|
|
| Author |
Message |
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
 Posted: May 09, 2005 2:34pm Post subject: roflircd |
 |
|
Roflircd is my newest ircd that i'm working on. It's coded 100% from scratch.
It's coded on the CLR (.NET). Many people ask me why I would code an ircd on the CLR. Several reasons; First off, this eliminates any possibility of a buffer overrun exploit, memory leaks, segfaults, and just about any type of "standard crash" you'd experience with a C-coded ircd. Second of all, it's a lot easier.. i started on March 26th, and i'm already done with the core and all the command modules. You can code a useful working module in less than 5 lines and in any of over 50 different languages.
The main reason i use the CLR is because there are SO many platforms that people run ircd's on from BSD to linux to windows to even mac. The CLR lets me take the same binary and run it on any one of those IN NATIVE CODE without having to modify the source one bit with a "#ifdef win32".
Anyway.. about the ircd--
It's a modular multi-protocol ircd. You can load and unload modules at runtime. These modules can contain commands, objects, events, server protocols, anything.
Ok.. so why would anyone wanna use roflircd?
1. Regex
Once you've used an ircd that supports regex, you will never go back. roflircd allows regex masks anyplace where wildcard masks are normally used (including but not limited to network and server bans, channel bans/excepts/invex, who and whois queries, squit, even kill) by prefixing the mask with a '>' character. You can also specify exact masks '=', and case sensitive exact masks '==' for times when you don't even need a wildcard.
2. Abilities and levels
The admin defines everything. roflircd comes with hundreds of features.. and you probably won't want a lot of them. thats fine. you can turn them off, on, define who can use them, who can't, etc.
Each oper (and user) has a list of abilities. "abilities" are just short and simple names for what they can do, like "kill/remote" or "see/invisible". They aren't called operflags because they don't just apply to opers. Users aquire abilities in 3 ways... default abilities (that every user gets when they connect), oper abilities (that are specific to an o-line that the user gets when they oper up), and manual abilities that are given by an admin (or taken) via /ability.
Theres also a level of heiarchy. Rather than oper flags, or levels of "oper, administrator, netadmin" etc.. each oper has a numeric oper level. 0 being a normal user, -1 being an unknown connection, and any number between 1 and 100 being an oper. This creates a heiarchy, for example, a level 40 oper can kill a level 20 oper, but not a level 60 oper.
It also gives you a parameter for the +O chanmode (e.g. +O 40).
And as for the names of opers (e.g. is an IRC operator); you can define those an a per-o-line basis.
3. Multiprotocol server linking
roflircd supports any server protocol you could code into a module. It comes with roflTS (which i'm still working on), which is the standard unreal-like protocol that uses TS. It also happens to use unique ID's for users rather than referencing by nickname which eliminates race conditions and the need for killing users in nick collisions.
4. Multithreaded, object oriented model
roflircd uses multithreading to take advantage of multiple processors and HT pentiums. There is a thread for the 1sec sonar loop (ping, pong, and other things that must be checked every 1 second), the 17sec cleanup loop (removing expired masks, and other housekeeping), the 10ms socket loop (checking for new data and dead sockets), and a seperate thread for dns lookups and another for ident requests. Also, each user's command execution uses the CLR threadpool, which means that users can execute commands truely asynchronously, so if a third party command runs into a really long or infinite loop, it wont freeze the ircd.
5. Features
see the almost complete list at http://www.olene.net/rofl.txt
roflircd is currently in the alpha stage while i finish coding and test the server protocol. however, if you want to try out roflircd or have any questions, don't hesitate to contact me on AIM at 'ircd coder girl'. |
|
| Back to top |
|
 |
w00t
Eleet
Joined: 09 Jun 2004
Posts: 699
Location: Nowra, Australia
|
| Posted: May 09, 2005 7:22pm Post subject: |
|
|
| Is this related to asteriskircd in any way? |
|
| Back to top |
|
|
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
| Posted: May 09, 2005 7:36pm Post subject: |
|
|
Actually no. After stress testing asterisk, i decided it's core was too bloated to be scalable. I started over with performance in mind, and I'm doing most socket operations, hashing, and parsing manually with custom classes. It's almost 3 times faster than asterisk.
