From e982d2c724e896e414119b0ae6b128890e6ac6ea Mon Sep 17 00:00:00 2001 From: mihaiitdata Date: Fri, 13 Feb 2026 13:14:29 +0200 Subject: [PATCH] Actualizare instalare: porturi SSL, validari IP, port server-to-server si versiune --- admin.sh | 5 - include/patchlevel.h | 2 +- install.sh | 336 +++++++++++++++++++++++++++++++++++++------ 3 files changed, 296 insertions(+), 47 deletions(-) diff --git a/admin.sh b/admin.sh index 987c298..d1a4ff0 100755 --- a/admin.sh +++ b/admin.sh @@ -690,11 +690,6 @@ test_config() { return 1 fi } - echo -n "Apasa Enter pentru a continua..." - read - return 1 - fi -} # Funcție principală main() { diff --git a/include/patchlevel.h b/include/patchlevel.h index a302c2a..9eb3048 100644 --- a/include/patchlevel.h +++ b/include/patchlevel.h @@ -18,7 +18,7 @@ * $Id: patchlevel.h 1942 2010-02-02 23:29:03Z entrope $ * */ -#define PATCHLEVEL "14+Nefarious(2.0.0)" +#define PATCHLEVEL "19+UnderChat(1.0.2)" #define RELEASE ".12." diff --git a/install.sh b/install.sh index c2f1962..06e08e5 100755 --- a/install.sh +++ b/install.sh @@ -17,6 +17,122 @@ PREFIX="${HOME}/ircd" MAXCON=4096 ENABLE_DEBUG=0 ENABLE_SSL=1 +MAXCON_SET=0 +SERVER_PORT=4400 +SSL_PORTS_DEFAULT="6697" + +# Validare numar pozitiv (doar cifre) +is_positive_int() { + case "$1" in + ''|*[!0-9]*) return 1 ;; + *) return 0 ;; + esac +} + +# Validare IPv4 stricta +is_ipv4() { + local ip="$1" + local IFS='.' + local -a oct + + if [[ ! "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}$ ]]; then + return 1 + fi + + read -r -a oct <<< "$ip" + if [ "${#oct[@]}" -ne 4 ]; then + return 1 + fi + + local o + for o in "${oct[@]}"; do + if [ "$o" -lt 0 ] || [ "$o" -gt 255 ]; then + return 1 + fi + done + + return 0 +} + +# Validare IPv6 simpla (accepta :: si hexa) +is_ipv6() { + local ip="$1" + if [[ ! "$ip" =~ ^[0-9A-Fa-f:]+$ ]]; then + return 1 + fi + if [[ "$ip" != *:* ]]; then + return 1 + fi + + # Numar de grupuri maxim 8 (inclusiv ::) + local groups + groups=$(awk -F: '{print NF}' <<< "$ip") + if [ "$groups" -gt 8 ]; then + return 1 + fi + + return 0 +} + +# Detectare IPv6 global (daca exista) +detect_ipv6_global() { + if command -v ip > /dev/null 2>&1; then + ip -6 -o addr show scope global 2>/dev/null | awk '{print $4}' | cut -d/ -f1 | head -1 + fi +} + +# Expandare lista porturi: "5000-5002,6000" -> "5000 5001 5002 6000" +expand_ports() { + local input="$1" + local token + local start + local end + local p + local -A seen + local -a result=() + + input=${input// /} + if [ -z "$input" ]; then + return 1 + fi + + IFS=',' read -r -a tokens <<< "$input" + for token in "${tokens[@]}"; do + if [[ "$token" == *-* ]]; then + start=${token%-*} + end=${token#*-} + if ! is_positive_int "$start" || ! is_positive_int "$end"; then + return 1 + fi + if [ "$start" -gt "$end" ]; then + return 1 + fi + for ((p=start; p<=end; p++)); do + if [ "$p" -lt 1 ] || [ "$p" -gt 65535 ]; then + return 1 + fi + if [ -z "${seen[$p]}" ]; then + seen[$p]=1 + result+=("$p") + fi + done + else + if ! is_positive_int "$token"; then + return 1 + fi + if [ "$token" -lt 1 ] || [ "$token" -gt 65535 ]; then + return 1 + fi + if [ -z "${seen[$token]}" ]; then + seen[$token]=1 + result+=("$token") + fi + fi + done + + echo "${result[*]}" + return 0 +} # Funcția de afișare a ajutorului show_help() { @@ -303,15 +419,71 @@ generate_config() { local server_numeric="${4:-1}" local admin_location="${5:-Romania}" local admin_contact="${6:-admin@underchat.ro}" - local vhost="${7:-127.0.0.1}" - local network="${8:-underchat.org}" - local oper_user="${9:-AdminRoot}" - local oper_pass="${10:-\$PLAIN\$password}" - local is_hub="${11:-no}" - local hub_name="${12}" - local hub_host="${13}" - local hub_port="${14:-4400}" - local hub_pass="${15}" + local vhost_ipv4="${7:-127.0.0.1}" + local vhost_ipv6="${8:-}" + local network="${9:-underchat.org}" + local oper_user="${10:-AdminRoot}" + local oper_pass="${11:-\$PLAIN\$password}" + local is_hub="${12:-no}" + local hub_name="${13}" + local hub_host="${14}" + local hub_port="${15:-4400}" + local hub_pass="${16}" + local client_ports_list="${17}" + local server_port="${18:-4400}" + local ssl_ports_list="${19}" + + # Linie IPv6 comentata daca nu e furnizata + local vhost6_line=" # vhost = \"2001:db8::1\";" + local vhost6_port_4400=" # vhost = \"2001:db8::1\" $server_port;" + + if [ -n "$vhost_ipv6" ]; then + vhost6_line=" vhost = \"$vhost_ipv6\";" + vhost6_port_4400=" vhost = \"$vhost_ipv6\" $server_port;" + fi + + # Generare blocuri Port pentru clienti + local client_ports_block="" + local port + for port in $client_ports_list; do + if [ -n "$vhost_ipv6" ]; then + client_ports_block+=$'Port {\n' + client_ports_block+=$' vhost = "'"$vhost_ipv4"'" '"$port"$';\n' + client_ports_block+=$' vhost = "'"$vhost_ipv6"'" '"$port"$';\n' + client_ports_block+=$' hidden = yes;\n'; + client_ports_block+=$'}\n\n' + else + client_ports_block+=$'Port {\n' + client_ports_block+=$' vhost = "'"$vhost_ipv4"'" '"$port"$';\n' + client_ports_block+=$' # vhost = "2001:db8::1" '"$port"$';\n' + client_ports_block+=$' hidden = yes;\n'; + client_ports_block+=$'}\n\n' + fi + done + + # Generare blocuri Port pentru SSL + local ssl_ports_block="" + if [ -n "$ssl_ports_list" ]; then + for port in $ssl_ports_list; do + if [ -n "$vhost_ipv6" ]; then + ssl_ports_block+=$'Port {\n' + ssl_ports_block+=$' vhost = "'"$vhost_ipv4"'" '"$port"$';\n' + ssl_ports_block+=$' vhost = "'"$vhost_ipv6"'" '"$port"$';\n' + ssl_ports_block+=$' ssl = yes;\n'; + ssl_ports_block+=$' hidden = yes;\n'; + ssl_ports_block+=$'}\n\n' + else + ssl_ports_block+=$'Port {\n' + ssl_ports_block+=$' vhost = "'"$vhost_ipv4"'" '"$port"$';\n' + ssl_ports_block+=$' # vhost = "2001:db8::1" '"$port"$';\n' + ssl_ports_block+=$' ssl = yes;\n'; + ssl_ports_block+=$' hidden = yes;\n'; + ssl_ports_block+=$'}\n\n' + fi + done + else + ssl_ports_block="# Porturi SSL neconfigurate" + fi log_info "Generare fișier de configurare: $config_file" @@ -331,8 +503,8 @@ General { name = "EOFCONFIG_NAME"; # Virtual Host - IP pe care ascultă - vhost = "EOFCONFIG_VHOST"; - + vhost = "EOFCONFIG_VHOST4"; +EOFCONFIG_VHOST6_LINE # Descrierea serverului description = "EOFCONFIG_DESC"; @@ -430,30 +602,23 @@ Jupe { nick = "NickServ,NickSaver"; }; -# ============================================================================ +# ========================================================================== # SECȚIUNE: PORTURI -# ============================================================================ +# ========================================================================== # Port pentru server-to-server Port { - vhost = "EOFCONFIG_VHOST" 