Actually I presume 'make install' properly removes the file first
before installing a new one, but.. not entirely sure. Better safe
than sorry.
We have had new reports of someone who had the original UnrealIRCd
crash while building the new UnrealIRCd. Similar to what we had
a few years ago, which was caused by a 'cp' instead of an rm+cp.
This because with simple cp the existing file contents is changed
and the processes holding the .so file open (usually mmapped)
suddenly have the new .so file loaded in effect, which causes a
crash whenever next function is called in that library.
We now rm explicit before 'make install' so running processes
simply have that fd point to a deleted file, which is fine.
for OpenSSL 1.0.2 anymore, 1.0.2 will use the fallback version.
This changes the include file.
(OpenSSL 1.0.2 is out of support since Jan 1 2020 so one may wonder
why care at all, but i'm trying not to break that during minor
UnrealIRCd releases)
(the new fallback https-only implementation).
./configure will set URL= to either url_curl.o or url_unreal.o
depending on whether curl is enabled or not.
The 3 functions that both implementations had in common are now in
src/misc.c: url_is_valid(), displayurl() and url_getfilename().
always compiled in, both regardless of cURL support or not.
Obviously the cURL functions are not available without cURL and there
are now some #ifdef USE_LIBCURL in url.c
This also fixes the current build to work without cURL
Thank you BuildBot.
This means on older OpenSSL's we are not going to have certificate
expiry checks. Those OpenSSL versions were deprecated by the OpenSSL
team itself, so yeah then you will miss out a few things.
TLSv1.0 or TLSv1.1. Otherwise it is impossible to enable by the application.
We are still going to turn off TLSv1.0 and TLSv1.1 by the end of this year
by default. Ubuntu 20.04 is just a couple of months too early. See also
the various browsers who postponed disabling TLSv1.0/TLSv1.1.
Also, regardless of the above, we want the admins running the IRC server
be able to control this and not having such a breaking change be dependant
on some distro default settings.
and not just the operating system.
This makes us use SSL_CTX_set_min_proto_version(), which unfortunately is
a less fine-grained control for disabling specific SSL/TLS versions.
However, after that we use SSL_CTX_set_options with SSL_OP_NO_xxx.
The latter is deprecated though. Will revisit this change before U5 release..
not found then this was not treated as a fatal error. Now it is, since
you will fail later in the installation process when a certificate file
is being made (resulting in mysterious 'req: command not found' errors).
Also, improve the error message both for the missing openssl library
and openssl binary case.
this on the basis that cURL may be using one c-ares version and UnrealIRCd
another c-ares version, something which obviously can lead to failure due
to ABI differences..
Many years have passed since then and cURL is now frequently build with
AsynchDNS support but without the help of c-ares (eg: on Debian). We can
support this configuration without requiring --with-system-cares since
c-ares is not used by cURL and there's no conflict.
- Separate m4 macros into *.m4 files (it is much easier to run aclocal now).
- Remove unused DOMAINNAME macro and --with-hostname= options as the DOMAINNAME macro isn't used anywheres and its use shouldn't be encouraged.
- autogen.sh to bootstrap the buildsystem. We now maintain setup.h with autoheader.
- --disable-blah now does the opposite of --enable-blah. The same for --with-blah and --without-blah. (This makes Gentoo users happier).