The main difference internally between rofl and asterisk is that asterisk used inherited object. LocalServer inherited Server inherited User. This has overhead. In rofl all servers and users are of the 'user' class, but using the members for different uses. (for example user.gecos is used as the realname for users, and the server desc for servers). |
|
| Back to top |
|
|
nenolod
Idler
Joined: 23 Jan 2004
Posts: 335
Location: A box!
|
| Posted: May 09, 2005 9:03pm Post subject: Re: roflircd |
|
|
| olene wrote: | | It's coded on the CLR (.NET). Many people ask me why I would code an ircd on the CLR. Several reasons; First off, this eliminates any possibility of a buffer overrun exploit, memory leaks, segfaults, and just about any type of "standard crash" you'd experience with a C-coded ircd. Second of all, it's a lot easier.. i started on March 26th, and i'm already done with the core and all the command modules. You can code a useful working module in less than 5 lines and in any of over 50 different languages. |
Catch signal 11 and use assertions. Problem solved.
| olene wrote: | | The main reason i use the CLR is because there are SO many platforms that people run ircd's on from BSD to linux to windows to even mac. The CLR lets me take the same binary and run it on any one of those IN NATIVE CODE without having to modify the source one bit with a "#ifdef win32". |
The CLR does not let you run the ircd in native code. It is a just-in-time compilation that is ran from a bytecode. Also, if proper coding conventions are used, "#ifdef win32" is primarily unneeded. Also, if I recall, Microsoft has patents on the .NET (and thus CLR) platform, which encumber the use of .NET (mono) on Linux/Mac/BSD/Solaris machines.
| olene wrote: | | It's a modular multi-protocol ircd. You can load and unload modules at runtime. These modules can contain commands, objects, events, server protocols, anything. |
Multi-protocol? Yes. Lets break some networks now.
| olene wrote: | 1. Regex
Once you've used an ircd that supports regex, you will never go back. roflircd allows regex masks anyplace where wildcard masks are normally used (including but not limited to network and server bans, channel bans/excepts/invex, who and whois queries, squit, even kill) by prefixing the mask with a '>' character. You can also specify exact masks '=', and case sensitive exact masks '==' for times when you don't even need a wildcard. |
The PCRE regular expressions library provides the same functionality, right now, without any patent encumbering functionality (CLR).
| olene wrote: | 2. Abilities and levels
The admin defines everything. roflircd comes with hundreds of features.. and you probably won't want a lot of them. thats fine. you can turn them off, on, define who can use them, who can't, etc.
Each oper (and user) has a list of abilities. "abilities" are just short and simple names for what they can do, like "kill/remote" or "see/invisible". They aren't called operflags because they don't just apply to opers. Users aquire abilities in 3 ways... default abilities (that every user gets when they connect), oper abilities (that are specific to an o-line that the user gets when they oper up), and manual abilities that are given by an admin (or taken) via /ability.
Theres also a level of heiarchy. Rather than oper flags, or levels of "oper, administrator, netadmin" etc.. each oper has a numeric oper level. 0 being a normal user, -1 being an unknown connection, and any number between 1 and 100 being an oper. This creates a heiarchy, for example, a level 40 oper can kill a level 20 oper, but not a level 60 oper.
It also gives you a parameter for the +O chanmode (e.g. +O 40).
And as for the names of opers (e.g. is an IRC operator); you can define those an a per-o-line basis. |
There are many issues with this. First, it breaks a lot of current clients.
Secondly, what about a level desync?! This idea is completely and utterly insane.
| olene wrote: | 3. Multiprotocol server linking
roflircd supports any server protocol you could code into a module. It comes with roflTS (which i'm still working on), which is the standard unreal-like protocol that uses TS. It also happens to use unique ID's for users rather than referencing by nickname which eliminates race conditions and the need for killing users in nick collisions. |
Unreal doesn't use TS. It uses a modified version of the ircu (ircd.dal/DreamForge) protocol. But thanks for playing!
| olene wrote: | 4. Multithreaded, object oriented model
roflircd uses multithreading to take advantage of multiple processors and HT pentiums. There is a thread for the 1sec sonar loop (ping, pong, and other things that must be checked every 1 second), the 17sec cleanup loop (removing expired masks, and other housekeeping), the 10ms socket loop (checking for new data and dead sockets), and a seperate thread for dns lookups and another for ident requests. Also, each user's command execution uses the CLR threadpool, which means that users can execute commands truely asynchronously, so if a third party command runs into a really long or infinite loop, it wont freeze the ircd. |
.NET threads rape CPU. This just wont scale very well.
| olene wrote: | 5. Features
see the almost complete list at http://www.olene.net/rofl.txt
roflircd is currently in the alpha stage while i finish coding and test the server protocol. however, if you want to try out roflircd or have any questions, don't hesitate to contact me on AIM at 'ircd coder girl'. |
If the features are anything like Asterisk's featureset, your ircd has just accomplished a whole new advance in operabuse. Thanks. |
|
| Back to top |
|
|
PingBad
Guru
Joined: 05 Feb 2005
Posts: 2075
Location: New Zealand
|
| Posted: May 09, 2005 9:09pm Post subject: |
|
|
| rofl.txt wrote: | | Sets gender to male and/or female, respectively |
AND!? |
|
| Back to top |
|
|
nenolod
Idler
Joined: 23 Jan 2004
Posts: 335
Location: A box!