4400; + vhost = "EOFCONFIG_VHOST4" EOFCONFIG_SERVER_PORT; +EOFCONFIG_VHOST6_PORT_4400 server = yes; hidden = yes; }; -# Port standard pentru clienți -Port { - vhost = "EOFCONFIG_VHOST" 6667; - hidden = yes; -}; - -# Port SSL/TLS pentru clienți (opțional) -# Port { -# vhost = "EOFCONFIG_VHOST" 6697; -# ssl = yes; -# hidden = yes; -# }; +# Porturi publice pentru clienți +EOFCONFIG_CLIENT_PORTS +# Porturi SSL/TLS pentru clienți +EOFCONFIG_SSL_PORTS # ============================================================================ # SECȚIUNE: OPERATORI # ============================================================================ @@ -591,14 +756,18 @@ EOFCONFIG sed -i "s|EOFCONFIG_PREFIX|$PREFIX|g" "$config_file" sed -i "s|EOFCONFIG_ADMIN_LOC|$admin_location|g" "$config_file" sed -i "s|EOFCONFIG_ADMIN_CONTACT|$admin_contact|g" "$config_file" - sed -i "s|EOFCONFIG_VHOST|$vhost|g" "$config_file" - sed -i "s|EOFCONFIG_NETWORK|$network|g" "$config_file" + sed -i "s|EOFCONFIG_VHOST4|$vhost_ipv4|g" "$config_file" + sed -i "s|EOFCONFIG_VHOST6_LINE|$vhost6_line|g" "$config_file" + sed -i "s|EOFCONFIG_VHOST6_PORT_4400|$vhost6_port_4400|g" "$config_file" + sed -i "s|EOFCONFIG_SERVER_PORT|$server_port|g" "$config_file" + sed -i "s|EOFCONFIG_CLIENT_PORTS|$client_ports_block|g" "$config_file" + sed -i "s|EOFCONFIG_SSL_PORTS|$ssl_ports_block|g" "$config_file" sed -i "s|EOFCONFIG_OPER_USER|$oper_user|g" "$config_file" sed -i "s|EOFCONFIG_OPER_PASS|$oper_pass|g" "$config_file" # Setare HUB flag și CONNECT section if [ "$is_hub" = "y" ] || [ "$is_hub" = "Y" ]; then - sed -i 's|EOFCONFIG_HUB_SETTING|"TRUE"|g' "$config_file" + sed -i 's|EOFCONFIG_HUB_SETTING|TRUE|g' "$config_file" # Adaugă CONNECT section pentru HUB HUB_CONNECT_BLOCK="# Conectare la HUB principal @@ -614,7 +783,7 @@ Connect { sed -i "s|EOFCONFIG_HUB_CONNECT|$HUB_CONNECT_BLOCK|g" "$config_file" else - sed -i 's|EOFCONFIG_HUB_SETTING|"FALSE"|g' "$config_file" + sed -i 's|EOFCONFIG_HUB_SETTING|FALSE|g' "$config_file" sed -i 's|EOFCONFIG_HUB_CONNECT|# Server nu este HUB - fără connect|g' "$config_file" fi @@ -636,7 +805,12 @@ main() { shift 2 ;; -m|--maxcon) + if ! is_positive_int "$2"; then + log_error "Valoare invalidă pentru --maxcon: $2" + exit 1 + fi MAXCON="$2" + MAXCON_SET=1 shift 2 ;; -d|--debug) @@ -665,6 +839,22 @@ main() { echo "=========================================" echo -e "${NC}" + # Cerere max conexiuni (doar dacă nu a fost setat din argumente) + if [ $MAXCON_SET -eq 0 ]; then + echo "" + while true; do + read -p " Maxim conexiuni [${MAXCON}]: " maxcon_input + if [ -z "$maxcon_input" ]; then + break + fi + if is_positive_int "$maxcon_input"; then + MAXCON="$maxcon_input" + break + fi + log_error "Maxim conexiuni trebuie să fie un număr întreg pozitiv." + done + fi + # Verificare dependențe check_dependencies if [ $? -ne 0 ]; then @@ -699,17 +889,78 @@ main() { echo -e "${GALBEN}CONFIGURARE SERVER${NC}" echo -e "${GALBEN}═══════════════════════════════════════${NC}" - read -p " Domeniu rețea [underchat.org]: " network_name - network_name=${network_name:-underchat.org} + # IPv4 + while true; do + read -p " Virtual Host / IP (IPv4) [127.0.0.1]: " vhost_ipv4 + vhost_ipv4=${vhost_ipv4:-127.0.0.1} + if is_ipv4 "$vhost_ipv4"; then + break + fi + log_error "IPv4 invalid. Exemplu: 192.168.1.10" + done - read -p " Nume server [ns1.