRC servers. +identd_port +----------- + +The TCP port on which to listen for identd queries. The default is the standard value: 113. + + Usage ===== -- cgit v1.2.3 From 94f7a18c01ab93952e3db95fb404eabd15ee47ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sat, 24 Dec 2016 16:19:35 +0100 Subject: =?UTF-8?q?Update=20the=20doc=20to=20avoid=20using=20=E2=80=9C?= =?UTF-8?q?=E2=80=9D=20or=20""=20and=20other=20chars?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/biboumi.1.rst | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 06f32ff..592643b 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -83,13 +83,13 @@ fixed_irc_server If this option contains the hostname of an IRC server (for example irc.example.org), then biboumi will enforce the connexion to that IRC -server only. This means that a JID like "#chan@biboumi.example.com" must -be used instead of "#chan%irc.example.org@biboumi.example.com". In that +server only. This means that a JID like ``#chan@biboumi.example.com`` must +be used instead of ``#chan%irc.example.org@biboumi.example.com``. In that mode, the virtual channel (see `Connect to an IRC server`_) is not -available. The '%' character loses any meaning in the JIDs. It can appear +available. The `%` character loses any meaning in the JIDs. It can appear in the JID but will not be interpreted as a separator (thus the JID -"#channel%hello@biboumi.example.com" points to the channel named -"#channel%hello" on the configured IRC server) This option can for example +``#channel%hello@biboumi.example.com`` points to the channel named +``#channel%hello`` on the configured IRC server) This option can for example be used by an administrator that just wants to let their users join their own IRC server using an XMPP client, while forbidding access to any other IRC server. @@ -200,8 +200,8 @@ Addressing ---------- IRC entities are represented by XMPP JIDs. The domain part of the JID is -the domain served by biboumi (the part after the ``@``, biboumi.example.com in -the examples), and the local part (the part before the ``@``) depends on the +the domain served by biboumi (the part after the `@`, biboumi.example.com in +the examples), and the local part (the part before the `@`) depends on the concerned entity. IRC channels and IRC users have a local part formed like this: @@ -521,11 +521,11 @@ arbitrary IRC message, biboumi forwards any XMPP message received on an IRC Server JID (see *ADDRESSING*) as a raw command to that IRC server. For example, to WHOIS the user Foo on the server irc.example.com, a user can -send the message “WHOIS Foo” to “irc.example.com@biboumi.example.com”. +send the message “WHOIS Foo” to ``irc.example.com@biboumi.example.com``. The message will be forwarded as is, without any modification appart from -adding "\r\n" at the end (to make it a valid IRC message). You need to have -a little bit of understanding of the IRC protocol to use this feature. +adding ``\r\n`` at the end (to make it a valid IRC message). You need to +have a little bit of understanding of the IRC protocol to use this feature. Security ======== -- cgit v1.2.3 From b660a4736778cde8d0805390ffa857b77c271757 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 22 Jan 2017 21:30:57 +0100 Subject: grammar: than <-> as --- doc/biboumi.1.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 592643b..98b941e 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -297,7 +297,7 @@ On XMPP, unlike on IRC, the displayed order of the messages is the same for all participants of a MUC. Biboumi can not however provide this feature, as it cannot know whether the IRC server has received and forwarded the messages to other users. This means that the order of the messages -displayed in your XMPP client may not be the same than the order on other +displayed in your XMPP client may not be the same as the order on other IRC users’. History -- cgit v1.2.3 From 27195a9dd48c0adbd82d25270f1a9214a705c7ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Wed, 8 Mar 2017 22:08:37 +0100 Subject: Document the ad-hoc configure forms --- doc/biboumi.1.rst | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 54 insertions(+), 2 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 98b941e..31b27bf 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -491,11 +491,59 @@ On the gateway itself (e.g on the JID biboumi.example.com): with an XMPP message. The administrator can disconnect any user, while the other users can only disconnect themselves. +- configure: Lets each user configure some options that applies globally. + The provided configuration form contains these fields: + * Record History: whether or not history messages should be saved in + the database. + * Max history length: The maximum number of lines in the history + that the server is allowed to send when joining a channel. + On a server JID (e.g on the JID chat.freenode.org@biboumi.example.com) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - configure: Lets each user configure some options that applies to the - concerned IRC server. + concerned IRC server. The provided configuration form contains these + fields: + * Realname: The customized “real name” as it will appear on the + user’s whois. This option is not available if biboumi is configured + with realname_customization to false. + * Username: The “user” part in your `user@host`. This option is not + available if biboumi is configured with realname_customization to + false. + * In encoding: The incoming encoding. Any received message that is not + proper UTF-8 will be converted will be converted from the configured + In encoding into UTF-8. If the conversion fails at some point, some + characters will be replaced by the placeholders. + * Out encoding: Currently ignored. + * After-connection IRC command: A raw IRC command that will be sent to + the server immediately after the connection has been successful. It + can for example be used to identify yourself using NickServ, with a + command like this: `PRIVMSG NickServ :identify PASSWORD`. + * Ports: The list of TCP ports to use when connecting to this IRC server. + This list will be tried in sequence, until the connection succeeds for + one of them. The connection made on these ports will not use TLS, the + communication will be insecure. The default list contains 6697 and 6670. + * TLS ports: A second list of ports to try when connecting to the IRC + server. The only difference is that TLS will be used if the connection + is established on one of these ports. All the ports in this list will + be tried before using the other plain-text ports list. To entirely + disable any non-TLS connection, just remove all the values from the + “normal” ports list. The default list contains 6697. + * Verify certificate: If set to true (the default value), when connecting + on a TLS port, the connection will be aborted if the certificate is + not valid (for example if it’s not signed by a known authority, or if + the domain name doesn’t match, etc). Set it to false if you want to + connect on a server with a self-signed certificate. + * SHA-1 fingerprint of the TLS certificate to trust: if you know the hash + of the certificate that the server is supposed to use, and you only want + to accept this one, set its SHA-1 hash in this field. + * Server password: A password that will be sent just after the connection, + in a PASS command. This is usually used in private servers, where you’re + only allowed to connect if you have the password. Note that, although + this is NOT a password that will be sent to NickServ (or some author + authentication service), some server (notably Freenode) use it as if it + was sent to NickServ to identify your nickname. + - get-irc-connection-info: Returns some information about the IRC server, for the executing user. It lets the user know if they are connected to this server, from what port, with or without TLS, and it gives the list @@ -510,7 +558,11 @@ On a channel JID (e.g on the JID #test%chat.freenode.org@biboumi.example.com) specific channel, defaults to the value configured at the IRC server level. For example the encoding can be specified for both the channel and the server. If an encoding is not specified for a channel, the - encoding configured in the server applies. + encoding configured in the server applies. The provided configuration + form contains these fields: + * In encoding: see the option with the same name in the server configuration + form. + * Out encoding: Currently ignored. Raw IRC messages ---------------- -- cgit v1.2.3 From 2d3806152e854ace7533fc3ad34d4ac1c44e9687 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 12 Mar 2017 16:52:46 +0100 Subject: Doc: reformulate the signal part, to mention the re-opening of log files --- doc/biboumi.1.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 31b27bf..353638d 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -38,9 +38,10 @@ Configuration The configuration file uses a simple format of the form ``option=value``. Here is a description of each possible option: -The configuration can be re-read at runtime (you can for example change the -log level without having to restart biboumi) by sending SIGUSR1 or SIGUSR2 -(see kill(1)) to the process. +Sending SIGUSR1 or SIGUSR2 (see kill(1)) to the process will force it to +re-read the configuration and make it close and re-open the log files. You +can use this to change any configuration option at runtime, or do a log +rotation. hostname -------- -- cgit v1.2.3 From b7789fe586f375f09134a0817bd3ac19850c048f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Wed, 8 Mar 2017 15:39:50 +0100 Subject: Add a Persistent option on channels fix #3230 --- doc/biboumi.1.rst | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 353638d..ab7beac 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -564,6 +564,13 @@ On a channel JID (e.g on the JID #test%chat.freenode.org@biboumi.example.com) * In encoding: see the option with the same name in the server configuration form. * Out encoding: Currently ignored. + * Persistent: If set to true, biboumi will stay in this channel even when + all the XMPP resources have left the room. I.e. it will not send a PART + command, and will stay idle in the channel until the connection is + forcibly closed. If a resource comes back in the room again, and if + the archiving of messages is enabled for this room, the client will + receive the messages that where sent in this channel. This option can be + used to make biboumi act as an IRC bouncer. Raw IRC messages ---------------- -- cgit v1.2.3 From 0dfeb5a94c0da9b25f0d6ed4bd27f3f6ffc5035f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Fri, 7 Apr 2017 11:02:20 +0200 Subject: Trivial change in the doc --- doc/biboumi.1.rst | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index ab7beac..ec92ef1 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -36,13 +36,15 @@ Configuration ============= The configuration file uses a simple format of the form -``option=value``. Here is a description of each possible option: +``option=value``. Sending SIGUSR1 or SIGUSR2 (see kill(1)) to the process will force it to re-read the configuration and make it close and re-open the log files. You can use this to change any configuration option at runtime, or do a log rotation. +Here is a description of each possible option: + hostname -------- -- cgit v1.2.3 From 68d6b829402592d2d7a00e6e7b5013077aaa745c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 9 Apr 2017 23:03:35 +0200 Subject: Properly handle multiline topics fix #3254 --- doc/biboumi.1.rst | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index ec92ef1..3eaf235 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -371,6 +371,13 @@ Notices Notices are received exactly like private messages. It is not possible to send a notice. +Topic +----- + +The topic can be set and retrieved seemlessly. The unique difference is that +if an XMPP user tries to set a multiline topic, every line return (\n) will +be replaced by a space, because the IRC wouldn’t accept it. + Invitations ----------- -- cgit v1.2.3 From eac144acdaca02f018bddde5f623fba3e8cd4ad9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Fri, 21 Apr 2017 11:19:36 +0200 Subject: Configuration options can be overridden by setting env values --- doc/biboumi.1.rst | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 3eaf235..aeeefec 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -35,15 +35,19 @@ details on its content. Configuration ============= -The configuration file uses a simple format of the form -``option=value``. +The configuration file uses a simple format of the form ``option=value``. + +The values from the configuration file can be overridden by environment +variables, with the name all in upper case and prefixed with "BIBOUMI_". +For example, if the environment contains “BIBOUMI_PASSWORD=blah", this will +override the value of the “password” option in the configuration file. Sending SIGUSR1 or SIGUSR2 (see kill(1)) to the process will force it to re-read the configuration and make it close and re-open the log files. You can use this to change any configuration option at runtime, or do a log rotation. -Here is a description of each possible option: +Here is a description of every possible option: hostname -------- -- cgit v1.2.3 From 1472adfa77f9c3a03967e723d8460f33544b545d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 30 Apr 2017 13:52:36 +0200 Subject: Remove a too old joke --- doc/biboumi.1.rst | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index aeeefec..6e93735 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -81,9 +81,8 @@ admin ----- The bare JID of the gateway administrator. This JID will have more -privileges than other standard users (the admin thus needs to check their -privileges), for example some administration ad-hoc commands will only be -available to that JID. +privileges than other standard users, for example some administration +ad-hoc commands will only be available to that JID. fixed_irc_server ---------------- -- cgit v1.2.3 From 7b3e0e0cf3eddd3537455a3605b04a48ee663f47 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Sun, 30 Apr 2017 15:04:40 +0200 Subject: =?UTF-8?q?Make=20botan=E2=80=99s=20policy=20configurable=20from?= =?UTF-8?q?