|
| Posted: May 09, 2005 9:20pm Post subject: |
|
|
| PingBad wrote: | | rofl.txt wrote: | | Sets gender to male and/or female, respectively |
AND!? |
Insightful. |
|
| Back to top |
|
|
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
| Posted: May 09, 2005 9:32pm Post subject: Re: roflircd |
|
|
| nenolod wrote: |
Catch signal 11 and use assertions. Problem solved.
|
Good. Tell the coders of bahamut, hybrid, and unreal that. All three of which ive watched crashed on several occasions without giving the opers a single notice. In fact.. up until recently i could crash unreal with a single malformed SJOIN.
| nenolod wrote: |
The CLR does not let you run the ircd in native code. It is a just-in-time compilation that is ran from a bytecode. Also, if proper coding conventions are used, "#ifdef win32" is primarily unneeded. Also, if I recall, Microsoft has patents on the .NET (and thus CLR) platform, which encumber the use of .NET (mono) on Linux/Mac/BSD/Solaris machines.
|
Then you tell me what the just-in-time compiler is compiling to. AppleScript? I doubt it. And that's great. Adobe has patents on PDF technology. That doesn't stop me from using and distributing them. Apple has patents on multiscan monitors, but every monitor you see today has multiple resolutions. So what? Microsoft not only ENCOURAGES third party CLR's for other platforms, they provide links to them.
| nenolod wrote: |
Multi-protocol? Yes. Lets break some networks now.
|
How is the ability to interface with any protocol, text or binary, breaking networks? I'd like to see you link unreal with hybrid, or bahamut with ultimate. You can't do it. With rofl, you can link to theoretically anything that uses TCP.
| nenolod wrote: |
The PCRE regular expressions library provides the same functionality, right now, without any patent encumbering functionality (CLR).
|
Great. Now show me an ircd that actually uses it. And microsoft doesn't hold any patents on regex, nor does my ircd even require any microsoft products to run. So shut up.
| nenolod wrote: |
There are many issues with this. First, it breaks a lot of current clients.
Secondly, what about a level desync?! This idea is completely and utterly insane.
|
It breaks NO clients. I've tested my ircd on at least 30 clients, including (but not limited to) mirc, pirch, klient, irssi, trillian (eww), hydrairc, bitchx, xchat, epic, ircle, snak, and a dozen java clients. I changed many things that didn't work well on some clients. But more importantly how do the operator levels and internal oper flags break ANYTHING? Clients don't even keep track of what oper flags you have. Thats the stupidest thing ive ever heard.
| nenolod wrote: |
Unreal doesn't use TS. It uses a modified version of the ircu (ircd.dal/DreamForge) protocol. But thanks for playing!
|
WTF are you talking about? TS stands for timestamp and it's the branch of server protocols that use time to resolve conflicts. I never said "The name of unreal's protocol is 'TS'". I would be wrong. In fact unreal uses 4-digit numbers to refer to it's protocol versions.
| nenolod wrote: |
.NET threads rape CPU. This just wont scale very well.
|
And running an entire IRCd in one thread rapes responsiveness. What happens if my hard drive skips or has a low seek time while rehashing? The whole server lags, 100% of all users, servers, and any external functionality. If something crashes, the entire ircd (that runs on that thread) crashes. At least with rofl, you'd, at the very least, be able to send a mess notice to tell people what's going on before you unexpectedly pulled the plug on them.
| nenolod wrote: |
If the features are anything like Asterisk's featureset, your ircd has just accomplished a whole new advance in operabuse. Thanks. |
You obviously didn't read the part about admins being able to turn off and on any feature they like or dislike. I can code up some REALLY abusive for unreal and make that a 'new advance in operabuse'. So what? any server can be abusive. All you need is tcpdump. At least with mine, you can turn it into a virtual "strict as hybrid" server or a "dull as bahamut" server. |
|
| Back to top |
|
|
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
| Posted: May 09, 2005 9:35pm Post subject: |
|
|
| PingBad wrote: | | rofl.txt wrote: | | Sets gender to male and/or female, respectively |
AND!? |
Gender is an optional usermode. If set, a users gender is visible in both the whois reply (as an 'M', 'F', or 'T' replacing the * in RPL_WHOISUSER) or in the who reply (as an 'm', 'f', or both) in the status parameter. |
|
| Back to top |
|
|
codemastr
Idler
Joined: 05 Feb 2004
Posts: 353
|
| Posted: May 09, 2005 10:41pm Post subject: |
|
|
| Quote: | | roflircd allows regex masks anyplace where wildcard masks are normally used (including but not limited to network and server bans, channel bans/excepts/invex, who and whois queries, squit, even kill) by prefixing the mask with a '>' character. |
Fantastic! This means I can bring down your server in the blink of an eye! I think it will be very fun to set a ban that will cause the server to use 100% CPU, don't you agree?