${network_name}]: " server_name - server_name=${server_name:-ns1.${network_name}} + # IPv6 (auto-detect) + local auto_ipv6 + auto_ipv6=$(detect_ipv6_global) + while true; do + if [ -n "$auto_ipv6" ]; then + read -p " Virtual Host / IP (IPv6) [${auto_ipv6}] ("'"'"'"-"'"'"'" pentru gol): " vhost_ipv6 + if [ "$vhost_ipv6" = "-" ]; then + vhost_ipv6="" + break + fi + vhost_ipv6=${vhost_ipv6:-$auto_ipv6} + else + read -p " Virtual Host / IP (IPv6) [gol pentru comentat]: " vhost_ipv6 + vhost_ipv6=${vhost_ipv6:-} + fi - read -p " Descriere server [The ${network_name} Network]: " server_desc - server_desc=${server_desc:-The ${network_name} Network} + if [ -z "$vhost_ipv6" ] || is_ipv6 "$vhost_ipv6"; then + break + fi + log_error "IPv6 invalid. Exemplu: 2001:db8::1" + done - read -p " Virtual Host / IP [127.0.0.1]: " vhost_ip - vhost_ip=${vhost_ip:-127.0.0.1} + # Port server-to-server + while true; do + read -p " Port server-to-server [${SERVER_PORT}]: " server_port_input + server_port_input=${server_port_input:-$SERVER_PORT} + if is_positive_int "$server_port_input" && [ "$server_port_input" -ge 1 ] && [ "$server_port_input" -le 65535 ]; then + SERVER_PORT="$server_port_input" + break + fi + log_error "Port invalid. Exemplu: 4400" + done + + # Porturi publice IRC (clienti) + local default_ports="6660-6669,7000" + while true; do + read -p " Porturi publice IRC [${default_ports}]: " client_ports_input + client_ports_input=${client_ports_input:-$default_ports} + client_ports_list=$(expand_ports "$client_ports_input") + if [ $? -eq 0 ]; then + break + fi + log_error "Format invalid. Exemple: 5000-5002,6000 sau 6667" + done + + # Porturi SSL pentru clienti + if [ $ENABLE_SSL -eq 1 ]; then + while true; do + read -p " Porturi SSL IRC [${SSL_PORTS_DEFAULT}] (gol pentru a sari): " ssl_ports_input + if [ -z "$ssl_ports_input" ]; then + ssl_ports_list="" + break + fi + ssl_ports_list=$(expand_ports "$ssl_ports_input") + if [ $? -eq 0 ]; then + break + fi + log_error "Format invalid. Exemple: 6697,7001 sau 7000-7002" + done + else + ssl_ports_list="" + fi read -p " Numeric server [1]: " server_numeric server_numeric=${server_numeric:-1} @@ -792,7 +1043,11 @@ main() { else server_name=$(grep 'name = "' "$CONFIG_FILE" 2>/dev/null | head -1 | cut -d'"' -f2) server_name=${server_name:-localhost.localdomain} - vhost_ip="127.0.0.1" + vhost_ipv4="127.0.0.1" + vhost_ipv6="" + SERVER_PORT=4400 + client_ports_list="6660 6661 6662 6663 6664 6665 6666 6667 6668 6669 7000" + ssl_ports_list="" network_name="underchat.org" oper_username="AdminRoot" oper_hash="\$PLAIN\$password" @@ -800,7 +1055,7 @@ main() { HUB_CONFIG="no" fi - generate_config "$conf_file" "$server_name" "$server_desc" "$server_numeric" "$admin_location" "$admin_contact" "$vhost_ip" "$network_name" "$oper_username" "$oper_hash" "$HUB_CONFIG" "$hub_name" "$hub_host" "$hub_port" "$hub_password" + generate_config "$conf_file" "$server_name" "$server_desc" "$server_numeric" "$admin_location" "$admin_contact" "$vhost_ipv4" "$vhost_ipv6" "$network_name" "$oper_username" "$oper_hash" "$HUB_CONFIG" "$hub_name" "$hub_host" "$hub_port" "$hub_password" "$client_ports_list" "$SERVER_PORT" "$ssl_ports_list" if [ $? -ne 0 ]; then exit 1 fi @@ -863,4 +1118,3 @@ EOFMOTD # Apelează funcția principală main "$@" -