=20a=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix #3244 --- doc/biboumi.1.rst | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 6e93735..04401eb 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -163,6 +163,40 @@ identd_port The TCP port on which to listen for identd queries. The default is the standard value: 113. +policy_directory +---------------- + +A directory that should contain the policy files, used to customize +Botan’s behaviour when negociating the TLS connections with the IRC +servers. If not specified, the directory is the one where biboumi’s +configuration file is located: for example if biboumi reads its +configuration from /etc/biboumi/biboumi.cfg, the policy_directory value +will be /etc/biboumi. + + +TLS configuration +================= + +Various settings of the TLS connections can be customized using policy +files. The files should be located in the directory specified by the +configuration option `policy_directory`_. When attempting to connect to +an IRC server using TLS, biboumi will use Botan’s default TLS policy, and +then will try to load some policy files to override the values found in +these files. For example, if policy_directory is /etc/biboumi, when +trying to connect to irc.example.com, biboumi will try to read +/etc/biboumi/policy.txt, use the values found to override the default +values, then it will try to read /etc/biboumi/irc.example.com.policy.txt +and re-override the policy with the values found in this file. + +The policy.txt file applies to all the connections, and +irc.example.policy.txt will only apply (in addition to policy.txt) when +connecting to that specific server. + +To see the list of possible options to configure, refer to `Botan’s TLS +documentation `_. + +By default, biboumi provides a few policy files, to work around some +issues found with a few well-known IRC servers. Usage ===== @@ -628,3 +662,4 @@ protection against flood or any sort of abuse that your users may cause on the IRC servers. Some XMPP server however offer the possibility to restrict what JID can access a gateway. Use that feature if you wish to grant access to your biboumi instance only to a list of trusted users. + -- cgit v1.2.3 From 7a08196d09536dbfd2dd4ae82b09c61b028fc8a9 Mon Sep 17 00:00:00 2001 From: louiz Date: Wed, 10 May 2017 11:22:19 +0200 Subject: Small fixes in biboumi.1.rst --- doc/biboumi.1.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 04401eb..87b7bae 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -326,7 +326,7 @@ biboumi provides a virtual channel on the jid channel ``#foo`` on the server ``irc.example.com``, but you need to authenticate to a bot of the server before you’re allowed to join it, you can first join the room ``%irc.example.com@biboumi.example.com`` (this will effectively -connect you to the IRC server without joining any room), then send your +connect you to the IRC server without joining any channel), then send your authentication message to the user ``bot%irc.example.com@biboumi.example.com`` and finally join the room ``#foo%irc.example.com@biboumi.example.com``. @@ -412,8 +412,8 @@ Topic ----- The topic can be set and retrieved seemlessly. The unique difference is that -if an XMPP user tries to set a multiline topic, every line return (\n) will -be replaced by a space, because the IRC wouldn’t accept it. +if an XMPP user tries to set a multiline topic, every line return (\\n) will +be replaced by a space, because the IRC server wouldn’t accept it. Invitations ----------- -- cgit v1.2.3 From d1dc7882797ae40c818d0cf397580aefad263296 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?louiz=E2=80=99?= Date: Mon, 22 May 2017 11:20:21 +0200 Subject: Better document the identd server --- doc/biboumi.1.rst | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'doc/biboumi.1.rst') diff --git a/doc/biboumi.1.rst b/doc/biboumi.1.rst index 87b7bae..5396015 100644 --- a/doc/biboumi.1.rst +++ b/doc/biboumi.1.rst @@ -161,7 +161,21 @@ to IRC servers. identd_port ----------- -The TCP port on which to listen for identd queries. The default is the standard value: 113. +The TCP port on which to listen for identd queries. The default is the +standard value: 113. To be able to listen on this privileged port, biboumi +needs to have certain capabilities: on linux, using systemd, this can be +achieved by adding `AmbientCapabilities=CAP_NET_BIND_SERVICE` to the unit +file. On other systems, other solutions exist, like the portacl module on +FreeBSD. + +If biboumi’s identd server is properly started, it will receive queries from +the IRC servers asking for the “identity” of each IRC connection made to it. +Biboumi will answer with a hash of the JID that made the connection. This is +useful for the IRC server to be able to distinguish the different users, and +be able to deal with the absuses without having to simply ban the IP. Without +this identd server, moderation is a lot harder, because all the different +users of a single biboumi instance all share the same IP, and they can’t be +distinguished by the IRC servers. policy_directory ---------------- -- cgit v1.2.3