On Sat, Jul 20, 2013 at 12:03 AM, Kevin L. Mitchell wrote: > I don't think we have to implement the encryption in ircu directly, > however: if instead we provide a means for ircu to load an external > module of some sort that wraps connections—think in terms of link > compression, for instance—I believe we won't run afoul of any US export > restrictions…or encryption rules in other countries that restrict the > use of encryption by their citizens, for that matter. That also, > incidentally, solves the issue of CPU loads on a large network: we > simply don't recommend the use of those extensions on large networks. > And, finally, any encryption-based module could be hosted from a > completely different country.
I'd be fine with something like that in ircu, but I think it might be easier than you suggest. Suppose that somewhere in add_connection() -- probably after the IPcheck call, but that's arguable -- ircu checks the Listener structure, and if ircd.conf says to execute a helper program for that listener, ircu spawns it. For the helper, stdin and stdout are one end of a socketpair() back to ircu, stderr probably goes to a log file, file descriptor 3 is the TCP socket, and all other FDs are closed. ircu shouldn't care whether it is directly connected to the client after it calls os_get_peername(). Thoughts? Michael _______________________________________________ Coder-com mailing list Coder-com@undernet.org http://undernet.sbg.org/mailman/listinfo/coder-com