There is a reason why no other IRCds have this feature... it's bad! Depending on how the regex library on your system is implemented, a regex such as ((((a{1,100}){1,100}){1,100}){1,100}){1,100} will cause it to crash and burn quite nicely. Even if your regex library is formidable, setting a ban such as (\[|\()[0-9]+/(([5-9][0-9]+)|([1-9][0-9]{2,}))(\]|\)) then flooding the channel with 100 clones would surely cause some nice problems. Note that those are just examples I found online of inefficient regexps, if I was really bored I could have come up with something specific to IRC that would probably be much worse.
Give someone enough time and he/she will surely craft a regex pattern that will bring the server to a halt. This is the reason why regex should NEVER be allowed in channel bans. You can find dozens of articles on regex that will confirm everything I said. |
|
| Back to top |
|
|
nenolod
Idler
Joined: 23 Jan 2004
Posts: 335
Location: A box!
|
| Posted: May 09, 2005 10:49pm Post subject: |
|
|
| codemastr wrote: | | Quote: | | roflircd allows regex masks anyplace where wildcard masks are normally used (including but not limited to network and server bans, channel bans/excepts/invex, who and whois queries, squit, even kill) by prefixing the mask with a '>' character. |
Fantastic! This means I can bring down your server in the blink of an eye! I think it will be very fun to set a ban that will cause the server to use 100% CPU, don't you agree?
There is a reason why no other IRCds have this feature... it's bad! Depending on how the regex library on your system is implemented, a regex such as ((((a{1,100}){1,100}){1,100}){1,100}){1,100} will cause it to crash and burn quite nicely. Even if your regex library is formidable, setting a ban such as (\[|\()[0-9]+/(([5-9][0-9]+)|([1-9][0-9]{2,}))(\]|\)) then flooding the channel with 100 clones would surely cause some nice problems. Note that those are just examples I found online of inefficient regexps, if I was really bored I could have come up with something specific to IRC that would probably be much worse.
Give someone enough time and he/she will surely craft a regex pattern that will bring the server to a halt. This is the reason why regex should NEVER be allowed in channel bans. You can find dozens of articles on regex that will confirm everything I said. |
Indeed. But you forget that .NET regex is painfully slow (the slowest regex anyone has seen to date is System.Text.RegularExpressions), so it would be a super-suprise double-gangbang style halt for any administrator running this software. |
|
| Back to top |
|
|
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
| Posted: May 09, 2005 10:51pm Post subject: |
|
|
| All regex evaluations have a timeout of 200 ms, and invalid or complicated regular expressions won't even set. |
|
| Back to top |
|
|
PingBad
Guru
Joined: 05 Feb 2005
Posts: 2075
Location: New Zealand
|
| Posted: May 09, 2005 10:58pm Post subject: |
|
|
| olene wrote: | | All regex evaluations have a timeout of 200 ms, and invalid or complicated regular expressions won't even set. |
good idea. This would curb most malicious attempts to bring an IRCd to its knees for sure. But, as codemastr pointed out, there is bound to be a way for someone to exploit some weakness in the code. |
|
| Back to top |
|
|
olene
Newbie
Joined: 31 Jul 2004
Posts: 61
Location: olene on DALnet
|
| Posted: May 09, 2005 11:41pm Post subject: |
|
|
| Incidentally, codemastr, i tried both of those regex's and both completed in under 1 ms so i couldn't even measure them with my benchmark module. You must have them wrong. I'll look online for some more complex ones. |
|
| Back to top |
|
|
EviL_SmUrF
Lurker
Joined: 23 Feb 2004
Posts: 219
|
| Posted: May 10, 2005 1:43am Post subject: |
|
|
jesus christ, talk about raining on someones parade. i dont think ive seen anything tore apart this quickly and brutaly before.
sure she may like some pointers but u dont need to be rude about it *cough nenolod cough*
anywho, good luck with your ircd olene. however, you may want to consider making the multi-thread feature an option that can be turned on or off. many shell hosts won't like it, just like they don't like CR  |
|
| Back to top |
|
|
Dr-Voodo
Eleet
Joined: 07 Nov 2003
Posts: 535
Location: IRC
|
| Posted: May 10, 2005 2:08am Post subject: |
|
|
| I wish you good luck with your ircd olene, its sounds like a good one. |
|
| Back to top |
|
|
|
|
| |
Register
Log in
